Skip to main content
U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Audits, Inspections, and Evaluations

Report Number Title Issue Date Fiscal Year
OIG-16-55 We contracted with the independent public accounting firm KPMG LLP (KPMG) to audit DHS’ fiscal year (FY) 2015 consolidated financial statements and internal control over financial reporting. KPMG expressed an unmodified (clean) opinion on the consolidated financial statements, and issued an adverse opinion on DHS’ internal control over financial reporting for FY 2015. The management letter contains 89 observations related to internal control and other operational matters for management’s consideration. KPMG noted deficiencies and the need for improvement in certain processes. These deficiencies did not meet the criteria to be reported in the Independent Auditors’ Report on DHS’ FY 2015 Financial Statements and Internal Control over Financial Reporting, dated November 13, 2015, included in the DHS FY 2015 Agency Financial Report.

>Management Letter for the Audit of DHS' FY 2015 Financial Statements and Internal Control over Financial Reporting 		2016
OIG-16-51 We conducted this review to determine whether U.S. Customs and Border Protection (CBP) has implemented the Department of Homeland Security’s (DHS) Prison Rape Elimination Act of 2003 (PREA) regulations. The DHS PREA regulations set standards for CBP to prevent, detect, and respond to sexual abuse and assault. The regulations also require CBP to complete audits of holding facilities that “house detainees overnight” by July 2018. Since DHS issued its PREA regulations, CBP has taken measures, including issuing its zero-tolerance policy and designating a full-time Prevention of Sexual Assault Coordinator, to ensure its offices, stakeholders, and managers are aware of CBP’s roles and responsibilities. However, CBP’s implementation actions lack adequate planning, a budget, a component-wide policy to coordinate the efforts of all offices and personnel, and criteria to determine which facilities should be defined as overnight facilities and therefore subject to audits. Further, at the time of our review, CBP had not determined the feasibility of securing a joint PREA audit contract with U.S. Immigration and Customs Enforcement. These problems may hinder CBP’s implementation of the DHS PREA regulations and ultimately, its ability to meet PREA’s goal to prevent, detect, and respond to sexual abuse and assault.

>CBP Needs to Better Plan Its Implementation of the DHS Prison Rape Elimination Act Regulations 		2016
OIG-16-59 Public Law 110-53, Implementing Recommendations of the 9/11 Commission Act of 2007, requires the Department of Homeland Security (DHS) Office of Inspector General (OIG) to audit individual states’ management of Homeland Security Grant Program (HSGP) awards. We audited the State of Maryland, which was awarded $35 million from FEMA for fiscal years 2011–13. In most instances, Maryland distributed and spent the HSGP awards in compliance with applicable laws and regulations; however, the State lacked adequate controls over more than $10.8 million in grant funds we reviewed. This occurred because FEMA and the State did not ensure adequate management and oversight of HSGP funds.

>Maryland's Management of Homeland Security Grant Program Awards for Fiscal Years 2011-13 		2016
OIG-16-58 On March 4, 2015, Congress enacted Public Law 114–4, Consolidated Appropriations Act, 2015. According to Section 518(a), the Secretary of Department of Homeland Security (DHS) shall submit a report not later than October 15, 2015, to the Office o Inspector General, listing all grants and contracts awarded by any means other than full and open competition during fiscal year (FY) 2015. As required, we reviewed the report and assessed departmental compliance with applicable laws, regulations, and departmental procedures.

>DHS Contracts and Grants Awarded through Other Than Full and Open Competition FY 2015 		2016
OIG-16-57 KPMG LLP, under contract with the DHS Office of Inspector General, audited the Domestic Nuclear Detection Office’s (DNDO) financial statements and internal control over financial reporting for fiscal year (FY) 2015. The management letter contains one observation related to internal controls and other operational matters for management’s consideration. KPMG LLP noted an internal control deficiency and the need for improvement in the undelivered order process. The deficiency is not considered significant and was not required to be reported in the Independent Auditors’ Report on DHS’ FY 2015 Financial Statements and Internal Control over Financial Reporting, dated November 13, 2015, included in the DHS FY 2015 Agency Financial Report.

