Aviation Security: A National Strategy and Other Actions Would Strengthen TSA's Efforts to Secure Commercial Airport Perimeters and Access Controls.GAO-09-399 September 30, 2009 Incidents of airport workers using access privileges to smuggle smug·gle v. smug·gled, smug·gling, smug·gles v.tr. 1. To import or export without paying lawful customs charges or duties. 2. To bring in or take out illicitly or by stealth. weapons through secured airport areas and onto planes have heightened concerns regarding commercial airport security. The Transportation Security Administration (TSA TSA See tax-sheltered annuity (TSA). ), along with airports, is responsible for security at TSA-regulated airports. To guide risk assessment and protection of critical infrastructure, including airports, the Department of Homeland Security Noun 1. Department of Homeland Security - the federal department that administers all matters relating to homeland security Homeland Security executive department - a federal department in the executive branch of the government of the United States (DHS DHS Department of Homeland Security (USA) DHS Department of Human Services DHS Department of Health Services DHS Demographic and Health Surveys DHS Dirhams (Morocco national currency) ) developed the National Infrastructure Protection Plan (NIPP NIPP National Infrastructure Protection Plan NIPP Nobody in Particular Presents (Denver music promoter) NIPP National Institute for Plant Protection (Vietnam) NIPP National Institute of Public Policy ). GAO was asked to examine the extent to which, for airport perimeters and access controls, TSA (1) assessed risk consistent with the NIPP; (2) implemented protective programs, and evaluated its worker screening pilots; and (3) established a strategy to guide decision making. GAO examined TSA documents related to risk assessment activities, airport security programs, and worker screening pilots; visited nine airports of varying size; and interviewed TSA, airport, and association officials. Although TSA has implemented activities to assess risks to airport perimeters and access controls, such as a commercial aviation threat assessment, it has not conducted vulnerability assessments for 87 percent of the nation's approximately 450 commercial airports or any consequence assessments. As a result, TSA has not completed a comprehensive risk assessment combining threat, vulnerability, and consequence assessments as required by the NIPP. While TSA officials said they intend to conduct a consequence assessment and additional vulnerability assessments, TSA could not provide further details, such as milestones for their completion. Conducting a comprehensive risk assessment and establishing milestones for its completion would provide additional assurance that intended actions will be implemented, provide critical information to enhance TSA's understanding of risks to airports, and help ensure resources are allocated to the highest security priorities. Since 2004, TSA has taken steps to strengthen airport security and implement new programs; however, while TSA conducted a pilot program to test worker screening methods, clear conclusions could not be drawn because of significant design limitations and TSA did not document key aspects of the pilot. TSA has taken steps to enhance airport security by, among other things, expanding its requirements for conducting worker background checks and implementing a worker screening program. In fiscal year 2008 TSA pilot tested various methods to screen airport workers to compare the benefits, costs, and impacts of 100 percent worker screening and random worker screening. TSA designed and implemented the pilot in coordination with the Homeland Security Institute (HSI (Hue Saturation Intensity) A color space similar to HSB. See HSB. ), a federally funded research and development center Federally Funded Research and Development Centers (FFRDCs) conduct research for the United States Government. They are administered in accordance with U.S Code of Federal Regulations, Title 48, Part 35, Section 35.017 by universities and corporations. . However, because of significant limitations in the design and evaluation of the pilot, such as the limited number of participating airports--7 out of about 450--it is unclear which method is more cost-effective. TSA and HSI also did not document key aspects of the pilot's design, methodology, and evaluation, such as a data analysis plan, limiting the usefulness of these efforts. A well-developed and well-documented evaluation plan can help ensure that pilots generate needed performance information to make effective decisions. While TSA has completed these pilots, developing an evaluation plan for future pilots could help ensure that they are designed and implemented to provide management and Congress with necessary information for decision making. TSA's efforts to enhance the security of the nation's airports have not been guided by a unifying national strategy that identifies key elements, such as goals, priorities, performance measures, and required resources. For example, while TSA's various airport security efforts are implemented by federal and local airport officials, TSA officials said that they have not identified or estimated costs to airport operators for implementing security requirements. GAO has found that national strategies that identify these key elements strengthen decision making and accountability; in addition, developing a strategy with these elements could help ensure that TSA prioritizes its activities and uses resources efficiently to achieve intended outcomes. Recommendations Our recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Open," "Closed - implemented," or "Closed - not implemented" based on our follow up work. Director: Stephen M. Lord Team: Government Accountability Office The Government Accountability Office (GAO) is the audit, evaluation, and investigative arm of the United States Congress, and thus an agency in the Legislative Branch of the United States Government. : Homeland Security and Justice Phone: (202) 512-4379 Recommendations for Executive Action ---------- Recommendation: To help ensure that TSA's actions in enhancing airport security are guided by a systematic risk management approach that appropriately assesses risk and evaluates alternatives, and that it takes a more strategic role in ensuring that government and stakeholder stakeholder n. a person having in his/her possession (holding) money or property in which he/she has no interest, right or title, awaiting the outcome of a dispute between two or more claimants to the money or property. actions and resources are effectively and efficiently applied across the nationwide network of airports, the Assistant Secretary of TSA should work with aviation stakeholders Stakeholders All parties that have an interest, financial or otherwise, in a firm-stockholders, creditors, bondholders, employees, customers, management, the community, and the government. to develop a comprehensive risk assessment for airport perimeter and access control security, along with milestones (i.e., time frames) for completing the assessment, that (1) uses existing threat and vulnerability assessment In antiterrorism, the pairing of a facility's threat analysis and vulnerability analysis. See also antiterrorism. activities, (2) includes