Aviation Security
Transportation Security Administration Has Made Progress in Managing a Federal Security Workforce and Ensuring Security at U.S. Airports, but Challenges Remain Gao ID: GAO-06-597T April 4, 2006It has been over 3 years since the Transportation Security Administration (TSA) assumed responsibility for passenger and baggage screening at commercial airports. This testimony focuses on the progress TSA is making in strengthening aspects of aviation security and the challenges that remain. Particularly, this testimony highlights (1) progress TSA has made, and challenges it faces, in managing a federalized security workforce--including federal security directors (FSD) and transportation security officers (TSO)--with operational responsibility for ensuring security of passengers and their baggage; and (2) actions TSA has taken, and the challenges it faces, to ensure appropriate regulatory oversight of other airport security activities.
TSA has made progress in managing, deploying, and training a federalized aviation security workforce, including FSDs (the lead authority at U.S. airports) and TSOs (formerly known as screeners). FSDs have, for example, formed partnerships with key federal and private-sector stakeholders at airports engaged in security and operations. We reported, however, that the guidance on FSD authority is outdated and lacks clarity, particularly regarding security incidents when FSDs must coordinate with other stakeholders. Regarding TSOs, TSA has taken and has planned actions to strengthen the management and deployment of the TSO workforce. TSA has, for instance, developed a screening allocation model to determine TSO staffing levels at airports. However, FSDs have reported concerns that despite such a model, attracting, hiring, and retaining an adequate part-time TSO workforce remains a challenge. We have reported that, while TSA has expanded training opportunities for TSOs, insufficient TSO staffing and other problems hinder the ability of TSOs to take training. To evaluate TSO performance, TSA has collected performance data by conducting covert (undercover, unannounced) tests at passenger screening checkpoints. TSA has taken steps to strengthen key areas of aviation security for which it has regulatory and oversight responsibility, including domestic air cargo security, but faces challenges related to oversight and performance measurement. We reported in October 2005, for example, that while TSA had significantly increased the number of domestic air cargo inspections conducted, performance measures to determine to what extent air carriers and others are complying with air cargo security requirements had not been developed. Without such performance measures, and a systematic analysis of these results of air cargo security inspections, TSA's ability to target its workforce for future inspections, and fulfill oversight responsibilities, will be limited. Further, while TSA has incorporated elements of risk-based decision making into securing air cargo, its efforts are not yet complete. To address these and other issues, TSA officials stated that they plan to compile additional information on air cargo inspections to enhance their ability to conduct compliance inspections of air carriers using covert testing, and to require random inspection of air cargo.
GAO-06-597T, Aviation Security: Transportation Security Administration Has Made Progress in Managing a Federal Security Workforce and Ensuring Security at U.S. Airports, but Challenges Remain
This is the accessible text file for GAO report number GAO-06-597T
entitled 'Aviation Security: Transportation Security Administration Has
Made Progress in Managing a Federal Security Workforce and Ensuring
Security at U.S. Airports, but Challenges Remain' which was released on
April 4, 2006.
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as part
of a longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
Testimony before the Subcommittee on Federal Workforce and Agency
Organization, Committee on Government Reform, House of Representatives:
United States Government Accountability Office:
GAO:
For Release on Delivery Expected at 2:00 p.m. EDT:
April 4, 2006:
Aviation Security:
Transportation Security Administration Has Made Progress in Managing a
Federal Security Workforce and Ensuring Security at U.S. Airports, but
Challenges Remain:
Statement of Cathleen A. Berrick, Director, Homeland Security and
Justice Issues:
GAO-06-597T:
GAO Highlights:
Highlights of GAO-06-597T, a testimony before the Subcommittee on
Federal Workforce and Agency Organization, Committee on Government
Reform, House of Representatives:
Why GAO Did This Study:
It has been over 3 years since the Transportation Security
Administration (TSA) assumed responsibility for passenger and baggage
screening at commercial airports. This testimony focuses on the
progress TSA is making in strengthening aspects of aviation security
and the challenges that remain. Particularly, this testimony highlights
(1) progress TSA has made, and challenges it faces, in managing a
federalized security workforce”including federal security directors
(FSD) and transportation security officers (TSO)”with operational
responsibility for ensuring security of passengers and their baggage;
and (2) actions TSA has taken, and the challenges it faces, to ensure
appropriate regulatory oversight of other airport security activities.
What GAO Found:
TSA has made progress in managing, deploying, and training a
federalized aviation security workforce, including FSDs (the lead
authority at U.S. airports) and TSOs (formerly known as screeners).
FSDs have, for example, formed partnerships with key federal and
private-sector stakeholders at airports engaged in security and
operations. We reported, however, that the guidance on FSD authority is
outdated and lacks clarity, particularly regarding security incidents
when FSDs must coordinate with other stakeholders. Regarding TSOs, TSA
has taken and has planned actions to strengthen the management and
deployment of the TSO workforce. TSA has, for instance, developed a
screening allocation model to determine TSO staffing levels at
airports. However, FSDs have reported concerns that despite such a
model, attracting, hiring, and retaining an adequate part-time TSO
workforce remains a challenge. We have reported that, while TSA has
expanded training opportunities for TSOs, insufficient TSO staffing and
other problems hinder the ability of TSOs to take training. To evaluate
TSO performance, TSA has collected performance data by conducting
covert (undercover, unannounced) tests at passenger screening
checkpoints.
TSA has taken steps to strengthen key areas of aviation security for
which it has regulatory and oversight responsibility, including
domestic air cargo security, but faces challenges related to oversight
and performance measurement. We reported in October 2005, for example,
that while TSA had significantly increased the number of domestic air
cargo inspections conducted, performance measures to determine to what
extent air carriers and others are complying with air cargo security
requirements had not been developed. Without such performance measures,
and a systematic analysis of these results of air cargo security
inspections, TSA‘s ability to target its workforce for future
inspections, and fulfill oversight responsibilities, will be limited.
Further, while TSA has incorporated elements of risk-based decision
making into securing air cargo, its efforts are not yet complete. To
address these and other issues, TSA officials stated that they plan to
compile additional information on air cargo inspections to enhance
their ability to conduct compliance inspections of air carriers using
covert testing, and to require random inspection of air cargo.
Screening Passengers and Cargo Are Aviation Security Concerns:
[See PDF for image]
[End of figure]
What GAO Recommends:
In prior reports, GAO has made numerous recommendations designed to
strengthen aviation security with respect to aviation workforce
planning, deployment, and oversight. TSA generally agreed with our
recommendations and is taking actions to implement them. GAO also has
ongoing reviews related to TSA staffing models and other aviation
security issues, and may make additional recommendations as
appropriate.
www.gao.gov/cgi-bin/getrpt?GAO-06-597T.
To view the full product, including the scope and methodology, click on
the link above. For more information, contact Cathleen A. Berrick at
(202) 512-3404 or berrickc@gao.gov.
[End of section]
Mr. Chairman and Members of the Committee:
I appreciate the opportunity to participate in today's hearing to
discuss the management and deployment of federal employees charged with
securing U.S. commercial airports. After the terrorist attacks of 2001,
securing the nation's aviation system--and ensuring that a federal
workforce was in place to carry out a wide range of aviation security
responsibilities--became a key goal of the administration and the
Congress. Among the actions taken to address this need, the Aviation
and Transportation Security Act (ATSA) of 2001, which established the
Transportation Security Administration (TSA), charged the agency with,
among other things, overseeing security operations at the nation's more
than 400 commercial airports.[Footnote 1] In TSA, the federal workforce
comprises, among others, federal security directors (FSDs)--the ranking
authority responsible for leading and coordinating security activities
at airports; transportation security officers (TSO), formerly known as
screeners; and inspectors responsible for ensuring that air carriers,
airport employees and airport vendors comply with established security
requirements.
My testimony today addresses two separate areas related to the
management and oversight of the federal airport security workforce: (1)
the progress TSA has made, and the challenges it faces, in managing a
federalized security workforce with operational responsibility for
ensuring security of passengers and their baggage, and (2) the actions
TSA has taken, and the challenges it faces, to ensure appropriate
regulatory oversight of other airport security activities.
My comments are based on issued GAO reports and testimonies addressing
the security of the U.S. commercial aviation system and our ongoing
work on TSA's staffing standards for TSOs. We did our work in
accordance with generally accepted government auditing standards.
Appendix I contains a list of related GAO products issued since
September 11, 2001.
Summary:
While TSA has made progress in managing the federalized aviation
security workforce, including its FSDs and TSOs, TSA continues to face
challenges in several key areas, including clarifying FSD roles and
responsibilities, and managing the deployment and training of its TSO
workforce. TSA has made changes to better support and empower the FSD
position, including granting greater authority and flexibility to FSDs
in carrying out their responsibilities. For example, in carrying out
their responsibilities in overseeing security at the nation's airports,
FSDs have formed partnerships with key stakeholders and participated in
communication and coordination efforts to address a range of issues,
including airport security, operations, and coordination. However,
while TSA has developed guidance that describes the many roles and
responsibilities of FSDs, we recently reported that TSA's primary
document outlining FSDs' authority was outdated and lacked clarity
regarding FSD authority during security incidents relative to other
airport stakeholders with whom FSDs must coordinate closely on aviation
security matters. For example, we found instances where confusion or
conflicting opinions developed over whether the FSD had the authority
to take certain actions during particular security incidents. Regarding
its TSOs, TSA has taken and has planned actions to strengthen the
management of the TSO workforce, which must be deployed in sufficient
numbers and trained and certified in the latest screening procedures
and technology to accomplish its security mission. Acknowledging
imbalances in the screener workforce, TSA developed standards for
determining TSO staffing for all airports at which federal screening is
required and developed a Screening Allocation Model (SAM) to determine
airport staffing levels. In determining staffing allocations, the SAM
takes into account not only flight and passenger data, but also data
unique to each airport--including flight schedules, passenger and
baggage distribution curves, and TSA passenger and baggage screening
configurations. However, FSDs we interviewed had preliminary concerns
about the assumptions in the model, noting, among other things, that it
has been a challenge to attract, hire, and retain a part-time TSO
workforce at the 20 percent level indicated in the model. In addition
to having an adequate number of screeners, effective screening involves
screeners properly trained to do their job. TSA has taken numerous
steps to expand training beyond the basic training requirement to
include self-guided courses on its Online Learning Center; a recurrent
training requirement of 3 hours per week, averaged over a quarter; and
training on threat information, explosives detection, and new screening
approaches. However, insufficient TSO staffing and a lack of high-speed
Internet/intranet connectivity create impediments to the TSO workforce
taking full advantage of training opportunities. With respect to
evaluating TSOs, TSA has strengthened its efforts to measure the
performance of the various components of the passenger and checked
baggage screening systems--people, processes and technology.
Specifically, TSA has implemented and strengthened efforts to collect
performance data by performing covert (undercover, unannounced) tests,
using the Threat Image Projection (TIP) system[Footnote 2] at passenger
screening checkpoints, and implementing a congressionally mandated
annual TSO recertification program. Despite these efforts, TSA covert
testing has identified that weaknesses existed in the ability of TSOs
to detect threat objects on passengers, in their carry-on bags, and in
checked baggage.
TSA has taken steps to strengthen the federal workforce responsible for
other key areas of aviation security, including domestic air cargo and
airport perimeters and access controls, but it faces additional
challenges in each of these areas related to performance measurement
and regulatory oversight. We reported in October 2005, for example,
that TSA had significantly increased the number of domestic air cargo
inspections. We noted, however, that TSA had not developed performance
measures to determine to what extent air carriers and indirect air
carriers--carriers that consolidate air cargo from multiple shippers
and deliver it to air carriers to be transported--are complying with
air cargo security requirements, and had not analyzed the results of
inspections to systematically target future inspections on those
entities that pose a higher security risk to the domestic air cargo
system. Without these performance measures and systematic analyses, TSA
will be limited in its ability to effectively target its workforce for
future inspections and fulfill its oversight responsibilities for this
important area of aviation security. In June 2005, TSA officials
informed us that in the future they intend to compile information on
the number of instances in which specific air cargo security
requirements are inspected, and are taking steps to enhance TSA's
ability to conduct compliance inspections of indirect air carriers, by,
among other things, using undercover testing to identify air cargo
security weaknesses. We also found that TSA has made efforts to
incorporate risk-based decision making into securing air cargo, but has
not conducted assessments of air cargo vulnerabilities or critical
assets (cargo facilities and aircraft)--two crucial elements of a risk-
based management approach without which TSA may not be able to
appropriately focus its resources on the most critical security needs.
Moreover, to better allocate resources for air cargo security, TSA
established a requirement for random inspection of air cargo to address
threats to the nation's aviation transportation system--a reflection of
the agency's position that inspecting 100 percent of air cargo was not
technologically feasible and would be potentially disruptive to the
flow of air commerce. In the area of airport perimeter and access
control security, we reported in June 2004 that while background checks
were not required for all airport workers, TSA requires most airport
workers who perform duties in secured and sterile areas[Footnote 3] to
undergo a fingerprint-based criminal history records check. TSA further
requires airport operators to compare applicants' names against TSA's
aviation security watch lists. Once workers undergo this review, they
are granted access to airport areas in which they perform duties. In
addition, ATSA mandated that TSA require airport operators and air
carriers to develop security awareness training programs for airport
workers such as ground crews and gate, ticket, and curbside agents of
air carriers. According to TSA, training requirements for these airport
workers had not been established because additional training would
result in increased costs for airport operators. In the area of
security-related training, TSA did not require airport vendors with
direct access to the airfield and aircraft to develop security
programs, which would include security measures for vendor employees
and property, as required by ATSA. In July 2004, in response to our
recommendations, TSA made several improvements in these areas, through
the issuance of a series of security directives, including requiring
enhanced background checks and improved access controls for airport
employees who work in restricted airport areas.
Background:
TSA Operational Responsibilities for Passenger and Checked Baggage
Security:
Prior to the passage of ATSA, the screening of passengers and checked
baggage had been performed by private screening companies under
contract to the airlines. The Federal Aviation Administration (FAA) was
responsible for ensuring compliance with screening regulations. With
the passage of ATSA and the transfer of aviation security
responsibilities to TSA, including passenger and checked baggage
screening at airports, TSA assigned FSDs--the top-ranking TSA
authorities responsible for security at the nation's airports--to one
or more commercial airports to oversee security activities. TSA has
approximately 157 FSD positions at commercial airports nationwide to
lead and coordinate TSA security activities. Although an FSD is
responsible for security at each commercial airport, not every airport
has an FSD dedicated solely to that airport. Most category X
airports[Footnote 4] have an FSD responsible for that airport alone,
while at other airports the FSD located at a hub airport has
responsibility over one or more spoke airports of the same or smaller
size.
In addition to establishing TSA and giving it responsibility for
passenger and checked baggage screening operations, ATSA also set forth
specific enhancements to screening operations for TSA to implement,
with deadlines for completing many of them. These requirements include:
* assuming responsibility for screeners and screening operations at
more than 400 commercial airports by November 19, 2002;
* establishing a basic screener training program composed of a minimum
of 40 hours of classroom instruction and 60 hours of on-the-job
training;
* conducting an annual proficiency review of all screeners;
* conducting operational testing of screeners;[Footnote 5]
* requiring remedial training for any screener who fails an operational
test; and:
* screening all checked baggage for explosives using explosives
detection systems by December 31, 2002.[Footnote 6]
As mandated by ATSA, TSA hired and deployed a TSO workforce to assume
operational responsibility for conducting passenger and checked baggage
screening. Passenger screening is a process by which authorized TSA
personnel inspect individuals and property to deter and prevent the
carriage of any unauthorized explosive, incendiary, weapon, or other
dangerous item onboard an aircraft or into a sterile area. TSOs must
inspect individuals for prohibited items at designated screening
locations.[Footnote 7] The four passenger screening functions are (1) X-
ray screening of property, (2) walk-through metal detector screening of
individuals, (3) hand-wand or pat-down screening of individuals, and
(4) physical search of property and trace detection for explosives.
Checked baggage screening is a process by which authorized TSOs inspect
checked baggage to deter, detect, and prevent the carriage of any
unauthorized explosive, incendiary, or weapon onboard an aircraft.
Checked baggage screening is accomplished through the use of explosive
detection systems[Footnote 8] (EDS) or explosive trace detection (ETD)
systems,[Footnote 9] and through the use of other means, such as manual
searches, canine teams, and positive passenger bag match,[Footnote 10]
when EDS and ETD systems are unavailable.
TSA Regulatory Responsibilities for Air Cargo and Airport Security:
In addition to establishing requirements for passenger and checked
baggage screening, ATSA charged TSA with the responsibility for
ensuring the security of air cargo, including, among other things,
establishing security rules and regulations covering domestic and
foreign passenger carriers that transport cargo, domestic and foreign
all-cargo carriers, and domestic indirect air carriers--carriers that
consolidate air cargo from multiple shippers and deliver it to air
carriers to be transported; and overseeing implementation of air cargo
security requirements by air carriers and indirect air carriers through
compliance inspections. In general, TSA inspections are designed to
ensure air carrier compliance with air cargo security requirements,
while air carrier inspections focus on ensuring that cargo does not
contain weapons, explosives, or stowaways.[Footnote 11] TSA is
responsible for inspecting 285 passenger and all-cargo air carriers
with about 2,800 cargo facilities nationwide, as well as 3,800 indirect
air carriers with about 10,000 domestic locations. In conducting
inspections, TSA inspectors review documentation, interview carrier
personnel, directly observe air cargo operations, or conduct tests to
determine whether air carriers and indirect air carriers are in
compliance with air cargo security requirements. In 2004, an estimated
23 billion pounds of air cargo was transported within the United
States, with about a quarter of this amount transported on passenger
aircraft. Recently, DHS reported that most cargo on passenger aircraft
is not physically inspected.
ATSA also granted TSA the responsibility for overseeing U.S. airport
operators' efforts to maintain and improve the security of commercial
airport perimeters, access controls, and airport workers. While airport
operators, not TSA, retain direct day-to-day operational
responsibilities for these areas of security, ATSA directs TSA to
improve the security of airport perimeters and the access controls
leading to secured airport areas, as well as take measures to reduce
the security risks posed by airport workers. Each airport's security
program, which must be approved by TSA, outlines the security policies,
procedures, and systems the airport intends to use in order to comply
with TSA security requirements. FSDs oversee the implementation of the
security requirements at airports.
Of TSA's 950 aviation security inspectors located at airports
throughout the United States, 750 are considered generalists who
conduct a variety of aviation security inspections, and 200 are
dedicated to conducting air cargo inspections. The FSD at each airport
is responsible for determining the scope and emphasis of the
inspections, as well as discretion for how to assign local inspection
staff. TSA provides local airport FSDs and inspectors with goals for
the number of inspections to be conducted per quarter.
TSA Has Taken Steps to Strengthen the Management and Performance of an
Aviation Security Workforce, but Continues to Face Challenges:
In recent years, TSA has taken numerous actions related to the
deployment, training, and performance of their aviation security
workforce. TSA has, for example, taken action to support the authority
of FSDs at airports, though additional clarification of their roles is
needed. TSA also has improved the management and deployment of its TSO
workforce with the use of a formal staffing model, though hiring and
deployment challenges remain. TSA has also strengthened TSO training,
and implemented various approaches to measuring TSO performance related
to passenger and baggage screening activities.
TSA Has Taken Action to Support FSDs, but Additional Clarification of
Roles Is Needed to Support Stakeholder Coordination:
In recent years, TSA has taken steps to ensure that FSDs, as the
ranking TSA authorities at airports, coordinated their security actions
with various airport stakeholders, and had sufficient authority to
carry out their responsibilities. In September 2005, we reported on the
roles and responsibilities of FSDs and other issues related to the
position, including the extent to which they formed and facilitated
partnerships with airport stakeholders.[Footnote 12] At that time, we
reported that the FSDs and most stakeholders at the seven airports we
visited had developed partnerships that were generally working well.
TSA recognized that building and maintaining partnerships with airport
stakeholders was essential to FSDs' success in addressing security as
well as maintaining an appropriate level of customer service. To that
end, TSA established general guidance for FSDs to follow in building
stakeholder partnerships, but left it to the FSDs to determine how best
to achieve effective partnerships at their respective airports. As a
part of their security responsibilities, FSDs must coordinate closely
with airport stakeholders--airport and air carrier officials, local law
enforcement, and emergency response officials--to ensure that airports
are adequately protected and prepared in the event of a terrorist
attack. FSDs' success in sustaining and ensuring the effectiveness of
aviation security efforts is dependent on their ability to develop and
maintain effective partnerships with these stakeholders. FSDs need to
partner with law enforcement stakeholders, for example, because they do
not have a law enforcement body of their own to respond to security
incidents. Partnerships can be of mutual benefit to FSDs and airport
stakeholders and can enhance customer service. For example, FSDs rely
on air carrier data on the number of passengers transiting through
checkpoints to appropriately schedule screeners, and air carriers rely
on the FSD to provide an efficient screening process to minimize wait
times for passengers.
At the airports we visited, FSDs and stakeholders cited several ways
FSDs maintained partnerships, including being accessible to their
stakeholders to help resolve problems and meeting with stakeholders to
discuss how to implement new security policies. In addition, a variety
of communication and coordination efforts were in place at the airports
we visited, and many of these efforts existed before TSA assigned FSDs
to airports. Formal mechanisms included security and general airport
operations meetings, incident debriefings, and training exercises to
help ensure a coordinated response in the event of a security incident.
We also found that in response to concerns over FSD authority in
responding to airport-specific security needs, in 2004, TSA made a
number of changes to better support and empower the FSD. These changes
included:
* establishing a local hiring initiative that vested more hiring
authority with the FSDs to address airport staffing needs,
* providing flexibility to offer training locally to screeners,
* increasing authority to address performance and conduct problems,
* relocating five area director positions from the headquarters to the
field in conjunction with establishing a report group to provide
operational support and a communication link with headquarters, and:
* establishing a mentoring program for newly appointed FSDs or their
deputies.
Most of the 25 FSDs we interviewed generally viewed these changes
favorably. For example, most were satisfied with TSA's new local hiring
process that provided more options for FSDs to be involved with hiring
screeners, and most said that the new process was better than the more
centralized hiring process it replaced. TSA officials concluded, among
other things, that TSO candidates selected at airports where the FSD
and staff were conducting the hiring process were more selective in
accepting offers--leading to lower attrition--because they had more
knowledge of what the job would entail than contractors did when they
handled the hiring process. In addition, most of the FSDs we
interviewed also saw value in the headquarters group TSA established to
provide operational support to the field and a communication link among
headquarters, field-based area directors, and FSDs.
One area where we noted room for improvement at the FSD level was in
how the FSD's authority has been defined. In September 2005, we
reported that TSA had developed guidance that describes the many roles
and responsibilities of FSDs, most of which is associated with securing
commercial airports from terrorist threats.[Footnote 13] However, while
the guidance clearly defined FSD roles and responsibilities, TSA's
primary document outlining FSDs' authority was outdated and lacked
clarity regarding FSD authority relative to that of other airport
stakeholders with whom FSDs must coordinate closely to help ensure the
effectiveness of aviation security efforts. The absence of a clear
understanding of the authority of the position had reportedly resulted
in confusion during past security incidents and had raised concerns
among some stakeholders at both the national and airport levels about
possible ambiguity regarding FSDs' authority during incidents.
Accordingly, we recommended that steps be taken to update TSA's
Delegation of Authority to FSDs to clearly reflect the authority of
FSDs relative to that of airport stakeholders during security incidents
and communicate the authority of the position, as warranted, to the
FSDs and all airport stakeholders. Such action would benefit FSDs by
further enabling them to communicate and share consistent information
about their authority with their staff and airport stakeholders,
including law enforcement agencies. In commenting on our
recommendation, DHS stated that a new restatement of the Delegation
Order had been drafted by a working group composed of FSDs from the FSD
Advisory Council and relevant stakeholders and is being internally
coordinated for comment and clearance.
TSA Has Taken Steps to Better Manage Its TSO Workforce, but Continues
to Face Deployment Challenges:
To accomplish its security mission, TSA needs a sufficient number of
passenger and checked baggage TSOs trained and certified in the latest
screening procedures and technology. We reported in February 2004 that
staffing shortages and TSA's hiring process had hindered the ability of
some FSDs to provide sufficient resources to staff screening
checkpoints and oversee screening operations at their checkpoints
without using additional measures such as overtime.[Footnote 14] TSA
has acknowledged that its initial staffing efforts created imbalances
in the screener workforce and has since been taking steps to address
these imbalances over the past 2 years, by, among other things, meeting
a congressional requirement to develop a staffing model for TSOs.
Specifically, the Intelligence Reform and Terrorism Prevention Act of
2004 required TSA to develop and submit to Congress standards for
determining the aviation security staffing for all airports at which
screening is required.[Footnote 15] The act also directed GAO to review
these standards, which we are doing. These staffing standards are to
provide for necessary levels of airport security, while also ensuring
that security-related delays experienced by airline passengers are
minimized. In June 2005, TSA submitted its report on aviation security
staffing standards to Congress. Known as the Screening Allocation Model
(SAM), these standards are intended to provide an objective measure for
determining TSO airport staffing levels, while staying within the
congressionally mandated limit of 45,000 FTE screeners.
Whereas TSA's prior staffing model was demand-driven based on flight
and passenger data, the SAM model analyzes not only demand data but
also data on the flow of passenger and baggage through the airport and
the availability of the workforce. In determining the appropriate TSO
staffing levels, the SAM first considers the workload demands unique to
each individual airport--including flight schedules, load factors and
connecting flights, and number of passenger bags. These demand inputs
are then processed against certain assumptions about the processing of
passengers and baggage--including expected passenger and baggage
processing rates, required staffing for passenger lanes and baggage
equipment, and equipment alarm rates. Using these and various other
data, the SAM determines the daily workforce requirements and
calculates a work schedule for each airport. The schedule identifies a
recommended mix of full-time and part-time staff and a total number of
TSO full-time equivalents (FTE) needed to staff the airport,[Footnote
16] consistent with a goal of 10 minutes maximum wait time for
processing passengers and baggage.
For fiscal year 2006, the SAM model estimated a requirement of 42,170
TSO FTEs for all airports nationwide. In order to stay within a 43,000
TSO FTE budgetary limit for fiscal year 2006, TSA officials reduced the
number of FTEs allocated to airports to 42,056, a level that allowed it
to fund the 615 TSO FTEs in the National Screener Force--a force
composed of TSOs who provide screening support to all airports--and to
maintain a contingency of 329 TSO FTEs in reserve to meet unanticipated
demands, such as a new air carrier coming on line at an
airport.[Footnote 17] As of January 2006, there were 37,501 full-time
TSOs and 5,782 part-time TSOs on board nationwide, representing an
annualized rate of 41,085 TSO FTEs. According to TSA headquarters
officials, the SAM can be adjusted to account for the uniqueness of
particular airport security checkpoints and airline traffic patterns.
Further, it is up to the FSDs to ensure that all of the data elements
and assumptions are accurate for their airports, and to bring to TSA's
attention any factors that should be reviewed to determine if changes
to the SAM are appropriate. The President's fiscal year 2007 budget
requests a total of 45,121 FTEs under the Passenger and Baggage TSO
personnel compensation and benefits categories.
As part of our ongoing review of the SAM model, we have identified
several preliminary concerns about TSA's efforts to address its
staffing imbalances and ensure appropriate coverage at airport
passenger and checked baggage screening checkpoints. At the five
airports we visited, FSD staff raised concerns about the SAM
assumptions as they related to their particular airports.[Footnote 18]
Among other things, they noted that the recommendation for 20 percent
part-time TSO workforce--measured in terms of FTEs--often could not be
reached, the expected processing rates for passenger and baggage
screening were not being realized, non-passenger screening at large
airports was higher than assumed, and the number of TSO FTEs needed per
checkpoint lane and per baggage screening machine was not sufficient
for peak periods. Regarding the SAM assumption of a 20 percent part-
time TSO FTE level across all airports, FSD staff we visited stated
that the 20 percent goal has been difficult to achieve because of,
among other things, economic conditions leading to competition for part-
time workers, remote airport locations coupled with a lack of mass
transit, TSO base pay that has not changed since fiscal year 2002, and
part-time workers' desire to convert to full-time status. According to
TSA headquarters officials, while the nationwide annual TSO attrition
rate is about 23 percent (compared to a rate of 14 percent reported in
February 2004), it is over 50 percent for part-time TSOs. TSA has
struggled with hiring part-time TSOs since it began actively recruiting
them in the summer of 2003. In February 2004, we reported that FSDs at
several of the airports we visited stated that they experienced
difficulty in attracting needed part-time TSOs, which they believed to
be due to many of the same factors, such as low pay and benefits,
undesirable hours, the location of their airport, the lack of
accessible and affordable parking or public transportation, and the
high cost of living in the areas surrounding some airports.[Footnote
19] These FSDs stated that very few full-time TSOs were interested in
converting to part-time status--a condition that still exists--and TSA
officials stated that attrition rates for part-time TSOs were
considerably higher than those for full-time TSOs.
At two of the five airports we visited as part of our ongoing review of
the SAM model, FSD staff told us that they had not been able to hire up
to their authorized staffing levels. In February 2004, we reported that
many of the FSDs we interviewed expressed concern that TSA's hiring
process was not responsive to their needs and hindered their ability to
reach their authorized staffing levels and adequately staff screening
checkpoints. Specifically, FSDs expressed concern with the lack of a
continuous hiring process to backfill screeners lost through attrition,
and their lack of authority to conduct hiring on an as-needed basis. We
reported that TSA was taking steps to make the hiring process more
responsive to FSDs' needs. Since then, TSA has provided FSDs with more
input into the hiring process in an effort to streamline the process
and enable FSDs to more quickly meet their staffing needs.
During our five airport visits, some FSD staff we interviewed also
cited another limitation of the SAM--specifically, that the model does
not account for screeners who are performing administrative or other
duties. The officials also noted that, because they are not authorized
to hire a sufficient number of mission support staff, TSOs are being
routinely used--in some cases full time--to carry out non-screening and
administrative duties, including supporting payroll, scheduling,
uniform supplies, legal support, logistics, and operations center
activities. At the five airports we visited in January and February
2006, out of a total of 2,572 TSO full time equivalents (FTE) on-board
at those airports, roughly 136 FTEs (just over five percent) were being
used for administrative duties. FSD staff stated that some of these
TSOs are being used on a part-time basis, while others are used on a
full-time basis. The use of TSOs in these support functions could
adversely affect the ability of FSDs to adequately staff their
screening checkpoints.
To compensate for screener shortages and to enable operational
flexibility to respond to changes in risk and threat, in October 2003,
TSA established a National Screening Force (formerly known as the
Mobile Screening Force established in November 2002) to provide
screening support to all airports in times of emergency, seasonal
demands, or under other special circumstances that require a greater
number of screeners than regularly available to FSDs. In February 2004,
we reported that the National Screening Force consisted of over 700
full-time passenger and baggage TSOs. TSA officials stated that while
these screeners have a home airport to which they are assigned, they
travel to airports in need of screening staff approximately 70 percent
of the year.
TSA budgeted from appropriations received in fiscal year 2006 for 615
FTEs for the National Screening Force. The President's fiscal year 2007
budget request includes $35 million for operational expenses of the
National Screening Force (not including salaries and benefits of force
members). According to the budget request, in fiscal year 2007, the
National Screening Force will generally be deployed only to those
airports experiencing significant staffing shortfalls associated with
increased seasonal traffic or when a special event, such as a Super
Bowl or a large national conference, occurs requiring an immediate
influx of additional TSO support. At one category X airport we recently
visited, the FSD stated that because of challenges in hiring and
retaining TSOs for this airport, he has had to rely on 59 members of
the National Screening Force deployed to his airport, and had been
relying on this force since 2004. The President's fiscal year 2007
budget request states that TSA will continue to review methods for
reducing costs associated with this force, including ensuring that each
airport has a sufficient staffing program in place to address short-
term needs.
In the President's fiscal year 2007 budget request, TSA identified
several additional initiatives under way to address the management of
the TSO workforce. These efforts include attempts to reduce attrition
by creating a performance-based pay system, and establishing retention
incentives to include performance bonuses, retention allowances,
college credit reimbursement and flexible staffing. TSA also reported
efforts to enhance opportunities for career advancement within the TSO
job category, reducing on-the-job injuries by reengineering baggage
screening areas, and deploying a national nurse care management program
at 21 airports to assist TSOs in returning to work in a shorter period
of time.
TSA Has Strengthened TSO Training, but Faces Challenges in Delivering
the Training:
Since we reported on TSO training in September 2003, TSA has taken a
number of actions designed to strengthen training available to the TSO
workforce as part of its efforts to enhance the performance of
TSOs.[Footnote 20] In September 2003, we reported that TSA had not
fully developed or deployed a recurrent training program for passenger
TSOs. At that time, little training was available to TSOs once they
completed their basic TSO training. Since then, TSA has expanded
training available to the TSO workforce, such as introducing an Online
Learning Center that makes self-guided courses available over TSA's
intranet and the Internet and expanding training available to
supervisory TSOs. TSA also established a recurrent training requirement
of 3 hours per week, averaged over a quarter, and provided FSDs with
additional tools to facilitate and enhance TSO training, including at
least one modular bomb set kit--containing components of an improvised
explosive device (IED)--and at least one weapons training kit. TSA has
also instituted a program called Threat in the Spotlight that, based on
intelligence TSA receives, provides screeners with the latest in threat
information regarding terrorist attempts to get threat objects past
screening checkpoints. Additionally, in December 2005, TSA reported
completing enhanced explosives detection training for over 18,000 TSOs.
This training included both classroom and hands-on experiences, and
focused particularly on identifying X-ray images of IED component
parts, not just a completely assembled bomb. TSA plans for the
remaining TSO workforce to receive this training by June 2006 through
the Online Learning Center or other delivery methods. TSA also has
developed new training curriculums to support new screening approaches.
For example, TSA recently developed a training curriculum for TSOs in
behavior observation and analysis at the checkpoint to identify
passengers exhibiting behaviors indicative of stress, fear, or
deception.
However, as we reported in May 2005, insufficient TSO staffing and a
lack of high-speed Internet/intranet connectivity to access the Online
Learning Center have made it difficult for all TSOs screeners at many
airports to receive required training and has limited TSO access to TSA
training tools.[Footnote 21] As previously discussed, TSA is taking
steps to address the TSO staffing challenges. However, it is too soon
to determine whether TSA's efforts will address TSA's ability to
provide required training while maintaining adequate coverage for
screening operations. In terms of access to the Online Learning Center,
TSA plans to complete the deployment of high-speed Internet/intranet
connectivity to airports during fiscal year 2007. TSA established its
Online Learning Center to provide passenger and baggage screeners with
online, high-speed access to training courses. However, effective use
of the Online Learning Center requires high-speed Internet/intranet
access, which TSA has not been able to provide to all airports. In May
2005, we reported that as of October 2004, about 45 percent of the TSO
workforce did not have high speed Internet/intranet access to the
Online Learning Center. The President's fiscal year 2007 budget request
reports that approximately 220 of the more than 400 airport and field
locations have full information technology infrastructure installation,
to include high-speed network connectivity, while the rest of the
airports operate with dial-up access to TSA systems. According to the
budget request, TSA will use $120 million in fiscal year 2006 to deploy
high-speed connectivity to all category X and I airports and
preliminary high-speed connectivity to all category II, III, and IV
airports. The budget request includes a request for a total of $90
million to support this effort in fiscal year 2007, of which $54
million is needed to complete the deployment of high-speed connectivity
at category II, III, and IV airports.[Footnote 22]
TSA Has Implemented Various Approaches to Measuring the Performance of
TSOs Conducting Passenger and Baggage Security Screening Activities:
TSA has strengthened its efforts to measure the performance of the
various components of the passenger and checked baggage screening
systems--people, processes, and technology--but results of covert
testing identified that weaknesses and vulnerabilities continue to
exist. In November 2003, we reported on the need for TSA to strengthen
its efforts to measure the performance of its screening
functions.[Footnote 23] At that time, TSA had collected limited data on
the effectiveness of its aviation security initiatives, to include
screening functions. Specifically, limited covert (undercover,
unannounced) testing had been performed, the TIP system used to aid
TSOs in identifying threat objects within baggage was not fully
operational at passenger screening checkpoints and was not available
for checked baggage screening systems, and TSA had not fully
implemented a congressionally mandated annual TSO proficiency review.
Since then, TSA has implemented and strengthened efforts to collect
performance data in each of these areas.
In the area of covert testing, TSA headquarters increased the amount of
passenger and checked baggage screening covert tests it performs and
recently changed its approach to covert testing to focus its resources
on catastrophic threats--threats that can take down an airplane or blow
up an airplane. TSA's Office of Inspections (OI) (formerly the Office
of Internal Affairs and Program Review, or OIAPR) conducts unannounced
covert tests of TSOs to assess their ability to detect threat objects
and to adhere to TSA-approved procedures. These tests, in which
undercover OI inspectors attempt to pass threat objects through
passenger screening checkpoints and in checked baggage, are designed to
measure vulnerabilities in passenger and checked baggage screening
systems and to identify systematic problems affecting performance of
TSOs in the areas of training, procedures, and technology. OI, which
began covert testing in September 2002, conducted 836 tests in fiscal
year 2003 and 2,369 tests in fiscal year 2004 using its staff of 183
full-time-equivalents.[Footnote 24] In reporting its covert testing
results, OI makes recommendations to TSA leadership that address
deficiencies identified during testing and are intended to improve
screening effectiveness. As of December 2005, OI had issued 29 reports
to management on the results of its checkpoint and checked baggage
covert testing. In total, the reports include 19 distinct
recommendations related to passenger and checked baggage
screening.[Footnote 25] Of these 19 recommendations, 11 relate to
screener training. In September 2005, OI began implementing a revamped
testing process that included a more risk-based approach and focused
its resources on catastrophic threats. OI officials stated that they
will continue testing. However, TSA leadership is reviewing the results
of the revised testing, and final decisions regarding the structure,
content, and frequency of future tests have not yet been made.
Our analysis of TSA's covert testing results for tests conducted
between September 2002 and September 2005 identified that overall,
weaknesses existed in the ability of screeners to detect threat objects
on passengers, in their carry-on bags, and in checked baggage. Covert
testing results in this analysis cannot be generalized either to the
airports where the tests were conducted or to airports
nationwide.[Footnote 26]
In February 2004, TSA provided protocols to help FSDs conduct their own
covert testing of local airport passenger screening activities--a
practice that TSA had previously prohibited.[Footnote 27] Between May
2004 and April 2005, FSDs conducted a total of 17,954 local covert
tests at 350 airports; as of February 2006, TSA reported that FSDs had
conducted a total of 48,826 local covert tests. In February 2005, TSA
released a general procedures document for local covert testing at
checked baggage screening locations. Between March 2005 and September
2005, 1,370 local tests of EDS screening were conducted at 71 airports.
TSA headquarters officials stated that a key challenge FSDs face in
conducting local testing is the lack of available federal staff to
conduct the testing, particularly at smaller airports. In May 2005, we
reported that TSA officials stated that they had not yet begun to use
data from local covert testing to identify training and performance
needs because of difficulties in ensuring that local covert testing is
implemented consistently nationwide.[Footnote 28] TSA officials stated
in March 2006, that the data are available for FSDs to use to identify
training needs and levels of TSO performance.
Covert testing is one method TSA uses to measure the security
effectiveness of passenger and checked baggage screening procedures and
technologies in the operating environment in addition to other TSA
measures that assess the performance of passenger and checked baggage
TSOs. One other source of information on TSO performance in detecting
threat objects is the results from the TIP system. TIP is designed to
test passenger screeners' detection capabilities by projecting threat
images, including images of guns, knives, and explosives, onto bags as
they are screened during actual operations. TSOs are responsible for
identifying the threat image and calling for the bag to be searched.
Once prompted, TIP identifies to the screener whether the threat is
real and then records the TSO's performance in a database that could be
analyzed for performance trends.[Footnote 29] TIP threat detection
results in conjunction with OI covert test results and local testing
are intended to assist TSA in identifying specific training and
performance improvement efforts.
In May 2005, we reported that in October 2003 TSA reactivated TIP as
planned with an expanded library of 2,400 images at all but one of the
more than 1,800 checkpoint lanes nationwide.[Footnote 30] In December
2005, TSA reported that it has further expanded the image library to
include additional images of IEDs and IED components as part of its
effort to improve TSOs' detection of explosives. Additionally, the
President's fiscal year 2007 budget request states that TSA plans to
maximize the training benefits of the TIP system by tailoring TIP
sessions to address individual TSO weaknesses revealed in user
performance data. For example, if a TSO has particular difficulty
identifying IEDs, the TIP would trigger the projection of a higher
proportion of simulated IEDs while that TSO was operating the machine
under standard circumstances.
Despite these improvements, TIP is not yet available for checked
baggage screening. In April 2004, we reported that TSA officials stated
that they were working to resolve technical challenges associated with
using TIP for checked baggage screening on explosives detection system
(EDS) machines and have started EDS TIP image development.[Footnote 31]
However, in December 2004, TSA officials stated that because of severe
budget reductions, TSA will be unable to begin implementing a TIP
program for checked baggage in fiscal year 2005. Officials did not
specify when such a program might begin.
Another measure of TSO performance is the results of annual
recertification testing. ATSA requires that each TSO receive an annual
proficiency review to ensure he or she continues to meet all
qualifications and standards required to perform the screening
function. To meet this requirement, TSA established a recertification
program. The first recertification program--which was conducted during
the period October 2003 through March 2004--was composed of two
assessment components, one of TSOs' performance and the other of TSOs'
knowledge and skills. During the performance assessment component of
the recertification program, TSOs are rated on both organizational and
individual goals, such as maintaining the nation's air security,
vigilantly carrying out duties with utmost attention to tasks that will
prevent security threats, and demonstrating the highest levels of
courtesy to travelers to maximize their levels of satisfaction with
screening services. The knowledge and skills assessment component
consists of three modules: (1) knowledge of standard operating
procedures, (2) image recognition, and (3) practical demonstration of
skills.
Across all airports, TSOs performed well on the recertification testing
for the first 2 years the program was in place, with about 1 percent of
TSOs subject to recertification failing to complete this requirement.
In both years, TSOs faced the greatest difficulty on their first
attempt to pass the practical demonstration of skills module--a hands-
on simulated work sample used to evaluate a screener's knowledge,
skill, and ability when performing specific screener tasks along with
the ability to provide customer service.[Footnote 32] According to TSA
officials, at the completion of recertification at an airport, TSA
management has access to reports at both the individual TSO and airport
level, which identify the specific areas that were missed during
testing. National level reports are also available that isolate areas
that need improvement and can be targeted in basic and recurrent
training. In fiscal year 2004, TSA established a performance measure
for the recertification program.[Footnote 33]
During the first year of recertification testing, dual-function TSOs
who were actively working as both passenger and checked baggage TSOs
were required to take only the recertification test for passenger TSOs.
They were therefore not required to take the recertification testing
modules required for checked baggage, even though they worked in that
capacity.[Footnote 34] TSA's second annual recertification testing,
which began in October 2004, included components for dual-function
TSOs, but did not include an image recognition module for checked
baggage TSOs--which would include dual-function screeners performing
checked baggage screening. TSA officials stated that a decision was
made to not include an image recognition module for checked baggage
TSOs during this cycle because not all checked baggage TSOs would have
completed training on the onscreen resolution protocol by the time
recertification testing was conducted at their airports.[Footnote 35]
In October 2005, TSA released guidance for screener recertification
that included an image recognition module for checked baggage and dual-
function screeners trained in the onscreen alarm resolution protocol.
In addition to enhancing its efforts to measure the performance of
TSOs, TSA also has developed two performance indexes to measure the
effectiveness of the passenger and checked baggage screening systems.
These indexes measure overall performance through a composite of
indicators and are derived by combining specific performance measures
relating to passenger and checked baggage screening, respectively. Such
measures can be useful in identifying shortfalls that might be
addressed by initiatives to enhance the workforce, such as providing
special training. Specifically, these indexes measure the effectiveness
of the screening systems through machine probability of detection and
covert testing results;[Footnote 36] efficiency through a calculation
of dollars spent per passenger or bag screened; and customer
satisfaction through a national poll, customer surveys, and customer
complaints at both airports and TSA's national call center. We reported
in May 2005 that the screening performance indexes developed by TSA can
be a useful analysis tool, but without targets for each component of
the index, TSA will have difficulty performing meaningful analyses of
the parts that make up the index. For example, without performance
targets for covert testing, TSA will not have identified a desired
level of performance related to screener detection of threat objects.
Performance targets for covert testing would enable TSA to focus its
improvement efforts on areas determined to be most critical, as 100
percent detection capability may not be attainable.[Footnote 37] In
January 2005, TSA officials stated that the agency planned to track the
performance of individual index components and establish performance
targets against which to measure these components. Since then, TSA has
finalized targets for the indexes, including targets for passenger and
checked baggage covert testing.
TSA Has Made Progress in Providing Regulatory Oversight of Airport and
Air Carrier Security Activities, but it Could Better Target Workforce
Resources:
TSA has taken steps to strengthen oversight for key areas of aviation
security, including domestic air cargo security operations conducted by
air carriers, and airport perimeter security operations and access
controls carried out by airport operators. For air cargo, TSA has
increased the number of inspectors used to assess air carrier and
indirect air carrier compliance with security requirements, and has
incorporated elements of risk-based decision making to guide air cargo
security needs. As of October 2005, however, TSA had not developed
performance measures to determine to what extent air carriers and
indirect air carriers are complying with air cargo security
requirements, limiting TSA's ability to effectively target its
workforce for future inspections and fulfill its oversight
responsibilities. On airport premises, TSA had, at the time of our 2004
review, begun evaluating the security of airport perimeters and the
controls that limit access into secured airport areas, but had not
completed actions to ensure that all airport workers employed in these
areas were vetted prior to hiring and then trained.
Additional Action Needed to Strengthen TSA Inspections and Oversight of
Domestic Air Cargo Security:
We reported in October 2005 that TSA had significantly increased the
number of domestic air cargo inspections conducted of air carrier and
indirect air carrier compliance with security requirements.[Footnote
38] We noted, however, that TSA had not developed performance measures
to determine to what extent air carriers and indirect air carriers were
complying with security requirements, and had not analyzed the results
of inspections to systematically target future inspections on those
entities that pose a higher security risk to the domestic air cargo
system. Without these performance measures and systematic analyses, TSA
will be limited in its ability to effectively target its workforce for
future inspections and fulfill its oversight responsibilities for this
essential area of aviation security. We also reported on other actions
that TSA had taken to focus limited resources on the most critical
security needs.
Our analysis of TSA's inspection records[Footnote 39] showed that
between January 1, 2003, and January 31, 2005, TSA conducted 36,635
cargo inspections of air carriers and indirect air carriers and found
4,343 violations.[Footnote 40] Although TSA had compiled this
information, the agency had not determined what constitutes an
acceptable level of performance or compared air carriers' and indirect
air carriers' performance against this standard. Without measures to
determine an acceptable level of compliance with air cargo security
requirements, TSA cannot assess the performance of individual air
carriers or indirect air carriers against national performance averages
or goals that would allow TSA to target inspections and other actions
on those that fall below acceptable levels of compliance. According to
TSA officials, the agency was working on developing short-term and long-
term outcome measures for air cargo security, but they did not provide
a timetable for when this effort would be completed.
In addition, TSA had taken initial steps to compile information on the
results of its compliance inspections of air carriers and indirect air
carriers and identify the most frequent types of violations found. For
example, from January 1, 2003, to January 31, 2005, TSA identified
violations committed by air carriers and indirect air carriers
involving noncompliance with air cargo security requirements in several
areas--such as cargo acceptance procedures, access control to cargo
facilities, and physical cargo inspections--that TSA had determined to
be high-risk because they would pose the greatest risk to the safety
and security of air cargo operations. TSA identified indirect air
carriers' failure to comply with their own security programs as the
area with the most violations, which according to TSA officials is due,
in part, to indirect air carriers' unfamiliarity with air cargo
security requirements. While TSA had identified frequently occurring
violations, it had not yet determined the specific area of violation
for a large number of inspections. In addition, TSA could not identify
how many of its 36,635 inspections covered each air cargo security
requirement. As a result, TSA could not determine the compliance rate
for each specific area inspected. Without complete information on the
specific air cargo security requirements that air carriers and indirect
air carriers violated, as well as the number of times each topic area
was inspected, TSA was limited in its ability to determine the
compliance rates for specific air cargo security requirements and
effectively target future inspections for air cargo security
requirements that were most frequently violated and the air carriers
and indirect air carriers that violate them. In June 2005, TSA
officials informed us that in the future they intended to compile
information on the number of instances in which specific air cargo
security requirements were inspected.
In addition, while TSA compiled information on the results of its
compliance inspections, the agency had not yet systematically analyzed
these results to target future inspections on security requirements and
entities that pose a higher risk. Analyzing inspection results would be
consistent with our internal control standards calling for comparisons
of data to identify relationships that could form the basis for
corrective actions, if necessary.[Footnote 41] TSA officials and the
agency's fiscal year 2005 annual domestic inspection and assessment
plan identified the need for such analyses. According to TSA officials,
the agency had recently hired one staff person to begin analyzing
inspection data. In June 2005, TSA officials also stated that the
agency was working to revise its Performance and Results Information
System database to allow for more accurate recording of inspection
violations. However, the agency had not systematically analyzed the
results of its inspections to target future inspections of those
entities that pose an increased security risk. Without an analysis of
the results of its inspections, TSA had a limited basis to determine
how best to allocate its inspection resources.
Further, analyzing key program performance data and using the results
of this analysis to effectively allocate resources are consistent with
elements of a risk management approach. Specifically, analyzing the
results of compliance inspection data could help focus limited
inspection resources on those entities posing a higher security risk.
Such targeting is important because TSA may not have adequate resources
to inspect all air carriers and indirect air carriers on a regular
basis. For example, as we reported in October 2005, according to TSA
inspection data for the period from January 1, 2003, to January 31,
2005, compliance inspections identified a greater incidence of
violations by indirect air carriers than by air carriers. In addition,
the percentage of inspections of air carriers that did not identify a
violation of air cargo security requirements was significantly higher
than that for indirect air carriers. According to TSA officials, the
agency was taking steps to enhance its ability to conduct compliance
inspections of indirect air carriers.[Footnote 42]
To further target its inspections, TSA was conducting special emphasis
assessments, which include testing to identify air cargo security
weaknesses.[Footnote 43] On the basis of its review of compliance
inspection results for the period of January 2003 to January 2005, TSA
identified 25 indirect air carriers and 11 air carriers with a history
of violations related to air cargo security requirements. TSA officials
stated that the agency began conducting tests on these air carriers and
indirect air carriers in April 2005.[Footnote 44] TSA officials stated
that the agency planned to conduct additional tests. However, TSA
officials stated that the agency had not yet determined how it will use
the results of its testing program to help interpret the results from
its other compliance inspection efforts. TSA had also not analyzed
inspection results to identify additional targets for future testing.
Such analysis could include focusing compliance testing efforts on air
carriers and indirect air carriers with a history of air cargo security
violations related to high-risk areas.
TSA has made efforts to incorporate risk-based decision making into
securing air cargo, but has not conducted assessments of air cargo
vulnerabilities or critical assets (cargo facilities and aircraft)--two
crucial elements of a risk-based management approach without which TSA
may not be able to appropriately focus its resources on the most
critical security needs. TSA also completed an Air Cargo Strategic Plan
in November 2003 that outlined a threat-based risk management approach
and identified strategic objectives and priority actions for enhancing
air cargo security. Then, in November 2004, TSA issued a proposed air
cargo security rule to enhance and improve the security of air cargo
transportation.[Footnote 45] When finalized, TSA intends for this rule
to implement most of the objectives set forth in the strategic plan.
TSA had also not completed a methodology for assessing the
vulnerability and criticality of air cargo assets, or established a
schedule for conducting such assessments because of competing agency
efforts to address other areas of aviation security.
TSA had established a centralized Known Shipper database to streamline
the process by which shippers (individuals and businesses) are made
known to carriers with whom they conduct business. However, the
information on the universe of shippers was incomplete because shipper
participation was not mandatory and the data had not been thoroughly
reviewed. TSA estimated that the database represented less than a third
of the total population of known shippers. Further, TSA had not taken
steps to identify shippers who may pose a security threat, in part
because TSA had incomplete information on known shippers. TSA was
attempting to address this limitation by its November 2004 proposed air
cargo security rule which would make the Known Shipper database
mandatory. This would require air carriers and indirect air carriers to
submit information on their known shippers to TSA's Known Shipper
database. Finally, TSA plans to take further steps to identify those
shippers who may pose a security risk.
In addition, TSA established a requirement for random inspection of air
cargo to address threats to the nation's aviation transportation system
and to reflect the agency's position that inspecting 100 percent of air
cargo was not technologically feasible and would be potentially
disruptive to the flow of air commerce. However, this requirement,
which was revised in 2005 to increase the percentage of inspections
required, contained exemptions based on the nature and size of cargo
that may leave the air cargo system vulnerable to terrorist attack.
TSA's plans for enhancing air cargo security included implementing a
system for targeting elevated risk cargo for inspection.[Footnote 46]
Although the agency acknowledged that the successful development of
this system was contingent upon having complete, accurate, and current
targeting information, the agency had not yet completed efforts to
ensure information that will be used by the system is reliable.
Further, through its proposed air cargo security rule, TSA planned to
require air carriers and indirect air carriers to secure air cargo
facilities, screen all individual persons boarding all-cargo aircraft,
and conduct security checks on air cargo workers. In commenting on the
proposed air cargo security rule, industry stakeholders representing
air carriers, indirect air carriers and airport authorities stated that
several of the proposals, including those mentioned above, may be
costly and difficult to implement, and that TSA may have underestimated
the costs associated with implementing these proposed measures. Our
analysis of TSA's estimate also suggested that it may have been an
underestimate. TSA stated that it plans to reassess its cost estimates
before issuing its final air cargo security rule.
In October 2005, we made several recommendations to assist TSA in
strengthening the security of the domestic air cargo transportation
system.[Footnote 47] These recommendations included (1) developing a
methodology and schedule for completing assessments of air cargo
vulnerabilities and critical assets; (2) reexamining the rationale for
existing air cargo inspection exemptions; (3) developing measures to
gauge air carrier and indirect air carrier compliance with air cargo
security requirements; (4) developing a plan for systematically
analyzing and using the results of air cargo compliance inspections to
target future inspections and identify system wide corrective actions;
(5) assessing the effectiveness of enforcement actions in ensuring air
carrier and indirect air carrier compliance with air cargo security
requirements; (6) and ensuring that the data to be used in the Freight
Assessment System are complete, accurate, and current. DHS agreed with
our recommendations. We currently have an ongoing review assessing the
security of air cargo entering the United States from foreign
countries.
Further Steps May Be Needed to Strengthen TSA Oversight of Commercial
Airport Perimeters and Access Controls:
As discussed previously, domestic commercial airport authorities have
primary responsibility for securing airport perimeters and restricted
areas, whereas TSA conducts regulatory inspections to help ensure that
airport authorities are complying with TSA security requirements. We
reported in June 2004 on TSA's efforts to strengthen the security of
airport perimeters (such as airfield fencing and access gates), the
adequacy of controls restricting unauthorized access to secured areas
(such as building entry ways leading to aircraft), and security
measures pertaining to individuals who work at airports.[Footnote 48]
At the time of our review, we found TSA had begun evaluating commercial
airport security but needed a better approach for assessing results. In
addition, TSA required criminal history records checks and security
awareness training for most, but not all, the airport workers called
for in ATSA. Further, TSA did not require airport vendors with direct
access to the airfield and aircraft to develop security programs, which
would include security measures for vendor employees and property, as
required by ATSA.
TSA is responsible for, and, at the time of our 2004 review, had begun
evaluating the security of airport perimeters and the controls that
limit access into secured airport areas, but had not yet determined how
the results of these evaluations could be used to make improvements to
the nation's airport system as a whole. Specifically, we found that TSA
had begun conducting regulatory compliance inspections, covert testing
of selected security procedures, and vulnerability assessments at
selected airports. These evaluations--though not yet completed at the
time of our report--identified perimeter and access control security
concerns. For example, TSA identified instances where airport operators
failed to comply with existing security requirements, including
requirements related to access control.[Footnote 49] In addition, TSA
identified threats to perimeter and access control security at each of
the airports where vulnerability assessments were conducted in 2003.
TSA had plans to begin conducting joint vulnerability assessments with
the FBI but had not yet determined how it would allocate existing
resources between its own independent airport assessments and the new
joint assessments, or developed a schedule for conducting future
vulnerability assessments. In addition, TSA had not yet determined how
to use the results of its inspections in conjunction with its efforts
to conduct covert testing and vulnerability assessments to enhance the
overall security of the nation's commercial airport system.
In June 2004, we also reported that background checks were not required
for all airport workers. TSA requires most airport workers who perform
duties in secured and sterile areas to undergo a fingerprint-based
criminal history records check. TSA further requires airport operators
to compare applicants' names against TSA's aviation security watch
lists.[Footnote 50] Once workers undergo this review, they are granted
access to airport areas in which they perform duties. For example,
those workers who have been granted unescorted access to secured areas
are authorized access to these areas without undergoing physical
screening for prohibited items (which passengers undergo prior to
boarding a flight). To meet TSA requirements, airport operators
transmit applicants' fingerprints to a TSA contractor, who in turn
forwards the fingerprints to TSA, who submits them to the FBI to be
checked for criminal histories that could disqualify an applicant for
airport employment. In March 2006, that TSA contractor reported that
its background clearinghouse system had processed over 2 million
criminal history record checks of airport and airline employees. TSA
also requires that airport operators verify that applicants' names do
not appear on TSA's "no fly" and "selectee" watch lists to determine
whether applicants are eligible for employment.[Footnote 51]
According to TSA, by December 6, 2002, all airport workers who had
unescorted access to secured airport areas--approximately 900,000
individuals nationwide--had undergone a fingerprint-based criminal
history records check and verification that they did not appear on
TSA's watch lists, as required by regulation. In late 2002, TSA
required airport operators to conduct fingerprint-based checks and
watch list verifications for an additional approximately 100,000
airport workers who perform duties in sterile areas. As of April 2004,
TSA said that airport operators had completed all of these checks.
ATSA also mandates that TSA require airport operators and air carriers
to develop security awareness training programs for airport workers
such as ground crews, and gate, ticket, and curbside agents of air
carriers.[Footnote 52] However, while TSA requires such training for
these airport workers if they have unescorted access to secured areas,
the agency did not require training for airport workers who perform
duties in sterile airport areas.[Footnote 53] According to TSA,
training requirements for these airport workers have not been
established because additional training would result in increased costs
for airport operators.
Further, TSA had not addressed the act's provision that calls for the
agency to require that airport vendors with direct access to the
airfield and aircraft develop security programs to address security
measures specific to vendor employees (companies doing business in or
with the airport).[Footnote 54] TSA said that expanding requirements
for background checks and security awareness training for additional
workers and establishing requirements for vendor security programs
would be costly to implement and would require time-consuming rule-
making efforts to assess potential impacts and obtain and incorporate
public comment on any proposed regulations.
In June 2004, we recommended, and DHS generally agreed, that TSA better
justify future decisions on how best to proceed with security
evaluations and implement additional measures to reduce the potential
security risks posed by airport workers. In July 2004, in response to
our recommendations, TSA made several improvements in these areas,
through the issuance of a series of security directives, including
requiring enhanced background checks and improved access controls for
airport employees who work in restricted airport areas.[Footnote 55]
Concluding Observations:
Since its inception, TSA has achieved significant progress in deploying
its federal aviation security workforce to meet congressional mandates
related to establishing passenger and checked baggage screening
operations. With the initial congressional mandates now largely met,
TSA has turned its attention to more systematically deploying its TSO
workforce and assessing and enhancing its effectiveness in screening
passengers and checked baggage. TSA has developed a staffing model
intended to identify the necessary levels of TSOs to support airport
screening operations. However, given the challenges TSA faces in
determining appropriate staffing levels at airports, it is critical
that TSA carefully consider how it strategically hires, deploys and
manages its TSO workforce to help strengthen its passenger and checked
baggage screening programs. In addition, as threats and technology
evolve, it is vital that TSA continue to enhance training for the TSO
workforce. Over the past several years, TSA has strengthened its TSO
training program in an effort to ensure that TSOs have the knowledge
and skills needed to successfully perform their screening functions.
However, without addressing the challenges to delivering ongoing
training, including installing high-speed connectivity at airport
training facilities, TSA may have difficulty maintaining a screening
workforce that possesses the critical skills needed to perform at a
desired level.
The importance of the nation's air cargo security system and the
limited resources available to protect it underscore the need for a
risk management approach to prioritize security efforts so that a
proper balance between costs and security can be achieved. TSA has
taken important steps in establishing such a risk management approach,
but more work remains to be done to fully address the risks posed to
air cargo security, including assessments of systemwide vulnerabilities
and critical assets. Without such assessments, TSA is limited in its
ability to focus its resources on those air cargo vulnerabilities that
represent the most critical security needs. In addition, without
performance measures to gauge air carrier and indirect air carrier
compliance with air cargo security requirements and analyzing the
results of its compliance inspections, TSA cannot effectively focus its
inspection resources on those entities posing the greatest risk. In
addition, TSA's goal of developing a system to target elevated risk
cargo for inspection without impeding the flow of air commerce will be
difficult to achieve without ensuring that the information used to
target such cargo is complete, accurate, and current. By addressing
these areas, TSA would build a better basis for strengthening air cargo
security as it moves forward in implementing risk-based security
initiatives.
Mr. Chairman, this concludes my statement. I would be pleased to answer
any questions that you or other members of the Committee may have at
this time.
Contact Information:
For further information on this testimony, please contact at Cathleen
A. Berrick, (202) 512-3404 or berrickc@gao.gov. Contact points for our
Offices of Congressional Relations and Public Affairs may be found on
the last page of this statement.
In addition to the contact named above, John Barkhamer, Amy Bernstein,
Kristy Brown, Philip Caramia, Kevin Copping, Glenn Davis, Christine
Fossett, Thomas Lombardi, Laina Poon, and Maria Strudwick made key
contributions to this testimony.
[End of section]
Appendix I: Related GAO Products:
Aviation Security: Significant Management Challenges May Adversely
Affect Implementation of the Transportation Security Administration's
Secure Flight Program. GAO-06-374T. Washington, D.C.: February 9, 2006.
Aviation Security: Federal Air Marshal Service Could Benefit from
Improved Planning and Controls. GAO-06-203. Washington, D.C.: November
28, 2005.
Aviation Security: Federal Action Needed to Strengthen Domestic Air
Cargo Security. GAO-06-76. Washington, D.C.: October 17, 2005.
Transportation Security Administration: More Clarity on the Authority
of Federal Security Directors Is Needed. GAO-05-935. Washington, D.C.:
September 23, 2005.
Aviation Security: Flight and Cabin Crew Member Security Training
Strengthened, but Better Planning and Internal Controls Needed. GAO-05-
781. Washington, D.C.: September 6, 2005.
Aviation Security: Transportation Security Administration Did Not Fully
Disclose Uses of Personal Information During Secure Flight Program
Testing in Initial Privacy Notes, but Has Recently Taken Steps to More
Fully Inform the Public. GAO-05-864R. Washington, D.C.: July 22, 2005.
Aviation Security: Better Planning Needed to Optimize Deployment of
Checked Baggage Screening Systems. GAO-05-896T. Washington, D.C.: July
13, 2005:
Aviation Security: Screener Training and Performance Measurement
Strengthened, but More Work Remains. GAO-05-457. Washington, D.C.: May
2, 2005.
Aviation Security: Secure Flight Development and Testing Under Way, but
Risks Should Be Managed as System Is Further Developed. GAO-05-356.
Washington, D.C.: March 28, 2005:
Aviation Security: Systematic Planning Needed to Optimize the
Deployment of Checked Baggage Screening Systems. GAO-05-365.
Washington, D.C.: March 15, 2005.
Aviation Security: Measures for Testing the Effect of Using Commercial
Data for the Secure Flight Program. GAO-05-324. Washington, D.C.:
February 23, 2005.
Transportation Security: Systematic Planning Needed to Optimize
Resources. GAO-05-357T. Washington, D.C.: February 15, 2005.
Aviation Security: Preliminary Observations on TSA's Progress to Allow
Airports to Use Private Passenger and Baggage Screening Services. GAO-
05-126. Washington, D.C.: November 19, 2004.
General Aviation Security: Increased Federal Oversight Is Needed, but
Continued Partnership with the Private Sector Is Critical to Long-Term
Success. GAO-05-144. Washington, D.C.: November 10, 2004.
Aviation Security: Further Steps Needed to Strengthen the Security of
Commercial Airport Perimeters and Access Controls. GAO-04-728.
Washington, D.C.: June 4, 2004.
Transportation Security Administration: High-Level Attention Needed to
Strengthen Acquisition Function. GAO-04-544. Washington, D.C.: May 28,
2004.
Aviation Security: Challenges in Using Biometric Technologies. GAO-04-
785T. Washington, D.C.: May 19, 2004.
Nonproliferation: Further Improvements Needed in U.S. Efforts to
Counter Threats from Man-Portable Air Defense Systems. GAO-04-519.
Washington, D.C.: May 13, 2004.
Aviation Security: Private Screening Contractors Have Little
Flexibility to Implement Innovative Approaches. GAO-04-505T.
Washington, D.C.: April 22, 2004.
Aviation Security: Improvement Still Needed in Federal Aviation
Security Efforts. GAO-04-592T. Washington, D.C.: March 30, 2004.
Aviation Security: Challenges Delay Implementation of Computer-
Assisted Passenger Prescreening System. GAO-04-504T. Washington, D.C.:
March 17, 2004.
Aviation Security: Factors Could Limit the Effectiveness of the
Transportation Security Administration's Efforts to Secure Aerial
Advertising Operations. GAO-04-499R. Washington, D.C.: March 5, 2004.
Aviation Security: Computer-Assisted Passenger Prescreening System
Faces Significant Implementation Challenges. GAO-04-385. Washington,
D.C.: February 13, 2004.
Aviation Security: Challenges Exist in Stabilizing and Enhancing
Passenger and Baggage Screening Operations. GAO-04-440T. Washington,
D.C.: February 12, 2004.
The Department of Homeland Security Needs to Fully Adopt a Knowledge-
based Approach to Its Counter-MANPADS Development Program. GAO-04-341R.
Washington, D.C.: January 30, 2004.
Aviation Security: Efforts to Measure Effectiveness and Strengthen
Security Programs. GAO-04-285T. Washington, D.C.: November 20, 2003.
Aviation Security: Federal Air Marshal Service Is Addressing Challenges
of Its Expanded Mission and Workforce, but Additional Actions Needed.
GAO-04-242. Washington, D.C.: November 19, 2003.
Aviation Security: Efforts to Measure Effectiveness and Address
Challenges. GAO-04-232T. Washington, D.C.: November 5, 2003.
Airport Passenger Screening: Preliminary Observations on Progress Made
and Challenges Remaining. GAO-03-1173. Washington, D.C.: September 24,
2003.
Aviation Security: Progress Since September 11, 2001, and the
Challenges Ahead. GAO-03-1150T. Washington, D.C.: September 9, 2003.
Transportation Security: Federal Action Needed to Enhance Security
Efforts. GAO-03-1154T. Washington, D.C.: September 9, 2003.
Transportation Security: Federal Action Needed to Help Address Security
Challenges. GAO-03-843. Washington, D.C.: June 30, 2003.
Federal Aviation Administration: Reauthorization Provides Opportunities
to Address Key Agency Challenges. GAO-03-653T. Washington, D.C.: April
10, 2003.
Transportation Security: Post-September 11th Initiatives and Long-Term
Challenges. GAO-03-616T. Washington, D.C.: April 1, 2003.
Airport Finance: Past Funding Levels May Not Be Sufficient to Cover
Airports' Planned Capital Development. GAO-03-497T. Washington, D.C.:
February 25, 2003.
Transportation Security Administration: Actions and Plans to Build a
Results-Oriented Culture. GAO-03-190. Washington, D.C.: January 17,
2003.
Aviation Safety: Undeclared Air Shipments of Dangerous Goods and DOT's
Enforcement Approach. GAO-03-22. Washington, D.C.: January 10, 2003.
Aviation Security: Vulnerabilities and Potential Improvements for the
Air Cargo System. GAO-03-344. Washington, D.C.: December 20, 2002.
Aviation Security: Registered Traveler Program Policy and
Implementation Issues. GAO-03-253. Washington, D.C.: November 22, 2002.
Airport Finance: Using Airport Grant Funds for Security Projects Has
Affected Some Development Projects. GAO-03-27. Washington, D.C.:
October 15, 2002.
Commercial Aviation: Financial Condition and Industry Responses Affect
Competition. GAO-03-171T. Washington, D.C.: October 2, 2002.
Aviation Security: Transportation Security Administration Faces
Immediate and Long-Term Challenges. GAO-02-971T. Washington, D.C.: July
25, 2002.
Aviation Security: Information Concerning the Arming of Commercial
Pilots. GAO-02-822R. Washington, D.C.: June 28, 2002.
Aviation Security: Vulnerabilities in, and Alternatives for, Preboard
Screening Security Operations. GAO-01-1171T. Washington, D.C.:
September 25, 2001.
Aviation Security: Weaknesses in Airport Security and Options for
Assigning Screening Responsibilities. GAO-01-1165T. Washington, D.C.:
September 21, 2001.
Homeland Security: A Framework for Addressing the Nation's Efforts. GAO-
01-1158T. Washington, D.C.: September 21, 2001.
Aviation Security: Terrorist Acts Demonstrate Urgent Need to Improve
Security at the Nation's Airports. GAO-01-1162T. Washington, D.C.:
September 20, 2001.
Aviation Security: Terrorist Acts Illustrate Severe Weaknesses in
Aviation Security. GAO-01-1166T. Washington, D.C.: September 20, 2001.
FOOTNOTES
[1] ATSA created TSA as an agency within the Department of
Transportation (DOT) with responsibility for securing all modes of
transportation, including aviation. Pub. L. No. 107-71, § 101, 115
Stat. 597 (2001). The Homeland Security Act of 2002, signed into law on
November 25, 2002, transferred TSA from the DOT to the new Department
of Homeland Security (DHS). Pub. L. No. 107-296, § 403, 116 Stat. 2135,
2178.
[2] The Threat Image Projection system is designed to test TSOs'
detection capabilities by projecting threat images, including images of
guns and explosives, into bags as they are screened. TSOs are
responsible for positively identifying the threat image and calling for
the bag to be searched.
[3] Sterile areas are located within the terminal where passengers wait
after screening to board departing aircraft. Access to these areas is
generally controlled by TSA screeners at checkpoints where they conduct
physical screening of passengers and their carry-on baggage for weapons
and explosives.
[4] TSA classifies the commercial airports in the United States into
one of five security risk categories (X, I, II, III, IV, and V) based
on various factors, such as the total number of takeoffs and landings
annually, and other special security considerations. In general,
category X airports have the largest number of passenger boardings, and
category IV airports have the smallest.
[5] TSA defines an operational screening test as any covert test of a
TSO conducted by TSA, on any screening function, to assess the
screener's threat item detection ability or adherence to TSA-approved
procedures.
[6] Pursuant to the Homeland Security Act, the deadline for screening
all checked baggage using explosive detection systems was, in effect,
extended until December 31, 2003.
[7] TSOs must deny passage beyond the screening location to any
individual or property that has not been screened or inspected in
accordance with passenger screening standard operating procedures. If
an individual refuses to permit inspection of any item, that item must
not be allowed into the sterile area or aboard an aircraft.
[8] Explosive detection systems use probing radiation to examine
objects inside baggage and identify the characteristic signatures of
threat explosives. EDS equipment operates in an automated mode.
[9] Explosive trace detection works by detecting vapors and residues of
explosives. Human operators collect samples by rubbing bags with swabs,
which are chemically analyzed to identify any traces of explosive
materials.
[10] Positive passenger bag match is an alternative method of screening
checked baggage that requires that the passenger be on the same
aircraft as the checked baggage.
[11] Domestic passenger air carriers have 11 separate areas of cargo
security that are subject to inspection, while indirect air carriers
have 12 areas that are subject to inspection. All-cargo carriers that
have implemented the voluntary all-cargo security program have 24 areas
that are subject to inspection. These areas of inspection include
access to cargo, cargo acceptance, including cargo from known shippers,
and security training and testing.
[12] GAO, Transportation Security Administration: More Clarity on the
Authority of Federal Security Directors Is Needed, GAO-05-935
(Washington D.C.: Sept. 23, 2005).
[13] GAO-05-935.
[14] GAO, Aviation Security: Challenges Exist in Stabilizing and
Enhancing Passenger and Baggage Screening Operations, GAO-04-440T
(Washington, D.C.: Feb. 12, 2004).
[15] Intelligence Reform and Terrorism Prevention Act of 2004, Pub. L.
No. 108-458, § 4023, 118 Stat 3638, 3723-24.
[16] One full-time-equivalent is equal to one work year or 2,080 non-
overtime hours.
[17] This budgetary FTE limit is not to be confused with the 45,000 FTE
screener cap imposed by Congress in the FY2006 DHS Appropriations Act
that limits the total number of FTE screeners available to TSA.
[18] We interviewed FSD staff at 3 category X airports, 1 category I
airports, and 1 category III airport.
[19] GAO-04-440T.
[20] GAO, Airport Passenger Screening: Preliminary Observations on
Progress Made and Challenges Remaining, GAO-03-1173 (Washington, D.C.:
Sept. 24, 2003).
[21] GAO, Aviation Security: Screener Training and Performance
Measurement Strengthened but More Work Remains, GAO-05-457 (Washington,
D.C.: May 2, 2005).
[22] According to the budget request, the remaining $36 million is
needed to support operations and maintenance costs, including recurring
costs for routers, switches, circuits, cabinets, racks, and network
monitoring.
[23] GAO, Aviation Security: Efforts to Measure Effectiveness and
Address Challenges, GAO-04-232T (Washington, D.C.: Nov. 5, 2003).
[24] Covert testing is an ancillary duty and not a full-time assignment
for the majority of OI staff. According to OI, 14 full-time-equivalent
positions in headquarters are dedicated fully to the covert testing
program, which includes covert testing of all modes of transportation,
not just airports. These 14 full-time-equivalents are in OI's Special
Operations group and form the core of team leaders for the covert
testing trips.
[25] Some recommendations appear repeatedly in multiple reports issued
by OIAPR.
[26] Test results cannot be generalized because sample tests were not
identified using the principles of probability sampling. In a
probability sample to assess screener detection of threat objects, each
screening of a passenger or baggage would have to have a chance of
being selected. A well-designed probability sample would enable failure
rates to be generalized to all airports. However, for cost and
operational reasons, probability sampling may not be feasible for
passenger and checked baggage screening because it would require a very
large sample size and an exhaustive examination of each sampled
passenger or baggage to determine if there was a threat object to
detect.
[27] The local covert testing protocols were updated in June 2004 and
August 2004 to provide information on alternative testing methods.
[28] GAO, Aviation Security: Screener Training and Performance
Measurement Strengthened but More Work Remains, GAO-05-457 (Washington
D.C.: May 2, 2005).
[29] The TIP database records both the TIP hit rate and TIP false alarm
rate. These two results are used to determine the probability of
detection and probability of false alarms, which determine overall TIP
performance. The TIP performance measure is classified as sensitive
security information.
[30] GAO-05-457.
[31] GAO, Aviation Security: Private Screening Contractors Have Little
Flexibility to Implement Innovative Approaches, GAO-04-505T
(Washington, D.C.: April 22, 2004).
[32] We cannot report on the specific results of the recertification
testing because they are sensitive security information.
[33] Information related to the measures is sensitive security
information.
[34] As of January 7, 2005, TSA reported that its workforce included
approximately 25,947 dual-trained screeners who were certified to serve
as passenger or baggage screeners.
[35] TSA's onscreen resolution protocol requires that when an EDS
machine alarm goes off, indicating the possibility of explosives, TSA
TSOs, by reviewing computer-generated images of the inside of the bag,
attempt to determine whether or not a suspect item or items are in fact
explosive materials. If the TSO is unable to make this determination,
the bag is diverted from the main conveyor belt into an area where it
receives a secondary screening by a TSO with an ETD machine.
[36] According to TSA, the machine probabilities of detection are
established by the certification standards for each particular model of
machines, and machines are not deployed unless they have met those
standards.
[37] TSA's measures for covert testing are passenger screener covert
test results (percentage of TSOs correctly identifying and resolving
threat images) and baggage screener covert test results (percentage of
TSOs correctly identifying and resolving threat images). The targets
for these measures are classified.
[38] GAO, Aviation Security: Federal Action Needed to Strengthen
Domestic Air Cargo Security, GAO-06-76 (Washington, D.C.: Oct. 17,
2005).
[39] TSA established an automated Performance and Results Information
System (PARIS) to compile the results of cargo inspections and the
actions taken when violations are identified. The PARIS database,
established in July 2003, provides TSA a Web-based method for entering,
storing, and retrieving performance activities and information on TSA-
regulated entities, including air carriers and indirect air carriers.
PARIS includes profiles for each entity, inspections conducted by TSA,
incidents that occur throughout the nation, such as instances of bomb
threats, and investigations that are prompted by incidents or
inspection findings.
[40] We requested all of TSA's compliance inspection data, starting in
November 2001. According to TSA, agency efforts to conduct air cargo
compliance inspections during calendar years 2001 and 2002 were
minimal. Moreover, documentation of inspection results for that period
was problematic in part because of the way the Federal Aviation
Administration reported compliance inspection data, which made it
difficult to migrate the Federal Aviation Administration's data into
TSA's PARIS system.
[41] GAO, Internal Control Management and Evaluation Tool, GAO-01-1008G
(Washington, D.C.: August 2001).
[42] Factors accounting for the limited number of TSA compliance
inspections of indirect air carrier facilities are sensitive security
information and discussed in the restricted version of this report, GAO-
05-446SU.
[43] According to TSA, special emphasis assessments are distinct from
agency efforts to conduct covert testing by TSA's Office of Internal
Affairs and Program Review. Covert testing is typically done by
undercover TSA agents and includes testing the security procedures at
passenger check points and airport access controls.
[44] Results of TSA's tests are considered sensitive security
information and described in the sensitive security version of this
report GAO-05-446SU.
[45] Air Cargo Security Requirements, 69 Fed. Reg. 65,258 (proposed
Nov. 10, 2004) (to be codified at 49 C.F.R pts. 1540-48).
[46] This system, referred to as Freight Assessment, would target
elevated risk cargo for inspection to minimize the agency's reliance on
random inspections. This system is supposed to compare information on
individual cargo shipments and shippers, among other things, against
targeting criteria to assign a risk level to cargo. This would subject
elevated risk cargo to additional inspection through physical searches
or non intrusive technology.
[47] GAO-06-76.
[48] GAO, Aviation Security: Further Steps Needed to Strengthen the
Security of Commercial Airport Perimeters and Access Controls, GAO-04-
728 (Washington, D.C.: June 4, 2004).
[49] Our evaluation of TSA's covert testing of airport access controls
was classified and was discussed in a separate classified report.
[50] 49 U.S.C. § 44936 requires airports and air carriers to conduct
fingerprint-based criminal history records checks for all workers
seeking unescorted access to the Security Identification Display Area.
Specifically, no individual may be given unescorted access authority if
he or she has been convicted, or found not guilty by reason of
insanity, of any of 28 disqualifying offenses during the 10 years
before the date of the individual's application for unescorted access
authority, or while the individual has unescorted access authority.
[51] TSA's no-fly list contains the names of individuals that pose, or
are suspected of posing, a threat to civil aviation or national
security. Individuals on this list will not be permitted to board an
aircraft. There is also a selectee process by which individuals who
meet certain criteria are set aside for additional screening.
[52] Pub. L. No. 107-71, § 106(e), 115 Stat. at 610.
[53] TSA regulations governing security training are virtually the same
as those required previously under the regulations as administered by
FAA.
[54] See 49 U.S.C. § 44903(h)(4)(d).
[55] TSA has taken other actions that are considered sensitive security
information.
