Department of Homeland Security

We determined that CISA and FEMA could better ensure program efforts are mutually reinforcing; they did not have compatible policies, procedures, and other means to operate across component boundaries; and CISA did not regularly update and monitor written agreements with Energy Sector partners...

We determined that USCIS did not apply the IT access controls needed to restrict unnecessary access to its systems, networks, and information. Specifically, USCIS did not consistently manage access for personnel, service accounts, and privileged users. We attribute these deficiencies to insufficient...

DHS’ IT systems did not effectively allow CBP and ICE personnel to track migrants from apprehension to release or transfer. Instead, DHS personnel and partner agencies at the border implemented manual and ad hoc workarounds to process migrants apprehended illegally entering the United States. DHS...

In recent years, several Department of Homeland Security (DHS) components have been victims of cyberattacks. To protect its sensitive information from potential exploitation, DHS implements multiple layers of defense against malware, ransomware, and phishing attacks.

The Cybersecurity and Infrastructure Security Agency (CISA) has addressed the basic information sharing requirements of the Cybersecurity Act of 2015 (Cybersecurity Act) but has made limited progress improving the overall quality of threat information.

The Cybersecurity and Infrastructure Security Agency (CISA) has addressed the basic information sharing requirements of the Cybersecurity Act of 2015 (Cybersecurity Act) but has made limited progress improving the overall quality of threat information.

The objective was to determine the extent to which DHS is positioned to prevent and reduce domestic terrorism in the United States. We determined that DHS has taken steps to help the United States counter terrorism, but those efforts have not always been consistent. This occurred because the...

DHS’ information security program for FY 2021 was rated “not effective,” according to this year’s reporting instructions.

DHS Has Controls to Safeguard Watchlist Data

As the lead Federal agency for Operation Allies Welcome (OAW), the Department of Homeland Security coordinated efforts across the Federal Government to resettle individuals evacuated from Afghanistan.