Skip to main content
U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Audits, Inspections, and Evaluations

Report Number Title Issue Date Fiscal Year
OIG-14-73 We contracted with the independent public accounting firm KPMG LLP (KPMG) to conduct the audit of the DHS’ FY 2013 financial statements and internal control over financial reporting. The contract required that KPMG perform its audit according to generally accepted government auditing standards and guidance from the Office of Management and Budget and the Government Accountability Office. KPMG isresponsible for the attached management letter dated January 15, 2014, and the conclusions expressed in it

>Management Directorate’s Management Letter for FY 2013 DHS Financial Statements Audit 		2014
OIG-13-68 We have audited the balance sheet of the U.S. Department of Homeland Security (DHS or Department) as of September 30, 2012 and the related statements of net cost, changes in net position and custodial activity, and combined statement of budgetary resources for the year then ended (referred to herein as the fiscal year (FY) 2012 financial statements”). The objective of our audit was to express an opinion on the fair presentation of these financial statements. We were also engaged to examine the Department’s internal control over financial reporting of the FY 2012 financial statements, based on the criteria established in Office of Management and Budget (OMB), Circular No. A-123, Management’s Responsibility for Internal Control, Appendix A.

>Management Directorate’s Management Letter for FY 2012 DHS Consolidated Financial Statements Audit 		2013
OIG-11-51  

>Management Directorate's Management Letter for FY 2010 DHS Consolidated Financial Statements AuditManagement Directorate's Management Letter for FY 2010 DHS Consolidated Financial Statements Audit 		2011
OIG-16-62 The Chief Financial Officers Act of 1990 (Public Law 101-576) and the Department Of Homeland Security Financial Accountability Act (Public Law 108-330) require us to conduct an annual audit of the Department of Homeland Security’s (DHS) consolidated financial statements and internal control over financial reporting.

>Management Directorate's Management Letter for DHS' FY 2015 Financial Statements Audit 		2016
OIG-15-75 KPMG LLP reviewed the Management Directorate’s (MGMT) internal control over financial reporting. The management letter contains four observations related to internal control and other operational matters for management’s consideration.

>Management Directorate's Management Letter for DHS' FY 2014 Financial Statements Audit 		2015
OIG-22-28 Management Alert - Reporting Suspected Fraud of Lost Wages Assistance 2022
OIG-14-43 The Council ofthe Inspectors General on Integrity and Efficiency {CIGIE) tasked the Cybersecurity Working Group with undertaking a review in which it would examine the role of the Inspector General community in current Federal cybersecurity initiatives. CIGIE proposed that the Cybersecurity Working Group work under the auspices of the Information Technology (IT) Committee. As a member of the IT Committee, the Department of Homeland Security (DHS) Office of Inspector General (OIG) was asked to lead and coordinate the Cybersecurity Working Group's efforts in identifying the Inspector Generals' cybersecurity oversight role

>Management Advisory Report: A Guide for Assessing Cyber Security within the Office of Inspector General Community 		2014
GC-HQ-06-52 Management Advisory Report on the Starship Facility Renovation Project, Anniston, Alabama 2006
GC-HQ-06-05 Management Advisory Report on the Major Technical Assistance Contracts 2006
GC-HQ-06-09 Management Advisory Report on Invoices submitted under Order HSFEHQ-06-F-0047 by Corporate Lodging Consultants, Inc. 2006
OIG-15-121-MA We reviewed whether, from October 1, 2013, to December 31, 2014, DHS components reported conference expenses to OIG and the public as required. During this time period, DHS components reported 28 (15 percent) of 187 conferences they were required to report to OIG; of the 28, 2 (7 percent) were reported within the required 15 days. Based on conference expenses reported in the first quarter of fiscal year (FY) 2015, the components' compliance with the reporting requirement is improving-the percentage of conferences reported rose from 13 percent in FY 2014 to 30 percent in the first quarter of FY 2015. For all but one conference with expenses exceeding $100,000, DHS published conference expenditures on its website as required, but the public cannot easily find this information. We made three recommendations to improve DHS components' required reporting of conferences to OIG and the public. DHS concurred with these recommendations and took responsive action; we consider all three recommendations closed.

