GAO-08-1136T, Aviation Security: TSA Is Enhancing Its Oversight of Air Carrier Efforts to Screen Passengers against Terrorist Watch-List Records, but Expects Ultimate Solution to Be Implementation of Secure Flight


This is the accessible text file for GAO report number GAO-08-1136T 
entitled 'Aviation Security: TSA Is Enhancing Its Oversight of Air 
Carrier Efforts to Screen Passengers against Terrorist Watch-List 
Records, but Expects Ultimate Solution to Be Implementation of Secure 
Flight' which was released on September 9, 2008.

This text file was formatted by the U.S. Government Accountability 
Office (GAO) to be accessible to users with visual impairments, as part 
of a longer term project to improve GAO products' accessibility. Every 
attempt has been made to maintain the structural and data integrity of 
the original printed product. Accessibility features, such as text 
descriptions of tables, consecutively numbered footnotes placed at the 
end of the file, and the text of agency comment letters, are provided 
but may not exactly duplicate the presentation or format of the printed 
version. The portable document format (PDF) file is an exact electronic 
replica of the printed version. We welcome your feedback. Please E-mail 
your comments regarding the contents or accessibility features of this 
document to Webmaster@gao.gov. 

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately. 

Testimony: 

Before the Subcommittee on Transportation Security and Infrastructure 
Protection, Committee on Homeland Security, House of Representatives: 

United States Government Accountability Office: 
GAO: 

For Release on Delivery: 
Expected at 2:00 p.m. EDT:
September 9, 2008: 

Aviation Security: 

TSA Is Enhancing Its Oversight of Air Carrier Efforts to Screen 
Passengers against Terrorist Watch-List Records, but Expects Ultimate 
Solution to Be Implementation of Secure Flight: 

Statement of Cathleen A. Berrick:
Director, Homeland Security and Justice Issues: 

GAO-08-1136T: 

GAO Highlights: 

Highlights of GAO-08-1136T, a testimony before the Subcommittee on 
Transportation Security and Infrastructure Protection, Committee on 
Homeland Security, House of Representatives. 

Why GAO Did This Study: 

Domestic air carriers are responsible for checking passenger names 
against terrorist watch-list records to identify persons who should be 
denied boarding (the No Fly List) or who should undergo additional 
security scrutiny (the Selectee List). The Transportation Security 
Administration (TSA) is to assume this function through its Secure 
Flight program. However, due to program delays, air carriers retain 
this role. This testimony discusses (1) TSA’s requirements for domestic 
air carriers to conduct watch-list matching, (2) the extent to which 
TSA has assessed compliance with watch-list matching requirements, and 
(3) TSA’s progress in developing Secure Flight. This statement is based 
on GAO’s report on air carrier watch-list matching (GAO-08-992) being 
released today and GAO’s previous and ongoing reviews of Secure Flight. 
In conducting this work, GAO reviewed TSA security directives and TSA 
inspections guidance and results, and interviewed officials from 14 of 
95 domestic air carriers. 

What GAO Found: 

TSA’s requirements for domestic air carriers to conduct watch-list 
matching include a requirement to identify passengers whose names are 
either identical or similar to those on the No Fly and Selectee lists. 
Similar-name matching is important because individuals on the watch 
list may try to avoid detection by making travel reservations using 
name variations. According to TSA, there have been incidents of air 
carriers failing to identify potential matches by not successfully 
conducting similar-name matching. However, until revisions were 
initiated in April 2008, TSA’s security directives did not specify what 
types of similar-name variations were to be considered. Thus, in 
interviews with 14 air carriers, GAO found inconsistent approaches to 
conducting similar-name matching, and not every air carrier reported 
conducting similar-name comparisons. In January 2008, TSA conducted an 
evaluation of air carriers and found deficiencies in their capability 
to conduct similar-name matching. Thus, in April 2008, TSA revised the 
No Fly List security directive to specify a baseline capability for 
conducting watch-list matching and reported that it planned to 
similarly revise the Selectee List security directive. While 
recognizing that the new baseline capability will not address all 
vulnerabilities, TSA emphasized that establishing the baseline 
capability should improve air carriers’ performance of watch-list 
matching and is a good interim solution pending the implementation of 
Secure Flight. 

TSA has undertaken various efforts to assess domestic air carriers’ 
compliance with watch-list matching requirements; however, until 2008, 
TSA had conducted limited testing of air carriers’ similar-name-
matching capability. In 2005, for instance, TSA evaluated the 
capability of air carriers to identify names that were identical—but 
not similar—to those in terrorist watch-list records. Also, TSA’s 
internal guidance did not specifically direct inspectors to test air 
carriers’ similar-name-matching capability, nor did the guidance 
specify the number or types of name variations to be assessed. Records 
in TSA’s database for regular inspections conducted during 2007 made 
reference to name-match testing in only 61 of the 1,145 watch-list-
related inspections that GAO reviewed. During the course of GAO’s 
review, and prompted by findings of the evaluation conducted in January 
2008, TSA reported that its guidance for inspectors would be revised to 
help ensure air carriers’ compliance with security directives. Although 
TSA has plans to strengthen its oversight efforts, it is too early to 
determine the extent to which TSA will provide oversight of air 
carriers’ compliance with the revised security directives. 

In February 2008, GAO reported that TSA has made progress in developing 
Secure Flight but that challenges remained, including the need to more 
effectively manage risk and develop more robust cost and schedule 
estimates (GAO-08-456T). If these challenges are not addressed 
effectively, the risk of the program not being completed on schedule 
and within estimated costs is increased, and the chances of it 
performing as intended are diminished. TSA plans to begin assuming 
watch-list matching from air carriers in January 2009. 

What GAO Recommends: 

GAO is not making any recommendations related to air carriers’ watch-
list matching programs because TSA initiated actions in April 2008 to 
strengthen related requirements and its oversight of air carriers’ 
implementation of these requirements. Regarding Secure Flight, GAO 
previously made recommendations to strengthen the program’s 
development. TSA generally agreed. 

To view the full product, including the scope and methodology, click on 
[hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-08-1136T]. For more 
information, contact Cathleen A. Berrick at (202) 512-3404 or 
berrickc@gao.gov. 

[End of section] 

Madam Chairwoman and Members of the Subcommittee: 

I am pleased to be here today to discuss GAO's work assessing the 
Transportation Security Administration (TSA) and domestic air carrier 
efforts in conducting watch-list matching--or the matching of airline 
passenger information against terrorist watch-list records--a front- 
line defense against acts of terrorism that target the nation's civil 
aviation system.[Footnote 1] Domestic air carriers operating to, from, 
and within the United States are to conduct watch-list matching in 
accordance with requirements set forth by TSA. That is, air carriers 
are to conduct preboarding checks by comparing passenger data--most 
prominently name and date of birth--against the No Fly List to identify 
individuals who should be prevented from boarding an aircraft, and 
against the Selectee List to identify individuals who must undergo 
enhanced screening at the checkpoint prior to boarding.[Footnote 2] TSA 
has responsibility for overseeing how air carriers implement the watch- 
list-matching process, consistent with TSA requirements. Critical to 
this oversight effort are the agency's inspectors--both the principal 
security inspectors who oversee implementation efforts at air carriers' 
corporate security offices and the transportation security inspectors 
who oversee implementation efforts at airport locations. Beginning in 
2009, under a program known as Secure Flight, TSA is to take over from 
air carriers the function of watch-list matching for domestic and 
ultimately international flights. Pending Secure Flight's 
implementation, air carriers continue to have primary responsibility 
for conducting watch-list matching. In turn, TSA continues to have an 
important oversight responsibility to ensure that air carriers comply 
with watch-list-matching requirements. 

My testimony today addresses (1) TSA's requirements for domestic air 
carriers to conduct watch-list matching for domestic flights, (2) the 
extent to which TSA has assessed domestic air carriers' compliance with 
watch-list-matching requirements, and (3) TSA's progress in developing 
and implementing the Secure Flight program. This statement is based on 
a report we released today[Footnote 3] on air carrier watch-list- 
matching processes and TSA's oversight of these efforts, as well as 
work we conducted on the Secure Flight program from August 2007 to 
January 2008,[Footnote 4] with selected updates in September 2008. 

Regarding air carrier watch-list matching, we reviewed TSA's security 
directives and related guidance applicable to watch-list matching; 
interviewed responsible officials at TSA headquarters; conducted 
interviews (both in-person and via telephone) with officials from 
domestic air carriers to discuss their implementation of watch-list- 
matching requirements;[Footnote 5] analyzed watch-list-related 
inspections that TSA conducted during fiscal year 2007 to ensure that 
air carriers were in compliance with applicable requirements; and 
reviewed the results from a special emphasis assessment that TSA 
conducted in 2005 and a special emphasis inspection it conducted in 
January 2008, both of which addressed air carriers' capability to 
conduct watch-list matching.[Footnote 6] Regarding the Secure Flight 
program, we reviewed systems development, privacy, and other 
documentation, and interviewed Department of Homeland Security (DHS), 
TSA, and contractor officials. We conducted these performance audits 
from July 2006 to September 2008 in accordance with generally accepted 
government auditing standards. Those standards require that we plan and 
perform the audit to obtain sufficient, appropriate evidence to provide 
a reasonable basis for our findings and conclusions based on the audit 
objectives. We believe that the evidence obtained provides a reasonable 
basis for our findings and conclusions based on the audit objectives. 

Summary: 

Through its security directives, TSA has issued requirements for watch- 
list matching, which include identifying passengers with names similar 
to those on the No Fly and Selectee lists. Before undertaking revisions 
of the relevant security directives in 2008, TSA expected air carriers 
to conduct similar-name matching but TSA's security directives did not 
specify how many and what types of such name variations air carriers 
should compare. Consequently, in interviews with 14 air carriers, we 
found inconsistent approaches to conducting similar-name matching. Some 
carriers compared more name variations than others; in addition, not 
every air carrier reported conducting similar-name comparisons. Air 
carriers that conduct only exact-name comparisons and carriers that 
conduct relatively limited similar-name comparisons are less effective 
in identifying watch-listed individuals who travel under name 
variations. Also, due to inconsistent air carrier processes, a 
passenger could be identified as a match to the watch list by one 
carrier and not by another. In April 2008, during the course of our 
review, TSA revised and issued the No Fly List security directive to 
specify a baseline capability for similar-name matching to which all 
air carriers must conform. Also, in August 2008, TSA officials reported 
that the agency was in the process of similarly revising the Selectee 
List security directive to require the same baseline capability. 
[Footnote 7] TSA officials acknowledged that the new baseline 
capability will not address all vulnerabilities identified by TSA. 
However, the officials stated that the new baseline capability was a 
good interim approach for improving air carriers' matching efforts 
because, among other reasons, it will strengthen watch-list matching 
without requiring investment in a solution that will be replaced when 
Secure Flight is implemented. 

Although TSA assessed air carriers' compliance with watch-list-matching 
requirements through a special emphasis assessment conducted in 2005 
and through planned inspections conducted in conjunction with annual 
inspection cycles, the agency had tested similar-name matching to only 
a limited extent until 2008. For instance, the 2005 special emphasis 
assessment focused on air carriers' capability to identify passenger 
names that were exact matches with names on the No Fly List, but did 
not address the capability to conduct similar-name matching. Also, 
during the most recent annual inspection cycle (fiscal year 2007), 
although some TSA inspectors tested air carriers' effectiveness in 
conducting similar-name matching, the inspectors did so at their own 
discretion and without specific evaluation criteria. However, during a 
special emphasis inspection conducted in January 2008, TSA found 
deficiencies in the capability of air carriers to conduct similar-name 
matching.[Footnote 8] Thereafter, following TSA's revision of the No 
Fly List security directive in April 2008, officials planned to issue 
new guidance for inspectors to better ensure compliance by air carriers 
with requirements in the new security directive. Further, in September 
2008, TSA updated us on the status of its efforts with watch-list 
matching. Specifically, TSA provided us with the results of a May 2008 
special emphasis assessment of seven air carriers' compliance with the 
revised No Fly List security directive. TSA generally characterized the 
results of the May 2008 special emphasis assessment as positive. 
Further, TSA officials noted that the agency's internal handbook, which 
provides guidance to transportation security inspectors on how to 
inspect air carriers' compliance with requirements, including watch- 
list-matching requirements, was being revised, and was expected to be 
released later this year. Officials indicated that the new inspection 
guidance would be used in conjunction with TSA's nationwide regulatory 
activities plan for fiscal year 2009. While these actions and plans are 
positive developments, it is too early to determine the extent to which 
air carriers' compliance with watch-list-matching requirements will be 
assessed based on the new security directives since these efforts are 
still underway and have not been completed. 

Moreover, in February 2008, we reported that TSA has made significant 
progress in developing Secure Flight, but that challenges remained in a 
number of areas, including the need to more effectively manage risk and 
develop more robust cost and schedule estimates. We made a number of 
recommendations to strengthen TSA's efforts in these areas, to which 
TSA agreed and has begun to take corrective actions. We will continue 
to evaluate TSA's efforts to develop and implement Secure Flight and 
its progress in addressing these recommendations as part of our ongoing 
review.[Footnote 9] 

Background: 

TSA is responsible for ensuring air carriers' compliance with 
regulatory requirements, including requirements reflected in TSA 
security directives. Related to watch-list matching, TSA outlines air 
carrier requirements in the No Fly List Procedures security directive, 
requiring domestic air carriers to conduct checks of passenger 
information against the No Fly List to identify individuals who should 
be precluded from boarding flights, and the Selectee List Procedures 
security directive, directing domestic air carriers to conduct checks 
of passenger information against the Selectee List to identify 
individuals who should receive enhanced screening (e.g., additional 
physical screening or a hand-search of carry-on baggage) before 
proceeding through the security checkpoint. Since 2002, TSA has issued 
numerous revisions to the No Fly and Selectee list security directives 
to strengthen and clarify requirements, and has issued guidance to 
assist air carriers in implementing their watch-list-matching 
processes. 

TSA conducts inspections of air carriers throughout the year as part of 
regular inspection cycles based on annual inspection plans to determine 
the extent to which air carriers are complying with TSA security 
requirements. These inspections are based on inspection guidelines 
known as PARIS prompts,[Footnote 10] which address a broad range of 
regulatory requirements (including airport perimeter security and cargo 
security, as well as screening of employees, baggage, and passengers). 
With respect to watch-list matching, inspection guidelines instruct 
inspectors regarding the aspects of air carrier watch-list matching 
that should be tested, such as whether air carriers are comparing the 
names of all passengers against names on the most current No Fly and 
Selectee lists in accordance with the procedures outlined in TSA's 
security directives. 

TSA conducts watch-list-related inspections at air carriers' corporate 
security offices (where policies and procedures are established on how 
watch-list matching is to be performed) and at airports (where policies 
and procedures for responding to a potential match are implemented). 
TSA's principal security inspectors are responsible for conducting 
inspections at domestic air carriers' corporate headquarters. These 
inspectors assess air carriers' compliance with security requirements 
and provide direct oversight of air carriers' implementation of and 
compliance with TSA-approved security programs. Field inspectors-- 
known as transportation security inspectors--conduct watch-list- 
related inspections at airports. They are responsible for a multitude 
of TSA-related activities, including conducting inspections and 
investigations of airports and air carriers, monitoring compliance with 
applicable civil aviation security policies and regulations, resolving 
routine situations that may be encountered during the assessment of 
airport security, participating in testing of security systems in 
connection with compliance inspections, identifying when enforcement 
actions should be initiated, and providing input on the type of action 
and level of penalty commensurate with the nature and severity of a 
violation that is ultimately recommended to TSA's Office of Chief 
Counsel. 

To further enhance commercial aviation security and as required by the 
Intelligence Reform and Terrorism Prevention Act of 2004, TSA is 
developing an advanced passenger prescreening program known as Secure 
Flight to assume from air carriers the function of matching passenger 
information against government-supplied terrorist watch lists for 
domestic, and ultimately international, flights.[Footnote 11] Through 
assumption of the watch-list-matching function from the air carriers, 
Secure Flight is intended to ensure a higher level of consistency than 
current air carrier watch-list matching and also help remedy possible 
misidentifications if a passenger's name is similar to one found on a 
watch list. According to TSA plans, Secure Flight's benefits, once the 
program becomes operational, will include: 

* eliminating inconsistencies in current air carrier watch-list 
matching procedures; 

* decreasing the risk of unauthorized disclosure of sensitive watch- 
list information; 

* reducing the number of individuals who are misidentified as being on 
the No Fly or Selectee lists, and; 

* integrating the redress process so that individuals are less likely 
to be improperly or unfairly delayed or prohibited from boarding an 
aircraft. 

TSA expects to begin assuming from air carriers the watch-list matching 
function for domestic flights in January 2009, and to assume this 
function from U.S. Customs and Border Protection for flights departing 
from and to the Unites States by fiscal year 2010. 

Prior to April 2008, TSA Watch-List-Matching Requirements Were Broad 
and Allowed Air Carriers Discretion in Comparing Name Variations, Which 
Resulted in Less Effective Processes: 

Since the terrorist attacks of September 11, 2001, TSA has imposed, 
through security directives, requirements for watch-list matching, 
which include identifying passengers with names similar to those on the 
No Fly and Selectee lists--a process TSA refers to as similar-name 
matching. Identifying passengers with names similar to those on the No 
Fly and Selectee lists is a critical component of watch-list matching 
because individuals may travel using abbreviated name forms or other 
variations of their names. Therefore, searching for only an exact match 
of the passenger's name may not result in identifying all watch-listed 
individuals. 

Before undertaking revisions of the relevant security directives in 
2008, TSA expected air carriers to conduct similar-name matching, but 
TSA's security directives did not specify how many and what types of 
such name variations air carriers should compare. Consequently, the 14 
air carriers we interviewed reported implementing varied approaches to 
similar-name matching. Some carriers reported comparing more name 
variations than others, and not every air carrier reported conducting 
similar-name comparisons. Air carriers that conduct only exact-name 
comparisons and carriers that conduct relatively limited similar-name 
comparisons are less effective in identifying watch-listed individuals 
who travel under name variations. Also, due to inconsistent air carrier 
processes, a passenger could be identified as a match to a watch-list 
record by one carrier and not by another, which results in uneven 
effectiveness of watch-list matching. Moreover, there have been 
incidents, based on information provided by TSA's Office of 
Intelligence, of air carriers failing to identify potential matches by 
not successfully conducting similar-name matching. 

Generally, TSA had been aware that air carriers were not using 
equivalent processes to compare passenger names with names on the No 
Fly and Selectee lists. However, in early 2008 the significance of such 
differences was crystallized during the course of our review and 
following TSA's special emphasis inspection of air carriers' watch- 
list-matching capability. On the basis of these inspection results, in 
April 2008, TSA issued a revised security directive governing the use 
of the No Fly List to establish a baseline capability for similar-name 
matching to which all air carriers must conform. Also, TSA announced 
that it planned to similarly revise the Selectee List security 
directive to require the new baseline capability.[Footnote 12] 

According to TSA officials, the new baseline capability is intended to 
improve the effectiveness of watch-list matching, particularly for 
those air carriers that had been using less-thorough approaches for 
identifying similar-name matches and those air carriers that did not 
conduct any similar-name comparisons. However, because the baseline 
capability requires that air carriers compare only the types of name 
variations specified in the security directive, TSA officials noted 
that the new baseline established in the No Fly List security directive 
is not intended to address all possible types of name variations and 
related security vulnerabilities. Agency officials explained that based 
on their analysis of the No Fly and Selectee lists and interviews with 
intelligence community officials, the newly established baseline covers 
the types of name variations air carriers are most likely to encounter. 
TSA officials further stated that these revised requirements were a 
good interim solution because, among other reasons, they will 
strengthen security while not requiring air carriers to invest in 
significant modifications to their watch-list matching processes, given 
TSA's expected implementation of Secure Flight beginning in 2009. If 
implemented as intended, Secure Flight is expected to better enable the 
use of passenger names and other identifying information to more 
accurately match passengers to the subjects of watch-list records. 

Until a 2008 Special Emphasis Inspection, TSA Had Conducted Limited 
Testing of Air Carriers' Capability to Perform Similar-Name Matching: 

Until 2008, TSA had conducted limited testing of air carriers' similar- 
name-matching capability, although the agency had undertaken various 
efforts to assess domestic air carriers' compliance with watch-list 
matching requirements in the No Fly and Selectee list security 
directives. These efforts included a special emphasis assessment 
conducted in 2005 and regular inspections conducted in conjunction with 
annual inspection cycles. However, the 2005 special emphasis assessment 
focused on air carriers' capability to prescreen passengers for exact- 
name matches with the No Fly List, but did not address the air 
carriers' capability to conduct similar-name comparisons. Regarding 
inspections conducted as part of regular inspection cycles, TSA's 
guidance establishes that regulatory requirements encompassing critical 
layers of security need intensive oversight, and that testing is the 
preferred method for validating compliance. However, before being 
revised in 2008, TSA's inspection guidelines for watch-list-related 
inspections were broadly stated and did not specifically direct 
inspectors to test air carriers' similar-name-matching capability. 
Moreover, TSA's guidance provided no baseline criteria or standards 
regarding the number or types of such variations that must be assessed. 
Thus, although some TSA inspectors tested air carriers' effectiveness 
in conducting similar-name matching, the inspectors did so at their own 
discretion and without specific evaluation criteria. 

In response to our inquiry, six of TSA's nine principal security 
inspectors told us that their assessments during annual inspection 
cycles have not included examining air carriers' capability to conduct 
certain basic types of similar-name comparisons. Also, in reviewing 
documentation of the results of the most recent inspection cycle 
(fiscal year 2007), we found that available records in TSA's database 
made references to name-matching tests in only 6 of the 36 watch-list- 
related inspections that principal security inspectors conducted, and 
in only 55 of the 1,109 inspections that transportation security 
inspectors conducted.[Footnote 13] Without baseline criteria or 
standards for air carriers to follow in conducting similar-name 
comparisons, TSA has not had a uniform basis for assessing compliance. 
Further, without routinely and uniformly testing how effectively air 
carriers are conducting similar-name matching, TSA may not have had an 
accurate understanding of the quality of air carriers' watch-list- 
matching processes. 

However, TSA began taking corrective actions during the course of our 
review and after it found deficiencies in the capability of air 
carriers to conduct similar-name matching during the January 2008 
special emphasis inspection.[Footnote 14] More specifically, following 
the January 2008 inspection, TSA officials reported that TSA began 
working with individual air carriers to address identified 
deficiencies. Also, officials reported that, following the issuance of 
TSA's revised No Fly List security directive in April 2008, the agency 
had plans to assess air carriers' progress in meeting the baseline 
capability specified in the new security directive after 30 days, and 
that the agency's internal guidance for inspectors would be revised to 
help ensure compliance by air carriers with requirements in the new 
security directive. Further, in September 2008, TSA updated us on the 
status of its efforts with watch-list matching. Specifically, TSA 
provided us with the results of a May 2008 special emphasis assessment 
of seven air carriers' compliance with the revised No Fly List security 
directive. Although the details of this special emphasis assessment are 
classified, TSA generally characterized the results as positive. Also, 
the TSA noted that it plans to work with individual air carriers, as 
applicable, to analyze specific failures, improve system performance, 
and conduct follow-up testing as needed. Further, officials noted that 
the agency's internal handbook, which provides guidance to 
transportation security inspectors on how to inspect air carriers' 
compliance with requirements, including watch-list-matching 
requirements, was being revised and was expected to be released later 
this year. Officials stated that the new inspection guidance would be 
used in conjunction with TSA's nationwide regulatory activities plan 
for fiscal year 2009. However, while these actions and plans are 
positive developments, it is too early to determine the extent to which 
TSA will assess air carriers' compliance with watch-list-matching 
requirements based on the new security directives since these efforts 
are still underway and have not been completed. 

DHS Has Made Progress in Developing and Implementing the Secure Flight 
Program, but Challenges Remain That May Hinder the Program Moving 
Forward: 

Over the last 4 years, we have reported that the Secure Flight program 
(and its predecessor known as the Computer Assisted Passenger 
Prescreening System II or CAPPS II) had not met key milestones or 
finalized its goals, objectives, and requirements, and faced 
significant development and implementation challenges.[Footnote 15] 
Acknowledging the challenges it faced with the program, in February 
2006, TSA suspended the development of Secure Flight and initiated a 
reassessment, or rebaselining, of the program, which was completed in 
January 2007. In February 2008, we reported that TSA had made 
substantial progress in instilling more discipline and rigor into 
Secure Flight's development and implementation, including preparing key 
systems development documentation and strengthening privacy 
protections.[Footnote 16] However, we reported that challenges remain 
that may hinder the program's progress moving forward. Specifically, 
TSA had not (1) developed program cost and schedule estimates 
consistent with best practices, (2) fully implemented its risk 
management plan, (3) planned for system end-to-end testing in test 
plans, and (4) ensured that information-security requirements are fully 
implemented. If these challenges are not addressed effectively, the 
risk of the program not being completed on schedule and within 
estimated costs is increased, and the chances of it performing as 
intended are diminished. 

To address these challenges, we made several recommendations to DHS and 
TSA to incorporate best practices in Secure Flight's cost and schedule 
estimates and to fully implement the program's risk-management, 
testing, and information-security requirements. DHS and TSA officials 
generally agreed to implement the recommendations and reported that 
they are making progress doing so. According to TSA officials, the 
"initial cutover" or assumption of the watch-list matching function 
from one or more air carriers for domestic flights is scheduled to 
begin in January 2009. However, as of July 2008, TSA had not developed 
detailed plans or time frames for assuming watch-list matching from all 
air carriers for domestic flights. We will continue to evaluate TSA's 
efforts to develop and implement Secure Flight and its progress in 
addressing our prior recommendations as part of our ongoing review. 

Concluding Observations: 

Until the Secure Flight program is implemented, TSA's oversight of air 
carriers' compliance with watch-list-matching requirements remains an 
important responsibility. In this regard, TSA's April 2008 revision of 
the No Fly List security directive--and a similar revision planned for 
the Selectee List security directive--are significant developments. The 
April 2008 revision establishes a baseline name-matching capability 
applicable to all domestic air carriers. Effective implementation of 
the baseline capability should strengthen watch-list-matching 
processes, especially for those air carriers that had been using less- 
thorough approaches for identifying similar-name matches. Concurrently, 
revised internal guidance for TSA's inspectors can help ensure that 
compliance inspections of air carriers are conducted using the 
standards specified within the security directives as evaluation 
criteria. At the time of our review, TSA was in the initial stage of 
revising the internal guidance for inspectors. As a result, it is too 
early to determine the extent to which updated guidance for principal 
security inspectors and transportation security inspectors will 
strengthen oversight of air carriers' compliance with the security 
directive requirements. Going forward, TSA officials acknowledge that 
the baseline capability specified in the revised No Fly List security 
directive and the similar revision planned for the Selectee List 
security directive--while an improvement--does not address all 
vulnerabilities identified by TSA and does not provide the level of 
risk mitigation that is expected to be achieved from Secure Flight. 
Thus, TSA officials recognize the importance of--and the challenges to-
-ensuring continued progress in developing and deploying the Secure 
Flight program as soon as possible. 

Madam Chairwoman, this concludes my statement. I would be pleased to 
answer any questions that you or other members have at this time. 

GAO Contact and Staff Acknowledgments: 

For questions regarding this testimony, please contact Cathleen A. 
Berrick, Director, Homeland Security and Justice Issues, at (202) 512- 
3404 or berrickc@gao.gov. 

Other key contributors to this statement were Mona Blake, Danny R. 
Burton, Ryan Consaul, R. Eric Erdman, Michele C. Fejfar, Richard B. 
Hung, Thomas F. Lombardi, Sara Margraf, Victoria E. Miller, Maria 
Soriano, and Margaret Vo. 

[End of section] 

Footnotes: 

[1] For the purposes of this statement, domestic air carriers are those 
with operations based in the United States that maintain full security 
programs in accordance with 49 C.F.R. part 1544. The number of domestic 
air carriers has varied over time, for example, from 95 in 2005 to 
about 70 in 2007. 

[2] These lists contain applicable records from the Terrorist Screening 
Center's consolidated database of known or appropriately suspected 
terrorists. Pursuant to Homeland Security Presidential Directive 6, 
dated September 16, 2003, the Terrorist Screening Center--an entity 
that has been operational since December 2003 under the administration 
of the Federal Bureau of Investigation--was established to develop and 
maintain the U.S. government's consolidated terrorist screening 
database (the watch list) and to provide for the use of watch-list 
records during security-related screening processes. See GAO, Terrorist 
Watch List Screening: Recommendations to Promote a Comprehensive and 
Coordinated Approach to Terrorist-Related Screening, [hyperlink, 
http://www.gao.gov/cgi-bin/getrpt?GAO-08-253T] (Washington, D.C.: Nov. 
8, 2007). 

[3] GAO, Aviation Security: TSA Is Enhancing Its Oversight of Air 
Carrier Efforts to Identify Passengers on the No Fly and Selectee 
Lists, but Expects Ultimate Solution to Be Implementation of Secure 
Flight, [hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-08-992] 
(Washington, D.C.: Sept. 9, 2008). 

[4] GAO, Aviation Security: Transportation Security Administration Has 
Strengthened Planning to Guide Investments in Key Aviation Security 
Programs, but More Work Remains, [hyperlink, http://www.gao.gov/cgi-
bin/getrpt?GAO-08-456T] (Washington, D.C.: Feb. 28, 2008). 

[5] Our selection of the 14 air carriers was based, in part, on 
operational size with the goal of obtaining a range of sizes. Although 
the 14 air carriers (selected from a total of 95 air carriers required 
to perform watch-list matching during calendar year 2005) represent a 
range in the types of air carriers that conduct watch-list matching, 
and, according to our calculations, accounted for approximately 70 
percent of all passengers that boarded domestic flights in 2005, the 
results of our interviews are not generalizable to the domestic 
operations of all domestic air carriers. However, our selection allowed 
us to understand how watch-list matching was performed for the majority 
of passengers flying domestically in 2005, although we did not 
independently verify each air carrier's reported method of 
implementation. 

[6] Special emphasis assessments and special emphasis inspections are 
nonroutine activities undertaken at the direction of TSA headquarters. 
According to TSA, a special emphasis assessment addresses a 
vulnerability that generally is not tied to a regulation, while a 
special emphasis inspection is tied to a regulatory requirement. 

[7] TSA officials did not provide us a targeted issuance date for the 
revised Selectee List security directive. 

[8] TSA reported that the January 2008 special emphasis inspection 
covered 52 domestic air carriers and 31 foreign air carriers. 

[9] Our review of TSA's progress with Secure Flight is being conducted 
in response to requests from the U.S. Senate (Committee on Commerce, 
Science, and Transportation, and its Subcommittee on Aviation 
Operations, Safety, and Security; Committee on Appropriations, 
Subcommittee on Homeland Security; Committee on Homeland Security and 
Governmental Affairs; and Committee on the Judiciary) and the U.S. 
House of Representatives (Committee on Transportation and 
Infrastructure, Committee on Homeland Security, and Committee on 
Oversight and Government Reform). In addition, the Consolidated 
Appropriations Act, 2008, requires that we report to the Committees on 
Appropriations of the Senate and House of Representatives on DHS's 
certification of 10 conditions outlined in section 522(a) of the 
Department of Homeland Security Appropriations Act, 2005, related to 
the development and implementation of the Secure Flight program. See 
Pub. L. No. 110-161, Div. E, § 513, 121 Stat. 1844, 2072-73 (2007). 

[10] PARIS is the acronym for the Performance and Results Information 
System, which is TSA's inspections database. This database assists TSA 
management by providing factual and analytical information on the 
compliance of TSA-regulated entities. There are approximately 1,700 
PARIS prompts, which serve as guidelines for TSA inspectors. 

[11] See Pub. L. No. 108-458, § 4012(a), 118 Stat. 3638, 3714-18 (2004) 
(codified at 49 U.S.C. § 44903(j)(2)(C)). 

[12] In August 2008, TSA informed us that the revised Selectee List 
security directive was still in the agency's internal clearance 
process, and did not provide us a targeted issuance date. 

[13] According to TSA data, these 1,145 watch-list-related inspections 
(36 plus 1,109) covered 60 domestic air carriers, and most of the air 
carriers were inspected multiple times. 

[14] According to TSA officials, the January 2008 special emphasis 
inspection covered 52 domestic air carriers and 31 foreign air 
carriers. 

[15] See GAO, Aviation Security: Progress Made in Systematic Planning 
to Guide Key Investment Decisions, but More Work Remains, [hyperlink, 
http://www.gao.gov/cgi-bin/getrpt?GAO-07-448T] (Washington, D.C.: Feb. 
13, 2007). 

[16] See GAO, Aviation Security: Transportation Security Administration 
Has Strengthened Planning to Guide Investments in Key Aviation Security 
Programs, but More Work Remains, [hyperlink, http://www.gao.gov/cgi-
bin/getrpt?GAO-08-456T] (Washington, D.C.: Feb. 28, 2008). 

[End of section] 

GAO's Mission: 

The Government Accountability Office, the audit, evaluation and 
investigative arm of Congress, exists to support Congress in meeting 
its constitutional responsibilities and to help improve the performance 
and accountability of the federal government for the American people. 
GAO examines the use of public funds; evaluates federal programs and 
policies; and provides analyses, recommendations, and other assistance 
to help Congress make informed oversight, policy, and funding 
decisions. GAO's commitment to good government is reflected in its core 
values of accountability, integrity, and reliability. 

Obtaining Copies of GAO Reports and Testimony: 

The fastest and easiest way to obtain copies of GAO documents at no 
cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each 
weekday, GAO posts newly released reports, testimony, and 
correspondence on its Web site. To have GAO e-mail you a list of newly 
posted products every afternoon, go to [hyperlink, http://www.gao.gov] 
and select "E-mail Updates." 

Order by Mail or Phone: 

The first copy of each printed report is free. Additional copies are $2 
each. A check or money order should be made out to the Superintendent 
of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or 
more copies mailed to a single address are discounted 25 percent. 
Orders should be sent to: 

U.S. Government Accountability Office: 
441 G Street NW, Room LM: 
Washington, D.C. 20548: 

To order by Phone: 
Voice: (202) 512-6000: 
TDD: (202) 512-2537: 
Fax: (202) 512-6061: 

To Report Fraud, Waste, and Abuse in Federal Programs: 

Contact: 

Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]: 
E-mail: fraudnet@gao.gov: 
Automated answering system: (800) 424-5454 or (202) 512-7470: 

Congressional Relations: 

Ralph Dawn, Managing Director, dawnr@gao.gov: 
(202) 512-4400: 
U.S. Government Accountability Office: 
441 G Street NW, Room 7125: 
Washington, D.C. 20548: 

Public Affairs: 

Chuck Young, Managing Director, youngc1@gao.gov: 
(202) 512-4800: 
U.S. Government Accountability Office: 
441 G Street NW, Room 7149: 
Washington, D.C. 20548: