Skip to main content
U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Audits, Inspections, and Evaluations

Report Number Title Issue Date Sort ascending Fiscal Year
OIG-17-48-D We determined that the Iron County Forestry and Parks Department’s (Department) accounting policies, procedures, and business practices are adequate to account for grant funds according to Federal regulations and FEMA guidelines.  However, the Department needs to revise its procurement policies and procedures to comply fully with all Federal procurement standards.  If the Department makes these revisions and follows them, FEMA should have reasonable assurance that (1) small and minority businesses, women’s business enterprises, and labor surplus area firms will receive sufficient opportunities to compete for federally funded work; (2) the risk of misinterpretations and disputes relating to contracts will be minimized; and (3) contracts are awarded to individuals, companies, or recipients who do not pose a business risk to the government.  Department officials acknowledged that they had improperly procured their contracts, but said they plan to seek FEMA reimbursement for the $72,235 in disaster-related contract costs they had incurred.  We recommended that FEMA not fund $72,235 of ineligible contract costs and direct the Wisconsin Emergency Management Agency to provide additional technical assistance and monitoring to the Department to ensure it complies with applicable Federal procurement standards and to prevent the improper spending of approximately $3.2 million in estimated disaster work.  FEMA concurred with all of our findings and recommendations.

> Iron County Forestry and Parks Department, Wisconsin, Needs Assistance and Monitoring to Ensure Proper Management of Its FEMA Grant
2017
OIG-17-40 We determined that U.S. Customs and Immigration Services’ and ICE’s social media screening pilots, on which DHS plans to base future department-wide use of social media screening, lack criteria for measuring performance to ensure they meet their objectives.  Although the pilots include some objectives, it is not clear DHS is measuring and evaluating the pilots’ results to determine how well they are performing against set criteria.  Absent measurement criteria, the pilots may provide limited information for planning and implementing an effective, department-wide future social media screening program.  We recommended developing and implementing a plan to evaluate the performance of social media screening pilots that includes well-defined, clear, and measurable objectives.

>DHS' Pilots for Social Media Screening Need Increased Rigor to Ensure Scalability and Long-term Success (Redacted)
2017
OIG-17-47 The Protective Mission Panel (PMP) made a number of recommendations in its December 2014 classified report.  The objective of this review was to determine whether the Secret Service has taken or plans to take action to implement the PMP’s classified recommendations, which primarily relate to security gaps and vulnerabilities at the White House Complex (WHC).  The Secret Service has clearly taken these recommendations seriously.  Using funding appropriated for PMP initiatives, the Secret Service began enhancing security and refreshing technology at the WHC.  Fully implementing many of the PMP’s classified recommendations will depend on staff increases, sustained funding, and a multi-year commitment by Secret Service and Department leadership to ensure actions continue even during times of increased protective mission demands and unexpected priorities.  We made no recommendations in this report.

>The Secret Service Has Taken Action to Address the Classified Recommendations of the Protective Mission Panel
2017
OIG-17-46-D We determined that although the Board accounted for disaster-related costs on a project-by-project basis, it did not comply with Federal procurement standards in awarding contracts for disaster work totaling $4.8 million.  Additionally FEMA inadvertently obligated an additional $508,884 in duplicate obligations.  Also the Board could have benefited from additional technical advice from Minnesota.  We recommended that FEMA disallow as ineligible $4.8 million for contracts that did not comply with Federal procurement standards and $508,884 for duplicate obligations.  We also recommended FEMA direct Minnesota to provide technical assistance and monitoring to the Board to ensure it complies with Federal procurement regulations, which should result in $2.6 million in cost avoidance.  FEMA generally agreed with the findings and recommendations in the report.

>Minneapolis Park and Recreation Board Did Not Follow All Federal Procurement Standards for $5.1 Million in Contracts
2017
OIG-17-42 We determined that USCIS charges employers a flat fee per H-2 petition, regardless of whether 1) the employer is petitioning for one temporary non-immigrant worker, or hundreds of workers, and 2) it takes just minutes or days and weeks for USCIS to process the petition.  USCIS also did not limit the number of workers that employers can request on one petition, thus creating disparities in the cost employers pay to bring foreign workers into the United States.  We also found that large petitions are prone to errors that can have national security implications.  According to USCIS, the flat fee is used because USCIS systems do not capture the time required to adjudicate petitions with various numbers of workers.  We made three recommendations to improve the fee structure and vetting process.

>H-2 Petition Fee Structure is Inequitable and Contributes to Processing Errors
2017
OIG-17-44-D The purpose of this advisory report is to notify FEMA of an issue we observed during our ongoing audit of CalRecycle.  We determined that CalRecycle expects it will cost about $230 million to complete debris removal work, and has received invoices totaling $200 million from two contractors performing the work.  Yet, these invoices included documentation with numerous discrepancies that did not fully support the invoiced costs as Federal cost principles and procurement standards require.  Moreover, as of September 8, 2016, our audit cutoff date, CalRecycle had paid its contractors about $186.4 million of the $200 million in invoiced costs, but had not completed its review of invoices nor collected all missing support records.   FEMA and California, therefore, should continue to assist CalRecycle in assuring that all costs are valid and eligible.  We recommended that FEMA Region IX Administrator (1) direct California, as grantee, to provide CalRecycle with technical assistance it may need to ensure compliance with all applicable Federal regulations, specifically for document support and contract management, and to avoid improperly funding any of the $230 million ($173 million Federal share) in contract costs CalRecycle estimates it will claim for damages caused by this disaster; and (2) direct California, as grantee, to ensure that all CalRecycle’s cost reimbursement claims for debris removal work are supported with adequate documentation and that costs are eligible in accordance with FEMA’s debris removal guidelines.

>Management Advisory - CalRecycle, a California State Agency, Needs Assistance to Ensure that $230 Million in Disaster Costs Are Valid
2017
OIG-17-43-MA A recent unannounced inspection of the Theo Lacy Facility, an ICE detention facility in Orange, California, raised serious concerns, some that pose health risks and others that violate ICE’s 2008 Performance-Based National Detention Standards and result in potentially unsafe conditions at the facility.  Overall, we had concerns about food handling, confinement conditions, and services.  We made three recommendations to ensure compliance with ICE detention standards and strengthen ICE’s oversight of TLF.

>Management Alert on Issues Requiring Immediate Action at the Theo Lacy Facility in Orange, California (OIG-17-43-MA)
2017
OIG-17-41-D We determined that for the projects we reviewed, the County effectively accounted for and expended FEMA Public Assistance grant funds according to Federal regulations and FEMA guidelines. Because the audit did not identify any issues requiring further action from FEMA Region IV, we consider this audit closed.

>Aiken County, South Carolina, Effectively Managed FEMA Grant Funds Awarded for Severe 2014 Winter Storm
2017
OIG-17-39 We determined that CBP likely did not act in direct response to the Sandia report, but it has instituted many border security programs and operations that align with the report’s recommendations. However, our review and analysis of these reports also highlighted some continuing challenges to CBP in its efforts to secure the southwest border. In particular, CBP does not measure the effectiveness of its programs and operations well; therefore, it continues to invest in programs and act without the benefit of the feedback needed to help ensure it uses resources wisely and improves border security.  CBP also faces program management challenges in planning, resource allocation, infrastructure and technology acquisition, and overall efficiency.  Finally, coordination and communication with both internal and external stakeholders could be improved.  This final report does not contain recommendations.

>CBP’s Border Security Efforts – An Analysis of Southwest Border Security Between the Ports of Entry
2017
OIG-17-38-D We determined that FEMA has not identified and recovered Federal funds that New York City spent, more than three years ago, on repairs to commercial residential properties.  These repairs included short-term measures such as temporary boilers and power generators.  FEMA recognizes that commercial landlords may have received an incidental benefit from the Federal assistance provided to New York City and used it for repairs to multifamily dwellings to ensure tenants could shelter in their homes.  However, it is the responsibility of New York State Division of Homeland Security and Emergency Services (the grantee) to ensure that the money that FEMA provides is spent in accordance with Federal laws and regulations.  Under FEMA rules, for-profit organizations are ineligible for Public Assistance grant funds.  We recommended that FEMA review and improve, as necessary, policies and procedures that protect government resources used to support disaster response and recovery activities.  We made three recommendations and FEMA concurred with all of them.

