Homeland Security
Key Cargo Security Programs Can Be Improved Gao ID: GAO-05-466T May 26, 2005U.S. Customs and Border Protection (CBP) has in place two programs to help address the threat posed by terrorists smuggling weapons of mass destruction (WMD) into the United States: the Customs-Trade Partnership Against Terrorism (C-TPAT) and the Container Security Initiative (CSI). In July 2003, GAO reported that these programs had management challenges that limited their effectiveness. Given plans to expand both programs, in two recently issued reports GAO examined selected aspects of both programs' operations. This statement is a summary of those publicly available reports.
In return for committing to making improvements to the security of their shipments, C-TPAT members receive a range of benefits that may change the risk characterization of their shipments, thereby reducing the probability of extensive inspection. Before providing benefits, CBP reviews the self-reported information contained in applicants' membership agreements and security profiles. Also, CBP assesses the compliance history of importers before granting them benefits. However, CBP grants benefits before members undergo the validation process, which is CBP's method to verify that their security measures are reliable, accurate, and effective. Although CBP's goal was to validate members within 3 years, to date it has validated 11 percent of them. Further, the validation process is not rigorous, as the objectives, scope, and methodology of validations are jointly agreed upon with the member, and CBP has no written guidelines to indicate what scope of effort is adequate for the validation. Also, although CBP has recently moved to a risk-based approach to selecting members for validation, it has not determined the number and types of validations that are needed to manage security risks or the CBP staff required to complete them. Further, CBP has not developed a comprehensive set of performance measures for the program, and key program decisions are not always documented and programmatic information is not updated regularly or accurately. The CSI program is designed to target and inspect high-risk cargo containers at foreign ports before they leave for the United States. It has resulted in improved information sharing between U.S. and foreign customs operations and a heightened level of international awareness regarding securing the global shipping system. Yet, several factors limit CBP's ability to successfully target containers to determine if they are high-risk. One factor is staffing imbalances, caused by political and practical considerations, which impede CBP's targeting efforts at CSI ports. As a result, 35 percent of U.S.-bound shipments from CSI ports were not targeted and not subject to inspection overseas--the key goal of the CSI program. In addition, as of September 11, 2004, 28 percent of the containers referred to host governments for inspection were not inspected overseas for various reasons such as operational limitations. One percent of these referrals were denied by host government officials, generally because they believed the referrals were based on factors not related to security threats. For the 72 percent of referred containers that were inspected overseas, CBP officials told us that no WMD were discovered. However, the nonintrusive inspection equipment used at CSI ports varies in detection capability, and there are no minimum technical requirements for equipment used as part of CSI. As a result, CBP has limited assurance that inspections conducted under CSI are effective at detecting and identifying terrorist WMD in containers. Finally, CBP continues to make refinements to the strategic plan and performance measures needed to help manage the program and achieve program goals. Until these refinements are completed, it will be difficult to assess progress made in CSI operations.
GAO-05-466T, Homeland Security: Key Cargo Security Programs Can Be Improved
This is the accessible text file for GAO report number GAO-05-466T
entitled 'Homeland Security: Key Cargo Security Programs Can Be
Improved' which was released on May 26, 2005.
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as part
of a longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
Testimony Before the Permanent Subcommittee on Investigations,
Committee on Homeland Security and Governmental Affairs, United States
Senate:
United States Government Accountability Office:
GAO:
For Release on Delivery Expected at 9:30 a.m. EDT:
Thursday, May 26, 2005:
Homeland Security:
Key Cargo Security Programs Can Be Improved:
Statement of Richard M. Stana, Director, Homeland Security and Justice
Issues:
GAO-05-466T:
GAO Highlights:
Highlights of GAO-05-466T, a testimony before the Permanent
Subcommittee on Investigations, Committee on Homeland Security and
Governmental Affairs, United States Senate:
Why GAO Did This Study:
U.S. Customs and Border Protection (CBP) has in place two programs to
help address the threat posed by terrorists smuggling weapons of mass
destruction (WMD) into the United States: the Customs-Trade Partnership
Against Terrorism (C-TPAT) and the Container Security Initiative (CSI).
In July 2003, GAO reported that these programs had management
challenges that limited their effectiveness. Given plans to expand both
programs, in two recently issued reports GAO examined selected aspects
of both programs‘ operations. This statement is a summary of those
publicly available reports.
What GAO Found:
In return for committing to making improvements to the security of
their shipments, C-TPAT members receive a range of benefits that may
change the risk characterization of their shipments, thereby reducing
the probability of extensive inspection. Before providing benefits, CBP
reviews the self-reported information contained in applicants‘
membership agreements and security profiles. Also, CBP assesses the
compliance history of importers before granting them benefits. However,
CBP grants benefits before members undergo the validation process,
which is CBP‘s method to verify that their security measures are
reliable, accurate, and effective. Although CBP‘s goal was to validate
members within 3 years, to date it has validated 11 percent of them.
Further, the validation process is not rigorous, as the objectives,
scope, and methodology of validations are jointly agreed upon with the
member, and CBP has no written guidelines to indicate what scope of
effort is adequate for the validation. Also, although CBP has recently
moved to a risk-based approach to selecting members for validation, it
has not determined the number and types of validations that are needed
to manage security risks or the CBP staff required to complete them.
Further, CBP has not developed a comprehensive set of performance
measures for the program, and key program decisions are not always
documented and programmatic information is not updated regularly or
accurately.
The CSI program is designed to target and inspect high-risk cargo
containers at foreign ports before they leave for the United States. It
has resulted in improved information sharing between U.S. and foreign
customs operations and a heightened level of international awareness
regarding securing the global shipping system. Yet, several factors
limit CBP‘s ability to successfully target containers to determine if
they are high-risk. One factor is staffing imbalances, caused by
political and practical considerations, which impede CBP‘s targeting
efforts at CSI ports. As a result, 35 percent of U.S.-bound shipments
from CSI ports were not targeted and not subject to inspection
overseas”the key goal of the CSI program. In addition, as of September
11, 2004, 28 percent of the containers referred to host governments for
inspection were not inspected overseas for various reasons such as
operational limitations. One percent of these referrals were denied by
host government officials, generally because they believed the
referrals were based on factors not related to security threats. For
the 72 percent of referred containers that were inspected overseas, CBP
officials told us that no WMD were discovered. However, the
nonintrusive inspection equipment used at CSI ports varies in detection
capability, and there are no minimum technical requirements for
equipment used as part of CSI. As a result, CBP has limited assurance
that inspections conducted under CSI are effective at detecting and
identifying terrorist WMD in containers. Finally, CBP continues to make
refinements to the strategic plan and performance measures needed to
help manage the program and achieve program goals. Until these
refinements are completed, it will be difficult to assess progress made
in CSI operations.
What GAO Recommends:
For the C-TPAT program, GAO recommended that CBP eliminate the
weaknesses in its validation process, complete its human capital plan
and performance measures, and put in place internal controls for the
program. For the CSI program, GAO recommended that CBP refine its
staffing model to help improve targeting of shipments at CSI ports,
develop minimum technical requirements for the capabilities of
inspection equipment, and complete development of program measures.