>Domestic Nuclear Detection Office's Management Letter for DHS' FY 2015 Financial Statements Audit 		2016
OIG-16-60-D The Municipality of Jayuya, Puerto Rico (Municipality), received a $4.46 million grant award from the Puerto Rico Emergency Management Agency (Puerto Rico), a Federal Emergency Management Agency (FEMA) grantee, for damages resulting from Hurricane Irene in August 2011. We audited projects totaling $3.54 million to determine whether the Municipality accounted for and expended FEMA funds according to Federal requirements. For the projects we reviewed, the Municipality generally accounted for and expended FEMA funds according to Federal requirements. However, we did identify $267,960 (Federal share $200,970) of costs that FEMA should disallow. These costs consisted of $237,695 of duplicate benefits and $30,265 of unsupported project costs.

>FEMA Should Recover $267,960 of $4.46 Million in Public Assistance Grant Funds Awarded to the Municipality of Jayuya, Puerto Rico, for Hurricane Irene Damages 		2016
OIG-16-62 The Chief Financial Officers Act of 1990 (Public Law 101-576) and the Department Of Homeland Security Financial Accountability Act (Public Law 108-330) require us to conduct an annual audit of the Department of Homeland Security’s (DHS) consolidated financial statements and internal control over financial reporting.

>Management Directorate's Management Letter for DHS' FY 2015 Financial Statements Audit 		2016
OIG-16-64 We conducted this review of the Secret Service as part of an overall review of the Secret Service’s presidential protective function to determine whether in three incidents the Secret Service followed its own protective policies, what actions were taken to correct identified deficiencies, and whether these corrections are adequate.

>2014 White House Fence Jumping Incident (Redacted) 		2016
OIG-16-63-D San Bernardino County,California (County), receive a $16.5 million Public Assistance grant award for damages resulting from California wildfires that occurred from October 2007 through March 2008. We audited $14.3 million of the $16.5 million gross award.

>San Bernardino County, California, Generally Accounted for and Expended FEMA Public Assistance Funds Properly 		2016
OIG-16-65 The Chief Financial Officers Act of 1990 (Public Law 101- 576) and the Department Of Homeland Security Financial Accountability Act (Public Law 108-330) require us to conduct an annual audit of the Department of Homelan Security’s (DHS) consolidated financial statements and internal control over financial reporting.

>Office of Financial Management's Management Letter for DHS' FY 2015 Financial Statements Audit 		2016
OIG-16-67-D The Town of Lyons, Colorado (Town), received a $36 million Public Assistance grant for damages from a September 2013 flood. We conducted this audit early in the grant process to identify areas where the Town may need additional technical assistance or monitoring to ensure compliance with Federal requirements.

>Lyons and Colorado Officials Should Continue to Improve Management of $36 Million FEMA Grant 		2016
OIG-12-48 Department of Homeland Security's Compliance with the Improper Payments Elimination and Recovery Act of 2010 (Revised) 2012
OIG-16-66-D The Municipality of Villalba, Puerto Rico (Municipality), received a $2.58 million grant awar from the Puerto Rico Emergency Management Agency (Puerto Rico), a Federal Emergency Management Agency (FEMA) grantee, for damages resulting from Hurricane Irene in August 2011.

>FEMA Should Disallow $1.30 Million of $2.58 Million in Public Assistance Grant Funds Awarded to the Municipality of Villalba, Puerto Rico, for Hurricane Irene Damages 		2016
OIG-16-61 Each year, our independent auditors identify component-level information technology (IT) control deficiencies as part of the DHS consolidated financial statement audit. This letter provides details that were not included in the fiscal year 2015 DHS Agency Financial Report.

