Skip to main content
U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Audits, Inspections, and Evaluations

Report Number Title Issue Date Fiscal Year
OIG-09-60  

> DHS' Progress in Disaster Recovery Planning for Information Systems 		2009
OIG-14-17 A secure homeland is envisioned as a Nation that is safely protected from terrorism, as well as other manmade and natural hazards, but is also able to respond resiliently if necessary. DHS’ FY 2013 budget, including supplemental funding for Hurricane Sandy, was about $72 billion.

> Major Management and Performance Challenges Facing the Department of Homeland Security 		2014
OIG-12-02 (U) Additional Department Oversight Can Improve DHS' Intelligence Systems Security Program 2012
OIG-19-34-UNSUM We determined that DHS' information security program for Top Secret/Sensitive Compartmented Information intelligence systems is effective this year as the Department achieved “Level 4 – Managed and Measurable” in three of five cybersecurity functions, based on current reporting instructions for intelligence systems. However, we identified deficiencies in DHS’ overall patch management process and the Cybersecurity and Infrastructure Security Agency’s weakness remediation and security awareness training activities.

 

We made one recommendation to the Office of Intelligence and Analysis and two recommendations to the Cybersecurity and Infrastructure Security Agency to address the deficiencies identified. DHS concurred with all three recommendations.

>(U) Evaluation of DHS' Compliance with Federal Information Security Modernization Act Requirements for Intelligence Systems for Fiscal Year 2018 		2019
OIG-14-27 We evaluated the Department of Homeland Security’s (DHS) enterprise-wide security program for Top Secret/Sensitive Compartmented Information intelligence systems. Pursuant to the Federal Information Security Management Act, we reviewed the Department’s security program including its policies, procedures, and system security controls for enterprise-wide intelligence systems. In doing so, we assessed the Department’s continuous monitoring, configuration management, identity and access management, incident response and reporting, risk management, security training, plans of actions and milestones, contingency planning, and security capital planning. As of May 2012, the United States Coast Guard (USCG) authorizing official assumed oversight for USCG's shore-side intelligence systems from Office of Intelligence and Analysis (I&A). USCG is migrating portions of its Coast Guard Intelligence Support System to a multi-authorizing official structure including DHS, USCG, and Defense Intelligence Agency.

>(U) Evaluation of DHS' Intelligence Systems Compliance with FISMA Requirements for FY13 		2014
OIG-13-21 Since our fiscal year 2011 evaluation, the Office of Intelligence and Analysis (I&A) has improved its oversight of Department-wide systems and established programs to monitor ongoing security practices. I&A has developed and implemented a training program to educate DHS’ growing number of personnel assigned security duties on intelligence systems. In addition, progress has been made in collaboration with other DHS components in centralizing the planning and prioritization of security weakness remediation, streamlining system configuration management, and maintaining a current systems inventory. However, we identified deficiencies at the United States Coast Guard (USCG) in system authorizations and specialized training and incident response, contingency planning, and security capital planning at the United States Secret Service (USSS).

>(U) Further Development and Reinforcement of Department Policies Can Strengthen DHS' Intelligence Systems Security Program 		2013
OIG-06-58 (U) Office of Inspector General Laptop Computers are Susceptible to Compromise (Unclassified and Redacted) 2006
OIG-14-135 We evaluated the Department of Homeland Security’s (DHS) enterprise-wide security program for Top Secret/Sensitive Compartmented Information intelligence systems. Pursuant to the Federal Information Security anagement Act, we reviewed the Department’s security program including its policies, procedures, and system security controls for enterprise-wide intelligence systems. In doing so, we assessed the Department’s continuous monitoring, configuration management, identity and access management, incident response and reporting, risk management, security training, plans of actions and milestones, remote access, contingency planning, contractor systems and security capital planning. The United States Coast Guard (USCG) has migrated the Coast Guard Intelligence Support System into a new system that is supported by DHS, the Defense ntelligence Agency and USCG.

