Department of Homeland Security

The Cybersecurity and Infrastructure Security Agency (CISA) did not implement effective controls for the selected High Value Asset (HVA) system per Federal and departmental requirements. CISA developed policies and procedures to reduce risks to sensitive information stored on the selected HVA system...

During our unannounced inspection of Baker County Sheriff’s Office (Baker) in Macclenny, Florida, we found Baker and ICE staff complied with ICE’s 2019 National Detention Standards for Non-Dedicated Facilities (NDS 2019) for classification, grievances, recreation, segregation, facility conditions...

The Department of Homeland Security has technology that enables identification and sharing of emerging threat information, but DHS partners did not always use this technology to obtain threat information. DHS has various technological methods for maintaining real-time situational awareness and...

Our review of prior Department of Homeland Security Office of Inspector General and U.S. Government Accountability Office (GAO) oversight reports identified recurring challenges with DHS’ strategic planning efforts. We previously reported that DHS and its components had not promptly updated...

Although U.S. Customs and Border Protection (CBP) and U.S.Immigration and Customs Enforcement (ICE) have policies andprocedures to check the identity of noncitizens seeking entry intothe United States, they cannot always verify the noncitizens’identities. According to Federal law, noncitizens...

U.S. Immigration and Customs Enforcement (ICE) did not effectively manage and secure its mobile devices or the infrastructure supporting the devices. Specifically, ICE did not implement security settings required to protect its mobile devices and did not mitigate vulnerabilities from applications...

The Cybersecurity and Infrastructure Security Agency (CISA) addressed the basic information-sharing requirements of the Cybersecurity Act of 2015. In calendar years 2021 and 2022, CISA updated its guidance, properly classified cyber threat indicators (CTI) and defensive measures, and accurately...

U.S. Customs and Border Protection (CBP) did not always conduct and manage assessments of owned and leased facilities for the safe and economical use of its real property. Department of Homeland Security policy requires CBP to assess the condition, function, and overall performance of its real...

From fiscal years 2020 to 2023, we conducted 17 unannounced inspections at U.S. Immigration and Customs Enforcement (ICE) detention facilities across the United States (facility locations below), which resulted in 17 reports and 1 management alert.

RMA Associates, LLC (RMA), under contract with the Department of Homeland Security Office of Inspector General, concluded that the Office of Intelligence and Analysis (I&A) did not fully comply with Financial Acquisition Regulation and DHS requirements. Specifically, I&A’s internal guidance lacked...