Status of Key Recommendations GAO Has Made to DHS and Its Legacy Agencies
Gao ID: GAO-04-865R July 2, 2004Since the terrorist attacks of September 11, 2001, the federal government has undertaken numerous actions to enhance the nation's homeland security, including the creation of the Department of Homeland Security (DHS). One of the primary reasons for the establishment of DHS was to unify the vast national network of organizations and institutions involved in efforts to protect our nation. Since it began operations on March 1, 2003, DHS has faced enormous challenges to protect the nation from terrorism while it organizes itself into a coherent and integrated agency. We support Congress by reviewing various government programs and activities to help improve their performance and accountability. When our work identifies a significant need for action by the Congress or an agency, we develop recommended solutions. These recommendations identify actions we believe the department, agency, bureau, or office should implement to ensure government programs operate effectively and efficiently. This report responds to a Congressional request that we provide status information on key recommendations we have made to DHS and its legacy agencies. On June 30, 2004, we briefed Congress on the results of our review. This report transmits information provided during that briefing, including (1) the status of key GAO recommendations issued to DHS, (2) timeframes DHS established for implementing key recommendations, and (3) challenges DHS faces in implementing such recommendations.
As of June 28, 2004, DHS had implemented 40 of 104 recommendations that we consider key to the agency's ability to effectively fulfill its homeland security mission. DHS is currently addressing another 63 key recommendations. Additionally, GAO closed one key recommendation in August 2001, although action taken by one of DHS's legacy agencies did not fully address the intent of the recommendation prior to closure. Of the 104 key recommendations issued to DHS, 38 were issued prior to the agency's official formation on March 1, 2003. Of these, 20 have been fully implemented. The other 66 recommendations were issued after the creation of DHS. Of these 66, 20 have been fully implemented. More than half of the key recommendations--60--have been directed to BTS or its legacy agencies, which address border and transportation security as well as immigration enforcement. Of these, 27 have been fully implemented, while another 33 are currently being addressed by BTS. DHS's efforts to address the key recommendations have generated positive results toward improved mission effectiveness. For example, the 27 recommendations fully implemented within DHS's BTS directorate have resulted in a reduction in the vulnerabilities and inefficiencies of the land ports of entry inspection process. BTS has also benefited with respect to more timely and accurate information pertaining to the smuggling of aliens and the legal status of immigrants. Within the EPR directorate, the implementation of 3 of the key 6 recommendations have resulted in improved emergency response and related planning efforts. DHS provided documentation and other information to us describing specific actions taken by the agency or its legacy agencies to implement 55 of the 63 remaining key recommendations. This documentation provides information on timeframes for planned implementation of actions pertaining to 38 of the recommendations. For example, one document describes preparation of a National Plan for Critical Infrastructure and Key Resources Protection, with a completion date of December 17, 2004. DHS did not provide timeframes for 6 key recommendations because it maintains that it has taken action to fully implement these recommendations. Effective implementation of the remaining 63 key recommendations could also help to strengthen mission effectiveness. For example, effective implementation of the remaining 33 recommendations related to the BTS directorate could result in reducing the nation's current security vulnerabilities in such activities as passenger screening, border security, and ports of entry. Similarly, the implementation of the remaining 3 recommendations related to the EPR directorate could better position the federal government to provide essential services in the event of a disaster. While DHS is working to address the remaining 63 key recommendations, agency documents and other information DHS provided indicated that the agency faces challenges related to 24 of these recommendations, such as funding and other resource constraints. These challenges will need to be overcome for DHS to effectively address these recommendations.
GAO-04-865R, Status of Key Recommendations GAO Has Made to DHS and Its Legacy Agencies
This is the accessible text file for GAO report number GAO-04-865R
entitled 'Status of Key Recommendations GAO Has Made to DHS and Its
Legacy Agencies' which was released on July 16, 2004.
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as part
of a longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
United States General Accounting Office:
Washington, DC 20548:
July 2, 2004:
The Honorable Jim Turner:
Ranking Member:
Select Committee on Homeland Security:
House of Representatives:
Subject: Status of Key Recommendations GAO Has Made to DHS and Its
Legacy Agencies:
Dear Mr. Turner:
Since the terrorist attacks of September 11, 2001, the federal
government has undertaken numerous actions to enhance the nation's
homeland security, including the creation of the Department of Homeland
Security (DHS). One of the primary reasons for the establishment of DHS
was to unify the vast national network of organizations and
institutions involved in efforts to protect our nation. Since it began
operations on March 1, 2003, DHS has faced enormous challenges to
protect the nation from terrorism while it organizes itself into a
coherent and integrated agency. As you know, we support Congress by
reviewing various government programs and activities to help improve
their performance and accountability. When our work identifies a
significant need for action by the Congress or an agency, we develop
recommended solutions. These recommendations identify actions we
believe the department, agency, bureau, or office should implement to
ensure government programs operate effectively and efficiently. We have
issued numerous recommendations to DHS and its legacy agencies to
improve the programs and activities they administer.
This report responds to your request that we provide you with status
information on key recommendations we have made to DHS and its legacy
agencies. On June 30, 2004, we briefed your office on the results of
our review. This report transmits information provided during that
briefing, including (1) the status of key GAO recommendations issued to
DHS, (2) timeframes DHS established for implementing key
recommendations, and (3) challenges DHS faces in implementing such
recommendations.
This report is one in a series of GAO efforts to assess and baseline
the progress and effectiveness of federal agency efforts to improve
homeland security mission performance. We recently evaluated and
reported on congressionally chartered commissions' recommendations, by
mission area, related to homeland security.[Footnote 1] In addition, we
have ongoing work on key departments' plans to implement the National
Strategy for Homeland Security and the challenges they will face in
doing so. Efforts to implement key recommendations from GAO,
congressionally chartered commissions, or other homeland security
experts, to incorporate critical actions into agency strategic plans,
and to identify milestones, timelines, and challenges will provide
measures by which to assess whether homeland security is being
improved.
Background:
Under the Homeland Security Act of 2002,[Footnote 2] 22 federal
agencies were merged into DHS, which officially began operations as a
new department on March 1, 2003. To carry out its responsibilities, DHS
is organized into four directorates and one division.
The Border and Transportation Security (BTS) Directorate (BTS), which
is responsible for maintaining the security of our nation's borders and
transportation systems and enforcing the nation's immigration laws.
Additionally, BTS manages and coordinates port-of-entry activities and
oversees the protection of government buildings.
The Emergency Preparedness and Response (EPR) Directorate, which is
tasked with helping the nation prepare for catastrophes, whether
natural disasters or the result of terrorist-related attacks. As such,
EPR coordinates with first responders and oversees the federal
government's national response and recovery strategy.
The Information Analysis and Infrastructure Protection (IAIP)
Directorate, which identifies and assesses threats to the homeland,
maps those threats against vulnerabilities, issues warnings, and
recommends measures necessary to protect the key resources and critical
infrastructure of the United States.
The Science and Technology (S&T) Directorate, which coordinates DHS's
efforts in research and development. As such, S&T is responsible for
organizing the scientific and technological resources of the United
States to assist in preventing or mitigating the impact resulting from
terrorist attacks against the United States or its allies.
The Management Division, which is responsible for administering DHS's
budget, financial management systems, procurement activities, human
resources functions, information technology systems, facilities
management, and performance measurement efforts.
Scope and Methodology:
To address the status of key recommendations we issued to DHS, the
timeframes DHS established for implementing key
recommendations,[Footnote 3] and related challenges, we reviewed 325
recommendations made in our unclassified and limited official use
reports issued to DHS and its 22 legacy agencies between March 1, 1997,
and March 1, 2004. We selected March 1, 2004, because it reflects the
1-year anniversary of the operational startup of DHS. We then consulted
with the subject matter experts that made these recommendations to
prioritize them according to the greatest risk. As a result, we
identified 104 key recommendations that reflect actions we believe
should be taken either to aid in securing the nation's homeland or to
swiftly and appropriately respond to future terrorist attacks.[Footnote
4]
We also met with DHS officials and obtained documentation on actions
taken to implement key recommendations, timeframes established for the
implementation of these recommendations, and related challenges facing
DHS. We then analyzed this documentation and consulted with our subject
matter experts to assess the status of each recommendation discussed in
the documentation based on actions DHS reported taking. As part of this
assessment, our subject matter experts reviewed documentation provided
by DHS to verify that certain actions DHS reported taking to implement
key recommendations were completed. In some cases, complete
verification of actions taken would have required extensive follow-up
audit work. Thus, in these cases, our experts reviewed documentation
provided and discussed actions taken with agency officials.
We conducted our work from January through June 2004 in accordance with
generally accepted government auditing standards.
Results:
As of June 28, 2004, DHS had implemented 40 of 104 recommendations that
we consider key to the agency's ability to effectively fulfill its
homeland security mission. For a list of implemented recommendations,
see enclosure II. DHS is currently addressing another 63 key
recommendations. For a list of recommendations not yet fully
implemented, see enclosure III. Additionally, GAO closed one key
recommendation in August 2001, although action taken by one of DHS's
legacy agencies did not fully address the intent of the recommendation
prior to closure.
Of the 104 key recommendations issued to DHS, 38 were issued prior to
the agency's official formation on March 1, 2003. Of these, 20 have
been fully implemented. The other 66 recommendations were issued after
the creation of DHS. Of these 66, 20 have been fully implemented.
More than half of the key recommendations--60--have been directed to
BTS or its legacy agencies, which address border and transportation
security as well as immigration enforcement. Of these, 27 have been
fully implemented, while another 33 are currently being addressed by
BTS.
DHS's efforts to address the key recommendations have generated
positive results toward improved mission effectiveness. For example,
the 27 recommendations fully implemented within DHS's BTS directorate
have resulted in a reduction in the vulnerabilities and inefficiencies
of the land ports of entry inspection process. BTS has also benefited
with respect to more timely and accurate information pertaining to the
smuggling of aliens and the legal status of immigrants. Within the EPR
directorate, the implementation of 3 of the key 6 recommendations have
resulted in improved emergency response and related planning efforts.
DHS provided documentation and other information to us describing
specific actions taken by the agency or its legacy agencies to
implement 55 of the 63 remaining key recommendations.[Footnote 5] This
documentation provides information on timeframes for planned
implementation of actions pertaining to 38 of the recommendations. For
example, one document describes preparation of a National Plan for
Critical Infrastructure and Key Resources Protection, with a completion
date of December 17, 2004.[Footnote 6] DHS did not provide timeframes
for 6 key recommendations because it maintains that it has taken action
to fully implement these recommendations.
Effective implementation of the remaining 63 key recommendations could
also help to strengthen mission effectiveness. For example, effective
implementation of the remaining 33 recommendations related to the BTS
directorate could result in reducing the nation's current security
vulnerabilities in such activities as passenger screening, border
security, and ports of entry. Similarly, the implementation of the
remaining 3 recommendations related to the EPR directorate could better
position the federal government to provide essential services in the
event of a disaster.
While DHS is working to address the remaining 63 key recommendations,
agency documents and other information DHS provided indicated that the
agency faces challenges related to 24 of these recommendations, such as
funding and other resource constraints. These challenges will need to
be overcome for DHS to effectively address these recommendations.
Agency Comments:
We provided a draft copy of this report to DHS for comment. DHS
provided formal written comments, which are presented in enclosure IV.
In commenting on the draft report, DHS noted that it generally welcomed
the insight and guidance our recommendations impart. DHS also stated
that they would like us to work with its staff to develop a functional
approach to consolidate and resolve open recommendations, allowing DHS
to devote appropriate attention to current homeland security issues.
The recommendations discussed in this report focus on homeland security
issues that are key to DHS's ability to effectively fulfill its
homeland security mission. Therefore, we believe implementation of
these recommendations will help reduce current vulnerabilities in areas
such as passenger screening, border security, and ports of entry. DHS
also suggested that we consider closing recommendations that are no
longer applicable due to evolving missions. In conducting this review,
we considered the validity and applicability of all key recommendations
yet to be implemented in light of DHS' mission and concluded that the
recommendations are still valid. Additionally, DHS noted that we should
take into account that some recommendations were previously targeted to
legacy units (such as the such as the National Infrastructure
Protection Center or the Critical Infrastructure Assurance Office) that
are now dissolved or partially integrated into DHS. We agree that some
legacy units no longer exist. However, while the entities no longer
exist, their overall goals and objectives with respect to homeland
security are still vital. Consequently, the responsibility for
implementing the key recommendations in this report previously targeted
to these entities now resides with DHS.
We have and will continue to work with DHS to enhance the process and
clarify the criteria for closing recommendations. We recognize the
tremendous responsibility DHS has and the importance of the agency
succeeding in its mission to ensure the safety and security of the
nation's citizens. We continue to believe that effective implementation
of our key recommendations can greatly assist DHS in achieving this
goal.
We plan no further distribution of this report until 30 days after the
date of this report. At that time, we will send copies of this report
to the Subcommittee on Homeland Security, Senate Appropriations
Committee; Senate Governmental Affairs Committee; Subcommittee on
Homeland Security, House Appropriations Committee; House Government
Reform Committee; the Chairman, House Select Committee on Homeland
Security; the Secretary of Homeland Security; the Director, Office of
Management and Budget, and other interested parties. We will also make
copies available to others on request.
In addition, the report will be available on GAO's Web site at http://
www.gao.gov. If you or your staff have any questions about this report,
please contact me at (202) 512-8777 or by e-mail at yimr@gao.gov or
Debra Sebastian at (202) 512-9385 or by e-mail at sebastiand@gao.gov.
Key contributors to this report were Amy Bernstein, Roosevelt R. Burns,
R.E. Canjar, Amanda Rose, Gladys Toro, and Margaret A. Ullengren.
Sincerely yours,
Signed by:
Randall A. Yim, Managing Director:
Homeland Security and Justice Issues:
Enclosures - IV:
[End of section]
Enclosure 1: Briefing to Ranking Member Turner:
[See PDF for image]
[End of slide presentation]
[End of section]
Enclosure II: List of Key GAO Recommendations to DHS That Have Been
Fully Implemented:
Directorate of Border and Transportation Security[B]:
Report title: Homeland Security: Risks Facing Key Border and
Transportation Security Program Need to Be Addressed;
Key recommendation[A]: To address the U.S. Visitor and Immigrant
Status Indicator Technology (US-VISIT) as a governmentwide program and
to minimize the risks facing the program, the Secretary of Homeland
Security, in collaboration with cabinet officials from US-VISIT
stakeholder departments and agencies, should establish and charter an
executive body, chaired by the Secretary's designee, potentially co-
chaired by the leadership from key stakeholder departments and
agencies, and composed of appropriate senior-level representatives
from DHS and each stakeholder organization, to guide and direct the
US-VISIT program;
Report number and date of issuance: GAO-03-1083 (September 19, 2003).
Report title: Homeland Security: Limited Progress in Deploying
Radiation Detection Equipment at U.S. Ports of Entry;
Key recommendation[A]: In order to ensure that the Bureau of Customs
and Border Protection (BCBP) deploys radiation detection equipment as
efficiently and quickly as possible, the Commissioner of Customs should
complete BCBP's plan for deploying radiation detection equipment at
U.S. ports of entry, including total costs and schedules for all
categories of entry points;
Report number and date of issuance: GAO- 03-963 LOU (September 4,
2003).
Report title: Land Border Ports of Entry: Vulnerabilities and
Inefficiencies in the Inspections Process;
Key recommendation[A]: In relation to land border ports of entry, the
Commissioner of BCBP should review existing security arrangements and
controls over persons referred for secondary inspections at all ports
of entry and take steps to address any identified weaknesses;
Report number and date of issuance: GAO-03-782NI (July 11, 2003).
Report title: Land Border Ports of Entry: Vulnerabilities and
Inefficiencies in the Inspections Process;
Key recommendation[A]: In relation to land border ports of entry, the
Commissioner of BCBP should develop and implement a field-training
program that provides on-the-job training to new inspectors before they
independently conduct inspections, and continuing training to all
inspectors to sharpen their skills;
Report number and date of issuance: GAO-03-782NI (July 11, 2003).
Report title: Land Border Ports of Entry: Vulnerabilities and
Inefficiencies in the Inspections Process;
Key recommendation[A]: In relation to land border ports of entry, the
Commissioner of BCBP should establish a standard list of essential
equipment for all inspectors stationed at land border ports and ensure
such equipment is provided;
Report number and date of issuance: GAO-03-782NI (July 11, 2003).
Report title: Land Border Ports of Entry: Vulnerabilities and
Inefficiencies in the Inspections Process;
Key recommendation[A]: BCBP should provide all border inspectors with
continuing training on the detection of fraudulent documents and
establish controls to ensure that such training is received at
appropriate intervals;
Report number and date of issuance: GAO-03-782NI (July 11, 2003).
Report title: Foreign Military Sales: Actions Needed to Provide Better
Controls over Exported Defense Articles;
Key recommendation[A]: To strengthen the BCBP's role in controlling
the export of Foreign Military Sales (FMS) shipments, the Secretary of
Homeland Security should revise guidelines on seizure authority over
FMS exports to clearly establish Customs inspectors' authority to
seize FMS articles when exports violate laws or regulations;
Report number and date of issuance: GAO-03-599 (June 5, 2003).
Report title: Foreign Military Sales: Actions Needed to Provide Better
Controls over Exported Defense Articles;
Key recommendation[A]: To strengthen BCBP's role in controlling the
export of FMS shipments, the Secretary of Homeland Security should
establish guidelines for the proper recording and subtracting of FMS
shipments against the appropriate export value, as defined by the
interagency work group mentioned previously;
Report number and date of issuance: GAO-03-599 (June 5, 2003).
Report title: Foreign Military Sales: Actions Needed to Provide Better
Controls over Exported Defense Articles;
Key recommendation[A]: To strengthen BCBP's role in controlling the
export of FMS shipments, the Secretary of Homeland Security should
ensure each shipment matches the information provided in FMS's shipping
document noted in the previous recommendation;
Report number and date of issuance: GAO-03-599 (June 5, 2003).
Report title: Rail Safety and Security: Some Actions Already Taken to
Enhance Rail Security, but Risk-based Plan Needed;
Key recommendation[A]: To help meet the requirement to secure all
modes of transportation under the Aviation and Transportation Security
Act, the Secretary of Homeland Security should work jointly with the
Secretary of Transportation to develop a risk-based plan that
specifically addresses the security of the nation's rail
infrastructure. This plan should build upon the railroad industry's
experience with rail infrastructure and the transportation of hazardous
materials and establish time frames for implementing specific security
actions necessary to protect hazardous material rail shipments. Among
the areas that should be addressed in developing this plan are (1) the
appropriate roles of the private sector and federal, state, and local
governments; (2) minimum security standards for hazardous materials
stored in transit in rail cars; and (3) the appropriate level of
disclosure to local communities of the types and quantities of
hazardous materials passing through or stored in transit in these
communities;
Report number and date of issuance: GAO-03-435 (April 30, 2003).
Report title: Customs Service Modernization: Automated Commercial
Environment Progressing, but Further Acquisition Management
Improvements Needed;
Key recommendation[A]: The Commissioner of the Customs Service should
direct the Chief Information Officer (CIO) to immediately develop and
implement each of the missing Software Engineering Institute Software
Acquisition Capability Maturity Model practices for the key process
areas discussed in this report and, until this is accomplished, report
to its appropriations subcommittees quarterly on the progress of its
efforts to do so;
Report number and date of issuance: GAO-03-406 (February 28, 2003).
Report title: Aviation Security: Vulnerabilities and Potential
Improvements for the Air Cargo System;
Key recommendation[A]: The Under Secretary of Transportation for
Security should develop a comprehensive plan for air cargo security
that includes priority actions identified on the basis of risk, costs
of these actions, deadlines for completing those actions, and
performance targets;
Report number and date of issuance: GAO-03-344 (December 20, 2002).
Report title: Customs Service Modernization: Management Improvements
Needed on High-Risk Automated Commercial Environment Project;
Key recommendation[A]: To improve Customs' Automated Commercial
Environment (ACE) modernization management, the Customs Service
Commissioner should direct the chief information officer, as the
designated modernization executive, to develop and implement process
controls for the Software Engineering Institute's Software Acquisition
Capability Maturity Model level 2 key process areas and the level 3
acquisition risk management key process area;
Report number and date of issuance: GAO-02-545 (May 13, 2002).
Report title: Customs Service Modernization: Management Improvements
Needed on High-Risk Automated Commercial Environment Project;
Key recommendation[A]: To improve Customs' ACE modernization
management, the Customs Service Commissioner should direct the chief
information officer, as the designated modernization executive, to
certify to Customs' House and Senate appropriations subcommittees,
before building each ACE release (i.e., beginning detailed design and
development), that the enterprise architecture has been sufficiently
extended to provide the requisite enterprise design content and has
been updated to ensure consistency and integration across business
areas;
Report number and date of issuance: GAO-02-545 (May 13, 2002).
Report title: Defense Trade: Lessons to Be Learned from the Country
Export Exemption;
Key recommendation[A]: To strengthen enforcement activities, the
Commissioner of the U.S. Customs Service should update, finalize, and
disseminate its guidance on defense export inspection requirements to
all inspectors;
Report number and date of issuance: GAO-02-63 (March 29, 2002).
Report title: Defense Trade: Lessons to Be Learned from the Country
Export Exemption;
Key recommendation[A]: To strengthen enforcement activities, the
Commissioner of the U.S. Customs Service should assess the threat of
illegal defense exports at all ports along the northern border and
evaluate whether reallocation of its inspectors, additional training,
or other actions are warranted to augment the capability of inspectors
to enforce export regulations;
Report number and date of issuance: GAO-02-63 (March 29, 2002).
