Skip to main content
U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Audits, Inspections, and Evaluations

Report Number Title Issue Date Fiscal Year
OIG-15-112 As part of the follow-up to Management Alert – U.S. Immigration and Customs Enforcement’s San Pedro Service Processing Center, San Pedro, California, December 11, 2014, we obtained and analyzed additional information to determine ICE’s long-term plan for, and how much it spent on, the facility. Although U.S. Immigration and Customs Enforcement (ICE) is taking action to repair the safety issues at the San Pedro facility identified in our Management Alert, we have concerns regarding ICE’s process to renovate this facility. ICE did not develop a long-term plan for the facility and renovated a portion of the first floor by performing several small projects. Including the safety repairs, ICE will have spent $6 million on a mostly unused and unoccupied facility.

>Follow-up to Management Alert - U.S. Immigration and Customs Enforcement's Facility, San Pedro, California 		2015
OIG-15-111-D The City received a Public Assistance grant award of $9.8 million from the Oklahoma Department of Emergency Management (Oklahoma), a FEMA grantee, to recover from severe storms and tornadoes that occurred in May and June 2013. Oklahoma City, Oklahoma, (City) did not always account for and expend FEMA grant funds according to Federal regulations and FEMA guidelines. The City claimed $4.85 million in contract costs without taking the affirmative steps that Federal regulations require to ensure the use of small and minority firms, women’s business enterprises, and labor surplus area firms when possible, nor did it take the steps that its own affirmative policy required. As a result, FEMA has no assurance that these types of firms had sufficient opportunities to bid on federally funded work as Congress intended.

>FEMA Should Recover $4.85 Million of Ineligible Grant Funds Awarded to Oklahoma City, Oklahoma 		2015
OIG-15-110-D Lawrence County Engineer, Ohio (Lawrence), received a FEMA Public Assistance award of $7.5 million for damages resulting from severe storms and flooding in April and May 2011. Our audit objective was to determine whether Lawrence accounted for and expended FEMA funds according to Federal regulations and FEMA guidelines. Lawrence generally accounted for and expended FEMA Public Assistance grant funds according to Federal requirements. In the days following the flood, Lawrence employees worked diligently to clear and reopen roads. However, Lawrence did not follow all Federal procurement standards in awarding 17 contracts totaling $4.5 million that we reviewed. Lawrence awarded the contracts competitively, but did not take all required affirmative steps to ensure the use of small and minority firms, women’s business enterprises, and labor surplus area firms when possible. Therefore, FEMA has little assurance that these types of firms had sufficient opportunities to bid on Federal work to the extent Congress intended. Lawrence also did not include all required provisions in its contracts, which document the rights and responsibilities of Lawrence and its contractors.

>Lawrence County Engineer, Ohio, Generally Accounted For and Expended FEMA Grant Funds Properly 		2015
OIG-15-109-D The Unified School District #473 in Chapman, Kansas (Chapman), received an award of $65.2 million in FEMA grant funds for damages from severe storms, tornadoes, and flooding that occurred in May and June 2008. After the devastating storms, Chapman did an outstanding job of reopening all schools by August 18, 2008. However, a year after the storms, Chapman began work to rebuild its schools, but did not follow Federal procurement standards in awarding contracts valued at $50 million. As a result, FEMA has no assurance that contract costs were reasonable; full and open competition did not occur; and small and minority/women-owned firms did not receive opportunities to bid on Federal contracts.

>Kansas and the Unified School District #473 in Chapman, Kansas, Did Not Properly Administer $50 Million of FEMA Grant Funds 		2015
OIG-15-106-D Dixie Electric received a $9.2 million award in FEMA grant funds for 2012 Hurricane Isaac damages to its facilities located in Greenwell Springs, Louisiana. Our audit objective was to determine whether Dixie Electric accounted for and expended FEMA funds according to Federal regulations and FEMA guidelines. Dixie Electric Membership Corporation (Dixie Electric) generally accounted for and expended Federal Emergency Management Agency (FEMA) Public Assistance grant funds according to Federal requirements. Dixie Electric used its own employees, mutual aid agreements with other electric cooperatives, and contractors to restore power to its customers by September 4, 2012, only 6 days after the disaster. Although Dixie Electric did not always comply with Federal procurement standards in awarding 10 contracts for disaster work totaling $4.4 million, we question only $21,740 for non-compliance because contractors performed most of the work under exigent circumstances to restore power.