>(U) Review of DHS' Information Security Program for Intelligence Systems for Fiscal Year 2014 		2014
OIG-05-45 A Review of DHS' Responsibilities For Juvenile Aliens 2005
OIG-07-68 A Review of Homeland Security Activities Along a Segment of the Michigan-Canadian Border (Unclassified Summary) 2007
OIG-15-138 The Department of Homeland Security (DHS) manages a diverse warehouse portfolio. According to the Government Accountability Office, managing the Federal government’s real property — which includes warehouses — is a high-risk area. DHS’ components own and lease warehouses for a variety of reasons, such as storing disaster relief supplies, computer equipment, seized assets, and excess property. Our audit objective was to determine the effectiveness of DHS’ process of assessing and managing its warehousing needs. Although DHS has taken steps to assess its warehouses, it cannot effectively manage its warehouse needs because some of the components misclassify many of their warehouses. We found buildings that should not have been on the Department’s warehouse inventory. Conversely, we found buildings that should have been classified as warehouses, but were not. Because the warehouse inventories are inaccurate, DHS cannot manage warehouses or demonstrate compliance with requirements to limit the size of real property inventories and reduce costs. Even though most warehouses we visited were well organized and appeared to support the components’ missions, we identified three warehouses that CBP could potentially consolidate or close and put $1 million per year to better use.

>Accurate Reporting and Oversight Needed to Help Manage DHS' Warehouse Portfolio 		2015
OIG-08-56 Acquisition Workforce Training and Qualifications 2008
OIG-06-53 Additional Guidance and Security Controls Are Needed Over Systems Using RFID at DHS, (Redacted) 2006
OIG-08-08 Administration of the Federal Trucking Industry Security Grant Program for FY 2004 and FY 2005 2008
OIG-07-56 ADVISE Could Support Intelligence Analysis More Effectively 2007
OIG-09-74  

>Advisory Report: DHS' Capabilities to Implement the American Recovery and Reinvestment Act of 2009 		2009
OIG-07-78 Agreed-upon Procedures on DHS' 3rd Quarter Intra-governmental Activity and Balances 2007
OIG-14-87 After the Federal Emergency Management Agency (FEMA) reduced the amount ofawards in fiscal years 2011 and 2012, Alabama decided that funding statewide initiatives to assist all local jurisdictions was more beneficial than allocating smaller amounts to individual jurisdictions. The Alabama Department of Homeland Security’s investment in statewide projects may have been more beneficial and a good use of limited grant funds. Alabama, however, did not obtain the required consent of local units of government before funding the statewide initiatives. It also did not have a current state homeland security strategy and a method to measure preparedness, nor did it always follow an established internal control to approve expenditures. In most cases, subgrantees complied with procurement requirements, but they did not always comply with inventory and property record requirements.

>Alabama's Management of State Homeland Security Program Grants Awarded During Fiscal Years 2010 Through 2012 		2014
OIG-04-33 An Evaluation of DHS Activities to Implement Section 428 of the Homeland Security Act of 2002, August 2004 2004
OIG-04-26 An Evaluation of the Security Implications of the Visa Waiver Program, April 2004 2004
OIG-05-23 Audit of Buy American Act Compliance 2005
OIG-18-69 Since FY 2014, DHS improved conference spending reporting and implemented policies and procedures to ensure proper oversight and accurate and timely reporting. However, we found instances where DHS did not comply with annual conference reporting requirements. The Department failed to report two conferences costing more than $100,000 each. The Department also did not always report all hosted conferences costing more than $20,000 to OIG within 15 days of the conclusion of each conference. In addition, the Department did not always properly record actual costs accurately and within 45 days of the conclusion of each conference. Although DHS did not always comply with reporting requirements, in most cases, its FY 2016 conference expenses appeared appropriate, reasonable, and necessary.

>Audit of Department of Homeland Security's Fiscal Year 2016 Conference Spending 		2018
OIG-19-39 This report presents the results of KPMG LLP’s (KPMG) work conducted to address the performance audit objectives relative to the Audit of Department of Homeland Security’s Fiscal Year 2017 Conference Spending. KPMG performed the work during the period of September 18, 2017 to August 30, 2018, and our scope period for testing was October 1, 2016 through September 30, 2017. KPMG LLP (KPMG) found that DHS management has policies and procedures over conference spending and reporting, improvements are needed. KMPG made seven recommendations to improve conference spending reporting.

