Skip to main content

Department of Homeland Security

Jump To:

Recent Reports

View More Reports

Open Recommendations (141 total)

DHS Financial Management: Actions Needed to Improve Systems Modernization and Address Coast Guard Audit Issues

GAO-23-105194
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Homeland Security DHS's Under Secretary for Management should ensure that the Joint Program Management Office works with FEMA to remediate issues as they arise from user testing prior to moving forward with subsequent milestones for the ongoing financial systems modernization efforts. (Recommendation 2)
Open
In commenting on our draft report, DHS officials concurred with the recommendation and described actions they planned to take. Specifically, DHS stated that the Joint Program Management Office (JPMO) will ensure that lessons learned from the Trio implementation translate into appropriate actions for the ongoing FEMA financial systems modernization efforts. This includes comprehensive discovery efforts to develop functional requirements documentation, incorporating standard DHS business processes, and detailed user acceptance testing. Additionally, DHS stated that it will ensure the resolution of identified issues prior to go-live of the new system. DHS noted that one critical lesson learned that will be incorporated into the FEMA modernization efforts is the need for early and consistent hands-on user testing throughout the implementation. Finally, DHS stated that JPMO will work with FEMA to ensure that contingency plans are in place to ensure that system conversion does not impact the ability to make critical disaster-related payments timely. This includes ensuring that legacy systems are available to continue with operations and developing strategies for mid-year cutover, if outstanding issues prevent a cutover at the beginning of a fiscal year. In August 2023, DHS stated that JPMO remains on track for comprehensive discovery efforts, development of requirements, and starting the discovery process with the system integrator by October 2023. DHS's overall estimated completion date for these actions remains September 30, 2024. We will continue to monitor the department's progress towards implementing this recommendation.

Artificial Intelligence: Fully Implementing Key Practices Could Help DHS Ensure Responsible Use for Cybersecurity

GAO-24-106246
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Homeland Security The Director of CISA should document its process for optimizing the elements used within the Automated PII Detection component. (Recommendation 6)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Transit Security: FEMA Should Improve Transparency of Grant Decisions

GAO-23-105956
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Homeland Security The Secretary of Homeland Security should ensure that the Administrator of FEMA selects Transit Security Grant Program project applications to recommend for award in accordance with FEMA's publicly disclosed merit review process, to include scoring criteria published in the Notice of Funding Opportunity. (Recommendation 2)
Open
As of January 2024, FEMA officials stated they plan to provide greater detail about the evaluation process in the "Application Review Information" section of the annual Notice of Funding Opportunity, following enactment of the FY 2024 DHS Appropriations Act. FEMA officials estimated completing this change by September 2024. We will continue to monitor FEMA's efforts to address this recommendation.

Agile Software Development: DHS Has Made Significant Progress in Implementing Leading Practices, but Needs to Take Additional Actions

GAO-20-213
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Homeland Security The Secretary should ensure that the CIO, in collaboration with the Chief Procurement Officer, through the Homeland Security Acquisition Institute, establish Agile training requirements for staff outside of the acquisition workforce but assigned to Agile programs. (Recommendation 7)
Open – Partially Addressed
As of September 2022, DHS has not yet fully addressed this recommendation. In September 2022, DHS stated that a detailed catalog of Agile courses is available in the DHS Learning Management System. DHS added that the availability of these courses has been communicated to all learning management leads across DHS. However, DHS stated that, after consultation with the DHS Chief Learning Officer's Council, the department has not made the courses mandatory. Nevertheless, DHS stated that its Agile Center of Excellence will continue to highlight and recommend the courses for introductory or non-acquisition personnel and senior executives in accordance with these recommendations.

DHS Service Contracts: Increased Oversight Needed to Reduce the Risk Associated with Contractors Performing Certain Functions

GAO-20-417
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Homeland Security The Secretary of Homeland Security should direct the DHS Chief Procurement Officer to, in coordination with the Office of Program Accountability and Risk Management, develop a risk-based approach for reviewing service requirements—through the Procurement Strategy Roadmap or other means—to ensure proposed service requirements are clearly defined and reviewed before planning how they are to be procured. (Recommendation 1)
Open
DHS disagreed with our recommendation, preferring to maintain the status quo in its policy and procedures. However, by doing so, DHS is missing important opportunities to prevent negative acquisition outcomes and the potential for wasted resources. In its response, DHS noted its processes for major acquisitions, however, DHS service programs and contracts did not rise to the level of being reviewed as a major service acquisition. As of July 2023, DHS has not taken additional actions to establish a risk-based headquarters approach for reviewing service requirements.