>Dixie Electric Membership Corporation, Greenwell Springs, Louisiana, Generally Accounted For and Expended FEMA Grants Funds Properly 		2015
OIG-15-108-IQO The Office of Integrity and Quality Oversight, Investigations Quality Assurance Division conducted an oversight review of the National Protection and Programs Directorate (NPPD), Internal Affairs Division (IAD) from November 2014 to February 2015. The review covered IAD activity from October 1, 2011, to September 30, 2014 (fiscal years 2012 through 2014). We conducted this review as part of the planned periodic review of the Department of Homeland Security (DHS) component internal affairs offices by the DHS Office of Inspector General (OIG) in keeping with the oversight responsibilities mandated by the Inspector General Act of 1978, as amended. Generally, we found that inquiries conducted and overseen by the Internal Affairs Division were thorough and complete. Our review, however, raised serious concerns about NPPD’s authority to conduct criminal investigations. Additionally, we found that criminal investigators assigned to IAD did not meet the minimum legal requirement of spending at least 50 percent of their time on criminal investigative activity to earn Law Enforcement Availability Pay. Lastly, we found particular issues with the written policies and the overall management of inquiries.

>Oversight Review of the National Protection and Programs Directorate, Internal Affairs Division 		2015
OIG-15-107 As a result, we identified more than $67 million in questioned costs related to operational overtime, management and administration, and training that were not spent according to grant guidance or were not adequately supported.

>New York's Management of Homeland Security Grant Program Awards for Fiscal Years 2010-12 		2015
OIG-15-105-D FROM: John E. McCoy II

Assistant Inspector General for Audits

SUBJECT: Office of Inspector General Emergency Management Oversight Team Deployment Audits

Audit Report Numbers OIG-13-84, OIG-13-117, OIG-13-124, OIG-14-50-D, OIG-14-111-D, OIG-15-92-D, OIG-15-102-D, OIG-15-105-D, OIG-16-53-D, OIG-16-85-D, OIG-16-106-D, OIG-17-37-D

After completing an internal review of our audits related to multiple Emergency Management Oversight Team (EMOT) projects, we have decided to permanently remove the subject reports from our public website.

Our internal review found the subject reports may not have adequately answered objectives and, in some cases, may have lacked sufficient and appropriate evidence to support conclusions. Answering objectives with sufficient and appropriate evidence is required under Government Auditing Standards or Quality Standards for Inspection and Evaluation. In an abundance of caution, we believe it best to recall the reports and not re-issue them.

Going forward, our EMOTs will deploy during the response phase of a disaster to identify and alert the Federal Emergency Management Agency (FEMA) and its stakeholders of potential issues or risks if they do not follow FEMA and other Federal requirements. The EMOT’s reviews will not be conducted under Government Auditing Standards. The teams will continue to observe and identify potential risk areas that will be addressed by future traditional audits, if necessary.

A complete list of the projects removed from our website is attached. You should not place any reliance on these reports.

Please contact me at (202) 254-4100 if you have any questions.

>FEMA's Initial Response to Severe Storms and Flooding in Michigan 		2015
OIG-15-104-D We audited FEMA Public Assistance grant funds awarded to the Port of Tillamook Bay, Oregon (Port), for damages resulting from severe storms, flooding, landslides, and mudslides that occurred in December 2007. The Port properly accounted for FEMA funds, but did not always expend the funds according to Federal regulations and FEMA guidelines.

>FEMA Should Recover $337,135 of Ineligible or Unused Grant Funds Awarded to the Port of Tillamook Bay, Oregon 		2015
OIG-14-153 The U.S. Office of Special Counsel (OSC) received a whistleblower disclosure concerning the use of a risk-based rule by the Transportation Security Administration's (TSA) Secure Flight program that may create a vulnerability in aviation security. We assigned our Office of Inspections team currently assessing Security Enhancements to the TSA Pre?™ Initiative to review this allegation. We interviewed the whistleblower and TSA senior officials involved in the risk-based rule decision-making process. We also analyzed documentation regarding these rules to determine whether an aviation security vulnerability exists.

>Use of Risk Assessment within Secure Flight (Redacted) 		2014
OIG-15-103-D The City of Rocky Mount, North Carolina (City), received a Public Assistance award of $5.4 million from the North Carolina Division of Emergency Management, a FEMA grantee, for damages resulting from Hurricane Irene in August 2011. We audited the projects totaling $5.3 million to determine whether the City accounted for and expended FEMA funds according to Federal requirements. For the projects we reviewed, the City properly accounted for and expended FEMA funds according to Federal requirements.