>FEMA Needs to Improve Its Oversight of the Sheltering and Temporary Essential Power Pilot Program
2017
OIG-17-37-D FROM: John E. McCoy II

Assistant Inspector General for Audits

SUBJECT: Office of Inspector General Emergency Management Oversight Team Deployment Audits

Audit Report Numbers OIG-13-84, OIG-13-117, OIG-13-124, OIG-14-50-D, OIG-14-111-D, OIG-15-92-D, OIG-15-102-D, OIG-15-105-D, OIG-16-53-D, OIG-16-85-D, OIG-16-106-D, OIG-17-37-D

After completing an internal review of our audits related to multiple Emergency Management Oversight Team (EMOT) projects, we have decided to permanently remove the subject reports from our public website.

Our internal review found the subject reports may not have adequately answered objectives and, in some cases, may have lacked sufficient and appropriate evidence to support conclusions. Answering objectives with sufficient and appropriate evidence is required under Government Auditing Standards or Quality Standards for Inspection and Evaluation. In an abundance of caution, we believe it best to recall the reports and not re-issue them.

Going forward, our EMOTs will deploy during the response phase of a disaster to identify and alert the Federal Emergency Management Agency (FEMA) and its stakeholders of potential issues or risks if they do not follow FEMA and other Federal requirements. The EMOT’s reviews will not be conducted under Government Auditing Standards. The teams will continue to observe and identify potential risk areas that will be addressed by future traditional audits, if necessary.

A complete list of the projects removed from our website is attached. You should not place any reliance on these reports.

Please contact me at (202) 254-4100 if you have any questions.

>FEMA's Initial Response to Severe Storms and Flooding in West Virginia DR-4273
2017
OIG-17-28 CBP’s management prepared the Performance Summary Report and the related disclosures in accordance with the requirements of the Office of National Drug Control Policy’s (ONDCP) Circular, Accounting of Drug Control Funding and Performance Summary, dated January 18, 2013.  Based on its review, nothing came to KPMG’s attention that caused it to believe that CBP’s FY 2016 Performance Summary Report is not presented in conformity with the criteria in ONDCP’s Circular.  KPMG did not make any recommendations as a result of its review.

>Review of U.S. Customs and Border Protection's Fiscal Year 2016 Drug Control Performance Summary Report
2017
OIG-17-36 KPMG, LLC expressed an unmodified (clean) opinion on CBP’s FY 2016 consolidated financial statements.  However, KPMG identified five significant deficiencies in internal control, three of which KPMG considers material weaknesses in the areas of information technology controls and financial systems functionality; financial reporting; and refunds and drawbacks of duties, taxes, and fees. The two other significant deficiencies in internal control are related to entity-level controls and custodial revenue - entry process.  KPMG made 18 recommendations to improve these areas.

>Independent Auditors' Report on U.S. Customs and Border Protection's Fiscal Year 2016 Consolidated Financial Statements
2017
OIG-17-35-D We determined the County has established policies, procedures, and business practices to properly account for and expend FEMA Public Assistance grant funds.  Therefore, if the County adheres to those policies, procedures, and business practices, FEMA has reasonable assurance that the County will properly manage the estimated $55.4 million in FEMA project funding awarded for replacement of the facility.

>Escambia County, Florida, Has Adequate Policies, Procedures, and Business Practices to Effectively Manage FEMA Grant Funds Awarded to Replace Its Central Booking and Detention Center
2017
OIG-17-30 ICE’s management prepared the Table of FY 2016 Drug Control Obligations and related disclosures to comply with the requirements of ONDCP’s Circular, Accounting of Drug Control Funding and Performance Summary, dated January 18, 2013.  Based on its review, nothing came to KPMG’s attention that caused it to believe that the FY 2016 Detailed Accounting Submission is not presented in conformity with the criteria in ONDCP’s Circular.  KPMG did not make any recommendations as a result of its review.

>Review of U.S. Immigration and Customs Enforcement's Fiscal Year 2016 Detailed Accounting Submission
2017
OIG-17-31 ICE’s management prepared the Performance Summary Report and the related disclosures to comply with the requirements of ONDCP’s Circular, Accounting of Drug Control Funding and Performance Summary, dated January 18, 2013.  Based on its review, nothing came to KPMG’s attention that caused it to believe that ICE’s FY 2016 Performance Summary Report is not presented in conformity with the criteria in ONDCP’s Circular.  KPMG did not make any recommendations as a result of its review. 