>Information Technology Management Letter for the U. S. Immigration and Customs Enforcement Component of the FY 2015 Department of Homeland Security Financial Statement Audit 		2016
OIG-16-71 The Chief Financial Officers Act of 1990 (Public Law 101-576) and the Department Of Homeland Security Financial Accountability Act (Public Law 108-330) require us to conduct an annual audit of the Department of Homeland Security’s (DHS) consolidated financial statements and internal control over financial reporting. For

>Office of Health Affairs’ Management Letter for DHS’ FY 2015 Financial Statements Audit 		2016
OIG-16-73 The Chief Financial Officers Act of 1990 (Public Law 101-576) and the Department Of Homeland Security Financial Accountability Act (Public Law 108-330) require us to conduct an annual audit of the Department of Homeland Security’s (DHS) consolidated financial statements and internal control over financial reporting. For

>National Protection and Programs Directorate's Management Letter for DHS' FY 2015 Financial Statements Audit 		2016
OIG-16-72 The Chief Financial Officers Act of 1990 (Public Law 101-576) and the Department Of Homeland Security Financial Accountability Act (Public Law 108-330) require us to conduct an annual audit of the Department of Homeland Security’s (DHS) consolidated financial statements and internal control over financial reporting

>Federal Emergency Management Agency's Management Letter for DHS' FY 2015 Financial Statements Audit 		2016
OIG-16-74 The Chief Financial Officers Act of 1990 (Public Law 101-576) and the Department Of Homeland Security Financial Accountability Act (Public Law 108-330) require us to conduct an annual audit of the Department of Homeland Security’s (DHS) consolidated financial statements and internal control over financial reporting. For

>Federal Law Enforcement Training Centers' Management Letter for DHS' FY 2015 Financial Statements Audit 		2016
OIG-16-75 U.S. Customs and Border Protection’s (CBP) Office of Internal Affairs (IA) has oversight authority for all aspects of CBP operations, personnel, and facilities to ensure compliance with all CBP-wide programs and policies relating to corruption, misconduct, or mismanagement. From October 1, 2010, through March 12, 2015, CBP received 11,367 allegations of misconduct by its employees. IA investigated 6,524 of those allegations, of which 819 were classified as criminal.

>CBP Needs Better Data to Justify Its Criminal Investigator Staffing 		2016
OIG-16-69 Each year, our independent auditors identify component-level information technology (IT) control deficiencies as part of the DHS consolidated financial statement audit. This letter provides details that were not included in the fiscal year (FY) 2015 DHS Agency Financial Report

>Information Technology Management Letter for the United States Secret Service Component of the FY 2015 Department of Homeland Security Financial Statement Audit 		2016
OIG-16-79 The Chief Financial Officers Act of 1990 (Public Law 101-576) and the Department Of Homeland Security Financial Accountability Act (Public Law 108-330) require us to conduct an annual audit of the Department of Homeland Security’s (DHS) consolidated financial statements and internal control over financial reporting.

>United States Citizenship and Immigration Services' Management Letter for DHS' FY 2015 Financial Statements Audit 		2016
OIG-16-76 The Chief Financial Officers Act of 1990 (Public Law 101-576) and the Department Of Homeland Security Financial Accountability Act (Public Law 108-330) require us to conduct an annual audit of the Department of Homeland Security’s (DHS) consolidated financial statements and internal control over financial reporting.

>Science and Technology Directorate's Management Letter for DHS' FY 2015 Financial Statements Audit 		2016
OIG-16-78-D The City of Evans, Colorado (City) received a $10.8 million grant from Colorado, a Federal Emergency Management Agency (FEMA) grantee, for damages from severe storms and flooding in September 2013. We conducted this audit early in the grant process to identify areas where the City may need additional technical assistance or monitoring to ensure compliance.

>Colorado Should Provide the City of Evans More Assistance in Managing FEMA Grant Funds 		2016
OIG-16-80 The Chief Financial Officers Act of 1990 (Public Law 101-576) and the Department Of Homeland Security Financial Accountability Act (Public Law 108-330) require us to conduct an annual audit of the Department of Homeland Security’s (DHS) consolidated financial statements and internal control over financial reporting.

>United States Immigration and Customs Enforcement's Management Letter for DHS' FY 2015 Financial Statements Audit 		2016
OIG-16-77 The Chief Financial Officers Act of 1990 (Public Law 101- 576) and the Department Of Homeland Security Financial Accountability Act (Public Law 108-330) require us to conduct an annual audit of the Department of Homeland Security’s (DHS) consolidated financial statements and internal control over financial reporting.

>United States Coast Guard's Management Letter for DHS' FY 2015 Financial Statements Audit 		2016
OIG-16-81 The Chief Financial Officers Act of 1990 (Public Law 101-576) and the Department Of Homeland Security Financial Accountability Act (Public Law 108-330) require us to conduct an annual audit of the Department of Homeland Security’s (DHS) consolidated financial statements and internal control over financial reporting. For

>United States Secret Service's Management Letter for DHS' FY 2015 Financial Statements Audit 		2016
OIG-16-83 Each year, our independent auditors identify component-level information technology (IT) control deficiencies as part of the DHS consolidated financial statement audit. This letter provides details that were not included in the fiscal year 2015 DHS Agency Financial Report.

>Information Technology Management Letter for the Office of Financial Management and Office of Chief Information Officer Components of the FY 2015 Department of Homeland Security Financial Statement Audit 		2016
OIG-16-85-D FROM: John E. McCoy II

Assistant Inspector General for Audits

SUBJECT: Office of Inspector General Emergency Management Oversight Team Deployment Audits

Audit Report Numbers OIG-13-84, OIG-13-117, OIG-13-124, OIG-14-50-D, OIG-14-111-D, OIG-15-92-D, OIG-15-102-D, OIG-15-105-D, OIG-16-53-D, OIG-16-85-D, OIG-16-106-D, OIG-17-37-D

After completing an internal review of our audits related to multiple Emergency Management Oversight Team (EMOT) projects, we have decided to permanently remove the subject reports from our public website.

Our internal review found the subject reports may not have adequately answered objectives and, in some cases, may have lacked sufficient and appropriate evidence to support conclusions. Answering objectives with sufficient and appropriate evidence is required under Government Auditing Standards or Quality Standards for Inspection and Evaluation. In an abundance of caution, we believe it best to recall the reports and not re-issue them.

Going forward, our EMOTs will deploy during the response phase of a disaster to identify and alert the Federal Emergency Management Agency (FEMA) and its stakeholders of potential issues or risks if they do not follow FEMA and other Federal requirements. The EMOT’s reviews will not be conducted under Government Auditing Standards. The teams will continue to observe and identify potential risk areas that will be addressed by future traditional audits, if necessary.

A complete list of the projects removed from our website is attached. You should not place any reliance on these reports.

Please contact me at (202) 254-4100 if you have any questions.

>FEMA's Initial Response to the 2015 Texas Spring Severe Storms and Flooding 		2016
OIG-16-86-D The April 2013 fertilizer plant explosion devastated the City of West, Texas, killing 15 people and leveling homes in a 5-block radius. The West School Administration received a $5.1 million Federal Emergency Management Agency (FEMA) grant from the Texas Division of Emergency Management, a FEMA grantee, for emergency measures. Our audit objective was to determine whether West School Administration accounted for and expendedFEMA funds according to Federal requirements.

>The West School Administration Effectively Accounted for the FEMA Emergency Grant Funds Awarded for the West, Texas Fertilizer Plant Explosion 		2016
OIG-16-82 Each year, our independentauditors identify component-level information technology (IT) control deficiencies as part of the DHS consolidated financial statement audit. This letter provides details that were not included in the fiscal year 2015 DHS Agency Financial Report.

>Information Technology Management Letter for the Science and Technology Directorate Component of the FY 2015 Department of Homeland Security Financial Statement Audit 		2016
OIG-16-70 Each year, our independent auditors identify component-level information technology (IT) control deficiencies as part of the DHS consolidated financial statement audit. This letter provides details that were not included in the fiscal year (FY) 2015 DHS Agency Financial Report.

>Information Technology Management Letter for the U.S. Citizenship and Immigration Services Component of the FY 2015 Department of Homeland Security Financial Statement Audit 		2016
OIG-16-87 We previously reported on deficiencies in information technology (IT) security controls of the Security Technology Integrated Program (STIP), a data management system that connects airport transportation security equipment (TSE) to servers. We conducted this audit to assess the current extent of the deficiencies and the actions the Transportation Security Administration (TSA) has taken to address them. Wha

>IT Management Challenges Continue in TSA's Security Technology Integrated Program (Redacted) 		2016
OIG-16-84 Each year, our independent auditors identify component-level information technology (IT) control deficiencies as part of the DHS consolidated financial statement audit. This letter provides details that were not included in the fiscal year (FY) 2015 DHS Agency Financial Report.

