Detailed Information on the
Bureau of Reclamation - Site Security Assessment

Improve the linkage between program performance and program budget requests

Collect performance information and refine timelines and cost estimates for reducing risk at critical and project essential facilities.

Examine the internal management of the program to improve Bureau and Departmental oversight and communication.

Measure: Percent of assets where security-related risks are at an acceptable level.

Explanation:A primary objective of the Security and Anti-Terrorism Program is to reduce the security-related risks at critical infrastructure facilities. Risks can be reduced through a variety of means, from increasing the difficulty of attacking assets to decreasing the probability of success of an attack via a variety of prevention and/or protective measures. Security risk assessments give a relative indication of risk (e.g. Unacceptable Medium Priority, Unacceptable Low Priority, or Acceptable) based on an assessment of threats, vulnerabilities, consequences, and existing security measures. Changes in risk rating will be determined, over the lng-term, as security improvements are implemented and risk assessments are re-conducted. Tracking this measure will provide insight into the long-term effectiveness of protective measures implemented to reduce risk. Discrepancies beween past actual numbers and future targets reflect new knowledge based on risk assessments that were completed during the past several years.

Measure: Percent of risk assessment recommendations that have been completed

Explanation:The overall strategic outcome of the Security and Anti-Terrorism Program is critical infrastructure that is protected against plausible and specific threats. Recommendations for security improvements are made during the risk assessment, review, and decision making process. Although implementation of individual protective measures is extremely dependent on funding, tracking this measure will give an overall indication of how many of the recommended protective measures have been accomplished (i.e. funded, installed, and are operational). This number does not reflect a static situatin; the percentage from year-to-year reflects a change in the number of completed recommendations, as well as new recommendations.

Measure: Cost per active background investigation file (in dollars)

Explanation:The Security and Anti-Terrorism Program processes and maintains hundreds of background investigation cases each year. A primary measure of the efficiency of the personnel security function is the total cost per active background investigation file. This cost includes the costs of processing and adjudicating background investigations and reinvestigations, issuance and verification of national security clearances, maintenance of personnel security files and databases, and related activities. This measure will track the efficiency of the background investigation and national security clearance processes, including the ability to implement and maintain electronic methodologies for completing and submitting background investigation forms, verifying the status of investigations and clearances, and maintaining personnel security records.

Measure: Percent of critical facilities that have had a comprehensive security review conducted in the past 6 years.

Explanation:Reclamation will conduct periodic assessments of each critical and project essential facility evey six years, so that all facilities are re-assessed in a six-year period; annual targets are derived from this number. Tracking this measure will determine the progress in assessing risks and identifying the protective measures needed at critical infrastructure facilities. The process includes a formal peer review and decision making process that critically evaluates each recommendation in relation to risk reduction strategies.

Measure: Percent of threat assessments conducted annually in support of comprehensive security reviews.

Explanation:This measure tracks whether threat assessments are updated annually in each of Reclamation's five regions, and measures an input to Reclamation's state of readiness (knowlede of threat environment), as well as coordination with state, local, and other Federal entities. Threat assessments are a critical components of Reclamation's strategy to reduce security-relateed risks to critical infrastructure. Threat is a dynamic, fast-changing component and must be assessed frequently. Annual updates to threat assessments will address threat to Reclamation facilities by region, including thematic coverage of international terrorism, domestic terrorism-militia/gang and domestic sabotage/ environmental sabotage/anarchy. Regional threat assessments will also highlight the specific threat to critical infrastructure assets within each region.

Is the program purpose clear?

Explanation: The purpose of the Security and Anti-terrorism program is to protect the dams and related facilities owned by the Bureau of Reclamation from terrorist attack and other plausible threats. The key objective for accomplishing this purpose is a reduction in security-related risks achieved through a combination of Preparedness, Prevention, Protection, and Response. While the program purpose is clear, the role of the Department of Homeland Security and several interagency committiees dealing with infrastructure security in general and dam security in particular is less clear. The program purpose, strategies, and objectives are defined in a set of documents that are rooted in the USA Patriot Act and the Homeland Security Act of 2002. These documents include Homeland Security Presidential Directive 7 (HSPD-7), "Critical Infrastructure Identification, Prioritization, and Protection;" HSPD-12, "Policy for a Common Identification Standard for Federal Employees and Contractors;" the National Infrastructure Protection Plan (NIPP); and the Dam Sector Specific Plan "Dams as a Key Resource for Critical Infrastructure Protection as Input to the National Infrastructure Protection Plan."

Evidence: The Homeland Security Act of 2002 and the July 2002 "National Strategy for Homeland Security" collectively defined the vision for the Nation's Critical Infrastructure Protection (CIP) program. In December 2003, the President issued HSPD-7 to direct the activities of the CIP effort. HSPD-7 establishes a national policy for Federal departments and agencies to identify and prioritize United States critical infrastructure and key resources and to protect it from terrorist attacks. HSPD-7 also directed the Department of Homeland Security (DHS) to produce a comprehensive, integrated National Plan for Critical Infrastructure and Key Resources Protection to outline national goals, objectives, milestones, and key initiatives. In February 2005, DHS released an Interim NIPP to provide a consistent, unifying structure for integrating CIP efforts into a national program. The NIPP outlines how DHS and its stakeholders will develop and implement the national effort to protect infrastructure across all sectors, including the dam sector. The NIPP outlines national goals and objectives, introduces the risk-management framework that supports the national goals, and presents key actions that are crucial to meeting overall goals. DHS, which is responsible for the dam sector, has also developed a draft Sector Specific Plan. The Sector Specific Plan tiers off the NIPP, but relates specifically to the protection of dams and related resources. The plan identifies strategies for identifying sector assets, assessing vulnerabilities and prioritizing assets, developing protective programs, and planning for research and development. Reclamation participated in development of the plan.

