An audit of the Department of Homeland Security’s fiscal information security practices noted some progress but found that DHS components did not maintain their security programs on a continuous, year-round basis.The report from the DHS Office of Inspector General states that performance metrics related to security authorization, for example, peaked during the annual reporting period for the Federal Information Security Modernization Act but dropped in subsequent months. That trend is an “indication that components are not complying with requirements to update and maintain systems’…documentation on a continuous basis,” the report states.
