Summary
The war on terrorism has made physical security for federal facilities a governmentwide concern. The Interagency Security Committee (ISC), which is chaired by the Department of Homeland Security (DHS), is tasked with coordinating federal agencies' facility protection efforts, developing protection standards, and overseeing implementation. GAO's objectives were to (1) assess ISC's progress in fulfilling its responsibilities and (2) identify key practices in protecting federal facilities and any related implementation obstacles.
ISC has made progress in coordinating the government's facility protection efforts. In recent years, ISC has taken several actions to develop policies and guidance for facility protection and to share related information. Although its actions to ensure compliance with security standards and oversee implementation have been limited, in July 2004, ISC became responsible for reviewing federal agencies' physical security plans for the administration. ISC, however, lacks an action plan that could be used to provide DHS and other stakeholders with information on, and a rationale for, its resource needs; garner and maintain the support of ISC member agencies, DHS management, Office of Management and Budget, and Congress; identify implementation goals and measures for gauging progress; and propose strategies for addressing various challenges it faces, such as resource constraints. Without an action plan, ISC's strategy and time line for implementing its responsibilities remain unclear. s ISC and agencies have paid greater attention to facility protection in recent years, several key practices have emerged that, collectively, could provide a framework for guiding agencies' efforts. These include allocating resources using risk management; leveraging security technology; coordinating protection efforts and sharing information; measuring program performance and testing security initiatives; realigning real property assets to mission, thereby reducing vulnerabilities; and, implementing strategic human capital management, to ensure that agencies are well equipped to recruit and retain high-performing security professionals. GAO also noted several obstacles to implementation, such as developing quality data for risk management and performance measurement, and ensuring that technology will perform as expected.
Recommendations
Our recommendations from this work are listed below with a Contact for more information. Status will change
from "In process" to "Implemented" or "Not implemented" based on our follow up work.
Director:
Team:
Phone:
Mark L. Goldstein
Government Accountability Office: Physical Infrastructure
(202) 512-6670
Recommendations for Executive Action
Recommendation: The Secretary of Homeland Security should direct the Chair of ISC to develop an action plan that identifies resource needs, implementation goals, and time frames for meeting ISC's ongoing and yet-unfulfilled responsibilities. The action plan should also be used to propose strategies for addressing the range of challenges ISC faces. Such an action plan would provide a road map for DHS to use in developing resource priorities and for ISC to use in communicating its planned actions to agencies and other stakeholders, including Congress.
Agency Affected: Department of Homeland Security: Directorate of Information Analysis and Infrastructure Protection
Status: Implemented
Comments: DHS has issued an Interagency Security Committee Action Plan for calendar years 2007-2008 in response to GAO's recommendation.
Recommendation: The Chair of ISC, with input from ISC member agencies, should consider using our work as a starting point for establishing a framework of key practices that could guide agencies' efforts in the facility protection area. This initiative could subsequently be used by agencies to evaluate their actions, identify lessons learned, and develop strategies for overcoming obstacles.
Agency Affected: Department of Homeland Security: Interagency Security Committee
Status: In process
Comments: Although the Interagency Security Committee (ISC) has developed best practice guidance for some areas like mail handling and the use of escape hoods, it has not yet developed a comprehensive set of key practices for strategically managing facility protection efforts.