Does the program address a specific and existing problem, interest, or need?

Explanation: The program addresses the ongoing challenge of security at Reclamation's facilities, particularly its dams, reservoirs, and powerplants, from external and internal threats. Dams are a vital part of the nation's critical infrastructure, providing a range of economic, environmental, and social benefits. In the event of a dam failure, the potential energy of the water stored behind even a small dam is capable of causing loss of life and great property damage, as well as loss of project benefits. Additionally, Reclamation's reservoirs and visitor centers attract approximately 90 million visits a year. Reclamation must provide a safe and secure environment for the visitors to Reclamation's recreational and project facilities. More broadly, the program is part of a goverment-wide effort to address a specific and existing problem, which is stated in HSPD-7: "Terrorists seek to destroy, incapacitate, or exploit critical infrastructure and key resources across the United States to threaten national security, cause mass casualties, weaken our economy, and damage public morale and confidence." Terrorist organizations continue to successfully attack critical infrastructure worldwide, and evidence exists of terrorist intentions to conduct similar attacks within the United States. Exploitation or destruction of this critical infrastructure and key resources could cause catastrophic mass casualties comparable to those from the use of a weapon of mass destruction, could profoundly affect national prestige and morale, and could have a debilitating effect on security and economic well-being, including loss of mission delivery of water and power throughout the United States.

Evidence: Reclamation's infrastructure faces potential threats from both domestic and international groups for a variety of reasons. In addition, there is evidence that adversaries are actively planning possible attacks on critical infrastructure and key resources, including resources within the dam sector. The threat environment to Reclamation's facilities is based on the attractiveness of facilities as targets, due to their nature as icons and the havoc they could wreak if destroyed, and to specific incidents of attempts to compromise their security.

Is the program designed so that it is not redundant or duplicative of any other Federal, state, local or private effort?

Explanation: Reclamation's security program is designed so that it is not redundant or duplicative of any other Federal, state, local, or private effort. First, Reclamation has no authority to carry out security activities at any non-Reclamation facility. Second, Reclamation coordinates with other agencies, interagency groups, and associations to ensure there is no duplication of effort with these entities. However, many other Federal, state, local, and private entities undertake similar activities as Reclamation does in securing its facilities. Although each agency or owner might conduct dam safety and security activities that are similar, they are only conducted on the dams and assets in the ownership or regulatory oversight of the agency. To further prevent duplication of efforts and ensure coordination of activities and implementation of best practices, the agencies regularly discuss and coordinate issues, methodologies, and responsibilities through groups such as the National Dam Safety Review Board, Interagency Committee on Dam Safety (ICODS), and Interagency Forum on Infrastructure Protection which includes the Army Corps of Engineers, Tennessee Valley Authority, Bonneville Power Administration, Western Area Power Administration, Federal Emergency Management Agency, Federal Energy Regulatory Commission, Sandia National Laboratory, Association of State Dam Safety Officials, and others.

Evidence: Clear legal authorities and rigorous coordination between agencies combine to prevent redundancy and duplication of dam safety and security efforts. For example, the Federal Emergency Management Agency, now part of the Department of Homeland Security (DHS) Emergency Preparedness and Response Directorate, has worked for years with the ICODS agencies, the states, and private industry on the implementation of requirements and initiatives for dam safety. It now works with a number of organizations involving dam sector stakeholders on issues of national concern, including the security of dams and related infrastructure. The new Government Coordinating Council and the Dam Sector Coordinating Council, which Reclamation participates in, will address important cross-sector issues, impediments to action and the steps necessary to address them, and information-sharing procedures between the dam sector and other sectors. The Coordinating Council for the Dam Sector will build consensus on information sharing capabilities for the dam sector and will oversee the development and implementation of sector-wide programs and activities, including national planning, awareness and information-sharing activities, training, and the establishment of standard practices and guidelines. Through the establishment of the Coordinating Council for the Dam Sector, the DHS Information Analysis and Infrastructure Protection Directorate will be able to establish and enhance relationships with all entities in the dam sector and to regularly engage all dam sector stakeholders so that there is a continual flow of information and accountability.

Is the program design free of major flaws that would limit the program's effectiveness or efficiency?

Explanation: Reclamation's Security and Anti-Terrorism Program has largely developed after the terrorist attacks of 9/11/2001, therefore it has been designed to respond to that threat environment, concurrent with other sweeping changes in infrastructure security. Reclamation took specific actions to ensure the program was free of major flaws that would limit the program's effectiveness or efficiency. Reclamation formed the Security, Safety, and Law Enforcement (SSLE) organization, detailed several individuals to the new organization to provide immediate support, and identified 17 strategic tasks to accomplish. The number one task was a Top-Down Security Program Review to evaluate the current organization, policies, and processes, and to make recommendations for an effective, mature, sustainable security program. The review team consisted of security experts from Sandia National Laboratories and the Interagency Forum for Infrastructure Protection. The review team made 16 key recommendations in the areas of program management, physical security, personnel security, information security, IT security, and law enforcement, to provide Reclamation with a road map for developing an effective, mature, sustainable program and integrating quality management elements using a systems approach. Reclamation structured much of its Security and Anti-Terrorism program on these findings and recommendations. Reclamation also used the Dam Safety Program as a model for establishing the security risk assessment, decisionmaking, and emergency management processes.

Evidence: Recommendations from the Top-Down Security Program Review addressed a number of organizational, coordination, training, policy, and procedural issues. Reclamation implemented these recommendations either directly, or using an alternative strategy that addressed the key issues and concerns of the review team. SSLE is also in the process of developing and implementing policies and procedures addressing personnel security, information security, physical security, and other areas. In addition, program activities are extensively coordinated with the Dam Safety and Safety programs, which are also located in SSLE, and the IT security program, which is located in the Chief Information Officer organization. Reclamation hired several security professionals to permanently staff the Security and Anti-Terrorism Program. This staff consists of a Chief Security Officer, personnel security specialists, an information security specialist, physical security engineers, program analysts, and support staff. In addition, service agreements are in place with Reclamation's Technical Service Center to provide technical support for security risk assessments, studies and reviews, and other security-related activities.

Is the program design effectively targeted so that resources will address the program's purpose directly and will reach intended beneficiaries?

Explanation: The program targets resources based on a risk assessment of Reclamation facilities, focusing on reducing risk at the higher risk faciltiies before pursuing actions at the lower-risk facilities. The beneficiaries of the Security and Anti-terrorism program are the employees and public whose safety and well-being depend on the effectiveness of the program, and the project beneficiaries that receive water, power, flood control, recreation, and project benefits. The primary emphasis in Reclamation's facility prioritization is the downstream population at risk; a secondary consideration is the potential loss of project benefits.

Evidence: Reclamation's risk assessment of facilities uses a prioritization formula that determines which facilities are most vulnerable to an attack, which are the most attractive targets, and which facilities have the highest consequences in the event of a failure. Reclamation also categorizes each facility based on the facility priority and additional factors such as designation as National Critical Infrastructure, interdependencies and cascading effects, and economic impacts. The category and priority of the facility are then collectively used to establish budgets and funding priorities for implementing fortification and other security improvements, to determine the order of security risk assessments, and to apply specific protective measures at different threat conditions. A Security Working Group consisting of SSLE security staff, regional security officers, and program management staff periodically meets to review the budget and expenditures and ensure an effective balance of funding between fortification, guards, studies and reviews, and program management activities. This helps ensure that budget and funding priorities effectively target the most important activities in order to maximize the funding available for implementing critical security improvements. In addition, a key element of Reclamation's security risk assessment process is review of proposed risk reduction recommendations by a Security Advisory Team (SAT) and Decision Team. The SAT and decision process consists of a peer review of initial findings and recommendations by internal and external security experts to validate each recommendation in relation to risk reduction strategy. This ensures that recommendations have been critically evaluated and are cost effective, that they reduce risk, and that consistent strategies are applied across Reclamation.

Does the program have a limited number of specific long-term performance measures that focus on outcomes and meaningfully reflect the purpose of the program?

Explanation: The program has one outcome-oriented long-term performance measure, "Number of assets with a high risk rating", that reflects the overall risk status of its facilities. The goal is to reduce this number over time. Risk status is in turn based up on a series of evaluations of risk, based on vulnerability, attractiveness as a target, population at risk, and impact of loss of project benefits. The other long-term measure, "Number of periodic security risk assessments conducted on critical or project essential facilies", is an output that tracks the program's long-term goal of updating its risk assessments.

Evidence: These long-term measures support and are consistent with long-term mission goal 2.15 in Reclamation's FY2000-2005 Strategic Plan: "By 2005, Reclamation will reduce failure risk at its significant and high-hazard dams and facilities. This will be done by completing Safety of Dams modifications, site security improvements, and Comprehensive and Periodic Facility Reviews."

Does the program have ambitious targets and timeframes for its long-term measures?

Explanation: The program has reasonably ambitous targets and timeframes for its long-term measures.

Evidence: Targets and timeframes for the two new long-term measures have been developed based on budgets and schedules for implementation of upgraded protective measures and the projected schedules for conducting periodic risk assessments. Reductions in risk rating are validated through a reassessment of the security risks at a facility after the security improvements are completed. Reclamation is developing a periodic re-assessment program that will ensure that a comprehensive risk assessment occurs every 6 years at each critical infrastructure and project essential facility.

Does the program have a limited number of specific annual performance measures that can demonstrate progress toward achieving the program's long-term goals?

Explanation: The program has two annual performance measures that demonstrate progress toward achieving the program's long-term goals: number of periodic security risk assessments completed, and number of updated regional threat assessments. It has one other annual measure that is important to tracking program effectiveness and efficiency, but does not directly relate to the long-term goals:, cost per active background investigation file. These measures will determine the progress in assessing risks and identifying the protective measures needed at critical infrastructure facilities, and determine the efficiency of the background investigation and national security clearance processes. Additionally, the two long-term measures are also tracked on an annual basis.

Evidence: Reclamation tracks accomplishment of risk assessments, implementation of security measures, accomplishment of background investigations, and threat assessment information in several databases, electronic spreadsheets, and project management applications, including the Security Risk Assessment Database and the Personnel Security and Suitability Data Base. Reclamation is making progress in accomplishing these annual goals and has multi-year schedules and budget plans for accomplishing the goals.

Does the program have baselines and ambitious targets for its annual measures?

Explanation: The program has developed baselines and targets for most of its annual measures. It does not yet have a baseline in place for its measure of regional threat assessments, but it does have a target for that measure.

Evidence: Reclamation has baselines and targets for activities relating to its annual measures in several databases and spreadsheets used for planning and scheduling activities. Although Reclamation has baselines and ambitious targets for these activities and has used this information to develop budgets and schedule activities and resources, it has not tracked this information as formal annual performance measures.

Do all partners (including grantees, sub-grantees, contractors, cost-sharing partners, and other government partners) commit to and work toward the annual and/or long-term goals of the program?

