oversight

Aviation Security: Efforts to Measure Effectiveness and Strengthen Security Programs

Published by the Government Accountability Office on 2003-11-20.

Below is a raw (and likely hideous) rendition of the original report. (PDF)

                              United States General Accounting Office

GAO                           Testimony
                              Before the Committee on Government
                              Reform, House of Representatives


For Release on Delivery
Expected at 10:00 a.m. EST
Thursday, November 20, 2003   AVIATION SECURITY
                              Efforts to Measure
                              Effectiveness and
                              Strengthen Security
                              Programs
                              Statement of Cathleen A. Berrick, Director,
                              Homeland Security and Justice




GAO-04-285T
                                                November 2003


                                                AVIATION SECURITY

                                                Efforts to Measure Effectiveness and
Highlights of GAO-04-285T, a report to the      Strengthen Security Programs
Committee on Government Reform,
House of Representatives




Commercial aviation has been a                  TSA has implemented numerous initiatives designed to enhance aviation
long-standing target for terrorists.            security, but has collected limited information on the effectiveness of these
Since the tragic attacts of                     initiatives in protecting commercial aircraft. Our recent work on passenger
September 11, 2001, substantial                 screening found that little testing or other data exist that measure the
changes have been made to                       performance of screeners in detecting threat objects. However, TSA is taking
enhance security—including the
creation of the Transportation
                                                steps to collect additional data, including developing a 5-year performance
Security Administration (TSA) and               plan detailing numerous performance measures, as well as fielding the
the federalization of the passenger             Threat Image Projection system and increasing screener testing.
screener workforce. However,
despite these changes,                          In addition to collecting performance data, TSA could further strengthen
vulnerabilities in aviation security            passenger screening by fully deploying recurrent and supervisory training
continue to exist. Accordingly,                 programs, determining the appropriate levels of screeners at the nation’s
GAO was asked to describe TSA’s                 airports, and improving oversight of the contract screener pilot program.
efforts to (1) measure the                      Although TSA has developed and deployed basic and remedial training
effectiveness of its aviation                   programs, it has not fully developed or deployed recurrent or supervisory
security initiatives, (2) strengthen            training programs. In addition, TSA acknowledged that its initial staffing
its passenger screening program,
and (3) address additional
                                                efforts created imbalances at the nation’s airports, and that it has taken
challenges in further enhancing                 limited action to assess the performance of the pilot airports using private,
aviation security.                              versus federal, screeners. TSA is undertaking a number of actions to address
                                                these concerns, including strengthening its training program and awarding
                                                contracts to assess its staffing model and the performance of the contract
                                                pilot airports.
In prior reports and testimonies,
GAO has made numerous                           TSA faces a number of other challenges as it continues to enhance aviation
recommendations to strengthen
                                                security. Significant challenges include implementing the Computer-Assisted
aviation security. We also have
ongoing reviews assessing many of               Passenger Prescreening System (CAPPS II), as well as strengthening
the issues addressed in this                    baggage screening, airport perimeter and access controls, and air cargo and
testimony and will issue separate               general aviation security. In implementing CAPPS II, TSA must ensure it
reports on these areas at a later               addresses concerns surrounding travelers’ privacy rights, the accuracy of
date.                                           databases used by CAPPS II, and obtaining international cooperation needed
                                                for the system to be fully operational. Additional challenges include
                                                integrating explosive detection systems into airport’s in-line baggage
                                                handling systems, identifying cost-effective perimeter security technologies,
                                                effectively targeting air cargo for screening, and improving security at
                                                general aviation airports. Further, TSA faces challenges in funding increased
                                                aviation security measures and ensuring that these costs are controlled.
                                                Security Screeners Checking Passengers with a Hand-Held Metal Detector




www.gao.gov/cgi-bin/getrpt?GAO-04-285T.

To view the full product, including the scope
and methodology, click on the link above.
For more information, contact Cathleen A.
Berrick at (202) 512-8777 or                    Source: FAA.
Berrickc@gao.gov.
Mr. Chairman and Members of the Committee:

Thank you for inviting me to participate in today’s hearing to discuss our
recent work on the Transportation Security Administration’s (TSA) efforts
to assess its performance and strengthen its security programs, to include
passenger screening. Securing commercial aviation is a daunting task—
with hundreds of airports, thousands of aircraft, and tens of thousands of
flights daily carrying millions of passengers and pieces of baggage and
cargo. Since the attacks of September 11, 2001, billions of dollars have
been spent, and a wide variety of programs and initiatives have been
implemented to enhance aviation security. However, recent reviews and
covert testing conducted by GAO and the Department of Homeland
Security’s Office of Inspector General, as well as recent media reports,
indicate that weaknesses and vulnerabilities in commercial aviation
continue to exist. For example, the incident involving a college student
who placed box cutters, clay resembling plastic explosives, and bleach on
commercial aircraft show that aviation security can still be compromised.

My testimony today highlights three key areas that TSA must focus on to
enhance aviation security. These areas include (1) measuring the
effectiveness of TSA’s aviation security initiatives that have already been
implemented, (2) strengthening its passenger screening program, and
(3) addressing key programmatic and management challenges to further
enhance aviation security. My testimony is based on our prior work,
reviews of TSA documentation, and interviews with TSA officials.

In summary:

Although TSA has implemented numerous programs and initiatives to
enhance aviation security, it has collected limited information on the
effectiveness of these programs and initiatives. Our recent work on TSA’s
passenger screening program showed that although TSA has made
enhancements in passenger screening, it has collected limited data on
screeners’ ability to detect threat objects. The Aviation and Transportation
Security Act (ATSA), which was established with the primary goal of
strengthening aviation security, requires that TSA establish acceptable
levels of performance for security initiatives and develop annual
performance plans and reports to measure and document the effectiveness
of those initiatives.1 Although TSA has developed an annual performance


1
P.L. 107-71.



Page 1                                                           GAO-04-285T
plan and report as required by ATSA, to date these tools have focused on
TSA’s progress in meeting deadlines to implement programs and initiatives
mandated by ATSA rather than on the effectiveness of these programs and
initiatives. TSA has recognized that it has collected limited performance
data on its security initiatives, and is taking steps to collect additional
data, including developing a 5-year performance plan, and increasing
passenger screener testing.

Our recent work on TSA’s passenger screening program showed that the
program can be strengthened in the areas of training, staffing, and the
contract screener pilot program.2 Although TSA has developed and
deployed basic and remedial training programs, it has not fully developed
or deployed recurrent or supervisory training programs to ensure that
screeners are effectively trained and supervised. In addition, TSA has
acknowledged that its initial screener staffing levels created imbalances at
the nation’s airports—a situation that it is attempting to address. TSA also
has not yet determined how to evaluate and measure the performance of
its contract screening pilot program. Since we issued our preliminary
report on TSA’s passenger screening program in September 2003, TSA has
taken a number of actions to address these concerns, including enhancing
its recurrent and supervisory training programs, and awarding a contract
to assess the contract screening pilot program. However, TSA has
recognized that assessing the performance of the pilot airports will be
difficult because of a lack of performance data.

TSA faces a number of other challenges as it continues to address threats
to our nation’s aviation system. Significant challenges include
implementing various aviation security programs, such as the Computer-
Assisted Passenger Prescreening System3 (CAPPS II), and addressing
broader security concerns related to the security of air cargo and general
aviation.4 TSA also faces challenges in managing the costs of aviation
security and in strategically managing its workforce of about 60,000
people, most of whom are deployed at airports to detect weapons and
explosives. TSA has been addressing these and other challenges through a


2
 ATSA required TSA to implement a pilot program using contract screeners at five
commercial airports. The purpose of the 2-year pilot program is to determine the feasibility
of using private screening companies rather than federal screeners.
3
 CAPPS II is a system intended to perform a risk assessment of all airline passengers to
identify those requiring additional security attention.
4
General aviation consists of all civil aircraft and excludes commercial and military aircraft.



Page 2                                                                         GAO-04-285T
             variety of efforts. We have work in progress that is examining TSA’s
             efforts in addressing many of these challenges.


             The security of the U.S. commercial aviation system has been a long-
Background   standing concern. As demonstrated by the 1988 bombing of a U.S. airliner
             over Lockerbie, Scotland, and the 1995 plot to blow up 12 U.S. aircraft in
             the Pacific region discovered by Philippine authorities, U.S. commercial
             aircraft have long been a target for terrorist attacks. Over the years,
             numerous initiatives have been undertaken to improve aviation security.
             However, as we and others have documented in numerous reports and
             studies, weaknesses continue to exist. It was because of these weaknesses
             that terrorists were able to hijack four commercial aircraft on September
             11, 2001, with tragic results.

             In an effort to strengthen the security of commercial aviation, the
             President signed into law the Aviation and Transportation Security Act
             (ATSA) on November 19, 2001. ATSA created TSA as an agency within the
             Department of Transportation with the responsibility for securing all
             modes of transportation, including aviation. ATSA mandated specific
             improvements to aviation security and established deadlines for
             completing many of these initiatives. Consequently, TSA’s main focus
             during its first year of operation was on meeting these deadlines,
             particularly federalizing the screener workforce at commercial airports
             nationwide by November 19, 2002, while at the same time establishing a
             new federal organization from the ground up. On March 1, 2003, pursuant
             to the Homeland Security Act, TSA was transferred from the Department
             of Transportation to the new Department of Homeland Security.5

             Virtually all aviation security responsibilities now reside with TSA. One of
             the most substantial of these is passenger screening. Passenger screening
             involves the use of metal detectors, X-ray machines, explosive trace
             detection machines, and physical searches to examine passengers and
             their baggage to identify threat objects. Passenger screening has
             historically been an area of concern. As we reported in 1987, and again in
             2000, passenger screeners who conducted these examinations have had
             difficultly in detecting weapons and other dangerous objects. At the time
             we issued these reports, air carriers were responsible for performing
             passenger screening. With the passage of ATSA, this responsibility has


             5
             P.L. 107-296.



             Page 3                                                           GAO-04-285T
                        now become the responsibility of TSA. TSA is also responsible for
                        ensuring the security of air cargo, limiting access to restricted areas of
                        airports to authorized personnel, securing airport perimeters, and
                        conducting background checks for airport personnel, among other
                        responsibilities.


                        TSA has implemented numerous initiatives designed to enhance aviation
Limited Information     security, but it has collected limited information on the effectiveness of
Exists on the           these initiatives, particularly its passenger screening program. ATSA
                        requires that TSA establish acceptable levels of performance and develop
Effectiveness of        annual performance plans and reports to measure and document the
Aviation Security       effectiveness of its security initiatives.6 Although TSA has developed these
                        performance tools as required by ATSA, the tools currently focus on TSA’s
Initiatives             progress toward meeting ATSA deadlines, rather than on the effectiveness
                        of its programs and initiatives. Although TSA has collected limited data on
                        the effectiveness of its initiatives, it is taking several steps to collect
                        objective data to assess its performance.


Evaluation of Program   Although there are a number of methods that TSA can use to measure the
Effectiveness           effectiveness of its passenger screening program, none are being fully
                        utilized. As we reported in September 2003,7 the primary source of
                        information collected on screeners’ ability to detect threat objects is
                        covert testing conducted by TSA’s Office of Internal Affairs and Program
                        Review. However, TSA does not consider the results of these covert tests
                        as a measure of performance, but rather a “snapshot” of a screener’s
                        ability to detect threat objects at a particular point in time and as a system-
                        wide performance indicator. At the time we issued our report, the Office of
                        Internal Affairs and Program Review had conducted 733 covert tests of



                        6
                         An annual performance plan is to provide the direct linkage between the strategic goals
                        outlined in the agency’s strategic plan and the day-to-day activities of managers and staff.
                        Additionally, annual performance plans are to include performance goals for an agency’s
                        program activities as listed in the budget, a summary of the necessary resources that will
                        be used to measure performance, and a discussion of how the performance information
                        will be verified. An annual performance report is to review and discuss an agency’s
                        performance compared with the performance goals it established in its annual performance
                        plan.
                        7
                         U.S. General Accounting Office, Airport Passenger Screening: Preliminary Observations
                        on Progress Made and Challenges Remaining, GAO-03-1173 (Washington, D.C.: Sept. 24,
                        2003).



                        Page 4                                                                       GAO-04-285T
passenger screeners at 92 airports. As a result, only a small percentage of
TSA’s passenger screeners had been subject to a covert test.

In addition to conducting covert tests at screening checkpoints, TSA
conducts tests to determine whether the current Computer-Assisted
Passenger Screening System is working as designed; threat objects are
detected during the screening of checked baggage; and access to restricted
areas of the airport is limited only to authorized personnel.8 While the
Office of Internal Affairs and Program Review has conducted about 2,000
access tests, it has conducted only 168 Computer-Assisted Passenger
Screening System and checked baggage tests. Based on an anticipated
increase in staff from about 100 in fiscal year 2003 to 200 in fiscal year
2004, the Office of Internal Affairs and Program Review plans to conduct
twice as many covert tests next year.9

Another key source of data on screener performance in detecting threat
objects is the Threat Image Projection (TIP) system, which places images
of threat objects on the X-ray screen during actual operations and records
whether screeners identify the threat object.10 The Federal Aviation
Administration began deploying TIP in late 1999 to continually measure
screener performance and to train screeners in becoming more adept at
detecting hard-to-spot threat objects. However, TIP was shut down
immediately following the September 11 terrorist attacks because of
concerns that it would result in screening delays and panic, as screeners
might have thought that they were actually viewing a threat object.
Although TSA officials recognized that TIP is a key tool in measuring,
maintaining, and enhancing screener performance, they only recently
began reactivating TIP on a wide-scale basis because of competing


8
 The original Computer Assisted Passenger Screening System is a stand-alone application
residing in an air carrier’s reservation system that analyzes certain behavioral patterns to
score and calculate each passenger’s need for additional screening.
9
 Currently, the Office of Internal Affairs and Program Review has 7 team leaders assigned
full-time to covert testing, and plans to have a total of 14 full-time team leaders by the end
of fiscal year 2004. The team leaders draw from the remaining staff within the office, such
as auditors and analysts, to perform the testing. According to TSA officials, overall,
95 percent of the staff in the Office of Internal Affairs and Program Review participates in
covert testing as a collateral responsibility.
10
  TIP is designed to test screeners’ detection capabilities by projecting threat images,
including guns and explosives, into bags as they are screened. Screeners are responsible
for positively identifying the threat image and calling for the bag to be searched. Once
prompted, TIP identifies to the screener whether the threat is real and then records the
screener’s performance in a database that could be analyzed for performance trends.



Page 5                                                                          GAO-04-285T
priorities, a lack of training, and a lack of resources needed to deploy TIP
activation teams. As TIP becomes operational at each airport, TSA
headquarters and federal security directors11 will have the capability to
query and analyze performance data in a number of ways, including by
individual screeners, checkpoints, terminals, and airports. TIP is expected
to be fully deployed and operational by April 2004.

When fully deployed, the annual screener recertification test results will
provide another source of data on screener performance. ATSA requires
that TSA collect performance information on each screener through
conducting an annual proficiency review to ensure he or she continues to
meet all qualifications and standards required to perform the screening
function. Although TSA began deploying federal screeners to airports in
April 2002, TSA only recently began implementing the annual
recertification program and does not expect to complete testing at all
airports until March 2004. The recertification testing is comprised of three
components: (1) image recognition; (2) knowledge of standard operating
procedures; and (3) practical demonstration of skills, to be administered
by a contractor. TSA officials consider 28,000 screeners as having
completed the first two components because they successfully passed
competency tests TSA administered at many airports as part of a screener
workforce reduction effort. However, these competency tests did not
include the third component of TSA’s planned annual screener
recertification program—the practical demonstration of skills. TSA
officials awarded a contract for this component of the annual proficiency
reviews in September 2003.

TSA’s Performance Management Information System for passenger and
baggage screening operations is also designed to collect performance data,
but currently it contains limited information on screener performance in
detecting threat objects. The Performance Management Information
System collects a wide variety of metrics on workload, staffing, and
equipment and is used to identify some performance indicators, such as
the level of absenteeism, the average time for equipment repairs, and the
status of TSA’s efforts to meet goals for 100 percent electronic baggage
screening.12 However, the system does not contain any performance
metrics related to the effectiveness of passenger screening. TSA is


11
 Federal security directors oversee security at each of the nation’s commercial airports.
12
 The Performance Management Information System also contains metrics on human
resources, sizing, checkpoint, feedback, and incidents.



Page 6                                                                       GAO-04-285T
                              planning to integrate performance information from various systems into
                              the Performance Management Information System to assist the agency in
                              making strategic decisions. TSA further plans to continuously enhance the
                              system as it learns what data are needed to best manage the agency. In
                              addition to making improvements to the Performance Management
                              Information System, TSA is currently developing performance indexes for
                              both individual screeners and the screening system as a whole. The
                              screener performance index will be based on data such as the results of
                              training and recertification tests, and the index for the screening system
                              will be based on information such as TIP results. TSA has not yet fully
                              established its methodology for developing the indexes, but it expects to
                              have them developed by the end of fiscal year 2004.


Performance Evaluation        TSA has recognized the need to strengthen the assessment of its
Tools under Development       performance, and it has initiated efforts to develop and implement
                              strategic and performance plans to clarify goals, establish performance
                              measures, and evaluate the performance of its security initiatives.
                              Strategic plans are the starting point for an agency’s planning and
                              performance measurement efforts. Strategic plans include a
                              comprehensive mission statement based on the agency’s statutory
                              requirements, a set of outcome-related strategic goals, and a description of
                              how the agency intends to achieve these goals. The Government
                              Performance and Results Act (GPRA)13 establishes a framework for
                              strategic plans that requires agencies to:

                          •   clearly establish results-oriented performance goals in strategic and
                              annual performance plans for which they will be held accountable,

                          •   measure progress toward achieving those goals,

                          •   determine the strategies and resources needed to effectively accomplish
                              the goals,


                              13
                                The Government Performance and Results Act of 1993 shifts the focus of government
                              operations from process to results by establishing a foundation for examining agency
                              mission, performance goals and objectives, and results. Under the act, agencies are to
                              prepare 5-year strategic plans that set the general direction for their efforts, and annual
                              performance plans that establish connections between the long-term strategic goals
                              outlined in the strategic plans and the day-to-day activities of managers and staff. Finally,
                              the act requires that each agency report annually on the extent to which it is meeting its
                              annual performance goals and the actions needed to achieve or modify those goals that
                              have not been met.



                              Page 7                                                                          GAO-04-285T
•   use performance information to make programmatic decisions necessary
    to improve performance, and

•   formally communicate results in performance reports.

    Although the Department of Homeland Security plans to issue one
    strategic plan for the department, it plans to incorporate strategic planning
    efforts from each of its component agencies. TSA recently completed a
    draft of its input into the Department of Homeland Security’s strategic
    plan. TSA officials stated that the draft is designed to ensure their security
    initiatives are aligned with the agency’s goals and objectives and that these
    initiatives represent the most efficient use of their resources. TSA officials
    submitted the draft plan to stakeholders in September 2003 for their
    review and comment. The Department of Homeland Security plans to
    issue its strategic plan by the end of the year.14

    In addition to developing a strategic plan, TSA is developing a
    performance plan to help it evaluate the current effectiveness and levels of
    improvement in its programs, based on established performance
    measures. TSA submitted to the Congress a short-term performance plan
    in May 2003, as required by ATSA, that included performance goals and
    objectives. The plan also included an initial set of 32 performance
    measures, including the percentage of bags screened by explosive
    detection systems and the percentage of screeners in compliance with
    training standards. However, these measures were primarily output-based
    (measuring whether specific activities were achieved) and did not
    measure the effectiveness of TSA’s security initiatives. TSA officials
    acknowledge that the goals and measures included in the report were
    narrowly focused and that in moving forward additional performance-
    based measures are needed.



    14
      TSA is also developing a National Transportation Security System Plan, a draft of which is
    currently under review within TSA. TSA plans to promote consistent and mutually
    supporting intermodal planning in cooperation with administrators and in collaboration
    with key stakeholders from all modes of transportation. TSA designed the plan for use by
    agencies, owners, and operators of the transportation system to guide them as they develop
    their individual security plans. Accordingly, the National Transportation System Security
    Plan will include national modal plans to capture and tailor transportation security
    requirements for each mode of transportation, with particular emphasis on intermodal
    connections. Each modal plan will focus on security for people (workforce and
    passengers), cargo (baggage and shipments), infrastructure (vehicles, facilities, and right of
    ways), and response preparedness.



    Page 8                                                                         GAO-04-285T
    In addition to developing a short-term performance plan, ATSA also
    requires that TSA develop a 5-year performance plan and annual
    performance report, including an evaluation of the extent to which its
    goals and objectives were met. TSA is currently developing performance
    goals and measures as part of its annual planning process and will collect
    baseline data throughout fiscal year 2004 to serve as a foundation for its
    performance targets. TSA also plans to increase its focus on measuring the
    effectiveness of various aspects of the aviation security system in its
    5-year performance plan. According to TSA’s current draft strategic plan,
    which outlines its overall goals and strategies for fiscal years 2003 through
    2008, its efforts to measure the effectiveness of the aviation security
    system will include:

•   random and scheduled reviews of the efficiency and effectiveness of
    security processes;

•   oversight of compliance with security standards and approved programs
    through a combination of inspections, testing, interviews, and record
    reviews—to include TIP;

•   measurement of performance against standards to ensure expected
    standards are met to drive process improvements; and

•   collection and communication of performance data using a state-of-the-art
    data collection and reporting system.

    In our January 2003 report on TSA’s actions and plans to build a results-
    oriented culture, we recommended next steps that TSA should take to
    strengthen its strategic planning efforts.15 These steps include establishing
    security performance goals and measures for all modes of transportation
    that involves stakeholders, and applying practices that have been shown to
    provide useful information in agency performance plans. We also
    identified practices that TSA can apply to ensure the usefulness of its
    required 5-year performance plan to TSA managers, the Congress, and
    other decision makers or interested parties. Table 1 outlines the practices
    we identified for TSA.




    15
     U.S. General Accounting Office, Transportation Security Administration: Actions and
    Plans to Build a Results-Oriented Culture, GAO-03-190 (Washington, D.C.: Jan. 17, 2003).



    Page 9                                                                     GAO-04-285T
Table 1: Summary of Opportunities to Help Ensure Useful Annual Plans and Applied Practices

 Opportunities to help ensure useful annual
 plans                                                Applied practices
 Articulate a results orientation                     1. Create a set of performance goals and measures that addresses important
                                                         dimensions of program performance and balances competing priorities.
                                                      2. Use intermediate goals and measures to show progress or contribution to
                                                         intended results.
                                                      3. Include explanatory information on the goals and measures.
                                                      4. Develop performance goals to address mission-critical management problems.
                                                      5. Show baseline and trend data for past performance.
                                                      6. Identify projected target levels of performance for multiyear goals.
                                                      7. Link the goals of component organizations to departmental strategic goals.
 Coordinate cross-cutting programs                    8. Identify programs that contribute to the same or similar results.
                                                      9. Set complementary performance goals to show how differing program
                                                         strategies are mutually reinforcing and establish common or complementary
                                                         performance measures, as appropriate.
                                                      10. Describe—briefly or refer to a separate document—planned coordination
                                                          strategies.
 Show how strategies will be used to achieve          11. Link strategies and programs to specific performance goals and describe how
 goals                                                    they will contribute to the achievement of those goals.
                                                      12. Describe strategies to leverage or mitigate the effects of external factors on the
                                                          accomplishment of performance goals.
                                                      13. Discuss strategies to resolve mission-critical management problems.
                                                      14. Discuss—briefly or refer to a separate plan—plans to ensure that mission-
                                                          critical processes and information systems function properly and are secure.
 Show performance consequences of budget and          15. Show how budgetary resources relate to the achievement of performance
 other resource decisions                                 goals.
                                                      16. Discuss—briefly and refer to the agency capital plan—how proposed capital
                                                          assets (specifically information technology investments) will contribute to
                                                          achieving performance goals.
                                                      17. Discuss—briefly or refer to a separate plan—how the agency will use its
                                                          human capital.
 Build the capacity to gather and use performance 18. Identify internal and external sources of data.
 information                                      19. Describe efforts to verify and validate performance data.
                                                      20. Identify actions to compensate for unavailable or low-quality data.
                                                      21. Discuss implications of data limitations for assessing performance.
Source: GAO.

                                            TSA agreed with our recommendations and plans to incorporate these
                                            principles into its 5-year performance plan and annual performance report.
                                            TSA plans to complete its 5-year performance plan and annual
                                            performance report by February 2004, as required by GPRA.




                                            Page 10                                                                          GAO-04-285T
                            The Congress has also recognized the need for TSA to measure the
                            effectiveness of its security initiatives and, as part of the Federal Aviation
                            Administration’s (FAA) reauthorization act—Vision 100: Century of
                            Aviation Reauthorization Act—is currently considering a provision that
                            would require the Secretary of the Department of Homeland Security to
                            conduct a study of the effectiveness of the aviation security system.


                            In addition to collecting performance data on the effectiveness of its
Challenges in               passenger screening program, TSA can strengthen other areas of the
Strengthening TSA’s         program to help improve screeners’ ability to detect threat objects. In our
                            September 2003 report that discussed our preliminary observations on
Passenger Screening         TSA’s passenger screening program, we noted that TSA can strengthen
Program                     recurrent and supervisory training, staffing of screeners, and oversight of
                            its contract screener pilot program. Since that report was issued, TSA has
                            identified a number of actions it has taken or plans to take to address
                            these concerns. We will be reviewing TSA’s efforts to address these
                            challenges as part of our ongoing review of this program.


Recurrent and Supervisory   In fulfilling its passenger screening mandate, TSA must ensure that
Training Programs Not       screeners are adequately trained and sufficiently skilled in identifying
Fully Developed             threat or dangerous objects at screening checkpoints. To help accomplish
                            this, TSA has developed and deployed basic and remedial screener training
                            programs. Basic screener training consists of 40 hours of classroom
                            instruction and 60 hours of on-the-job training that screeners must
                            successfully complete prior to making independent screening decisions.
                            Additionally, TSA requires remedial training for any screener who fails an
                            operational test and prohibits screeners from performing the screening
                            function related to the test they failed until they successfully complete
                            remedial training. TSA screening supervisors may also require remedial
                            training for screeners they observe needing strengthening of their skills.

                            Although TSA has deployed basic and remedial training programs, it has
                            not fully developed or deployed recurrent or supervisory training
                            programs to ensure that screeners are effectively trained and supervised.
                            Recurrent training—the ongoing training of screeners on a frequent
                            basis—is critical in maintaining and enhancing screener skills. Although
                            TSA has not fully developed a recurrent training program, it is in the
                            process of deploying six recurrent training modules and is pilot testing an
                            Online Learning Management System for recurrent training comprised of
                            about 360 components. TSA officials said that budget limitations had



                            Page 11                                                            GAO-04-285T
                              delayed implementation of the recurrent training modules and the online
                              learning system.

                              Similarly, TSA has not fully developed or deployed a supervisory training
                              program, even though it describes its screening supervisors as the key to a
                              strong defense in detecting threat objects. However, TSA is taking steps in
                              developing such a program, including working with the U.S. Department of
                              Agriculture’s Graduate School to tailor its off-the-shelf supervisory course
                              to meet the specific training needs of TSA’s screening supervisors. TSA
                              reported that it is sending supervisors to the U.S. Department of
                              Agriculture off-the-shelf supervisory course until the customized course is
                              fielded in 2004. TSA also plans to establish a technical supervisor training
                              component for recurrent training.


TSA Continues to Work to      To conduct passenger and baggage screening functions at the nation’s
Identify Appropriate          airports, TSA hired about 56,000 screeners. Initially, screener staff levels
Staffing Levels at Airports   for all airports was developed by TSA headquarters without active input
                              from the agency’s federal security directors who are responsible for
                              overseeing security at each of the nation’s commercial airports. This has
                              led to staffing imbalances, and concern by federal security directors that
                              they had limited authority to respond to airport-specific staffing needs,
                              such as reacting to fluctuations in daily and seasonal passenger flow. TSA
                              officials acknowledged that their initial staffing efforts created imbalances
                              in the screener workforce, and reported that as they work to further
                              reduce the screener workforce,16 they will solicit input from the Federal
                              Security Directors as well as airport and air carrier officials. TSA has also
                              taken steps such as authorizing the hiring of part-time screeners at over
                              200 airports—the first of whom began working in September 2003.




                              16
                                TSA’s screener workforce totaled 55,600 on March 31, 2003. The agency cut 3,000
                              positions for a screener workforce of 52,600 by June 1, 2003. An additional 3,000 positions
                              were cut for a workforce of 49,600 full-time equivalents (FTE) by September 30, 2003, the
                              end of the fiscal year. TSA officials predicted that the screener staffing level will be down
                              to 45,000 by the end of fiscal year 2004. Beginning with the enactment of the 2002
                              Supplemental Appropriations Act for Further Recovery from and Response to Terrorist
                              Attacks on the United States, Public Law 107-206 (August 2, 2002), and in subsequent
                              appropriations acts, there have been restrictions on TSA impacting staffing levels. The
                              current fiscal year 2004 Department of Homeland Security Appropriations Act, Public Law
                              108-90, contains a provision requiring that none of the funds in the act be used to recruit or
                              hire personnel into TSA, which would cause the agency to exceed a screener staffing level
                              of 45,000 full-time equivalents.



                              Page 12                                                                         GAO-04-285T
                          To better address airport-specific staffing needs and accomplish
                          workforce reduction goals, TSA developed its current screener staffing
                          levels using a computer-based modeling process that took into account the
                          number of screening checkpoints and lanes at an airport; originating
                          passengers; the number of airport workers requiring screening; projected
                          air carrier service increases and decreases during the year; and hours
                          needed to accommodate screener training, leave, and breaks. TSA recently
                          hired an outside consultant to conduct a study of screener staffing levels
                          at various airports. TSA officials stated that they will continue to review
                          the staffing allocation process through the modeling efforts to assess air
                          carrier and airport growth patterns, and adjustments will be made as
                          appropriate. We will continue to review TSA’s staffing efforts as part of
                          our ongoing review.


Assessment of Contract    Consistent with ATSA, TSA implemented a pilot program using contract
Screening Pilot Program   screeners at five commercial airports. The purpose of the 2-year pilot
                          program is to determine the feasibility of using private screening
                          companies rather than federal screeners. TSA initially required private
                          screening companies to adhere to all of the procedures and protocols used
                          by federal screeners. As a result, these airports had limited flexibility in
                          running screening operations. However, TSA recently provided the
                          contractors with some flexibility, such as allowing them to determine and
                          maintain their own staffing levels and to make independent hiring
                          decisions. ATSA gives all airport operators the option of applying to
                          change from using federal screeners to using private screeners beginning
                          in November 2004.

                          TSA has not yet determined how to evaluate and measure the performance
                          of the pilot program airports or determine the feasibility of using contract
                          screening companies. TSA recently awarded a contract to BearingPoint,
                          Inc., to compare the performance of pilot screening with federal screening,
                          including the overall strengths and weaknesses of both systems, and
                          determine the reasons for any differences.17 The evaluation is scheduled to
                          be completed by March 31, 2004.18 TSA has acknowledged that designing


                          17
                           According to the August 8, 2003, request for quotation for the evaluation of the contract
                          screening pilot program, BearingPoint must include informed performance comparisons,
                          both quantitative and qualitative, of private versus federal screeners overall and within
                          different sizes and categories of airports.
                          18
                           Based on the time frames established in the request for quotation, BearingPoint, Inc. is
                          required to develop a project plan and evaluation model no later than December 12, 2003.



                          Page 13                                                                       GAO-04-285T
                       an effective evaluation of the screeners at the pilot airports will be
                       challenging because key operational areas, including training, assessment,
                       compensation, and equipment, have to a large extent been held constant
                       across all airports, and therefore are not within the control of the private
                       screening companies.19 In its request for proposal for the pilot airport
                       evaluation, TSA identified several data sources for the evaluation,
                       including the Performance Management Information System and the
                       Office of Internal Affairs and Program Review’s covert testing of passenger
                       screeners. However, as we recently reported, data from these systems in
                       measuring the effectiveness of screening operations is limited. As a result,
                       it will be a challenge for TSA to effectively compare the performance of
                       the contract pilot airports with that of airports using federal screeners.

                       In conjunction with this evaluation, TSA will need to plan for the possible
                       transition of airports from a federal system to a private screening
                       company. Numerous airport operators have expressed an interest in
                       obtaining more information to assist in their decision regarding using
                       private screeners. Specifically, airport operators stated that they would
                       like to determine who would bear responsibility for funding the screening
                       contract, airport liability in the event of an incident linked to a screener
                       failure, how well the current pilot program airports are performing,
                       performance standards to which contract screeners would be held, and
                       TSA’s role in overseeing contracted screening. If airports are permitted to
                       opt out of using federal screeners, this could have a significant impact on
                       TSA’s role in overseeing the screening function as well as the number of
                       federal screeners needed.


                       In addition to the challenges it faces in conducting its passenger screening
TSA Faces Additional   program and assessing program effectiveness, TSA faces a number of
Programmatic and       other programmatic and management challenges in strengthening aviation
                       security. These challenges include implementing the new Computer-
Management             Assisted Passenger Prescreening System; strengthening baggage
Challenges             screening, airport perimeter and access controls, air cargo, and general
                       aviation security; managing the costs of aviation security initiatives; and
                       managing human capital. TSA has been addressing these challenges
                       through a variety of efforts. We have work in progress that is examining


                       19
                         TSA’s request for proposal for the pilot program evaluation notes that there are a
                       significant number of operational and managerial elements at the discretion of the private
                       screening companies that should be considered in the evaluation, including supervision,
                       overhead, materials, recruiting, and scheduling.



                       Page 14                                                                      GAO-04-285T
                             TSA’s efforts in most of these areas, and we will be reporting on TSA’s
                             progress in the future.


Computer-Assisted            TSA is developing a new Computer-Assisted Passenger Prescreening
Passenger Prescreening       System, or CAPPS II. This system is intended to replace the current
System (CAPPS II)            Computer-Assisted Passenger Screening program, which was developed in
                             the mid-1990s by the Federal Aviation Administration to enable air carriers
                             to identify passengers requiring additional security attention. The current
                             system is maintained as a part of the airlines’ reservation systems and,
                             operating under federal guidelines, uses a number of behavioral
                             characteristics to select passengers for additional screening.

                             In the wake of the September 11, 2001, terrorist attacks, a number of
                             weaknesses in the current prescreening program were exposed. For
                             example, although the characteristics used to identify passengers for
                             additional screening are classified, several have become public knowledge
                             through the press or on the Internet. Although enhancements have been
                             made to address some of these weaknesses, the behavioral traits used in
                             the system may not reflect current intelligence information. It is also
                             difficult to quickly modify the system to respond to real-time changes in
                             threats. Additionally, because the current system operates independently
                             within each air carrier reservation system, changes to each air carrier’s
                             system to modify the prescreening system can be costly and time-
                             consuming.

                             In contrast, CAPPS II is planned to be a government-run program that will
                             provide real-time risk assessment for all airline passengers. Unlike the
                             current system, TSA is designing CAPPS II to identify and compare
                             personal information with commercially available data to confirm a
                             passenger’s identity. The system will then run the identifying information
                             against government databases and generate a “risk” score for the
                             passenger. The risk score will determine the level of screening that the
                             passenger will undergo before boarding. TSA currently estimates that
                             initial implementation of CAPPS II will occur during the fall of 2004, with
                             full implementation expected by the fall of 2005.

                             TSA faces a number of challenges that could impede its ability to
                             implement CAPPS II. Among the most significant are the following:

                         •   concerns about travelers’ privacy rights and the safeguards established to
                             protect passenger data;



                             Page 15                                                         GAO-04-285T
                  •   the accuracy of the databases being used by the CAPPS II system and
                      whether inaccuracies could generate a high number of false positives and
                      erroneously prevent or delay passengers from boarding their flights;

                  •   the length of time that data will be retained by TSA;

                  •   the availability of a redress process through which passengers could get
                      erroneous information corrected;

                  •   concerns that identify theft, in which someone steals relevant data and
                      impersonates another individual to obtain that person’s low risk score,
                      may not be detected and thereby negate the security benefits of the
                      system; and

                  •   obtaining the international cooperation needed for CAPPS II to be fully
                      effective, as some countries consider the passenger information required
                      by CAPPS II as a potential violation of their privacy laws.

                      We are currently assessing these and other challenges in the development
                      and implementation of the CAPPS II system and expect to issue a final
                      report on our work in early 2004.


Checked Baggage       Checked baggage represents a significant security concern, as explosive
Screening             devices in baggage can, and have, been placed in aircraft holds. ATSA
                      required screening of all checked baggage on commercial aircraft by
                      December 31, 2002, using explosive detection systems to electronically
                      scan baggage for explosives. According to TSA, electronic screening can
                      be accomplished by bulk explosives detection systems (EDS)20 or
                      explosives trace detection (ETD) systems.21 However, TSA faced
                      challenges in meeting the mandated implementation date. First, the
                      production capabilities of EDS manufacturers were insufficient to produce
                      the number of units needed. Additionally, according to TSA, it was not
                      possible to undertake all of the airport modifications necessary to
                      accommodate the EDS equipment in each airport’s baggage-handling area.


                      20
                       Explosives detection systems use probing radiation to examine objects inside baggage
                      and identify the characteristic signatures of threat explosives. EDS equipment operates in
                      an automated mode.
                      21
                        Explosive trace detection works by detecting vapors and residues of explosives. Human
                      operators collect samples by rubbing bags with swabs, which are chemically analyzed to
                      identify any traces of explosive materials.



                      Page 16                                                                      GAO-04-285T
In order to ensure that all checked baggage is screened, TSA established a
program that uses alternative measures, including explosives-sniffing
dogs, positive passenger bag match,22 and physical hand searches at
airports where sufficient EDS or ETD technology was not available.
Section 425 of the Homeland Security Act allowed the Under Secretary for
Transportation Security to grant airports unable to meet the December 31,
2002, 100 percent screening deadline an extension until December 31,
2003. Although TSA has made progress in implementing EDS technology at
more airports, it has reported that it will not meet the revised mandate for
100 percent electronic screening of all checked baggage. Specifically, as of
October 2003, TSA reported that it will not meet the deadline for
electronic screening by December 31, 2003, at five airports. Airport
representatives with whom we spoke expressed concern that there has not
been enough time to produce, install, and integrate all of the systems
required to meet the deadline.

In addition to fielding the EDS systems at airports, difficulties exist in
integrating these systems into airport baggage-handling systems. For those
airports that have installed EDS equipment, many have been located in
airport lobbies as stand-alone systems. The chief drawback of stand-alone
systems is that because of their size and weight there is a limit to the
number of units that can be placed in airport lobbies, and numerous
screeners are required to handle the checked bags because each bag must
be physically conveyed to the EDS machines and then moved back to the
conveyor system for transport to the baggage-handling room in the air
terminal. Some airports are in the process of integrating the EDS
equipment inline with the conveyor belts that transport baggage from the
ticket counter to the baggage-handling area. However, the reconfiguring of
airports for in-line checked baggage screening can be extensive and
costly.23 TSA has reported that in-line EDS equipment installation costs
range from $1 million to $3 million per piece of equipment. In February
2003, we identified letters of intent24 as a funding option that has been



22
 Positive passenger bag match is an alternative method of screening checked baggage,
which requires that the passenger be on the same aircraft as the checked baggage.
23
 In-line screening involves incorporating EDS machines into airport baggage handling
systems to improve throughput of baggage and to streamline airport operations.
24
 A letter of intent represents a nonbinding commitment from an agency to provide
multiyear funding to an entity beyond the current authorization period. Thus, that letter
allows an airport to proceed with a project without waiting for future federal funds
because the airport and investors know that allowable costs are likely to be reimbursed.



Page 17                                                                       GAO-04-285T
                       successfully used to leverage private sources of funding.25 TSA has since
                       written letters of intent covering seven airports promising multiyear
                       financial support totaling over $770 million for in-line integration of EDS
                       equipment.26 Further, TSA officials have stated that they have identified 25
                       to 35 airports as candidates for further letters of intent pending
                       Congressional authorization of funding. We are examining TSA’s baggage
                       screening program, including its issuance of letters of intent, in an ongoing
                       assignment.


Perimeter and Access   Prior to September 2001, work performed by GAO and others highlighted
Controls               the vulnerabilities in controls for limiting access to secure airport areas. In
                       one report, we noted that GAO special agents were able to use fictitious
                       law enforcement badges and credentials to gain access to secure areas,
                       bypass security checkpoints, and walk unescorted to aircraft departure
                       gates.27 The agents, who had been issued tickets and boarding passes,
                       could have carried weapons, explosives, or other dangerous objects onto
                       aircraft. Concerns over the adequacy of the vetting process for airport
                       workers who have unescorted access to secure airport areas have also
                       arisen, in part as a result of federal agency airport security sweeps that
                       uncovered hundreds of instances in which airport workers lied about their
                       criminal history, or immigration status, or provided false or inaccurate
                       Social Security numbers on their application for security clearances to
                       obtain employment.

                       ATSA contains provisions to improve perimeter access security at the
                       nation’s airports and strengthen background checks for employees
                       working in secure airport areas, and TSA has made some progress in this
                       area. For example, federal mandates were issued to strengthen airport
                       perimeter security by limiting the number of airport access points, and


                       25
                        U.S. General Accounting Office, Airport Finance: Past Funding Levels May Not Be
                       Sufficient to Cover Airports’ Planned Capital Development, GAO-03-497T (Washington,
                       D.C.: Feb. 25, 2003).
                       26
                         The seven airports include Denver International Airport, Las Vegas McCarran
                       International Airport, Los Angeles International Airport, Ontario International Airport,
                       Seattle/Tacoma International Airport, Dallas/Fort Worth International Airport, and Boston
                       Logan International Airport. The purpose is to help defray the costs of installing permanent
                       explosive detection systems that are integrated with airports’ checked baggage conveyor
                       systems.
                       27
                        U.S. General Accounting Office, Security: Breaches at Federal Agencies and Airports,
                       GAO/T-OSI-00-10 (Washington, D.C.: May 25, 2000).



                       Page 18                                                                      GAO-04-285T
they require random screening of individuals, vehicles, and property
before entry at the remaining perimeter access points. Further, TSA made
criminal history checks mandatory for employees with access to secure or
sterile airport areas. To date, criminal history checks have been conducted
on approximately 1 million of these employees. TSA also has plans to
develop a pilot airport security program and is reviewing security
technologies in the areas of biometrics access control identification
systems (i.e., fingerprints or iris scans), anti-piggybacking technologies (to
prevent more than one employee from entering a secure area at a time),
and video monitoring systems for perimeter security. TSA solicited
commercial airport participation in the program. It is currently reviewing
information from interested airports and plans to select 20 airports for the
program.

Although progress has been made, challenges remain with perimeter
security and access controls at commercial airports. Specifically, ATSA
contains numerous requirements for strengthening perimeter security and
access controls, some of which contained deadlines, which TSA is
working to meet. In addition, a significant concern is the possibility of
terrorists using shoulder-fired portable missiles from locations near the
airport. We reported in June 2003 that airport operators have increased
their patrols of airport perimeters since September 2001, but industry
officials stated that they do not have enough resources to completely
protect against missile attacks.28 A number of technologies could be used
to secure and monitor airport perimeters, including barriers, motion
sensors, and closed-circuit television. Airport representatives have
cautioned that as security enhancements are made to airport perimeters, it
will be important for TSA to coordinate with the Federal Aviation
Administration and the airport operators to ensure that any enhancements
do not pose safety risks for aircraft. To further examine these threats and
challenges, we have ongoing work assessing TSA’s progress in meeting
ATSA provisions related to improving perimeter security, access controls,
and background checks for airport employees and other individuals with
access to secure areas of the airport, as well as the nature and extent of
the threat from shoulder-fired missiles.




28
 U.S. General Accounting Office, Transportation Security: Federal Action Needed to Help
Address Security Challenges, GAO-03-843 (Washington, D.C.: June 30, 2003).



Page 19                                                                  GAO-04-285T
Air Cargo Security   As we and the Department of Transportation’s Inspector General have
                     reported, vulnerabilities exist in ensuring the security of cargo carried
                     aboard commercial passenger and all-cargo aircraft. TSA has reported that
                     an estimated 12.5 million tons of cargo are transported each year—9.7
                     million tons on all-cargo planes and 2.8 million tons on passenger planes.
                     Potential security risks are associated with the transport of air cargo—
                     including the introduction of undetected explosive and incendiary devices
                     in cargo placed aboard aircraft. To reduce these risks, ATSA requires that
                     all cargo carried aboard commercial passenger aircraft be screened and
                     that TSA have a system in place as soon as practicable to screen, inspect,
                     or otherwise ensure the security of cargo on all-cargo aircraft. Despite
                     these requirements, it has been reported that less than 5 percent of cargo
                     placed on passenger airplanes is physically screened.29 TSA’s primary
                     approach to ensuring air cargo security and safety is to ensure compliance
                     with the “known shipper” program—which allows shippers that have
                     established business histories with air carriers or freight forwarders to
                     ship cargo on planes. However, we and the Department of
                     Transportation’s Inspector General have identified weaknesses in the
                     known shipper program and in TSA’s procedures for approving freight
                     forwarders, such as possible tampering with freight at various handoff
                     points before it is loaded into an aircraft.30

                     Since September 2001, TSA has taken a number of actions to enhance
                     cargo security, such as implementing a database of known shippers in
                     October 2002. The database is the first phase in developing a cargo
                     profiling system similar to the Computer-Assisted Passenger Prescreening
                     System. However, in December 2002, we reported that additional
                     operational and technological measures, such as checking the identity of
                     individuals making cargo deliveries, have the potential to improve air
                     cargo security in the near term.31 We further reported that TSA lacks a
                     comprehensive plan with long-term goals and performance targets for
                     cargo security, time frames for completing security improvements, and
                     risk-based criteria for prioritizing actions to achieve those goals.
                     Accordingly, we recommended that TSA develop a comprehensive plan for
                     air cargo security that incorporates a risk management approach, includes


                     29
                      Congressional Research Service, Air Cargo Security, September 11, 2003.
                     30
                      U.S. General Accounting Office, Aviation Security: Vulnerabilities and Potential
                     Improvements for the Air Cargo System, GAO-03-344 (Washington, D.C.: Dec. 20, 2002).
                     31
                      U.S. General Accounting Office, Aviation Security: Progress since September 11, 2001,
                     and the Challenges Ahead, GAO-03-1150T (Washington, D.C.: September 9, 2003).



                     Page 20                                                                    GAO-04-285T
                            a list of security priorities, and sets deadlines for completing actions. TSA
                            agreed with this recommendation and expects to develop such a plan by
                            the end of 2003. It will be important that this plan include a timetable for
                            implementation to help ensure that vulnerabilities in this area are reduced.


General Aviation Security   Since September 2001, TSA has taken limited action to improve general
                            aviation security, leaving general aviation far more open and potentially
                            vulnerable than commercial aviation. General aviation is vulnerable
                            because general aviation pilots and passengers are not screened before
                            takeoff and the contents of general aviation planes are not screened at any
                            point. General aviation includes more than 200,000 privately owned
                            airplanes, which are located in every state at more than 19,000 airports.32
                            More than 550 of these airports also provide commercial service. In the
                            last 5 years, about 70 aircraft have been stolen from general aviation
                            airports, indicating a potential weakness that could be exploited by
                            terrorists. This vulnerability was demonstrated in January 2002, when a
                            teenage flight student stole and crashed a single-engine airplane into a
                            Tampa, Florida skyscraper. Moreover, general aviation aircraft could be
                            used in other types of terrorist acts. It was reported that the September
                            11th hijackers researched the use of crop dusters to spread biological or
                            chemical agents.

                            We reported in September 2003 that TSA had chartered a working group
                            on general aviation within the existing Aviation Security Advisory
                            Committee.33 The working group consists of industry stakeholders and is
                            designed to identify and recommend actions to close potential security
                            gaps in general aviation. On October 1, 2003, the working group issued a
                            report that included a number of recommendations for general aviation
                            airport operators’ voluntary use in evaluating airports’ security
                            requirements. These recommendations are both broad in scope and
                            generic in their application, with the intent that every general aviation
                            airport and landing facility operators may use them to evaluate that
                            facility’s physical security, procedures, infrastructure, and resources. TSA
                            is taking some additional action to strengthen security at general aviation
                            airports, including developing a risk-based self-assessment tool for general


                            32
                              Of the 19,000 general aviation airports, 5,400 are publicly owned. TSA is currently
                            focusing its efforts on these publicly owned airports. TSA is still unclear about its role in
                            inspecting privately owned general aviation airports.
                            33
                             GAO-03-1150T.



                            Page 21                                                                          GAO-04-285T
                            aviation airports to use in identifying security concerns. We have ongoing
                            work that is examining general aviation security in further detail.


Aviation Security Funding   TSA faces two key funding and accountability challenges in securing the
                            commercial aviation system: (1) paying for increased aviation security,
                            and (2) ensuring that these costs are controlled. These challenges are
                            particularly critical due to the government incurring large and increasing
                            deficits. The rapid rise in needed funding for aviation security
                            enhancements further exacerbates budget challenges. The costs
                            associated with aviation security are huge. The Department of Homeland
                            Security appropriation includes $3.7 billion for aviation security for fiscal
                            year 2004. The passenger and baggage screening functions alone account
                            for most of this funding, with about $1.8 billion appropriated for passenger
                            screening and $1.3 billion for baggage screening. ATSA created passenger
                            and air carrier security fees to pay for the costs of aviation security, but
                            the fees have not generated enough money to do so. The Department of
                            Transportation’s Inspector General reported that the security fees are
                            estimated to generate only about $1.7 billion during fiscal year 2004.

                            A major funding challenge is paying for the purchase and installation of
                            the remaining explosives detection systems, including integration into
                            airport baggage-handling systems. Integrating the equipment with the
                            baggage-handling systems is expected to be costly because it will require
                            major facility modifications. For example, modifications needed to
                            integrate the equipment at Boston’s Logan International Airport are
                            estimated to cost $146 million. Modifications for Dallas/Fort Worth
                            International Airport are estimated to cost $193 million. According to TSA
                            and the Department of Transportation’s Inspector General, the cost of
                            integrating the equipment nationwide could be $3 billion.

                            A key question that must be addressed is how to pay for these installation
                            costs. The Federal Aviation Administration’s Airport Improvement
                            Program (AIP) and passenger facility charges have been eligible sources
                            for funding this work.34 During fiscal year 2002, AIP grant funds totaling
                            $561 million were used for terminal modifications to enhance security.
                            However, using these funds for security reduced the funding available for



                            34
                             The Airport Improvement Program trust fund is used to fund capital improvements to
                            airports, including some security enhancements, such as terminal modifications to
                            accommodate explosive detection equipment.



                            Page 22                                                                  GAO-04-285T
                other airport development and rehabilitation projects. To provide financial
                assistance to airports for security-related capital investments, such as the
                installation of explosives detection equipment, proposed aviation
                reauthorization legislation would establish an aviation security capital
                fund that would authorize $2 billion over the next 4 years.

                In February 2003, we identified letters of intent as a funding option that
                has been successfully used to leverage private sources of funding.35 TSA
                has since signed letters of intent covering seven airports—Boston Logan,
                Dallas/Fort Worth, Denver, Los Angeles, McCarran (Las Vegas), Ontario
                (California), and Seattle/Tacoma international airports. Under the
                agreements, TSA will pay 75 percent of the cost of integrating the
                explosives detection equipment into the baggage-handling systems. The
                payments will stretch out over 3 to 4 years. TSA officials have identified
                more airports that would be candidates for similar agreements.

                Another challenge is ensuring continued investment in transportation
                research and development. For fiscal year 2003, TSA was appropriated
                about $110 million for research and development, of which $75 million
                was designated for the next-generation explosives detection systems.
                However, TSA proposed to reprogram $61.2 million of these funds to be
                used for other purposes, leaving about $12.7 million to be spent on
                research and development in that year. This proposed reprogramming
                could limit TSA’s ability to sustain and strengthen aviation security by
                continuing to invest in research and development for more effective
                equipment to screen passengers, their carry-on and checked baggage, and
                cargo. In ongoing work, we are examining the nature and scope of
                research and development work by TSA and the Department of Homeland
                Security, including their strategy for accelerating the development of
                transportation security technologies.


Human Capital   As it organizes itself to protect the nation’s transportation system, TSA
Management      faces the challenge of strategically managing its workforce of about 60,000
                people—more than 80 percent of whom are passenger and baggage
                screeners. Additionally, over the next several years, TSA faces the
                challenge of sizing and managing this workforce as efficiency is improved
                with new security-enhancing technologies, processes, and procedures. For
                example, as explosives detection systems are integrated with baggage-


                35
                 GAO-03-497T.



                Page 23                                                         GAO-04-285T
handling systems, the use of more labor-intensive screening methods, such
as trace detection techniques and manual bag searches, can be reduced.
Other planned security enhancements, such as CAPPS II and a registered
traveler program, also have the potential to make screening more efficient.
Further, if airports opt out of the federal screener program and use their
own or contract employees to provide screening instead of TSA screeners,
a significant impact on TSA staffing could occur.

To assist agencies in managing their human capital more strategically, we
have developed a model that identifies cornerstones and related critical
success factors that agencies should apply and steps they can take.36 Our
model is designed to help agency leaders effectively lead and manage their
people and integrate human capital considerations into daily decision
making and the program results they seek to achieve. In January 2003, we
reported that TSA was addressing some critical human capital success
factors by using a wide range of tools available for hiring, and beginning to
link individual performance to organizational goals.37 However, concerns
remain about the size and training of that workforce, the adequacy of the
initial background checks for screeners, and TSA’s progress in setting up a
performance management system. TSA is currently developing a human
capital strategy, which it expects to be completed by the end of this year.

TSA has proposed cutting the screener workforce by an additional 3,000
during fiscal year 2004. This planned reduction has raised concerns about
passenger delays at airports and has led TSA to begin hiring part-time
screeners to make more flexible and efficient use of its workforce. In
addition, TSA used an abbreviated background check process to hire and
deploy enough screeners to meet ATSA’s screening deadlines during 2002.
After obtaining additional background information, TSA terminated the
employment of some of these screeners. TSA reported 1,208 terminations
as of May 31, 2003, that it ascribed to a variety of reasons, including
criminal offenses and failures to pass alcohol and drug tests. Furthermore,
the national media have reported allegations of operational and
management control problems that emerged with the expansion of the
Federal Air Marshal Service, including inadequate background checks and
training, uneven scheduling, and inadequate policies and procedures. We


36
 U.S. General Accounting Office, A Model of Strategic Human Capital Management,
GAO-02-373SP (Washington, D.C.: March 2002).
37
 U.S. General Accounting Office, Major Management Challenges and Program Risks:
Department of Transportation, GAO-03-108 (Washington, D.C.: January 2003).



Page 24                                                               GAO-04-285T
                      reported in January 2003 that TSA had taken the initial steps in
                      establishing a performance management system linked to organizational
                      goals. Such a system will be critical for TSA to motivate and manage staff,
                      ensure the quality of screeners’ performance, and, ultimately, restore
                      public confidence in air travel. In ongoing work, we are examining the
                      effectiveness of TSA’s efforts to train, equip, and supervise passenger
                      screeners, and we are assessing the effects of expansion on the Federal
                      Air Marshal Service.38


                      TSA faces many challenges in strengthening its passenger screening and
Concluding            other security programs. To best address these challenges, it needs the
Observations          information and tools necessary to ensure that its efforts are effective, are
                      appropriately focused, and are achieving expected results. Without
                      knowledge on the effectiveness of its programs, TSA and the public have
                      little assurance regarding the level of security provided, and whether TSA
                      is using its resources to maximize security benefits. As TSA implements
                      new security initiatives and addresses associated challenges, measuring
                      program effectiveness will help it best focus on the areas of greatest need.
                      We are encouraged that TSA is undertaking efforts to develop the
                      information and tools needed to measure its performance.

                      Mr. Chairman, this concludes my statement. I would be pleased to answer
                      any questions that you or other members of the Committee may have.


                      For further information on this testimony, please contact Cathleen A.
Contact Information   Berrick at (202) 512-8777. Individuals making key contributions to this
                      testimony include Mike Bollinger, Lisa Brown, Jack Schulze, and
                      Maria Strudwick.




                      38
                       The Federal Air Marshal Service has been transferred out of TSA and into the
                      Department of Homeland Security’s Bureau of Immigration and Customs Enforcement.




                      Page 25                                                               GAO-04-285T
Related GAO Products


             Aviation Security: Efforts to Measure Effectiveness and Address
             Challenges. GAO-04-232T. Washington, D.C.: November 5, 2003.

             Airport Passenger Screening: Preliminary Observations on Progress
             Made and Challenges Remaining. GAO-03-1173. Washington, D.C.:
             September 24, 2003.

             Aviation Security: Progress since September 11, 2001, and the
             Challenges Ahead. GAO-03-1150T. Washington, D.C.: September 9, 2003

             Transportation Security: Federal Action Needed to Help Address
             Security Challenges. GAO-03-843. Washington, D.C.: June 30, 2003.

             Transportation Security: Post-September 11th Initiatives and Long-
             Term Challenges. GAO-03-616T. Washington, D.C.: April 1, 2003.

             Aviation Security: Measures Needed to Improve Security of Pilot
             Certification Process. GAO-03-248NI. Washington, D.C.: February 3, 2003.
             (NOT FOR PUBLIC DISSEMINATION)

             Aviation Security: Vulnerabilities and Potential Improvements for the
             Air Cargo System. GAO-03-286NI. Washington, D.C.: December 20, 2002.
             (NOT FOR PUBLIC DISSEMINATION)

             Aviation Security: Vulnerabilities and Potential Improvements for the
             Air Cargo System. GAO-03-344. Washington, D.C.: December 20, 2002.

             Aviation Security: Vulnerability of Commercial Aviation to Attacks by
             Terrorists Using Dangerous Goods. GAO-03-30C. Washington, D.C.:
             December 3, 2002

             Aviation Security: Registered Traveler Program Policy and
             Implementation Issues. GAO-03-253. Washington, D.C.: November 22,
             2002.

             Aviation Security: Transportation Security Administration Faces
             Immediate and Long-Term Challenges. GAO-03-971T. Washington, D.C.:
             July 25, 2002.

             Aviation Security: Information Concerning the Arming of Commercial
             Pilots. GAO-02-822R. Washington, D.C.: June 28, 2002.




             Page 26                                                      GAO-04-285T
Aviation Security: Deployment and Capabilities of Explosive Detection
Equipment. GAO-02-713C. Washington, D.C.: June 20, 2002. (CLASSIFIED)

Aviation Security: Information on Vulnerabilities in the Nation’s Air
Transportation System. GAO-01-1164T. Washington, D.C.: September 26,
2001. (NOT FOR PUBLIC DISSEMINATION)

Aviation Security: Information on the Nation’s Air Transportation
System Vulnerabilities. GAO-01-1174T. Washington, D.C.: September 26,
2001. (NOT FOR PUBLIC DISSEMINATION)

Aviation Security: Vulnerabilities in, and Alternatives for, Preboard
Screening Security Operations. GAO-01-1171T. Washington, D.C.:
September 25, 2001.

Aviation Security: Weaknesses in Airport Security and Options for
Assigning Screening Responsibilities. GAO-01-1165T. Washington, D.C.:
September 21, 2001.

Aviation Security: Terrorist Acts Demonstrate Urgent Need to Improve
Security at the Nation’s Airports. GAO-01-1162T. Washington, D.C.:
September 20, 2001.

Aviation Security: Terrorist Acts Illustrate Severe Weaknesses in
Aviation Security. GAO-01-1166T. Washington, D.C.: September 20, 2001.

Responses of Federal Agencies and Airports We Surveyed about Access
Security Improvements. GAO-01-1069R. Washington, D.C.: August 31,
2001.

Responses of Federal Agencies and Airports We Surveyed about Access
Security Improvements. GAO-01-1068R. Washington, D.C.: August 31,
2001. (RESTRICTED)

FAA Computer Security: Recommendations to Address Continuing
Weaknesses. GAO-01-171. Washington, D.C.: December 6, 2000.

Aviation Security: Additional Controls Needed to Address Weaknesses in
Carriage of Weapons Regulations. GAO/RCED-00-181. Washington, D.C.:
September 29, 2000.




Page 27                                                      GAO-04-285T
           FAA Computer Security: Actions Needed to Address Critical Weaknesses
           That Jeopardize Aviation Operations. GAO/T-AIMD-00-330. Washington,
           D.C.: September 27, 2000.

           FAA Computer Security: Concerns Remain Due to Personnel and Other
           Continuing Weaknesses. GAO/AIMD-00-252. Washington, D.C.: August 16,
           2000.

           Aviation Security: Long-Standing Problems Impair Airport Screeners’
           Performance. GAO/RCED-00-75. Washington, D.C.: June 28, 2000.

           Aviation Security: Screeners Continue to Have Serious Problems
           Detecting Dangerous Objects. GAO/RCED-00-159. Washington, D.C.: June
           22, 2000. (NOT FOR PUBLIC DISSEMINATION)

           Security: Breaches at Federal Agencies and Airports. GAO-OSI-00-10.
           Washington, D.C.: May 25, 2000.




(440271)
           Page 28                                                     GAO-04-285T
This is a work of the U.S. government and is not subject to copyright protection in the
United States. It may be reproduced and distributed in its entirety without further
permission from GAO. However, because this work may contain copyrighted images or
other material, permission from the copyright holder may be necessary if you wish to
reproduce this material separately.
                         The General Accounting Office, the audit, evaluation and investigative arm of
GAO’s Mission            Congress, exists to support Congress in meeting its constitutional responsibilities
                         and to help improve the performance and accountability of the federal
                         government for the American people. GAO examines the use of public funds;
                         evaluates federal programs and policies; and provides analyses,
                         recommendations, and other assistance to help Congress make informed
                         oversight, policy, and funding decisions. GAO’s commitment to good government
                         is reflected in its core values of accountability, integrity, and reliability.


                         The fastest and easiest way to obtain copies of GAO documents at no cost is
Obtaining Copies of      through the Internet. GAO’s Web site (www.gao.gov) contains abstracts and full-
GAO Reports and          text files of current reports and testimony and an expanding archive of older
                         products. The Web site features a search engine to help you locate documents
Testimony                using key words and phrases. You can print these documents in their entirety,
                         including charts and other graphics.
                         Each day, GAO issues a list of newly released reports, testimony, and
                         correspondence. GAO posts this list, known as “Today’s Reports,” on its Web site
                         daily. The list contains links to the full-text document files. To have GAO e-mail
                         this list to you every afternoon, go to www.gao.gov and select “Subscribe to e-mail
                         alerts” under the “Order GAO Products” heading.


Order by Mail or Phone   The first copy of each printed report is free. Additional copies are $2 each. A
                         check or money order should be made out to the Superintendent of Documents.
                         GAO also accepts VISA and Mastercard. Orders for 100 or more copies mailed to a
                         single address are discounted 25 percent. Orders should be sent to:
                         U.S. General Accounting Office
                         441 G Street NW, Room LM
                         Washington, D.C. 20548
                         To order by Phone:     Voice:    (202) 512-6000
                                                TDD:      (202) 512-2537
                                                Fax:      (202) 512-6061


                         Contact:
To Report Fraud,
                         Web site: www.gao.gov/fraudnet/fraudnet.htm
Waste, and Abuse in      E-mail: fraudnet@gao.gov
Federal Programs         Automated answering system: (800) 424-5454 or (202) 512-7470


                         Jeff Nelligan, Managing Director, NelliganJ@gao.gov (202) 512-4800
Public Affairs           U.S. General Accounting Office, 441 G Street NW, Room 7149
                         Washington, D.C. 20548