Information Technology Management Letter for the Management Directorate Component of the FY 2016 Department of Homeland Security Financial Statement Audit [open pdf - 1MB]
From the Highlights: "We contracted with the independent public accounting firm KPMG [Klynveld Peat Marwick Goerdeler], LLP [limited liability partnership] to perform the audit of the consolidated financial statements of the U.S. Department of Homeland Security (DHS) for the year ended September 30, 2016. KPMG evaluated selected general IT controls (GITC) and business process application controls at the Management Directorate. KPMG determined the Management Directorate had GITC deficiencies related to access controls and configuration management. The deficiencies collectively limited the Management Directorate's ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability. In addition, certain of these deficiencies adversely impacted internal controls over DHS' financial reporting and its operation and therefore are considered to collectively represent a material weakness reported in the FY 2016 DHS Agency Financial Report."
Department of Homeland Security, Office of Inspector General, Report No. OIG-17-88
Department of Homeland Security, Office of Inspector General: http://www.oig.dhs.gov/