Audit of Security Controls for DHS Information Technology Systems at San Francisco International Airport

We audited security controls for Department of Homeland Security information technology systems at San Francisco International Airport. Five Department components—U.S. Customs and Border Protection, U.S. Immigration and Customs Enforcement, Management Directorate, Transportation Security Administration, and U.S. Coast Guard—operate information technology systems that support homeland security operations at this airport. Our audit focused on how these components have implemented computer security controls for their systems at the airport and nearby locations. We performed onsite inspections of the areas where information technology systems and equipment were located, interviewed departmental staff, and conducted technical tests of computer security controls. The information technology security controls implemented at these sites had deficiencies that, if exploited, could result in the loss of confidentiality, integrity, and availability of the components’ systems.