>The City of Rocky Mount, North Carolina, Effectively Managed FEMA Public Assistance Grant Funds Awarded for Hurricane Irene Damages 		2015
OIG-15-102-D FROM: John E. McCoy II

Assistant Inspector General for Audits

SUBJECT: Office of Inspector General Emergency Management Oversight Team Deployment Audits

Audit Report Numbers OIG-13-84, OIG-13-117, OIG-13-124, OIG-14-50-D, OIG-14-111-D, OIG-15-92-D, OIG-15-102-D, OIG-15-105-D, OIG-16-53-D, OIG-16-85-D, OIG-16-106-D, OIG-17-37-D

After completing an internal review of our audits related to multiple Emergency Management Oversight Team (EMOT) projects, we have decided to permanently remove the subject reports from our public website.

Our internal review found the subject reports may not have adequately answered objectives and, in some cases, may have lacked sufficient and appropriate evidence to support conclusions. Answering objectives with sufficient and appropriate evidence is required under Government Auditing Standards or Quality Standards for Inspection and Evaluation. In an abundance of caution, we believe it best to recall the reports and not re-issue them.

Going forward, our EMOTs will deploy during the response phase of a disaster to identify and alert the Federal Emergency Management Agency (FEMA) and its stakeholders of potential issues or risks if they do not follow FEMA and other Federal requirements. The EMOT’s reviews will not be conducted under Government Auditing Standards. The teams will continue to observe and identify potential risk areas that will be addressed by future traditional audits, if necessary.

A complete list of the projects removed from our website is attached. You should not place any reliance on these reports.

Please contact me at (202) 254-4100 if you have any questions.

>FEMA's Initial Response to the 2014 Mudslide near Oso, Washington 		2015
OIG-15-101-D FEMA awarded the Chippewa Cree Tribe of the Rocky Boy’s Indian Reservation in Montana (Tribe) a $31.6 million grant for damages from a June-July 2010 flood disaster. The Tribe mismanaged this grant, which resulted in a domino effect of negative consequences. First, the Tribe awarded a $3.7 million sole-source contract to a Tribal-owned corporation, the Chippewa Cree Construction Corporation (Corporation). The lack of full and open competition set the stage for fraud, waste, and abuse. Then, the Tribe neglected to identify the material deficiencies in the Corporation’s fiscal controls and accounting procedures. The Corporation’s Chief Executive Officer took advantage of these weaknesses; and a Federal court has since convicted him of Federal corruption charges for embezzling the Tribe’s insurance proceeds and FEMA grant funds, and sentenced him to prison in August 2014. Finally, the Tribe could not provide documentation sufficient to support the $3.9 million it claimed for Project 117.

>The Chippewa Cree Tribe of the Rocky Boy's Indian Reservation in Montana Mismanaged $3.9 Million in FEMA Disaster Grant Funds 		2015
OIG-15-100-D We prepared this report to assist recipients of FEMA disaster assistance grants. We have updated this guide to include information on FEMA’s alternative procedures under the Sandy Recovery Improvement Act. We also added information about Title 2 CFR Part 200: Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards.

>Audit Tips for Managing Disaster-Related Project Costs 		2015
OIG-15-99-D Boulder County, Colorado (County) received a $95 million grant for damages from a September 2013 disaster and anticipates repair costs will exceed $100 million. We conducted this audit early in the grant process to identify areas where the County may need additional technical assistance or monitoring to ensure compliance with Federal requirements. The County has adequate policies, procedures, and business practices to account for and expend Public Assistance grant funds according to Federal regulations and FEMA guidelines. The County accounted for disaster costs on a project-by­project basis and adequately supported repair costs. Additionally, the County has adequate procurement policies and procedures to ensure compliance with Federal procurement requirements. Further, the County’s insurance procedures and practices are adequate to ensure that anticipated insurance proceeds are deducted from eligible projects.

>Boulder County, Colorado, Has Adequate Policies and Procedures to Manage Its Grant, but FEMA Should Deobligate about $2.5 Million in Unneeded Funds 		2015
OIG-15-98 TSA’s multi-layered process to vet aviation workers for potential links to terrorism was generally effective. In addition to initially vetting every application for new credentials, TSA recurrently vetted aviation workers with access to secured areas of commercial airports every time the Consolidated Terrorist Watchlist was updated. However, our testing showed that TSA did not identify 73 individuals with terrorism-related category codes because TSA is not authorized to receive all terrorism-related information under current interagency watchlisting policy.

