Months before it moves to the heart of a new Home Affairs super-portfolio, the Immigration Department is failing to meet federal government cyber security standards and officials can't say when it will comply.

The security concerns were highlighted by a parliamentary committee report released on Wednesday, with MPs saying they remain "most concerned" Immigration and the Tax Office don't comply with mandatory 'top four' threat mitigation strategies, meaning their systems are not cyber resilient.

Immigration Department boss Michael Pezzullo. Credit:Alex Ellinghausen

The Australian Signals Directorate intelligence agency says full implementation of the strategies would prevent as much as 85 per cent of targeted cyber intrusions, but in 2015-16 only 65 per cent of non-corporate Commonwealth entities said they complied.

The ATO said it expects to be fully compliant by next month, but was slowed due a major outage of its online networks in December.