Report title: Information Technology Management: Coast Guard Practices
Can Be Improved;
Key recommendation[A]: In order to improve the Coast Guard's
Information Technology management practices, the Secretary of
Transportation should direct the Coast Guard Commandant to ensure that
the appropriate officials implement appropriate corrective actions on
the network security weaknesses that GAO identified;
Report number and date of issuance: GAO-01-190 (December 12, 2000).
Report title: Alien Smuggling: Management and Operational Improvements
Needed to Address;
Key recommendation[A]: The Commissioner of the Immigration and
Naturalization Service (INS) should establish criteria for opening an
anti-smuggling case to help ensure that INS' s anti- smuggling
resources are focused on the highest-priority cases;
Report number and date of issuance: GGD-00-103 (May 1, 2000).
Report title: Alien Smuggling: Management and Operational Improvements
Needed to Address Growing Problem;
Key recommendation[A]: The Commissioner of INS should establish a cost-
effective case tracking and management system of alien smuggling
investigations that is automated, agencywide, and readily available to
investigative personnel and program managers to facilitate the sharing
of case information and prevent duplication of effort;
Report number and date of issuance: GGD-00-103 (May 1, 2000).
Report title: Alien Smuggling: Management and Operational Improvements
Needed to Address Growing Problem;
Key recommendation[A]: The Commissioner of INS should require that
intelligence reports be prepared using a database format so the
information can be systematically analyzed;
Report number and date of issuance: GGD-00- 103 (May 1, 2000).
Report title: Drug Control: INS and Customs Can Do More To Prevent
Drug-Related Employee Corruption;
Key recommendation[A]: The Attorney General should require the
Commissioner of INS to comply with policies that require employment
reinvestigations to be completed when they are due;
Report number and date of issuance: GGD-99-31 (March 30, 1999).
Report title: Drug Control: INS and Customs Can Do More To Prevent
Drug-Related Employee Corruption;
Key recommendation[A]: The Attorney General should direct the
Commissioner of INS to strengthen internal controls at Southwest
Border ports of entry and at Border Patrol checkpoints by
establishing: (1) one or more methods to deprive drivers of their
choice of inspection lanes at ports of entry; (2) a policy for the
inspection of law enforcement officers or their vehicles at ports of
entry and Border Patrol checkpoints; and (3) a recusal policy
concerning the performance of inspections by immigration inspectors
and Border Patrol agents where their objectivity may be in question;
Report number and date of issuance: GGD-99-31 (March 30, 1999).
Report title: Drug Control: INS and Customs Can Do More to Prevent
Drug-Related Employee Corruption;
Key recommendation[A]: The Secretary of the Treasury should direct the
Commissioner of Customs to strengthen internal controls at Southwest
Border ports of entry by establishing: (1) one or more methods to
deprive drivers of their choice of inspection lanes; (2) a policy for
inspection of law enforcement officers and their vehicles; and (3) a
recusal policy concerning the performance of inspections by Customs
inspectors where their objectivity may be in question;
Report number and date of issuance: GGD-99-31 (March 30, 1999).
Report title: Immigration Statistics: Information Gaps, Quality Issues
Limit Utility of Federal Data to Policymakers;
Key recommendation[A]: To reduce the uncertainty associated with
statistical estimates of relevant demographic concepts other than
immigration flow, fill information gaps for specific legal statuses,
and address fragmented reporting, the Commissioner of INS and the
Director of the Bureau of the Census should together further develop,
test, and evaluate the three-card method that GAO devised for surveying
foreign-born about their legal status;
Report number and date of issuance: GGD-98-164 (July 31, 1998).
Report title: INS Management: Follow-up on Selected Problems;
Key recommendation[A]: To help achieve the reorganization goals, the
INS Commissioner should determine whether staffing levels need to be
adjusted for programs, field operations, and regional offices to
accomplish their prescribed roles and responsibilities consistent with
the respective mission and workloads for each office;
Report number and date of issuance: GGD-97-132 (July 22, 1997).
Report title: Criminal Aliens: INS' Efforts To Identify and Remove
Imprisoned Aliens Need To Be Improved;
Key recommendation[A]: The INS Commissioner should identify the causes
of immigration agent attrition and take steps to ensure that staffing
is adequate to achieve the Institutional Hearing Program's goals;
Report number and date of issuance: T-GGD-97-154 (July 15, 1997).
Report title: Criminal Aliens: INS' Efforts To Identify and Remove
Imprisoned Aliens Need To Be Improved;
Key recommendation[A]: The INS Commissioner should (1) develop a
workload analysis model to identify the IHP resources needed in any
period to achieve overall program goals and the portion of those goals
that would be achievable with alternative levels of resources and (2)
use the model to support its IHP funding and staffing requests. Such a
model should consider several factors, including the number of foreign-
born inmates, number of prisons that must be visited, number and types
of IHP staff, length of time to process cases, and travel time and
costs;
Report number and date of issuance: T-GGD-97-154 (July 15, 1997).
Directorate of Emergency Preparedness and Response[B]:
Report title: Fire Safety: Comprehensive Information on Fire
Incidences in Federal Facilities Is Lacking;
Key recommendation[A]: The Administrator, U.S. Fire Administration, in
conjunction with the Consumer Product Safety Commission, the General
Services Administration, Occupational Safety and Health Administration,
and other federal agencies identified as being relevant, should examine
whether the systematic collection and analysis of data on fires in
federal workspace is warranted. If they determine that data collection
and analysis are warranted, data that should be considered for
collection and analysis include: the number of fires in federal
workspace; property damage, injuries, and deaths resulting from such
fires; and the causes of these fires, including any products involved,
if determined. In addition, the agencies should discuss, among other
topics deemed relevant, the availability of resources for implementing
any data collection system and any needed authority to facilitate
federal agencies' cooperation in this effort;
Report number and date of issuance: GAO-01-879 (August 20, 2001).
Report title: Combating Terrorism: Federal Response Teams Provide
Varied Capabilities; Opportunities Remain to Improve Coordination;
Key recommendation[A]: To provide a sound analytical basis for
developing appropriate federal consequence management responses, the
Director of the Federal Emergency Management Agency (FEMA) should take
steps to require that the Weapons of Mass Destruction Interagency
Steering Group develop realistic scenarios involving chemical,
biological, radiological, and nuclear agents and weapons with experts
in the scientific and intelligence communities;
Report number and date of issuance: GAO-01-14 (November 30, 2000).
Report title: Combating Terrorism: Federal Response Teams Provide
Varied Capabilities; Opportunities Remain to Improve Coordination;
Key recommendation[A]: To build upon the experience and lessons
learned by the federal response teams from the May 2000 exercise, the
FEMA Director should sponsor periodic national-level consequence
management field exercises involving federal, state, and local
governments. Such exercises should be conducted together with national-
level crisis management field exercises;
Report number and date of issuance: GAO-01-14 (November 30, 2000).
Directorate of Science and Technology[B]:
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: To complete and enhance Plum Island‘s
security arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, correct physical
security deficiencies by better securing the foot-and-mouth disease
vaccine bank;
Report number and date of issuance: GAO-03-847 (September 19, 2003).
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: To complete and enhance Plum Island‘s
security arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, correct physical
security deficiencies by better securing certain features of the
physical infrastructure that supports the continued operation of the
Plum Island Animal Disease Center;
Report number and date of issuance: GAO-03-847 (September 19, 2003).
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: To complete and enhance Plum Island‘s
security arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, reconsider the security
risks at Plum Island, taking into account recent acts of disgruntled
employees;
Report number and date of issuance: GAO-03-847 (September 19, 2003).
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: To complete and enhance Plum Island‘s
security arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, enhance incident
response capability by increasing the size of the guard force;
Report number and date of issuance: GAO-03-847 (September 19, 2003).
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: To complete and enhance Plum Island‘s
security arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, limit access to
pathogens by further developing and enforcing specific procedures,
including internal control checks, to ensure that background checks of
these individuals are updated regularly;
Report number and date of issuance: GAO-03-847 (September 19, 2003).
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: To complete and enhance Plum Island‘s
security arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, limit access to
pathogens by further developing and enforcing specific procedures,
including internal control checks, to ensure that cleaning,
maintenance, and repair staff entering the biocontainment area are
escorted at all times by individuals with completed background checks;
Report number and date of issuance: GAO-03-847 (September 19, 2003).
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: To complete and enhance Plum Island‘s
security arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, enhance incident
response capability by developing and implementing a policy on how
guards should deal with intruders and use weapons;
Report number and date of issuance: GAO-03- 847 (September 19, 2003).
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: To complete and enhance Plum Island‘s
security arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, correct physical
security deficiencies by fully implementing the physical security
measures;
Report number and date of issuance: GAO-03-847 (September 19, 2003).
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: To complete and enhance Plum Island‘s
security arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, consult with other
laboratories to identify ways to mitigate the inherent difficulty of
securing pathogens;
Report number and date of issuance: GAO-03-847 (September 19, 2003).
Management Division[B]:
Report title: Information Technology: Homeland Security Needs to
Improve Entry Exit System Expenditure Planning;
Key recommendation[A]: To help ensure the effective management and
acquisition of the entry exit system, the Secretary of Homeland
Security should, through whatever entry exit program governance
structure is established, direct the entry exit program manager to
ensure that planned investment and acquisition management controls,
including the development of a business case, are fully implemented in
accordance with recognized best practices and relevant federal
requirements and guidance;
Report number and date of issuance: GAO-03-563 (June 9, 2003).
[A] Key GAO recommendations reflect actions that must be taken either
to aid in securing the nations homeland or to swiftly and
appropriately respond to future terrorist attacks.
[B] GAO reports issued prior to March 1, 2003, were directed to legacy
agencies that are now part of this directorate.
[End of table]
[End of section]
Enclosure III: Key Recommendations DHS Is Currently Addressing:
Directorate of Border and Transportation Security[B]:
Report title: Aviation Security: Computer-Assisted Passenger
Prescreening System Faces Significant Implementation Challenges;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To address the challenges associated with the
development, implementation, and operation of the Computer-Assisted
Passenger Prescreening System II (CAPPS II), the Secretary of Homeland
Security should instruct the Administrator of the Transportation
Security Administration (TSA) to develop policies and procedures
outlining the CAPPS II passenger redress process that include defining
the appeal rights of passengers and their ability to access and
correct personal data;
Report number and date of issuance: GAO-04-385 (February 12, 2004);
Timeframes reported by DHS: None provided;
Challenges reported by DHS: None provided.