>Information Technology Management Letter for the National Protection and Programs Directorate Component of the FY 2015 Department of Homeland Security Financial Statement Audit 		2016
OIG-16-88 Our objective was to determine whether the Department of Homeland Security complied with the Improper Payments Elimination and Recovery Act of 2010 (IPERA). We also evaluated the accuracy and completeness of DHS’ improper payment reporting.

>Department of Homeland Security's FY 2015 Compliance with the Improper Payments Elimination and Recovery Act of 2010 		2016
OIG-16-68 Each year, our independent auditors identify component-level information technology (IT) control deficiencies as part of the DHS consolidated financial statement audit. This letter provides details that were not included in the fiscal year (FY) 2015 DHS Agency Financial Report.

>Information Technology Management Letter for the FY 2015 U.S. Customs and Border Protection 		2016
OIG-16-91 We conducted this audit to determine the extent to which the Transportation Security Administration (TSA) has the policies, processes, and oversight measures to improve security at the National Railroad Passenger Corporation (Amtrak). TSA has limited regulatory oversight processes to strengthen passenger security at Amtrak because the component has not fully implemented all requirements from Public Law 110–53, Implementing Recommendations of the 9/11 Commission Act of 2007 (9/11 Act). Federal regulations require Amtrak to appoint a rail security coordinator and report significant security concerns to TSA. Although the9/11 Act requires TSA to establish additional passenger rail regulations, the component has not fully implemented those regulations. Specifically, TSA has not issued regulations to assign rail carriers to high-risk tiers; established a rail training program; and conducted security background checks of frontline rail employees. In the absence of formal regulations, TSA relies on outreach programs, voluntary initiatives, and recommended measures to assess and improve rail security for Amtrak.

>TSA Oversight of National Passenger Rail System Security 		2016
OIG-16-90 KPMG LLP, under contract with the DHS Office of Inspector General, audited the U.S. Customs and Border Protection’s consolidated financial statements for fiscal year (FY) 2015. The resulting management letter contains 16 observations related to internal controls and other operational matters for management’s consideration. KPMG LLP noted internal control deficiencies and the need for improvement in several processes including control over settlement assets; the trade compliance measurement review process; review of Federal Employee Compensation Act Claims; controls in the seized and forfeited property inventory process; and reviews over the Performance and Accountability Report. These deficiencies did not meet the criteria to be reported in the Independent Auditors' Report on U.S. Customs and Border Protection’s FY 2015 Consolidated Financial Statements, dated March 21, 2016.These observations are intended to improve internal control or result in other operating efficiencies.

>Management Letter for the U.S. Customs and Border Protection's FY 2015 Consolidated Financial Statements Audit 		2016
OIG-16-89 Each year, our independent auditors identify component-level information technology (IT) control deficiencies as part of the DHS consolidated financial statement audit. This letter provides details that were not included in the fiscal year 2015 DHS Agency Financial Report.

>Information Technology Management Letter for Other Department of Homeland Security Components of the FY 2015 Department of Homeland Security Financial Statement Audit 		2016
OIG-16-93 We evaluated the Office of Intelligence and Analysis’ (I&A) safeguards for the sensitive privacy and intelligence information it collects and maintains. Our objective was to determine whether I&A ensures compliance with Federal laws, regulations, and policies. I&A has made progress in developing a culture of privacy. Specifically, I&A has centralized the oversight of privacy and civil liberties and has been working to ensure that it meets the requirements of pertinent legislation, regulations, directives, and guidance. I&A conducted specialized onboarding and advanced training that address safeguards for privacy and civil liberties in its intelligence processes. In addition, I&A designed intelligence oversight reviews to ensure that its employees observe the required safeguards. However, I&A has faced challenges because it did not place priority on institutionalizing other capabilities and processes to ensure timely and complete compliance with requirements regarding privacy and intelligence information.

>Office of Intelligence and Analysis Can Improve Transparency and Privacy 		2016
OIG-12-84 Free and Secure Trade Program – Continued Driver Eligibility 2012
OIG-16-95 The Department of Homeland Security has a substantial number of employees who travel and work abroad. Off-duty misconduct can undermine the Department’s credibility and integrity and hinder its ability to achieve its mission. Our objective was to determine whether DHS has adequate policies and training governing off-duty conduct while abroad.

>DHS Does Not Have Comprehensive Policies or Training for Off-duty Conduct of Employees Traveling and Working Abroad 		2016
OIG-16-94-D Augusta-Richmond County, Georgia (County), received a $12.93 million grant award from the Georgia Department of Emergency Management (Georgia), a Federal Emergency Management Agency (FEMA) grantee, for damages resulting from a February 2014 severe winter storm. Our audit objective was to determine whether the County accounted for and expended FEMA funds according to Federal requirements.

>FEMA Held Augusta-Richmond County, Georgia, Accountable for Not Complying with Federal Contracting Requirements when Managing a 2014 Public Assistance Disaster Grant 		2016
OIG-16-92 December 3, 2015 – San Bernardino Incident 2016
OIG-16-96-IQO We conducted this review as part of the planned periodic review of the Department of Homeland Security (DHS) component internal affairs offices by the DHS Office of Inspector General in keeping with the oversight responsibilities mandated by the Inspector General Act of 1978, as amended.

>Oversight Review of the United States Citizenship and Immigration Services, Investigations Division 		2016
OIG-16-99-D Wildfires devastated the Berkeley Tuolumne Camp from August to October 2013. FEMA expects eligible damages, before deducting insurance, to exceed $12 million. We conducted this audit early in the grant process to identify areas where the City may need additional technical assistance or monitoring to ensure compliance with Federal requirements.

>FEMA and California Need to Assist the City of Berkeley to Improve the Management of a $12 Million FEMA Grant 		2016
OIG-16-98 Since 2001, the Federal Emergency Management Agency’s (FEMA) Assistance to Firefighters Grant (AFG) Program has awarded fire departments and first responder organizations almost $10 billion through AFG and Staffing for Adequate Fire and Emergency Response (SAFER) grants. We reviewed whether recipients complied with grant requirements and guidance to prevent waste, fraud, and abuse of grant funds. This report on SAFER grants is being issued as a companion report to our report on AFG grants.

>FEMA's Grant Programs Directorate Did Not Effectively Manage Assistance to Firefighters Grant Program -SAFER Grants 		2016
OIG-16-97-D Cimarron Electric Cooperative (Cimarron) received a $69.2 million Federal grant from the Oklahoma Department of Emergency Management (Oklahoma), a FEMA grantee, for damages resulting from a severe winter storm in February 2013. Our audit objective was to determine whether Cimarron accounted for and expended FEMA funds according to Federal regulations and FEMA guidelines.

>FEMA Should Recover $51.2 Million in Grant Funds Awarded to Cimarron Electric Cooperative, Kingfisher, Oklahoma 		2016
OIG-16-102-D We issued this advisory report to notify the Federal Emergency Management Agency (FEMA) of an issue that requires its immediate attention. During our audit ofFEMA’s initial response to the 2015 wildfires in Northern California, we observed personnel mishandling Personally Identifiable Information (PII) at disaster relief sites. FEMA officials need to take quick action to ensure the protection of PII in future disasters.

>FEMA Continues to Experience Challenges in Protecting Personally Identifiable Information at Disaster Recovery Centers 		2016
OIG-16-101 The Chief Financial Officers Act of 1990 (Public Law 101-576) and the Department Of Homeland Security Financial Accountability Act (Public Law 108-330) require us to conduct an annual audit of the Department of HomelandSecurity’s (DHS) consolidated financial statements and internal control over financial reporting.

>National Flood Insurance Program's Management Letter for DHS' FY 2015 Financial Statements Audit (Redacted) 		2016
OIG-16-103-D The 2015 California wildfires caused severe damage to Lake County, California (County). County officials estimate that disaster-related costs may exceed $25 million. Our audit objective was to determine whether the County’s policies, procedures, and business practices are adequate to account for and expend FEMA Public Assistance Program grant funds according to Federal regulations and FEMA guidelines.

>Lake County, California, Should Continue to Improve Procurement Policies, Procedures, and Practices 		2016

*NDAA, Pub. L. 117-263, section 5274 Response Received. View responses

Return to top of page