By Brian Robinson
Nov. 14, 2006
The Homeland Security Departments information technology security,
program management and procurement practices will be among the prime
targets of the departments inspector general during fiscal 2007,
according to the IGs recently published annual performance plan.
The plan lays out the Office of the IGs road map for the inspections and
audits it expects to conduct during the year to evaluate the progress of
DHS programs and operations, particularly in relation to the major
management challenges they face.
Security is an obvious concern, especially when it comes to mobile
devices. The OIG is planning at least four audits of laptop security in
its own workplace and in Customs and Border Protection, the Science and
Technology Directorate, and the Federal Emergency Management Agency.
It also expects to conduct a departmentwide audit of physical and
logical access controls for devices such as personal digital assistants
and cell phones. Phones in particular are becoming multifunctional
devices, the OIG said, with next-generation models already on the market
incorporating PDA, infrared, wireless Internet, e-mail and global
However, each new development will present its own security risks, the
OIG said. Vulnerabilities may exist when using PDAs attached to personal
computers or other network-connected devices.
Other security concerns the OIG expects to tackle involve the protection
of personal information and the overall compliance of DHS component
agencies with a departmentwide security program.
One specific goal is an audit of the management oversight of DHS
data-mining activities. In a report it published in June, the OIG
identified a dozen systems that DHS employees use for that purpose.
The office is also planning closer oversight of the management and
acquisition practices of major technology programs.
A critical component of the Secure Border Initiative, for example, is
SBInet, which replaces two former programs, the Integrated Surveillance
Intelligence System and the Americas Shield initiative.
The OIG will conduct a review of how SBInet program managers use lessons
learned from other programs to minimize risks, and, as congressionally
mandated, will also conduct an audit of each contract or task order
valued at more than $20 million.
Other technology programs the OIG expects to examine during the year
include those at the Transportation Security Administration, the U.S.
Citizenship and Immigration Services IT modernization, and the Coast
Guards enterprise architecture implementation.
Overall, the OIG identified 17 areas as posing the most serious
management challenges for DHS in fiscal 2007. Answering fundamental
questions within each area will help determine how the department is
performing, the OIG said, and will help highlight ways to improve
programs and operations.
Subscribe to InfoSec News