Skip to main content
U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Audits, Inspections, and Evaluations

Report Number Title Issue Date Sort ascending Fiscal Year
OIG-17-98-SR This is a DHS OIG special report regarding DHS’ efforts to hire an additional 15,000 law enforcement officers.  This is the first in a series of reports.  This report describes lessons learned from prior DHS OIG, Government Accountability Office, and DHS departmental reports on challenges relating to hiring and other important areas of human capital management.  We made no recommendations in this report.

>Special Report: Challenges Facing DHS in Its Attempt to Hire 15,000 Border Patrol Agents and Immigration Officers
2017
OIG-17-97-D We determined that FEMA did not have sufficient evidence to support its decision that Hurricanes Katrina and Rita directly caused damages to the roads and water distribution system.  The demonstration of direct cause is necessary for work to be considered eligible for Federal disaster assistance funding, as required by the Stafford Act and FEMA’s own policies.  As a result, FEMA should not have awarded the initial $785 million, or the additional $1.25 billion to complete the repairs.  We recommended that FEMA disallow $2.04 billion in questioned costs —the initial award of $785 million, plus the additional $1.25 billion award.  We made two recommendations and FEMA non-concurred with both of our recommendations.

>FEMA Should Disallow $2.04 Billion Approved for New Orleans Infrastructure Repairs
2017
OIG-17-45-MA The Inspector General advised the Acting Administrator of the Transportation Security Administration (TSA) regarding internal TSA guidance to employees that, if followed, would improperly delay and restrict the OIG’s access to documents.  The Management Alert contained one recommendation with which TSA concurred.

>Management Alert Regarding Inspector General Access to Information (OIG 17-45-MA)
2017
OIG-17-94 We determined that the Department failed to report 6 conferences in FY 2014 and 14 conferences in FY 2015 that were greater than $100,000 in its Annual Report to the Office of Inspector General and on the public website, as required by Federal regulations.  The total dollar value of these unreported conferences was $862,881 and $2,822,561 for FYs 2014 and 2015, respectively.  In addition, the Department did not always report actual conference costs timely or accurately.  We made five recommendations that would improve conference reporting and recordkeeping and ensure the accuracy and timeliness of conference submissions.  DHS concurred with all five of our recommendations and has implemented corrective actions, resulting in the resolution and closure of all the recommendations.

>Audit of Department of Homeland Security's Fiscal Years 2014 and 2015 Conference Spending
2017
OIG-17-96 KPMG, under contract with DHS OIG, audited the Management Directorate’s financial statements and internal control over financial reporting.  The resulting management letter discusses five observations related to internal control for management’s consideration.  These issues were related to journal entry review; financial system reconciliations; ineffective obligation analysis; contract expense approval, improper invoice posting; and intra-governmental payment and collection expense approval.  These deficiencies are not considered significant and were not required to be reported in our Independent Auditors' Report on DHS’ FY 2016 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2016, included in the DHS FY 2016 Agency Financial Report.

>Management Directorate's Management Letter for DHS' Fiscal Year 2016 Financial Statements Audit
2017
OIG-17-95-D We determined that The Hospital accounted for FEMA funds on a project-by-project basis as Federal regulations and FEMA guidelines require.  However, as of February 2017, the Hospital had not arranged for an audit of its Federal award, which it must complete and submit to the Federal Audit Clearinghouse by June 30, 2017.  We recommended that the Regional Administrator, FEMA Region IV, direct the South Carolina Emergency Division to actively monitor the Hospital’s compliance with the annual audit requirements.  If the Hospital does not meets it audit requirement by the June 30, 2017, due date, FEMA should direct South Carolina to impose appropriate additional award conditions to ensure the integrity of the FEMA award.

>Williamsburg Regional Hospital, South Carolina, Generally Accounted for and Expended FEMA Grant Funds Awarded for Emergency Work Properly
2017
OIG-17-93-D We determined the Borough of Lavallette did not always account for and expend FEMA grant funds according to Federal regulations and FEMA guidelines.  Therefore, FEMA should disallow $3.9 million of $13.2 million in grant funds awarded to the Borough.  We made six recommendations to the Regional Administrator, FEMA Region II, to disallow duplicate costs, ineligible labor, contract and excessive equipment costs, unsupported equipment costs, unapplied credits, unneeded funds to put to better use and improve the State’s grant management activities.

