Information Technology Management Letter for the U.S. Citizenship and Immigration Services Component of the FY 2016 Department of Homeland Security Financial Statement Audit [open pdf - 527KB]
From the Highlights: "We contracted with the independent public accounting firm KPMG [Klynveld Peat Marwick Goerdeler], LLP [limited liability partnership] to perform the audit of the consolidated financial statements of the U.S. Department of Homeland Security (DHS) for the year ended September 30, 2016. KPMG evaluated selected general IT controls (GITC) and business process application controls at U.S. Citizenship and Immigration Services (USCIS). KPMG determined that USCIS took corrective action to address certain prior-year IT control deficiencies. For example, USCIS made improvements by designing and consistently implementing certain account management controls related to user access forms. However, KPMG continued to identify GITC deficiencies related to access controls for USCIS' core financial and feeder systems. The deficiencies collectively limited USCIS' ability to ensure that critical financial and operational data were maintained in such a manner as to ensure their confidentiality, integrity, and availability. In addition, certain of these deficiencies adversely impacted internal controls over DHS' financial reporting and its operation and therefore are considered to collectively represent a material weakness identified in the FY 2016 DHS Agency Financial Report."
Department of Homeland Security, Office of Inspector General, Report No. OIG-17-76
Department of Homeland Security, Office of Inspector General: http://www.oig.dhs.gov/