Explanation: Most of Reclamation's project partners commit to and work toward and annual and long-term goals of the program; however, many of them have also resisted the implementation of exisitng law that would make security-related operating costs, such as guards, reimbursable. In essence, these project partners are unwilling to help finance achievement of critical program goals. Many of Reclamation's facilities are operated and maintained by operating entities, such as water districts. These partners are involved in the risk assessment process and are responsible for operating and maintaining the security measures installed at the facilities they manage. With respect to the completion of risk assessments and the acceptance and implementation of specific protection measures, these partners have worked toward the annual goals of the program.

Evidence: Operating entities participate in the risk assessment process, which includes development of security recommendations. They are also involved in Security Advisory Team (SAT) meetings, where recommendations are peer reviewed. Reclamation's SAT ensures that risk assessment team recommendations are reasonable and that critical thinking has been applied. Operating entities are also involved in the review of Site Security Plans. Where operating entities have been involved in past risk assessments, the entities have been generally receptive of the recommendations made, and have often been quick to implement needed changes. In a few cases, operating entities have proceeded with minor security improvements at their expense.

Are independent evaluations of sufficient scope and quality conducted on a regular basis or as needed to support program improvements and evaluate effectiveness and relevance to the problem, interest, or need?

Explanation: The program has undergone several rigorous reviews that meet the criteria for a "yes". These reviews have resulted in numerous recommendations for program improvements. The Security and Anti-terrorism Program has had 3 comprehensive independent evaluations in the period 2002-2005, and has a fourth scheduled for 2006. A "Top-Down Review" of the entire program was conducted in 2002 by an independent team of security experts from Sandia National Laboratories and the Interagency Forum for Infrastructure Protection. An integrated team of auditors from the Department of the Interior, Inspector General (IG), Office of Program Integrity also conducted a comprehensive evaluation of the program in 2002. The IG team performed a minor follow-up review in 2003 and performed a second comprehensive review of the entire program in 2005, including numerous site visits. A second comprehensive "Top-Down Review" will be performed by the National Academy of Sciences in FY 2006. The Department of the Interior's Office of Law Enforcement and Security has also conducted periodic independent evaluations of the site security programs at Reclamation's 5 National Critical Infrastructure facilities. In addition, a key element of Reclamation's security risk assessment process is review of proposed risk reduction recommendations by a Security Advisory Team (SAT). The SAT process consists of a peer review of initial findings and recommendations by internal and external security experts to validate each recommendation in relation to risk reduction strategy. This ensures that recommendations have been critically evaluated and are cost effective, that they reduce risk, and that consistent strategies are applied across Reclamation. Reclamation plans on conducting independent evaluations every 3 years or as needed to support program improvements and evaluate effectiveness.

Evidence: To evaluate the current organization, policies, and processes of the program, the Top-Down review team reviewed Reclamation and DOI documents; interviewed personnel from the Washington Office, Denver Office, Regional Offices, and Area Offices; and interviewed DOI personnel. The review team used their security expertise to develop recommendations for the program analyzing features such as senior management support and commitment, documented roles and responsibilities, policies and procedures, staffing levels and expertise, funding levels, realignment of resources as threats and situations change, employee and contractor involvement, and prioritization of security activities based on the importance of the asset ("graded approach"). The IG team focused primarily on 1) supplemental funding provided to the Department to assist in a post-September 11 response and whether controls existed to ensure that the funds were used in accordance with the intent of Congress, 2) whether comprehensive plans existed at the Department/Bureau levels to provide the necessary oversight and management of homeland security measures, and 3) the progress and/or implementation of the measures stated in the funding justification.

Are Budget requests explicitly tied to accomplishment of the annual and long-term performance goals, and are the resource needs presented in a complete and transparent manner in the program's budget?

Explanation: The budget request, which is part of Reclamation's Water and Related Resources account, directly supports the annual and long-term performance goals of reducing risk, completing security risk assessments, upgrading protective measures at critical infrastructure facilities, accomplishing personnel security activities, and analyzing incident reports. However, the request is insufficiently detailed to enable an assessment of the impacts of changes in the budget on the ability of the program to achieve its goals, either at a programmatic or a facility level. For instance, because of the lack of sufficient detail in budget requests, it is not possible to determine what impact an increase or reduction would have on the security at a particular facility. However, the program has improved its budget requests in this area, and coupled with future reporting on performance measures transparency between performance and budgeting should improve. Some transparency issues arrise because oversight within the Department of the Interior falls outside of the review pathways for other Bureau of Reclamation activites. Similarly, oversight of some classified materials is hindered because key officials may not have the necessary security clearances to enable their review.

Evidence: The budget request supports the goals of reducing risk, completing security risk assessments, upgrading protective measures at critical infrastructure facilities, accomplishing personnel security activities, and analyzing incident reports. The budget request includes all direct and indirect costs needed to obtain performance results. There is presently not enough information to ascertain progress toward achieving those results, but continued collection of performance information should improve that situation.

Has the program taken meaningful steps to correct its strategic planning deficiencies?

Explanation: Reclamation has taken meaningful steps to address many of the strategic deficiencies identified in the numerous reviews of its program, especially since 2001. This has resulted in a major transformation of the program over the last several years. Reclamation takes meaningful steps to correct strategic planning deficiencies by addressing recommendations from external reviews, implementing changes based on studies and security exercise information, and adjusting strategies as needed. Reclamation addressed these recommendations by either directly implementing the recommendations, or by developing alternative strategies that addressed the key issues and concerns of the review teams. Reclamation has continuously worked towards eliminating strategic planning deficiencies and meeting the long-term Strategic Plan mission goal of reducing failure risk at its significant and high-hazard dams and facilities.

