Information Technology Management Letter for the United States Coast Guard Component of the FY 2014 Department of Homeland Security Financial Statement Audit

We contracted with the independent public accounting firm KPMG, LLP to perform the audit of the consolidated financial statements of the U.S. Department of Homeland Security for the year ended September 30, 2014. KPMG, LLP evaluated selected general information technology controls and business process application controls at the United States Coast Guard (USCG). KPMG, LLP determined that USCG took corrective action over designing and consistently implementing certain account management and configuration management controls. However, KPMG, LLP continued to identify general information technology control deficiencies related to security management, logical access, configuration management, segregation of duties, and contingency planning for USCG’s core financial and feeder systems. Such control deficiencies limited USCG’s ability to ensure the confidentiality, integrity, and availability of its critical financial and operational data.