>Audit of Department of Homeland Security's Fiscal Year 2017 Conference Spending 		2019
OIG-06-52 Audit of DHS' Corrective Action Plan Process for Financial Reporting - Report No. 1 2006
OIG-06-61 Audit of DHS' Corrective Action Plan Process for Financial Reporting - Report No. 2 2006
OIG-07-13 Audit of DHS' Corrective Action Plan Process for Financial Reporting - Report No. 3, 2007
OIG-19-44 Audit of DHS' Issuance and Management of Other Transaction Agreements Involving Consortium Activities 2019
OIG-07-29 Audit of DHS’ Corrective Action Plan Process for Financial Reporting 2007
OIG-06-66 Audit of Management Controls Over Automated Commercial Environment (ACE) Contractor Billings 2006
OIG-06-66 Audit of Management Controls Over Automated Commercial Environment (ACE) Contractor Billings 2006
OIG-07-61 Better Management Needed for the National Bio-Surveillance Integration System Program 2007
OIG-09-55  

>Better Monitoring and Enhanced Technical Controls Are Needed to Effectively Manage LAN-A (Redacted) 		2009
OIG-18-10 The Department faces challenges to effectively sharing cyber threat information across Federal and private sector entities. Without acquiring a cross-domain information processing solution and automated tools, DHS cannot analyze and share threat information timely. Further, without enhanced outreach, DHS cannot increase participation and improve coordination of information sharing across Federal and private organizations.

 

>Biennial Report on DHS’ Implementation of the Cybersecurity Act of 2015 		2018
OIG-21-22 We determined that DHS’ Countering Weapons of Mass Destruction Office (CWMD) BioWatch has information sharing challenges that reduce nationwide readiness to respond to biological terrorism threats.  We made four recommendations that, when implemented, will improve BioWatch. CWMD concurred with all four recommendations. 

>Biological Threat Detection and Response Challenges Remain for BioWatch (REDACTED) 		2021
OIG-19-23 Within U.S. Customs and Border Protection (CBP), Border Patrol agents are responsible for patrolling our international land borders and coastal waters surrounding Florida and Puerto Rico. We conducted this audit to determine to what extent Border Patrol agents meet workload requirements related to investigative and law enforcement activities. Border Patrol needs to manage its workforce more efficiently, effectively, and economically. CBP and Border Patrol must expedite the development and implementation of a workforce staffing model for Border Patrol as required by Congress. Without a complete workforce staffing model, Border Patrol senior managers are unable to definitively determine the operational needs for, or best placement of, the 5,000 additional agents DHS was directed to hire per the January 2017 Executive Order.

>Border Patrol Needs a Staffing Model to Better Plan for Hiring More Agents 		2019
OIG-06-37 Buy American Act Compliance, , May 2006 2006
OIG-20-05 From fiscal years 2015 through 2018, in the midst of a growing opioid epidemic, U.S. Customs and Border Protection (CBP), U.S. Immigration and Customs Enforcement, Transportation Security Administration, and U.S. Secret Service appropriately disciplined employees whose drug test results indicated illegal opioid use, based on their employee standards of conduct and tables of offenses and penalties.  Additionally, during the same time period, components have either implemented or are taking steps to evaluate whether employees using prescription opioids can effectively conduct their duties.  For example, components have established policies prohibiting the use of prescription opioids that may impact an employee’s ability to work, in addition to requiring employees to report such prescription opioid use.  They have also implemented or are in the process of implementing measures to evaluate the fitness for duty of employees using prescription opioids.  These policies establish consistent standards components can use to ensure they are allowing employees to use legally-prescribed opioids, while also ensuring their workforce is capable of effectively performing their duties.  We made two recommendations to improve components’ oversight of illegal and prescription opioid use by employees.  CBP and Secret Service concurred with the recommendations, which are both resolved and open.

>CBP, ICE, TSA, and Secret Service Have Taken Steps to Address Illegal and Prescription Opioid Use 		2020
OIG-08-48 Challenges Remain In Executing the Department of Homeland Security’s Information Technology Program For Its Intelligence Systems Unclassified Summary 2008
OIG-07-48 Challenges Remain in Securing the Nation's Cyber Infrastructure 2007
OIG-15-97-VR DHS continues to lack reliable interoperable communications for emergencies, as well as daily operations and planned events. The inability to communicate effectively during an emergency presents serious risks to the health and safety of the public. To better fulfill its mission and unify its efforts, DHS must prioritize interoperable communications and expedite the implementation of the recommended corrective actions in our DHS’ Oversight of Interoperable Communications report.

