Audits, Inspections, and Evaluations

Report Number	Title	Issue Date Sort descending	Fiscal Year
OIG-21-06	DHS Privacy Office Needs to Improve Oversight of Department-wide Activities, Programs, and Initiatives	11/04/2020	2021
OIG-21-07	Major Management and Performance Challenges Facing the Department of Homeland Security	11/10/2020	2021
OIG-21-08	Independent Auditors' Report on DHS' FY 2020 Financial Statements and Internal Control over Financial Reporting	11/13/2020	2021
OIG-21-14	Ineffective Implementation of Corrective Actions Diminishes DHS' Oversight of Its Pandemic Planning	12/21/2020	2021
OIG-21-17	Based on our review of 45 judgmentally sampled awards (15 non-competitive grants and 30 other than full and open competition [OTFOC] contracts), we found DHS complied with applicable laws and regulations. We made two recommendations to help improve DHS’ procedures and ensure future reporting submissions are accurate. The Department concurred with the two recommendations. >DHS Grants and Contracts Awarded through Other Than Full and Open Competition, FYs 2018 and 2019	02/01/2021	2021
OIG-21-22	We determined that DHS’ Countering Weapons of Mass Destruction Office (CWMD) BioWatch has information sharing challenges that reduce nationwide readiness to respond to biological terrorism threats. We made four recommendations that, when implemented, will improve BioWatch. CWMD concurred with all four recommendations. >Biological Threat Detection and Response Challenges Remain for BioWatch (REDACTED)	03/02/2021	2021
OIG-21-33	We determined DHS did not comply with Payment Integrity Information Act of 2019 (PIIA) in fiscal year 2020 because it did not achieve and report an improper payment rate of less than 10 percent for 2 of 12 programs reported in its FY 2020 Agency Financial Report. DHS complied with Executive Order 13520 by properly compiling and making available to the public its FY 2020 Quarterly High-Dollar Overpayment reports. We made two recommendations to DHS to follow Office of Management and Budget requirements and ensure the Federal Emergency Management Agency continues its remediation process to reduce improper payments. DHS concurred with both recommendations. >Department of Homeland Security's FY 2020 Compliance with the Payment Integrity Information Act of 2019 and Executive Order 13520, Reducing Improper Payments	05/07/2021	2021
OIG-21-35	We determined DHS law enforcement components did not consistently collect DNA from arrestees as required. Of the five DHS law enforcement components we reviewed that are subject to these DNA collection requirements, only Secret Service consistently collected DNA from arrestees. U.S. Immigration and Customs Enforcement (ICE) and the Federal Protective Service inconsistently collected DNA, and U.S. Customs and Border Protection (CBP) and the Transportation Security Administration (TSA) collected no DNA. DHS did not adequately oversee its law enforcement components to ensure they properly implemented DNA collection. Based on our analysis, we project the DHS law enforcement components we audited did not collect DNA for about 212,646, or 88 percent, of the 241,753 arrestees from fiscal years 2018 and 2019. Without all DHS arrestees’ DNA samples in the Federal Bureau of Investigation’s criminal database, law enforcement likely missed opportunities to receive investigative leads based on DNA matches. Additionally, DHS did not benefit from a unity of effort, such as sharing and leveraging processes, data collection, and best practices across components. We recommended DHS oversee and guide its law enforcement components to ensure they comply with collection requirements. DHS concurred with all four of our recommend. >DHS Law Enforcement Components Did Not Consistently Collect DNA from Arrestees	05/17/2021	2021
OIG-21-37	We determined that DHS needs to improve the collection and management of data across its multiple components to better serve and safeguard the public. The data access, availability, accuracy, completeness, and relevance issues we identified presented numerous obstacles for DHS personnel who did not have essential information they needed for decision making or to effectively and efficiently carry out day-to-day mission operations. Although DHS has improved its information security program and developed plans to improve quality and management of its data, follow through and continued improvement will be essential to address the internal control issues underlying the data deficiencies highlighted in the report. We made no recommendations in the summary report. >Persistent Data Issues Hinder DHS Mission, Programs, and Operations	05/24/2021	2021
OIG-21-38	We determined DHS had not yet strengthened its cybersecurity posture by implementing a Continuous Diagnostics and Mitigation (CDM) Program. DHS spent more than $180 million between 2013 and 2020 to design and deploy a department-wide continuous monitoring solution but faced setbacks. DHS initially planned to deploy its internal CDM solution by 2017 using a “One DHS” approach that restricted components to a standard set of common tools. We attributed DHS’ limited progress to an unsuccessful initial implementation strategy, significant changes to its deployment approach, and continuing issues with component data collection and integration. As of March 2020, DHS had developed a key element of the program, its internal CDM dashboard. However, the dashboard contained less than half of the required asset management data. As a result, the Department cannot leverage intended benefits of the dashboard to manage, prioritize, and respond to cyber risks in real time. Finally, we identified vulnerabilities on CDM servers and databases. This occurred because DHS did not clearly define patch management responsibilities and had not yet implemented required configuration settings. Consequently, databases and servers could be vulnerable to cybersecurity attack, and the integrity, confidentiality, and availability of the data could be at risk. We made three recommendations for DHS to update its program plan, address vulnerabilities, and define patch management responsibilities >DHS Has Made Limited Progress Implementing the Continuous Diagnostics and Mitigation Program	06/01/2021	2021
