IG Deems DHS Intel System Management 'Effective'

But Concerns Raised About Coast Guard Support System
IG Deems DHS Intel System Management 'Effective'
The Department of Homeland Security inspector general expressed a few reservations about DHS's enterprise-wide security program and practices for its top secret/sensitive compartmented information intelligence system, but generally called the management of the system effective.

In an unclassified summary of the audit made public Tuesday, the IG said the overall IT security procedures have been documented and adequate security controls have been implemented. Nonetheless, the IG said "issues remain" regarding the effectiveness of management oversight and operational issues.

"We have concerns with the documentation for the Coast Guard Intelligence Support System certification and accreditation package and the information system security training and awareness program for intelligence personnel," the summary said. "Also, we identified security issues with the classified local area network and Coast Guard Intelligence Support System. We recommended that the undersecretary for intelligence and analysis address the open recommendations identified during our review. The department concurred with all four recommendations."

The Federal Information Security Management Act required the IG to review the department's security management, implementation, and evaluation of its intelligence activities, including its policies, procedures and system security controls for enterprise-wide intelligence systems. The IG assessed the department's plan of action and milestones, certification and accreditation and incident reporting processes, as well as its security training and awareness program.

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.