Department of Homeland Security

The Department of Homeland Security Headquarters (HQ) did not adequately secure a non-Tier 1 High Value Asset (HVA) system used to support data analysis and reporting on DHS component operations, which rendered the system and its sensitive information vulnerable to cyberattacks. Although DHS HQ...

U.S. Customs and Border Protection (CBP) did not effectively manage and secure its mobile devices, resulting in vulnerabilities and higher susceptibility to cyberattacks, potential unauthorized access to law enforcement and operational sensitive information, and waste and abuse from under- or over...

U.S. Customs and Border Protection (CBP) faces limitations detecting and preventing entry of aliens carrying fraudulent documents, increasing the risk that criminals, terrorists, and other national security threat actors may enter the United States. Although CBP has capabilities to help officers...

The Federal Emergency Management Agency (FEMA) did not ensure the timely rebuilding of Puerto Rico’s electrical grid in the aftermath of Hurricane Maria. FEMA officials missed opportunities to provide more assistance to Puerto Rico to manage its Hurricane Maria Public Assistance grant funds in...

The United States Coast Guard (Coast Guard) does not have a comprehensive system to initiate, investigate, and report suspension and revocation (S&R) actions of merchant mariner (mariner) credentials, and therefore cannot ensure the suitability of all mariners. We found: • The Coast Guard did not...

The Cybersecurity and Infrastructure Security Agency (CISA) did not properly design, implement, comply with, or manage requirements of the Cybersecurity Retention Incentive (Cyber Incentive) program, which paid more than $138 million between fiscal years 2020 through 2024. These deficiencies...

U.S. Customs and Border Protection (CBP) continues to evaluate and obtain critical technology needed to identify, assess, breach, and remediate cross-border tunnels and has made progress in its efforts since our 2021 audit on border technology. The Department of Homeland Security in January 2020 and...

In November 2024, we conducted onsite, unannounced inspections at four U.S. Customs and Border Protection (CBP) facilities in Southern Arizona and California: • Two U.S. Border Patrol (Border Patrol) facilities — Yuma soft- sided facility (SSF) and Wellton station — housed 510 detainees at the time...

We evaluated the Department of Homeland Security’s enterprise-wide security program for Top Secret/Sensitive Compartmented Information intelligence systems.

We evaluated the Department of Homeland Security’s enterprise-wide security program for Top Secret/Sensitive Compartmented Information intelligence systems.