>FEMA Should Recover $3.9 Million of $13.2 in Grant Funds Awarded to the Borough of Lavallette, New Jersey
2017
OIG-17-92 KPMG, under contract with DHS OIG, audited the National Protection and Programs Directorate’s financial statements and internal control over financial reporting.  The resulting management letter discusses 14 observations related to internal control for management’s consideration.  The auditors identified internal control deficiencies in several processes including revenue accrual, personnel actions, journal entry reviews, performance reviews, contract expense approvals, time keeping, and intra-governmental payment and collection expense approvals.  These deficiencies are not considered significant and were not required to be reported in our Independent Auditors' Report on DHS’ FY 2016 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2016, included in the DHS FY 2016 Agency Financial Report.

>National Protection and Programs Directorate's Management Letter for DHS' Fiscal Year 2016 Financial Statements Audit
2017
OIG-17-88 Most of the deficiencies identified by the independent public accounting firm KPMG LLP were related to access controls and configuration management of the Management Directorate’s core financial systems.  The deficiencies collectively limited the Management Directorate’s ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability.  We recommend that the Management Directorate make improvements to DHS’ financial management systems and associated information technology security program.

>Information Technology Management Letter for the Management Directorate Component of the FY 2016 Department of Homeland Security Financial Statement Audit
2017
OIG-17-91 We determined that DHS’ Performance and Learning Management System (PALMS) does not address the Department’s critical need for an integrated department-wide system.  As of October 2016, PALMS has not met DHS operational requirements for effective administration of employee learning and performance management activities.  In addition, the PALMS program office did not effectively implement the acquisition methodology selected for PALMS and did not monitor contractor performance.  Finally, between August 2013 and November 2016, the Department spent more than $5.7 million for unused and partially used subscriptions; incurred more than $11 million to extend contracts of existing learning management systems; and more than $813,000 for increased program management costs.  The Department also did not identify $72,902 in financial credits stemming from the contractor not meeting performance requirements.  The Government Accountability Office (GAO) also reported in its February 2016 report, GAO-16-253, that the Department experienced programmatic and technical challenges that led to years-long schedule delays.  We made seven recommendations to address the challenges with the PALMS acquisition and to improve future acquisitions.  The Department concurred with all seven of our recommendations.

>PALMS Does Not Address Department Needs
2017
OIG-17-89 KPMG, under contract with DHS OIG, audited the United States Coast Guard’s financial statements and internal control over financial reporting.  The resulting management letter discusses 12 observations related to internal control for management’s consideration.  The auditors identified internal control deficiencies in several processes including financial disclosure reports; accounts receivable; civilian and military payroll; financial reporting process; and accounts payable accrual.  These deficiencies are not considered significant and were not required to be reported in our Independent Auditors' Report on DHS’ FY 2016 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2016, included in the DHS FY 2016 Agency Financial Report.

>United States Coast Guard's Management Letter for DHS' Fiscal Year 2016 Financial Statements Audit
2017
OIG-17-90 KPMG, under contract with DHS OIG, audited Customs and Border Protection’s (CBP) fiscal year (FY) 2016 consolidated financial statements.  The resulting management letter discusses 12 observations related to internal control for management’s consideration.  The auditors identified internal control deficiencies in a number of processes, including deobligation of undelivered orders, review of Federal Employee Compensation Act claims, and the seized and forfeited property inventory.  These deficiencies are not considered significant and were not required to be reported in our Independent Auditors' Report on U.S. Customs and Border Protection’s FY 2016 Consolidated Financial Statements, dated January 18, 2017, included in CBP’s FY 2016 Performance and Accountability Report.

>Management Letter for U.S Customs and Border Protection's Fiscal Year 2016 Consolidated Financial Statements Audit
2017
OIG-17-86 KPMG LLP, under contract with DHS OIG, audited the Office of Financial Management’s financial statements and internal control over financial reporting.  The resulting management letter discusses four observations related to internal control for management’s consideration.  The auditors identified internal control deficiencies and the need for improvement in several processes including financial disclosure reviews; designation of intra-governmental transactions as non-acquisition; reconciliation of unfilled customer order and undelivered order balances; and inadequate review of closing package notes.  These deficiencies are not considered significant and were not required to be reported in our Independent Auditors' Report on DHS’ FY 2016 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2016, included in the DHS FY 2015 Agency Financial Report.