>Corrective Actions Still Needed to Achieve Interoperable Communications 		2015
OIG-13-03 On September 29, 2009, FEMA awarded a Transit Security Grant of $48,286,592 (number 2009-RA-RI-0105) to the Port Authority of New York and New Jersey (Port). The purpose of the grant is to fund exterior and interior mitigation measures to strengthen the PATH rail tunnels connecting cities in northern New Jersey to Manhattan. Reimbursement for eligible project costs is based on the grant agreement; Office of Management and Budget (OMB) Circular A-87, Cost Principles for State,Local and Indian Tribal Governments, Revised; and FEMA guidance. As of March 31, 2012, the Port had claimed project costs totaling $42,020,112. The costs covered the period from September 1, 2009, through March 31, 2012.

>Costs Claimed by the Port Authority of New York and New Jersey Under Transit Security Grant No. 2009-RA-R1-0105 		2013
GC-HQ-06-51 Debit Card Overdrafts 2006
OIG-12-133  

>Department of Homeland Security Compliance with the Federal Acquisition Regulation Revisions on Proper Use and Management of Cost-Reimbursement Contracts 		2012
OIG-07-37 Department of Homeland Security Executive Transportation and Shuttle Bus Services Contract Review 2007
Department of Homeland Security Section - Top Challenges Facing Federal Agencies: COVID-19 Emergency Relief and Response Efforts 2020
OIG-10-42  

>Department of Homeland Security's Acquisition Data Management Systems  		2010
OIG-15-94 (Revised) Our objective was to determine whether the Department of Homeland Security (DHS) complied with the Improper Payments Elimination and Recovery Act of 2010 (IPERA). We also evaluated the accuracy and completeness of DHS’ improper payment reporting and DHS’ performance in reducing and recapturing improper payments. Although DHS met all the reporting requirements of IPERA, it did not meet its annual reduction targets established for each high-risk program as required by OMB. As such, we concluded that DHS did not fully comply with IPERA.

>Department of Homeland Security's FY 2014 Compliance with the Improper Payments Elimination and Recovery Act of 2010 (Revised) 		2015
OIG-16-88 Our objective was to determine whether the Department of Homeland Security complied with the Improper Payments Elimination and Recovery Act of 2010 (IPERA). We also evaluated the accuracy and completeness of DHS’ improper payment reporting.

>Department of Homeland Security's FY 2015 Compliance with the Improper Payments Elimination and Recovery Act of 2010 		2016
OIG-17-59 We determined that DHS did not fully comply with the Improper Payments Elimination and Recovery Act of 2010 (IPERA) because it did not publish accurate accompanying materials to the Agency Financial Report (AFR) as required by Office of Management and Budget (OMB) guidance.  The Department also did not meet its annual reduction targets established for each high-risk program.  DHS did comply with Executive Order 13520 by properly compiling and making available to the public DHS’ FY 2016 Quarterly High-Dollar Overpayment reports. Additionally, we determined DHS did not properly perform oversight of the components’ improper payment testing and reporting.  We made five recommendations that would help DHS’ Risk Management and Assurance Division (RM&A) strengthen its oversight and review procedures for IPERA risk assessments.  We also recommended that RM&A follows OMB requirements to comply with IPERA.

>Department of Homeland Security's FY 2016 Compliance with the Improper Payments Elimination and Recovery Act of 2010 and Executive Order 13520, Reducing Improper Payments 		2017
OIG-18-72 DHS did not comply with IPERA because it did not meet one of the six IPERA requirements. Specifically, DHS did not meet its annual reduction targets for 2 of 14 programs. Additionally, we determined that DHS did not provide adequate oversight of the component’s improper testing and reporting.

>Department of Homeland Security's FY 2017 Compliance with the Improper Payments Elimination and Recovery Act of 2010 		2018

*NDAA, Pub. L. 117-263, section 5274 Response Received. View responses

Return to top of page