>Management Advisory on Department of Homeland Security Components' Reporting of Conference Spending (OIG 15-121-MA) 		2015
OIG-16-108 Management Advisory - DHS Should Better Evaluate the Performance of Its Working Capital Fund 2016
OIG-10-16 Major Management Challenges Facing the Department of Homeland Security  2010
OIG-07-12 Major Management Challenges Facing the Department of Homeland Security, 2007
OIG-13-09 The attached report presents our fiscal year 2012 assessment of the major management challenges facing the Department. As required by the Reports Consolidation Act of 2000 (Public Law 106-531), we update our assessment of management challenges annually. As stipulated, the report summarizes what the Inspector General considers to be the most serious management and performance challenges facing the agency and briefly assesses the agency’s progress in addressing those challenges.

>Major Management Challenges Facing the Department of Homeland Security (Revised) 		2013
OIG-06-14 Major Management Challenges Facing the Department of Homeland Security (Excerpts from the FY 2005 DHS Performance and Accountability Report), December 2005 2006
OIG-11-11 Major Management Challenges Facing the Department of Homeland Security 2011
OIG-08-11 Major Management Challenges Facing the Department of Homeland Security 2008
OIG-09-08 Major Management Challenges Facing the Department of Homeland Security 2009
OIG-12-08 Major Management Challenges Facing the Department of Homeland Security 2012
OIG-05-06 Major Management Challenges Facing the Department of Homeland Security 2005
OIG-24-05 Major Management and Performance Challenges Facing the Department of Homeland Security (MMPC) 2024
OIG-16-07 DHS’ mission to protect the Nation entails a wide array of responsibilities. These range from facilitating the flow of commerce and travelers, countering terrorism, and securing and managing the border to enforcing and administering immigration laws and preparing for and responding to natural disasters. This report identifies major challenges that affect the Department as a whole, as well as its individual components, who work together to achieve this multi-faceted mission. We identified nine areas of most persistent concern for the Department: (1) DHS Management and Operations Integration; (2) Acquisition Management; (3) Financial Management; (4) Information Management and Technology; (5) Transportation Security; (6) Border Security and Immigration Enforcement; (7) Disaster Preparedness and Response; (8) Infrastructure Protection and Cybersecurity; (9) Employee Accountability and Integrity.

>Major Management and Performance Challenges Facing the Department of Homeland Security 		2016
OIG-17-08 This report summarizes what we consider the most serious management and performance challenges to both the Department as a whole, as well as individual components challenges.  We remain concerned about the systemic nature of these challenges, some of which span multiple Administrations and changes in Department leadership.  We also assess the Department’s progress in addressing those challenges.  This year, we are reporting the Department’s major challenges in the following areas: Unity of Effort, Employee Morale and Engagement, Acquisition Management, Grants Management, Cybersecurity, Management Fundamentals.  We did not make any new recommendations in this report.

>Major Management and Performance Challenges Facing the Department of Homeland Security 		2017
OIG-19-01 Annual report, Major Management and Performance Challenges Facing the Department of Homeland Security. Pursuant to the Reports Consolidation Act of 2000, the Office of Inspector General is required to issue a statement that summarizes what the Inspector General considers to be the most serious management and performance challenges facing the agency and briefly assess the agency’s progress in addressing those challenges. We acknowledge past and ongoing efforts by Department’s senior leadership to address the challenges identified in this report. At the same time, our aim in this report is two-fold to identify areas that need continuing focus and improvement and to point out instances in which senior leadership’s goals and objectives are not executed throughout the Department. We highlight persistent management and performance challenges that hamper the Department’s efforts to accomplish the homeland security mission efficiently and effectively.

