The Department of Homeland Security has taken steps to develop guidance and establish oversight for artificial intelligence (AI) use, but more action is needed to ensure DHS governs and manages AI use appropriately. DHS issued AI-specific guidance, appointed a Chief AI Officer, and established multiple working groups and its AI Task Force to help guide the Department’s AI efforts. However, more action is needed to ensure DHS has appropriate governance for responsible and secure use of AI.
Open Recommendations
Recommendation Number | Significant Recommendation | Recommended Questioned Costs | Recommended Funds for Better Use | Additional Details | |
---|---|---|---|---|---|
1 | No | $0 | $0 | ||
We recommend that the DHS Artificial Intelligence Task Force, in coordination with appropriate stakeholders, evaluate DHS’ 2020 Artificial Intelligence Strategy and finalize any updates that it determines are needed. | |||||
2 | No | $0 | $0 | ||
We recommend that the DHS Artificial Intelligence Policy Working Group complete its ongoing efforts to assess and document the need for components to update or revise their existing policies, procedures, and processes for the responsible and ethical use of artificial intelligence. | |||||
3 | No | $0 | $0 | ||
We recommend that the DHS Artificial Intelligence Policy Working Group complete its ongoing efforts to develop a directive and instruction to facilitate updates that require formal policy changes to proceed. | |||||
4 | No | $0 | $0 | ||
We recommend that the DHS Artificial Intelligence Policy Working Group complete its ongoing efforts to develop an Artificial Intelligence Risk Management Framework. | |||||
5 | No | $0 | $0 | ||
We recommend that the DHS Chief Information Security Officer complete its review of and update DHS Policy Directive 4300A for artificial intelligence considerations. | |||||
6 | No | $0 | $0 | ||
We recommend that the DHS Privacy Office evaluate the personnel and training resources of oversight staff to determine additional resources and training required to meet artificial intelligence oversight requirements and act as needed based on the results of the evaluation. | |||||
7 | No | $0 | $0 | ||
We recommend that the DHS Privacy Office update the Privacy Compliance Review process to formally track required Privacy Compliance Reviews. | |||||
9 | No | $0 | $0 | ||
We recommend that the DHS Privacy Office develop and implement a formalized process for tracking and closing Privacy Compliance Review recommendations. | |||||
10 | No | $0 | $0 | ||
We recommend that the DHS Office for Civil Rights and Civil Liberties evaluate the personnel resources needed to meet civil rights and civil liberties oversight requirements and act as needed based on the results of the evaluation. | |||||
11 | No | $0 | $0 | ||
We recommend that the DHS Office for Civil Rights and Civil Liberties finalize its Artificial Intelligence Risk Management Framework or implement an alternative process to provide oversight of DHS artificial intelligence’s compliance with civil rights and civil liberties considerations. | |||||
12 | No | $0 | $0 | ||
We recommend that CBP implement DHS’ enterprise process to identify, assess, and track AI use cases or implement a component specific process to identify, assess, and document artificial intelligence use cases and the associated data required for the Department’s mandated public reporting of artificial intelligence. | |||||
13 | No | $0 | $0 | ||
We recommend that CISA implement DHS’ enterprise process to identify, assess, and track AI use cases or implement a component specific process to identify, assess, and document artificial intelligence use cases and the associated data required for the Department’s mandated public reporting of artificial intelligence. | |||||
14 | No | $0 | $0 | ||
We recommend that FEMA implement DHS’ enterprise process to identify, assess, and track AI use cases or implement a component specific process to identify, assess, and document artificial intelligence use cases and the associated data required for the Department’s mandated public reporting of artificial intelligence. | |||||
15 | No | $0 | $0 | ||
We recommend that ICE implement DHS’ enterprise process to identify, assess, and track AI use cases or implement a component specific process to identify, assess, and document artificial intelligence use cases and the associated data required for the Department’s mandated public reporting of artificial intelligence. | |||||
16 | No | $0 | $0 | ||
We recommend that TSA implement DHS’ enterprise process to identify, assess, and track AI use cases or implement a component specific process to identify, assess, and document artificial intelligence use cases and the associated data required for the Department’s mandated public reporting of artificial intelligence. | |||||
17 | No | $0 | $0 | ||
We recommend that USCIS implement DHS’ enterprise process to identify, assess, and track AI use cases or implement a component specific process to identify, assess, and document artificial intelligence use cases and the associated data required for the Department’s mandated public reporting of artificial intelligence. | |||||
18 | No | $0 | $0 | ||
We recommend that Secret Service implement DHS’ enterprise process to identify, assess, and track AI use cases or implement a component specific process to identify, assess, and document artificial intelligence use cases and the associated data required for the Department’s mandated public reporting of artificial intelligence. | |||||
19 | No | $0 | $0 | ||
We recommend that the DHS Chief Technology Officer Directorate develop and implement a formalized process to review, validate, and approve data that components provide for DHS’ mandated reporting of the Department’s artificial intelligence use. | |||||
20 | No | $0 | $0 | ||
We recommend that the DHS Chief Technology Officer Directorate develop and implement procedures to ensure components provide accurate and complete data for DHS’ mandated reporting of the Department’s artificial intelligence use. |