GAO-04-285T, Aviation Security: Efforts to Measure Effectiveness and Strengthen Security Programs


This is the accessible text file for GAO report number GAO-04-285T 
entitled 'Aviation Security: Efforts to Measure Effectiveness and 
Strengthen Security Programs' which was released on November 20, 2003.

This text file was formatted by the U.S. General Accounting Office 
(GAO) to be accessible to users with visual impairments, as part of a 
longer term project to improve GAO products' accessibility. Every 
attempt has been made to maintain the structural and data integrity of 
the original printed product. Accessibility features, such as text 
descriptions of tables, consecutively numbered footnotes placed at the 
end of the file, and the text of agency comment letters, are provided 
but may not exactly duplicate the presentation or format of the printed 
version. The portable document format (PDF) file is an exact electronic 
replica of the printed version. We welcome your feedback. Please E-mail 
your comments regarding the contents or accessibility features of this 
document to Webmaster@gao.gov.

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately.

Testimony:

Before the Committee on Government Reform, House of Representatives:

United States General Accounting Office:

GAO:

For Release on Delivery Expected at 10:00 a.m. EST:

Thursday, November 20, 2003:

Aviation Security:

Efforts to Measure Effectiveness and Strengthen Security Programs:

Statement of Cathleen A. Berrick, Director, Homeland Security and 
Justice:

GAO-04-285T:

GAO Highlights:

Highlights of GAO-04-285T, a report to the Committee on Government 
Reform, House of Representatives 

Why GAO Did This Study:

Commercial aviation has been a long-standing target for terrorists. 
Since the tragic attacts of September 11, 2001, substantial changes 
have been made to enhance security—including the creation of the 
Transportation Security Administration (TSA) and the federalization of 
the passenger screener workforce. However, despite these changes, 
vulnerabilities in aviation security continue to exist. Accordingly, 
GAO was asked to describe TSA’s efforts to (1) measure the 
effectiveness of its aviation security initiatives, (2) strengthen its 
passenger screening program, and (3) address additional challenges in 
further enhancing aviation security.

What GAO Found:

TSA has implemented numerous initiatives designed to enhance aviation 
security, but has collected limited information on the effectiveness 
of these initiatives in protecting commercial aircraft. Our recent 
work on passenger screening found that little testing or other data 
exist that measure the performance of screeners in detecting threat 
objects. However, TSA is taking steps to collect additional data, 
including developing a 5-year performance plan detailing numerous 
performance measures, as well as fielding the Threat Image Projection 
system and increasing screener testing.

In addition to collecting performance data, TSA could further 
strengthen passenger screening by fully deploying recurrent and 
supervisory training programs, determining the appropriate levels of 
screeners at the nation’s airports, and improving oversight of the 
contract screener pilot program. Although TSA has developed and 
deployed basic and remedial training programs, it has not fully 
developed or deployed recurrent or supervisory training programs. In 
addition, TSA acknowledged that its initial staffing efforts created 
imbalances at the nation’s airports, and that it has taken limited 
action to assess the performance of the pilot airports using private, 
versus federal, screeners. TSA is undertaking a number of actions to 
address these concerns, including strengthening its training program 
and awarding contracts to assess its staffing model and the 
performance of the contract pilot airports. 

TSA faces a number of other challenges as it continues to enhance 
aviation security. Significant challenges include implementing the 
Computer-Assisted Passenger Prescreening System (CAPPS II), as well as 
strengthening baggage screening, airport perimeter and access 
controls, and air cargo and general aviation security. In implementing 
CAPPS II, TSA must ensure it addresses concerns surrounding travelers’ 
privacy rights, the accuracy of databases used by CAPPS II, and 
obtaining international cooperation needed for the system to be fully 
operational. Additional challenges include integrating explosive 
detection systems into airport’s in-line baggage handling systems, 
identifying cost-effective perimeter security technologies, 
effectively targeting air cargo for screening, and improving security 
at general aviation airports. Further, TSA faces challenges in funding 
increased aviation security measures and ensuring that these costs are 
controlled.


What GAO Recommends:

In prior reports and testimonies, GAO has made numerous 
recommendations to strengthen aviation security. We also have ongoing 
reviews assessing many of the issues addressed in this testimony and 
will issue separate reports on these areas at a later date.

www.gao.gov/cgi-bin/getrpt?GAO-04-285T.

To view the full product, including the scope and methodology, click 
on the link above. For more information, contact Cathleen A. Berrick 
at (202) 512-8777 or Berrickc@gao.gov.

[End of section]

Mr. Chairman and Members of the Committee:

Thank you for inviting me to participate in today's hearing to discuss 
our recent work on the Transportation Security Administration's (TSA) 
efforts to assess its performance and strengthen its security programs, 
to include passenger screening. Securing commercial aviation is a 
daunting task--with hundreds of airports, thousands of aircraft, and 
tens of thousands of flights daily carrying millions of passengers and 
pieces of baggage and cargo. Since the attacks of September 11, 2001, 
billions of dollars have been spent, and a wide variety of programs and 
initiatives have been implemented to enhance aviation security. 
However, recent reviews and covert testing conducted by GAO and the 
Department of Homeland Security's Office of Inspector General, as well 
as recent media reports, indicate that weaknesses and vulnerabilities 
in commercial aviation continue to exist. For example, the incident 
involving a college student who placed box cutters, clay resembling 
plastic explosives, and bleach on commercial aircraft show that 
aviation security can still be compromised.

My testimony today highlights three key areas that TSA must focus on to 
enhance aviation security. These areas include (1) measuring the 
effectiveness of TSA's aviation security initiatives that have already 
been implemented, (2) strengthening its passenger screening program, 
and (3) addressing key programmatic and management challenges to 
further enhance aviation security. My testimony is based on our prior 
work, reviews of TSA documentation, and interviews with TSA officials.

In summary:

Although TSA has implemented numerous programs and initiatives to 
enhance aviation security, it has collected limited information on the 
effectiveness of these programs and initiatives. Our recent work on 
TSA's passenger screening program showed that although TSA has made 
enhancements in passenger screening, it has collected limited data on 
screeners' ability to detect threat objects. The Aviation and 
Transportation Security Act (ATSA), which was established with the 
primary goal of strengthening aviation security, requires that TSA 
establish acceptable levels of performance for security initiatives and 
develop annual performance plans and reports to measure and document 
the effectiveness of those initiatives.[Footnote 1] Although TSA has 
developed an annual performance plan and report as required by ATSA, to 
date these tools have focused on TSA's progress in meeting deadlines to 
implement programs and initiatives mandated by ATSA rather than on the 
effectiveness of these programs and initiatives. TSA has recognized 
that it has collected limited performance data on its security 
initiatives, and is taking steps to collect additional data, including 
developing a 5-year performance plan, and increasing passenger screener 
testing.

Our recent work on TSA's passenger screening program showed that the 
program can be strengthened in the areas of training, staffing, and the 
contract screener pilot program.[Footnote 2] Although TSA has developed 
and deployed basic and remedial training programs, it has not fully 
developed or deployed recurrent or supervisory training programs to 
ensure that screeners are effectively trained and supervised. In 
addition, TSA has acknowledged that its initial screener staffing 
levels created imbalances at the nation's airports--a situation that it 
is attempting to address. TSA also has not yet determined how to 
evaluate and measure the performance of its contract screening pilot 
program. Since we issued our preliminary report on TSA's passenger 
screening program in September 2003, TSA has taken a number of actions 
to address these concerns, including enhancing its recurrent and 
supervisory training programs, and awarding a contract to assess the 
contract screening pilot program. However, TSA has recognized that 
assessing the performance of the pilot airports will be difficult 
because of a lack of performance data.

TSA faces a number of other challenges as it continues to address 
threats to our nation's aviation system. Significant challenges include 
implementing various aviation security programs, such as the Computer-
Assisted Passenger Prescreening System[Footnote 3] (CAPPS II), and 
addressing broader security concerns related to the security of air 
cargo and general aviation.[Footnote 4] TSA also faces challenges in 
managing the costs of aviation security and in strategically managing 
its workforce of about 60,000 people, most of whom are deployed at 
airports to detect weapons and explosives. TSA has been addressing 
these and other challenges through a variety of efforts. We have work 
in progress that is examining TSA's efforts in addressing many of these 
challenges.

Background:

The security of the U.S. commercial aviation system has been a long-
standing concern. As demonstrated by the 1988 bombing of a U.S. 
airliner over Lockerbie, Scotland, and the 1995 plot to blow up 12 U.S. 
aircraft in the Pacific region discovered by Philippine authorities, 
U.S. commercial aircraft have long been a target for terrorist attacks. 
Over the years, numerous initiatives have been undertaken to improve 
aviation security. However, as we and others have documented in 
numerous reports and studies, weaknesses continue to exist. It was 
because of these weaknesses that terrorists were able to hijack four 
commercial aircraft on September 11, 2001, with tragic results.

In an effort to strengthen the security of commercial aviation, the 
President signed into law the Aviation and Transportation Security Act 
(ATSA) on November 19, 2001. ATSA created TSA as an agency within the 
Department of Transportation with the responsibility for securing all 
modes of transportation, including aviation. ATSA mandated specific 
improvements to aviation security and established deadlines for 
completing many of these initiatives. Consequently, TSA's main focus 
during its first year of operation was on meeting these deadlines, 
particularly federalizing the screener workforce at commercial airports 
nationwide by November 19, 2002, while at the same time establishing a 
new federal organization from the ground up. On March 1, 2003, pursuant 
to the Homeland Security Act, TSA was transferred from the Department 
of Transportation to the new Department of Homeland Security.[Footnote 
5]

Virtually all aviation security responsibilities now reside with TSA. 
One of the most substantial of these is passenger screening. Passenger 
screening involves the use of metal detectors, X-ray machines, 
explosive trace detection machines, and physical searches to examine 
passengers and their baggage to identify threat objects. Passenger 
screening has historically been an area of concern. As we reported in 
1987, and again in 2000, passenger screeners who conducted these 
examinations have had difficultly in detecting weapons and other 
dangerous objects. At the time we issued these reports, air carriers 
were responsible for performing passenger screening. With the passage 
of ATSA, this responsibility has now become the responsibility of TSA. 
TSA is also responsible for ensuring the security of air cargo, 
limiting access to restricted areas of airports to authorized 
personnel, securing airport perimeters, and conducting background 
checks for airport personnel, among other responsibilities.

Limited Information Exists on the Effectiveness of Aviation Security 
Initiatives:

TSA has implemented numerous initiatives designed to enhance aviation 
security, but it has collected limited information on the effectiveness 
of these initiatives, particularly its passenger screening program. 
ATSA requires that TSA establish acceptable levels of performance and 
develop annual performance plans and reports to measure and document 
the effectiveness of its security initiatives.[Footnote 6] Although TSA 
has developed these performance tools as required by ATSA, the tools 
currently focus on TSA's progress toward meeting ATSA deadlines, rather 
than on the effectiveness of its programs and initiatives. Although TSA 
has collected limited data on the effectiveness of its initiatives, it 
is taking several steps to collect objective data to assess its 
performance.

Evaluation of Program Effectiveness:

Although there are a number of methods that TSA can use to measure the 
effectiveness of its passenger screening program, none are being fully 
utilized. As we reported in September 2003,[Footnote 7] the primary 
source of information collected on screeners' ability to detect threat 
objects is covert testing conducted by TSA's Office of Internal Affairs 
and Program Review. However, TSA does not consider the results of these 
covert tests as a measure of performance, but rather a "snapshot" of a 
screener's ability to detect threat objects at a particular point in 
time and as a system-wide performance indicator. At the time we issued 
our report, the Office of Internal Affairs and Program Review had 
conducted 733 covert tests of passenger screeners at 92 airports. As a 
result, only a small percentage of TSA's passenger screeners had been 
subject to a covert test.

In addition to conducting covert tests at screening checkpoints, TSA 
conducts tests to determine whether the current Computer-Assisted 
Passenger Screening System is working as designed; threat objects are 
detected during the screening of checked baggage; and access to 
restricted areas of the airport is limited only to authorized 
personnel.[Footnote 8] While the Office of Internal Affairs and Program 
Review has conducted about 2,000 access tests, it has conducted only 
168 Computer-Assisted Passenger Screening System and checked baggage 
tests. Based on an anticipated increase in staff from about 100 in 
fiscal year 2003 to 200 in fiscal year 2004, the Office of Internal 
Affairs and Program Review plans to conduct twice as many covert tests 
next year.[Footnote 9]

Another key source of data on screener performance in detecting threat 
objects is the Threat Image Projection (TIP) system, which places 
images of threat objects on the X-ray screen during actual operations 
and records whether screeners identify the threat object.[Footnote 10] 
The Federal Aviation Administration began deploying TIP in late 1999 to 
continually measure screener performance and to train screeners in 
becoming more adept at detecting hard-to-spot threat objects. However, 
TIP was shut down immediately following the September 11 terrorist 
attacks because of concerns that it would result in screening delays 
and panic, as screeners might have thought that they were actually 
viewing a threat object. Although TSA officials recognized that TIP is 
a key tool in measuring, maintaining, and enhancing screener 
performance, they only recently began reactivating TIP on a wide-scale 
basis because of competing priorities, a lack of training, and a lack 
of resources needed to deploy TIP activation teams. As TIP becomes 
operational at each airport, TSA headquarters and federal security 
directors[Footnote 11] will have the capability to query and analyze 
performance data in a number of ways, including by individual 
screeners, checkpoints, terminals, and airports. TIP is expected to be 
fully deployed and operational by April 2004.

When fully deployed, the annual screener recertification test results 
will provide another source of data on screener performance. ATSA 
requires that TSA collect performance information on each screener 
through conducting an annual proficiency review to ensure he or she 
continues to meet all qualifications and standards required to perform 
the screening function. Although TSA began deploying federal screeners 
to airports in April 2002, TSA only recently began implementing the 
annual recertification program and does not expect to complete testing 
at all airports until March 2004. The recertification testing is 
comprised of three components: (1) image recognition; (2) knowledge of 
standard operating procedures; and (3) practical demonstration of 
skills, to be administered by a contractor. TSA officials consider 
28,000 screeners as having completed the first two components because 
they successfully passed competency tests TSA administered at many 
airports as part of a screener workforce reduction effort. However, 
these competency tests did not include the third component of TSA's 
planned annual screener recertification program--the practical 
demonstration of skills. TSA officials awarded a contract for this 
component of the annual proficiency reviews in September 2003.

TSA's Performance Management Information System for passenger and 
baggage screening operations is also designed to collect performance 
data, but currently it contains limited information on screener 
performance in detecting threat objects. The Performance Management 
Information System collects a wide variety of metrics on workload, 
staffing, and equipment and is used to identify some performance 
indicators, such as the level of absenteeism, the average time for 
equipment repairs, and the status of TSA's efforts to meet goals for 
100 percent electronic baggage screening.[Footnote 12] However, the 
system does not contain any performance metrics related to the 
effectiveness of passenger screening. TSA is planning to integrate 
performance information from various systems into the Performance 
Management Information System to assist the agency in making strategic 
decisions. TSA further plans to continuously enhance the system as it 
learns what data are needed to best manage the agency. In addition to 
making improvements to the Performance Management Information System, 
TSA is currently developing performance indexes for both individual 
screeners and the screening system as a whole. The screener performance 
index will be based on data such as the results of training and 
recertification tests, and the index for the screening system will be 
based on information such as TIP results. TSA has not yet fully 
established its methodology for developing the indexes, but it expects 
to have them developed by the end of fiscal year 2004.

Performance Evaluation Tools under Development:

TSA has recognized the need to strengthen the assessment of its 
performance, and it has initiated efforts to develop and implement 
strategic and performance plans to clarify goals, establish performance 
measures, and evaluate the performance of its security initiatives. 
Strategic plans are the starting point for an agency's planning and 
performance measurement efforts. Strategic plans include a 
comprehensive mission statement based on the agency's statutory 
requirements, a set of outcome-related strategic goals, and a 
description of how the agency intends to achieve these goals. The 
Government Performance and Results Act (GPRA)[Footnote 13] establishes 
a framework for strategic plans that requires agencies to:

* clearly establish results-oriented performance goals in strategic and 
annual performance plans for which they will be held accountable,

* measure progress toward achieving those goals,

* determine the strategies and resources needed to effectively 
accomplish the goals,

* use performance information to make programmatic decisions necessary 
to improve performance, and:

* formally communicate results in performance reports.

Although the Department of Homeland Security plans to issue one 
strategic plan for the department, it plans to incorporate strategic 
planning efforts from each of its component agencies. TSA recently 
completed a draft of its input into the Department of Homeland 
Security's strategic plan. TSA officials stated that the draft is 
designed to ensure their security initiatives are aligned with the 
agency's goals and objectives and that these initiatives represent the 
most efficient use of their resources. TSA officials submitted the 
draft plan to stakeholders in September 2003 for their review and 
comment. The Department of Homeland Security plans to issue its 
strategic plan by the end of the year.[Footnote 14]

In addition to developing a strategic plan, TSA is developing a 
performance plan to help it evaluate the current effectiveness and 
levels of improvement in its programs, based on established performance 
measures. TSA submitted to the Congress a short-term performance plan 
in May 2003, as required by ATSA, that included performance goals and 
objectives. The plan also included an initial set of 32 performance 
measures, including the percentage of bags screened by explosive 
detection systems and the percentage of screeners in compliance with 
training standards. However, these measures were primarily output-based 
(measuring whether specific activities were achieved) and did not 
measure the effectiveness of TSA's security initiatives. TSA officials 
acknowledge that the goals and measures included in the report were 
narrowly focused and that in moving forward additional performance-
based measures are needed.

In addition to developing a short-term performance plan, ATSA also 
requires that TSA develop a 5-year performance plan and annual 
performance report, including an evaluation of the extent to which its 
goals and objectives were met. TSA is currently developing performance 
goals and measures as part of its annual planning process and will 
collect baseline data throughout fiscal year 2004 to serve as a 
foundation for its performance targets. TSA also plans to increase its 
focus on measuring the effectiveness of various aspects of the aviation 
security system in its 5-year performance plan. According to TSA's 
current draft strategic plan, which outlines its overall goals and 
strategies for fiscal years 2003 through 2008, its efforts to measure 
the effectiveness of the aviation security system will include:

* random and scheduled reviews of the efficiency and effectiveness of 
security processes;

* oversight of compliance with security standards and approved programs 
through a combination of inspections, testing, interviews, and record 
reviews--to include TIP;

* measurement of performance against standards to ensure expected 
standards are met to drive process improvements; and:

* collection and communication of performance data using a state-of-
the-art data collection and reporting system.

In our January 2003 report on TSA's actions and plans to build a 
results-oriented culture, we recommended next steps that TSA should 
take to strengthen its strategic planning efforts.[Footnote 15] These 
steps include establishing security performance goals and measures for 
all modes of transportation that involves stakeholders, and applying 
practices that have been shown to provide useful information in agency 
performance plans. We also identified practices that TSA can apply to 
ensure the usefulness of its required 5-year performance plan to TSA 
managers, the Congress, and other decision makers or interested 
parties. Table 1 outlines the practices we identified for TSA.

Table 1: Summary of Opportunities to Help Ensure Useful Annual Plans 
and Applied Practices:

Opportunities to help ensure useful annual plans: Articulate a results 
orientation; Applied practices: 1. Create a set of performance goals 
and measures that addresses important dimensions of program performance 
and balances competing priorities; 2. Use intermediate goals and 
measures to show progress or contribution to intended results; 3. 
Include explanatory information on the goals and measures; 4. Develop 
performance goals to address mission-critical management problems; 5. 
Show baseline and trend data for past performance; 6. Identify 
projected target levels of performance for multiyear goals; 7. Link 
the goals of component organizations to departmental strategic goals.

Opportunities to help ensure useful annual plans: Coordinate cross-
cutting programs; Applied practices: 8. Identify programs that 
contribute to the same or similar results; 9. Set complementary 
performance goals to show how differing program strategies are mutually 
reinforcing and establish common or complementary performance measures, 
as appropriate; 10. Describe--briefly or refer to a separate document-
-planned coordination strategies.

Opportunities to help ensure useful annual plans: Show how strategies 
will be used to achieve goals; Applied practices: 11. Link strategies 
and programs to specific performance goals and describe how they will 
contribute to the achievement of those goals; 12. Describe strategies 
to leverage or mitigate the effects of external factors on the 
accomplishment of performance goals; 13. Discuss strategies to resolve 
mission-critical management problems; 14. Discuss--briefly or refer to 
a separate plan--plans to ensure that mission-critical processes and 
information systems function properly and are secure.

Opportunities to help ensure useful annual plans: Show performance 
consequences of budget and other resource decisions; Applied practices: 
15. Show how budgetary resources relate to the achievement of 
performance goals; 16. Discuss--briefly and refer to the agency 
capital plan--how proposed capital assets (specifically information 
technology investments) will contribute to achieving performance 
goals; 17. Discuss--briefly or refer to a separate plan--how the 
agency will use its human capital.

Opportunities to help ensure useful annual plans: Build the capacity to 
gather and use performance information; Applied practices: 18. Identify 
internal and external sources of data; 19. Describe efforts to verify 
and validate performance data; 20. Identify actions to compensate for 
unavailable or low-quality data; 21. Discuss implications of data 
limitations for assessing performance.

Source: GAO.

[End of table]

TSA agreed with our recommendations and plans to incorporate these 
principles into its 5-year performance plan and annual performance 
report. TSA plans to complete its 5-year performance plan and annual 
performance report by February 2004, as required by GPRA.

The Congress has also recognized the need for TSA to measure the 
effectiveness of its security initiatives and, as part of the Federal 
Aviation Administration's (FAA) reauthorization act--Vision 100: 
Century of Aviation Reauthorization Act--is currently considering a 
provision that would require the Secretary of the Department of 
Homeland Security to conduct a study of the effectiveness of the 
aviation security system.

Challenges in Strengthening TSA's Passenger Screening Program:

In addition to collecting performance data on the effectiveness of its 
passenger screening program, TSA can strengthen other areas of the 
program to help improve screeners' ability to detect threat objects. In 
our September 2003 report that discussed our preliminary observations 
on TSA's passenger screening program, we noted that TSA can strengthen 
recurrent and supervisory training, staffing of screeners, and 
oversight of its contract screener pilot program. Since that report was 
issued, TSA has identified a number of actions it has taken or plans to 
take to address these concerns. We will be reviewing TSA's efforts to 
address these challenges as part of our ongoing review of this program.

Recurrent and Supervisory Training Programs Not Fully Developed:

In fulfilling its passenger screening mandate, TSA must ensure that 
screeners are adequately trained and sufficiently skilled in 
identifying threat or dangerous objects at screening checkpoints. To 
help accomplish this, TSA has developed and deployed basic and remedial 
screener training programs. Basic screener training consists of 40 
hours of classroom instruction and 60 hours of on-the-job training that 
screeners must successfully complete prior to making independent 
screening decisions. Additionally, TSA requires remedial training for 
any screener who fails an operational test and prohibits screeners from 
performing the screening function related to the test they failed until 
they successfully complete remedial training. TSA screening supervisors 
may also require remedial training for screeners they observe needing 
strengthening of their skills.

Although TSA has deployed basic and remedial training programs, it has 
not fully developed or deployed recurrent or supervisory training 
programs to ensure that screeners are effectively trained and 
supervised. Recurrent training--the ongoing training of screeners on a 
frequent basis--is critical in maintaining and enhancing screener 
skills. Although TSA has not fully developed a recurrent training 
program, it is in the process of deploying six recurrent training 
modules and is pilot testing an Online Learning Management System for 
recurrent training comprised of about 360 components. TSA officials 
said that budget limitations had delayed implementation of the 
recurrent training modules and the online learning system.

Similarly, TSA has not fully developed or deployed a supervisory 
training program, even though it describes its screening supervisors as 
the key to a strong defense in detecting threat objects. However, TSA 
is taking steps in developing such a program, including working with 
the U.S. Department of Agriculture's Graduate School to tailor its off-
the-shelf supervisory course to meet the specific training needs of 
TSA's screening supervisors. TSA reported that it is sending 
supervisors to the U.S. Department of Agriculture off-the-shelf 
supervisory course until the customized course is fielded in 2004. TSA 
also plans to establish a technical supervisor training component for 
recurrent training.

TSA Continues to Work to Identify Appropriate Staffing Levels at 
Airports:

To conduct passenger and baggage screening functions at the nation's 
airports, TSA hired about 56,000 screeners. Initially, screener staff 
levels for all airports was developed by TSA headquarters without 
active input from the agency's federal security directors who are 
responsible for overseeing security at each of the nation's commercial 
airports. This has led to staffing imbalances, and concern by federal 
security directors that they had limited authority to respond to 
airport-specific staffing needs, such as reacting to fluctuations in 
daily and seasonal passenger flow. TSA officials acknowledged that 
their initial staffing efforts created imbalances in the screener 
workforce, and reported that as they work to further reduce the 
screener workforce,[Footnote 16] they will solicit input from the 
Federal Security Directors as well as airport and air carrier 
officials. TSA has also taken steps such as authorizing the hiring of 
part-time screeners at over 200 airports--the first of whom began 
working in September 2003.

To better address airport-specific staffing needs and accomplish 
workforce reduction goals, TSA developed its current screener staffing 
levels using a computer-based modeling process that took into account 
the number of screening checkpoints and lanes at an airport; 
originating passengers; the number of airport workers requiring 
screening; projected air carrier service increases and decreases during 
the year; and hours needed to accommodate screener training, leave, and 
breaks. TSA recently hired an outside consultant to conduct a study of 
screener staffing levels at various airports. TSA officials stated that 
they will continue to review the staffing allocation process through 
the modeling efforts to assess air carrier and airport growth patterns, 
and adjustments will be made as appropriate. We will continue to review 
TSA's staffing efforts as part of our ongoing review.

Assessment of Contract Screening Pilot Program:

Consistent with ATSA, TSA implemented a pilot program using contract 
screeners at five commercial airports. The purpose of the 2-year pilot 
program is to determine the feasibility of using private screening 
companies rather than federal screeners. TSA initially required private 
screening companies to adhere to all of the procedures and protocols 
used by federal screeners. As a result, these airports had limited 
flexibility in running screening operations. However, TSA recently 
provided the contractors with some flexibility, such as allowing them 
to determine and maintain their own staffing levels and to make 
independent hiring decisions. ATSA gives all airport operators the 
option of applying to change from using federal screeners to using 
private screeners beginning in November 2004.

TSA has not yet determined how to evaluate and measure the performance 
of the pilot program airports or determine the feasibility of using 
contract screening companies. TSA recently awarded a contract to 
BearingPoint, Inc., to compare the performance of pilot screening with 
federal screening, including the overall strengths and weaknesses of 
both systems, and determine the reasons for any differences.[Footnote 
17] The evaluation is scheduled to be completed by March 31, 
2004.[Footnote 18] TSA has acknowledged that designing an effective 
evaluation of the screeners at the pilot airports will be challenging 
because key operational areas, including training, assessment, 
compensation, and equipment, have to a large extent been held constant 
across all airports, and therefore are not within the control of the 
private screening companies.[Footnote 19] In its request for proposal 
for the pilot airport evaluation, TSA identified several data sources 
for the evaluation, including the Performance Management Information 
System and the Office of Internal Affairs and Program Review's covert 
testing of passenger screeners. However, as we recently reported, data 
from these systems in measuring the effectiveness of screening 
operations is limited. As a result, it will be a challenge for TSA to 
effectively compare the performance of the contract pilot airports with 
that of airports using federal screeners.

In conjunction with this evaluation, TSA will need to plan for the 
possible transition of airports from a federal system to a private 
screening company. Numerous airport operators have expressed an 
interest in obtaining more information to assist in their decision 
regarding using private screeners. Specifically, airport operators 
stated that they would like to determine who would bear responsibility 
for funding the screening contract, airport liability in the event of 
an incident linked to a screener failure, how well the current pilot 
program airports are performing, performance standards to which 
contract screeners would be held, and TSA's role in overseeing 
contracted screening. If airports are permitted to opt out of using 
federal screeners, this could have a significant impact on TSA's role 
in overseeing the screening function as well as the number of federal 
screeners needed.

TSA Faces Additional Programmatic and Management Challenges:

In addition to the challenges it faces in conducting its passenger 
screening program and assessing program effectiveness, TSA faces a 
number of other programmatic and management challenges in strengthening 
aviation security. These challenges include implementing the new 
Computer-Assisted Passenger Prescreening System; strengthening baggage 
screening, airport perimeter and access controls, air cargo, and 
general aviation security; managing the costs of aviation security 
initiatives; and managing human capital. TSA has been addressing these 
challenges through a variety of efforts. We have work in progress that 
is examining TSA's efforts in most of these areas, and we will be 
reporting on TSA's progress in the future.

Computer-Assisted Passenger Prescreening System (CAPPS II):

TSA is developing a new Computer-Assisted Passenger Prescreening 
System, or CAPPS II. This system is intended to replace the current 
Computer-Assisted Passenger Screening program, which was developed in 
the mid-1990s by the Federal Aviation Administration to enable air 
carriers to identify passengers requiring additional security 
attention. The current system is maintained as a part of the airlines' 
reservation systems and, operating under federal guidelines, uses a 
number of behavioral characteristics to select passengers for 
additional screening.

In the wake of the September 11, 2001, terrorist attacks, a number of 
weaknesses in the current prescreening program were exposed. For 
example, although the characteristics used to identify passengers for 
additional screening are classified, several have become public 
knowledge through the press or on the Internet. Although enhancements 
have been made to address some of these weaknesses, the behavioral 
traits used in the system may not reflect current intelligence 
information. It is also difficult to quickly modify the system to 
respond to real-time changes in threats. Additionally, because the 
current system operates independently within each air carrier 
reservation system, changes to each air carrier's system to modify the 
prescreening system can be costly and time-consuming.

In contrast, CAPPS II is planned to be a government-run program that 
will provide real-time risk assessment for all airline passengers. 
Unlike the current system, TSA is designing CAPPS II to identify and 
compare personal information with commercially available data to 
confirm a passenger's identity. The system will then run the 
identifying information against government databases and generate a 
"risk" score for the passenger. The risk score will determine the level 
of screening that the passenger will undergo before boarding. TSA 
currently estimates that initial implementation of CAPPS II will occur 
during the fall of 2004, with full implementation expected by the fall 
of 2005.

TSA faces a number of challenges that could impede its ability to 
implement CAPPS II. Among the most significant are the following:

* concerns about travelers' privacy rights and the safeguards 
established to protect passenger data;

* the accuracy of the databases being used by the CAPPS II system and 
whether inaccuracies could generate a high number of false positives 
and erroneously prevent or delay passengers from boarding their 
flights;

* the length of time that data will be retained by TSA;

* the availability of a redress process through which passengers could 
get erroneous information corrected;

* concerns that identify theft, in which someone steals relevant data 
and impersonates another individual to obtain that person's low risk 
score, may not be detected and thereby negate the security benefits of 
the system; and:

* obtaining the international cooperation needed for CAPPS II to be 
fully effective, as some countries consider the passenger information 
required by CAPPS II as a potential violation of their privacy laws.

We are currently assessing these and other challenges in the 
development and implementation of the CAPPS II system and expect to 
issue a final report on our work in early 2004.

Checked Baggage Screening:

Checked baggage represents a significant security concern, as explosive 
devices in baggage can, and have, been placed in aircraft holds. ATSA 
required screening of all checked baggage on commercial aircraft by 
December 31, 2002, using explosive detection systems to electronically 
scan baggage for explosives. According to TSA, electronic screening can 
be accomplished by bulk explosives detection systems (EDS)[Footnote 20] 
or explosives trace detection (ETD) systems.[Footnote 21] However, TSA 
faced challenges in meeting the mandated implementation date. First, 
the production capabilities of EDS manufacturers were insufficient to 
produce the number of units needed. Additionally, according to TSA, it 
was not possible to undertake all of the airport modifications 
necessary to accommodate the EDS equipment in each airport's baggage-
handling area. In order to ensure that all checked baggage is screened, 
TSA established a program that uses alternative measures, including 
explosives-sniffing dogs, positive passenger bag match,[Footnote 22] 
and physical hand searches at airports where sufficient EDS or ETD 
technology was not available. Section 425 of the Homeland Security Act 
allowed the Under Secretary for Transportation Security to grant 
airports unable to meet the December 31, 2002, 100 percent screening 
deadline an extension until December 31, 2003. Although TSA has made 
progress in implementing EDS technology at more airports, it has 
reported that it will not meet the revised mandate for 100 percent 
electronic screening of all checked baggage. Specifically, as of 
October 2003, TSA reported that it will not meet the deadline for 
electronic screening by December 31, 2003, at five airports. Airport 
representatives with whom we spoke expressed concern that there has not 
been enough time to produce, install, and integrate all of the systems 
required to meet the deadline.

In addition to fielding the EDS systems at airports, difficulties exist 
in integrating these systems into airport baggage-handling systems. For 
those airports that have installed EDS equipment, many have been 
located in airport lobbies as stand-alone systems. The chief drawback 
of stand-alone systems is that because of their size and weight there 
is a limit to the number of units that can be placed in airport 
lobbies, and numerous screeners are required to handle the checked bags 
because each bag must be physically conveyed to the EDS machines and 
then moved back to the conveyor system for transport to the baggage-
handling room in the air terminal. Some airports are in the process of 
integrating the EDS equipment inline with the conveyor belts that 
transport baggage from the ticket counter to the baggage-handling area. 
However, the reconfiguring of airports for in-line checked baggage 
screening can be extensive and costly.[Footnote 23] TSA has reported 
that in-line EDS equipment installation costs range from $1 million to 
$3 million per piece of equipment. In February 2003, we identified 
letters of intent[Footnote 24] as a funding option that has been 
successfully used to leverage private sources of funding.[Footnote 25] 
TSA has since written letters of intent covering seven airports 
promising multiyear financial support totaling over $770 million for 
in-line integration of EDS equipment.[Footnote 26] Further, TSA 
officials have stated that they have identified 25 to 35 airports as 
candidates for further letters of intent pending Congressional 
authorization of funding. We are examining TSA's baggage screening 
program, including its issuance of letters of intent, in an ongoing 
assignment.

Perimeter and Access Controls:

Prior to September 2001, work performed by GAO and others highlighted 
the vulnerabilities in controls for limiting access to secure airport 
areas. In one report, we noted that GAO special agents were able to use 
fictitious law enforcement badges and credentials to gain access to 
secure areas, bypass security checkpoints, and walk unescorted to 
aircraft departure gates.[Footnote 27] The agents, who had been issued 
tickets and boarding passes, could have carried weapons, explosives, or 
other dangerous objects onto aircraft. Concerns over the adequacy of 
the vetting process for airport workers who have unescorted access to 
secure airport areas have also arisen, in part as a result of federal 
agency airport security sweeps that uncovered hundreds of instances in 
which airport workers lied about their criminal history, or immigration 
status, or provided false or inaccurate Social Security numbers on 
their application for security clearances to obtain employment.

ATSA contains provisions to improve perimeter access security at the 
nation's airports and strengthen background checks for employees 
working in secure airport areas, and TSA has made some progress in this 
area. For example, federal mandates were issued to strengthen airport 
perimeter security by limiting the number of airport access points, and 
they require random screening of individuals, vehicles, and property 
before entry at the remaining perimeter access points. Further, TSA 
made criminal history checks mandatory for employees with access to 
secure or sterile airport areas. To date, criminal history checks have 
been conducted on approximately 1 million of these employees. TSA also 
has plans to develop a pilot airport security program and is reviewing 
security technologies in the areas of biometrics access control 
identification systems (i.e., fingerprints or iris scans), anti-
piggybacking technologies (to prevent more than one employee from 
entering a secure area at a time), and video monitoring systems for 
perimeter security. TSA solicited commercial airport participation in 
the program. It is currently reviewing information from interested 
airports and plans to select 20 airports for the program.

Although progress has been made, challenges remain with perimeter 
security and access controls at commercial airports. Specifically, ATSA 
contains numerous requirements for strengthening perimeter security and 
access controls, some of which contained deadlines, which TSA is 
working to meet. In addition, a significant concern is the possibility 
of terrorists using shoulder-fired portable missiles from locations 
near the airport. We reported in June 2003 that airport operators have 
increased their patrols of airport perimeters since September 2001, but 
industry officials stated that they do not have enough resources to 
completely protect against missile attacks.[Footnote 28] A number of 
technologies could be used to secure and monitor airport perimeters, 
including barriers, motion sensors, and closed-circuit television. 
Airport representatives have cautioned that as security enhancements 
are made to airport perimeters, it will be important for TSA to 
coordinate with the Federal Aviation Administration and the airport 
operators to ensure that any enhancements do not pose safety risks for 
aircraft. To further examine these threats and challenges, we have 
ongoing work assessing TSA's progress in meeting ATSA provisions 
related to improving perimeter security, access controls, and 
background checks for airport employees and other individuals with 
access to secure areas of the airport, as well as the nature and extent 
of the threat from shoulder-fired missiles.

Air Cargo Security:

As we and the Department of Transportation's Inspector General have 
reported, vulnerabilities exist in ensuring the security of cargo 
carried aboard commercial passenger and all-cargo aircraft. TSA has 
reported that an estimated 12.5 million tons of cargo are transported 
each year--9.7 million tons on all-cargo planes and 2.8 million tons on 
passenger planes. Potential security risks are associated with the 
transport of air cargo--including the introduction of undetected 
explosive and incendiary devices in cargo placed aboard aircraft. To 
reduce these risks, ATSA requires that all cargo carried aboard 
commercial passenger aircraft be screened and that TSA have a system in 
place as soon as practicable to screen, inspect, or otherwise ensure 
the security of cargo on all-cargo aircraft. Despite these 
requirements, it has been reported that less than 5 percent of cargo 
placed on passenger airplanes is physically screened.[Footnote 29] 
TSA's primary approach to ensuring air cargo security and safety is to 
ensure compliance with the "known shipper" program--which allows 
shippers that have established business histories with air carriers or 
freight forwarders to ship cargo on planes. However, we and the 
Department of Transportation's Inspector General have identified 
weaknesses in the known shipper program and in TSA's procedures for 
approving freight forwarders, such as possible tampering with freight 
at various handoff points before it is loaded into an 
aircraft.[Footnote 30]

Since September 2001, TSA has taken a number of actions to enhance 
cargo security, such as implementing a database of known shippers in 
October 2002. The database is the first phase in developing a cargo 
profiling system similar to the Computer-Assisted Passenger 
Prescreening System. However, in December 2002, we reported that 
additional operational and technological measures, such as checking the 
identity of individuals making cargo deliveries, have the potential to 
improve air cargo security in the near term.[Footnote 31] We further 
reported that TSA lacks a comprehensive plan with long-term goals and 
performance targets for cargo security, time frames for completing 
security improvements, and risk-based criteria for prioritizing actions 
to achieve those goals. Accordingly, we recommended that TSA develop a 
comprehensive plan for air cargo security that incorporates a risk 
management approach, includes a list of security priorities, and sets 
deadlines for completing actions. TSA agreed with this recommendation 
and expects to develop such a plan by the end of 2003. It will be 
important that this plan include a timetable for implementation to help 
ensure that vulnerabilities in this area are reduced.

General Aviation Security:

Since September 2001, TSA has taken limited action to improve general 
aviation security, leaving general aviation far more open and 
potentially vulnerable than commercial aviation. General aviation is 
vulnerable because general aviation pilots and passengers are not 
screened before takeoff and the contents of general aviation planes are 
not screened at any point. General aviation includes more than 200,000 
privately owned airplanes, which are located in every state at more 
than 19,000 airports.[Footnote 32] More than 550 of these airports also 
provide commercial service. In the last 5 years, about 70 aircraft have 
been stolen from general aviation airports, indicating a potential 
weakness that could be exploited by terrorists. This vulnerability was 
demonstrated in January 2002, when a teenage flight student stole and 
crashed a single-engine airplane into a Tampa, Florida skyscraper. 
Moreover, general aviation aircraft could be used in other types of 
terrorist acts. It was reported that the September 11th hijackers 
researched the use of crop dusters to spread biological or chemical 
agents.

We reported in September 2003 that TSA had chartered a working group on 
general aviation within the existing Aviation Security Advisory 
Committee.[Footnote 33] The working group consists of industry 
stakeholders and is designed to identify and recommend actions to close 
potential security gaps in general aviation. On October 1, 2003, the 
working group issued a report that included a number of recommendations 
for general aviation airport operators' voluntary use in evaluating 
airports' security requirements. These recommendations are both broad 
in scope and generic in their application, with the intent that every 
general aviation airport and landing facility operators may use them to 
evaluate that facility's physical security, procedures, 
infrastructure, and resources. TSA is taking some additional action to 
strengthen security at general aviation airports, including developing 
a risk-based self-assessment tool for general aviation airports to use 
in identifying security concerns. We have ongoing work that is 
examining general aviation security in further detail.

Aviation Security Funding:

TSA faces two key funding and accountability challenges in securing the 
commercial aviation system: (1) paying for increased aviation security, 
and (2) ensuring that these costs are controlled. These challenges are 
particularly critical due to the government incurring large and 
increasing deficits. The rapid rise in needed funding for aviation 
security enhancements further exacerbates budget challenges. The costs 
associated with aviation security are huge. The Department of Homeland 
Security appropriation includes $3.7 billion for aviation security for 
fiscal year 2004. The passenger and baggage screening functions alone 
account for most of this funding, with about $1.8 billion appropriated 
for passenger screening and $1.3 billion for baggage screening. ATSA 
created passenger and air carrier security fees to pay for the costs of 
aviation security, but the fees have not generated enough money to do 
so. The Department of Transportation's Inspector General reported that 
the security fees are estimated to generate only about $1.7 billion 
during fiscal year 2004.

A major funding challenge is paying for the purchase and installation 
of the remaining explosives detection systems, including integration 
into airport baggage-handling systems. Integrating the equipment with 
the baggage-handling systems is expected to be costly because it will 
require major facility modifications. For example, modifications needed 
to integrate the equipment at Boston's Logan International Airport are 
estimated to cost $146 million. Modifications for Dallas/Fort Worth 
International Airport are estimated to cost $193 million. According to 
TSA and the Department of Transportation's Inspector General, the cost 
of integrating the equipment nationwide could be $3 billion.

A key question that must be addressed is how to pay for these 
installation costs. The Federal Aviation Administration's Airport 
Improvement Program (AIP) and passenger facility charges have been 
eligible sources for funding this work.[Footnote 34] During fiscal year 
2002, AIP grant funds totaling $561 million were used for terminal 
modifications to enhance security. However, using these funds for 
security reduced the funding available for other airport development 
and rehabilitation projects. To provide financial assistance to 
airports for security-related capital investments, such as the 
installation of explosives detection equipment, proposed aviation 
reauthorization legislation would establish an aviation security 
capital fund that would authorize $2 billion over the next 4 years.

In February 2003, we identified letters of intent as a funding option 
that has been successfully used to leverage private sources of 
funding.[Footnote 35] TSA has since signed letters of intent covering 
seven airports--Boston Logan, Dallas/Fort Worth, Denver, Los Angeles, 
McCarran (Las Vegas), Ontario (California), and Seattle/Tacoma 
international airports. Under the agreements, TSA will pay 75 percent 
of the cost of integrating the explosives detection equipment into the 
baggage-handling systems. The payments will stretch out over 3 to 4 
years. TSA officials have identified more airports that would be 
candidates for similar agreements.

Another challenge is ensuring continued investment in transportation 
research and development. For fiscal year 2003, TSA was appropriated 
about $110 million for research and development, of which $75 million 
was designated for the next-generation explosives detection systems. 
However, TSA proposed to reprogram $61.2 million of these funds to be 
used for other purposes, leaving about $12.7 million to be spent on 
research and development in that year. This proposed reprogramming 
could limit TSA's ability to sustain and strengthen aviation security 
by continuing to invest in research and development for more effective 
equipment to screen passengers, their carry-on and checked baggage, and 
cargo. In ongoing work, we are examining the nature and scope of 
research and development work by TSA and the Department of Homeland 
Security, including their strategy for accelerating the development of 
transportation security technologies.

Human Capital Management:

As it organizes itself to protect the nation's transportation system, 
TSA faces the challenge of strategically managing its workforce of 
about 60,000 people--more than 80 percent of whom are passenger and 
baggage screeners. Additionally, over the next several years, TSA faces 
the challenge of sizing and managing this workforce as efficiency is 
improved with new security-enhancing technologies, processes, and 
procedures. For example, as explosives detection systems are integrated 
with baggage-handling systems, the use of more labor-intensive 
screening methods, such as trace detection techniques and manual bag 
searches, can be reduced. Other planned security enhancements, such as 
CAPPS II and a registered traveler program, also have the potential to 
make screening more efficient. Further, if airports opt out of the 
federal screener program and use their own or contract employees to 
provide screening instead of TSA screeners, a significant impact on TSA 
staffing could occur.

To assist agencies in managing their human capital more strategically, 
we have developed a model that identifies cornerstones and related 
critical success factors that agencies should apply and steps they can 
take.[Footnote 36] Our model is designed to help agency leaders 
effectively lead and manage their people and integrate human capital 
considerations into daily decision making and the program results they 
seek to achieve. In January 2003, we reported that TSA was addressing 
some critical human capital success factors by using a wide range of 
tools available for hiring, and beginning to link individual 
performance to organizational goals.[Footnote 37] However, concerns 
remain about the size and training of that workforce, the adequacy of 
the initial background checks for screeners, and TSA's progress in 
setting up a performance management system. TSA is currently developing 
a human capital strategy, which it expects to be completed by the end 
of this year.

TSA has proposed cutting the screener workforce by an additional 3,000 
during fiscal year 2004. This planned reduction has raised concerns 
about passenger delays at airports and has led TSA to begin hiring 
part-time screeners to make more flexible and efficient use of its 
workforce. In addition, TSA used an abbreviated background check 
process to hire and deploy enough screeners to meet ATSA's screening 
deadlines during 2002. After obtaining additional background 
information, TSA terminated the employment of some of these screeners. 
TSA reported 1,208 terminations as of May 31, 2003, that it ascribed to 
a variety of reasons, including criminal offenses and failures to pass 
alcohol and drug tests. Furthermore, the national media have reported 
allegations of operational and management control problems that emerged 
with the expansion of the Federal Air Marshal Service, including 
inadequate background checks and training, uneven scheduling, and 
inadequate policies and procedures. We reported in January 2003 that 
TSA had taken the initial steps in establishing a performance 
management system linked to organizational goals. Such a system will be 
critical for TSA to motivate and manage staff, ensure the quality of 
screeners' performance, and, ultimately, restore public confidence in 
air travel. In ongoing work, we are examining the effectiveness of 
TSA's efforts to train, equip, and supervise passenger screeners, and 
we are assessing the effects of expansion on the Federal Air Marshal 
Service.[Footnote 38]

Concluding Observations:

TSA faces many challenges in strengthening its passenger screening and 
other security programs. To best address these challenges, it needs the 
information and tools necessary to ensure that its efforts are 
effective, are appropriately focused, and are achieving expected 
results. Without knowledge on the effectiveness of its programs, TSA 
and the public have little assurance regarding the level of security 
provided, and whether TSA is using its resources to maximize security 
benefits. As TSA implements new security initiatives and addresses 
associated challenges, measuring program effectiveness will help it 
best focus on the areas of greatest need. We are encouraged that TSA is 
undertaking efforts to develop the information and tools needed to 
measure its performance.

Mr. Chairman, this concludes my statement. I would be pleased to answer 
any questions that you or other members of the Committee may have.

Contact Information:

For further information on this testimony, please contact Cathleen A. 
Berrick at (202) 512-8777. Individuals making key contributions to this 
testimony include Mike Bollinger, Lisa Brown, Jack Schulze, and Maria 
Strudwick.

[End of section]

Related GAO Products:

Aviation Security: Efforts to Measure Effectiveness and Address 
Challenges. GAO-04-232T. Washington, D.C.: November 5, 2003.

Airport Passenger Screening: Preliminary Observations on Progress Made 
and Challenges Remaining. GAO-03-1173. Washington, D.C.: September 24, 
2003.

Aviation Security: Progress since September 11, 2001, and the 
Challenges Ahead. GAO-03-1150T. Washington, D.C.: September 9, 2003:

Transportation Security: Federal Action Needed to Help Address Security 
Challenges. GAO-03-843. Washington, D.C.: June 30, 2003.

Transportation Security: Post-September 11th Initiatives and Long-Term 
Challenges. GAO-03-616T. Washington, D.C.: April 1, 2003.

Aviation Security: Measures Needed to Improve Security of Pilot 
Certification Process. GAO-03-248NI. Washington, D.C.: February 3, 
2003. (NOT FOR PUBLIC DISSEMINATION):

Aviation Security: Vulnerabilities and Potential Improvements for the 
Air Cargo System. GAO-03-286NI. Washington, D.C.: December 20, 2002. 
(NOT FOR PUBLIC DISSEMINATION):

Aviation Security: Vulnerabilities and Potential Improvements for the 
Air Cargo System. GAO-03-344. Washington, D.C.: December 20, 2002.

Aviation Security: Vulnerability of Commercial Aviation to Attacks by 
Terrorists Using Dangerous Goods. GAO-03-30C. Washington, D.C.: 
December 3, 2002:

Aviation Security: Registered Traveler Program Policy and 
Implementation Issues. GAO-03-253. Washington, D.C.: November 22, 2002.

Aviation Security: Transportation Security Administration Faces 
Immediate and Long-Term Challenges. GAO-03-971T. Washington, D.C.: July 
25, 2002.

Aviation Security: Information Concerning the Arming of Commercial 
Pilots. GAO-02-822R. Washington, D.C.: June 28, 2002.

Aviation Security: Deployment and Capabilities of Explosive Detection 
Equipment. GAO-02-713C. Washington, D.C.: June 20, 2002. (CLASSIFIED):

Aviation Security: Information on Vulnerabilities in the Nation's Air 
Transportation System. GAO-01-1164T. Washington, D.C.: September 26, 
2001. (NOT FOR PUBLIC DISSEMINATION):

Aviation Security: Information on the Nation's Air Transportation 
System Vulnerabilities. GAO-01-1174T. Washington, D.C.: September 26, 
2001. (NOT FOR PUBLIC DISSEMINATION):

Aviation Security: Vulnerabilities in, and Alternatives for, Preboard 
Screening Security Operations. GAO-01-1171T. Washington, D.C.: 
September 25, 2001.

Aviation Security: Weaknesses in Airport Security and Options for 
Assigning Screening Responsibilities. GAO-01-1165T. Washington, D.C.: 
September 21, 2001.

Aviation Security: Terrorist Acts Demonstrate Urgent Need to Improve 
Security at the Nation's Airports. GAO-01-1162T. Washington, D.C.: 
September 20, 2001.

Aviation Security: Terrorist Acts Illustrate Severe Weaknesses in 
Aviation Security. GAO-01-1166T. Washington, D.C.: September 20, 2001.

Responses of Federal Agencies and Airports We Surveyed about Access 
Security Improvements. GAO-01-1069R. Washington, D.C.: August 31, 2001.

Responses of Federal Agencies and Airports We Surveyed about Access 
Security Improvements. GAO-01-1068R. Washington, D.C.: August 31, 2001. 
(RESTRICTED):

FAA Computer Security: Recommendations to Address Continuing 
Weaknesses. GAO-01-171. Washington, D.C.: December 6, 2000.

Aviation Security: Additional Controls Needed to Address Weaknesses in 
Carriage of Weapons Regulations. GAO/RCED-00-181. Washington, D.C.: 
September 29, 2000.

FAA Computer Security: Actions Needed to Address Critical Weaknesses 
That Jeopardize Aviation Operations. GAO/T-AIMD-00-330. Washington, 
D.C.: September 27, 2000.

FAA Computer Security: Concerns Remain Due to Personnel and Other 
Continuing Weaknesses. GAO/AIMD-00-252. Washington, D.C.: August 16, 
2000.

Aviation Security: Long-Standing Problems Impair Airport Screeners' 
Performance. GAO/RCED-00-75. Washington, D.C.: June 28, 2000.

Aviation Security: Screeners Continue to Have Serious Problems 
Detecting Dangerous Objects. GAO/RCED-00-159. Washington, D.C.: June 
22, 2000. (NOT FOR PUBLIC DISSEMINATION):

Security: Breaches at Federal Agencies and Airports. GAO-OSI-00-10. 
Washington, D.C.: May 25, 2000.

FOOTNOTES

[1] P.L. 107-71.

[2] ATSA required TSA to implement a pilot program using contract 
screeners at five commercial airports. The purpose of the 2-year pilot 
program is to determine the feasibility of using private screening 
companies rather than federal screeners.

[3] CAPPS II is a system intended to perform a risk assessment of all 
airline passengers to identify those requiring additional security 
attention.

[4] General aviation consists of all civil aircraft and excludes 
commercial and military aircraft.

[5] P.L. 107-296.

[6] An annual performance plan is to provide the direct linkage between 
the strategic goals outlined in the agency's strategic plan and the 
day-to-day activities of managers and staff. Additionally, annual 
performance plans are to include performance goals for an agency's 
program activities as listed in the budget, a summary of the necessary 
resources that will be used to measure performance, and a discussion of 
how the performance information will be verified. An annual performance 
report is to review and discuss an agency's performance compared with 
the performance goals it established in its annual performance plan.

[7] U.S. General Accounting Office, Airport Passenger Screening: 
Preliminary Observations on Progress Made and Challenges Remaining, 
GAO-03-1173 (Washington, D.C.: Sept. 24, 2003). 

[8] The original Computer Assisted Passenger Screening System is a 
stand-alone application residing in an air carrier's reservation system 
that analyzes certain behavioral patterns to score and calculate each 
passenger's need for additional screening.

[9] Currently, the Office of Internal Affairs and Program Review has 7 
team leaders assigned full-time to covert testing, and plans to have a 
total of 14 full-time team leaders by the end of fiscal year 2004. The 
team leaders draw from the remaining staff within the office, such as 
auditors and analysts, to perform the testing. According to TSA 
officials, overall, 95 percent of the staff in the Office of Internal 
Affairs and Program Review participates in covert testing as a 
collateral responsibility.

[10] TIP is designed to test screeners' detection capabilities by 
projecting threat images, including guns and explosives, into bags as 
they are screened. Screeners are responsible for positively identifying 
the threat image and calling for the bag to be searched. Once prompted, 
TIP identifies to the screener whether the threat is real and then 
records the screener's performance in a database that could be analyzed 
for performance trends. 

[11] Federal security directors oversee security at each of the 
nation's commercial airports. 

[12] The Performance Management Information System also contains 
metrics on human resources, sizing, checkpoint, feedback, and 
incidents.

[13] The Government Performance and Results Act of 1993 shifts the 
focus of government operations from process to results by establishing 
a foundation for examining agency mission, performance goals and 
objectives, and results. Under the act, agencies are to prepare 5-year 
strategic plans that set the general direction for their efforts, and 
annual performance plans that establish connections between the long-
term strategic goals outlined in the strategic plans and the day-to-day 
activities of managers and staff. Finally, the act requires that each 
agency report annually on the extent to which it is meeting its annual 
performance goals and the actions needed to achieve or modify those 
goals that have not been met.

[14] TSA is also developing a National Transportation Security System 
Plan, a draft of which is currently under review within TSA. TSA plans 
to promote consistent and mutually supporting intermodal planning in 
cooperation with administrators and in collaboration with key 
stakeholders from all modes of transportation. TSA designed the plan 
for use by agencies, owners, and operators of the transportation system 
to guide them as they develop their individual security plans. 
Accordingly, the National Transportation System Security Plan will 
include national modal plans to capture and tailor transportation 
security requirements for each mode of transportation, with particular 
emphasis on intermodal connections. Each modal plan will focus on 
security for people (workforce and passengers), cargo (baggage and 
shipments), infrastructure (vehicles, facilities, and right of ways), 
and response preparedness.

[15] U.S. General Accounting Office, Transportation Security 
Administration: Actions and Plans to Build a Results-Oriented Culture, 
GAO-03-190 (Washington, D.C.: Jan. 17, 2003).

[16] TSA's screener workforce totaled 55,600 on March 31, 2003. The 
agency cut 3,000 positions for a screener workforce of 52,600 by June 
1, 2003. An additional 3,000 positions were cut for a workforce of 
49,600 full-time equivalents (FTE) by September 30, 2003, the end of 
the fiscal year. TSA officials predicted that the screener staffing 
level will be down to 45,000 by the end of fiscal year 2004. Beginning 
with the enactment of the 2002 Supplemental Appropriations Act for 
Further Recovery from and Response to Terrorist Attacks on the United 
States, Public Law 107-206 (August 2, 2002), and in subsequent 
appropriations acts, there have been restrictions on TSA impacting 
staffing levels. The current fiscal year 2004 Department of Homeland 
Security Appropriations Act, Public Law 108-90, contains a provision 
requiring that none of the funds in the act be used to recruit or hire 
personnel into TSA, which would cause the agency to exceed a screener 
staffing level of 45,000 full-time equivalents.

[17] According to the August 8, 2003, request for quotation for the 
evaluation of the contract screening pilot program, BearingPoint must 
include informed performance comparisons, both quantitative and 
qualitative, of private versus federal screeners overall and within 
different sizes and categories of airports.

[18] Based on the time frames established in the request for quotation, 
BearingPoint, Inc. is required to develop a project plan and evaluation 
model no later than December 12, 2003. 

[19] TSA's request for proposal for the pilot program evaluation notes 
that there are a significant number of operational and managerial 
elements at the discretion of the private screening companies that 
should be considered in the evaluation, including supervision, 
overhead, materials, recruiting, and scheduling.

[20] Explosives detection systems use probing radiation to examine 
objects inside baggage and identify the characteristic signatures of 
threat explosives. EDS equipment operates in an automated mode.

[21] Explosive trace detection works by detecting vapors and residues 
of explosives. Human operators collect samples by rubbing bags with 
swabs, which are chemically analyzed to identify any traces of 
explosive materials.

[22] Positive passenger bag match is an alternative method of screening 
checked baggage, which requires that the passenger be on the same 
aircraft as the checked baggage. 

[23] In-line screening involves incorporating EDS machines into airport 
baggage handling systems to improve throughput of baggage and to 
streamline airport operations. 

[24] A letter of intent represents a nonbinding commitment from an 
agency to provide multiyear funding to an entity beyond the current 
authorization period. Thus, that letter allows an airport to proceed 
with a project without waiting for future federal funds because the 
airport and investors know that allowable costs are likely to be 
reimbursed.

[25] U.S. General Accounting Office, Airport Finance: Past Funding 
Levels May Not Be Sufficient to Cover Airports' Planned Capital 
Development, GAO-03-497T (Washington, D.C.: Feb. 25, 2003).

[26] The seven airports include Denver International Airport, Las Vegas 
McCarran International Airport, Los Angeles International Airport, 
Ontario International Airport, Seattle/Tacoma International Airport, 
Dallas/Fort Worth International Airport, and Boston Logan International 
Airport. The purpose is to help defray the costs of installing 
permanent explosive detection systems that are integrated with 
airports' checked baggage conveyor systems. 

[27] U.S. General Accounting Office, Security: Breaches at Federal 
Agencies and Airports, GAO/T-OSI-00-10 (Washington, D.C.: May 25, 
2000).

[28] U.S. General Accounting Office, Transportation Security: Federal 
Action Needed to Help Address Security Challenges, GAO-03-843 
(Washington, D.C.: June 30, 2003).

[29] Congressional Research Service, Air Cargo Security, September 11, 
2003.

[30] U.S. General Accounting Office, Aviation Security: Vulnerabilities 
and Potential Improvements for the Air Cargo System, GAO-03-344 
(Washington, D.C.: Dec. 20, 2002).

[31] U.S. General Accounting Office, Aviation Security: Progress since 
September 11, 2001, and the Challenges Ahead, GAO-03-1150T (Washington, 
D.C.: September 9, 2003).

[32] Of the 19,000 general aviation airports, 5,400 are publicly owned. 
TSA is currently focusing its efforts on these publicly owned airports. 
TSA is still unclear about its role in inspecting privately owned 
general aviation airports.

[33] GAO-03-1150T.

[34] The Airport Improvement Program trust fund is used to fund capital 
improvements to airports, including some security enhancements, such as 
terminal modifications to accommodate explosive detection equipment.

[35] GAO-03-497T.

[36] U.S. General Accounting Office, A Model of Strategic Human Capital 
Management, GAO-02-373SP (Washington, D.C.: March 2002).

[37] U.S. General Accounting Office, Major Management Challenges and 
Program Risks: Department of Transportation, GAO-03-108 (Washington, 
D.C.: January 2003).

[38] The Federal Air Marshal Service has been transferred out of TSA 
and into the Department of Homeland Security's Bureau of Immigration 
and Customs Enforcement.