The Department of Homeland Security‘s inspector general has said DHS’ chief information officer and acting chief financial officer must work together to update financial management systems and associated information technology security programs.
KPMG was contracted to perform an audit of fiscal 2016 DHS financial statements as well as evaluate general information technology controls and business process application controls at the office of financial management and office of the CIO, according to a report published June 28.
The accounting firm found internal control deficiencies at OFM and OCIO that contributed to a DHS-wide material weakness in IT controls and financial systems.
“Specifically, with respect to financial systems at DHS, we noted certain matters in the general IT control areas of access controls, security management and configuration management,” KPMG told DHS’ IG in a written letter.
The deficiencies have affected OFM and OCIO’s capacity to maintain the confidentiality, integrity and availability of financial and operational data, the report noted.
KPMG also identified instances in which OFM and OCIO employees did not completely meet requirements to protect sensitive assets from unauthorized access or disclosure.