>TSA Can Improve Aviation Worker Vetting (Redacted) 		2015
OIG-15-78-VR We conducted a verification review to assess the U.S. Coast Guard's progress on the recommendations from our August 2012 report, U.S. Coast Guard's Acquisition of the Sentinel Class-Fast Response Cutter, (OIG-12-68). We periodically conduct verification reviews to evaluate progress on selected audit recommendations, including whether corrective actions achieved the intended result. The Coast Guard’s plans to reduce risks during the OPC acquisition show progress toward achieving the intended results of our recommendations. However, it is too early in the OPC acquisition to determine whether the Coast Guard has fully implemented its plans. According to Coast Guard officials, they took steps to mitigate risks early in the OPC acquisition as a result of our audit report recommendations. In January 2013, the Coast Guard revised its Major Systems Acquisition Manual to establish a design maturity level prior to Critical Design Review and to support low-rate initial production decisions with an operational assessment. We determined that the Coast Guard has established a design maturity level for the OPC and plans to conduct two low-rate initial production phases, each supported by operational assessments.

>Verification Review of U.S. Coast Guard's Acquisition of the Sentinel Class – Fast Response Cutter (OIG-12-68) 		2015
OIG-15-97-VR DHS continues to lack reliable interoperable communications for emergencies, as well as daily operations and planned events. The inability to communicate effectively during an emergency presents serious risks to the health and safety of the public. To better fulfill its mission and unify its efforts, DHS must prioritize interoperable communications and expedite the implementation of the recommended corrective actions in our DHS’ Oversight of Interoperable Communications report.

>Corrective Actions Still Needed to Achieve Interoperable Communications 		2015
OIG-15-93 We contracted with the independent public accounting firm KPMG LLP (KPMG) to perform the audit of the consolidated financial statements of the U.S. Department of Homeland Security (DHS) for the year ended September 30, 2014. KPMG evaluated selected general information technology controls, and information technology (IT) entity-level controls, and business process application controls at DHS’ components. KPMG noted that the DHS Components made progress in the remediation of certain IT deficiencies we reported in FY 2013, approximately 35 percent of the prior year IT deficiencies.

>Information Technology Management Letter for the FY 2014 Department of Homeland Security Financial Statement Audit 		2015
OIG-15-96-D The City of Atlanta, Georgia, (City) received a $13.5 million award from the Georgia Emergency Management Agency, a FEMA grantee, for damages resulting from severe storms and flooding in September 2009. For the projects we reviewed, the City properly accounted for and expended FEMA funds according to Federal guidelines.

>The City of Atlanta, Georgia, Effectively Managed FEMA Public Assistance Grant Funds Awarded for Severe Storms and Flooding in September 2009 		2015
OIG-15-95 Streamline is an initiative to criminally prosecute individuals who illegally enter the United States through defined geographic regions along the Southwest border. Although U.S. Customs and Border Protection’s (CBP) Border Patrol measures Streamline’s effect on re-entry of illegal aliens, its metrics do not reflect an alien’s crossing history, re-entry, or re-apprehension over multiple years. As a result, Border Patrol is not fully and accurately measuring Streamline’s effect on deterring aliens from entering and re­entering the country illegally. Additionally, because Border Patrol does not distinguish Streamline costs from the costs of its other border enforcement consequences, Border Patrol is not able to differentiate Streamline-associated costs. Finally, according to ICE ERO, Streamline has increased the workload at some of its Southwest border field offices. However, ERO cannot be certain which aliens it removes as a result of Streamline and which removals result from other enforcement actions.

>Streamline: Measuring Its Effect on Illegal Border Crossing 		2015
OIG-15-92-D FROM: John E. McCoy II

Assistant Inspector General for Audits

SUBJECT: Office of Inspector General Emergency Management Oversight Team Deployment Audits

Audit Report Numbers OIG-13-84, OIG-13-117, OIG-13-124, OIG-14-50-D, OIG-14-111-D, OIG-15-92-D, OIG-15-102-D, OIG-15-105-D, OIG-16-53-D, OIG-16-85-D, OIG-16-106-D, OIG-17-37-D

After completing an internal review of our audits related to multiple Emergency Management Oversight Team (EMOT) projects, we have decided to permanently remove the subject reports from our public website.