CBP generally concurred with the recommendations and described
corrective actions to respond to them.
www.gao.gov/cgi-bin/getrpt?GAO-05-466T.
To view the full product, including the scope and methodology, click on
the link above. For more information, contact Rich Stana at (202) 512-
8777 or stanar@gao.gov.
[End of section]
Mr. Chairman and Members of the Subcommittee:
I appreciate the opportunity to be here today to provide a summary of
our recent reports for you on the Department of Homeland Security's
(DHS) programs to improve the security of the international supply
chain, as well as target oceangoing cargo containers for inspection at
foreign seaports before they arrive at destinations in the United
States.
In the aftermath of the terrorist attacks of September 11, 2001, there
is heightened concern that terrorists may try to smuggle weapons of
mass destruction (WMD) into the United States, specifically by using
one of the millions of cargo containers that arrive at our nation's
seaports each year. If terrorists did so and detonated such a weapon
(e.g., a radiological explosive device) at a seaport, the incident
could cause widespread death and damage to the immediate area, perhaps
shut down seaports nationwide, cost the U.S. economy billions of
dollars, and seriously hamper international trade.
DHS and its U.S. Customs and Border Protection (CBP) are responsible
for addressing the threat posed by terrorists smuggling weapons into
the United States. To carry out this responsibility, CBP has in place
programs known as the Customs-Trade Partnership Against Terrorism (C-
TPAT) and the Container Security Initiative (CSI). The C-TPAT program
attempts to improve the security of the international supply chain
(flow of goods from manufacturer to retailer). It is a cooperative
program between CBP and members of the international trade community in
which private companies agree to improve the security of their supply
chains in return for a reduced likelihood that their containers will be
inspected. C-TPAT membership is open to U.S.-and foreign-based
companies whose goods are shipped to the United States via air, rail,
ocean, and truck carriers. The CSI program specifically addresses the
security of oceangoing cargo containers. Under the program, CBP places
staff at foreign seaports to work with foreign counterparts to use risk
assessment information to select, or target, those containers at risk
of containing WMD and inspect them before they are shipped to the
United States.
This statement presents a summary of our latest efforts in a series of
GAO reports that evaluate CBP's response to the terrorist
threat.[Footnote 1] As requested, my testimony will focus on our
assessment of CBP's efforts under both C-TPAT and CSI. Regarding C-
TPAT, I will address the following issues:
* What benefits does CBP provide to C-TPAT members?
* Before providing benefits, what approach does CBP take to determine C-
TPAT members' eligibility for them?
* After providing benefits, how does CBP verify that members have
implemented their security measures?
* To what extent has CBP developed strategies and related management
tools for achieving the program's goals?
Regarding CSI, I will address the following issues:
* What factors affect CBP's ability to target shipments at overseas
seaports?
* Under CSI, to what extent have high-risk containers been inspected
overseas prior to their arrival at U.S. destinations?
* To what extent has CBP developed strategies and related management
tools for achieving the program's goals?
My statement today represents a summary of two unrestricted reports we
have provided to Congress on these programs--that is, our March 2005
report on C-TPAT[Footnote 2] and our April 2005 report on CSI.[Footnote
3]
Summary:
C-TPAT Issues:
Our report on C-TPAT noted that C-TPAT members receive a range of
benefits that reduce the level of scrutiny CBP provides to their
shipments bound for the United States. These benefits may change the
risk characterization of their shipments, thereby reducing the
probability of extensive documentary and physical inspection. Before
providing benefits, CBP uses a two-pronged approach to assess C-TPAT
members. First, CBP has a certification process to review the self-
reported information contained in applicants' membership agreements and
security profiles. Second, CBP has in place a vetting process to try to
assess the compliance with customs laws and regulations and violation
history of and intelligence data on importers before granting them
benefits. However, CBP grants benefits to members before they undergo
the validation process, which is CBP's method to verify that members'
characterization of their security measures are accurate and that the
security measures have been implemented.
Regarding the validation process, we found several weaknesses that
compromise CBP's ability to provide an actual verification that
members' supply chain security measures are accurate and are being
followed. First, the validation process is not rigorous enough to
ensure that the security procedures outlined in members' security
profiles are reliable, accurate, and effective. For example, CBP
officials told us that validations are not considered independent
audits, and the objectives, scope, and methodology of validations are
jointly agreed upon with the member company. Related to this, CBP has
no written guidelines to indicate what scope of effort is adequate for
the validation to ensure that the member's measures are reliable,
accurate, and effective. Finally, CBP has not determined the extent to
which validations are needed, abandoning its original goal to validate
all members within 3 years because of rapid growth in membership and
CBP staffing constraints. In 3 years of C-TPAT operation, CBP has
validated about 11 percent of its certified members.
We also found weaknesses in some of the tools CBP uses to manage the
program that could hinder achieving the program's goals. The new CBP
strategic plan appears to provide the bureau with a general framework
on which to base key decisions, including key strategic planning
elements such as strategic goals, objectives, and strategies. CBP told
us it has developed some initial performance measures to capture the
program's impact but has not developed a comprehensive set of
performance measures and indicators to monitor the status of program
goals. Finally, the C-TPAT program lacks an effective records
management system. CBP's record keeping for the program is incomplete,
as key decisions are not always documented and programmatic information
is not updated regularly or accurately.
Our report contained several recommendations to enhance the C-TPAT
program. Specifically, we made recommendations to CBP to provide
appropriate guidance to specialists conducting validations, determine
the extent to which members should be validated in lieu of the original
goal to validate all members within 3 years of certification, complete
performance measures and a human capital plan, and implement a records
management system for the program. CBP generally agreed with our
recommendations and cited corrective actions the bureau either had
taken or planned to take to implement them.
CSI Issues:
Our report on CSI noted improved information sharing between U.S. and
foreign customs operations and a heightened level of bilateral
cooperation and international awareness regarding securing the whole
global shipping system across governments. However, other, negative
factors limit CBP's ability to successfully target containers to
determine if they are high-risk. One such factor is staffing
imbalances, which impede CBP from targeting all containers shipped from
some CSI ports before they leave for the United States. For example,
political and practical considerations have limited the number of staff
at some ports. As a result of these limitations, 35 percent of U.S.-
bound shipments from CSI ports were not targeted and were therefore not
subject to inspection overseas--the key goal of the CSI program. We
also noted that CBP's reliance on placing staff at overseas ports
without considering whether some targeting functions could be performed
domestically limits the program's operational efficiency and
effectiveness.