Report title: Aviation Security: Computer-Assisted Passenger
Prescreening System Faces Significant Implementation Challenges;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To address the challenges associated with the
development, implementation, and operation of CAPPS II, the Secretary
of Homeland Security should instruct the Administrator of TSA to
develop policies and procedures detailing CAPPS II oversight
mechanisms, including offices responsible for providing oversight, and
reporting requirements for oversight information;
Report number and date of issuance: GAO-04- 385 (February 12, 2004);
Timeframes reported by DHS: None provided;
Challenges reported by DHS: None provided.
Report title: Aviation Security: Computer-Assisted Passenger
Prescreening System Faces Significant Implementation Challenges;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To address the challenges associated with the
development, implementation, and operation of CAPPS II, the Secretary
of Homeland Security should instruct the Administrator of TSA to
develop results- oriented performance goals and measures to evaluate
the program's effectiveness, including measures to assess performance
of the system in generating reliable risk scores;
Report number and date of issuance: GAO-04-385 (February 12, 2004);
Timeframes reported by DHS: None provided;
Challenges reported by DHS: None provided.
Report title: Aviation Security: Computer-Assisted Passenger
Prescreening System Faces Significant Implementation Challenges;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To address the challenges associated with the
development, implementation, and operation of CAPPS II, the Secretary
of Homeland Security should instruct the Administrator of TSA to
develop a strategy for mitigating the high risk associated with system
and database testing that ensures (1) accuracy testing of commercial
and government databases is conducted prior to the database being used
and (2) appropriate stress testing is conducted to demonstrate the
system can meet peak load requirements;
Report number and date of issuance: GAO- 04-385 (February 12, 2004);
Timeframes reported by DHS: None provided;
Challenges reported by DHS: None provided.
Report title: Aviation Security: Computer-Assisted Passenger
Prescreening System Faces Significant Implementation Challenges;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To address the challenges associated with the
development, implementation, and operation of CAPPS II, the Secretary
of Homeland Security should instruct the Administrator of TSA to
develop a schedule for critical security activities, including
finalizing the security policy, the security risk assessment, and
system certification and accreditation;
Report number and date of issuance: GAO-04-385 (February 12, 2004);
Timeframes reported by DHS: None provided;
Challenges reported by DHS: None provided.
Report title: Aviation Security: Computer-Assisted Passenger
Prescreening System Faces Significant Implementation Challenges;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To address the challenges associated with the
development, implementation, and operation of CAPPS II, the Secretary
of Homeland Security should instruct the Administrator of TSA to use
established plans to track development progress to ensure that promised
functionality is being delivered on time and within established cost
estimates;
Report number and date of issuance: GAO-04-385 (February 12, 2004);
Timeframes reported by DHS: None provided;
Challenges reported by DHS: None provided.
Report title: Aviation Security: Computer-Assisted Passenger
Prescreening System Faces Significant Implementation Challenges;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To address the challenges associated with the
development, implementation, and operation of CAPPS II, the Secretary
of Homeland Security should instruct the Administrator of TSA to
develop plans identifying the specific functionality that will be
delivered during each increment of CAPPS II, the specific milestones
for delivering this functionality, and expected costs for each
increment;
Report number and date of issuance: GAO-04-385 (February 12, 2004);
Timeframes reported by DHS: None provided;
Challenges reported by DHS: None provided.
Report title: Homeland Security: Risks Facing Key Border and
Transportation Security Program Need to Be Addressed;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To address the U.S. Visitor and Immigrant Status Indicator
Technology (US-VISIT) Program as a governmentwide program and to
minimize the risks facing the program, the Secretary of Homeland
Security, in collaboration with cabinet officials from US-VISIT
stakeholder departments and agencies, should direct this executive
body[C] to immediately take steps to (1) ensure that the human capital
and financial resources are expeditiously provided to establish a fully
functional and effective US-VISIT program office and associated
management capability, (2) clarify the operational context within
which US-VISIT must operate, and (3) decide whether proposed US-VISIT
increments will produce mission value commensurate with costs and
risks and disclose to the Congress planned actions based on this
body's decisions;
Report number and date of issuance: GAO-03-1083 (September 19, 2003);
Timeframes reported by DHS: DHS notes that 4 months after GAO issued
this recommendation, the US-VISIT Federal Stakeholders Advisory Board
was chartered to provide oversight and strategic direction and to
ensure that program plans, policies, funding, and business goals are
aligned and moving forward for the US-VISIT program;
Challenges reported by DHS: None provided.
Report title: Homeland Security: Risks Facing Key Border and
Transportation Security Program Need to Be Addressed;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: Further, the Secretary of Homeland Security, through the
Under Secretary for Border and Transportation Security, should direct
the US-VISIT Program Director to expeditiously establish an effective
program management capability, including immediately developing an
analysis of incremental program costs, benefits, and risks, and
providing this analysis to the executive body, to assist it in the
body's deliberations and decision making;
Report number and date of issuance: GAO-03-1083 (September 19, 2003);
Timeframes reported by DHS: DHS notes that the cost, schedule,
performance, and risks documents were completed and presented on
November 25, 2003, to the DHS Investment Review Board. Approval via the
Management Decision Memorandum was received in February 2004;
Challenges reported by DHS: None provided.
Report title: Homeland Security: Risks Facing Key Border and
Transportation Security Program Need to Be Addressed;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: Further, the Secretary of Homeland Security, through the
Under Secretary for Border and Transportation Security, should direct
the US-VISIT Program Director to expeditiously establish an effective
program management capability, including immediately defining program
office positional roles, responsibilities, and relationships;
Report number and date of issuance: GAO-03-1083 (September 19, 2003);
Timeframes reported by DHS: None provided;
Challenges reported by DHS: None provided.
Report title: Homeland Security: Risks Facing Key Border and
Transportation Security Program Need to Be Addressed;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: Further, the Secretary of Homeland Security, through the
Under Secretary for Border and Transportation Security, should direct
the US-VISIT Program Director to expeditiously establish an effective
program management capability, including immediately developing and
implementing a human capital strategy that provides for staffing these
positions with individuals who have the requisite core competencies
(knowledge, skills, and abilities);
Report number and date of issuance: GAO-03-1083 (September 19, 2003);
Timeframes reported by DHS: DHS believes that the agency will complete
its human capital strategy by December 31, 2004. In the interim, DHS
has engaged the Office of Personnel Management to assist in performing
aspects of personnel management, such as drafting position descriptions
and performance plans, which will contribute to the development of the
agency's human capital strategy;
Challenges reported by DHS: None provided.
Report title: Homeland Security: Risks Facing Key Border and
Transportation Security Program Need to Be Addressed;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: Further, the Secretary of Homeland Security, through the
Under Secretary for Border and Transportation Security, should direct
the US-VISIT Program Director to expeditiously establish an effective
program management capability, including immediately developing and
implementing a plan for satisfying key Software Engineering Institute
acquisition management controls, to include acquisition planning,
solicitation, requirements development and management, project
management, contractor tracking and oversight, evaluation, and
transition to support;
Report number and date of issuance: GAO-03-1083 (September 19, 2003);
Timeframes reported by DHS: DHS believes that it will take more than 2
years after a dedicated leader is brought on board to the US-VISIT
office to achieve key Software Engineering Institute acquisition
management controls. A firm goal and timeline will be set after that
person is hired. However, the agency has not specified a timeline for
bringing that person on board;
Challenges reported by DHS: None provided.
Report title: Homeland Security: Risks Facing Key Border and
Transportation Security Program Need to Be Addressed;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: Further, the Secretary of Homeland Security, through the
Under Secretary for Border and Transportation Security, should direct
the US-VISIT Program Director to expeditiously establish an effective
program management capability, including immediately developing and
implementing a risk management plan and ensuring that all high risks
and their status are reported regularly to the executive body;
Report number and date of issuance: GAO-03-1083 (September 19, 2003);
Timeframes reported by DHS: DHS notes that an executive Risk Review
Board is currently being chartered and is projected to be in place by
September 30, 2004;
Challenges reported by DHS: None provided.
Report title: Homeland Security: Risks Facing Key Border and
Transportation Security Program Need to Be Addressed;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: Further, the Secretary of Homeland Security, through the
Under Secretary for Border and Transportation Security, should direct
the US-VISIT Program Director to expeditiously establish an effective
program management capability, including immediately defining
performance standards for each US-VISIT system increment that are
measurable and reflect the limitations imposed by relying on existing
systems for these system increments;
Report number and date of issuance: GAO-03-1083 (September 19, 2003);
Timeframes reported by DHS: DHS notes that US-VISIT has initiated a
process to define performance standards that meet the criteria
specified. US-VISIT is also defining performance measures for both
internal managerial and external reporting purposes. DHS anticipates
reportable criteria by September 30, 2004;
Challenges reported by DHS: None provided.
Report title: Homeland Security: Limited Progress in Deploying
Radiation Detection Equipment at U.S. Ports of Entry;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To apply lessons learned from its initial deployments of
portal monitors and other radiation detection equipment and ensure
their effective application, the Bureau of Customs and Border
Protection (BCBP) should consider deploying sufficient isotope
identifiers to each port of entry so that inspectors can immediately
respond to alarms without having to retrieve equipment from another
location;
Report number and date of issuance: GAO-03-963 LOU (September 4, 2003);
Timeframes reported by DHS: DHS notes that it plans to fully implement
this recommendation by December 30, 2004;
Challenges reported by DHS: In implementing this recommendation, DHS
notes that it is facing funding and deployment support challenges. For
example, due to funding constraints, there are times when an isotope
identifier must be retrieved from one location to be used at another
location. Additionally, DHS reports that logistical issues associated
with deploying equipment must be addressed. Such issues include
ensuring equipment is distributed to proper personnel and that adequate
training is in place and provided to those who require it.
Report title: Homeland Security: Limited Progress in Deploying
Radiation Detection Equipment at U.S. Ports of Entry;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To apply lessons learned from its initial deployments of
portal monitors and other radiation detection equipment and ensure
their effective application, BCBP should consider, establish, and
implement minimum training requirements so that all inspectors have a
clear understanding of the capabilities and limitations of the
radiation detection equipment;
Report number and date of issuance: GAO-03-963 LOU (September 4, 2003);
Timeframes reported by DHS: DHS believes that it has fully implemented
this recommendation and provided GAO with documentation to support this
position on June 24, 2004. GAO is currently evaluating this
documentation;
Challenges reported by DHS: None provided.
Report title: Homeland Security: Limited Progress in Deploying
Radiation Detection Equipment at U.S. Ports of Entry;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To apply lessons learned from its initial deployments of
portal monitors and other radiation detection equipment and ensure
their effective application, BCBP should consider, as it proceeds to
deploy radiation detection equipment to air cargo facilities, analyze
opportunities at airports to deploy portal monitors to cover multiple
international mail, package, and air cargo facilities so that fewer
portal monitor locations are needed to cover a greater proportion of
goods entering the United States;
Report number and date of issuance: GAO-03-963 LOU (September 4, 2003);
Timeframes reported by DHS: DHS plans to complete implementation of
this recommendation by December 30, 2004;
Challenges reported by DHS: According to a DHS official,
implementation of this recommendation is a multistaged process,
requiring continuing analysis to develop lessons learned as DHS moves
through each stage. The official also noted that the long-term nature
of the deployment process is a challenge for DHS. For instance, there
are a large number of ports involved for which large-scale equipment
must be disbursed appropriately.