Our internal review found the subject reports may not have adequately answered objectives and, in some cases, may have lacked sufficient and appropriate evidence to support conclusions. Answering objectives with sufficient and appropriate evidence is required under Government Auditing Standards or Quality Standards for Inspection and Evaluation. In an abundance of caution, we believe it best to recall the reports and not re-issue them.

Going forward, our EMOTs will deploy during the response phase of a disaster to identify and alert the Federal Emergency Management Agency (FEMA) and its stakeholders of potential issues or risks if they do not follow FEMA and other Federal requirements. The EMOT’s reviews will not be conducted under Government Auditing Standards. The teams will continue to observe and identify potential risk areas that will be addressed by future traditional audits, if necessary.

A complete list of the projects removed from our website is attached. You should not place any reliance on these reports.

Please contact me at (202) 254-4100 if you have any questions.

>FEMA Provided an Effective Response to the Napa, California, Earthquake 		2015
OIG-15-91 The Automated Commercial Environment (ACE) is the commercial trade system designed to automate border processing to enhance border security and foster our Nation's economic security. CBP spent approximately $3.2 billion on the development of the ACE program from fiscal year 2001 through July 2013, when it was restructured to a rapid deployment strategy called Agile. Currently, in large part due to the implementation of Agile, CBP is on track to meet its milestones for the deployment of ACE. However, CBP has not ensured the internal control environment has kept pace with the rapid deployment of the ACE program. Specifically, CBP has not conducted risk assessments to identify potential gaps in data reliability, and has not fully developed and implemented performance measures for the program.

>CBP is on Track to Meet ACE Milestones, but It Needs to Enhance Internal Controls 		2015
OIG-15-90-D The Borough of Seaside Heights, New Jersey (Borough) received a $16.9 million grant award from the New Jersey Emergency Management Agency (New Jersey), a FEMA grantee, for Hurricane Sandy damages in October 2012. Although the Borough accounted for FEMA funds on a project-byproject basis, we identified $2,038,893 of unneeded project funding that FEMA should deobligate and put to better use. In addition, the Borough did not comply with Federal procurement standards in awarding contracts for disaster work and claimed $712,657 of questionable costs. The Borough also did not comply with the Single Audit Act, which requires non-Federal entities that expend $500,000 or more in a year in Federal awards to obtain a single or program-specific audit for that year.

>FEMA Should Recover $2.75 Million of $16.9 Million in Public Assistance Grant Funds Awarded to the Borough of Seaside Heights, New Jersey 		2015
OIG-15-87 The USCG has made progress in developing a culture of privacy. Separately, the USCG Privacy Office and Health Insurance Portability and Accountability Act (HIPAA) Office are working to meet requirements of pertinent legislation, regulations, directives, and guidance. These offices ensure their staff annually receive mandatory privacy training, which helps embed shared attitudes, values, goals, and practices for complying with requirements to properly handle sensitive personally identifiable information and protected health information (privacy data). Also, USCG has completed required privacy and security documentation for managing its information technology systems containing privacy data. However, USCG faces challenges in protecting privacy data effectively because it lacks a strong organizational approach to resolving privacy issues.

>United States Coast Guard Safeguards For Protected Health Information Need Improvement 		2015
OIG-15-89-D This report focuses solely on the FEMA's application of the Cost Estimating Format for the Port of Tillamook Bay, Oregon's (Port) most significant project, an alternate project totaling $44.6 mllion. FEMA officials did not use the Cost Estimating Format correctly in estimating damages to the Port’s railroad. Specifically, FEMA did not follow applicable laws, regulations, and guidelines because it used improper assumptions in calculating estimated project costs using the Cost Estimating Format. As a result, FEMA overstated the Port’s construction (base) and non-construction costs, which resulted in FEMA overfunding Alternate Project 936 by $8,021,884.

>FEMA Misapplied the Cost Estimating Format Resulting in an $8 Million Overfund to the Port of Tillamook Bay, Oregon 		2015
OIG-15-88 We audited security controls for Department of Homeland Security information technology systems at San Francisco International Airport. Five Department components—U.S. Customs and Border Protection, U.S. Immigration and Customs Enforcement, Management Directorate, Transportation Security Administration, and U.S. Coast Guard—operate information technology systems that support homeland security operations at this airport. Our audit focused on how these components have implemented computer security controls for their systems at the airport and nearby locations. We performed onsite inspections of the areas where information technology systems and equipment were located, interviewed departmental staff, and conducted technical tests of computer security controls. The information technology security controls implemented at these sites had deficiencies that, if exploited, could result in the loss of confidentiality, integrity, and availability of the components’ systems.