Biometric Identity System: DHS Needs to Address Significant Shortcomings in Program Management and Privacy

GAO-23-105959
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Homeland Security The Secretary of DHS should direct the Privacy Office to develop a timeline for completing the planned HART privacy compliance review. (Recommendation 5)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

DHS Acquisitions: Opportunities Exist to Enhance Risk Management

GAO-23-106249
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Homeland Security The Secretary of Homeland Security should ensure that when the Office of Program Accountability and Risk Management updates its risk management guidance, that it include leading principles on portfolio-level risk management. (Recommendation 3)
Open – Partially Addressed
DHS agreed with this recommendation. In December 2023, the Office of Program Accountability and Risk Management updated its risk management guidance to include some information on portfolio-level risks. This information provides a high-level explanation on planning for portfolio risks and prompts programs to identify portfolio risks in risk registers. However, the guidance does not include other leading principles on portfolio-level risk management, such as communicating how risks may affect other programs.

Countering Illicit Finance and Trade: Better Information Sharing and Collaboration Needed to Combat Trade-Based Money Laundering

GAO-22-447
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Homeland Security The Secretary of Homeland Security should ensure the Director of Immigration and Customs Enforcement takes steps to enable and implement sharing of the Trade Transparency Unit's trade data—including for the purposes of trade data analysis about patterns or trends of illicit activity related to trade-based money laundering and similar schemes—with U.S agencies with roles and responsibilities related to enforcing trade laws and combating illicit financial activity, as appropriate. (Recommendation 2)
Open
As of February 2022, ICE officials said the agency does not have authority to share the data with other entities because ICE's data-sharing agreements with foreign countries prohibit the sharing of their information, and data sharing agreements among U.S. law enforcement agencies provide a mechanism to request access and authorization if an agency needs access. However, in technical comments ICE officials noted their willingness to share their unique data with other federal agencies--for example, by partnering with relevant agencies to analyze data and identify trends within a working group capacity. As of March 2024, the agency had no update. We continue to believe the recommendation is warranted and can be accomplished.

Artificial Intelligence: Agencies Have Begun Implementation but Need to Complete Key Requirements

GAO-24-105980
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Homeland Security The Secretary of Homeland Security should ensure that the department updates its AI use case inventory to include all the required information, at minimum, and takes steps to ensure that the data in the inventory aligns with provided instructions. (Recommendation 18)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

DHS Financial Management: Actions Needed to Improve Systems Modernization and Address Coast Guard Audit Issues

GAO-23-105194
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Homeland Security DHS's Under Secretary for Management should ensure that the Joint Program Management Office works with ICE to remediate issues as they arise from user testing prior to moving forward with subsequent milestones for the ongoing financial systems modernization efforts. (Recommendation 3)
Open
In commenting on our draft report, DHS officials concurred with the recommendation and described actions they planned to take. Specifically, DHS stated that the Joint Program Management Office (JPMO) will ensure that lessons learned from the Trio implementation translate into appropriate actions for the ongoing ICE and ICE customer financial systems modernization efforts. This includes comprehensive discovery efforts to develop functional requirements documentation, incorporating business processes, and detailed user acceptance testing. Additionally, DHS stated that it will ensure the resolution of identified issues prior to go-live of the new system. DHS noted that one critical lesson learned that will be incorporated into the ICE modernization efforts is the need for early and consistent hands-on user testing throughout the implementation. In August 2023, DHS stated that JPMO remains on track for comprehensive discovery efforts, development of requirements, and starting the discovery process with the system integrator by October 2023. DHS's overall estimated completion date for these actions remains September 30, 2024. We will continue to monitor the department's progress towards implementing this recommendation.
View More Recommendations

Related Pages