Summary
In the 2 years since passage of the Aviation and Transportation Security Act (ATSA), the Transportation Security Administration (TSA) has primarily focused its efforts on improving aviation security through enhanced passenger and baggage screening. The act also contained provisions directing TSA to take actions to improve the security of airport perimeters, access controls, and airport workers. GAO was asked to assess TSA's efforts to: (1) evaluate the security of airport perimeters and the controls that limit access into secured airport areas, (2) help airports implement and enhance perimeter security and access controls by providing them funding and technical guidance, and (3) implement measures to reduce the potential security risks posed by airport workers.
TSA has begun evaluating the security of airport perimeters and the controls that limit access into secured airport areas. Specifically, TSA is conducting compliance inspections and vulnerability assessments at selected airports. These evaluations--though not complete--have identified perimeter and access control security concerns. While TSA officials acknowledged that conducting these airport security evaluations is essential to identifying additional perimeter and access control security measures and prioritizing their implementation, the agency has not determined how the results will be used to make improvements to the entire commercial airport system. TSA has helped some airport operators enhance perimeter and access control security by providing funds for security equipment, such as electronic surveillance systems. TSA has also begun efforts to evaluate the effectiveness of security-related technologies, such as biometric identification systems. However, TSA has not begun to gather data on airport operators' historical funding of security projects and current needs to aid the agency in setting funding priorities. Nor has TSA developed a plan for implementing new technologies or balancing the costs and effectiveness of these technologies with the security needs of individual airport operators and the commercial airport system as a whole. TSA has taken some steps to reduce the potential security risks posed by airport workers. However, TSA had elected not to fully address all related ATSA requirements. In particular, TSA does not require fingerprint-based criminal history checks and security awareness training for all airport workers, as called for in ATSA. Further, TSA has not required airport vendors to develop security programs, another ATSA requirement. TSA said expanding these efforts would require a time-consuming rulemaking process and impose additional costs on airport operators. Finally, although not required by ATSA, TSA has not developed a plan detailing when and how it intends to address these challenges.
Recommendations
Our recommendations from this work are listed below with a Contact for more information. Status will change
from "In process" to "Implemented" or "Not implemented" based on our follow up work.
Director:
Team:
Phone:
Cathleen A. Berrick
Government Accountability Office: Homeland Security and Justice
No phone on record
Recommendations for Executive Action
Recommendation: To help ensure that TSA is able to articulate and justify future decisions on how best to proceed with security evaluations, fund and implement security improvements--including new security technologies--and implement additional measures to reduce the potential security risks posed by airport workers, the Secretary of Homeland Security should direct TSA's Administrator to develop and provide Congress with a plan for meeting the requirements of ATSA.
Agency Affected: Department of Homeland Security: Directorate of Border and Transportation Security: Transportation Security Administration
Status: In process
Comments: Awaiting agency update/additional documentation.
Recommendation: The Secretary of Homeland Security should direct TSA's Administrator to develop and provide Congress with a plan for meeting the requirements of ATSA by establishing schedules and an analytical approach for completing compliance inspections and vulnerability assessments for evaluating airport security.
Agency Affected: Department of Homeland Security: Directorate of Border and Transportation Security: Transportation Security Administration
Status: In process
Comments: This recommendation has been partially addressed. TSA has addressed the portion of the recommendation regarding compliance inspections, but has not addressed the portion regarding vulnerability assessments. The recommendation will be left open until TSA documents actions regarding vulnerability assessments.
Recommendation: The Secretary of Homeland Security should direct TSA's Administrator to develop and provide Congress with a plan for meeting the requirements of ATSA by conducting assessments of technology, compile the results of these assessments as well as assessments conducted independently by airport operators, and communicate the integrated results of these assessments to airport operators.
Agency Affected: Department of Homeland Security: Directorate of Border and Transportation Security: Transportation Security Administration
Status: In process
Comments: Awaiting agency update/additional documentation.
Recommendation: The Secretary of Homeland Security should direct TSA's Administrator to develop and provide Congress with a plan for meeting the requirements of ATSA by using the information resulting from the security evaluation and technology assessment efforts cited above as a basis for providing guidance and prioritizing funding to airports for enhancing the security of the commercial airport system as a whole.
Agency Affected: Department of Homeland Security: Directorate of Border and Transportation Security: Transportation Security Administration
Status: In process
Comments: Awaiting agency update/additional documentation.
Recommendation: The Secretary of Homeland Security should direct TSA's Administrator to develop and provide Congress with a plan for meeting the requirements of ATSA by determining, in conjunction with aviation industry stakeholders, if and when additional security requirements are needed to reduce the risks posed by airport workers and developing related guidance, as needed.
Agency Affected: Department of Homeland Security: Directorate of Border and Transportation Security: Transportation Security Administration
Status: Implemented
Comments: In July 2004, TSA issued security directives addressing the issue of airport employee access to security or restricted airport areas. The primary focus of this directive was to enhance protective measures around the sterile and SIDA areas of each airport. As part of these newly issued security directives, TSA will require enhanced background checks for airport employees working in restricted areas. In addition, TSA issued a security directive addressing the issue of airport tenant (vendor) access to the sterile area of the airport. The primary focus of this directive was to enhance protective measures around the sterile and secure areas of each airport and to further clarify the requirement that workers entering sterile areas be screened at the TSA passenger screening checkpoint. Specifically, this directive required that all employees of airport tenants, who are employed or perform duties in the sterile area of the airport, regardless of the airport ID issued, must access the sterile area through the TSA screening checkpoint or only through those locations approved by the Federal Security Director when the TSA screening checkpoint is closed.