Evidence: Facets of the security program were formerly managed locally by offices other than SSLE, making integration difficult. Reclamation integrated these security elements under SSLE for consistency, best security alternatives and practices, and implementation. It also moved the personnel security function from Human Resources to SSLE and moved the responsibility for Information Security and security risk assessments into SSLE. One review showed that Reclamation was utilizing contractors and employees on detail to provide needed expertise. In response, Reclamation has filled over 20 professional security and law enforcement positions with trained and experienced individuals from agencies such as the State Department and law enforcement programs in other Federal agencies. Reclamation also used contracted activities to develop in-house expertise within SSLE and the Technical Service Center in areas such as security risk assessments, studies and reviews, derivative classification, secure facilities, and security response forces.

Has the agency/program conducted a recent, meaningful, credible analysis of alternatives that includes trade-offs between cost, schedule, risk, and performance goals, and used the results to guide the resulting activity?

Explanation: The program has conducted recent, meaningful, credible analysis of alternatives at every facility. Alternative actions are weighed against the general threat environment and the vulnerability of each facility. The decision on which actions to take at a given facility are assessed within the framework of achieving broader risk reduction goals. Analysis of alternatives includes: 1) review and validation of recommended security improvements at high-risk facilities, 2) implementation of security guard forces at National Critical Infrastructure (NCI) facilities, and 3) implementation of fortification measures at critical infrastructure facilities. In each case, the results of the analysis were used to determine the best course of action and make final decisions regarding the activity.

Evidence: A key element of Reclamation's security risk assessment process is review of proposed recommendations by a Security Advisory Team (SAT). The SAT process consists of a peer review of initial findings and recommendations by internal and external security experts to validate each recommendation in relation to risk reduction strategy. This ensures that recommendations have been critically evaluated and are effective, that they reduce risk, and that consistent strategies are applied across Reclamation. The SAT also considers the cost of a proposed recommendation relative to the projected reduction in risk that the recommendation provides. Reclamation hired a security contractor to conduct a front-end analysis of security guard functions at NCI facilities. The analysis examined the existing condition as well as various alternatives to provide a security force sufficient to meet specific defense objectives. The analysis was used to make final decisions at one NCI, resulting in significant cost saving. The decisionmaking is in process at the remaining NCIs. For procurement and installation of protective equipment at critical infrastructure facilities, Reclamation has conducted analysis of alternative products and contracting mechanisms, evaluating equipment capability, reliability, effectiveness, cost, installation, maintenance, and scheduling factors. Reclamation has also evaluated procurement and installation alternatives, including use of indefinite quantity contracts, contracts through other agencies, use of the GSA Supply schedule for acquisition and installation, and use of in-house capabilities for installation.

Does the agency regularly collect timely and credible performance information, including information from key program partners, and use it to manage the program and improve performance?

Explanation: Reclamation regularly collects and updates performance information and uses it to manage the program and improve performance. A central risk assessment database contains data on the risk rating of facility assets and the status of security risk assessments, decision documents, security recommendations, and Site Security Plans. Reclamation's managing partners are involved in the development of this data. This performance data is used to adjust program priorities, allocate resources, and take other appropriate management actions.

Evidence: Reclamation uses the risk rating of facility assets to identify assets that have unacceptable security risks. This data is combined with facility criticality and facility priority data to direct funding to the facilities most in need of security improvements. Reclamation uses performance data on security risk assessments, decision documents, and security recommendations to direct funding and staff resources to the most critical program needs, including completion of initial risk assessments and implementation of security recommendations at Reclamation's most critical and highest priority facilities.

Are Federal managers and program partners (including grantees, sub-grantees, contractors, cost-sharing partners, and other government partners) held accountable for cost, schedule and performance results?

Explanation: The SES-level Director of Security, Safety, and Law Enforcement is responsible for overall accomplishment of the Security and Anti-Terrorism Program. Program goals and objectives are accomplished through three subordinate managers: the Chief Security Officer, Law Enforcement Administrator, and the manager of the Program Management Office. Each of these four managers have Employee Performance Appraisal Plans that contain critical elements holding them accountable for Security and Anti-Terrorism Program results. Operating entity partners participate in the risk assessment process, which includes development and peer review of security recommendations. However, Reclamation is responsible for the design, acquisition, and installation of protective measures. Reclamation works closely with the operating entity to schedule installation of equipment and implementation of specific measures. However, the responsibility and accountability for cost, schedule, and performance results lies with Reclamation, not the operating entity partner.

Evidence: The Employee Performance Appraisal Plans of the Chief Security Officer, Law Enforcement Administrator, and manager of the Program Management Office have critical elements that hold these individuals accountable for overall management and administration of Reclamation's Security and Anti-Terrorism Program, including accomplishment of program objectives, program and policy oversight, and scheduling of resources and activities. These managers must also demonstrate progress toward accomplishment of GPRA goals and Presidential and Departmental Management Initiatives by meeting or exceeding all targeted deadlines for planned work. The Director of Security, Safety, and Law Enforcement has performance elements that deal with accomplishment of GPRA and other strategic goals, strategic management of human capital, financial and managerial accountability, budget-performance integration, and advancement of key elements of Reclamation's security, law enforcement, and emergency management responsibilities.

Are funds (Federal and partners') obligated in a timely manner and spent for the intended purpose?