>Office of Financial Management's Management Letter for DHS' Fiscal Year 2016 Financial Statements Audit
2017
OIG-17-87 KPMG LLP, under contract with DHS OIG, audited the United States Secret Service’s financial statements and internal control over financial.  The resulting management letter discusses four observations related to internal control for management’s consideration.  The auditors identified internal control deficiencies in several processes including financial reporting; time and attendance approval; invoice entry and disbursements; and confidential financial disclosure reporting.  These deficiencies are not considered significant and were not required to be reported in our Independent Auditors' Report on DHS’ FY 2016 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2016, included in the DHS FY 2016 Agency Financial Report.

>United States Secret Service's Management Letter for DHS' Fiscal Year 2016 Financial Statements Audit
2017
OIG-17-85 Most of the deficiencies identified by the independent public accounting firm KPMG LLP were related to access controls and configuration management of Office of Financial Management (OFM) and Office of the Chief Information Officer (OCIO) core financial and feeder systems.  The deficiencies collectively limited OFM’s and OCIO’s ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability.  We recommend that OFM and OCIO make improvements to DHS’ financial management systems and associated information technology security program.

>Information Technology Management Letter for the Office of Financial Management and Office of the Chief Information Officer Components of the FY 2016 Department of Homeland Security Financial Statement Audit
2017
OIG-17-75 Most of the deficiencies identified by the independent public accounting firm KPMG, LLP were related to access controls and configuration management of Federal Law Enforcement Training Centers (FLETC) core financial systems.  The deficiencies collectively limited FLETC’s ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability.  We recommend that FLETC, in coordination with the Department of Homeland Security’s Chief Information Officer (CIO) and Acting Chief Financial Officer (ACFO), make improvements to FLETC’s financial management systems and associated information technology security program.

>Information Technology Management Letter for the Federal Law Enforcement Training Centers Component of the FY 2016 Department of Homeland Security Financial Statement Audit
2017
OIG-17-83-D Fort Bend County, Texas (County), needs additional technical assistance to account for FEMA Public Assistance grant funds according to Federal regulations and FEMA guidelines. Specifically, the County needs to revise its accounting policies and procedures to ensure it can fully support the disaster work it intends to complete with its own labor force. In addition, although the County’s procurement policies and procedures generally comply with Federal procurement standards, they did not include all required contract provisions in either of their disaster contracts. Because of our audit, the County revised its policies and procedures to include implementing a plan that specifically addressed Federal requirements for documenting and accounting for disaster-related costs and compliance with Federal procurement standards.

>Fort Bend County, Texas, Needs Additional Assistance and Monitoring to Ensure Proper Management of Its FEMA Grant
2017
OIG-17-84 KPMG LLP, under contract with DHS OIG, audited USCIS’ financial statements and internal control over financial reporting.  The resulting management letter discusses four observations related to internal control for management’s consideration.  The auditors identified internal control deficiencies in several processes including monitoring and recording employee completion of the annual ethics and integrity training; review and approval of H1-B and L fraud fee journal entries; recording of property, plant, and equipment; and inaccurate and unsupported data in some systems.  These deficiencies are not considered significant and were not required to be reported in our Independent Auditors' Report on DHS’ FY 2016 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2016, included in the DHS FY 2016 Agency Financial Report.

>United States Citizenship and Immigration Services' Management Letter for DHS' Fiscal Year 2016 Financial Statements Audit
2017
OIG-17-76 Most of the deficiencies identified by the independent public accounting firm KPMG, LLP were related to access controls for the United States Citizenship and Immigration Service’s (USCIS) core financial and feeder systems.  The deficiencies collectively limited USCIS’ ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability.  We recommend that USCIS, in coordination with the Department of Homeland Security’s CIO and ACFO, make improvements to USCIS’ financial management systems and associated information technology security program.

>Information Technology Management Letter for the U.S. Citizenship and Immigration Services Component of the FY 2016 Department of Homeland Security Financial Statement Audit
2017
OIG-17-82 KPMG LLP, under contract with DHS OIG, audited the S&T financial statements and internal control over financial reporting.  The resulting management letter discusses three observations related to internal control for management’s consideration.  The auditors identified internal control deficiencies in several processes including journal entry review processes; procurement and financial management system reconciliations; and intra-governmental payment and collection expense review and approval.  These deficiencies are not considered significant and were not required to be reported in our Independent Auditors' Report on DHS’ FY 2016 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2016, included in the DHS FY 2016 Agency Financial Report.

>Science and Technology Directorate's' Management Letter for DHS' Fiscal Year 2016 Financial Statements Audit
2017
OIG-17-81 The Science and Technology Directorate (S&T) main financial application is owned and operated by U.S. Immigration and Customs Enforcement (ICE).  As a service provider, ICE provides support to S&T.  KPMG identified general information technology control deficiencies at ICE that could potentially impact S&T’s financial data, and as such, issued a finding.  The deficiencies collectively limited S&T’s ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability.  We recommended that S&T, in coordination with the Department of Homeland Security’s CIO and ACFO, make improvements to S&T’s financial management systems and associated information technology security program.

>Information Technology Management Letter for the Science and Technology Directorate Component of the FY 2016 Department of Homeland Security Financial Statement Audit
2017
OIG-17-74-IQO The objective of this review was to determine whether the United States Coast Guard Investigative Service (CGIS) was complying with applicable policies.  However, significant issues with the agency’s case management system prevented us from making substantive observations about compliance with investigative policies.  We also noted issues with outdated policies, an absence of a Privacy Impact Assessment, poor training records management, and inconsistent documentation of finalized investigations.  CGIS employees voiced concerns with trust in senior leadership as well as questionable hiring practices, and articulated a need for more resources.  We made 32 recommendations to address the findings of our review and CGIS concurred with all of them.

>Oversight Review of the US Coast Guard Investigative Service
2017
OIG-17-78 Most of the deficiencies identified by the independent accounting firm KPMG, LLP were related to access controls and configuration management for NPPD’s core financial and feeder systems. The deficiencies collectively limited NPPD’s ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability. We recommend that NPPD, in coordination with the Department of Homeland Security’s Chief Information Officer and Acting Chief Financial Officer, make improvements to NPPD’s financial management systems and associated information technology security program

>Information Technology Management Letter for the National Protection and Programs Directorate of the FY 2016 Department of Homeland Security Financial Statement Audit
2017
OIG-17-77-D We determined that The County did not comply with Federal procurement standards in expending FEMA Public Assistance grant funds.  Specifically, the County used a shared services agreement with the Houston-Galveston Area Council (HGAC) to procure two contracts totaling $1.5 million.  The HGAC’s procurement practices unreasonably restricted competition by not allowing smaller contractors to compete for the work, and HGAC did not take the specific steps that Federal regulations require to provide opportunities for disadvantaged firms to bid on federally funded work when possible.  We recommended FEMA disallow those costs as ineligible and direct the state to better monitor the County’s grant subaward activities.

>FEMA Should Recover $1.5 Million in Grant Funds Awarded to Hays County, Texas
2017
OIG-17-79-D We conducted this audit early in the Public Assistance process to identify areas where the Department may need additional technical assistance, or monitoring to ensure compliance, before improperly expending any of the Federal grant funds.  We determined if the Department conforms to its policies, procedures, and business practices, FEMA has reasonable assurance, but not absolute, that the Department will properly manage the Public Assistance grant funds it receives. During our audit, we determined the Department did not always use the lowest of FEMA and local rates for equipment costs.  Department officials agreed with this finding and took immediate corrective action by notifying Oregon that they would revise and resubmit payment reimbursement claims with correct equipment rate costs.  The Department has revised its procurement procedures for small contracts to include affirmative steps and assure the use of DBEs when possible, as 2 CFR 200.321 requires.  We are not requiring any further action from FEMA, therefore we consider this audit closed. 

>Linn County Road Department, Oregon, Has Sufficient Policies, Procedures, and Business Practices
2017
OIG-17-73 Most of the deficiencies identified by the independent public accounting firm KPMG, LLP were related to access controls for TSA’s core financial and feeder systems. The deficiencies collectively limited TSA’s ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability. We recommend that TSA, in coordination with the Department of Homeland Security’s Chief Information Officer and Acting Chief Financial Officer, make improvements to TSA’s financial management systems and associated information technology security program.

>Information Technology Management Letter for the Transportation Security Administration Component of the FY 2016 Department of Homeland Security Financial Statement Audit
2017
OIG-17-72 Most of the deficiencies identified by the independent public accounting firm KPMG, LLP were related to access controls, segregation of duties, and configuration management.  The deficiencies collectively limited USSS’ ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability.  We recommend that USSS, in coordination with the Department of Homeland Security’s Chief Information Officer and Acting Chief Financial Officer, make improvements to USSS’ financial management systems and associated information.

