Department of Homeland Security

Recent Reports

Financial Management: Additional Steps Needed to Improve ICE's Budget Projections and Execution

GAO-24-106550

Published: May 15, 2024

Publicly Released: May 15, 2024

Biometric Identification Technologies: Considerations to Address Information Gaps and Other Stakeholder Concerns

GAO-24-106293

Published: Apr 22, 2024

Publicly Released: Apr 22, 2024

Aviation Safety: Federal Efforts to Address Unauthorized Drone Flights Near Airports

GAO-24-107195

Published: Mar 18, 2024

Publicly Released: Apr 17, 2024

Homeland Security: DHS Internal Entities Facilitate Information Sharing in Key Areas and Collaborate as Needed

GAO-24-106896

Published: Apr 16, 2024

Publicly Released: Apr 16, 2024

Counternarcotics: DOD Should Improve Coordination and Assessment of Its Activities

GAO-24-106281

Published: Apr 16, 2024

Publicly Released: Apr 16, 2024

Weapons of Mass Destruction: DHS Has Made Progress in Some Areas, but Additional Improvements Are Needed

GAO-24-107426

Published: Mar 20, 2024

Publicly Released: Mar 20, 2024

View More Reports

Open Recommendations (141 total)

Sexual Assault: DOD and Coast Guard Should Ensure Laws Are Implemented to Improve Oversight of Key Prevention and Response Efforts

GAO-22-103973

Mar 28, 2022

Show

1 Open Recommendations

Agency Affected	Recommendation	Status Sort descending
Department of Homeland Security	The Secretary of Homeland Security should ensure that the Commandant of the Coast Guard, in collaboration with the Director of Health, Safety & Work Life Directorate, implements the education and training on sexual assault prevention and response for individuals enlisted under a delayed entry program by—for example—documenting such training in policy or other relevant guidance to ensure compliance with section 535(a)-(b) of the NDAA for Fiscal Year 2018. (Recommendation 21)	Open In March 2022, the Department of Homeland Security concurred with this recommendation. As of September 2023, Coast Guard officials stated they had implemented training on sexual assault prevention, response, and recovery for all individuals enlisted in the Coast Guard under a delayed entry program. Officials explained that while sexual assault prevention and response training for delayed entry program recruits was provided by a contractor for fiscal years 2022 and 2023, beginning in 2024 recruits will complete an online training program and capture compliance via Form CG-3307. When the issued form is provided, we will review it and provide updated information.

Coast Guard Acquisitions: Polar Security Cutter Needs to Stabilize Design Before Starting Construction and Improve Schedule Oversight

GAO-23-105949

Jul 27, 2023

Show

1 Open Recommendations

Agency Affected	Recommendation	Status Sort descending
Department of Homeland Security	The DHS Secretary should ensure the DHS Under Secretary for Management ensures design for the lead PSC is mature, meaning at least the functional design is complete, including routing of major distributive systems that affect multiple zones of the ship, prior to authorizing lead cutter construction beyond the previously approved eight prototype units. (Recommendation 1)	Open In April 2024, Coast Guard officials said they expect the functional design to be 100 percent complete by the end of 2024. This will support moving toward the DHS acquisition decision event (ADE) 3 milestone, which approves start of construction for the lead PSC when the DHS Under Secretary for Management approves the milestone.

Critical Infrastructure Protection: Agencies Need to Enhance Oversight of Ransomware Practices and Assess Federal Support

GAO-24-106221

Jan 30, 2024

Show

1 Open Recommendations

Agency Affected	Recommendation	Status Sort descending
Department of Homeland Security	The Secretary of Homeland Security should, in coordination with CISA and sector entities, develop and implement routine evaluation procedures that measure the effectiveness of federal support in helping reduce the risk of ransomware to the critical manufacturing sector. (Recommendation 6)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

DHS Service Contracts: Increased Oversight Needed to Reduce the Risk Associated with Contractors Performing Certain Functions