Explanation: Both Reclamation internal financial documentation and the conclusions of external reviewers demonstrate the Program's efficiency in promptly obligating funds and directing funding to achieve improved site security. Although the program had some challenges in obligating funds in FY 2002, those problems have been addressed. The Security and Anti-terrorism Program utilizes a reporting system capable of tracking security costs to the facility level. Financial activity is monitored to assure obligations are occurring as described in the annual work plan. Funds are centrally managed and monitored on a monthly basis with particular attention to accomplishment rates and time elapsed. The SSLE Program Management Office tracks financial activity on a monthly basis and facilitates Reclamation-wide mid-year reviews. Program and Project Managers review the reports for accuracy. Weekly Reclamation-wide security conference calls are utilized to update project data and identify potential surplus and shortages.

Evidence: The Department of the Interior, Office of Inspector General Report Number 2002-I-0039 found that BOR had taken the appropriate initial steps to establish adequate administrative control over the supplemental security funds in fiscal years 2001 and 2002. The Department of the Interior, Office of Inspector General Report Number 2003-I-0063 concluded that many of the management and accountability problems seen at some other DOI bureaus were not present at Reclamation, and that the OIG was "reasonably convinced that appropriate actions are being carried out to enhance security at the Department's critical dams." Anti-terrorism obligation performance for FY 2004 was 99.9%. The Site Security FY 2004 year end financial report shows enacted, allocated, and actual percentage accomplished. Site Security's enacted level was supplemented by a $7.1 million fund transfer.

Does the program have procedures (e.g. competitive sourcing/cost comparisons, IT improvements, appropriate incentives) to measure and achieve efficiencies and cost effectiveness in program execution?

Explanation: The program has procedures in place relating to imporove efficiency and effectiveness. The Security and Anti-Terrorism Program has practices and procedures to operate as efficiently and cost effectively as possible in order to maximize the funds available for critical security improvements. Program efficiencies and cost effectiveness are achieved through competitive sourcing of security improvements, including the design, acquisition, and installation of integrated security systems; use of information technology systems for program management and execution; and cost comparison of security solutions, products, and methodologies.

Evidence: Physical security engineers continuously work with vendors to identify security solutions and products that meet Reclamation's specific security needs while providing the most cost effective solution. For the design, acquisition, and installation of integrated security systems, Reclamation applies the most cost effective and efficient procurement methodology for the specific task, such as competitive sourcing, pre-negotiated indefinite quantity contracts, and GSA Supply Schedules. Wherever possible, the program uses the most current information technology procedures and systems, both in the integrated security systems installed at facilities, and in the operation and management of the program. For example, IT improvements in the Personnel Security area allow Reclamation to track background investigation and clearance information in electronic databases, maintain a direct link to OPM computers to determine the status of background investigations and verify national security clearances, and participate in the implementation of on-line completion and submittal of background investigation forms. Reclamation is also actively participating in defining the procedures and policies for electronic authentication and identification of employees and contractors.

Does the program collaborate and coordinate effectively with related programs?

Explanation: Reclamation collaborates and coordinates effectively with several related programs internally, nationally, and internationally. It appears there may be some overlap or redundancy among the several national committees dealing with dam and infrastructure security. Within Reclamation, the program is closely coordinated with the Dam Safety Program, IT Security Program, and Emergency Management Program. Nationally, the program collaborates with security-related programs and activities in other Federal agencies and laboratories, State agencies, and State organizations, including the Department of Homeland Security, Federal Bureau of Investigation, Department of the Navy, U.S. Northern Command, Army Corps of Engineers, Tennessee Valley Authority, Bonneville Power Administration, Western Area Power Administration, Federal Emergency Management Agency, Federal Energy Regulatory Commission, Sandia National Laboratory, Association of State Dam Safety Officials, and others. Internationally, Reclamation collaborates with foreign entities that operate or oversee facilities that can affect Reclamation's infrastructure, or vice versa, such as Canada's Hydro-Qu??bec and the International Boundary and Water Commission. Reclamation also collaborates and coordinates extensively with the Office of Law Enforcement and Security within the Department of the Interior.

Evidence: Reclamation collaborates and coordinates with Federal, State, and local agencies in the development and implementation of exercises to test security measures, response measures, Emergency Action Plans, and Continuity of Operation plans. Reclamation also collaborates and coordinates with Federal, State, and local law enforcement agencies on intelligence information gathering, sharing, and analysis, allowing Reclamation to develop plausible threat scenarios for risk assessments and maintain awareness of surveillance and criminal activities related to U.S. dams, power plants, and related infrastructure facilities. Collaboration with other Federal agencies and laboratories, State agencies, and State organizations has led to the joint development of risk assessment methodologies and computer assessment tools for evaluating the security risk of dams to terrorist attack and other potential threats. Collaboration on research with other Federal agencies has resulted in critical information regarding blast effects on dams and related assets and potential solutions for specific vulnerabilities. This information and knowledge has directly influenced management decisions and resource allocations in several security activities, including facility criticality, facility prioritization, facility fortification, and recommendations for security modifications. Collaboration with foreign entities has resulted in a better understanding of infrastructure relationships and potential cascading effects of specific facility failures.

Does the program use strong financial management practices?

Explanation: The SSLE Budget Analyst uses the Federal Finance Accounting system to track expenditures against each project on a monthly basis, and more frequently when necessary. Tracking includes auditing categories of expenditures to ensure consistency with project intent and working with program managers to correct inappropriate charges. Every Site Security agreement has a financial plan and schedule supervised by the Contracting Officer's Technical Representative (COTR) and the Contracting Officer. The COTR certifies that the information is accurate and timely. The Acquisitions and Assistance Management Services Department assures that the financial systems meet statutory requirements. Cooperative agreements are reviewed monthly and are validated and certified on a quarterly basis. The Budget Analyst monitors spending and overspending and informs management of status.