 

>Information Technology Management Letter for the United States Secret Service Component of the FY 2016 Department of Homeland Security Financial Statement Audit
2017
OIG-17-67 KPMG LLP, under contract with DHS OIG, audited FEMA’s financial statements and internal control over financial reporting.  The resulting management letter discusses 17 observations related to internal control for management’s consideration.  The auditors identified internal control deficiencies in several processes, including personnel actions; ethics training requirements and filings; intergovernmental activity payments; Web Integrated Financial Management System; and the deobligation of undelivered orders.  These deficiencies are not considered significant and were not required to be reported in our Independent Auditors' Report on DHS’ FY 2016 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2016, included in the DHS FY 2016 Agency Financial Report.

>Federal Emergency Management Agency's Management Letter for DHS' Fiscal Year 2016 Financial Statements Audit
2017
OIG-17-64 Most of the deficiencies identified by the independent public accounting firm KPMG, LLP were related to security management, access controls, configuration management, and contingency planning of FEMA’s core financial and feeder systems.  The deficiencies collectively limited FEMA’s ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability.  We recommend that FEMA, in coordination with the Department of Homeland Security Chief Information Officer and Acting Chief Financial Officer, make improvements to FEMA’s financial management systems and associated information technology security program.

>Information Technology Management Letter for the Federal Emergency Management Agency Component of the FY 2016 Department of Homeland Security Financial Statement Audit
2017
OIG-17-69 KPMG LLP, under contract DHS OIG, audited the Transportation Security Administration’s financial statements and internal control over financial reporting.  The resulting management letter discusses 15 observations related to internal control for management’s consideration.  The auditors identified internal control deficiencies in a number of processes, including personnel actions; property, plant, and equipment; Time and Attendance Process and Financial Disclosure Forms; and the Accounts Receivable Estimate.  These deficiencies are not considered significant and were not required to be reported in our Independent Auditors' Report on DHS’ FY 2016 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2016, included in the DHS FY 2016 Agency Financial Report.

>Transportation Security Administration's Management Letter for DHS' Fiscal Year 2016 Financial Statements Audit
2017
OIG-17-68 KPMG LLP, under contract with DHS OIG, audited Federal Law Enforcement Training Centers’ financial statements and internal control over financial reporting.  The resulting management letter discusses three observations related to internal control for management’s consideration.  The auditors identified internal control deficiencies across multiple processes including financial system reconciliation; review and approval of intra-governmental payment and collection expenses; and improper allocation of gross costs on the Statement of Net Cost and footnote.  These deficiencies are not considered significant and were not required to be reported in our Independent Auditors' Report, dated November 13, 2016, included in the DHS FY 2016 Agency Financial Report.

>Federal Law Enforcement Training Centers' Management Letter for DHS' Fiscal Year 2016 Financial Statements Audit
2017
OIG-17-70-SR We determined that FEMA did not implement our recommendations and suspended improvements on existing information technology systems.  We recommended that FEMA include an enterprise solution in its Grants Management Modernization platform for tracking applicant compliance with the Public Assistance Program insurance requirements that are a condition of receiving a disaster assistance grant.  We made five recommendations and FEMA concurred with all five of our recommendations.

>Lessons Learned from Prior Reports on CBP's SBI and Acquisitions Related to Securing our Border
2017
OIG-17-71 KPMG, LLP, under contract with DHS OIG, audited the U.S. Immigration and Customs Enforcement’s financial statements and internal control over financial reporting.  The resulting management letter discusses nine observations related to internal control for management’s consideration.  The auditors identified internal control deficiencies in several processes including intra-governmental payment and collection expense approval; accounts payable analysis, payroll cash reconciliation; performance reviews; and financial disclosure reporting.  These deficiencies are not considered significant and were not required to be reported in our Independent Auditors' Report on DHS’ FY 2016 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2016, included in the DHS FY 2016 Agency Financial Report.

>United States Immigration and Customs Enforcement's Management Letter for DHS' FY 2016 Financial Statements Audit
2017
OIG-17-50-VR We determined that FEMA did not implement our recommendations and suspended improvements on existing information technology systems. We recommended that FEMA include an enterprise solution in its Grants Management Modernization platform for tracking applicant compliance with the Public Assistance Program insurance requirements that are a condition of receiving a disaster assistance grant.

>Verification Review: FEMA's Lack of Process for Tracking Public Assistance Insurance Requirements Places Billions of Tax Dollars at Risk
2017
OIG-17-63 Most of the deficiencies identified by the independent public accounting firm KPMG, LLP were related to access controls, configuration management, and segregation of duties for ICE’s core financial and feeder systems.  The deficiencies collectively limited ICE’s ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability.  We recommend that ICE, in coordination with the Department of Homeland Security Chief Information Officer and Acting Chief Financial Officer, make improvements to ICE’ financial management systems and associated information technology security program.

>Information Technology Management Letter for the U.S. Immigration and Customs Enforcement Component of the FY 2016 Department of Homeland Security Financial Statement Audit
2017
OIG-17-66-D We determined the City has established adequate policies, procedures, and business practices to account for and expend Public Assistance grant funds according to Federal regulations and FEMA guidelines. Therefore, if the City follows its policies, procedures, and business practices it has in place, FEMA has reasonable, but not absolute assurance, that the City will properly manage the Public Assistance grant funds it receives. We did not identify any reportable issues and consider this audit closed.

>Milwaukie, Oregon, Has Adequate Policies, Procedures, and Business Practices to Manage Its FEMA Grant Funding
2017
OIG-17-65 As part of our ongoing oversight of detention conditions, we completed unannounced inspections of three U.S. Immigration and Customs Enforcement (ICE) family detention facilities.  During these inspections, nothing came to our attention that warranted serious concerns about the health, safety, or welfare of the detained families.  Specifically, we did not observe any conditions or actions that represented an immediate, unaddressed risk or an egregious violation of ICE’s Family Residential Standards.  The facilities were clean, well-organized, and efficiently run.  At all three facilities, ICE was satisfactorily addressing the inherent challenges of providing medical care and language services and ensuring the safety of families in detention.  Staff said they had received training for handling allegations of sexual assault or abuse and child abuse, and all staff interviewed could identify the appropriate steps for handling such allegations, complaints, or grievances.  We also observed surveillance cameras and perimeter security at all three facilities.  Staff at all three facilities reported they store camera footage for at least three weeks; staff at one facility reported cameras cannot see certain spots in public areas; and facility perimeters may not prevent unauthorized intrusion.  We made no recommendations in this report.

>Results of Office of Inspector General FY 2016 Spot Inspections of U.S. Immigration and Customs Enforcement Family Detention Facilities
2017
OIG-17-60 We determined that CBP has made improvements to and continues to develop, its ethics and integrity training for officers and agents.  The agency tracks training completion using various methods and evaluation tools to measure and assess training effectiveness.  As a result, CBP has created, expanded, and redesigned training courses to promote ethics and integrity at the Advanced Training Center, the academies, and in the field.  However, CBP has not effectively communicated or conducted follow up with the field on its overall integrity strategy.  As a result, CBP cannot fully accomplish this important strategy.  We recommended CBP create a repository for the field offices to maintain and share unique field-developed training, highlight the importance of CBP’s integrity strategy throughout the agency and follow up with field staff to ensure it is effectively communicated.  We made two recommendations and CBP concurred with our recommendations, and prior to issuance of the final report took action to close recommendation 2.

>CBP Continues to Improve its Ethics and Integrity Training, but Further Improvements are Needed
2017
OIG-17-61 Most of the deficiencies identified by the independent public accounting firm KPMG, LLP were associated with access controls, segregation of duties, and configuration management of the U.S. Coast Guard’s core financial and feeder systems.  The deficiencies collectively limited Coast Guard’s ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability.  We recommend that the Coast Guard, in coordination with DHS’ Chief Information Officer and Acting Chief Financial Officer, make improvements to Coast Guard’s financial management systems and associated information technology security program.

>Information Technology Management Letter for the United States Coast Guard Component of the FY 2016 DHS Financial Statement Audit
2017
OIG-17-62-D We determined that the District’s accounting policies, procedures, and business practices are adequate to account for FEMA grant funds and insurance proceeds according to Federal regulations and FEMA guidelines.  However, the District’s procurement policies, procedures, and business practices were not adequate to meet minimum Federal standards and address key procurement elements such as to ensure no award is made to any party debarred or suspended from Federal assistance programs.  The District took immediate corrective actions and amended its procurement procedures to be compliant with Federal procurement standards.  Non-compliance occurred because District officials were not fully aware of the required procurement standards for Federal grants.  We recommended that FEMA direct Texas to continue providing technical assistance and closely monitor the District to ensure it complies with Federal procurement standards for awarding and administering disaster-related contracts to prevent improper spending of the estimated $12,854,705 ($9,641,029 Federal share) in contract costs for remaining permanent work.  FEMA agreed with the findings and recommendation in the report.

>Texas Should Continue to Provide Deweyville Independent School District Assistance in Managing FEMA Grant Funds
2017
OIG-17-55 KPMG, LLP determined that CBP made improvements by designing and implementing certain account management, audit logging, and configuration management controls.  However, KPMG continued to identify financial system functionality and general information technology control deficiencies related to access controls and configuration management for CBP’s core financial, feeder, and General Support Systems environments.  The deficiencies collectively limited CBP’s ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability.  We recommend that CBP, in coordination with the DHS Chief Information Officer and Chief Financial Officer, make improvements to CBP’s financial management systems and associated information technology security program.

>Information Technology Management Letter for the FY 2016 U.S. Customs and Border Protection Financial Statement Audit
2017
OIG-17-59 We determined that DHS did not fully comply with the Improper Payments Elimination and Recovery Act of 2010 (IPERA) because it did not publish accurate accompanying materials to the Agency Financial Report (AFR) as required by Office of Management and Budget (OMB) guidance.  The Department also did not meet its annual reduction targets established for each high-risk program.  DHS did comply with Executive Order 13520 by properly compiling and making available to the public DHS’ FY 2016 Quarterly High-Dollar Overpayment reports. Additionally, we determined DHS did not properly perform oversight of the components’ improper payment testing and reporting.  We made five recommendations that would help DHS’ Risk Management and Assurance Division (RM&A) strengthen its oversight and review procedures for IPERA risk assessments.  We also recommended that RM&A follows OMB requirements to comply with IPERA.

>Department of Homeland Security's FY 2016 Compliance with the Improper Payments Elimination and Recovery Act of 2010 and Executive Order 13520, Reducing Improper Payments
2017
OIG-17-58-UNSUM Since our fiscal year 2015 evaluation, the Office of Intelligence and Analysis (I&A) has continued to provide effective oversight of DHS’ department-wide intelligence system and implemented programs for ongoing monitoring of its security practices. In addition, I&A has relocated its intelligence system to a DHS data center to improve network resiliency and support. The United States Coast Guard (USCG) has migrated its sites that process Top Secret/Sensitive Compartmented Information to a Defense Intelligence Agency owned system. However, USCG must continue to work with the Defense Intelligence Agency to clearly define the oversight responsibilities for this external system that supports its intelligence operations. We identified deficiencies in DHS’ information security program and are making two recommendations to I&A and three recommendations to USCG. I&A concurred with its two recommendations, while USCG non-concurred with its three recommendations. We conducted this review between May and September 2016.

>(U) Annual Evaluation of DHS' INFOSEC Program (Intel Systems - DHS Intelligence and Analysis) for FY 2016
2017
OIG-17-53 KPMG, LLC, under contract with DHS OIG, discussed nine observations related to internal controls for NFIP’s consideration.  These issues include internal control deficiencies and the need for improvement in calculating written premiums, reviewing paid claims, monitoring third party service providers, and recording investments, which are not critical and are below the level of a significant deficiency.  Internal control weaknesses considered significant deficiencies were presented in our Independent Auditors’ Report on DHS’ FY 2016 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2016, included in the DHS FY 2016 Agency Financial Report.

>National Flood Insurance Program's Management Letter for DHS' Fiscal Year 2016 Financial Statements Audit
2017
OIG-17-57-D We determined that the County can account for and adequately support disaster-related costs.  However, the County’s procurement policies, procedures, and business practices do not meet all Federal procurement standard requirements.  As a result, the County awarded two bridge construction contracts totaling $458,150 without full and open competition.  We recommended that FEMA not fund $458,150 of ineligible contract costs, unless FEMA grants an exception for all or part of the costs according to Federal regulations.  Because of our audit, County officials said they will not claim FEMA reimbursement for either of the two contracts.  We discussed this decision with FEMA Region VI officials who said they will be alert for these costs should the County seek reimbursement for either of the two bridge construction contracts.  Based on FEMA’s response we consider this report closed and require no further action from FEMA.

>Colorado County, Texas, Has Adequate Policies, Procedures, and Business Practices to Manage Its FEMA Grant
2017
OIG-17-56 We determined that DHS’ information technology systems did not effectively support U.S. Immigration and Customs Enforcement’s (ICE) visa tracking operations.  Specifically, ICE personnel responsible for investigating visa overstays had to piece together information from dozens of systems and databases, some of which were not integrated and did not electronically share information.  Additionally, ICE did not ensure that its field personnel received the training and guidance needed to properly use the systems currently available to conduct visa overstay tracking.  Further, DHS lacked a completed comprehensive biometric exit system at U.S. ports of departure to capture information on nonimmigrants departing the country.  As a result, DHS could not account for all visa overstays in a report to the Congress.  Manual checking across multiple systems used for visa tracking contributed to delays in investigating suspects who potentially posed public safety or homeland security risks.  We recommended the DHS Chief Information Officer continue to work with components to further eliminate duplication, improve information sharing, and properly align system access, especially for system modernization efforts, across DHS according to visa tracking mission requirements.  We made five recommendations.

>DHS Tracking of Visa Overstays is Hindered by Insufficient Technology
2017
OIG-17-54 We determined that most of the deficiencies identified by the independent public accounting firm KPMG resulted from a lack of properly documented, fully designed, adequately detailed, and consistently implemented financial system controls to comply with requirements of DHS Sensitive Systems Policy Directive 4300 A, Information Technology Security Program, and National Institute of Standards and Technology guidance.  The deficiencies collectively limited DHS’ ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability.  We recommended that the Acting Chief Information Officer and Chief Financial Officer, in coordination with DHS components, make improvements to DHS’ financial management systems and associated information technology security program.

>Information Technology Management Letter for the FY 2016 Department of Homeland Security Financial Statement Audit
2017
OIG-17-52 The resulting management letter discusses 103 observations related to internal control for management’s consideration.  These issues, which are not critical and are below the level of a significant deficiency, include:  a lack of internal controls related to undelivered orders, inaccurate financial data, and inadequate and/or untimely reviews of transactions.  Internal control weaknesses considered significant deficiencies were presented in our Independent Auditors’ Report on DHS’ FY 2016 Financial Statements and Internal Control over Financial Reporting, dated November 14, 2016, included in the DHS FY 2016 Agency Financial Report.

>Management Letter for the Department of Homeland Security's Fiscal Year 2016 Financial Statements Audit
2017
OIG-17-51 We determined that ICE does not effectively manage the deportation of aliens under its supervision.  ICE does not collect and analyze data about employee workloads to allocate staff judiciously and determine achievable caseloads.  ICE also has not clearly and widely communicated deportation priorities to Deportation Officers; has not issued up-to-date, comprehensive, and accessible procedures; and has not provided sufficient training.  ICE’s failure to effectively balance and adequately prepare its workforce also makes it harder to address other obstacles to deportation, which may require significant time and resources.  These management deficiencies and unresolved obstacles make it difficult for ICE to deport aliens expeditiously.  ICE concurred with our five recommendations and has taken steps to improve its management of deportation operations

>ICE Deportation Operations
2017
OIG-17-49 The Inspectors General (IG) of the Intelligence Community (IC), Department of Homeland Security (DHS), and Department of Justice (DOJ) issued a joint report on the domestic sharing of counterterrorism information.  The IGs’ review was conducted in response to a request from the Senate Select Committee on Intelligence, the Senate Homeland Security and Governmental Affairs Committee, and the Senate Judiciary Committee.  The IGs found that federal, state, and local entities are committed to sharing counterterrorism information by undertaking programs and initiatives that have improved information sharing.  However, the IGs also identified several areas in which improvements could enhance the sharing of counterterrorism information.  The IGs made 23 recommendations to the components of the Office of the Director of National Intelligence (ODNI), DHS, and DOJ to help improve the sharing of counterterrorism information and, ultimately, enhance the government’s ability to prevent terrorist attacks.  The components of ODNI, DHS, and DOJ agreed with all 23 recommendations.

>Review of Domestic Sharing of Counterterrorism Information
2017