Excessive Unauthorized Access at DHSIG Audit: Critical Data May be Exposed Are too many wandering eyes employing Department of Homeland Security's IT systems to gander sensitive DHS financial documents?
An audit by DHS's inspector general, made public Wednesday, identified IT general control weaknesses, the most significant from a financial statement audit perspective that includes:
"Collectively, the IT control weaknesses limited DHS's ability to ensure that critical financial and operational data were maintained in such a manner to ensure confidentiality, integrity and availability," the 140-page, heavily redacted audit states. "In addition, these weaknesses negatively impacted the internal controls over DHS's financial reporting and its operation and we consider them to collectively represent a material weakness for DHS under standards established by the American Institute of Certified Public Accountants."
The audit wasn't all critical of DHS's performance. "During FY 2008, DHS components took significant steps to improve their financial system security and address prior year IT control weaknesses, which resulted in the closure of more than 40 percent of our prior year IT control findings," the audit says. "Additionally, some DHS components reduced the severity of the weaknesses when compared to findings reporting in the prior year."