Report title: Homeland Security: Limited Progress in Deploying
Radiation Detection Equipment at U.S. Ports of Entry;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To apply lessons learned from its initial deployments of
portal monitors and other radiation detection equipment and ensure
their effective application, BCBP should consider, for the final three
categories of deployment, continuing to proactively engage local
government and private entities that must be consulted before
deploying portal monitors early in the deployment process in order to
minimize delays resulting from protracted negotiations;
Report number and date of issuance: GAO-03-963 LOU (September 4, 2003);
Timeframes reported by DHS: DHS believes that it has fully implemented
this recommendation and provided GAO with documentation to support this
position on June 24, 2004. GAO is currently evaluating this
documentation;
Challenges reported by DHS: None provided.
Report title: Homeland Security: Limited Progress in Deploying
Radiation Detection Equipment at U.S. Ports of Entry;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To obtain the assistance of other federal agencies and
national laboratories that could help, in the long term, to overcome
technical and deployment issues in adapting radiation detection
equipment to the border environment, the Secretary of Homeland
Security should establish a working group composed of agencies and
entities involved in the research and deployment of radiation
detection equipment. This working group should include, but not be
restricted to, representatives from BCBP, TSA, the DHS Science and
Technology Directorate, the Department of Defense (DOD), the Department
of Energy (DOE), and DOE's national laboratories. The working group
should serve as a forum for exchanging information on testing and
performance of radiation detection equipment, the conditions at U.S.
ports of entry, the challenges to deploying radiation detection
equipment, and ways to overcome those challenges. The working group,
meeting as often as needed, should also provide guidance to radiation
detection experts for research and development of new radiation
detection technologies to ensure that those efforts provide solutions
to current challenges;
Report number and date of issuance: GAO-03-963 LOU (September 4, 2003);
Timeframes reported by DHS: None provided;
Challenges reported by DHS: None provided.
Report title: Border Security: New Policies and Procedures Are Needed
to Fill Gaps in the Visa Revocation Process;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To strengthen the visa revocation process as an
antiterrorism tool, the Secretary of Homeland Security should, in
conjunction with the Secretary of State and the Attorney General,
develop specific policies and procedures for the interagency visa
revocation process to ensure that notification of visa revocations for
suspected terrorists and relevant supporting information is transmitted
from State to immigration and law enforcement agencies, and their
respective inspection and investigation units, in a timely manner;
Report number and date of issuance: GAO-03- 798 (June 18, 2003);
Timeframes reported by DHS: GAO is currently reviewing the status of
this recommendation in relation to a request by the Subcommittee on
National Security, Emerging Threats, and Intergovernmental Relations,
House Committee on Government Reform and plans to report on its status
by July 6, 2004;
Challenges reported by DHS: DHS notes that it is challenged in
implementing this recommendation because it involves extensive
interagency coordination with both the Department of State as well as
the Department of Justice.
Report title: Border Security: New Policies and Procedures Are Needed
to Fill Gaps in the Visa Revocation Process;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To strengthen the visa revocation process as an
antiterrorism tool, the Secretary of Homeland Security should, in
conjunction with the Secretary of State and the Attorney General,
develop a specific policy on actions that immigration and law
enforcement agencies should take to investigate and locate individuals
whose visas have been revoked for terrorism concerns and who remain in
the United States after revocation;
Report number and date of issuance: GAO-03-798 (June 18, 2003);
Timeframes reported by DHS: GAO is currently reviewing the status of
this recommendation in relation to a request by the Subcommittee on
National Security, Emerging Threats, and Intergovernmental Relations,
House Committee on Government Reform and plans to report on its status
by July 6, 2004;
Challenges reported by DHS: DHS notes that it is challenged in
implementing this recommendation because it involves extensive
interagency coordination with both the Department of State as well as
the Department of Justice. Additionally, once the policy is developed,
funding issues could be a concern for DHS and other law enforcement
agencies responsible for implementing the policy.
Report title: Border Security: New Policies and Procedures Are Needed
to Fill Gaps in the Visa Revocation Process;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To strengthen the visa revocation process as an
antiterrorism tool, the Secretary of Homeland Security should, in
conjunction with the Secretary of State and the Attorney General,
determine if persons with visas revoked on terrorism grounds are in the
United States and, if so, whether they pose a security threat;
Report number and date of issuance: GAO-03-798 (June 18, 2003);
Timeframes reported by DHS: GAO is currently reviewing the status of
this recommendation in relation to a request by the Subcommittee on
National Security, Emerging Threats, and Intergovernmental Relations,
House Committee on Government Reform and plans to report on its status
by July 6, 2004;
Challenges reported by DHS: DHS notes that it is challenged in
implementing this recommendation because it involves extensive
interagency coordination with both the Department of State as well as
the Department of Justice.
Report title: Land Border Ports of Entry: Vulnerabilities and
Inefficiencies in the Inspections Process;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: In relation to land border ports of entry, the
Commissioner of BCBP should develop an inspections-related immigration
intelligence program for the field, and in doing so, consider (1)
defining the roles and responsibilities of intelligence units at
headquarters and in the field regarding the collection, analysis, and
use of intelligence information; (2) reassessing the need for
intelligence officers at each field location; (3) coordinating the
integration and sharing of intelligence information among locations;
and (4) ensuring that inspectors have the time and opportunity to
access and review intelligence information, including via routine
briefings and access to NetLEADS;
Report number and date of issuance: GAO-03-782NI (July 11, 2003);
Timeframes reported by DHS: DHS plans to complete implementation of
this recommendation by December 30, 2004;
Challenges reported by DHS: DHS reports that it is difficult to assess
resource and other field intelligence needs given the significant
organizational restructuring resulting from the establishment of
Customs and Border Protection and Immigration and Customs Enforcement.
Report title: Foreign Military Sales: Actions Needed to Provide Better
Controls over Exported Defense Articles;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To strengthen BCBP's role in controlling the export of
Foreign Military Sales (FMS) shipments, the Secretary of Homeland
Security should establish a centralized system to identify where
specific FMS agreements are filed to prohibit multiple port filings;
Report number and date of issuance: GAO-03-599 (June 5, 2003);
Timeframes reported by DHS: CBP expects to develop and establish an
electronic repository for FMS case information that will allow for the
transmission of database information on FMS. CBP expects it to become
part of the Automated Commercial Environment by September 30, 2007;
Challenges reported by DHS: DHS notes that ensuring adequate funding
and programming resources for actions necessary to implement this
recommendation, such as establishing an electronic repository for FMS
case information, has been difficult. However, DHS believes the
recommendation could be implemented earlier than September 30, 2007,
if additional funding is provided sooner.
Report title: Customs Service Modernization: Automated Commercial
Environment Progressing, but Further Acquisition Management
Improvements Needed;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: The Commissioner of the Customs Service should take steps,
as appropriate in light of Customs' merger into the Department of
Homeland Security, to have future ACE expenditure plans specifically
address any proposals or plans, whether tentative or approved, for
extending and using ACE infrastructure to support other homeland
security applications, including any impact on ACE of such proposals
and plans;
Report number and date of issuance: GAO-03-406 (February 28, 2003);
Timeframes reported by DHS: CBP notes that this recommendation is of
an ongoing nature and is not conducive to a hard target completion
date. For example, on February 14, 2004, CBP initiated a coordinating
meeting with the US-VISIT program seeking agreement on avenues for
sharing and integration. CBP expects that once these results are
formalized, the agency would expect to establish further milestone
dates responsive to GAO's recommendation;
Challenges reported by DHS: DHS reports that large automation projects
typically require actions to be taken over a long-term period, thus,
it believes implementation of this recommendation will require
sustained efforts over the long-term.
Report title: Customs Service Modernization: Automated Commercial
Environment Progressing, but Further Acquisition Management
Improvements Needed;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: The Commissioner of the Customs Service should direct the
Chief Information Officer (CIO) to develop and implement the missing
human capital management practices discussed in this report, and until
this is accomplished, report to its appropriations committees quarterly
on the progress of its efforts to do so;
Report number and date of issuance: GAO-03-406 (February 28, 2003);
Timeframes reported by DHS: DHS plans to complete implementation of
this recommendation by September 30, 2004;
Challenges reported by DHS: DHS reports that it is challenged in
implementing this recommendation by the technical nature of the project
and the significant number of personnel required to support the Customs
and Border Protection modernization effort.
Report title: Customs Service Modernization: Automated Commercial
Environment Progressing, but Further Acquisition Management
Improvements Needed;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: The Commissioner of the Customs Service should direct the
CIO to establish an independent verification and validation function
to assist Customs in overseeing contractor efforts, such as testing;
Report number and date of issuance: GAO-03-406 (February 28, 2003);
Timeframes reported by DHS: DHS plans to complete implementation of
this recommendation by August 30, 2004;
Challenges reported by DHS: None provided.
Report title: Homeland Security: INS Cannot Locate Many Aliens Because
It Lacks Reliable Address Information;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: In order to promote compliance with the change of address
notification requirements through publicity and enforcement and to
improve the reliability of its alien address data, the Attorney General
should direct the INS Commissioner to evaluate alternative approaches
and their associated costs for obtaining or assembling complete alien
address information, particularly for those aliens who do not comply
with the change of address notification requirement;
Report number and date of issuance: GAO-03-188 (November 21, 2002);
Timeframes reported by DHS: DHS believes it has implemented this
recommendation. Thus, it did not provide any future timeframes for
completing this recommendation. GAO has requested that DHS provide it
with documentation to demonstrate that DHS has implemented a process
for getting complete and updated alien address information into DHS
systems;
Challenges reported by DHS: DHS notes that ensuring adequate funding
for actions taken related to this recommendation is a challenge.
Report title: Homeland Security: INS Cannot Locate Many Aliens Because
It Lacks Reliable Address Information;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: In order to promote compliance with the change of address
notification requirements through publicity and enforcement and to
improve the reliability of its alien address data, the Attorney General
should direct the INS Commissioner to establish written procedures and
controls to ensure that alien address information in all automated
databases is complete, consistent, accurate, and current;
Report number and date of issuance: GAO-03-188 (November 21, 2002);
Timeframes reported by DHS: DHS believes it has implemented this
recommendation. Thus, it did not provide any future timeframes for
completing this recommendation. GAO has requested that DHS provide it
with documentation to demonstrate that Customs and Immigration Services
has developed procedures and controls to ensure that an alien's address
information is updated appropriately in all related databases;
Challenges reported by DHS: DHS notes that ensuring adequate funding
for actions taken related to this recommendation is a challenge.
Report title: Homeland Security: INS Cannot Locate Many Aliens Because
It Lacks Reliable Address Information;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: In order to promote compliance with the change of address
notification requirements through publicity and enforcement and to
improve the reliability of its alien address data, the Attorney General
should direct the INS Commissioner to identify and implement an
effective means to publicize the change of address notification
requirement nationwide. As part of its publicity effort, INS should
make sure that aliens have information on how to comply with this
requirement, including where information may be available and the
location of change of address forms;
Report number and date of issuance: GAO-03-188 (November 21, 2002);
Timeframes reported by DHS: DHS believes it has implemented this
recommendation. Thus, it did not provide any future timeframes for
completing this recommendation. GAO is requesting that DHS provide it
with documentation to demonstrate that publicity efforts to make aliens
aware of the notification requirement have been implemented;
Challenges reported by DHS: DHS notes that ensuring adequate funding
for actions taken related to this recommendation is a challenge.
Report title: Customs Service Modernization: Management Improvements
Needed on High-Risk Automated Commercial Environment Project;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To improve Customs' ACE modernization management, the
Customs Service Commissioner should direct the chief information
officer, as the designated modernization executive, to immediately
develop and implement a Customs Modernization Office (CMO) human
capital management strategy that provides both near-and long-term
solutions to CMO's human capital capacity limitations, including
defining the office's skill and capacity needs in terms that will allow
Customs to attract qualified individuals and that will provide
sufficient rewards and training, linked to performance, to promote
their retention;
Report number and date of issuance: GAO-02-545 (May 13, 2002);
Timeframes reported by DHS: None provided;
Challenges reported by DHS: DHS reports that it is challenged in
implementing this recommendation by the technical nature of the
project and the significant number of personnel required to support the
Customs and Border Protection modernization effort.
Report title: Alien Smuggling: Management and Operational Improvements
Needed to Address Growing Problem;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: The INS Commissioner should establish performance measures
for the anti-smuggling efforts and intelligence program with which to
gauge program effects;
Report number and date of issuance: GGD-00-103 (May 1, 2000);
Timeframes reported by DHS: None provided;
Challenges reported by DHS: DHS notes that it is challenged in
implementing this recommendation by ensuring that appropriate
resources, including funding and personnel, are available.
Report title: Criminal Aliens: INS's Efforts to Identify and Remove
Imprisoned Aliens Need to Be Improved;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: The INS Commissioner should establish a nationwide data
system containing the universe of foreign-born inmates reported to INS
by the Bureau of Prisons and the state departments of corrections and
use this system to track the Institutional Hearing Program status of
each inmate;
Report number and date of issuance: T-GGD-97-154 (July 15, 1997);
Timeframes reported by DHS: None provided;
Challenges reported by DHS: DHS notes that it is challenged in
implementing this recommendation by ensuring that appropriate
resources, including funding and personnel, are available.
Directorate of Emergency Preparedness and Response[B]:
Report title: Continuity of Operations: Improved Planning Needed to
Ensure Delivery of Essential Government Services;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To ensure that agencies can continue operations in
emergencies and are prepared for the governmentwide exercise planned
for May 2004, the Secretary of Homeland Security should direct the
Under Secretary for Emergency Preparedness and Response to take steps
to ensure that agencies that do not have continuity of operations
(COOP) plans develop them by May 1, 2004;
Report number and date of issuance: GAO-04-160 (February 27, 2004);
Timeframes reported by DHS: On June 24, 2004, DHS provided GAO with a
list of actions it has taken and plans to take in relation to this
recommendation. For example, DHS noted that as part of an exercise it
developed, Forward Challenge 2004, which was held from May 12 through
May 15, 2004, participating department and agencies' COOP were
successfully activated and tested. DHS also noted that it has
developed a COOP manager's course which it plans to pilot from June 29
to July 1, 2004. Additionally, DHS has scheduled 10 additional courses
from June 2004 through January 2005. GAO is currently evaluating this
information to determine the continued status of this recommendation;
Challenges reported by DHS: None Provided.
Report title: Continuity of Operations: Improved Planning Needed to
Ensure Delivery of Essential Government Services;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: The Secretary should direct the Under Secretary to take
steps to improve the oversight of COOP planning by conducting
assessments of agency continuity plans that include independent
verification of agency-provided information, as well as an assessment
of the essential functions identified and their interdependencies with
other activities;
Report number and date of issuance: GAO-04-160 (February 27, 2004);
Timeframes reported by DHS: DHS reports that its Readiness Reporting
System will be used to assist it in assessing agency contingency
plans. DHS further notes that it plans to initially deploy this system
in fiscal year 2005. Finally, DHS reported that it would conduct an
independent validation of each departments' and agency's self-
assessment after deployment of the Readiness Reporting System;
Challenges reported by DHS: None provided.
Report title: Continuity of Operations: Improved Planning Needed to
Ensure Delivery of Essential Government Services;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: The Secretary should direct the Under Secretary to take
steps to improve the oversight of COOP planning by ensuring that
agencies correct the deficiencies in individual COOP plans identified
here, as well as those identified in previous assessments;
Report number and date of issuance: GAO-04-160 (February 27, 2004);
Timeframes reported by DHS: DHS noted that it developed an exercise,
Forward Challenge, to assist departments and agencies in improving
individual COOP. As a result, DHS is working with those departments
and agencies to complete after-action reports and will work with those
agencies to improve their COOP capabilities. DHS further reports that
the Forward Challenge after-action reports will be completed by
September 30, 2004, and will include recommendations for measures to
improve COOP capability. DHS also noted that it has developed a COOP
manager's course which it plans to pilot from June 29 to July 1, 2004.
Additionally, DHS has scheduled 10 additional courses from June 2004
through January 2005;
Challenges reported by DHS: None provided.
Directorate of Information Analysis and Infrastructure Protection[B]:
Report title: Homeland Security: Voluntary Initiatives Are Under Way at
Chemical Facilities, but the Extent of Security Preparedness Is
Unknown;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: In order to ensure that chemical facilities take action
to review and address security vulnerabilities, the Secretary of
Homeland Security and the Administrator of the Environmental Protection
Agency (EPA) should jointly develop, in consultation with the Office
of Homeland Security, a comprehensive national chemical security
strategy that is both practical and cost effective. This national
strategy should specify the roles and responsibilities of each federal
agency partnering with the chemical industry;
Report number and date of issuance: GAO-03-439 (March 14, 2003);
Timeframes reported by DHS: Homeland Security Presidential Directive
Number 7 (HSPD-7) requires DHS to produce a comprehensive, integrated
National Plan for Critical Infrastructure and Key Resources Protection
to outline national goals, objectives, milestones, and key initiatives
by December 17, 2004. DHS states that this plan will consist of an
overview as well as supplements addressing each critical
infrastructure sector. As such, DHS notes that the chemical sector-
specific plan will describe the roles and responsibilities of all
sector stakeholders, including federal agencies;
Challenges reported by DHS: DHS indicated that it does not face any
challenges in implementing actions on this recommendation.
Report title: Homeland Security: Voluntary Initiatives Are Under Way at
Chemical Facilities, but the Extent of Security Preparedness Is
Unknown;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: In order to ensure that chemical facilities take action
to review and address security vulnerabilities, the Secretary of
Homeland Security and the Administrator of EPA should jointly develop,
in consultation with the Office of Homeland Security, a comprehensive
national chemical security strategy that is both practical and cost
effective. This national strategy should develop appropriate
information sharing mechanisms;
Report number and date of issuance: GAO-03-439 (March 14, 2003);
Timeframes reported by DHS: DHS reports that a chemical information
sharing and analysis center is currently active and serves as the
primary information sharing mechanism within the chemical sector. DHS
also notes that the National Infrastructure Protective Plan with its
supporting sector-specific plans should be completed by December 2004.
DHS reports that the chemical sector -specific plan will describe the
information sharing mechanisms and processes within the chemical
sector;
Challenges reported by DHS: DHS indicated that it does not face any
challenges in implementing actions on this recommendation.
Report title: Homeland Security: Voluntary Initiatives Are Under Way at
Chemical Facilities, but the Extent of Security Preparedness Is
Unknown;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: In order to ensure that chemical facilities take action
to review and address security vulnerabilities, the Secretary of
Homeland Security and the Administrator of EPA should jointly develop,
in consultation with the Office of Homeland Security, a comprehensive
national chemical security strategy that is both practical and cost
effective. This national strategy should identify high-risk facilities
based on factors including the level of threat and collect information
on industry security preparedness;
Report number and date of issuance: GAO-03-439 (March 14, 2003);
Timeframes reported by DHS: DHS notes that the National Infrastructure
Protective Plan with its supporting sector -specific plans should be
completed by December 2004. As such, the chemical sector-specific plan
will describe the process to be used in prioritizing and assessing the
vulnerability of chemical facilities within the chemical sector. DHS
further reports that HSPD-7 requires them to report annually,
beginning in December 2004, on the status of DHS's efforts to identify,
prioritize, and coordinate the protection of critical infrastructure
and key resources within the chemical sector;
Challenges reported by DHS: DHS indicated that it does not face any
challenges in implementing actions on this recommendation.
Report title: Homeland Security: Voluntary Initiatives Are Under Way at
Chemical Facilities, but the Extent of Security Preparedness Is
Unknown;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: In order to ensure that chemical facilities take action
to review and address security vulnerabilities, the Secretary of
Homeland Security and the Administrator of EPA should jointly develop,
in consultation with the Office of Homeland Security, a comprehensive
national chemical security strategy that is both practical and cost
effective. This national strategy should develop a legislative
proposal, in consultation with industry and other appropriate groups,
to require these chemical facilities to expeditiously assess their
vulnerability to terrorist attacks and, where necessary, require these
facilities to take corrective action;
Report number and date of issuance: GAO-03-439 (March 14, 2003);
Timeframes reported by DHS: None provided;
Challenges reported by DHS: None provided.
Report title: Critical Infrastructure Protection: Challenges for
Selected Agencies and Industry Sectors;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To assist the administration in establishing CIP
priorities for all major federal agencies, critical infrastructure
sectors, and the Department of Homeland Security, the Director of the
National Infrastructure Protection Center (NIPC) should determine the
status and identify additional actions needed to improve the quality
and quantity of information being provided by information sharing and
analysis centers (ISACs), and of plans made by the new department's
Information Analysis and Infrastructure Protection directorate and the
ISACs to enhance the current information-sharing process;
Report number and date of issuance: GAO-03-233 (February 28, 2003);
Timeframes reported by DHS: DHS believes that it has completed actions
on this recommendation. Thus, DHS did not provide any specific
timeframes for future completion. GAO is currently evaluating DHS's
information sharing and plans to report on the issue by July 9, 2004;
Challenges reported by DHS: DHS indicated that it does not face any
challenges in implementing actions on this recommendation.