Our report also noted that as of September 2004, 28 percent of the
containers referred to host governments for inspection had not been
inspected overseas. These containers were not inspected for reasons
such as operational limitations that prevented the containers from
being inspected before they left the port. One percent of these
referrals were denied by host government officials, generally because
they believed the referrals were based on factors not related to
security threats, such as drug smuggling. For the 72 percent of
referred containers that were inspected overseas, CBP officials told us
that no WMD were discovered, although they acknowledged that
technologies to detect other WMDs have limitations. Also, considering
that the nonintrusive inspection equipment used at CSI ports varies in
detection capability and that there are no minimum technical
requirements for equipment used as part of CSI, CBP has limited
assurance that inspections conducted under CSI are effective at
detecting and identifying terrorist WMD in containers.
The bureau continues to make refinements to management tools needed to
help achieve program goals. Although CBP issued a strategic plan for
CSI in February 2004, the bureau continues to develop three key
elements: (1) describing how performance goals are related to general
goals of the program, (2) identifying key external factors that could
affect program goals, and (3) describing how programs are to be
evaluated. Although CBP has made progress in the development of some
outcome-oriented performance measures, it continues to face challenges
in developing performance measures to assess the effectiveness of CSI
targeting and inspection activities. Therefore, it is difficult to
assess progress made in CSI operations over time, and it is difficult
to compare CSI operations across ports.
Our report made several recommendations to improve the CSI program.
Specifically, we recommended that CBP revise its staffing model,
develop minimum detection capability requirements for nonintrusive
inspection equipment used in the program, and complete development of
performance measures for all program objectives. CBP generally agreed
with our recommendations and cited corrective actions the bureau either
had taken or planned to take to implement them.
Background:
CBP maintains two overarching goals: (1) increasing security and (2)
facilitating legitimate trade and travel. Disruptions to the supply
chain could have immediate and significant economic impacts. For
example, in terms of containers, CBP data indicates that in 2003 about
90 percent of the world's cargo moved by container. In the United
States, almost half of all incoming trade (by value) arrived by
containers on board ships. Additionally, containers arrive via truck
and rail. Both admitting dangerous cargo into the country and delaying
the movement of cargo containers through ports of entry could
negatively affect the national economy. Therefore, CBP believes it is
vital to try to strike a balance between its antiterrorism efforts and
facilitating the flow of legitimate international trade and travel.
Vulnerability of the Supply Chain:
The terrorist events of September 11, 2001, raised concerns about
company supply chains, particularly oceangoing cargo containers,
potentially being used to move WMD to the United States. An extensive
body of work on this subject by the Federal Bureau of Investigation and
academic, think tank, and business organizations concluded that while
the likelihood of such use of containers is considered low, the
movement of oceangoing containerized cargo is vulnerable to some form
of terrorist action. Such action, including attempts to smuggle either
fully assembled WMD or their individual components, could lead to
widespread death and damage.
The supply chain is particularly vulnerable to potential terrorists
because of the number of individual companies handling and moving cargo
through it. To move a container from production facilities overseas to
distribution points in the United States, an importer has multiple
options regarding the logistical process, such as routes and the
selection of freight carriers. For example, some importers might own
and operate key aspects of the overseas supply chain process, such as
warehousing and trucking operations. Alternatively, importers might
contract with logistical service providers, including freight
consolidators and nonvessel-operating common carriers. In addition,
importers must choose among various modes of transportation to use,
such as rail, truck, or barge, to move containers from the
manufacturer's warehouse to the port of lading.
C-TPAT Is Part of CBP's Layered Enforcement Strategy:
CBP has implemented a layered enforcement strategy to prevent
terrorists and WMD from entering the United States through the supply
chain. One key element of this strategy is the C-TPAT program.
Initiated in November 2001, C-TPAT is a voluntary program designed to
improve the security of the international supply chain while
maintaining an efficient flow of goods. Under C-TPAT, CBP officials
work in partnership with private companies to review their supply chain
security plans to improve members' overall security. In return for
committing to making improvements to the security of their shipments by
joining the program, C-TPAT members may receive benefits that result in
reduced scrutiny of their shipments (e.g., reduced number of
inspections or shorter border wait times for their shipments). C-TPAT
membership is open to U.S.-based companies in the trade community,
including (1) air/rail/sea carriers, (2) border highway carriers, (3)
importers, (4) licensed customs brokers, (5) air freight consolidators
and ocean transportation intermediaries and nonvessel-operating common
carriers, and (6) port authorities or terminal operators. Of these
companies, CBP grants importers key program benefits. According to CBP,
program membership has grown rapidly, and continued growth is expected,
especially as member importers are requiring their suppliers to become
C-TPAT members. For example, as of January 2003 approximately 1,700
companies had become C-TPAT members. By May 2003, the number had nearly
doubled to 3,355. According to CBP officials, as of April 2005, the C-
TPAT program had over 9,000 members. For fiscal year 2005, the C-TPAT
budget request was about $38 million, with a requested budget for
fiscal year 2006 of about $54 million for program expansion efforts. As
of August 2004, CBP had hired 40 supply chain specialists, who are
dedicated to serve as the principal advisers and primary points of
contact for C-TPAT members.[Footnote 4] The specialists are located in
Washington, D.C., Miami, Florida, Los Angeles, California, and New
York, New York.
CBP has a multistep review process for the C-TPAT program. Applicants
first submit signed C-TPAT agreements affirming their desire to
participate in the voluntary program. Applicants must also submit
security profiles--executive summaries of their company's existing
supply chain security procedures--that follow guidelines jointly
developed by CBP and the trade community. These security profiles are
to summarize the applicant's current security procedures in areas such
as physical security, personnel security, and education and training
awareness. Next, CBP established a certification process in which it
reviews the applications and profiles by comparing their contents with
the security guidelines jointly developed by CBP and the industry,
looking for any weaknesses or gaps in the descriptions of security
procedures. Once any issues are resolved to CBP's satisfaction, CBP
signs the agreement and the company is considered to be certified C-
TPAT member, eligible for program benefits. However, members that are
importers must first complete another review, as described below,
before benefits can begin. CBP encourages all members to conduct self-
assessments of their security profiles each year to determine any
significant changes and to notify CBP. For example, members may be
using new suppliers or new trucking companies and would need to update
their security profiles to reflect these changes.
For certified importers, CBP has an additional review called the
vetting process in which CBP reviews information about an importer's
compliance with customs laws and regulations and violation history.
Conducted concurrently with the certification process, CBP requires the
vetting process for certified importers as a condition of granting them
key program benefits. As part of the vetting process, CBP obtains trade
compliance and intelligence information on certified importers from
several data sources. If CBP gives the importer a favorable review
under both the vetting process and the certification process, benefits
are to begin within a few weeks. If not, benefits are not to be granted
until successful completion of the validation process, as described
below.
The final step in the review process is validation. CBP's stated
purpose for validations is to ensure that the security measures
outlined in certified members' security profiles and periodic self-
assessments are reliable, accurate, and effective. In the validation
process, CBP staff meet with company representatives to verify the
supply chain security measures contained in the company's security
profile. The validation process is designed to include visits to the
company's domestic and, potentially, foreign sites. The member and CBP
jointly determine which elements of the member's supply chain measures
will be validated, as well as which locations will be visited. Upon
completion of the validation process, CBP prepares a final validation
report it presents to the company that identifies any areas that need
improvement and suggested corrective actions, as well as a
determination if program benefits are still warranted for the member.