consequence analysis, and (3) integrates all three elements of risk--threat, vulnerability, and consequence. As part of this effort, evaluate whether the current approach to conducting JVAs appropriately and reasonably assesses systems vulnerabilities, and whether an assessment of security vulnerabilities at airports nationwide should be conducted. If the evaluation demonstrates that a nationwide assessment should be conducted, develop a plan that includes milestones for completing the nationwide assessment. As part of this effort, leverage existing assessment information from industry stakeholders, to the extent feasible and appropriate, to inform its assessment. Agency Affected: Department of Homeland Security: Directorate of Border and Transportation Security: Transportation Security Administration Status: In process Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information. ---------- Recommendation: To help ensure that TSA's actions in enhancing airport security are guided by a systematic risk management approach that appropriately assesses risk and evaluates alternatives, and that it takes a more strategic role in ensuring that government and stakeholder actions and resources are effectively and efficiently applied across the nationwide network of airports, the Assistant Secretary of TSA should work with aviation stakeholders to ensure that future airport security pilot program evaluation Program evaluation is a formalized approach to studying and assessing projects, policies and program and determining if they 'work'. Program evaluation is used in government and the private sector and it's taught in numerous universities. and implementation efforts include a well-developed and well-documented evaluation plan that includes (1)measurable objectives, (2) criteria or standards for determining program performance, (3) a clearly articulated methodology, (4) a detailed data collection plan, and (5) a detailed data analysis plan. Agency Affected: Department of Homeland Security: Directorate of Border and Transportation Security: Transportation Security Administration Status: In process Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information. ---------- Recommendation: To help ensure that TSA's actions in enhancing airport security are guided by a systematic risk management approach that appropriately assesses risk and evaluates alternatives, and that it takes a more strategic role in ensuring that government and stakeholder actions and resources are effectively and efficiently applied across the nationwide network of airports, the Assistant Secretary of TSA should work with aviation stakeholders to develop milestones for meeting statutory requirements, in consultation with appropriate aviation industry stakeholders, for establishing system requirements To be used efficiently, all computer software needs certain hardware components or other software resources to be present on a computer system. These pre-requisites are known as (computer) system requirements and are often used as a guideline as opposed to an absolute rule. and performance standards for the use of biometric bi·o·met·rics n. (used with a sing. verb) The statistical study of biological phenomena. bi airport access control systems. Agency Affected: Department of Homeland Security: Directorate of Border and Transportation Security: Transportation Security Administration Status: In process Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information. ---------- Recommendation: To help ensure that TSA's actions in enhancing airport security are guided by a systematic risk management approach that appropriately assesses risk and evaluates alternatives, and that it takes a more strategic role in ensuring that government and stakeholder actions and resources are effectively and efficiently applied across the nationwide network of airports, the Assistant Secretary of TSA should work with aviation stakeholders to develop milestones for establishing agency procedures for reviewing airport perimeter and access control requirements imposed through security directives. Agency Affected: Department of Homeland Security: Directorate of Border and Transportation Security: Transportation Security Administration Status: In process Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information. ---------- Recommendation: To help ensure that TSA's actions in enhancing airport security are guided by a systematic risk management approach that appropriately assesses risk and evaluates alternatives, and that it takes a more strategic role in ensuring that government and stakeholder actions and resources are effectively and efficiently applied across the nationwide network of airports, the Assistant Secretary of TSA should work with aviation stakeholders to better ensure a unified approach among airport security stakeholders for developing, implementing, and assessing actions for securing airport perimeters and access to controlled areas, develop a national strategy for airport security that incorporates key characteristics of effective security strategies, including the following: (1) Measurable goals, priorities, and performance measures. TSA should also consider using information from other methods, such as covert COVERT, BARON. A wife; so called, from her being under the cover or protection of her husband, baron or lord. testing and proxy measures, to gauge progress toward achieving goals. (2) Program cost information and the sources and types of resources needed. TSA should also identify where those resources would be most effectively applied by exploring ways to develop and implement cost-benefit analysis to identify the most cost-effective alternatives for reducing risk. (3) Plans for coordinating activities among stakeholders, integrating airport security goals and activities with those of other aviation security priorities, and implementing security activities within the agency. Agency Affected: Department of Homeland Security: Directorate of Border and Transportation Security: Transportation Security Administration Status: In process Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information. Categories: Transportation, Access control, Accountability, Airport security, Background investigations, Commercial aviation, Cost effectiveness analysis, Critical infrastructure protection Department of Defense (DOD) program to identify and protect assets critical to the Defense Transportation System. Loss of a critical asset would result in failure to support the mission of a combatant commander. , Decision making, Homeland security, Homeland Security Presidential Directive-7, Internal controls, National Infrastructure Protection Plan, Port security assessment program, Program evaluation, Risk assessment, Risk management, Safety standards Safety standards are standards designed to ensure the safety of products, activities or processes, etc. They may be advisory or compulsory and are normally laid down by an advisory or regulatory body that may be either voluntary or statutory. , Security assessments, Strategic planning Strategic planning is an organization's process of defining its strategy, or direction, and making decisions on allocating its resources to pursue this strategy, including its capital and people. , Terrorism |
|
|||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion