An audit of the Department of Homeland Security’s fiscal 2015 information security practices noted some progress but found that DHS components did not maintain their security programs on a continuous, year-round basis.
The report from the DHS Office of Inspector General states that performance metrics related to security authorization, for example, peaked during the annual reporting period for the Federal Information Security Modernization Act of 2014 but dropped in subsequent months. That trend is an “indication that components are not complying with requirements to update and maintain systems’…documentation on a continuous basis,” the report states.
