LAW ENFORCEMENT SENSITIVE / FOR OFFICIAL USE ONLY
OFFICE OF INSPECTOR GENERAL
U.S. Department of Homeland Security
Appendix A:
Objective, Scope, and Methodology
The Department of Homeland Security Office of Inspector General was established by the
Homeland Security Act of 2002 (Pub. L. No. 107−296), which amended the Inspector General Act of
1978.
We issued this management alert as part of an ongoing audit of ICE’s mobile device management
and security. The objective of our ongoing audit is to determine the extent to which ICE manages
and secures its mobile devices. As part of our audit, from April 27 to August 17, 2023, we met with
ICE OCIO officials and staff within the Information Assurance Division, Systems Engineering
Division, Security Assurance Branch, Enterprise Services Branch, ICE SOC, ICE Homeland Security
Investigations, and the DHS Chief Information Security Officer. We conducted limited physical
testing of ICE devices with ICE supervision, reviewed system settings, used mobile applications,
and took screenshots of results.
We requested a listing of all personal applications installed on mobile devices identified by the
ICE MDM system. ICE officials explained they could provide a report of all the mobile applications
but could not provide a report identifying which devices had specific applications installed. The
report identified the application name, package ID, installed version, source name, and number
of installs of each application. Therefore, although unable to tie applications to specific devices,
we were able to review the total number of applications installed across the entire population of
devices managed by the ICE MDM. The data allowed us to quantify the number of devices with a
specific application installed by equating one install to one device. However, when reporting on
applications grouped by category, such as the number of devices with a file sharing application,
we did not equate application installs to a device. We did this because each device could have
multiple applications from a grouped category. We performed a limited data reliability
assessment by comparing MDM report figures to observations we made during a presentation of
the ICE MDM. We considered the information in the report to be sufficiently reliable for purposes
of our limited test. The report is a snapshot in time as of April 27, 2023.
We reviewed the various types of applications by their application names and package ID and
conducted open-source research available through application stores, commercial websites, and
application developer guide documents. We also reviewed NIST’s known vulnerability database,
CISA directives, public laws, and DHS and ICE mobile device policies. After completing our
analysis, we confirmed our findings with ICE OCIO officials, discussed their planned corrective
actions, and decided to issue this alert due to the potential immediate impacts on ICE mobile
device security.
We conducted this work pursuant to the Inspector General Act of 1978, 5 U.S.C. §§ 401–424, and in
connection with an ongoing audit being performed according to generally accepted government
www.oig.dhs.gov 12 OIG-24-02
LAW ENFORCEMENT SENSITIVE / FOR OFFICIAL USE ONLY