>Audit of Security Controls for DHS Information Technology Systems at San Francisco International Airport 		2015
OIG-15-60 We contracted with the independent public accounting firm KPMG LLP to perform the audit of the consolidated financial statements of U.S. Customs and Border Protection (CBP) and the Department of Homeland Security (DHS) for the year ended September 30, 2014. KPMG LLP evaluated selected general information technology controls, entity level controls, and business process application controls. KPMG LLP determined that CBP took corrective action by designing and consistently implementing certain account management controls.

>Information Technology Management Letter For the FY 2014 U.S. Customs and Border Protection Financial Statement Audit 		2015
OIG-15-86 We reviewed TSA’s airport screening equipment maintenance program to determine whether TSA is properly managing its screening equipment maintenance contracts and related maintenance activities. TSA’s four maintenance contracts, which cover both preventive and corrective maintenance, are valued at about $1.2 billion. According to TSA, in fiscal year 2014, it spent about $251 million on maintenance for its screening equipment. TSA is not properly managing the maintenance of its airport screening equipment. Specifically, TSA has not issued adequate policies and procedures to airports for carrying out equipment maintenance-related responsibilities. Because TSA does not adequately oversee equipment maintenance, it cannot be assured that routine preventive maintenance is performed or that equipment is repaired and ready for operational use.

>The Transportation Security Administration Does Not Properly Manage Its Airport Screening Equipment Maintenance Program 		2015
OIG-15-85 DHS uses prosecutorial discretion in deciding to what extent it will enforce immigration laws, including whether to place aliens in or take them out of the removal process. However, the Department does not collect and analyze data on the use of prosecutorial discretion to fully assess its current immigration enforcement activities and to develop future policy. Although the Office of Policy is responsible for developing department-wide policies and programs, DHS has not required this office to gather or use data to assess the effect of prosecutorial discretion on immigration enforcement activities. The Department also does not have a mechanism to continuously monitor its use of prosecutorial discretion and improve future policy. As a result, DHS may not be using its significant investment in immigration enforcement as efficiently as possible. The Department may also be missing opportunities to strengthen its ability to remove aliens who pose a threat to national security and public safety.

>DHS Missing Data Needed to Strengthen its Immigration Enforcement Efforts 		2015
OIG-15-84 KPMG LLP reviewed the Domestic Nuclear Detection Office’s (DNDO) internal control over financial reporting. The management letter contains one observation related to internal control and other operational matters for management’s considerations. KPMG LLP noted a deficiency and the need for improvement in certain DNDO processes. This deficiency did not meet the criteria to be reported in the Independent Auditors’ Report on DHS’ FY 2014 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2014, included in DHS’ fiscal year 2014 Agency Financial Report. This observation is intended to improve internal control or result in other operating efficiencies.

>Domestic Nuclear Detection Office's Management Letter for DHS' FY 2014 Financial Statements Audit 		2015
OIG-15-81 KPMG LLP reviewed CBP’s internal control over financial reporting. The management letter contains 20 observations related to internal control and other operational matters for management’s consideration.

>Management Letter for the U.S. Customs and Border Protection's FY 2014 Consolidated Financial Statements Audit ( 		2015
OIG-15-83 KPMG LLP reviewed the Federal Law Enforcement Training Centers’ (FLETC) internal control over financial reporting. The management letter contains five observations related to internal control and other operational matters for management’s considerations.

>Federal Law Enforcement Training Centers' Management Letter for DHS' FY 2014 Financial Statements Audit 		2015
OIG-15-82 KPMG LLP reviewed the Office of Intelligence and Analysis (I&A) and the Office of Operations Coordination’s (OPS) internal control over financial reporting. The management letter contains four observations related to internal control and other operational matters for management’s considerations.

