Skip to main content
Report File
Date Issued
Submitting OIG
Department of Homeland Security OIG
Other Participating OIGs
Department of Homeland Security OIG
Agencies Reviewed/Investigated
Department of Homeland Security
Report Number
OIG-22-55
Report Description

DHS’ information security program for FY 2021 was rated “not effective,” according to this year’s reporting instructions.

Report Type
Audit
Agency Wide
Yes
Number of Recommendations
3
Questioned Costs
$0
Funds for Better Use
$0

Open Recommendations

This report has 2 open recommendations.
Recommendation Number Significant Recommendation Recommended Questioned Costs Recommended Funds for Better Use Additional Details
1 No $0 $0

Enforce requirements for components to obtain authority to operate, resolve critical and high-risk vulnerabilities, and apply sufficient resources to mitigate security weaknesses.

3 No $0 $0

Revise DHS 4300A Policy, Handbook, and Ongoing Authorization methodology to incorporate applicable changes from NIST SpecialPublications, including SP 800-37, Revision 2, SP 800-53 Revision 5, and SP 800-137A to maintain consistency between the documents.

Department of Homeland Security OIG

United States