Summary

This report responds to a Congressional request for information regarding critical infrastructure protection within the federal government. In May 1998, Presidential Decision Directive 63 was issued with the intent to eliminate any significant vulnerability to both physical and cyber attacks on the nation's critical infrastructure. It makes every department and agency of the federal government responsible for protecting its own critical physical infrastructure. The Interagency Security Committee (ISC) and all 22 of the agencies GAO reviewed have some role in providing security for office space, although the degree of involvement varied from agency to agency. Other types of security responsibilities include performing security assessments, providing security funding, providing security forces and security technology, and coordination of security efforts among and within agencies. Eleven of the 22 agencies stated that they had completed security assessments on all their facilities since 1995. Nine agencies reported that they were still doing security assessments on their buildings. Two agencies are located in General Service Administration (GSA) space only and GSA is responsible for the security assessments. The agencies provide security using a combination of security forces and security technologies. Security forces are comprised of federal security forces and contract security guards. Examples of security technologies implemented include closed circuit television, X-ray machines, magnetometers and window protection features. The President initially allocated $8.6 million of the $40 billion from the Fiscal Year 2001 Emergency Supplemental Appropriations Act for Recovery from and Response to Terrorist Attacks on the United States to the Federal Buildings Fund, administered by GSA, to provide increased security for federal buildings. The main coordination groups identified as providing coordination among agencies were ISC, the Office of Homeland Security, the Federal Protective Service, the Federal Emergency Management Agency, and the Federal Bureau of Investigation. The impediments to improving security for federal buildings cited by the agencies in the review included difficulty getting lessors to allow federal agencies to implement strengthened security measures in their buildings, and insufficient funding and staff.