>Major Management and Performance Challenges Facing the Department of Homeland Security 		2019
OIG-21-07 Major Management and Performance Challenges Facing the Department of Homeland Security 2021
OIG-15-09 We have identified major challenges that affect both the Department as a whole, as well as individual components. DHS must continually seek to integrate management operations under an authoritative governing structure capable of effectively overseeing and managing programs that cross component lines. DHS’ mission to protect the Nation from domestic and international threats and respond to natural and manmade disasters is further challenged by the unpredictable nature of these hazards. DHS must overcome the challenges inherent with uniting the Department under the Secretary’s Unity of Effort Initiative, as well as those over which it has little control. This year, we are reporting the Department’s major challenges in the following areas: (1) DHS Operations Integration, (2) Acquisition Management, (3) Financial Management, (4) IT Management and Privacy Issues, (5) Transportation Security, (6) Border Security and Immigration Enforcement. (7) Grants Management, (8) Employee Accountability and Integrity, (9) Infrastructure Protection, Cybersecurity, and Insider Threat

>Major Management and Performance Challenges Facing the Department of Homeland Security 		2015
OIG-18-11 Department leadership must commit itself to ensuring DHS operates more as a single entity. rather than a collection of components. The lack of progress in reinforcing a unity of effort translates to a missed opportunity for greater effectiveness. Second, Department leadership must establish and enforce a strong internal control environment typical of a more mature organization. The current environment of relatively weak internal controls affects all aspects of the Department’s mission, from border protection to immigration enforcement and from protection against terrorist attacks and natural disasters to cybersecurity. We have seen little evidence of proactive effort by leadership to view the organization holistically, to forcefully communicate the need for cooperation among components, and to establish programs or policies that ensure unity, even though such effort is a necessary precondition to unified action.

 

>Major Management and Performance Challenges Facing the Department of Homeland Security 		2018
OIG-22-05 Major Management and Performance Challenges Facing the Department of Homeland Security 2022
OIG-23-01 Major Management and Performance Challenges Facing the Department of Homeland Security 2023
OIG-14-86 The audit objectives were to determine whether Maine used State Homeland Security Program grant funds in accordance with the law, program guidance, state homeland security strategies, and other applicable plans. We also addressed the extent to which grant funds enhanced the ability of grantees to prevent, prepare for, protect against, and respond to natural disasters, acts of terrorism, and other manmade disasters. We reviewed approximately $14.5 million in State Homeland Security Program grants awarded to Maine during fiscal years 2010 through 2012. Maine did not receive Urban Areas Security Initiative grant funds.

>Maine's Management of Homeland Security Grant Program Awards for Fiscal Years 2010 Through 2012 		2014
OIG-08-47 Letter Report: Review of DHS' Financial Systems Consolidation Project 2008
OIG-09-106  

>Letter Report: Review of Department of Homeland Security's Expenditure Plan: Department Headquarters Consolidation 		2009
OIG-08-31 Letter Report: DHS Needs to Prioritize Its Cyber Assets 2008
OIG-08-35 Letter Report: DHS National Applications Office Privacy Stewardship (Redacted) 2008
OIG-06-11 Letter Report: DHS Chief Information Officer Remediation Plan, November 2005 2006
OIG-14-81 The objectives of the audit were to determine whether Iowa distributed, administered, and spent State Homeland Security Program grant funds strategically, effectively, and in compliance with laws, regulations, and guidance. We also addressed the extent to which funds awarded enhanced the ability of Iowa grantees to prevent, prepare for, protect against, and respond to natural disasters, acts of terrorism, and other manmade disasters. The Federal Emergency Management Agency (FEMA) awarded Iowa approximately $14.6 million in State Homeland Security Program grants during fiscal years 2010–12. Iowa does not have an urban area designated by FEMA; therefore, it did not receive Urban Areas Security Initiative grant funds during this period.

>Iowa’s Management of Homeland Security Grant Program Awards for Fiscal Years 2010 Through 2012 		2014
OIG-14-70 We contracted with the independent public accounting firm KPMG LLP (KPMG) to conduct the audit of the DHS’ FY 2013 financial statements and internal control over financial reporting. The contract required that KPMG perform its audit according to generally accepted government auditing standards and guidance from the Office of Management and Budget and the Government Accountability Office. KPMG isresponsible for the attached management letter dated January 15, 2014, and the conclusions expressed in it

>Intelligence and Analysis’s Management Letter for FY 2013 DHS Financial Statements Audit 		2014
OIG-14-80 We contracted with the independent public accounting firm KPMG LLP (KPMG) to conduct the audit of Department of Homeland Security fiscal year 2013 consolidated financial statements. The contract required that KPMG perform its audit according to generally accepted government auditing standards and guidance from the Office of Management and Budget and the Government Accountability Office. KPMG is responsible for the attached management letter dated March 11, 2014, and the conclusion expressed in it.

>Information Technology Management Letter for the USCIS Component of the FY 2013 DHS Financial Statement Audit 		2014
OIG-16-44 We contracted with the independent public accounting firm KPMG, LLP to perform the audit of the consolidated financial statements of the U.S. Department of Homeland Security for the year ended September 30, 2015. KPMG, LLP evaluated selected general IT controls and business process application controls at the United States Coast Guard (Coast Guard). KPMG, LLP determined that Coast Guard took corrective actions to address one prior-year IT control deficiency. Specifically, Coast Guard made improvements over implementing certain account management and audit log controls. KPMG, LLP continued to identify general IT controls deficiencies related to access controls, segregation of duties, and configuration management of Coast Guard’s core financial and feeder systems. In many cases, new control deficiencies reflected weaknesses over controls and systems that were new to the scope of the FY15 audit Such deficiencies limited Coast Guard’s ability to ensure that critical financial and operational data were maintained in such a manner to ensure confidentiality, integrity, and availability.

>Information Technology Management Letter for the United States Coast Guard Component of the FY 2015 Department of Homeland Security Financial Statement Audit 		2016
OIG-14-88 We contracted with the independent public accounting firm KPMG LLP (KPMG) to conduct the audit of Department of Homeland Security fiscal year 2013 consolidated financial statements. The contract required that KPMG perform its audit according to generally accepted government auditing standards and guidance from the Office of Management and Budget and the Government Accountability Office. KPMG is responsible for the attached management letter dated March 11, 2014, and the conclusion expressed in it.

>Information Technology Management Letter for the U.S. Coast Guard Component of the FY 2013 DHS Financial Statement Audit 		2014
OIG-16-82 Each year, our independentauditors identify component-level information technology (IT) control deficiencies as part of the DHS consolidated financial statement audit. This letter provides details that were not included in the fiscal year 2015 DHS Agency Financial Report.

>Information Technology Management Letter for the Science and Technology Directorate Component of the FY 2015 Department of Homeland Security Financial Statement Audit 		2016
OIG-15-63 We contracted with the independent public accounting firm KPMG LLP to perform the audit of the consolidated financial statements of the U.S. Department of Homeland Security (DHS) for the year ended September 30, 2014. KPMG LLP evaluated selected general information technology controls and business process application controls at the Other DHS Management components. KPMG LLP performed after-hours physical security walkthroughs and social engineering and identified instances where DHS personnel did not adequately comply with requirements for safeguarding sensitive material or assets from unauthorized access or disclosure. Inadequate protection of DHS information systems and data from those without a need to know or a need for access puts DHS’ sensitive electronic and physical data at risk of loss, theft, or misuse.

>Information Technology Management Letter for the Other DHS Management Components of the FY 2014 Department of Homeland Security Financial Statement Audit 		2015
OIG-16-83 Each year, our independent auditors identify component-level information technology (IT) control deficiencies as part of the DHS consolidated financial statement audit. This letter provides details that were not included in the fiscal year 2015 DHS Agency Financial Report.

>Information Technology Management Letter for the Office of Financial Management and Office of Chief Information Officer Components of the FY 2015 Department of Homeland Security Financial Statement Audit 		2016
OIG-15-62 We contracted with the independent public accounting firm KPMG, LLP to perform the audit of the consolidated financial statements of the U.S. Department of Homeland Security (DHS) for the year ended September 30, 2014. KPMG, LLP evaluated selected general information technology controls and business process application controls at DHS’ Office of Financial Management and Office of Chief Information Officer. KPMG, LLP continued to identify deficiencies related to access controls and vulnerability management controls of DHS’ core financial system. Inadequate protection of DHS information systems and data from those without a need to know or a need for access puts DHS’ sensitive electronic and physical data at risk of loss, theft, or misuse.

>Information Technology Management Letter for the Office of Financial Management and Office of Chief Information Officer Components of the FY 2014 Department of Homeland Security Financial Statement Audit 		2015
OIG-16-84 Each year, our independent auditors identify component-level information technology (IT) control deficiencies as part of the DHS consolidated financial statement audit. This letter provides details that were not included in the fiscal year (FY) 2015 DHS Agency Financial Report.

>Information Technology Management Letter for the National Protection and Programs Directorate Component of the FY 2015 Department of Homeland Security Financial Statement Audit 		2016
OIG-17-54 We determined that most of the deficiencies identified by the independent public accounting firm KPMG resulted from a lack of properly documented, fully designed, adequately detailed, and consistently implemented financial system controls to comply with requirements of DHS Sensitive Systems Policy Directive 4300 A, Information Technology Security Program, and National Institute of Standards and Technology guidance.  The deficiencies collectively limited DHS’ ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability.  We recommended that the Acting Chief Information Officer and Chief Financial Officer, in coordination with DHS components, make improvements to DHS’ financial management systems and associated information technology security program.

>Information Technology Management Letter for the FY 2016 Department of Homeland Security Financial Statement Audit 		2017
OIG-16-45 KPMG LLP evaluated selected general IT controls, IT entity-level controls, and business process application controls at DHS components. KPMG determined that the DHS components had made progress in remediating certain IT deficiencies we reported in FY 2014. Approximately 48 percent of the prior year IT deficiencies identified were repeated. The majority of the deficiencies identified by KPMG resulted from a lack of properly documented, fully designed and implemented, adequately detailed, and consistently implemented financial system controls to comply with requirements of DHS Sensitive Systems Policy Directive 4300A, Information Technology Security Program, and National Institute of Standards and Technology guidance. The deficiencies collectively limited DHS’ ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability. The deficiencies at Customs and Border Protection, the United States Coast Guard, the Federal Emergency Management Agency, and U.S. Immigration and Customs Enforcement adversely impacted the internal controls over DHS’ financial reporting and its operation, and collectively represent a material weakness reported in the FY 2015 DHS Agency Financial Report.

>Information Technology Management Letter for the FY 2015 Department of Homeland Security Financial Statement Audit 		2016
OIG-15-93 We contracted with the independent public accounting firm KPMG LLP (KPMG) to perform the audit of the consolidated financial statements of the U.S. Department of Homeland Security (DHS) for the year ended September 30, 2014. KPMG evaluated selected general information technology controls, and information technology (IT) entity-level controls, and business process application controls at DHS’ components. KPMG noted that the DHS Components made progress in the remediation of certain IT deficiencies we reported in FY 2013, approximately 35 percent of the prior year IT deficiencies.

>Information Technology Management Letter for the FY 2014 Department of Homeland Security Financial Statement Audit 		2015
OIG-14-108 We contracted with the independent public accounting firm KPMG LLP (KPMG) to conduct the audit of Department of Homeland Security fiscal year 2013 consolidated financial statements. The contract required that KPMG perform its audit according to generally accepted government auditing standards and guidance from the Office of Management and Budget and the Government Accountability Office. KPMG is responsible for the attached management letter dated March 11, 2014, and the conclusion expressed in it.

>Information Technology Management Letter for the FY 2013 Department of Homeland Security’s Financial Statement Audit – Office of Financial Management and Office of Chief Information Officer 		2014

*NDAA, Pub. L. 117-263, section 5274 Response Received. View responses

Return to top of page