We reviewed DHS' information security program in accordance with the 'Federal Information Security Modernization Act of 2014' (FISMA). Our objective was to determine whether DHS' information security program and practices were adequate and effective in protecting the information and information systems that supported DHS' operations and assets in fiscal year 2017. We are making five recommendations to the Chief Information Security Officer to enhance oversight of DHS' information security program in the areas of plans of action and milestones, security authorization, continuous monitoring, and configuration management.
展开▼