>Review of U.S. Immigration and Customs Enforcement's Fiscal Year 2016 Drug Control Performance Summary Report
2017
OIG-17-33 U.S. Coast Guard management prepared the Performance Summary Report and the related disclosures in accordance with the requirements of the ONDCP Circular, Accounting of Drug Control Funding and Performance Summary, dated January 18, 2013 (Circular).  Based on its review, nothing came to KPMG’s attention that caused it to believe that the Coast Guard’s FY 2016 Performance Summary Report is not presented, in conformity with the criteria in ONDCP’s Circular.  KPMG did not make any recommendations as a result of its review.

>Review of U.S. Coast Guard's Fiscal Year 2016 Review of U.S. Coast Guard's Fiscal Year 2016 Drug Control Performance Summary Report
2017
OIG-17-29 CBP’s management prepared the Table of FY 2016 Drug Control Obligations and related disclosures in accordance with the requirements of ONDCP’s Circular, Accounting of Drug Control Funding and Performance Summary, dated January 18, 2013.  CBP’s management was unable to provide supporting documentation for the underlying assumptions used to calculate Drug Resources by Budget Decision Unit and Drug Control Function in the Table of FY 2016 Drug Control Obligations.  As a result, KPMG was unable to complete its review procedures over those assumptions.  Except as noted above, nothing came to KPMG’s attention that caused it to believe that CBP’s FY 2016 Detailed Accounting Submission is not presented in conformity with the criteria in the ONDCP Circular.

>Review of U.S. Customs and Border Protection's Fiscal Year 2016 Detailed Accounting Submission
2017
OIG-17-34-D We determined that the Columbia County Roads Department (Department) does not have written procurement policies and procedures that fully conform to Federal procurement standards; is not accounting for direct administrative costs properly; and cannot yet initiate large permanent work projects more than 9 months after the disaster.  These findings occurred because Department officials were not familiar with applicable Federal regulations and FEMA guidelines adequately.  In addition, the Oregon Office of Emergency Management (Oregon) is responsible for ensuring that its subrecipient,the Department, is aware of and complies with these requirements, as well as for providing technical assistance and monitoring grant activities.  Because of our audit, the Department is revising its policies and procedures to comply with Federal requirements.  However, the Department needs additional, ongoing assistance from Oregon and FEMA to ensure that it properly manages the $2 million FEMA grant it expects to receive.  Therefore, we recommended that FEMA disallow contract costs that do not comply with applicable Federal procurement standards, unless FEMA grants an exception to the administrative requirements as 2 CFR 200.102 allows and determines the costs are reasonable.  The OIG made three other recommendations to FEMA related to directing Oregon, as its grant recipient, to provide increased monitoring and technical assistance to the Department, to ensure the Department follows Federal regulations and FEMA guidelines and avoids misspending its $2 million grant award.

>Columbia County Roads Department, Oregon, Needs Continued State and FEMA Assistance in Managing Its FEMA Grant
2017
OIG-17-32 U.S. Coast Guard management prepared the Table of FY 2016 Drug Control Obligations and related disclosures to comply with the requirements of ONDCP’s Circular, Accounting of Drug Control Funding and Performance Summary, dated January 18, 2013.  Based on its review, nothing came to KPMG’s attention that caused it to believe that the Coast Guard’s FY 2016 Detailed Accounting Submission is not presented in conformity with the criteria in ONDCP’s Circular.  KPMG did not make any recommendations as a result of its review. 

>Review of U.S. Coast Guard's Fiscal Year 2016 Detailed Accounting Submission
2017
OIG-17-25-D We determined that the Authority did not comply with Federal regulations in its award and administration of three contracts totaling $31.7 million. As a result, FEMA has no assurance that these costs were reasonable or that the Authority selected the most qualified contractors. Specifically, the Authority did not: perform cost/price analyses of bid proposals to ensure fair and reasonable costs; follow its own procurement policy and Federal regulations when evaluating and selecting its contractors; include all mandatory Federal provisions in contracts to document rights and responsibilities of the parties; maintain records sufficient to detail the significant history of its procurements; maintain an adequate contract administration system that included careful review of invoices; or include a ceiling price in time-and-material contracts that contractors exceed at their own risk. Therefore, we recommended that FEMA should ineligible contract costs, review costs associated with the Authority’s other large projects and disallow any costs that are ineligible; review the process the Authority used to procure its engineering contract; and direct the California Governor’s Office of Emergency Services, to provide increased guidance to the Authority and more closely monitor its performance to ensure the Authority complies with mandatory Federal regulations and FEMA guidelines.

>The Victor Valley Wastewater Reclamation Authority in Victorville, California, Did Not Properly Manage $32 Million in FEMA Grant Funds
2017
OIG-17-27-MA We determined that the Contract Officer and Project Officer performed their duties according to Federal statutes, program guidance, and the IDIQ contract. In addition, there does not appear to be any internal control issues related to the segregation of duties related to contract purchases and receipt of goods.  We made no recommendations and FEMA concurred with our determination.

>Management Advisory Report: Review of FEMA Region IV Strategic Source IDIQ Contract for Office Supplies (OIG-17-27-MA)
2017
OIG-17-26-MA We recommend that USCIS halt plans to revert to using the Electronic Immigration System (ELIS) to process immigrant naturalization applications until it successfully addresses identified system deficiencies.  We made two recommendations to this Management Alert.

>Management Alert - U.S. Citizenship and Immigration Services' Use of the Electronic Immigration System for Naturalization Benefits Processing (OIG-17-26-MA)
2017
OIG-17-23-VR We determined that all corrective actions have been implemented for recommendations 1, 3 and 4, which were designed to increase the effectiveness of SAVE verification.  In response to OIG recommendation 2, U.S. Citizenship and Immigration Services (USCIS) built and implemented an interface with the Department of Justice’s Immigration Review Information Exchange System in August 2016 to obtain up-to-date information on the status of deportable aliens. While the interface is operational, USCIS and the Department of Justice’s Executive Office of Immigration Review (EOIR) still need to approve an Interface Control Agreement between the two systems before we can close the recommendation.

>Verification Review of USCIS' Progress in Implementing OIG Recommendations for SAVE to Accurately Determine Immigration Status of Individuals Ordered Deported
2017
OIG-17-21-D We determined that for the projects we reviewed, the City effectively accounted for and expended FEMA Public Assistance grant funds according to Federal regulations and FEMA guidelines.  City officials accounted for disaster expenditures on a project-by-project basis, procured contracts for disaster work appropriately, and maintained adequate documentation to support the costs.  We made no recommendations.

>Perth Amboy, New Jersey, Effectively Managed FEMA Grant Funds Awarded for Hurricane Sandy Damages
2017
OIG-17-22 We determined that DHS has not done enough to minimize the risk of improper use of force by law enforcement officers.  Specifically, the Department does not:  (1) have an office responsible for managing and overseeing component use of force activities; (2) ensure the collection and validation of component data needed to assess use of force activities, minimize risks, and take corrective actions; (3) ensure use of force policies have been updated to reflect current operations and lessons learned; or (4) establish consistent requirements for less-lethal recurrent training and ensure training was completed as required.  Additionally, each component varies on their use of force activities.  Without improvements in the management and oversight of use of force activities, the Department may increase its risk of improper use of force by law enforcement officers.  DHS concurred with our two recommendations, which, if implemented, will help the Department actively oversee and assist with component use of force activities, update policies, and improve training.

>DHS Lacks Oversight of Component Use of Force (Redacted)
2017
OIG-17-24 Despite the progress made, Components were not consistently following DHS’ policies and procedures to maintain current or complete information on remediating security weaknesses timely. Components operated 79 unclassified systems with expired authorities to operate.  Further, Components had not consolidated all internet traffic behind the Department’s trusted internet connections and continued to use unsupported operating systems that may expose DHS data to unnecessary risks.  Our review identified deficiencies related to configuration management and continuous monitoring. We made four recommendations to the Chief Information Security Officer.  The Department concurred with all four recommendations.

>Evaluation of DHS' Information Security Program for Fiscal Year 2016
2017
OIG-17-19-D We determined that the Cooperative has an effective accounting system in place to ensure it accounts for disaster-related costs on a project-by-project basis and can properly support those expenditures.  As of June 2016, Cooperative officials had completed all disaster repairs using their own resources and contractors.  However, Cooperative officials said they do not intend to claim $4.1 million in contracting costs because they believe their contracting methodology did not fully comply with Federal requirements when hiring disaster contractors.  Therefore, we did not assess the Cooperative’s procurement policies and procedures, nor review its contract costs.  Because the audit did not identify any issues requiring further action from FEMA, we consider this audit closed. 

>Western Farmers Electric Cooperative, Oklahoma, Has Adequate Policies, Procedures, and Business Practices to Manage its FEMA Grant
2017
OIG-17-20-D We determined that the Authority did not account for FEMA funds on a project-by-project basis as Federal regulations and FEMA guidelines require.  We also identified $577,959 (Federal share $433,469) of project costs that FEMA should disallow.  We recommended that the Regional Administrator, FEMA Region II disallow the $577,959 of questioned costs.

>FEMA Should Disallow $577,959 of $2.9 Million Awarded to Puerto Rico Aqueduct and Sewer Authority for Hurricane Irene Damages
2017
OIG-17-18-D We determined the Town did not always account for and expend FEMA grant funds according to Federal regulations and FEMA guidelines.  Therefore, FEMA should disallow $2.0 million of $3.59 million in grant funds awarded to the Town.  We made four recommendations to the Regional Administrator, FEMA Region I, to disallow ineligible or unsupported costs and improve the State’s grant management activities.

>FEMA Should Disallow $2.0 Million of $3.59 Million Awarded to Stratford, Connecticut
2017
OIG-17-06-D For the projects we reviewed, we identified $1,771,894 (Federal share $1,328,921) of costs that FEMA should disallow.  We recommended that Regional Administrator, FEMA Region IV, disallow $1,771,894 of ineligible costs and direct the Florida Division of Emergency Management to monitor the County’s performance for compliance with Federal grant requirements on open projects.

>FEMA Should Recover $1.8 Million of $5.5 Million in Public Assistance Grant Funds Awarded to Columbia County, Florida, for Tropical Storm Debby Damages
2017
OIG-17-16-VR We determined that the Colorado State Division of Homeland Security and Emergency Services’ additional technical assistance and continuous monitoring of Larimer County’s procurement and project-related activities are effective.  We also verified that the County can document and account for its disaster-related costs on a project-by-project basis and that its policies and procedures are adequate to account for FEMA grant funds according to Federal regulations and FEMA guidelines. Because the verification review did not identify any issues requiring further actions from FEMA, the report contains no recommendations and we consider this verification review closed.

>Verification Review of Larimer County, Colorado, OIG Audit Report (OIG-15-34-D)
2017
OIG-17-17-D We determined that the Omaha Public Power District (OPPD) generally accounted for disaster costs on a project-by-project basis and adequately supported costs it claimed.  However, OPPD overstated the fringe benefit rate it applied to its labor costs on three large projects. We recommended that FEMA disallow $67,570 in ineligible costs and instruct Nebraska to ensure that OPPD calculates and applies its fringe benefit rate according to Federal cost principles and FEMA guidelines for all future disasters.  FEMA concurred with all three of our recommendations.

>Omaha Public Power District in Nebraska Generally Accounted for and Expended FEMA Grant Funds Properly
2017
OIG-17-14 We determined that the Transportation Security Administration (TSA) resolved most of our recommendations from previous airport reports.  However, there are several open security control recommendations related to TSA’s Security Technology Integrated Program and one open and unresolved recommendation concerning closed-circuit TVs at John F. Kennedy International Airport.  We recommended that TSA prepare business impact analyses that comply with best practices and also establish a plan to conduct recurring reviews of the operational, technical, and management controls for securing TSA information technology systems at U.S. airports nationwide. TSA concurred with both recommendations.

>Summary Report on Audits of Security Controls for TSA Information Technology Systems at Airports (Redacted)
2017
OIG-17-15 We determined that in most instances, Texas distributed and spent the awards in compliance with applicable laws and regulations; however, the State lacked adequate controls over more than $1 million in grant funds we reviewed.  This occurred because the Federal Emergency Management Agency and the State did not ensure adequate management and oversight of Homeland Security Grant Program funds.  We made three recommendations, which when implemented, should enhance Texas’ effectiveness in the overall use of the grant funds to improve preparedness and response capabilities.  Better management and oversight should also reduce the risk associated with the State’s management of grant funds.  FEMA concurred with all three recommendations.

>Texas Management of Homeland Security Grant Program Awards for Fiscal Years 2012-14
2017
OIG-17-13-D We determined that of the 55 grant audit reports we issued in fiscal year 2015, 43 reports contained 154 recommendations resulting in potential monetary benefits of $1.734 billion. This amount included $457.46 million in questioned costs that we recommended FEMA disallow as ineligible or unsupported and $1.28 billion in cost avoidance, unused obligated funding, and unused funds at risk that we recommended FEMA put to better use. The eight program audits did not relate to specific grants. In three program audits, we deployed staff to major disasters to assess FEMA’s initial response to disasters. Another program audit related to technical assistance we provided during a disaster deployment. The remaining four program audits covered other FEMA programs or operations, contained six recommendations for improving FEMA programs or operations, and identified $1.6 million in potential monetary benefits.

>Summary and Key Findings of Fiscal Year 2015 FEMA Disaster Grant and Program Audits
2017
OIG-17-11 We determined that over the previous 3 years, USCIS produced at least 19,000 cards that included incorrect information or were issued in duplicate.  Most card issuance errors were due to design and functionality problems in the Electronic Immigration System (ELIS), which is being implemented to automate benefits processing.  Although USCIS conducted a number of efforts to recover the inappropriately issued cards, these efforts also were not fully successful and lacked consistency and a sense of urgency. We recommended that USCIS improve ELIS functionality and develop internal controls to avoid inappropriate Green Card issuance, standardize card recovery and tracking efforts, prevent unrecoverable card use, and enable remote identity verification and more secure card delivery methods. We made seven recommendations.

>Better Safeguards Are Needed in USCIS Green Card Issuance
2017
OIG-17-12 KPMG LLP (KPMG), under contract with DHS OIG, conducted an integrated audit of DHS’ FY 2016consolidated financial statements and internal control over financial reporting. KPMG expressed an unmodified (clean) opinion on the Department’s FY 2016 financial statements. However, KPMG identified six significant deficiencies in internal control; three of which are considered material weaknesses. Consequently, KPMG issued an adverse opinion on DHS’ internal control over financial reporting. KPMG also reported instances in which DHS did not comply with four laws and regulations. The Department concurred with all of the recommendations in the report.

>Independent Auditors' Report on DHS' FY 2016 Financial Statements and Internal Control over Financial Reporting
2017
OIG-17-10 We determined that the U.S. Secret Service has clearly taken the Protective Mission Panel’s (PMP) recommendations seriously, which it has demonstrated by making a number of significant changes.  Specifically, it has improved communication within the workforce, better articulated its budget needs, increased hiring, and committed to more training.  However, fully implementing many of the PMP’s recommendations will require long-term financial planning, further staff increases, consistent re-evaluation of the initiated actions’ effectiveness, and a multi-year commitment by Secret Service and Department of Homeland Security leadership.  We have made five recommendations.

>The Secret Service Has Taken Action to Address the Recommendations of the Protective Mission Panel
2017
OIG-17-09 We determined that the Department’s oversight of its drug interdiction efforts did not align with the Office of National Drug Control Policy’s (ONDCP) National Drug Control Strategy.  .  This occurred because DHS lacks formal oversight roles and responsibilities to ensure its drug interdiction performance activities met both ONDCP and legislative requirements.  As a result, DHS could not ensure its drug interdiction efforts met required national drug control outcomes nor accurately assess the impact of the approximately $4.2 billion it spends annually on drug control activities.  We made two recommendations that, if implemented, will improve DHS’ drug interdiction efforts.  DHS concurred with both recommendations.

>DHS Drug Interdiction Efforts Need Improvement
2017
OIG-17-07-D We determined that Pennsylvania did not comply with Federal regulations.  Since 2005 Pennsylvania has returned to compliance.  However, it has not remitted earnings on drawdowns held as investments.  We recommended that FEMA collect $2,430,541 from Pennsylvania in investment earnings on disaster assistance funds.  FEMA Region III concurred with the two recommendations in the report.

>FEMA Should Recover $2.4 Million in Investment Gains Pennsylvania Improperly Earned on Federal Disaster Funds
2017
OIG-17-08 This report summarizes what we consider the most serious management and performance challenges to both the Department as a whole, as well as individual components challenges.  We remain concerned about the systemic nature of these challenges, some of which span multiple Administrations and changes in Department leadership.  We also assess the Department’s progress in addressing those challenges.  This year, we are reporting the Department’s major challenges in the following areas: Unity of Effort, Employee Morale and Engagement, Acquisition Management, Grants Management, Cybersecurity, Management Fundamentals.  We did not make any new recommendations in this report.