>Office of Intelligence and Analysis and Office of Operations Coordination's Management Letter for DHS' FY 2014 Financial Statements Audit 		2015
OIG-15-80 DHS does not require components to track justifications for making travel reservations offline, that is, by contacting an agent by telephone. Therefore, it is difficult to identify whether offline travel fees are excessive. Making reservations by telephone costs $23 to $27 more per transaction than making a reservation online through the web-based system. The Department is also not effectively managing components’ use of the online system. As a result, the Department may be missing opportunities to reduce offline travel reservation fees and identify cost savings. Finally, although the Senate Appropriations Committee expected DHS to reduce its offline reservation costs in fiscal year 2014, data from DHS showed that, overall, offline costs increased.

>DHS Should Do More to Reduce Travel Reservation Costs 		2015
OIG-15-79 We contracted with the independent public accounting firm KPMG LLP to perform the audit of the consolidated financial statements of the U.S. Department of Homeland Security (DHS) for the year ended September 30, 2014. KPMG LLP evaluated selected general information technology controls and business process application controls at the Federal Law Enforcement Training Center (FLETC), the Office of Intelligence & Analysis (I&A), and the Office of Operations Coordination and Planning (OPS). FLETC provides financial system hosting and support to I&A and OPS. KPMG LLP determined that FLETC, I&A, and OPS had made improvements in designing and consistently implementing controls related to reviewing audit logs and enforcing account security requirements.

>Information Technology Management Letter for the Federal Law Enforcement Training Center Component of the FY 2014 Department of Homeland Security Financial Statement Audit 		2015
OIG-15-76 The independent public accounting firm, KPMG LLP, has issued an unmodified (clean) opinion on CBP’s fiscal year 2014 consolidated financial statements. In the independent auditors’ opinion, the financial statements present fairly, in all material respects, the financial position of CBP as of September 30, 2014.

>Independent Auditors' Report on U.S. Customs and Border Protection's FY 2014 Financial Statements 		2015
OIG-15-73 KPMG LLP reviewed the National Protection and Programs Directorate’s (NPPD) internal control over financial reporting. The management letter contains five observations related to internal control and other operational matters for management’s considerations. KPMG LLP reviewed the Science and Technology Directorate’s (S&T) internal control over financial reporting. The management letter contains four observations related to internal control and other operational matters for management’s considerations.

>Science and Technology Directorate's Management Letter for DHS' FY 2014 Financial Statements Audit ( 		2015
OIG-15-75 KPMG LLP reviewed the Management Directorate’s (MGMT) internal control over financial reporting. The management letter contains four observations related to internal control and other operational matters for management’s consideration.

>Management Directorate's Management Letter for DHS' FY 2014 Financial Statements Audit 		2015
OIG-15-72 KPMG LLP reviewed the U.S. Citizenship and Immigration Services (USCIS) internal control over financial reporting. The management letter contains five observations related to internal control and other operational matters for management’s considerations.

>U.S. Citizenship and Immigration Services' Management Letter for DHS' FY 2014 Financial Statements Audit 		2015
OIG-15-77 KPMG LLP reviewed the Federal Emergency Management Agency (FEMA) internal control over financial reporting. The management letter contains 15 observations related to internal control and other operational matters for management’s considerations.

>Federal Emergency Management Agency's Management Letter for DHS' FY 2014 Financial Statements Audit 		2015
OIG-15-74 KPMG LLP reviewed the National Protection and Programs Directorate’s (NPPD) internal control over financial reporting. The management letter contains five observations related to internal control and other operational matters for management’s considerations.

>National Protection and Programs Directorate's Management Letter for DHS' FY 2014 Financial Statements Audit 		2015
OIG-15-61 In October 2014, we visited former President George H.W. Bush's Houston residence in response to a complaint alleging alarms were inoperable. During our visit, we identified issues with the alarm system at the residence. The system had been inoperable for at least 13 months. During this time, the Secret Service protective detail created a roving post to secure the residence and no security breach occurred. We found problems with identifying, reporting, and tracking alarm system malfunctions, and with repairing and replacing alarm systems. Because these issues may be affecting other residences, we are bringing them to the Secret Service’s attention.

>Management Advisory-Alarm System Maintenance at Residences Protected by the U.S. Secret Service (Redacted) 		2015
OIG-15-70 KPMG LLP reviewed the Office of Financial Management’s (OFM) internal control over financial reporting. The management letter contains four observations related to internal control and other operational matters for management’s considerations.

>Office of Financial Management's Management Letter for DHS' FY 2014 Financial Statements Audit 		2015
OIG-15-71 KPMG LLP reviewed the United States Immigration and Customs Enforcement’s (ICE) internal control over financial reporting. The management letter contains five observations related to internal control and other operational matters for management’s considerations.

>United States Immigration and Customs Enforcement's Management Letter for DHS' FY 2014 Financial Statements Audit 		2015
OIG-15-69 We contracted with the independent public accounting firm KPMG LLP to perform the audit of the consolidated financial statements of the U.S. Department of Homeland Security for the year ended September 30, 2014. KPMG LLP assessed certain non-technical areas related to the protection of sensitive information technology and financial information and assets at United State Secret Service (USSS). KPMG LLP performed after-hours physical security walkthroughs and social engineering tests and identified instances where USSS personnel did not adequately comply with requirements for safeguarding sensitive material or assets from unauthorized access or disclosure. The inadequate protection of DHS information systems and data from those without a need to know or a need for access puts USSS’ sensitive electronic and physical data at adverse risk of loss, theft, or misuse.

>Information Technology Management Letter for the United States Secret Service Component of the FY 2014 Department of Homeland Security Financial Statement Audit 		2015
OIG-15-68 KPMG LLP reviewed the United States Coast Guard’s (U.S. Coast Guard) internal control over financial reporting. The management letter contains six observations related to internal control and other operational matters for management’s considerations. KPMG LLP noted deficiencies and the need for improvements in certain U.S. Coast Guard processes. These deficiencies did not meet the criteria to be reported in the Independent Auditors’ Report on DHS’ FY 2014 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2014, included in DHS’ fiscal year 2014 Agency Financial Report. These observations are intended to improve internal control or result in other operating efficiencies.

>United States Coast Guards' Management Letter for DHS' FY 2014 Financial Statements Audit 		2015
OIG-15-67-D As of February 2014, the Port Authority requested an estimated $213 million in Public Assistance funding for 2012 Hurricane Sandy damages. We conducted this audit early in the Public Assistance process to identify areas where the Port Authority may need additional technical assistance or monitoring to ensure compliance with Federal grant requirements. At the time of the grant award, the Port Authority of New York and New Jersey (Port Authority) did not have adequate accounting and procurement policies and procedures in place to ensure compliance with Federal Emergency Management Agency (FEMA) grant requirements. However, in late 2013, the Port Authority made changes to its accounting and procurement policies and procedures for FEMA-funded work. These changes should provide FEMA reasonable assurance that the Port Authority has the capability to account for and expend FEMA grant funds according to Federal requirements.

>The Port Authority of New York and New Jersey's Recently Updated Policies, Procedures, and Business Practices Should Be Adequate to Effectively Manage FEMA Public Assistance Grant Funds 		2015
OIG-15-64 U .S. Customs and Border Protection's (CBP) Houston Seaport is the fifth largest port for arriving containers and the largest petrochemical complex in the Nation. CBP is responsible for identifying high-risk cargo shipments arriving at the port that pose a possible threat to national security. We conducted this review to determine whether the Houston Seaport complied with CBP's National Maritime Targeting Policy (NMTP) and Cargo Enforcement Reporting and Tracking System (CERTS) Port Guidance. The Houston Seaport generally complied with the NMTP and CERTS Port Guidance. However, CBP could improve its documentation of waivers and exceptions to mandatory examinations of high-risk cargo. In addition, CBP could improve access controls for authorizing Port Director waivers within CERTS.

>CBP's Houston Seaport Generally Complied with Cargo Examination Requirements but Could Improve Its Documentation of Waivers and Exceptions (Redacted) 		2015
OIG-15-66-D The South Carolina Department of Transportation (Department) expects to claim about $165.2 million in Public Assistance grant funds for debris removal activities associated with a February 2014 severe winter storm. We conducted this audit early in the Public Assistance process to identify areas where the Department may need additional technical assistance or monitoring to ensure compliance with Federal requirements. The Department generally has established policies, procedures, and business practices to adequately account for and expend FEMA grant funds according to Federal regulations and FEMA guidelines. The Department has accounting systems in place to account for disaster costs on a project-by-project basis and has adequate support for costs it plans to claim under the grant award. Further, the contracts the Department awarded to accomplish work under the grant met Federal and FEMA procurement requirements.

>South Carolina Department of Transportation Has Adequate Policies, Procedures, and Business Practices to Effectively Manage Its FEMA Public Assistance Grant Funding 		2015

*NDAA, Pub. L. 117-263, section 5274 Response Received. View responses

Return to top of page