Maritime Security
National Strategy and Supporting Plans Were Generally Well-Developed and Are Being Implemented Gao ID: GAO-08-672 June 20, 2008The safety and economic security of the United States depends on the secure use of the world's seaports and waterways. Homeland Security Presidential Directive-13 (HSPD-13, also referred to as National Security Presidential Directive-41) directs the coordination of U.S. maritime security policy through the creation of a National Strategy for Maritime Security and supporting implementation plans. GAO was asked to evaluate this strategy and its eight supporting plans. This report discusses: (1) the extent to which the strategy and its supporting plans contain desirable characteristics of an effective national strategy, and (2) the reported status of the implementation of these plans. To conduct this work, GAO evaluated the National Strategy for Maritime Security and its supporting plans against the desirable characteristics of an effective national strategy that GAO identified in February 2004, reviewed HSPD-13 and supporting plans, and reviewed documents on the status of the plans' implementation.
Of the six desirable characteristics of an effective national strategy that GAO identified in 2004, the National Strategy for Maritime Security and its eight supporting implementation plans address four and partially address the remaining two. Documents provided by the Maritime Security Working Group--an interagency body responsible for monitoring and assessing the implementation of the maritime strategy--indicate that the implementation status of the eight supporting plans varies. For example, as of November 2007, implementation of one plan had been completed, while another has reached the assessment phase (e.g., lessons learned and best practices), and a third has reached the execution phase (e.g., exercises and operations). The other five plans remain primarily in the planning phase. The working group is monitoring the implementation of 76 actions across the plans, and reported 6 of these are completed and 70 are ongoing.
GAO-08-672, Maritime Security: National Strategy and Supporting Plans Were Generally Well-Developed and Are Being Implemented
This is the accessible text file for GAO report number GAO-08-672
entitled 'Maritime Security: National Strategy and Supporting Plans
Were Generally Well-Developed and Are Being Implemented' which was
released on June 20, 2008.
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as part
of a longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
Report to the Committee on Commerce, Science, and Transportation, U.S.
Senate:
United States Government Accountability Office:
GAO:
June 2008:
Maritime Security:
National Strategy and Supporting Plans Were Generally Well-Developed
and Are Being Implemented:
GAO-08-672:
GAO Highlights:
Highlights of GAO-08-672, a report to the Committee on Commerce,
Science and Transportation, U.S. Senate.
Why GAO Did This Study:
The safety and economic security of the United States depends on the
secure use of the world‘s seaports and waterways. Homeland Security
Presidential Directive-13 (HSPD-13, also referred to as National
Security Presidential Directive-41) directs the coordination of U.S.
maritime security policy through the creation of a National Strategy
for Maritime Security and supporting implementation plans. GAO was
asked to evaluate this strategy and its eight supporting plans. This
report discusses: (1) the extent to which the strategy and its
supporting plans contain desirable characteristics of an effective
national strategy, and (2) the reported status of the implementation of
these plans.
To conduct this work, GAO evaluated the National Strategy for Maritime
Security and its supporting plans against the desirable characteristics
of an effective national strategy that GAO identified in February 2004,
reviewed HSPD-13 and supporting plans, and reviewed documents on the
status of the plans‘ implementation.
What GAO Found:
Of the six desirable characteristics of an effective national strategy
that GAO identified in 2004, the National Strategy for Maritime
Security and its eight supporting implementation plans address four and
partially address the remaining two as shown in the table below.
Table: Extent to Which the National Strategy for Maritime Security and
Its Supporting Implementation Plans Address GAO‘s Desirable
Characteristics:
Desirable characteristic: Purpose, scope, and methodology; Brief
description of characteristic: Addresses why the strategy was produced,
the scope of its coverage, and the process by which it was developed;
Assessment: Addresses.
Desirable characteristic: Problem definition and risk assessment; Brief
description of characteristic: Addresses the particular national
problems and threats the strategy is directed towards; Assessment:
Addresses.
Desirable characteristic: Organizational roles, responsibilities, and
coordination; Brief description of characteristic: Addresses who will
be implementing the strategy, what their roles will be compared to
others, and mechanisms for them to coordinate their efforts;
Assessment: Addresses.
Desirable characteristic: Integration and implementation; Brief
description of characteristic: Addresses how a national strategy
relates to other strategies‘ goals, objectives, and activities, and to
subordinate levels of government and their plans to implement the
strategy; Assessment: Addresses.
Desirable characteristic: Goals, objectives, activities, and
performance measures; Brief description of characteristic: Addresses
what the strategy is trying to achieve, steps to achieve those results,
as well as the priorities, milestones, and performance measures to
gauge results; Assessment: Partially addresses (does not include
performance measures).
Desirable characteristic: Resources, investments, and risk management;
Brief description of characteristic: Addresses what the strategy will
cost, the sources and types of resources and investments needed, and
where resources and investments should be targeted by balancing risk
reductions and costs; Assessment: Partially addresses (does not include
information on the sources and types of resources needed).
Source: GAO analysis.
[End of table]
Documents provided by the Maritime Security Working Group”an
interagency body responsible for monitoring and assessing the
implementation of the maritime strategy”indicate that the
implementation status of the eight supporting plans varies. For
example, as of November 2007, implementation of one plan had been
completed, while another has reached the assessment phase (e.g.,
lessons learned and best practices), and a third has reached the
execution phase (e.g., exercises and operations). The other five plans
remain primarily in the planning phase. The working group is monitoring
the implementation of 76 actions across the plans, and reported 6 of
these are completed and 70 are ongoing.
What GAO Recommends:
GAO is not making any new recommendations. However, it previously made
recommendations to the Department of Homeland Security (DHS) related to
the key issues discussed in this report. DHS generally concurred with
these earlier recommendations and is working to address them.
To view the full product, including the scope and methodology, click on
[hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-08-672]. For more
information, contact Stephen L. Caldwell at (202) 512-9610 or
caldwells@gao.gov.
[End of section]
Contents:
Letter:
Results in Brief:
Background:
The National Strategy for Maritime Security and Its Eight Supporting
Implementation Plans Address or Partially Address All of the Desirable
Characteristics of a National Strategy:
Maritime Security Working Group Reports that the Implementation of
Supporting Plans Varies:
Agency Comments:
Appendix I: Objectives, Scope and Methodology:
Appendix II: GAO Contacts and Staff Acknowledgments:
Related GAO Products:
Tables:
Table 1: Extent to Which the National Strategy for Maritime Security
and its Supporting Implementation Plans Address GAO's Desirable
Characteristics:
Table 2: Summary and Status of National Strategy for Maritime Security
Supporting Implementation Plans (Lead Department) as Reported by the
Maritime Security Working Group in November 2007:
Figures:
Figure 1: Stages of the International Supply Chain and Related Maritime
Security Legislation and HSPD-13 Plans:
Figure 2: Structure of the Policy and Implementation Bodies Responsible
for Coordination of the National Strategy for Maritime Security:
[End of section]
United States Government Accountability Office:
Washington, DC 20548:
June 20, 2008:
The Honorable Daniel Inouye:
Chairman:
The Honorable Ted Stevens:
Vice Chairman:
Committee on Commerce, Science and, Transportation:
United States Senate:
More than 6 years after the September 11, 2001, attacks, the risk of a
terrorist attack in the maritime domain remains a major concern to the
United States.[Footnote 1] Over 95 percent of U.S. international trade
is transported by water, thus, the safety and economic security of the
United States depends in large part on the secure use of the world's
seaports and waterways. A successful attack on a major seaport could
potentially result in a dramatic slowdown in the international supply
chain with impacts in the billions of dollars.[Footnote 2] Therefore,
the United States and its trading partners, have a common interest to
facilitate maritime commerce and to protect against maritime-related
terrorist, criminal, or other hostile acts.
The federal government has been active in seeking to enhance maritime
security through legislation, presidential directives, and
international agreements. As a result, the federal government has
implemented numerous programs and initiatives to help secure our
nation's maritime infrastructure, harbors, seaports, and international
waterways. One of these efforts, and the focus of this report, is
Homeland Security Presidential Directive-13 (HSPD-13), which directs
the coordination of maritime security policy through the creation of a
National Strategy for Maritime Security and supporting implementation
plans. Issued in December 2004, HSPD-13 aims to establish U.S. policy
and implementation actions to further reduce the vulnerability of the
maritime domain. These efforts are monitored by the Maritime Security
Working Group, an interagency group tasked with monitoring the
implementation of the supporting plans. The working group reports to
the Maritime Security Policy Coordination Committee, which is the
primary forum for coordinating U.S. national maritime strategy. Both
the Maritime Security Policy Coordination Committee and the Maritime
Security Working Group are co-chaired by representatives of the
National Security Council and the Homeland Security Council.[Footnote
3]
In 2004, we developed a set of six desirable characteristics for
national strategies.[Footnote 4] Those six characteristics are:
(1) Statement of purpose, scope, and methodology: addresses why the
strategy was produced, the scope of its coverage, and the process by
which it was developed.
(2) Problem definition and risk assessment: addresses the particular
national problems and threats the strategy is directed towards.
(3) Goals, subordinate objectives, activities, and performance
measures: addresses what the strategy is trying to achieve and the
steps to achieve those results, as well as the priorities, milestones,
and performance measures to gauge results.
(4) Resources, investments, and risk management: addresses what the
strategy will cost, the sources and types of resources and investments
needed, and where resources and investments should be targeted by
balancing risk reductions and costs.
(5) Organizational roles, responsibilities, and coordination: addresses
which organizations will be implementing the strategy, what their roles
will be compared to others, and mechanisms for them to coordinate their
efforts.
(6) Integration and implementation: addresses how a national strategy
relates to other strategies' goals, objectives, and activities, and to
subordinate levels of government and their plans to implement the
strategy.
We believe these characteristics can assist responsible parties in
further developing and implementing national strategies, as well as
enhance their usefulness in resource and policy decisions and to better
assure accountability. We have used these characteristics to assess the
completeness of seven national strategies related to homeland security
and combating terrorism.[Footnote 5]
You asked us to evaluate the National Strategy for Maritime Security
and its eight supporting implementation plans. This report presents the
results of our efforts to address the following questions:
* To what extent does the National Strategy for Maritime Security and
its supporting implementation plans contain the elements identified as
desirable characteristics of an effective national strategy?
* What is the reported implementation status of these plans?
To answer our first question, we analyzed the National Strategy for
Maritime Security to determine whether it contained the desirable
characteristics for an effective national strategy. If a characteristic
or an element of a characteristic was missing from the national
strategy, then we reviewed the eight supporting implementation plans
for evidence of the characteristic in a majority of these
plans.[Footnote 6] We also reviewed the plans to determine if they
provided more detail on the characteristics examined than could be
found in the national strategy, for example, what component or agency
will implement a specific recommendation. If a characteristic or an
element of a characteristic was missing from the national strategy, our
methodology required that the characteristic or element be present in
at least five of the supporting plans for the characteristic to be
considered "addressed." An assessment of partially addressed meant that
the characteristic or element be present in at least one of the
supporting plans. To answer our second question, we relied on documents
provided by the Maritime Security Working Group that detailed the
status of actions taken to implement the supporting plans and the
overall status of the implementation of the plans. We also interviewed
officials from key agencies and the co-chair of the Maritime Security
Working Group. We did not independently evaluate any of the actions
monitored for the implementation of these plans. We conducted this
performance audit from July 2007 to June 2008 in accordance with
generally accepted government auditing standards. Those standards
require that we plan and perform the audit to obtain sufficient,
appropriate evidence to provide a reasonable basis for our findings and
conclusions based on our audit objectives. We believe that the evidence
obtained provides a reasonable basis for our findings and conclusions
based on our audit objectives. Appendix I includes more detailed
information on our scope and methodology.
Results in Brief:
Of the six desirable characteristics of an effective national strategy
that GAO identified in 2004, the National Strategy for Maritime
Security and its supporting implementation plans together address four
and partially address the remaining two. The four characteristics that
are addressed include: (1) purpose, scope, and methodology; (2) problem
definition and risk assessment; (3) organizational roles,
responsibilities, and coordination; and (4) integration and
implementation. The two characteristics that are partially addressed
are: (1) goals, objectives, activities, and performance measures and
(2) resources, investments, and risk management. These characteristics
are partially addressed primarily because the strategy and its plans
lack information on performance measures and the resources and
investments elements of these characteristics. Specifically, only one
of the supporting plans mentions performance measures and many of these
measures are presented as possible or potential performance measures.
However, in previous work we have noted the existence of performance
measures for individual maritime security programs. For example,
Customs and Border Protection (CBP) has established performance metrics
for its Automated Targeting System, which assists in determining which
containers are to be subjected to inspection, and uses performance
measures to gauge the effectiveness of its Container Security
Initiative program, which is designed to detect and deter terrorists
from smuggling weapons of mass destruction via cargo containers. We
have also recommended that DHS develop performance measures for other
maritime security programs and DHS has concurred with these
recommendations. The resources, investments, and risk management
characteristic is also partially addressed. While the strategic actions
and recommendations discussed in the maritime security strategy and
supporting implementation plans constitute an approach to minimizing
risk and investing resources, the strategy and seven of its supporting
implementation plans lack information on the sources and types of
resources needed for their implementation. In addition, the national
strategy and three of the supporting plans also lack investment
strategies to direct resources to necessary actions. To address this,
the working group has recommended to the Maritime Security Policy
Coordination Committee that it should examine the feasibility of
creating an interagency priorities and investment strategy for the
supporting plans. Despite these shortcomings, we recognize that other
documents are used for allocating resources. For example, DHS's latest
Fiscal Year Homeland Security Program, a 5-year resource plan to
support the mission, priorities, and goals of the department within
projected funding, provides some details on how much DHS expects to
spend to implement its maritime security responsibilities.
Our review of documents provided by the Maritime Security Working Group
indicates that the implementation status of the eight supporting plans
varies. Specifically, the working group reported on the status of each
plan by indicating whether the plan was in the guidance, planning,
execution, or assessment and evaluation phase.[Footnote 7] They
reported that as of November 2007, one plan had reached the execution
phase, another had reached the assessment phase, and a third had been
completed. The other five plans remained primarily in the planning
phase. The working group also identified 76 actions across the various
supporting plans and has monitored the implementation of these actions.
According to the working group, as of November 2007, 6 of these actions
were completed and 70 were ongoing.
Background:
Since the September 11, 2001, terrorist attacks, federal agencies have
implemented numerous measures designed to improve maritime security.
Moreover, legislation has been enacted to provide a framework for
protecting the nation's seaports and waterways from terrorist attack
through a wide range of security requirements and programs.[Footnote 8]
Federal agency measures include, for example, the U.S. Coast Guard
working with foreign countries to ensure that their seaports have
adequate security measures in place. Also, under the Container Security
Initiative, U.S. Customs and Border Protection stations officers
overseas to work with foreign officials to identify and inspect high-
risk cargo en route to the United States.
The Maritime Security Working Group was created in May 2004 to increase
coordination among U.S. government maritime security policy
stakeholders and to develop an overarching policy that would serve to
enhance maritime security and defense, and strengthen antiterrorism
efforts in the global maritime environment. As a result of the working
group's efforts, on December 21, 2004, the President issued HSPD-13
directing the coordination of U.S. government maritime security
programs and initiatives to achieve a comprehensive and cohesive
national effort involving appropriate federal, state, local, and
private sector entities. HSPD-13 established the Maritime Security
Policy Coordination Committee [Footnote 9] as the primary forum to
coordinate U.S. policy, guidelines, and implementation actions to
protect U.S. maritime interests and enhance U.S. national security and
homeland security.[Footnote 10]
The Maritime Security Working Group, working on behalf of the Maritime
Security Policy Coordination Committee, is currently responsible for
monitoring and assessing implementation of actions related to the
supporting plans. HSPD-13 required the Secretaries of Defense and
Homeland Security to lead a joint effort to draft a National Strategy
for Maritime Security. The strategy was issued in September 2005.
Additionally, HSPD-13 directed relevant federal departments and
agencies to develop eight supporting implementation plans to address
the specific threats and challenges in the maritime environment. These
supporting plans, the lead departments for their implementation, and
their completion dates are shown below.
* National Plan to Achieve Maritime Domain Awareness, DOD and DHS
(October 2005);
* Global Maritime Intelligence Integration Plan, DOD and DHS (July
2005);
* Maritime Operational Threat Response Plan, DOD and DHS (October
2006);
* International Outreach and Coordination Strategy, State (November
2005);
* Maritime Infrastructure Recovery Plan, DHS (April 2006);
* Maritime Transportation System Security Recommendations, DHS (October
2005);
* Maritime Commerce Security Plan, DHS (October 2005); and:
* Domestic Outreach Plan, DHS (October 2005).
Figure 1 depicts a DHS assessment of how maritime security legislation
and the National Strategy for Maritime Security's eight supporting
implementation plans relate to the stages of the international supply
chain. Also included is one other strategy--the Strategy to Enhance
International Supply Chain Security--that overlaps with some of the
supporting plans.[Footnote 11]
Figure 1: Stages of the International Supply Chain and Related Maritime
Security Legislation and HSPD-13 Plans:
[See PDF for image]
This figure contains several illustrations, as well as a table showing
the stages of the international supply chain and related Maritime
Security Legislation and HSPD-13 Plans, as follows:
Stage: Delivery to port for export (illustration of delivery truck);
Related legislation and plans: Global Maritime Intelligence Integration
Plan (Plans and strategies developed as a result of HSPD-13).
Stage: Delivery to port for export;
Related legislation and plans: Security and Accountability for Every
Port Act of 2006 (Related maritime security legislation).
Stage: Delivery to port for export;
Related legislation and plans: Strategy to Enhance International Supply
Chain Security (Comprehensive plan released by DHS).
Stage: Delivery to port for export;
Related legislation and plans: International Outreach and Coordination
Strategy (Plans and strategies developed as a result of HSPD-13).
Stage: Delivery to port for export;
Related legislation and plans: National Plan to Achieve Maritime Domain
Awareness (Plans and strategies developed as a result of HSPD-13).
Stage: Foreign port of origin (illustration of containers being loaded
onto a ship);
Related legislation and plans: Maritime Transportation Security Act of
2002 (Related maritime security legislation).
Stage: Shipment (illustration of ship);
Related legislation and plans: Maritime Operational Threat Response
Plan (Plans and strategies developed as a result of HSPD-13).
Stage: Shipment;
Related legislation and plans: Maritime Transportation System Security
Recommendations (Plans and strategies developed as a result of HSPD-
13).
Stage: Shipment;
Related legislation and plans: Maritime Commerce Security Plan (Plans
and strategies developed as a result of HSPD-13).
Stage: U.S. Port of Entry (illustration of cargo being unloaded from a
ship);
Related legislation and plans: Domestic Outreach Plan (Plans and
strategies developed as a result of HSPD-13).
Stage: U.S. Port of Entry;
Related legislation and plans: Maritime Infrastructure Recovery Plan
(Plans and strategies developed as a result of HSPD-13).
Source: GAO and ArtExplosions (art work); GAO, DHS (analysis).
Note: GAO modified a graphic contained in DHS's Strategy for
International Supply Chain Security to add clarification regarding the
stages of the international supply chain.
[End of figure]
Although numerous entities are responsible for security in the maritime
domain within the United States, the federal government has primary
responsibility and shares this role with numerous other stakeholders in
the state, local, and private sectors. For example, DHS--with its
component agency, the U.S. Coast Guard, acting as executive agent--has
the lead role in maritime homeland security; DOD leads efforts to
further integrate maritime intelligence and increase maritime domain
awareness; and State is responsible for taking steps to inform U.S.
missions abroad on maritime security initiatives and concerns, as
necessary. Also, the Departments of Commerce, Energy, and
Transportation, among others, have responsibilities for various aspects
of maritime security.
We have reported on performance in the maritime security mission,
particularly by DHS, for several years. In our 2007 review of DHS's
progress in management and mission areas, we reported that DHS had made
substantial progress in maritime security in that it had generally
achieved 17 out of 23 performance expectations.[Footnote 12]
Specifically, we reported that DHS had developed national and regional
plans for DHS's maritime security and response and a national plan for
recovery, and it had ensured the completion of vulnerability
assessments and security plans for port facilities and vessels. DHS had
also developed programs for collecting information on incoming ships
and was working with the private sector to improve and validate supply
chain security. Additionally, we reported that DHS (1) had improved
security efforts by establishing committees to share information with
local port stakeholders, (2) was taking actions to establish
interagency operations centers to monitor port activities, (3) was
developing port-level plans to prevent and respond to terrorist
attacks, (4) was testing such plans through exercises, and (5) was
assessing security at foreign seaports. We further reported that DHS
had strengthened the security of cargo containers through enhancements
to its system for identifying high-risk cargo and expanding
partnerships with other countries to screen containers before they are
shipped to the United States. However, we also reported that DHS faced
challenges in implementing certain maritime security responsibilities
including, for example, a program to control access to seaports' secure
areas and to screen incoming cargo for radiation.
In October 2007, we updated our findings when we testified on DHS's
overall maritime security efforts as they related to the Security and
Accountability For Every Port Act of 2006.[Footnote 13] We also
reported on other challenges faced by DHS in its cargo security
efforts, such as CBP's requirement to test and implement a new program
to screen 100 percent of all incoming containers overseas. As part of
our body of work on the performance of maritime security missions, we
have made recommendations to DHS including that it develop strategic
plans, better plan the use of its human capital, establish performance
measures, and otherwise improve program operations. DHS has generally
concurred with our recommendations and is making progress towards
implementing them. A list of related GAO products is included at the
end of this report.
The National Strategy for Maritime Security and Its Eight Supporting
Implementation Plans Address or Partially Address All of the Desirable
Characteristics of a National Strategy:
Of the six desirable characteristics of an effective national strategy
that GAO identified in 2004, the National Strategy for Maritime
Security and its eight supporting implementation plans together address
four and partially address two. The four characteristics that are
addressed include: (1) purpose, scope, and methodology; (2) problem
definition and risk assessment; (3) organizational roles,
responsibilities, and coordination; and (4) integration and
implementation. The two characteristics that are partially addressed
are: (1) goals, objectives, activities, and performance measures; and
(2) resources, investments, and risk management. Specifically, the
elements of these characteristics that are not addressed are those
concerning performance measures, and resources and investments. What
follows is our assessment of the National Strategy for Maritime
Security and its supporting plans as compared to the six desirable
characteristics of an effective national strategy. These
characteristics and the results of our assessment are shown in table 1.
[Footnote 14]
Table 1: Extent to Which the National Strategy for Maritime Security
and its Supporting Implementation Plans Address GAO's Desirable
Characteristics:
Desirable characteristic: Purpose, scope, and methodology;
Brief description of characteristic: Addresses why the strategy was
produced, the scope of its coverage, and the process by which it was
developed;
Assessment: Addresses.
Desirable characteristic: Problem definition and risk assessment;
Brief description of characteristic: Addresses the particular national
problems and threats the strategy is directed towards;
Assessment: Addresses.
Desirable characteristic: Organizational roles, responsibilities, and
coordination;
Brief description of characteristic: Addresses who will be implementing
the strategy, what their roles will be compared to others, and
mechanisms for them to coordinate their efforts;
Assessment: Addresses.
Desirable characteristic: Integration and implementation;
Brief description of characteristic: Addresses how a national strategy
relates to other strategies' goals, objectives, and activities, and to
subordinate levels of government and their plans to implement the
strategy;
Assessment: Addresses.
Desirable characteristic: Goals, objectives, activities, and
performance measures;
Brief description of characteristic: Addresses what the strategy is
trying to achieve, steps to achieve those results, as well as the
priorities, milestones, and performance measures to gauge results;
Assessment: Partially addresses (does not include performance
measures).
Desirable characteristic: Resources, investments, and risk management;
Brief description of characteristic: Addresses what the strategy will
cost, the sources and types of resources and investments needed, and
where resources and investments should be targeted by balancing risk
reductions and costs;
Assessment: Partially addresses (does not include information on the
sources and types of resources needed).
Source: GAO analysis.
Note: In prior work we also acknowledge that different strategies may
use different terms than we use to describe the same characteristic. A
strategy "addresses" a characteristic when it cites all elements of a
characteristic, even if it lacks specificity and thus could be improved
upon. A strategy "partially addresses" a characteristic when it cites
some, but not all, elements of a characteristic.
[End of table]
National Strategy and Implementation Plans Together Address Four of the
Desirable Characteristics of a National Strategy:
Our analysis shows that the National Strategy for Maritime Security and
its supporting implementation plans together address four of the
desirable characteristics of an effective national strategy. In
general, these characteristics communicate why a strategy was produced,
specify the threats that a strategy addresses, identify the
organizations responsible for implementing a strategy and how they will
coordinate their efforts, and tie a strategy to other strategies and
plans, and subordinate levels of government. The extent to which each
of these four desirable characteristics is addressed in the National
Strategy for Maritime Security and its supporting plans is discussed in
the following sections.
Purpose, Scope, and Methodology:
The purpose, scope, and methodology characteristic is addressed in the
National Strategy for Maritime Security and its eight supporting
implementation plans. Specifically, while the purpose and scope are
addressed in both the national strategy and the supporting plans, the
strategy alone does not describe the methodology used in its
development. However, five of the eight supporting plans do contain
information on the methodology for how the plans were developed, and
the Domestic Outreach Plan documents that eight working groups of
maritime security stakeholders developed the eight plans supporting the
national strategy--providing additional insight into the methodological
development of the plans. For example, the Maritime Security Policy
Coordination Committee is cited in the Maritime Domain Awareness and
Maritime Commerce Security plans as having the responsibility for
developing the supporting plans. This characteristic is important
because if a national strategy does not contain a complete description
of the purpose, scope, and methodology, this could reduce the
document's usefulness to the organizations responsible for implementing
the strategy, as well as organizations seeking to exercise oversight,
such as the Congress. Although the purpose and scope are described
generally in the national strategy, they are more specifically
described in the supporting plans. For example, the strategy states
that its purpose is "to better integrate and synchronize the existing
Department-level strategies and ensure their effective and efficient
implementation," while the Commerce Security Plan's purpose is to
"promote international supply chain security." The strategy's
introduction defines the scope of the maritime domain as well as the
scope of maritime security that the supporting plans are to address.
[Footnote 15] Supporting plans define the scope further. For example,
the scope for the Maritime Transportation Security System
Recommendations plan describes its scope as the systems that comprise
transportation security: component security, interface security,
information security, and network security.[Footnote 16]
Problem Definition and Risk Assessment:
The problem definition and risk assessment characteristic is addressed
in the strategy and is discussed with varying levels of detail in six
of the supporting plans. This characteristic identifies the particular
national problem and threats to which a strategy is directed. Without
necessarily prescribing a detailed solution, better problem definition
and risk assessment provide greater latitude to responsible parties to
develop innovative approaches that are tailored to the needs of
specific regions or sectors and can be implemented as a practical
matter given fiscal, human capital, and other limitations. The
introduction to the national strategy identifies the problem stating
that the oceans support commerce and are a source of food, resources,
and recreation for the United States, and that they also act as a
barrier and a conduit for threats to our nation. All of the supporting
plans with the exception of the Domestic Outreach Plan further define
the problem relative to their own purpose. For example, the problem
cited in the National Plan to Achieve Maritime Domain Awareness is that
"today's complex and ambiguous threats place an even greater premium on
knowledge and a shared understanding of the maritime domain."
In regard to risk assessment, one section of the national strategy
identifies five threats to maritime security and discusses them with
references to intelligence assessments and other national strategies.
[Footnote 17] For example, citing the National Security Strategy of the
United States, the National Strategy for Maritime Security states that
terrorists have indicated a strong desire to use weapons of mass
destruction which, when coupled with technology dispersion and the fact
that some nations are unable to account for their stockpiles of these
weapons or materials, increases the possibility that a terrorist attack
involving such weapons could occur. It also states that terrorists can
develop effective attack capabilities against maritime targets
relatively quickly. The International Outreach and Coordination
Strategy and the Plan to Achieve Maritime Domain Awareness also discuss
the threats to maritime security in a manner similar to the National
Strategy for Maritime Security. Other plans, such as those for Maritime
Commerce Security and the Maritime Transportation System Security,
mention threats more generally, citing, for example, the type of
threat--nuclear, chemical, biological--as in the commerce plan, or the
source of the threat--terrorism--as in the transportation system plan.
Organizational Roles, Responsibilities, and Coordination:
Collectively, the national strategy and its eight supporting
implementation plans address the organizational roles,
responsibilities, and coordination characteristic. Though the level of
specificity regarding roles, responsibilities, and coordination varies
in the national strategy, all of the supporting plans address this
characteristic with some detail. The inclusion of this characteristic
in a national strategy helps agencies and other stakeholders to
coordinate their efforts. It also helps clarify specific roles,
particularly where there is overlap, and thus can enhance both
implementation and accountability. Regarding organizational roles and
responsibilities, the national strategy indicates that the public and
private sectors share responsibility for the protection of critical
infrastructure and key resources, with DHS in the lead role. However,
the strategy does not identify the more specific roles of DHS
components such as Customs and Border Protection or the Coast Guard in
the protection of critical infrastructure or key assets. The supporting
plans, however, are more explicit about roles and responsibilities. For
example, specific agencies and components such as the Coast Guard and
CBP within DHS are identified in the National Plan to Achieve Maritime
Domain Awareness. In another case, while the national strategy
references the National Incident Management System and the National
Response Plan under the strategic objective to Minimize Damage and
Expedite Recovery, it does not identify which agency is to coordinate
and lead such a recovery.[Footnote 18] However, these roles and
responsibilities are discussed in greater detail in the Maritime
Infrastructure Recovery Plan. For example, it identifies the
capabilities or types of assets the Army Corps of Engineers and the
Department of Transportation will provide to aid in recovery.
Additionally, the National Plan to Achieve Maritime Domain Awareness
identifies the Maritime Security Policy Coordination Committee as
having overall coordination responsibility for that plan. Other plans
such as the Maritime Commerce Security Plan and Maritime Transportation
System Security Recommendations, respectively, cite coordination
responsibilities for specific recommendations or actions. For example,
the Maritime Commerce Security Plan directs DHS to coordinate with DOD
in the development of technology to secure containerized cargo, and the
Maritime Transportation Security System Recommendations plan directs
DHS to coordinate improvements to international maritime regulation.
Integration and Implementation:
The integration and implementation characteristic is addressed in the
national strategy and all but one of the supporting plans by noting,
for example, that the terrorist threats cited in the national strategy
are also considered in the National Security Strategy and the National
Strategy to Secure Cyberspace. This characteristic builds on the
aforementioned organizational roles and responsibilities--and thus can
further clarify the relationships between various implementing parties.
With regard to integration, the National Strategy for Maritime Security
states that it is guided by the goals of the National Security Strategy
and National Strategy for Homeland Security and draws upon other
national strategies to counter terrorism, protect critical
infrastructure, and combat weapons of mass destruction, among other
strategies. The supporting plans provide more details on the
integration characteristic by, for example, discussing how a particular
plan supports or is supported by another supporting plan. For example,
the Maritime Commerce Security Plan states that its development was
closely coordinated with that of the Maritime Infrastructure Recovery
Plan and the Maritime Transportation Security System Recommendations
plan. Furthermore, the Maritime Infrastructure Recovery Plan discusses
the integration of the plan with other national and local area maritime
security plans.
With regard to implementation, the National Strategy for Maritime
Security cites the eight supporting plans as the means to implement the
strategy and seven of the eight supporting plans provide amplifying
detail and specificity on implementation issues, often citing their own
implementation in terms of the implementation of other supporting
plans. Three plans also state how their implementation is related to
other plans. For example, the National Plan to Achieve Maritime Domain
Awareness states that its implementation directly supports, and is
supported by, the Global Maritime Intelligence Integration Plan and
that the Maritime Domain Awareness plan is an enabler of the Maritime
Operational Threat Response plan.
National Strategy and Implementation Plans Together Partially Address
the Remaining Two Desirable Characteristics of a National Strategy:
The strategy and supporting plans only partially address the remaining
two desirable characteristics: (1) goals, objectives, activities, and
performance measures; and (2) resources, investments, and risk
management. These characteristics are partially addressed because they
do not identify the performance measures needed to gauge the
implementation of the strategy and its supporting plans, and the
resources and investments needed to successfully implement and carry
out the strategy. These two characteristics are discussed below.
Goals, Objectives, Activities, and Performance Measures:
The goals, objectives, activities, and performance measures
characteristic is only partially addressed in the national strategy,
and the supporting plans also do not include information to address all
elements of this characteristic, such as performance measures to gauge
the progress made implementing the strategy and plans. This
characteristic provides for a clear identification of priorities,
milestones, and performance measures, without which implementing
parties may find it difficult to achieve results in specific time
frames. This also enables more effective oversight and accountability.
While the national strategy does not specifically use the term "goals"
in its description, it does provide a list of principles that serve as
the equivalent of goals and a hierarchy of objectives and subordinate
objectives. For example, the stated principles of the maritime security
strategy are to (1) preserve freedom of the seas, (2) facilitate and
defend commerce to ensure the uninterrupted flow of shipping, and (3)
facilitate the movement of desirable goods and people across our
borders while screening out dangerous people and material. The strategy
also outlines the steps for achieving these with subordinate objectives
such as to protect maritime-related population centers and critical
infrastructures.[Footnote 19] Furthermore, the strategy includes five
strategic actions--such as to embed security into commercial practices-
-intended to achieve further coordination of maritime security efforts.
[Footnote 20] Each of the supporting plans provides more focused goals
and objectives. For example, the goal of the Maritime Commerce Security
Plan is to improve the security of the maritime supply chain, and one
of the goals of the National Plan to Achieve Maritime Domain Awareness
is to enhance transparency in the maritime domain.
However, performance measures are lacking in both the national strategy
and all but one of the supporting plans. The only supporting plan that
mentions performance measures is the Maritime Commerce Security Plan
which lists potential or possible performance measures. For example,
the Maritime Commerce Security Plan states, "Customs and Border
Protection performs validations of the foreign security procedures of
Customs-Trade Partnership Against Terrorism participants. This could
act as a measure of effectiveness in implementing procedures to secure
cargo."[Footnote 21] Additionally, in our previous work, we have
reported that performance measures are in place for some individual
maritime security programs. For example, we reported that CBP has
established performance metrics for its Automated Targeting System and
uses performance measures to gauge the effectiveness of its Container
Security Initiative program.[Footnote 22] We have also made
recommendations for the development of performance measures for other
maritime security programs, such as emergency response
capabilities.[Footnote 23] DHS generally concurred with these
recommendations and is working to implement them.
Resources, Investments, and Risk Management:
The resources, investments, and risk management characteristic is also
only partially addressed in the national strategy and supporting
implementation plans because not all of the elements of this
characteristic are addressed. Specifically, while the strategic actions
of the maritime security strategy discussed earlier in this report
constitute an approach to minimize risk and invest resources to achieve
maritime security, the strategy lacks information on resource
requirements. Six of the eight supporting plans also discuss risk
management; for example, there is a distinct recommendation to
incorporate risk management in maritime security in the Maritime
Transportation Security System Recommendations plan. However, the
supporting plans, like the national strategy, mostly lack information
on the sources and types of resources needed.
The national strategy addresses investments and risk management in a
general way. For example, the strategic action to "Embed Security into
Commercial Practices" discusses the need to conduct vulnerability
assessments to identify defenses that require improvement and
procedures that are used to identify terrorist threats in cargo
containers, but the strategy does not contain an investment strategy
for implementing this strategic action nor does it determine how costs
will be borne among the involved parties. With the exception of the
National Plan to Achieve Maritime Domain Awareness, none of the other
seven supporting plans address the resources issue and three do not
address investments. In a November 2007 briefing regarding the status
of the implementation of the national plan, the working group
identified resources and investments as challenges in implementing the
strategy. This briefing also included recommendations to address the
resource issue. For example, it suggested that the Maritime Security
Policy Coordination Committee evaluate the feasibility of developing an
interagency priorities and investment strategy. Without guidance on
resources, investments, and risk management, implementing parties may
find it difficult to allocate resources and investments according to
priorities and constraints, track costs and performance, and shift
investments and resources as appropriate. Although this information was
not included in the strategy or its supporting plans, DHS's latest
Future Years Homeland Security Program (FYHSP), a 5-year resource plan
to support the mission, priorities, and goals of the department within
projected funding, provides some details on how much DHS expects to
spend to implement its maritime security responsibilities. Within the
goal to protect our nation from dangerous people and goods, the FYHSP
discusses several maritime security programs that are part of the
National Strategy for Maritime Security or it supporting plans. Among
these are the Container Security Initiative to screen cargo containers
for weapons before the cargo is shipped to the United States, the C-
TPAT program which works with the private sector to improve the
security standards for supply chain and container security, and
research into the development of technology to improve container
security.
Maritime Security Working Group Reports that the Implementation of
Supporting Plans Varies:
Documents provided to us by the Maritime Security Working Group
indicate that the implementation of the supporting plans varies and the
working group reported one plan had been completed, another has reached
the assessment phase, a third has reached the execution phase, and the
other five plans remain primarily in the planning phase.[Footnote 24]
The working group identified 76 actions across the various supporting
plans and has monitored the implementation status of these actions.
[Footnote 25] The working group reported that, as of November 2007, six
of these actions were completed and 70 were ongoing. The types of
actions it monitored included issuing guidance, developing plans and
coordination procedures, assigning personnel and forming working
groups, as well as technology development and partnering with the
private sector.
The process by which the working group monitors the implementation of
the actions associated with the supporting plans is demonstrated in
figure 2. According to the working group co-chair, the working group
identified a list of actions to be carried out to implement the
supporting plans. The working group then provided this list to the
departments which in turn delegated further actions to their components
(right side of the figure). The status of these actions was
communicated back to the working group and up to the committee through
the departments (left side of the figure). A DHS official who is a
working group member said that sometimes components communicate
directly to the working group.
Figure 2: Structure of the Policy and Implementation Bodies Responsible
for Coordination of the National Strategy for Maritime Security:
[See PDF for image]
This figure is an illustration of the structure of the policy and
implementation bodies responsible for coordination of the National
Strategy for Maritime Security. The structure is as follows:
* National Security Council; Homeland Security Council (policy);
* Maritime Security Policy Coordinating Committee (policy);
* Maritime Security Working Group (implementation);
* Departments (implementation);
* Department components (implementation).
Status of actions is reported from the department components upward to
the Maritime Security Policy Coordinating Committee. Further actions
are delegated from the Maritime Security Policy Coordinating Committee
downward.
Source: GAO analysis.
[End of figure]
Table 2 contains a brief description of each implementation plan and
examples of actions the working group is monitoring as reported by the
working group in November 2007. The working group has also reported on
whether each plan was in the guidance, planning, execution, or
assessment and evaluation phase. Overall, the working group reported
that the National Plan to Achieve Maritime Domain Awareness has reached
the execution phase, which includes training exercises and operations;
the Maritime Operational Threat Response Plan has reached the
assessment phase, where lessons learned are assessed and best practices
are developed; and implementation of the Domestic Outreach Plan has
been completed. The other five plans remain primarily in the planning
phase where strategic planning, requirements and capabilities,
operational, and tactical planning occur.[Footnote 26] For example,
actions that the working group is monitoring for the Maritime
Infrastructure Recovery Plan--which the working group reports is in the
planning phase--include the assignment of risk management personnel,
the incorporation of recovery management procedures, and the
identification of private sector subject matter experts essential to
recovery execution.
Table 2: Summary and Status of National Strategy for Maritime Security
Supporting Implementation Plans (Lead Department) as Reported by the
Maritime Security Working Group in November 2007:
Supporting plan (Lead departments): National Plan to Achieve Maritime
Domain Awareness (DOD and DHS);
Description of plan: Provides an approach for improving information
collection and sharing in the maritime domain to identify threats as
early and as distant from our shores as possible;
Implementation status and examples of actions monitored: Execution
phase; The working group is monitoring eight actions--including
guidance and planning efforts such as creation of work groups,
prioritization of actions, and review of current capabilities--as well
as the execution of recommendations.
Supporting plan (Lead departments): Global Maritime Intelligence
Integration Plan (DOD and DHS);
Description of plan: Uses existing capabilities to integrate
intelligence regarding potential threats to U.S. interests in the
maritime domain;
Implementation status and examples of actions monitored: Planning
phase; The working group is monitoring nine actions, including planning
efforts such as selecting senior staff and the physical location for
operations, among other activities. They are also assessing
capabilities and establishing plans, programs, and staff; developing
coordination procedures; and training plans.
Supporting plan (Lead departments): Maritime Operational Threat
Response Plan; (DOD and DHS);
Description of plan: Establishes roles and responsibilities to enable a
quick and decisive coordinated U.S. response to threats against the
United States. and its interests in the maritime domain;
Implementation status and examples of actions monitored: Assessment
phase; The working group is monitoring 12 actions, including developing
operational plans for fulfilling roles and responsibilities and
planning efforts such as developing a concept of operations and
coordination procedures. They are also developing offshore search
procedures, response training, and additional detection capabilities in
the maritime environment.
Supporting plan (Lead departments): International Outreach and
Coordination Strategy (State);
Description of plan: Provides a framework to coordinate maritime
security initiatives undertaken with foreign governments and
international organizations, and solicits international support for
enhanced maritime security;
Implementation status and examples of actions monitored: Planning
phase; The working group is monitoring seven actions, including
planning efforts such as establishing a unified U.S. position on
maritime security programs and initiatives and promoting maritime
security as a key U.S. priority in international forums.
Supporting plan (Lead departments): Maritime Infrastructure Recovery
Plan (DHS);
Description of plan: Recommends procedures and standards for the
recovery of the maritime infrastructure following attack or similar
disruption;
Implementation status and examples of actions monitored: Planning
phase; The working group is monitoring eight actions, including
guidance and planning efforts such as assigning risk management
personnel to support response and recovery operations, incorporating
recovery management procedures into port security plans, identifying
private sector subject matter experts essential to recovery execution,
and determining the cargo-handling capacity of domestic seaports.
Supporting plan (Lead departments): Maritime Transportation System
Security Recommendations (DHS);
Description of plan: Recommends improvements to the national and
international regulatory framework regarding the maritime domain;
Implementation status and examples of actions monitored: Planning
phase; The working group is monitoring eight actions, including the
establishment of multiple committees made up of maritime stakeholders,
the development and application of risk assessment methodologies, and
the engagement of maritime stakeholders in collaborative efforts to
reduce security risks. They are also monitoring technology development
to address gaps in maritime security, data management plans for
information sharing, and maritime transportation system security
training.
Supporting plan (Lead departments): Maritime Commerce Security Plan
(DHS);
Description of plan: Establishes a comprehensive plan to secure the
maritime supply chain;
Implementation status and examples of actions monitored: Planning
phase; The working group is monitoring 24 actions, including protocols
to improve information sharing for maritime security, the development
of a plan to detect nuclear and radiological materials in foreign
seaports, the review of noncontainerized cargo operations, the
continued development and promotion of international supply chain
security standards with international partners, and continued
partnership with the private sector.
Supporting plan (Lead departments): Domestic Outreach Plan (DHS);
Description of plan: Engages nonfederal input to assist with the
development and implementation of maritime security policies;
Implementation status and examples of actions monitored: Completed;
Outreach efforts completed and documented with the issuance of the
National Strategy for Maritime Security and the supporting plans.
Source: GAO presentation of data provided by the Maritime Security
Working Group.
[End of table]
Though we did not verify the accuracy of what the working group
reported regarding the status of the 76 actions it had been monitoring,
in August 2007 we reported that DHS had made substantial progress with
regard to maritime security.[Footnote 27] We reported that DHS had
generally achieved 17 out of 23 performance expectations. Specifically,
we reported that DHS had generally achieved many planning goals, but
had not achieved performance expectations related to the development of
technology. For example, we reported that DHS had not developed a long-
range vessel tracking system to provide more information on vessels
approaching or already in U.S. waters. We have ongoing work reviewing
the progress the Coast Guard has made in implementing its vessel
tracking system.
In its November 2007 briefing to Maritime Security Policy Coordination
Committee, the working group cited three challenges to implementing the
National Strategy for Maritime Security and its supporting plans: (1)
the need to align the implementing actions in overlapping national
strategies, (2) the lack of dedicated interagency resources to
effectively coordinate actions in supporting plans, and (3) the
differences in the prioritization of actions by responsible components
and agencies. The working group briefing also included recommendations
to the Maritime Security Policy Coordination Committee to address these
challenges. For example, to address the first challenge, it recommended
an analysis of uncoordinated strategies with maritime components to
identify gap-closing strategies. In response to the second challenge,
the working group recommended that additional analysis of the maritime
security strategy's implementation and coordination be conducted. The
working group also identified the need to prioritize task
recommendations and develop an implementation plan which integrates
tasks into the individual plans. The working group suggested addressing
the third obstacle by evaluating the feasibility of developing
interagency priorities or an investment strategy for efforts that are
mutually supportive of implementing the National Strategy for Maritime
Security. According to the working group briefing, this would require
the incorporation of a standardized mechanism for future updates and
the need to ensure that the strategy's oversight roles and
responsibilities are clarified, understood, and embraced by all
parties.
Agency Comments:
We provided a draft of this report to the Departments of Defense,
Homeland Security, and State for comment. The departments had no
official comments on the draft, but provided technical comments which
we incorporated as appropriate.
We are sending copies of this report to interested congressional
committees and subcommittees. We will make copies available upon
request. In addition, this report will be available at no cost on the
GAO Web site at [hyperlink, http://www.gao.gov].
If you or your staffs have any questions about this report or wish to
discuss the matter further, please contact me at (202) 512-9610 or
caldwells@gao.gov. Contact points for our Offices of Congressional
Relations and Public Affairs may be found on the last page of this
report. Key contributors to this report are listed in appendix II.
Signed by:
Stephen L. Caldwell, Director:
Homeland Security and Justice Issues:
[End of section]
Appendix I: Objectives, Scope and Methodology:
Our first objective was to assess the extent to which the National
Strategy for Maritime Security and its supporting implementation plans
contain the elements identified as desirable characteristics of an
effective national strategy. To answer this question, we first analyzed
the National Strategy for Maritime Security and determined whether it
contains the desirable characteristics for an effective national
strategy that we identified in February 2004.[Footnote 28] We also
analyzed the unclassified versions of the strategy's eight supporting
implementation plans to determine if they provided evidence of the
characteristics contained within or missing from the national strategy.
If a characteristic or an element of a characteristic was missing from
the national strategy, our methodology required that the characteristic
or element be present in at least five of the supporting plans for the
characteristic to be considered "addressed." An assessment of
"partially addressed" meant that the characteristic or element was
present in at least one of the supporting plans. In our past work, we
did not assess supporting plans as part of our evaluation of the
national strategies. However, we believe it is proper to include the
eight supporting plans in our analysis of the National Strategy for
Maritime Security because Homeland Security Presidential Directive-13
(HSPD-13) directed that this strategy and its supporting plans be
produced together. Two analysts independently reviewed the strategy and
each of the supporting plans to determine whether the National Strategy
for Maritime Security addressed each of the characteristics of an
effective national strategy. Any differences between each analyst's
determinations were resolved through discussion and a comparison of
evidence.
Our second objective was to determine the reported status of the
implementation of these plans. To describe the reported status of the
implementation actions, we reviewed spreadsheets and briefing charts
detailing the actions taken to implement the supporting plans that were
obtained from representatives of DHS, DOD, and State who, in turn, had
received them from the Maritime Security Working Group. We also
conducted interviews with officials representing lead implementation
agencies including DHS, DOD, and State, and the co-chair of the
Maritime Security Working Group. These officials provided us with the
same information on the actions taken to implement the supporting plans
that we had received from the Maritime Security Working Group. We did
not independently evaluate any of the actions reported for the
implementation of these plans; however, we have published numerous
reports regarding selected maritime security programs and initiatives
that are included in the National Strategy for Maritime Security and
its supporting plans. A list of related GAO products is included at the
end of this report.
We conducted this performance audit from July 2007 to June 2008 in
accordance with generally accepted government auditing standards. Those
standards require that we plan and perform the audit to obtain
sufficient, appropriate evidence to provide a reasonable basis for our
findings and conclusions based on our audit objectives. We believe that
the evidence obtained provides a reasonable basis for our findings and
conclusions based on our audit objectives.
[End of section]
Appendix II: GAO Contacts and Staff Acknowledgments:
GAO Contact:
Stephen Caldwell (202) 512-9610 or caldwells@gao.gov:
Acknowledgments:
The report was prepared under the direction of Dawn Hoff, Assistant
Director. Other individuals making key contributions to this report
include Pille Anvelt, Nancy Briggs, Steve Calvo, Tony DeFrank, Wayne
Ekblad, Geoff Hamilton, Stan Kostyla, April Thompson, and Adam Vogt.
[End of section]
Related GAO Products:
Supply Chain Security: Challenges to Scanning 100 Percent of U.S. Bound
Cargo Containers. [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-08-
533T]. Washington, D.C.: June 12, 2008.
Supply Chain Security: U.S. Customs and Border Protection Has Enhanced
Its Partnership with Import Trade Sectors, but Challenges Remain in
Verifying Security Practices. [hyperlink, http://www.gao.gov/cgi-
bin/getrpt?GAO-08-240]. Washington, D.C.: Apr. 25, 2008.
Coast Guard: Observations on the Fiscal Year 2009 Budget, Recent
Performance, and Related Challenges. [hyperlink, http://www.gao.gov/cgi-
bin/getrpt?GAO-08-494T]. Washington, D.C.: Mar. 6, 2008.
Maritime Security: Coast Guard Inspections Identify and Correct
Facility Deficiencies, but More Analysis Needed of Program's Staffing,
Practices and Data. [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-
08-12]. Washington, D.C.: Feb. 14, 2008.
Supply Chain Security: Examination of High-Risk Cargo at Foreign
Seaports Have Increased, but Improved Data Collection and Performance
Measures Are Needed. [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-
08-187]. Washington, D.C.: Jan. 25, 2008.
Maritime Security: Federal Efforts Needed to Address Challenges in
Preventing and Responding to Terrorist Attacks on Energy Commodity
Tankers. [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-08-141].
Washington, D.C.: Dec. 10, 2007.
Transportation Security: TSA Has Made Progress in Implementing the
Transportation Worker Identification Credential Program, but Challenges
Remain. [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-08-133T].
Washington, D.C.: Oct. 31, 2007.
Maritime Security: The SAFE Port Act: Status and Implementation One
Year Later. [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-08-126T].
Washington, D.C.: Oct. 30, 2007.
Department of Homeland Security: Progress Report on Implementation of
Mission and Management Functions. [hyperlink, http://www.gao.gov/cgi-
bin/getrpt?GAO-07-454]. Washington, D.C.: Aug. 17, 2007.
Information on Port Security in the Caribbean Basin. [hyperlink,
http://www.gao.gov/cgi-bin/getrpt?GAO-07-804R]. Washington, D.C.: June
29, 2007.
Homeland Security: Observations on DHS and FEMA Efforts to Prepare for
and Respond to Major and Catastrophic Disasters and Address Related
Recommendations and Legislation. [hyperlink, http://www.gao.gov/cgi-
bin/getrpt?GAO-07-835T]. Washington, D.C.: May 15, 2007.
Homeland Security: Management and Programmatic Challenges Facing the
Department of Homeland Security. [hyperlink, http://www.gao.gov/cgi-
bin/getrpt?GAO-07-833T]. Washington, D.C.: May 10, 2007.
Maritime Security: Observations on Selected Aspects of the SAFE Port
Act. [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-754T].
Washington, D.C.: Apr. 26, 2007.
International Trade: Persistent Weaknesses in the In-Bond Cargo System
Impede Customs and Border Protection's Ability to Address Revenue,
Trade, and Security Concerns. [hyperlink, http://www.gao.gov/cgi-
bin/getrpt?GAO-07-561]. Washington, D.C.: Apr. 17, 2007.
Port Risk Management: Additional Federal Guidance Would Aid Ports in
Disaster Planning and Recovery. [hyperlink, http://www.gao.gov/cgi-
bin/getrpt?GAO-07-412]. Washington, D.C.: Mar. 28, 2007.
Maritime Security: Public Safety Consequences of a Terrorist Attack on
a Tanker Carrying Liquefied Natural Gas Need Clarification. [hyperlink,
http://www.gao.gov/cgi-bin/getrpt?GAO-07-316]. Washington, D.C.: Feb.
23, 2007.
Maritime Security: Information Sharing Efforts Are Improving.
[hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-06-933T]. Washington,
D.C.: July 10, 2006.
Cargo Container Inspections: Preliminary Observations on the Status of
Efforts to Improve the Automated Targeting System. [hyperlink,
http://www.gao.gov/cgi-bin/getrpt?GAO-06-591T]. Washington, D.C.: Mar.
30, 2006.
Combating Nuclear Smuggling: DHS Has Made Progress Deploying Radiation
Detection Equipment at U.S. Ports-of-Entry, but Concerns Remain.
[hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-06-389]. Washington,
D.C.: Mar. 22, 2006.
Risk Management: Further Refinements Needed to Assess Risks and
Prioritize Protective Measures at Ports and Other Critical
Infrastructure. [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-06-
91]. Washington, D.C.: Dec. 15, 2005.
Homeland Security: Key Cargo Security Programs Can Be Improved.
[hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-05-466T]. Washington,
D.C.: May 26, 2005.
Maritime Security: Enhancements Made, but Implementation and
Sustainability Remain Key Challenges. [hyperlink,
http://www.gao.gov/cgi-bin/getrpt?GAO-05-448T]. Washington, D.C.: May
17, 2005.
Container Security: A Flexible Staffing Model and Minimum Equipment
Requirements Would Improve Overseas Targeting and Inspection Efforts.
[hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-05-557]. Washington,
D.C.: Apr. 26, 2005.
Maritime Security: New Structures Have Improved Information Sharing,
but Security Clearance Processing Requires Further Attention.
[hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-05-394]. Washington,
D.C.: Apr. 15, 2005.
Preventing Nuclear Smuggling: DOE Has Made Limited Progress in
Installing Radiation Detection Equipment at Highest Priority Foreign
Seaports. [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-05-375].
Washington, D.C.: Mar. 31, 2005.
Cargo Security: Partnership Program Grants Importers Reduced Scrutiny
with Limited Assurance of Improved Security. [hyperlink,
http://www.gao.gov/cgi-bin/getrpt?GAO-05-404]. Washington, D.C.: Mar.
11, 2005.
Homeland Security: Agency Plans, Implementation, and Challenges
Regarding the National Strategy for Homeland Security. [hyperlink,
http://www.gao.gov/cgi-bin/getrpt?GAO-05-33]. Washington, D.C.: Jan.
14, 2005.
Homeland Security: Process for Reporting Lessons Learned from Seaport
Exercises Needs Further Attention. [hyperlink, http://www.gao.gov/cgi-
bin/getrpt?GAO-05-170]. Washington, D.C.: Jan.14, 2005.
Port Security: Better Planning Needed to Develop and Operate Maritime
Worker Identification Card Program. [hyperlink, http://www.gao.gov/cgi-
bin/getrpt?GAO-05-106]. Washington, D.C.: Dec. 10, 2004.
Maritime Security: Better Planning Needed to Help Ensure an Effective
Port Security Assessment Program. [hyperlink, http://www.gao.gov/cgi-
bin/getrpt?GAO-04-1062]. Washington, D.C.: Sep. 30, 2004.
Maritime Security: Partnering Could Reduce Federal Costs and Facilitate
Implementation of Automatic Vessel Identification System. [hyperlink,
http://www.gao.gov/cgi-bin/getrpt?GAO-04-868]. Washington, D.C.: July
23, 2004.
Maritime Security: Substantial Work Remains to Translate New Planning
Requirements into Effective Port Security. [hyperlink,
http://www.gao.gov/cgi-bin/getrpt?GAO-04-838]. Washington, D.C.: June
30, 2004.
Homeland Security: Summary of Challenges Faced in Targeting Oceangoing
Cargo Containers for Inspection. [hyperlink, http://www.gao.gov/cgi-
bin/getrpt?GAO-04-557T]. Washington, D.C.: Mar. 31, 2004.
Homeland Security: Preliminary Observations on Efforts to Target
Security Inspections of Cargo Containers. [hyperlink,
http://www.gao.gov/cgi-bin/getrpt?GAO-04-325T]. Washington, D.C.: Dec.
16, 2003.
Maritime Security: Progress Made in Implementing Maritime
Transportation Security Act, but Concerns Remain. [hyperlink,
http://www.gao.gov/cgi-bin/getrpt?GAO-03-1155T]. Washington, D.C.: Sep.
9, 2003.
Homeland Security: Efforts to Improve Information Sharing Need to Be
Strengthened. [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-03-
760]. Washington, D.C.: Aug. 27, 2003.
Homeland Security: Challenges Facing the Department of Homeland
Security in Balancing Its Border Security and Trade Facilitation
Missions. [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-03-902T].
Washington, D.C.: June 16, 2003.
[End of section]
Footnotes:
[1] In Homeland Security Presidential Directive-13, Maritime Domain is
defined as all areas and things of, on, under, relating to, adjacent
to, or bordering on a sea, ocean, or other navigable waterway,
including all maritime-related activities, infrastructure, people,
cargo, and vessels and other conveyances. HSPD-13 is also known as
National Security Presidential Directive 41. Hereafter in this report
we will refer only to HSPD-13.
[2] A supply chain is defined as the flow of goods from manufacturers
to retailers.
[3] The National Security Council is the President's principal forum
for considering national security and foreign policy matters with his
senior national security advisors and cabinet officials. The Council
also serves as the President's principal arm for coordinating these
policies among the various government agencies. The Homeland Security
Council is the organization the President uses to ensure coordination
of all homeland security-related activities among executive departments
and agencies and to promote the effective development and
implementation of all homeland security policies.
[4] These characteristics were developed after our research found that
there were no legislative or executive mandates identifying a uniform
set of required or desirable characteristics for national strategies.
For a more detailed discussion, see Combating Terrorism: Evaluation of
Selected Characteristics in National Strategies Related to Terrorism,
[hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-04-408T] (Washington,
D.C: Feb. 3, 2004).
[5] The seven national strategies are: (1) National Security Strategy
of the United States, (2) National Strategy for Homeland Security, (3)
National Strategy for Combating Terrorism, (4) National Strategy to
Combat Weapons of Mass Destruction, (5) National Strategy for Physical
Protection of Critical Infrastructure and Key Assets, (6) National
Strategy to Secure Cyberspace, and (7) 2002 Money Laundering Strategy.
[6] We only reviewed the unclassified versions of the supporting
implementation plans.
[7] The Maritime Security Working Group defines the four phases as (1)
guidance (e.g., policy, strategy, doctrine, and planning); (2) planning
(e.g., strategic planning, requirements and capabilities, operational,
and tactical planning); (3) execution (e.g., exercises and operations);
and (4) assessment and evaluation (e.g., lessons learned and best
practices). These phases progress from the first to the fourth.
[8] Maritime Transportation Security Act of 2002 (MTSA), Pub. L. No.
107-295, 116 Stat. 2064 (2002) and the Security and Accountability For
Every Port Act of 2006 (SAFE Port Act), Pub. L. No. 109-347, 120 Stat.
1884 (2006).
[9] The Maritime Security Policy Coordination Committee was directed
to, among other things, (1) review existing interagency practices,
coordination, and execution of U.S. maritime security policies and
strategies; (2) recommend specific improvements to all of them as
warranted; and (3) provide analysis of new maritime security policies,
strategies, and initiatives for consideration by the National Security
Council and Homeland Security Council, as well as ensure ongoing
coordination and implementation of maritime security policies,
strategies, and initiatives, all of which are outside the scope of this
inquiry.
[10] HSPD-13 directed that the strategy include all of the domestic,
international, public, and private components of the Maritime Domain;
that it further incorporate a global, layered security framework that
may be adjusted based on the threat level; that it build on and
complement current efforts and those initiated by this directive; and
that all relevant federal agencies and departments cooperate and
provide appropriate assistance.
[11] The SAFE Port Act, among other things, required the Secretary of
Homeland Security to develop a strategic plan to enhance the security
of the international supply chain. Completed in July 2007, this
Strategy to Enhance International Supply Chain Security establishes a
framework for the secure flow of cargo through the supply chain by
building on existing national strategies and programs, as well as
protocols and guidance for resumption of trade following a
transportation disruption or transportation security incident. The
international supply chain, as defined in the strategy, is the end-to-
end process for shipping goods to or from the United States beginning
at the point of origin (including manufacturer, supplier, or vendor)
through a point of distribution to the destination.
[12] GAO, Department of Homeland Security: Progress Report on
Implementation of Mission and Management Functions, [hyperlink,
http://www.gao.gov/cgi-bin/getrpt?GAO-07-454] (Washington, D.C.: Aug.
17, 2007). Performance expectations are a composite of the
responsibilities or functions--derived from legislation, homeland
security presidential directives and executive orders, DHS planning
documents, and other sources--that the department is to achieve or
satisfy in implementing efforts in its mission and management areas.
[13] GAO, Maritime Security: The SAFE Port Act: Status and
Implementation One Year Later, [hyperlink, http://www.gao.gov/cgi-
bin/getrpt?GAO-08-126T] (Washington, D.C.: Oct. 30, 2007).
[14] See [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-04-408T].
This performance compares favorably to other national strategies--
including the National Security Strategy, National Strategy for the
Physical Protection of Critical Infrastructure and Key Assets, and 2002
National Money Laundering Strategy--evaluated against these criteria in
this prior GAO work.
[15] In addition to the definition of maritime domain contained in
footnote 1, the maritime domain for the United States also includes the
Great Lakes and all navigable inland waterways such as the Mississippi
River and the Intra-Coastal Waterway.
[16] These systems are defined as follows: component security refers to
maritime vessels, vehicles, infrastructure, and cargo; interface
security concerns the points where these components interface;
information security concerns the maritime data systems; and network
security concerns the broad systems like the domestic distribution
system or the international supply chain that impact maritime security.
[17] The National Strategy for Maritime Security discusses a variety of
threats to maritime security including nation-state threats, terrorist
threats, transnational criminal and piracy threats, environmental
destruction, and illegal seaborne immigration.
[18] The National Response Plan was superseded by the National Response
Framework in January 2008. The framework presents the guiding
principles that enable all response partners to prepare for and provide
a unified national response to disasters and emergencies--from the
smallest incident to the largest catastrophe. The Framework establishes
a comprehensive, national, all-hazards approach to domestic incident
response.
[19] The National Strategy for Maritime Security identifies four
objectives following these principles: (1) prevent terrorist attacks
and criminal or hostile acts, (2) protect maritime-related population
centers and critical infrastructure, (3) minimize damage and expedite
recovery, and (4) safeguard the ocean and its resources.
[20] According to the national strategy, the following five strategic
actions are intended to enhance the achievement of the objectives of
this plan: (1) enhance international cooperation, (2) maximize domain
awareness, (3) embed security into commercial practices, (4) deploy
layered security, and (5) assure continuity of the marine
transportation system. These actions are the objectives of five of the
supporting plans: International Outreach and Coordination Strategy,
Maritime Domain Awareness, Maritime Commerce Security, Maritime
Transportation Security System, and the Maritime Infrastructure
Recovery Plan.
[21] The Customs-Trade Partnership Against Terrorism (C-TPAT) is a
voluntary program that enables CBP officials to work in partnership
with private companies to review the security of their international
supply chain and improve the security of their shipments to the United
States. In return for committing to improving the security of their
shipments by joining the program, C-TPAT members receive benefits that
result in the likelihood of reduced scrutiny of their shipments, such
as reduced number of inspections or shorter wait times for their
shipments.
[22] See GAO, Maritime Security: The SAFE Port Act: Status and
Implementation One Year Later. [hyperlink, http://www.gao.gov/cgi-
bin/getrpt?GAO-08-126T] (Washington, D.C.: Oct. 30, 2007) and Supply
Chain Security: Examinations of High-Risk Cargo at Foreign Seaports
Have Increased, but Improved Data Collection and Performance Measures
Are Needed, [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-08-187]
(Washington, D.C.: Jan. 25, 2008).
[23] GAO, Maritime Security: Federal Efforts Needed to Address
Challenges in Preventing and Responding to Terrorist Attacks on Energy
Commodity Tankers [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-08-
141] (Washington, D.C.: Dec. 10, 2007).
[24] This group, working on behalf of the Maritime Security Policy
Coordination Committee, is currently responsible for monitoring and
assessing implementation of actions related to the supporting plans.
[25] Additional roles of the Maritime Security Working Group involve
coordinating national maritime policies, serving as a working body to
respond to questions from the Maritime Security Policy Coordination
Committee, and developing recommendations for consideration by the
committee.
[26] The Maritime Security Working Group provided us a copy of a
November 2007 briefing that contains the status of efforts to implement
the supporting plans, a summary of key accomplishments, and the
challenges faced. The working group also provided a spreadsheet it uses
to track 76 actions that relate to these plans--which is discussed only
in general terms because it is a For Official Use Only document.
[27] See [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-454].
[28] For detailed information on how we developed the characteristics
that we consider to be desirable for a national strategy and how we
used them to evaluate the national strategies related to combating
terrorism and homeland security, please see Appendix I of GAO-04-408T.
[End of section]
GAO's Mission:
The Government Accountability Office, the audit, evaluation and
investigative arm of Congress, exists to support Congress in meeting
its constitutional responsibilities and to help improve the performance
and accountability of the federal government for the American people.
GAO examines the use of public funds; evaluates federal programs and
policies; and provides analyses, recommendations, and other assistance
to help Congress make informed oversight, policy, and funding
decisions. GAO's commitment to good government is reflected in its core
values of accountability, integrity, and reliability.
Obtaining Copies of GAO Reports and Testimony:
The fastest and easiest way to obtain copies of GAO documents at no
cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each
weekday, GAO posts newly released reports, testimony, and
correspondence on its Web site. To have GAO e-mail you a list of newly
posted products every afternoon, go to [hyperlink, http://www.gao.gov]
and select "E-mail Updates."
Order by Mail or Phone:
The first copy of each printed report is free. Additional copies are $2
each. A check or money order should be made out to the Superintendent
of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or
more copies mailed to a single address are discounted 25 percent.
Orders should be sent to:
U.S. Government Accountability Office:
441 G Street NW, Room LM:
Washington, D.C. 20548:
To order by Phone:
Voice: (202) 512-6000:
TDD: (202) 512-2537:
Fax: (202) 512-6061:
To Report Fraud, Waste, and Abuse in Federal Programs:
Contact:
Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]:
E-mail: fraudnet@gao.gov:
Automated answering system: (800) 424-5454 or (202) 512-7470:
Congressional Relations:
Ralph Dawn, Managing Director, dawnr@gao.gov:
(202) 512-4400:
U.S. Government Accountability Office:
441 G Street NW, Room 7125:
Washington, D.C. 20548:
Public Affairs:
Chuck Young, Managing Director, youngc1@gao.gov:
(202) 512-4800:
U.S. Government Accountability Office:
441 G Street NW, Room 7149:
Washington, D.C. 20548:
