Department of Homeland Security

U.S. Customs and Border Protection (CBP) cannot ensure its Entry Reconciliation Program reporting is accurate or complies with requirements. Specifically, CBP did not always validate importers’ self-reported final values of imports when it assessed duties and fees because it did not require...

The Internal Security Division needs to improve standardized guidance for investigative operations, requirements for evidence and firearms, accountability for law enforcement sensitive equipment, case file management, reports, and documentation, and compliance with the Department of Homeland...

DHS’ information security program was not effective for Fiscal Year 2019 because the Department earned a maturity rating of “Ad Hoc” (Level 1) in three of five functions, compared to last year’s higher overall rating of “Managed and Measurable” (Level 4). We attributed DHS’ regression in managing...

The Federal Emergency Management Agency (FEMA) mismanaged the distribution of commodities in response to Hurricanes Irma and Maria in Puerto Rico. FEMA lost visibility of about 38 percent of its commodity shipments to Puerto Rico, worth an estimated $257 million. Commodities successfully delivered...

U.S. Customs and Border Protection (CBP) does not have a comprehensive strategy for meeting its LS-NII scanning needs at all CBP locations. Instead, CBP used multiple plans, such as its Multi-Year Investment and Management Plan, and individual acquisition plans for each type of LS-NII equipment it...

The Cybersecurity and Infrastructure Security Agency (CISA) increased the number of Automated Indicator Sharing (AIS) participants as well as the volume of cyber threat indicators it has shared since the program’s inception in 2016. However, CISA made limited progress in improving the overall...

DHS has not fulfilled most of the 13 responsibilities of the Geospatial Data Act. To comply with one responsibility, DHS has a Geospatial Information Officer and a dedicated Geospatial Management Office whose duties include overseeing the Act’s implementation and to coordinate with other agencies...

U.S. Customs and Border Protection (CBP) did not adequately safeguard sensitive data on an unencrypted device used during its facial recognition technology pilot (known as the Vehicle Face System). A subcontractor working on this effort, Perceptics, LLC, transferred copies of CBP’s biometric data...

We are issuing this management alert to advise the Department of Homeland Security and CBP of the urgency and short timeframe to award a new medical services contract. During two ongoing projects, we learned that CBP’s current contract for medical services will expire on September 29, 2020. As of...

The Federal Emergency Management Agency (FEMA) is not adequately managing severe repetitive loss (SRL) properties covered by the National Flood Insurance Program (NFIP). FEMA has not established an effective program to reduce or eliminate damage to SRL properties and disruption to life caused by the...