CSI Is Another Layer of CBP's Enforcement Strategy:
Announced in January 2002, the CSI program was implemented to allow CBP
officials to target containers at foreign seaports so that any high-
risk containers may be inspected prior to their departure for U.S.
destinations. Strategic objectives for the CSI program include (1)
pushing the United States' zone of security beyond its physical borders
to deter and combat the threat of terrorism; (2) targeting shipments
for potential terrorists and terrorist weapons, through advanced and
enhanced information and intelligence collection and analysis, and
preventing those shipments from entering the United States; (3)
enhancing homeland and border security while facilitating growth and
economic development within the international trade community; and (4)
utilizing available technologies to leverage resources and to conduct
examinations of all containers posing a high risk for terrorist-related
activity.
To participate in the CSI program, a host nation must utilize (1) a
seaport that has regular, direct, and substantial container traffic to
ports in the United States; (2) customs staff with the authority and
capability to inspect cargo originating in or transiting through its
country; and (3) nonintrusive inspection equipment. In addition, a host
nation must meet several operational criteria, including a commitment
to establishing an automated risk management system. To implement the
CSI program, CBP negotiates and enters into bilateral arrangements with
foreign governments, specifying the placement of CBP officials at
foreign ports and the exchange of information between CBP and foreign
customs administrations. CBP first solicited the participation of the
20 foreign ports that shipped the highest volume of ocean containers to
the United States. These top 20 ports are located in 14 countries and
regions and shipped a total of 66 percent of all containers that
arrived in U.S. seaports in 2001. CBP has since expanded CSI to
strategic ports, which may ship lesser amounts of cargo to the United
States but may also have terrorism or geographical concerns. As shown
in table 1, as of February 2005, CSI was operational at 34 ports,
located in 17 countries or regions. For fiscal year 2005, the CSI
budget was about $126 million, with a budget of about $139 million
requested in fiscal year 2006.
Table 1: CSI Operational Seaports, as of February 2005:
Country/region: Canada;
CSI port: Halifax;
Date CSI operations began at port: March 2002.
Country/region: Canada;
CSI port: Montreal;
Date CSI operations began at port: March 2002.
Country/region: Canada;
CSI port: Vancouver;
Date CSI operations began at port: February 2002.
Country/region: The Netherlands;
CSI port: Rotterdam;
Date CSI operations began at port: September 2002.
Country/region: France;
CSI port: Le Havre;
Date CSI operations began at port: December 2002.
Country/region: France;
CSI port: Marseilles;
Date CSI operations began at port: January 2005.
Country/region: Germany;
CSI port: Bremerhaven;
Date CSI operations began at port: February 2003.
Country/region: Germany;
CSI port: Hamburg;
Date CSI operations began at port: February 2003.
Country/region: Belgium;
CSI port: Antwerp;
Date CSI operations began at port: February 2003.
Country/region: Belgium;
CSI port: Zeebrugge;
Date CSI operations began at port: October 2004.
Country/region: Republic of Singapore;
CSI port: Singapore;
Date CSI operations began at port: March 2003.
Country/region: Japan;
CSI port: Yokohama;
Date CSI operations began at port: March 2003.
Country/region: Japan;
CSI port: Tokyo;
Date CSI operations began at port: May 2004.
Country/region: Japan;
CSI port: Nagoya;
Date CSI operations began at port: August 2004.
Country/region: Japan;
CSI port: Kobe;
Date CSI operations began at port: August 2004.
Country/region: Hong Kong Special Administrative Region of China;
CSI port: Hong Kong;
Date CSI operations began at port: May 2003.
Country/region: Sweden;
CSI port: Gothenburg;
Date CSI operations began at port: May 2003.
Country/region: United Kingdom;
CSI port: Felixstowe;
Date CSI operations began at port: May 2003.
Country/region: United Kingdom;
CSI port: Liverpool;
Date CSI operations began at port: October 2004.
Country/region: United Kingdom;
CSI port: Southampton;
Date CSI operations began at port: October 2004.
Country/region: United Kingdom;
CSI port: Thamesport;
Date CSI operations began at port: October 2004.
Country/region: United Kingdom;
CSI port: Tilbury;
Date CSI operations began at port: October 2004.
Country/region: Italy;
CSI port: Genoa;
Date CSI operations began at port: June 2003.
Country/region: Italy;
CSI port: La Spezia;
Date CSI operations began at port: June 2003.
Country/region: Italy;
CSI port: Livorno;
Date CSI operations began at port: December 2004.
Country/region: Italy;
CSI port: Naples;
Date CSI operations began at port: September 2004.
Country/region: Italy;
CSI port: Gioia Tauro;
Date CSI operations began at port: October 2004.
Country/region: South Korea;
CSI port: Busan;
Date CSI operations began at port: August 2003.
Country/region: South Africa;
CSI port: Durban;
Date CSI operations began at port: December 2003.
Country/region: Malaysia;
CSI port: Port Klang;
Date CSI operations began at port: March 2004.
Country/region: Malaysia;
CSI port: Tanjung Pelepas;
Date CSI operations began at port: August 2004.
Country/region: Greece;
CSI port: Piraeus;
Date CSI operations began at port: July 2004.
Country/region: Spain;
CSI port: Algeciras;
Date CSI operations began at port: July 2004.
Country/region: Thailand;
CSI port: Laem Chabang;
Date CSI operations began at port: August 2004.
Source: CBP.
[End of table]
CBP then deploys a CSI team, which generally consists of three types of
officials--targeters, intelligence analysts, and special agents. These
officials come from either CBP or U.S. Immigration and Customs
Enforcement (ICE). The team leader is a CBP officer or targeter who is
assigned to serve as the immediate supervisor for all CSI team members
and is responsible for coordinating with host government counterparts
in the day-to-day operations. The targeters are team members
responsible for targeting shipments and referring those shipments they
determine are high-risk to host government officials for inspection.
The targeter may also observe inspections of containers. The
intelligence analyst is responsible for gathering information to
support targeters in their efforts to target containers. In addition,
the special agents are to coordinate all investigative activity
resulting from CSI-related actions, as well as act as liaison with all
appropriate U.S. embassy attachés. Under the CSI program, the targeting
of cargo is largely dependent on CBP targeters' review of information
contained within CBP's Automated Targeting System (ATS) in conjunction
with other sources to determine the risk characterization of a
container.[Footnote 5]
CSI teams refer any containers they characterize as high-risk to host
government officials for concurrence to inspect. If host government
officials, on the basis of their review, agree that the shipment is
high-risk, they will proceed with an inspection using nonintrusive
inspection equipment (that is, X-ray) and physical examinations, if
warranted. If the host government officials determine, on the basis of
their review, that a shipment is not high-risk, they will deny
inspection of the shipment. For any high-risk shipment for which an
inspection is not conducted, CSI teams are to place a domestic hold on
the shipment, so that it will be inspected upon arrival at its U.S.
destination.