>Major Management and Performance Challenges Facing the Department of Homeland Security
2017
OIG-17-05 We determined that CBP, ICE and USSS have been able to maintain staffing levels close to the authorized number of law enforcement personnel, but they continue to have significant delays in hiring. The additional steps in the hiring process add to the time it takes to hire law enforcement officers, but the components also do not have the staff or comprehensive automated systems needed to hire personnel as efficiently as possible.  Although they have taken steps to reduce the time it takes to hire law enforcement personnel, it is too early to measure the long-term effects of the Department’s and the components’ recent actions. We made five recommendations to make the law enforcement hiring process more efficient.

>DHS Is Slow to Hire Law Enforcement Personnel
2017
OIG-17-04 We determined that airports do not always properly account for access media badges after they have been issued, and that the Transportation Security Administration’s (TSA) current inspection practice of relying on information reported by airports about access media badges limits its oversight of controls over badge accountability.  We made three recommendations to improve TSA’s oversight of airport access media badge controls. 

>TSA Could Improve Its Oversight of Airport Controls over Access Media Badges (Redacted)
2017
OIG-17-03 We determined that the maritime missions and responsibilities of the agencies are not duplicative and their efforts bolster the overall effectiveness of DHS maritime border security. Given the large area of responsibility, different activities, and limited resources, eliminating the maritime law enforcement responsibilities of either agency — or combining them — could be harmful to border security.  However, Air and Marine Operations and the Coast Guard could improve coordination in some areas.  DHS concurred with our two recommendations to improve oversight, and coordination of maritime operations.

>AMO and Coast Guard Maritime Missions Are Not Duplicative, But Could Improve with Better Coordination
2017
OIG-17-02 We determined that overall; the Department cannot be assured that its preparedness plans can be executed effectively during a pandemic event.  As a result, the eight components we reviewed may not be fully prepared to continue mission essential functions during a pandemic event.  The Department concurred with all seven recommendations and has initiated corrective actions

>DHS Pandemic Planning Needs Better Oversight, Training, and Execution
2017
OIG-17-01 We determined that the U.S. Secret Service (USSS) did not have adequate protections in place on systems to which Master Central Index (MCI) information was migrated.  These problems occurred because USSS has not consistently made IT management a priority.  The USSS Chief Information Officer (CIO) lacked authority for all IT resources and was not effectively positioned to provide necessary oversight, inadequate attention was given to updating USSS IT policies, and high turnover and vacancies within the Office of the CIO meant a lack of leadership to ensure IT systems were properly managed.  In addition, USSS personnel were not adequately trained to successfully perform their duties. We made 10 recommendations to USSS and 1 recommendation to the DHS Privacy Office to reduce the risk of future unauthorized access and disclosure of sensitive information. The USSS and the DHS Privacy Officer concurred with these recommendations.

>USSS Faces Challenges Protecting Sensitive Case Management Systems and Data
2017
OIG-16-143-D The City of Louisville (City), Mississippi, received a Federal Emergency Management Agency (FEMA) grant award of $61.7 million for damages resulting from an April 2014 disaster. We had concerns about how effectively the City complied with the Public Assistance Alternative Procedures Pilot Program (PAAP program) authorized by the Sandy Recovery Improvement Act of 2013.

>FEMA Should Recover $25.4 Million in Grant Funds Awarded to Louisville, Mississippi, for an April 2014 Disaster
2016
OIG-16-139-D Time is of the essence in establishing a Joint Field Office (JFO) as the nexus of disaster response and recovery efforts. FEMA needs to implement consistent JFO selection guidance so its disaster response is effective, efficient and economical. This audit was conducted as a follow up to our prior report on the JFO Selection in New Jersey and as part of our 2015 disaster deployment efforts in Texas and South Carolina.

>FEMA Should Implement Consistent Joint Field Office Guidance
2016
OIG-16-142 Title IV, Section 406 of the Cybersecurity Act of 2015 requires Inspectors General to assess agency National Security Systems (NSS) and other systems that provide access to personally identifiable information (PII). We reviewed information security policies and practices for logical access and data protection at the Department of Homeland Security in four key areas, asrequired by the Act.

>Review of the Department of Homeland Security's Implementation of the Cybersecurity Act of 2015
2016