KPMG, LLP determined that CBP made improvements by designing and implementing certain account management, audit logging, and configuration management controls. However, KPMG continued to identify financial system functionality and general information technology control deficiencies related to access controls and configuration management for CBP’s core financial, feeder, and General Support Systems environments. The deficiencies collectively limited CBP’s ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability. We recommend that CBP, in coordination with the DHS Chief Information Officer and Chief Financial Officer, make improvements to CBP’s financial management systems and associated information technology security program.
Consistent with CDC guidance, most Office of Inspector General employees are currently serving the American people remotely. We are determined to keep interruptions to our operations to a minimum, and we appreciate your patience during this time.
Information and guidance about COVID-19 is available at coronavirus.gov.