OIG-21-51	In FY 2018, S&T did not always adhere to DHS and internal purchase card policies and procedures. Of 421 purchase card transactions selected for review, we identified 394 transactions that did not have required supporting documentation, separation of key transaction duties, approvals and other required signatures, or compliance with other risk-based procedures. According to S&T officials, these issues were due to shortfalls in program oversight and training, as well as outdated policy. We identified $63,213 in questionable costs associated with purchase card transactions. We made four recommendations to improve S&T’s adherence to DHS policies and procedures for its Bankcard Program. S&T concurred with the four recommendations. >FY 2018 Audit of Science and Technology Bankcard Program Indicates Risks	07/27/2021	2021
OIG-21-55	Since our FY 2020 evaluation, the Office of Intelligence and Analysis (I&A) has continued to provide effective oversight of the department-wide intelligence system and has implemented programs to monitor ongoing security practices. We determined that DHS' information security program for Top Secret/Sensitive Compartmented Information intelligence systems is effective this year as the Department achieved “Level 4 – Managed and Measurable” in three of five cybersecurity functions, based on current reporting instructions for intelligence systems. However, we identified deficiencies in DHS’ protect and recover functions. We made three recommendations to I&A to address the deficiencies identified, and I&A concurred with all three recommendations. >Evaluation of DHS' Compliance with Federal Information Security Modernization Act Requirements for Intelligence Systems for Fiscal Year 2020 - Secret	08/25/2021	2021
OIG-21-72	In May 2020, the Deputy Under Secretary for Management formally documented the Department’s risk acceptance to allow the Coast Guard to meet FISMA requirements according to Department of Defense, rather than DHS’ reporting requirements. The Deputy Under Secretary for Management’s decision adversely affected our ability to evaluate the Department’s enterprise-wide information program under this year’s OIG reporting metrics. Nonetheless, when evaluating the overall effectiveness of DHS’ information security program for FY 2020 FISMA, our rating does not include the Coast Guard. DHS’ information security program earned a maturity rating of “Managed and Measurable” (Level 4) in three of five functions. DHS can further improve the effectiveness of its information security program by ensuring components execute all its policies and procedures. We made four recommendations in our report, with one to the DHS Chief Information Officer, one to the S&T Chief Information Officer, one to the Secret Service Chief Information Officer, and one to the FEMA Chief Information Officer. The Department concurred with all four recommendations. >Evaluation of DHS' Information Security Program for Fiscal Year 2020	09/29/2021	2021
OIG-21-73	FLETC implemented robust protocols to respond to and mitigate COVID-19 at its Glynco training facility. Before reopening in June 2020, FLETC developed a formal plan to resume in-person training. Through this plan, along with other policies and procedures, FLETC established protocols in accordance with Centers for Disease Control and Prevention guidance and medical expertise. DHS students and component officials we spoke with confirmed that these protocols were in place and told us that, overall, they were effective. However, they also raised concerns related to students socializing inappropriately, and not following some requirements such as mask-wearing. In instances such as these, FLETC was largely reliant on students’ home agencies to take action to reinforce compliance among their students with safety protocols, or to take disciplinary action, if necessary. As a result of its measures, FLETC’s rate of positive COVID-19 tests was lower than that of its surrounding county. We also found, however, that FLETC did not always follow its own protocols for housing assignments related to COVID-19. For example, some students who were not positive for COVID-19 or were not quarantined for exposure to COVID-19 were still housed in the isolation dormitory. Some of the students we spoke with who were incorrectly assigned to the isolation dormitory told us that they did not feel safe. We made one recommendation to the FLETC Director to improve COVID-19 student-housing protocols. FLETC concurred with the recommendation. >FLETC's Actions to Respond to and Manage COVID-19 at its Glynco Training Center	09/30/2021	2021
OIG-22-04	DHS Continues to Make Progress Meeting DATA Act Requirements, but Challenges Remain	11/04/2021	2022
OIG-22-05	Major Management and Performance Challenges Facing the Department of Homeland Security	11/05/2021	2022
OIG-22-08	KPMG LLP (KPMG), under contract with the Department of Homeland Security Office of Inspector General, conducted an integrated audit of DHS’ fiscal year 2021 consolidated financial statements and internal control over financial reporting. KPMG issued an unmodified (clean) opinion on the financial statements, reporting that they present fairly, in all material respects, DHS’ financial position as of September 30, 2021. However, KPMG identified material weaknesses in internal control in two areas and other significant deficiencies in four areas. Consequently, KPMG issued an adverse opinion on DHS’ internal control over financial reporting. KPMG also reported noncompliance with two laws and regulations. KPMG made 19 recommendations to improve the Department’s internal control over financial reporting. >Independent Auditors' Report on DHS' FY 2021 Financial Statements and Internal Control over Financial Reporting	11/12/2021	2022
OIG-22-09	DHS' Implementation of OIG Recommendations Related to Drug Interdiction	11/17/2021	2022
OIG-22-06	DHS Needs Additional Oversight and Documentation to Ensure Progress in Joint Cybersecurity Efforts	11/17/2021	2022
OIG-22-17	Review of Federal Law Enforcement Training Centers’ Fiscal Year 2021 Detailed Accounting Report for Drug Control Funds	01/25/2022	2022
OIG-22-20	Review of Federal Law Enforcement Training Centers' Fiscal Year 2021 Drug Control Budget Formulation Compliance Report	01/27/2022	2022
OIG-22-28	Management Alert - Reporting Suspected Fraud of Lost Wages Assistance	02/28/2022	2022
OIG-22-45	Department of Homeland Security's FY 2021 Compliance with the Payment Integrity Information Act of 2019 and Executive Order 13520, Reducing Improper Payments	06/08/2022	2022
OIG-22-55	Evaluation of DHS' Information Security Program for Fiscal Year 2021	08/01/2022	2022
OIG-23-01	Major Management and Performance Challenges Facing the Department of Homeland Security	10/27/2022	2023
OIG-24-05	Major Management and Performance Challenges Facing the Department of Homeland Security (MMPC)	11/03/2023	2024

Return to top of page