Prior GAO Work Disclosed Challenges:
We have conducted previous reviews of the C-TPAT and CSI programs and
CBP's targeting and inspection strategy. In July 2003, we reported that
CBP's management of C-TPAT and CSI had not evolved from a short-term
focus to a long-term strategic approach.[Footnote 6] We recommended
that the Secretary of Homeland Security work with the CBP Commissioner
to develop for both programs (1) strategic plans that clearly lay out
the program's goals, objectives, and detailed implementation
strategies; (2) performance measures that include outcome-oriented
indicators; and (3) human capital plans that clearly describe how the
programs will recruit, train, and retain new staff to meet the
program's growing demands as CBP implements new program elements. In
March 2004, we testified that CBP's targeting system does not
incorporate all key elements of a risk management framework and
recognized modeling practices in assessing the risks posed by
oceangoing cargo containers.[Footnote 7]
C-TPAT Grants Importers Reduced Scrutiny with Limited Assurance of
Improved Security:
My statement will now focus on the results of our work on the C-TPAT
program.
C-TPAT Benefits Reduce Scrutiny of Shipments:
In our C-TPAT report we noted that the C-TPAT program offers numerous
benefits to C-TPAT members. As table 2 shows, these benefits may reduce
the scrutiny of members' shipments. These benefits are emphasized to
the trade community through direct marketing in presentations and via
CBP's Web site. Although these benefits potentially reduce the
likelihood of inspection of members' shipments, CBP officials noted
that all shipments entering the United States are subject to random
inspections by CBP officials or inspections by other agencies.
Table 2: Benefits for C-TPAT Members:
Benefit: A reduced number of inspections and reduced border wait times;
Reduces amount of scrutiny provided for members? Yes.
Benefit: Reduced selection rate for trade-related compliance
examinations;
Reduces amount of scrutiny provided for members? Yes.
Benefit: Self-policing and self-monitoring of security activities;
Reduces amount of scrutiny provided for members? Yes.
Benefit: Access to the expedited cargo processing at designated FAST
lanes (for certified highway carriers and certified importers along the
Canadian and Mexican borders, as well as for certified Mexican
manufacturers);
Reduces amount of scrutiny provided for members? Yes.
Benefit: Eligible for the Importer Self-Assessment Program and has
priority access to participate in other selected customs programs (for
certified importers only);
Reduces amount of scrutiny provided for members? Yes.
Benefit: A C-TPAT supply chain specialist to serve as the CBP liaison
for validations;
Reduces amount of scrutiny provided for members? No.
Benefit: Access to the C-TPAT members list;
Reduces amount of scrutiny provided for members? No.
Benefit: Eligible to attend CBP-sponsored antiterrorism training
seminars;
Reduces amount of scrutiny provided for members? No.
Source: CBP's C-TPAT Strategic Plan, January 2005.
[End of table]
CBP Grants Benefits before Verification of Security Procedures:
We also reported that CBP does not grant program benefits until it has
reviewed and certified applicants' security profiles and, for
importers, completed an additional review called the vetting process.
According to CBP, approximately 23 percent of the security profiles it
received contained shortcomings that prevented the companies from being
certified and eligible for program benefits. However, CBP has stated
that a company will not be rejected from participating in C-TPAT if
there are problems with its security profile. Instead, CBP says it will
work with companies to try to resolve and overcome any deficiencies
with the profile itself. Regarding the vetting process, we reported
that according to CBP, to date most members who have been vetted have
proven to have favorable or neutral importing histories. CBP officials
told us that not many members have been denied benefits as a result of
the vetting process.
Although CBP does not grant program benefits until it has certified and
vetted members, we reported that neither the certification nor the
vetting process provides an actual verification that the supply chain
security measures contained in the C-TPAT member's security profile are
accurate and are being followed before CBP grants the member benefits.
A direct examination of selected members' security procedures is
conducted later as part of CBP's validation process, as discussed below.
Weaknesses Exist in Process for Verifying Security Procedures:
As we reported, we found weaknesses in the validation process that
limit CBP's ability to ensure that the C-TPAT program supports the
prevention of terrorists and terrorist weapons from entering the United
States. First, we reported that CBP's validation process is not
rigorous enough to achieve its stated purpose, which is to ensure that
the security procedures outlined in members' security profiles are
reliable, accurate, and effective. CBP officials told us that
validations are not considered independent audits, and the objectives,
scope, and methodology of validations are jointly agreed upon with the
member representatives. In addition, CBP has indicated that it does not
intend for the validation process to be an exhaustive review of every
security measure at each originating location; rather, it selects
specific facets of the members' security profiles to review for their
reliability, accuracy, and effectiveness. For example, the guidance to
ocean carriers for preparing a security profile directs the carriers to
address, at a minimum, three broad areas (security program, personnel
security, and service provider requirements), which contain several
more specific security measures, such as facilities security and pre-
employment screening. According to CBP officials, as well as our review
of selected case files, validations examine only a few facets of
members' security profiles. CBP supply chain specialists, who are
responsible for conducting most of the validations, are supposed to
individually determine which segments of a company's supply chain
security will be suggested to the member for validation. To assist in
this decision, supply chain specialists are supposed to compare a
company's security profile, as well as any self-assessments or other
company materials or information retrievable in national databases,
against the C-TPAT security guidelines to determine which elements of
the profile will be validated. Once the supply chain specialist
determines the level and focus of the validation, the specialist is
supposed to contact the member company with a potential agenda for the
validation. The two parties then jointly reach agreement on which
security elements will be reviewed and which locations will be visited.
Moreover, as we reported, CBP has no written guidelines for its supply
chain specialist to indicate what scope of effort is adequate for the
validation to ensure that the member's security measures are reliable,
accurate, and effective, in part because it seeks to emphasize the
partnership nature of the program. Importantly, CBP has no baseline
standard for what minimally constitutes a validation. CBP discourages
supply chain specialists from developing a set checklist of items to
address during the validation, as CBP does not want to give the
appearance of conducting an audit. In addition, as discussed below, the
validation reports we reviewed did not consistently document how the
elements of members' security profiles were selected for validation.
Second, we also reported that CBP has not determined the extent to
which it must conduct validations of members' security profiles to
ensure that the operation of C-TPAT is consistent with its overall
approach to managing risk. In 3 years of C-TPAT operation, CBP has
validated about 11 percent of its certified members. CBP's original
goal was to validate all certified members within 3 years of
certification. However, CBP officials told us that because of rapid
growth in program membership and its staffing constraints, it would not
be possible to meet this goal. In February 2004, CBP indicated that
approximately 5,700 companies had submitted signed agreements to
participate in the program. As shown in figure 2, by April 2005, the
number of members had grown to over 9,000, about 4,800 of which had
been certified and were thus eligible for validation. According to CBP,
as of April 2005, CBP staff had completed validations of 550 companies,
including 174 importers.
Figure 1: Status of Validating C-TPAT Members, as of April 1, 2005:
[See PDF for image]
[End of figure]
In our C-TPAT report we noted that CBP has made efforts to hire
additional supply chain specialists to handle validations for the
growing membership. As of August 2004, CBP had hired a total of 40
supply chain specialists to conduct validations, with 24 field office
managers also available to conduct validations. CBP officials told us
the bureau is currently conducting as many validations as its resources
allow. However, CBP has not determined the number of supply chain
specialists it needs or the extent to which validations are needed to
provide reasonable assurance that the program is consistent with a
sound risk management approach to securing U.S.-bound goods.
Finally, we reported that it would not be possible for CBP to meet its
goal of validating every member within 3 years of certification.
Instead, CBP told us it is using a risk-based approach, which considers
a variety of factors to prioritize which members should be validated as
resources allow. CBP has an internal selection process it is supposed
to apply to all certified members. Under this process CBP officials are
supposed to prioritize members for validation based on established
criteria but may also consider other factors. For example, recent
seizures involving C-TPAT members can affect validation priorities. If
a member is involved in a seizure, CBP officials noted that the member
is supposed to lose program benefits and be given top priority for a
validation. In addition, CBP officials told us that an importer that
failed CBP's vetting process would also be given top priority for a
validation. CBP officials have taken this approach because any importer
that fails the vetting process is not supposed to receive program
benefits until after successful completion of the validation process.
Incomplete Progress Made in Addressing Management Weaknesses:
As we reported, CBP continues to expand the C-TPAT program without
addressing management weaknesses that could hinder the bureau from
achieving the program's dual goals of securing the flow of goods bound
for the United States and facilitating the flow of trade. First, we
reported that CBP is still developing an implementation plan to address
the strategies for carrying out the program's goals and those elements
required in a human capital plan. For example, CBP said it has
developed new positions, training programs and materials, and a
staffing plan. Further, CBP said it will continue to refine all aspects
of the C-TPAT human capital plan to include headquarters personnel,
additional training requirements, budget, and future personnel
profiles.
Second, we reported that CBP continues developing a comprehensive set
of performance measures and indicators for C-TPAT. According to CBP,
developing these measures for C-TPAT, as well as other programs in the
bureau, has been difficult because CBP lacks data necessary to exhibit
whether a program has prevented or deterred terrorist activity. For
example, as noted in the C-TPAT strategic plan, it is difficult to
measure program effectiveness in terms of deterrence because generally
the direct impact on unlawful activity is unknown. The plan also notes
that while traditional workload measures are a valuable indicator, they
do not necessarily reflect the success or failure of the bureau's
efforts. CBP is working to collect more substantive information--
related to C-TPAT activities (i.e., current workflow process)--to
develop its performance measures. In commenting on a draft of our
report, CBP indicated it has developed initial measures for the program
but will continue to develop and refine these measures to ensure
program success.
Third, we reported that CBP's record keeping for the program is
incomplete, as key decisions are not always documented and programmatic
information is not updated regularly or accurately. Federal regulations
require that bureau record-keeping procedures provide documentation to
facilitate review by Congress and other authorized agencies of
government. Further, standards for internal control in the federal
government require that all transactions be clearly documented in a
manner that is complete, accurate, and useful to managers and others
involved in evaluating operations. During our review of six company
files for which validations had been completed, it was not always clear
what facet of the security profile was being validated and why a
particular site was selected at which to conduct the validation because
there was not always documentation of the decision-making process. The
aspects of the security profiles covered and sites visited did not
always appear to be the most relevant. For example, one validation
report we reviewed for a major retailer--one that imports the vast
majority of its goods from Asia--indicated that the validation team
reviewed facilities in Central America. CBP officials noted that it
recently revised its validation report format to better capture any
justification for report recommendations and best practices identified.
After reviewing eight of the more recent validation reports, we noted
that there appeared to be a greater discussion related to the rationale
for validating specific aspects of the security profiles. However, the
related company files did not consistently contain other documentation
of members' application, certification, vetting, receipt of benefits,
or validation. While files contained some of these elements, they were
generally not complete. In fact, most files did not usually contain
anything other than copies of the member's C-TPAT agreement, security
profiles, and validation report.
Further, we reported that CBP does not update programmatic information
regularly or accurately. In particular, the reliability of CBP's
database to track member status using key dates in the application
through validation processes is questionable. The database, which is
primarily used for documentation management and workflow tracking, is
not updated on a regular basis. In addition, C-TPAT management told us
that earlier data entered into the database may not be accurate, and
CBP has taken no systematic look at the reliability of the database.
CBP officials also told us that there are no written guidelines for who
should enter information into the database or how frequently the
database should be updated. We made several requests over a period of
weeks to review the contents of the database to analyze workload
factors, including the amount of time that each step in the C-TPAT
application and review process was taking. The database information
that CBP ultimately provided to us was incomplete, as many of the data
fields were missing or inaccurate. For example, more than 33 percent of
the entries for validation date were incomplete. In addition, data on
the status of companies undergoing the validation process was provided
in hard copy only and included no date information. CBP officials told
us that they are currently exploring other data management systems,
working to develop a new, single database that would capture pertinent
data, as well as developing a paperless environment for the program.
GAO Recommendations and CBP Response:
Our C-TPAT report recommended that the Secretary of Homeland Security
direct the Commissioner of U.S. Customs and Border Protection to take
the following five actions:
* strengthen the validation process by providing appropriate guidance
to specialists conducting validations, including what level of review
is adequate to determine whether member security practices are
reliable, accurate, and effective;
* determine the extent (in terms of numbers or percentage) to which
members should be validated in lieu of the original goal to validate
all members within 3 years of certification;
* complete the development of performance measures, to include outcome-
based measures and performance targets, to track the program's status
in meeting its strategic goals;
* complete a human capital plan that clearly describes how the C-TPAT
program will recruit, train, and retain sufficient staff to
successfully conduct the work of the program, including reviewing
security profiles, vetting, and conducting validations to mitigate
program risk; and:
* implement a records management system that accurately and timely
documents key decisions and significant operational events, including a
reliable system for (1) documenting and maintaining records of all
decisions in the application through validation processes, including
but not limited to documentation of the objectives, scope,
methodologies, and limitations of validations, and (2) tracking member
status.
In commenting on a draft of the report, CBP generally agreed with our
recommendations and outlined actions it either had taken or was
planning to take to implement them.
After our work was completed, CBP issued new security criteria for C-
TPAT importers. Although we have not assessed the new criteria in
detail, the new criteria appear to better define the minimum security
expectations of importers participating in the C-TPAT program than the
prior security guidelines. For example, under the prior security
guidelines, all importers were to secure containers' internal and
external compartments and panels. Under the new security criteria,
importers are to explicitly require all containers bound for the United
States to have high-security seals affixed to them. In addition, the
new criteria appear to place a greater emphasis on security procedures
throughout importers' supply chains than the prior guidelines.
Specifically, the new criteria state that importers must have written
and verifiable processes for the selection of business partners, as
well as documentation of whether these business partners are either C-
TPAT certified or meet the C-TPAT security criteria--requirements not
found in the prior security guidelines. However, the new security
criteria do not address our recommendations for improving the program
and may place an even greater emphasis on the need to strengthen the
validation process. According to the new criteria, importers wishing to
join the C-TPAT program must submit security profiles that address the
new criteria as part of the certification process. But importers who
are already C-TPAT members are not required to provide any written
certification that they meet the new security criteria and will not
have to resubmit their security profiles. Instead, CBP will use
validations to gauge whether or not these members have adopted the new
security criteria. This places a greater emphasis on the need for CBP
to establish guidelines for what constitutes a validation and the
extent to which it must conduct validations to ensure that the C-TPAT
program is consistent with its overall approach to managing risk.
Improvements Needed in CSI Targeting, Inspection and Management
Efforts:
My statement will now focus on the results of our work on the CSI
program.
Limitations Exist in Ability to Target Containers Overseas:
In our CSI report, we noted that CBP officials told us the CSI program
has produced factors that contribute to CBP's ability to target
shipments at overseas seaports, including improved information sharing
between the CSI teams and host government officials regarding U.S.-
bound shipments and a heightened level of bilateral cooperation on and
international awareness of the need for securing the global shipping
system. However, we found factors that may limit the program's
effectiveness at some ports, including (1) staffing imbalances at CSI
ports and (2) weaknesses in one source of data CBP relies upon to
target shipments.
As we reported, one factor negatively affecting CBP's ability to target
containers is staffing imbalances across ports. Although CBP's goal is
to target all U.S.-bound containers at CSI ports before they depart for
the United States, it has not been able to place enough staff at some
CSI ports to do so. As a result of these imbalances, 35 percent of U.S.-
bound shipments from CSI ports were not targeted and were therefore not
subject to inspection overseas--the key goal of the CSI program. CBP
has been unable to staff the CSI teams at the levels called for in the
CSI staffing model because of diplomatic and practical considerations.
However, CBP's staffing model for CSI does not consider whether some of
the targeting functions could be performed in the United States. For
example, the model does not consider what minimum number of targeters
need to be physically located at CSI ports to carry out duties that
require an overseas presence (such as coordinating with host government
officials) as opposed to other duties that could be performed in the
United States (such as reviewing manifests and databases). CBP has
placed targeters at its National Targeting Center to assist CSI teams
in targeting containers for inspection, which demonstrates that CBP
does not have to rely exclusively on overseas targeters as called for
in its staffing model.
Further, we reported the existence of limitations in one data source
CSI teams use for targeting high-risk containers. For CSI, CBP uses
manifest information as one data source to help characterize the risk
level of U.S.-bound shipments, information that may be unreliable and
incomplete. Although CBP officials told us that the quality of the
manifest data has improved, there is no method to routinely verify
whether the manifest data accurately reflect the contents within the
cargo container.
Some Containers Were Not Inspected for a Variety of Reasons:
As we reported, since the implementation of CSI through September 11,
2004, 28 percent (4,013) of containers referred to host government
officials for inspection were not inspected for a variety of reasons
including operational limitations that prevented the containers from
being inspected before they left the port. In 1 percent of these cases,
host government officials denied inspections, generally because
inspection requests were based on factors not related to security
threats, such as drug smuggling. Containers referred to host
governments for inspection by CSI teams that are not inspected overseas
are supposed to be referred for inspection upon arrival at the U.S.
destination port. CBP officials noted that between July 2004 and
September 2004, about 93 percent of shipments referred for domestic
inspection were inspected at a U.S. port. CBP officials explained that
some of these shipments were not inspected domestically because
inspectors at U.S. ports received additional information or entry
information that lowered the risk characterization of the shipments or
because the shipments remained aboard the carrier and were never
offloaded at a U.S. port.
Further, we reported that for the 72 percent (10,343) of containers
that were inspected overseas, CBP officials told us there were some
anomalies that led to law enforcement actions but that no WMD were
discovered. There are two types of radiation detection devices used at
CSI ports to inspect cargo containers--radiation isotope identifier
devices and radiation portal monitors--as well as various types of X-
ray and gamma-ray imaging machines used at CSI ports to inspect cargo
containers, each with different detection and identification
capabilities. However, the inspection equipment used at CSI ports
varies in detection capability, and there are no minimum requirements
for the detection capability of equipment used for CSI. In addition,
technologies to detect other WMD have limitations. As a result, CBP has
no absolute assurance that inspections conducted under CSI are
effective at detecting and identifying WMD. According to CBP officials,
the bureau has not established minimum technical requirements for the
nonintrusive inspection equipment or radiation detection equipment that
can be used as part of CSI because of sovereignty issues, as well as
restrictions that prevent CBP from endorsing a particular brand of
equipment. Although CBP cannot endorse a particular brand of equipment,
the bureau could still establish general technical capability
requirements for any equipment used under CSI similar to other general
requirements CBP has for the program, such as the country committing to
establishing an automated risk management system. Because the CSI
inspection could be the only inspection of a container before it enters
the interior of the United States, it is important that the
nonintrusive inspection and radiation detection equipment used as part
of CSI provides some level of assurance of the likelihood that the
equipment could detect the presence of WMD.
CBP Has Made Progress Developing a Strategic Plan and Performance
Measures for CSI, but Further Refinements Are Needed:
As we reported, CBP has made some improvements in the management of
CSI, but further refinements to the bureau's management tools are
needed to help achieve program goals. Regarding a strategic plan for
CSI, CBP developed a strategic plan in February 2004 that contained
three of the six key elements the Government Performance and Results
Act (GPRA) required for executive agency strategic plans but lacked (1)
a description of how performance goals and measures are related to the
general goals and objectives of the program, (2) an identification of
key factors external to the agency and beyond its control that could
affect the achievement of general goals and objectives, and (3) a
description of program evaluations. We also reported that CBP told us
it was revising the CSI strategic plan to address the elements we
raised in the report. We noted that it appeared that the bureau's
initial efforts in this area met the intent of our prior recommendation
to develop a strategic plan for CSI, but we could not determine the
effectiveness of further revisions to the plan without first reviewing
and evaluating them.
Further, we recommended in our July 2003 report that CBP expand efforts
already initiated to develop performance measures for CSI that include
outcome-oriented indicators. Until recently, CBP based the performance
of CSI on program outputs such as (1) the number and percentage of
bills of lading reviewed, further researched, referred for inspection,
and actually inspected, and (2) the number of countries and ports
participating in CSI. CBP has developed 11 performance indicators for
CSI, 2 of which it identified as outcome-oriented: (1) the number of
foreign mitigated examinations and (2) the percentage of worldwide U.S.-
destined containers processed through CSI ports. However, CSI lacks
performance goals and measures for other program objectives. In
commenting on a draft of our April 2005 report, DHS noted that CBP is
continuing to refine existing performance measures and develop new
performance measures for its program goals. For example, CBP was
developing a cost efficiency measure to measure the cost of work at a
port and to contribute to staffing decisions.
GAO Recommendations and CBP Response:
Our CSI report recommended that the Secretary of Homeland Security
direct the Commissioner of U.S. Customs and Border Protection to take
the following three actions:
* revise the CSI staffing model to consider (1) what functions need to
be performed at CSI ports and what functions can be performed in the
United States, (2) the optimum levels of staff needed at CSI ports to
maximize the benefits of targeting and inspection activities in
conjunction with host nation customs officials, and (3) the cost of
locating targeters overseas at CSI ports instead of in the United
States;
* establish minimum technical requirements for the capabilities of
nonintrusive inspection equipment at CSI ports, to include imaging and
radiation detection devices, that help ensure that all equipment used
can detect WMD, while considering the need not to endorse certain
companies and sovereignty issues with participating countries; and:
* develop performance measures that include outcome-based measures and
performance targets (or proxies as appropriate) to track the program's
progress in meeting all of its objectives.
In commenting on a draft of the report, DHS generally agreed with our
recommendations and outlined actions CBP either had taken or was
planning to take to implement them.
This concludes my statement. I would now be happy to answer any
questions for the subcommittee.
GAO Contacts and Staff Acknowledgments:
For further information about this testimony, please contact me at
(202) 512-8816. Stephen L. Caldwell, Deena D. Richart, and Kathryn E.
Godfrey also made key contributions to this statement.
[End of section]
Related GAO Products:
Maritime Security: Enhancements Made, But Implementation and
Sustainability Remain Key Challenges. GAO-05-448T (Washington, D.C.:
May 17, 2005).
Container Security: A Flexible Staffing Model and Minimum Equipment
Requirements Would Improve Overseas Targeting and Inspection Efforts.
GAO-05-557 (Washington, D.C.: April 26, 2005).
Maritime Security: New Structures Have Improved Information Sharing,
but Security Clearance Processing Requires Further Attention. GAO-05-
394 (Washington, D.C.: April 15, 2005).
Preventing Nuclear Smuggling: DOE Has Made Limited Progress in
Installing Radiation Detection Equipment at Highest Priority Foreign
Seaports. GAO-05-375 (Washington, D.C.: March 31, 2005).
Cargo Security: Partnership Program Grants Importers Reduced Scrutiny
with Limited Assurance of Improved Security. GAO-05-404 (Washington,
D.C.: March 11, 2005).
Homeland Security: Process for Reporting Lessons Learned from Seaport
Exercises Needs Further Attention. GAO-05-170 (Washington, D.C.:
January 14, 2005).
Port Security: Planning Needed to Develop and Operate Maritime Worker
Identification Card Program. GAO-05-106 (Washington, D.C.: December 10,
2004).
Maritime Security: Better Planning Needed to Help Ensure an Effective
Port Security Assessment Program. GAO-04-1062 (Washington, D.C.:
September 30, 2004).
Maritime Security: Substantial Work Remains to Translate New Planning
Requirements into Effective Port Security. GAO-04-838 (Washington,
D.C.: June 30, 2004).
Border Security: Agencies Need to Better Coordinate Their Strategies
and Operations on Federal Lands. GAO-04-590 (Washington, D.C.: June 16,
2004).
Homeland Security: Summary of Challenges Faced in Targeting Oceangoing
Cargo Containers for Inspection. GAO-04-557T (Washington, D.C.: March
31, 2004).
Rail Security: Some Actions Taken to Enhance Passenger and Freight Rail
Security, but Significant Challenges Remain. GAO-04-598T (Washington,
D.C.: March 23, 2004).
Department of Homeland Security, Bureau of Customs and Border
Protection: Required Advance Electronic Presentation of Cargo
Information. GAO-04-319R (Washington, D.C.: December 18, 2003).
Homeland Security: Preliminary Observations on Efforts to Target
Security Inspections of Cargo Containers. GAO-04-325T (Washington,
D.C.: December 16, 2003).
Posthearing Questions Related to Aviation and Port Security. GAO-04-
315R (Washington, D.C.: December 12, 2003).
Homeland Security: Risks Facing Key Border and Transportation Security
Program Need to Be Addressed. GAO-03-1083 (Washington, D.C.: September
19, 2003).
Maritime Security: Progress Made in Implementing Maritime
Transportation Security Act, but Concerns Remain. GAO-03-1155T
(Washington, D.C.: September 9, 2003).
Container Security: Expansion of Key Customs Programs Will Require
Greater Attention to Critical Success Factors. GAO-03-770 (Washington,
D.C.: July 25, 2003).
Homeland Security: Challenges Facing the Department of Homeland
Security in Balancing Its Border Security and Trade Facilitation
Missions. GAO-03-902T (Washington, D.C.: June 16, 2003).
Transportation Security: Federal Action Needed to Help Address Security
Challenges. GAO-03-843 (Washington, D.C.: June 30, 2003).
Transportation Security: Post-September 11th Initiatives and Long-Term
Challenges. GAO-03-616T (Washington, D.C.: April 1, 2003).
Border Security: Challenges in Implementing Border Technology. GAO-03-
546T (Washington, D.C.: March 12, 2003).
Customs Service: Acquisition and Deployment of Radiation Detection
Equipment. GAO-03-235T (Washington, D.C.: October 17, 2002).
Port Security: Nation Faces Formidable Challenges in Making New
Initiatives Successful. GAO-02-993T (Washington, D.C.: August 5, 2002).
FOOTNOTES
[1] A list of related GAO reports appears at the end of this statement.
[2] GAO, Cargo Security: Partnership Program Grants Importers Reduced
Scrutiny with Limited Assurance of Improved Security. GAO-05-404
(Washington, D. C.: March 11, 2005).
[3] GAO, Container Security: A Flexible Staffing Model and Minimum
Equipment Requirements Would Improve Overseas Targeting and Inspection
Efforts. GAO-05-557 (Washington, D.C.: April 26, 2005).
[4] For fiscal year 2004, CBP had authorization for 157 positions for
supply chain specialists and support staff, but as of August 2004 had
hired only 40 specialists. CBP officials noted that the bureau
recognizes the need for additional permanent positions, and CBP planned
to hire, train, and have in place an additional 30 to 50 supply chain
specialists by the end of calendar year 2004.
[5] For all cargo containers arriving in the United States, CBP uses a
targeting strategy that employs its computerized targeting model, the
Automated Targeting System. CBP uses ATS to review container
documentation and help characterize the risk level of shipments to
determine the need for additional documentary review or physical
inspection.
[6] GAO, Container Security: Expansion of Key Customs Programs Will
Require Greater Attention to Critical Success Factors, GAO 03 770
(Washington, D.C.: July 25, 2003).
[7] GAO, Homeland Security: Summary of Challenges Faced in Targeting of
Oceangoing Cargo Containers for Inspection, GAO-04-557T (Washington,
D.C.: March 2004).