Evidence: Program financial management practices are fully documented under Question 3.3. Cooperative agreements are reviewed monthly, and validated and certified on a quarterly basis. The Budget Analyst monitors spending and informs management and regional offices of status. The SSLE Budget Analyst monitors expenditures through the Federal Financial System. The end-of-year carryover & accomplishment summary report for FY 2004 shows 99.9% accomplishment and fund management with minimal carryover.

Has the program taken meaningful steps to address its management deficiencies?

Explanation: The Security and Anti-Terrorism Program has implemented an ongoing process of management review with the objective of establishing an effective, balanced, and sustainable program. Reclamation has addressed or is addressing any deficiencies identified in the various past reviews of its Security Program, including the previously discussed 2002 U.S. Department of the Interior, Office of Inspector General Audit and the 2003 Top-Down Security Program Review initiated by Reclamation. The 2002 Office of Inspector General Audit Report did not identify any specific deficiencies in the management of Reclamation's Security and Anti-Terrorism Program, but did recommend that the "final management configuration include security and law enforcement in the same management component." This recommendation has been implemented, with both the Chief Security Officer and the Law Enforcement Administrator organizationally located in the Security, Safety, and Law Enforcement Office. The Top-Down Security Program Review included a number of recommendations concerning Security Program management. However, because the Top-Down had a broader scope of review, not all of those recommendations relate to the Security and Anti-Terrorism Program. Nevertheless, all of the Top-Down Review recommendations have been or are being addressed. The Security and Anti-Terrorism Program is continuing to evaluate and address its internal management configuration and processes. An evaluation of Reclamation's Security Program by the National Academy of Sciences is currently being initiated, and Reclamation intends to take any steps necessary to address the conclusions of that analysis.

Evidence: Many of the specific recommendations resulting from reviews of Reclamation's Site Security program contain sensitive information and are restricted. Evidence has been provided in a manner appropriate to the level of sensitivity.

Is the program managed by maintaining clearly defined deliverables, capability/performance characteristics, and appropriate, credible cost and schedule goals?

Explanation: Reclamation uses performance-based and fixed-priced contracts for acquisition and installation of security improvements at dams and related facilities. In some cases these contracts are issued directly by Reclamation and in some cases they are issued through the Corps of Engineers, which has indefinite quantity contracts with several security design and integration firms. The contracts define the required quality, capability, and performance characteristics expected of the end product. The contract specifications cover performance of the product, installation, and any necessary training and manuals. Before issuance of a contract, Reclamation validates planning decisions, particularly with respect to integration with other security systems and activities at the facility and compliance with new or changing standards, such as the new Federal Information Processing Standards.

Evidence: Contracts include product performance requirements, testing requirements, performance verification test procedures, schedules with milestones and dates, submittals and deliverables, and additional requirements. For example, a Statement of Work for a road barrier system shows the typical performance requirements included in a contract for acquisition and installation of a security improvement. A draft Certification and Testing Standard will be used to verify performance of a specific security product.

Has the program demonstrated adequate progress in achieving its long-term performance goals?

Explanation: Baselines and targets have just been developed. The program has certainly made progress in improving the security of Reclamation facilities, but because of the newness of the program and measures it is difficult to say how much progress it is making toward its long-term goals. The long-term goal of the Security and Anti-Terrorism Program is to reduce the security-related risks at critical infrastructure facilities. The actual performance measure is a reduction in the risk rating for an asset, which is determined during a security risk assessment. Risks can be reduced through a variety of means, from increasing the difficulty of attacking critical infrastructure assets to decreasing the probability of success of an attack against an asset via a variety of prevention and/or protective measures. For several years, Reclamation has aggressively identified and implemented protective measures at critical infrastructure facilities to reduce risk and to protect against plausible and specific threats. Reclamation will continue implementation of protective measures over the next several years.

Evidence: Reclamation has achieved significant progress in implementation of upgraded protective measures at its highest priority critical infrastructure facilities, demonstrated by on-the-ground facility security improvements and, in several cases, by successful responses to security incidents as a result of recent security enhancements. Reduction of security-related risks at critical infrastructure facilities is achieved as security improvements are implemented. Development of a periodic re-assessment program is currently underway and Reclamation will use the periodic re-assessments to validate a reduction in the assessment risk rating.

Does the program (including program partners) achieve its annual performance goals?

Explanation: The program has recently developed baselines and targets for two of its three annual measures, and has populated them retroactively. It can demonstrate that it is making some progress in the measured areas, although the establishment of targets is new enough that 'progress' toward these targets only merits a ranking of 'small extent'. The program has two annual performance measures that will be able to demonstrate progress toward achieving the program's long-term goals, as well as an efficiency measure. These annual performance measures track implementation of security recommendations, the cost of the background investigation and national security clearance processes, and completion of updated threat assessments.

Evidence: Reclamation has been ambitiously completing security risk assessments and security recommendations and has information available on these activities. Reclamation has improved efficiencies in the risk assessment and personnel security processes by investing in information technology tools for tracking risk assessment findings and recommendations, tracking background investigation and clearance information, and maintaining direct links to OPM computers to determine the status of background investigations and verify national security clearances. Reclamation is currently participating in the implementation of on-line completion and submittal of background investigation forms and is implementing new tools for tracking and processing intelligence events.

Does the program demonstrate improved efficiencies or cost effectiveness in achieving program goals each year?

Explanation: The data for the program's new efficiency measure indicates that it has made some progress in improving efficiency, but there is not enough baseline or historical data to indicate any trend or systematic improvement. The program does have methods in place of improving the efficiency and effectiveness of its capital services and acquisition process.

