Information Technology Management Letter for the Office of Financial Management and Office of the Chief Information Officer Components of the FY 2016 Department of Homeland Security Financial Statement Audit

Most of the deficiencies identified by the independent public accounting firm KPMG LLP were related to access controls and configuration management of Office of Financial Management (OFM) and Office of the Chief Information Officer (OCIO) core financial and feeder systems.  The deficiencies collectively limited OFM’s and OCIO’s ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability.  We recommend that OFM and OCIO make improvements to DHS’ financial management systems and associated information technology security program.