Report title: Critical Infrastructure Protection: Challenges for
Selected Agencies and Industry Sectors;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To help ensure that private-sector ISACs continue efforts
to improve their critical infrastructure protection (CIP) activities,
the Secretary of Energy, the Secretary of Commerce, and the
Administrator of EPA, through their lead agency responsibilities for
the energy, electricity, information, communication, and water
industry sectors, should assess the need for grants, tax incentives,
regulation, or other public policy tools to encourage increased
private-sector CIP activities and greater sharing of intelligence and
incident information between the sectors and the federal government.
After lead agency responsibilities for the information and
telecommunications sector are transitioned to the Department of
Homeland Security, the Secretary of that department would become
responsible for that sector;
Report number and date of issuance: GAO-03-233 (February 28, 2003);
Timeframes reported by DHS: None provided;
Challenges reported by DHS: None provided.
Report title: Critical Infrastructure Protection: Challenges for
Selected Agencies and Industry Sectors;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To assist the administration in establishing CIP
priorities for all major federal agencies, critical infrastructure
sectors, and the Department of Homeland Security, the Director of the
Critical Infrastructure Assurance Office should determine the status
of, and identify additional actions needed to improve the federal
government's efforts and progress in implementing, federal CIP policy,
including identifying the federal government's critical assets,
completing vulnerability assessments for these assets, remedying
identified vulnerabilities, and incorporating these assets into
continuity of operations plans;
Report number and date of issuance: GAO-03-233 (February 28, 2003);
Timeframes reported by DHS: HSPD-7 requires all Federal departments
and agencies to develop plans for protecting the physical and cyber
critical infrastructure and key resources that they own or operate.
These plans must address identification, prioritization, protection,
and contingency planning, including the recovery and reconstitution of
essential capabilities. OMB is requiring that all federal agencies and
departments submit such plans by July 31, 2004;
Challenges reported by DHS: DHS indicated that it does not face any
challenges in implementing actions on this recommendation.
Report title: Critical Infrastructure Protection: Significant
Challenges in Developing National Capabilities;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: The Attorney General should task the FBI Director to
require the NIPC[D] Director to develop a comprehensive written plan
for establishing analysis and warning capabilities that integrates
existing planning elements and includes a description of the
relationship between the long-term goals and objectives and the annual
performance goals;
Report number and date of issuance: GAO-01-323 (April 25, 2001);
Timeframes reported by DHS: DHS reports that the U.S. Computer
Emergency Readiness Team (U.S. CERT) was created in September 2003 and
serves as the national focal point for computer security efforts,
including the analysis and reduction of cyber threats and
vulnerabilities; the dissemination of cyber threat warning
information; and the coordination of incident response. GAO
acknowledges that U.S. CERT has been established, but that its
establishment alone does not fully address the recommendation and
further analysis is needed;
Challenges reported by DHS: DHS indicated that it does not face any
challenges in implementing actions on this recommendation.
Report title: Critical Infrastructure Protection: Significant
Challenges in Developing National Capabilities;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: The Attorney General should task the FBI Director to
require the NIPC[E] Director to develop a comprehensive written plan
for establishing analysis and warning capabilities that integrates
existing planning elements and includes a description of how program
evaluations could be used to establish or revise strategic goals, along
with a schedule for future program evaluations;
Report number and date of issuance: GAO-01-323 (April 25, 2001);
Timeframes reported by DHS: DHS reports that the U.S. Computer
Emergency Readiness Team (U.S. CERT) was created in September 2003 and
serves as the national focal point for computer security efforts,
including the analysis and reduction of cyber threats and
vulnerabilities; the dissemination of cyber threat warning
information; and the coordination of incident response. GAO
acknowledges that U.S. CERT has been established, but that its
establishment alone does not fully address the recommendation and
further analysis is needed;
Challenges reported by DHS: DHS indicated that it does not face any
challenges in implementing actions on this recommendation.
Report title: Critical Infrastructure Protection: Significant
Challenges in Developing National Capabilities;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: The Attorney General should task the FBI Director to
require the NIPC[E] Director to develop a comprehensive written plan
for establishing analysis and warning capabilities that integrates
existing planning elements and includes approaches (or strategies) and
the various resources needed to achieve the goals and objectives;
Report number and date of issuance: GAO-01-323 (April 25, 2001);
Timeframes reported by DHS: DHS reports that the U.S. Computer
Emergency Readiness Team (U.S. CERT) was created in September 2003 and
serves as the national focal point for computer security efforts,
including the analysis and reduction of cyber threats and
vulnerabilities; the dissemination of cyber threat warning
information; and the coordination of incident response. GAO
acknowledges that U.S. CERT has been established, but that its
establishment alone does not fully address the recommendation and
further analysis is needed;
Challenges reported by DHS: DHS indicated that it does not face any
challenges in implementing actions on this recommendation.
Report title: Critical Infrastructure Protection: Significant
Challenges in Developing National Capabilities;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: The Attorney General should task the FBI Director to
require the NIPC[E] Director to develop a comprehensive written plan
for establishing analysis and warning capabilities that integrates
existing planning elements and includes milestones and performance
measures;
Report number and date of issuance: GAO-01-323 (April 25, 2001);
Timeframes reported by DHS: DHS reports that the U.S. Computer
Emergency Readiness Team (U.S. CERT) was created in September 2003 and
serves as the national focal point for computer security efforts,
including the analysis and reduction of cyber threats and
vulnerabilities; the dissemination of cyber threat warning
information; and the coordination of incident response. GAO
acknowledges that U.S. CERT has been established, but that its
establishment alone does not fully address the recommendation and
further analysis is needed;
Challenges reported by DHS: DHS indicated that it does not face any
challenges in implementing actions on this recommendation.
Report title: Critical Infrastructure Protection: Significant
Challenges in Developing National Capabilities;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To ensure that NIPC[E] develops the response,
investigative and crisis management capabilities required by
Presidential Decision Directive (PDD) 63, the Attorney General should
direct the FBI Director to direct the NIPC Director to (1) formalize
relationships between NIPC and other federal entities, including DOD
and the Secret Service, and private sector Information Sharing and
Analysis Centers (ISAC) so that a clear understanding of what is
expected from the respective organization exists, (2) develop a plan to
foster the two-way exchange of information between NIPC and the ISACs,
and (3) ensure that the Key Asset Initiative is integrated with other
similar federal activities;
Report number and date of issuance: GAO-01-323 (April 25, 2001);
Timeframes reported by DHS: DHS anticipates completing the HSPD-7
mandated National Plan for Critical Infrastructure by December 2004,
which DHS states it will provide clarification on roles and
relationships of federal agencies with regard to critical
infrastructure protection and ensure that the key asset initiative is
integrated with other similar federal activities;
Challenges reported by DHS: DHS indicated that it does not face any
challenges in implementing actions on this recommendation.
Directorate of Science and Technology[B]:
Report title: The Department of Homeland Security Needs to Fully Adopt
a Knowledge-Based Approach to Its Counter-MANPADS Development Program;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: The Secretary of Homeland Security should fully adopt the
knowledge-based approach, including the use of exit criteria, to help
ensure that key decisions in DHS's effort to develop and demonstrate a
counter man-portable air defense systems (MANPADS) are based on
sufficient information;
Report number and date of issuance: GAO-04- 341R (January 30, 2004);
Timeframes reported by DHS: DHS reports that implementation of this
recommendation is being conducted in two phases. The first phase is
scheduled to occur from January through July 2004. The second phase
will take place from August 2004 to January 2006;
Challenges reported by DHS: DHS notes that it faces several challenges
in implementing this recommendation, including (1) ensuring the
contractor meets rigorous system performance requirements, (2)
integrating the defense systems into commercial aircraft, (3)
obtaining Federal Aviation Administration certification, (4) ensuring
that there is an appropriate maintenance plan for the program, (5)
fully evaluating and testing the system, and (6) conducting
appropriate lifecycle cost analysis.
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To complete and enhance Plum Island's security
arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, correct physical
security deficiencies by addressing the specific security shortcomings
identified by GAO's Office of Special Investigations;
Report number and date of issuance: GAO-03-847 (September 19, 2003);
Timeframes reported by DHS: DHS has addressed several components of
this recommendation such as key control and enhanced security of
overnight accommodations. On June 28, 2004, a DHS official informed GAO
that the fire brigade is fully operational. GAO is currently working to
verify this information;
Challenges reported by DHS: The background checks GAO has recommended
require access to the Federal Bureau of Investigation's database, and
no permanent arrangement has been made that provides Plum Island Animal
Disease Center (PIADC) the needed access or working relationships (and
reimbursement for services) to accomplish these checks on an ongoing
basis.
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To complete and enhance Plum Island's security
arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, enhance incident
response capability by resolving the issue of the guards' authority to
carry firearms and make arrests;
Report number and date of issuance: GAO-03-847 (September 19, 2003);
Timeframes reported by DHS: DHS will implement this recommendation by
assigning responsibility to its Federal Protective Service (FPS). On
June 28, 2004, a DHS official informed GAO that an initial FPS officer
was placed on-site at the island. Additional personnel are to be
assigned by the fall of 2004. GAO will work with DHS to verify
information provided as of June 28, 2004, and to determine the
continued status of this recommendation;
Challenges reported by DHS: While security guards at PIADC currently
carry firearms, DHS notes that they do not have the authority to make
arrests. This recommendation will not be fully implemented until the
guard force has the authority to make arrests. DHS reports that placing
such officers on-site is a complex action involving several DHS offices
and the General Services Administration.
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To complete and enhance Plum Island's security
arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, revise, as necessary,
security and incident response plans to reflect any redefined, risks,
threats, and assets;
Report number and date of issuance: GAO-03-847 (September 19, 2003);
Timeframes reported by DHS: The site security plan and the incident
response plan have been revised to reflect redefine risks, threats,
and assets. However, this plan will not be finalized until FPS is on
site at PIADC. As mentioned above, On June 28, 2004, a DHS official
informed GAO that an initial FPS officer was placed on-site at the
island. Additional personnel are to be assigned by the fall of 2004.
GAO will work with DHS to verify information provided as of June 28,
2004, and to determine the continued status of this recommendation;
Challenges reported by DHS: This recommendation will not be fully
implemented until such resources are on-site at PIADC. DHS reports
that placing such officers on-site is a complex action involving
several DHS
offices and the General Services Administration.
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To complete and enhance Plum Island's security
arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, consult with
appropriate state and local law enforcement and intelligence agencies
to revisit the threats specific to PIADC;
Report number and date of issuance: GAO-03-847 (September 19, 2003);
Timeframes reported by DHS: None provided;
Challenges reported by DHS: DHS reports that it is not facing any
challenges in implementing this recommendation.
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To complete and enhance Plum Island's security
arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, enhance incident
response capability by conducting exercises with local law enforcement
to test the efficiency and effectiveness of Plum Island's response
capability;
Report number and date of issuance: GAO- 03-847 September 19, 2003);
Timeframes reported by DHS: DHS is working to place FPS personnel on-
site at the PIADC. On June 28, 2004, a DHS official informed GAO that
an initial FPS officer was placed on-site at the island. Additional
personnel are to be assigned by the fall of 2004. GAO will work with
DHS to verify that Plum Island's response capabilities are enhanced
through exercises conducted with local law enforcement;
Challenges reported by DHS: This recommendation will not be fully
implemented until FPS resources are on-site at PIADC. DHS reports that
placing such officers on-site is a complex action involving several
DHS offices and the General Services Administration.
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To complete and enhance Plum Island's security
arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, enhance incident
response capability by developing an incident response plan that
includes precise detail about what to do in the event an incident
occurs that exceeds the capability of the security system, such as a
terrorist attack;
Report number and date of issuance: GAO- 03-847 (September 19, 2003);
Timeframes reported by DHS: DHS has prepared a site security plan,
including the Incident Response Plan, which can be finalized and
approved when FPS arrives at PIADC. On June 28, 2004, a DHS official
informed GAO that an initial FPS officer was placed on-site at the
island. Additional personnel are to be assigned by the fall of 2004.
GAO will work with DHS to verify that an incident response plan has
been enhanced and can be implemented;
Challenges reported by DHS: This recommendation will not be fully
implemented until such resources are on-site at PIADC. DHS reports that
placing such officers on-site is a complex action involving several
DHS offices and the General Services Administration.
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To complete and enhance Plum Island's security
arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, enhance incident
response capability by completing an agreement with local law
enforcement agencies to ensure backup assistance when needed;
Report number and date of issuance: GAO-03-847 (September 19, 2003);
Timeframes reported by DHS: DHS is working to place FPS personnel on-
site at the PIADC. On June 28, 2004, a DHS official informed GAO that
an initial FPS officer was placed on-site at the island. Additional
personnel are to be assigned by the fall of 2004. GAO will work with
DHS to verify that agreements are in place for obtaining backup law
enforcement assistance;
Challenges reported by DHS: This recommendation will not be fully
implemented until such resources are on-site at PIADC. DHS reports
that placing such officers on-site is a complex action involving
several DHS offices and the General Services Administration.
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To complete and enhance Plum Island's security
arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, limit access to
pathogens by further developing and enforcing specific procedures,
including internal control checks, to ensure that all individuals
involved in laboratory activities in the biocontainment area--including
students and regardless of citizenship--have been approved, in
accordance with the law;
Report number and date of issuance: GAO-03-847 (September 19, 2003);
Timeframes reported by DHS: To partially address this recommendation,
DHS has established and implemented an escort procedure within the bio-
containment area. On June 28, 2004, a DHS official informed GAO that
an initial FPS officer was placed on-site at the island. Additional
personnel are to be assigned by the fall of 2004. GAO will work with
DHS to verify that access to the laboratory bio-containment area is
limited to those who have been approved for access in accordance with
the law;
Challenges reported by DHS: DHS escort procedures in the bio-
containment area require that assigned escorts stay in continuous
contact with uncleared persons. To allow access to the island by
foreign visitors, DHS's Office of Security performs background checks.
PIADC does not have access to the necessary databases to do the checks
themselves. Once FPS is on-site at the island, access to the databases
can be established and all visitor names can be checked at PIADC. DHS
reports that placing such officers on-site is a complex action
involving several DHS offices and the General Services Administration.
Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: To complete and enhance Plum Island's security
arrangements, the Secretary of Homeland Security should, in
consultation with the Secretary of Agriculture, enhance incident
response capability by defining an adequate response time for law
enforcement to respond to incidents;
Report number and date of issuance: GAO-03-847 (September 19, 2003);
Timeframes reported by DHS: The incident response plan can be
finalized and approved when FPS is on board at PIADC and has agreed
that the provisions in the draft are acceptable and sufficient for the
memorandum of agreement, which DHS proposes to enter into with local
law enforcement. The draft plan's actions are in effect in the interim;
Challenges reported by DHS: This recommendation will not be fully
implemented until FPS resources are on-site at PIADC and FPS has agreed
that the provisions in the draft are acceptable and sufficient and
training exercises have been completed to determine adequate response
time. DHS reports that placing such officers on-site is a complex
action involving several DHS offices and the General Services
Administration.
Management Division[B]:
Report title: Homeland Security: Efforts to Improve Information
Sharing Need to Be Strengthened;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: In developing its enterprise architecture, the Secretary
of Homeland Security should work with the Attorney General of the
United States; the Secretary of Defense; the Director, Office of
Management and Budget; the Director, Central Intelligence Agency; and
other appropriate federal, state, and city authorities and the private
sector to ensure that the enterprise architecture efforts incorporate
the existing information-sharing guidance that is contained in the
various national strategies and the information-sharing procedures
required by the Homeland Security Act to be established by the
President;
Report number and date of issuance: GAO-03-760 (August 27, 2003);
Timeframes reported by DHS: According to DHS, Version 2.0 of the
homeland security enterprise architecture will be completed in
September 2004. DHS states that this version will feature sustained
business involvement and increased state and local participation, with
significant emphasis on information sharing, interoperability, and
information technology integration. It will also demonstrate how
stakeholders fit into the information flow that enables them to
actively participate in securing the homeland;
Challenges reported by DHS: None provided.
Report title: Homeland Security: Efforts to Improve Information
Sharing Need to Be Strengthened;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: In developing its enterprise architecture, the Secretary
of Homeland Security should work with the Attorney General of the
United States; the Secretary of Defense; the Director, Office of
Management and Budget; the Director, Central Intelligence Agency; and
other appropriate federal, state, and city authorities and the private
sector to ensure that the enterprise architecture efforts establish a
clearinghouse to coordinate the various information-sharing initiatives
to eliminate possible confusion and duplication of effort;
Report number and date of issuance: GAO-03-760 (August 27, 2003);
Timeframes reported by DHS: DHS reports that the Chief Information
Officer is exploring the costs and benefits associated with a Web-
based application to gather information on information-sharing
initiatives in a more structured manner and to simplify the data
collection burden on other levels of governments. Additionally, DHS
notes that it will establish a program management office responsible
for crystallizing a vision, defining a comprehensive strategy, and
monitoring performance toward achieving the information sharing goals
of the National Homeland Security Strategy. However, DHS did not
provide a timeframe for completing these efforts;
Challenges reported by DHS: None provided.
Report title: Homeland Security: Efforts to Improve Information
Sharing Need to Be Strengthened;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: In developing its enterprise architecture, the Secretary
of Homeland Security should work with the Attorney General of the
United States; the Secretary of Defense; the Director, Office of
Management and Budget; the Director, Central Intelligence Agency; and
other appropriate federal, state, and city authorities and the private
sector to ensure that the enterprise architecture efforts fully
integrate states and cities in the national policy-making process for
information sharing and take steps to provide greater assurance that
actions at all levels of government are mutually reinforcing;
Report number and date of issuance: GAO-03-760 (August 27, 2003);
Timeframes reported by DHS: DHS reports that it established a state
and local working group by partnering with the National Association of
State Chief Information Officers and has been an active participant in
the development of DHS's enterprise architecture; DHS further notes
that it will coordinate its activities with the Information Sharing
Program Management Office. This office will be responsible for
establishing policy and utilizing the enterprise architecture to
ensure compliance when information technology modernization
initiatives are implemented. However, DHS did not provide a timeframe
for the completion of this effort;
Challenges reported by DHS: None provided.
Report title: Homeland Security: Efforts to Improve Information
Sharing Need to Be Strengthened;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: In developing its enterprise architecture, the Secretary
of Homeland Security should work with the Attorney General of the
United States; the Secretary of Defense; the Director, Office of
Management and Budget; the Director, Central Intelligence Agency; and
other appropriate federal, state, and city authorities and the private
sector to ensure that the enterprise architecture efforts identify and
address the perceived barriers to federal information sharing;
Report number and date of issuance: GAO- 03-760 (August 27, 2003);
Timeframes reported by DHS: DHS reports that it intends to address
barriers and obstacles to information sharing in the risk management
section of its Enterprise Architecture (version 2.0) and in guidance
to related projects. However, DHS did not provide a timeframe for
completing this action;
Challenges reported by DHS: None provided.
Report title: Homeland Security: Efforts to Improve Information
Sharing Need to Be Strengthened;
Key recommendation[A]: Directorate of Border and Transportation
Security[B]: In developing its enterprise architecture, the Secretary
of Homeland Security should work with the Attorney General of the
United States; the Secretary of Defense; the Director, Office of
Management and Budget; the Director, Central Intelligence Agency; and
other appropriate federal, state, and city authorities and the private
sector to ensure that the enterprise architecture efforts include the
use of survey methods or related data collection approaches to
determine, over time, the needs of private and public organizations
for information related to homeland security and to measure progress
in improving information sharing at all levels of government;
Report number and date of issuance: GAO-03-760 (August 27, 2003);
Timeframes reported by DHS: None provided;
Challenges reported by DHS: None provided.
[A] Key GAO recommendations reflect actions that must be taken either
to aid in securing the nation's homeland or to swiftly and
appropriately respond to future terrorist attacks.
[B] GAO reports issued prior to March 1, 2003, were directed to legacy
agencies that are now part of this directorate/division.
[C] GAO also recommended that the Secretary of Homeland Security,
establish and charter an executive body to guide and direct the US
Visit Program, which DHS completed. For the full recommendation related
to this executive body, see enclosure II.
[D] Upon transfer of the NIPC from the Department of Justice to DHS,
DHS became responsible for implementation of this recommendation.
[End of table]
[End of section]
Enclosure IV: Comments from the Department of Homeland Security:
[See PDF for image]
[End of figure]
[End of section]
FOOTNOTES
[1] See U.S. General Accounting Office, Homeland Security: Selected
Recommendations from Congressionally Chartered Commissions and GAO,
GAO-04-591 (Washington, D.C.: Mar. 31, 2004).
[2] P.L. 107-296 (Nov. 25, 2002).
[3] We believe that the implementation of these recommendations is key
to the agency's ability to effectively fulfill its homeland security
mission.
[4] Since March 1, 2003, we have and will continue to issue
recommendations, many of which are key to DHS's ability to effectively
fulfill its homeland security mission. For example, in May 2004, we
issued Overstay Tracking: A Key Component of Homeland Security and a
Layered Defense that cites recommendations that are relevant to the
evaluation of DHS's new U.S. Visitor and Immigrant Status Indicator
Technology program, see GAO-04-82, May 21, 2004. This report and its
recommendations as well as others like it are not included in the
results of our review since they are outside the scope of our work.
[5] In commenting on our reports, which contained the other 8
recommendations, DHS generally indicated concurrence with the
recommendations.
[6] This plan addresses the recommendations contained in our report,
Critical Infrastructure Protection: Significant Challenges in
Developing National Capabilities, GAO-01-323, (Washington, D.C.: Apr.
25, 2001).