Evidence: The most critical and costly component of the Security and Anti-Terrorism Program is the implementation of security measures at critical infrastructure facilities. Reclamation has been able to reduce fortification costs at some facilities by analyzing and varying the methods used to procure design services, security equipment, and construction services. Reclamation has also examined various alternatives of providing security forces and guards and surveillance at NCI and other critical infrastructure facilities. The cost of risk assessments has also been reduced over time. Reclamation's physical security engineers continuously work with vendors to identify security solutions and products that meet Reclamation's specific security needs while providing the most cost effective solution. For the design, acquisition, and installation of integrated security systems, Reclamation applies the most cost effective and efficient procurement methodology for the specific task, such as competitive sourcing, pre-negotiated indefinite quantity contracts, and GSA Supply Schedules. The program is also in the process of conducting comprehensive analyses of security guard forces at NCI facilities, examining various alternatives to provide a security force sufficient to meet specific defense objectives considering factors such as personnel, equipment, training, schedules, startup and sustainment costs. The cost of risk assessments has been reduced over time by streamlining the risk assessment process and using more cost effective assessment tools, particularly on lower criticality facilities, and shifting some risk assessments from external contractors to in-house technical services staff.

Does the performance of this program compare favorably to other programs, including government, private, etc., with similar purpose and goals?

Explanation: Reclamation has taken a leadership role in the safety and security of dams and related resources, working with entities such as the Department of Homeland Security and Interagency Forum on Infrastructure Protection to define the needs and solutions for protection of these critical infrastructure facilities. Reclamation's pre-9/11 program would probably not have compared favorably to other programs, but several rounds of outside scrutiny and diligent follow-up on the recommendations of those studies have dramatically improved the program. Reclamation's facility prioritization and risk assessment processes not only compare favorably to other programs, but are used by other agencies and entities to accomplish their dam safety and security programs.

Evidence: The Department of Homeland Security Dam Sector Specific Plan recognizes that most Federal programs are favorably ahead of other dam sector programs. The plan states, "By virtue of the longstanding federal program for dam safety, there are numerous processes and organizations in place for the communication of information between the entities involved in dam security, particularly the federal government and state governments. These processes and organizations can now be adapted, refined, and enhanced to accommodate the security concerns of the post-September 11 environment. The existing processes and organizations, however, also come with inherent challenges as they must be integrated with new organizations, and must successfully develop ways to involve and interact with the private owners who are responsible for over 66 percent of the dams in the U.S." In August 2003, the Inspector General issued the third in a series of reports concerning the efforts of the Department of the Interior to address homeland security issues. The cover memorandum transmitting the audit report to the Secretary of Interior stated that after being provided an in-depth briefing on Reclamation's plans and progress to date, they concluded that many of the management and accountability problems were not present at Reclamation, and that they were reasonably convinced that appropriate actions were being carried out to enhance security at the Department's critical dams.

Do independent evaluations of sufficient scope and quality indicate that the program is effective and achieving results?

Explanation: The independent evaluations conducted on the program in 2002 and 2003 were conducted when the program was in its infancy and found the program partially effective and achieving results. The program has made significant progress since then, but still has much to accomplish in terms of improving security at Reclamation facilities, therefore a rating of "Large Extent" is appropriate. The Top-down Review evaluated the early organization, policies, and processes, and made recommendations for an effective, mature, sustainable security program. Likewise, the 2003 IG Assessment looked at early organizational issues and program management activities and made recommendations for improving the initial program and expediting certain activities. The Department of the Interior's Office of Law Enforcement and Security has also conducted periodic independent evaluations of the site security programs at Reclamation's 5 National Critical Infrastructure facilities, showing that the program is effective and achieving results at these critical facilities.

Evidence: Both the Top-down Review and the 2003 IG Assessment found the program partially effective and achieving results. For example the IG stated "BOR's overall approach to enhancing security of its facilities appears to adequately address the identification, prioritization and vulnerability of its critical assets. We will review BOR's implementation of recommendations received from the vulnerability assessments in subsequent reports." In a follow-up report in 2004, the IG assessment team stated that after being provided an in-depth briefing on Reclamation's plans and progress to date, they concluded that many of the management and accountability problems were not present at Reclamation, and that they were reasonably convinced that appropriate actions were being carried out to enhance security at the Department's critical dams.

Were program goals achieved within budgeted costs and established schedules?

Explanation: Reclamation's cost estimates and schedules for its Site Security program have flluctated dramatically since 9/11, overall and within particular sectors of its mission area. Although these fluctuations may have been for good reason (for instance, in response to updated risk assessments), they make it difficult to assess this answer at greater than 'small extent'. As the program has matured, actions have increasingly been done on schedule and within budget. During some periods when the national threat condition changed to a higher level, it was necessary to divert funds planned for fortification to providing guards and surveillance at the most critical facilities. In addition, the lack of initial technical resources and the extensive time and cost of conducting a RAM-D assessment caused delays in the aggressive schedule for completing initial security risk assessments.

Evidence: In December 2001, Reclamation made an extremely ambitious commitment to the Department to complete security risk assessments on 294 Reclamation facilities over the upcoming 3-year period. The original plan was to complete approximately 100 assessments per year in years 2002, 2003 and 2004. By June 17, 2004, Reclamation completed risk assessments on 55 critical infrastructure facilities and initial risk assessments and site verifications on 123 additional facilities. However due to a lack of initial technical resources and expertise, the extensive time and cost of conducting a RAM-D assessment (which was used on the first 55 facilities), and scheduling problems for completing all site visits across the 17 Western States plus Security Advisory Team and Decision Team meetings, the remaining 116 facilities were delayed and will not be completed until the end of FY 2006.