GAO-20-417

May 7, 2020

Show

1 Open Recommendations

Agency Affected	Recommendation	Status Sort descending
Department of Homeland Security	The Secretary of Homeland Security should direct the DHS Chief Procurement Officer to update the Inherently Governmental and Critical Functions Analysis to provide guidance for analyzing, documenting, and updating the federal workforce needed to perform or oversee service contracts requiring heightened management attention. (Recommendation 4)	Open DHS did not concur with this recommendation maintaining that the components are certifying that they have sufficient internal capacity or federal employees available for oversight within the Inherently Governmental and Critical Functions Analysis. We continue to believe, however, that without guidance, each component is making its own determination about which factors to consider, and DHS does not know how or whether the components are considering the federal workforce available to oversee service contracts in need of heightened management attention, or what steps, if any, the components are taking to mitigate risks if there are not enough federal personnel available to oversee the contracts after award. As of July 2023, DHS has not taken action to provide this type of guidance to its components.

Critical Infrastructure: Actions Needed to Better Secure Internet-Connected Devices

GAO-23-105327

Dec 1, 2022

Show

1 Open Recommendations

Agency Affected	Recommendation	Status Sort descending
Department of Homeland Security	The Secretary of Homeland Security should direct the Administrator of the Transportation Security Administration and the Commandant of the U.S Coast Guard to jointly work with the Department of Transportation's Office of Intelligence, Security and Emergency Response, as co-SRMAs for the transportation systems sector, to include IoT and OT devices as part of the risk assessments of their sector's cyber environment. (Recommendation 6)	Open In May 2023, DHS stated that the Transportation Security Administration (TSA) hired a cyber risk analyst to incorporate cybersecurity issues in an update to the Transportation Systems Sector Risk Assessment (TSSRA). DHS noted that TSA is working to develop an aviation sector cybersecurity risk methodology that includes consideration of IoT and OT devices found in the airport environment. In addition, DHS stated that the Department of Transportation is consulting with co-SRMA partners on National Security Council-led cybersecurity initiatives and expects to include IoT and OT related risk scenarios in the updated TSSRA by June 28, 2024.

Biometric Identity System: DHS Needs to Address Significant Shortcomings in Program Management and Privacy

GAO-23-105959

Sep 12, 2023

Show

1 Open Recommendations

Agency Affected	Recommendation	Status Sort descending
Department of Homeland Security	The Secretary of DHS should direct the OBIM Director to coordinate with the Privacy Office to establish and implement a timeline for updating the HART PIA to fully describe the categories of individuals whose data will be stored in HART and the partners with whom the system shares information. (Recommendation 3)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Artificial Intelligence: Fully Implementing Key Practices Could Help DHS Ensure Responsible Use for Cybersecurity

GAO-24-106246

Feb 7, 2024

Show

1 Open Recommendations

Agency Affected	Recommendation	Status Sort descending
Department of Homeland Security	The Director of CISA should document the sources and origins of data used to develop the Automated PII Detection component. (Recommendation 4)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Federal Contracting: Senior Leaders Should Use Leading Companies' Key Practices to Improve Performance

GAO-21-491

Jul 27, 2021

Show

1 Open Recommendations

Agency Affected	Recommendation	Status Sort descending
Department of Homeland Security	The Secretary of Homeland Security should ensure the DHS Chief Procurement Officer collaborates with end users to develop performance metrics for procurement organizations. (Recommendation 4)	Open DHS did not concur with this recommendation. However, in January 2022, DHS also stated the office of the Chief Procurement Officer would consider whether end-user feedback would enhance its performance metrics in a meaningful way. As of August 2023, DHS has not provided an update on this effort.

Cloud Security: Selected Agencies Need to Fully Implement Key Practices

GAO-23-105482

May 18, 2023

Show

1 Open Recommendations

Agency Affected	Recommendation	Status Sort descending
Department of Homeland Security	The Secretary of Homeland Security should ensure that the agency fully implements continuous monitoring for its selected IaaS system, to include performing a regular review of the continuous monitoring deliverables from the CSP. (Recommendation 9)	Open The agency stated that through its role on the Federal Risk and Authorization Management Program's Joint Authorization Board, it has performed a regular review of the continuous monitoring deliverables from the cloud service provider. In September 2023, the agency stated that the components and programs leveraging the service provider are responsible for reviewing the board's continuous monitoring reports. However, as of February 2024 we have not received evidence demonstrating that the officials responsible for the selected IaaS system had reviewed these reports. We will continue to monitor the agency's efforts to address our recommendation.