Establishing Effective Mechanisms for Sharing and Managing Terrorism-Related Information

What We Found | What Needs to Be Done | Key Reports

Why It's High Risk

In January 2005, we designated terrorism-related information sharing as high risk because the government faced serious challenges in analyzing key information and sharing it among federal, state, local, and other security partners in a timely, accurate, and useful way to protect against terrorist threats. We have since monitored federal efforts to implement the Information Sharing Environment (Environment)—defined as an approach that facilitates the sharing of terrorism information that includes any method deemed necessary and appropriate—which is to serve as an overarching solution to strengthening the sharing of intelligence, terrorism, law enforcement, and other information among these partners. Most recently, in our January 2011 update, we found that the government has continued to make progress during the past 2 years in sharing terrorism-related information among its many security partners, but does not yet have a fully-functioning Environment in place. GAO continues to call for a comprehensive approach guided by an overall plan or road map and measures to help gauge progress—in terms of what information sharing capabilities have been accomplished and are left to develop—as well as results—in terms of what difference these capabilities have made in improved sharing and homeland security. Accomplishing these steps, as well as ensuring agencies have the necessary resources and leadership commitment, should help strengthen sharing.

^ Back to topWhat We Found

Specific challenges include the following:

  • Over the past 2 years, the Program Manager for the Environment and key security agencies have developed a corrective action plan—or framework—to implement a set of initial activities that help to establish the Environment—including common information sharing standards and ways to better share primarily unclassified information with state and local partners.
  • Agencies are also building some of these initiatives into their enterprise architectures to help them implement supporting information sharing technologies.
  • In addition, to strengthen the leadership over the Environment and provide it additional leverage and authority, the Administration elevated the Program Manager to co-chair of an interagency policy committee of senior agency officials that report to the National Security Staff.
  • The Program Manager and agencies still have additional work to do to stand up the Environment. For example, they have not yet defined their vision of how the Environment should fully function and what results it should achieve; determined the next set of information sharing initiatives beyond the initial framework that must be implemented; and ensured that agencies have fully inventoried what information they own that could have a possible link to terrorism and determined how to share it within the Environment.
  • The Program Manager has not used the development of an enterprise architecture as a way to help address these gaps and fully define needed information sharing technologies and capabilities.
  • It is unclear how and to what extent some agency-led initiatives that are outside of the Environment—such as efforts to ensure that only authorized users have access to and are able to search across certain systems and networks—can be integrated into it and benefit all security partners.
  • Without an estimate of the budget resources needed to implement the Environment, some agencies are concerned about being able to fund their responsibilities under the Environment.
  • The Program Manager and Administration have acknowledged the need to define what the next generation Environment should contain, how to develop it, and how to accelerate, measure, and demonstrate progress and results. As a first step, They are conducting outreach with key security partners to begin answering these questions but do not yet have a timetable for completing these steps.
    Highlights of GAO Ongoing Work Related to the Information Sharing Environment

In addition to government-wide efforts to remove barriers to sharing, federal agencies continue work to address their own specific challenges to the sharing, analysis, and dissemination of terrorism information, but challenges remain.

  • In part in response to GAO's oversight of information sharing issues, the Department of Homeland Security has established an information sharing vision, implementing roadmap, and governance board, among other things, and is issuing an enterprise architecture approach to guide information sharing technology investments. In a recent report, we also recommended that the Department, as the designated lead agency for sharing with state and local partners, still had work to do to fully identify states' information needs, define the programs and activities it will use to meet these needs, and set time frames for establishing metrics to gauge results.
    Highlights of GAO-11-223 (PDF)
  • GAO's ongoing work also shows that federal agencies have made progress in implementing corrective actions to address problems in the way agencies share and use information to nominate individuals to the terrorist watchlist, and use the list to prevent persons of concern from obtaining visas and boarding planes to the United States, among other things. However, we found that these changes can have impacts—such as on the resources of agencies that nominate persons to the watchlist and on individuals prescreened for air travel—that will be important for agencies to monitor and address as appropriate moving forward
    Highlights of GAO Ongoing Work Related to Terrorist Watch List Processes
  • In addition, GAO has monitored federal efforts to support state and local information sharing initiatives. For example, GAO's work has show that these partners rely on DHS grant funding to support their own information sharing (fusion) centers. However, centers are concerned about their ability to sustain operations because they must compete for a portion of these annual grants with other homeland security needs within their states and localities. As a result, fusion centers continue to raise concerns about the lack of a longer-term, predictable federal funding source.
    Highlights of GAO-10-972 (PDF)

^ Back to topWhat Needs to Be Done

To further support the standup of the Information Sharing Environment and ensure that security partners have the information they need to address possible terrorist threats, the Program Manager and key agencies need to:

  • (1) develop a corrective action plan to fully address our past recommendation calling for a comprehensive roadmap for the Environment that defines expected results and the remaining actions needed to achieve them;
  • (2) determine what capacity, including funding and technologies, are needed moving forward;
  • (3) more fully respond to our previous recommendation that they develop measures to monitor and show results achieved, such as improved sharing; and
  • (4) develop ways to demonstrate progress in terms of comparing how much of the Environment is implemented and how much remains to be built.

In GAO's recent work, we have also called on individual agencies to take the following steps to improve information sharing and dissemination:

  • DHS should complete its efforts to define state and local security partners' information needs, inform them of changes DHS has made to its products and services in response to their feedback, define and document the programs and activities it will implement to meet these needs, and better measure the results of its efforts.
    Highlights of GAO-11-223 (PDF)
  • Federal agencies should more effectively use the terrorist watch list—a key counterterrorism tool—to screen for and manage individuals that pose security risks to the nation.
    Highlights of GAO-10-401T (PDF)
  • DHS and the FBI should more fully identify the information needs of, and establish partnerships with, local and tribal officials in border communities so as to use them to provide situational awareness of terrorist threats; identify promising practices in developing border intelligence products within fusion centers that will help provide the information local and tribal partners need to provide this situational awareness and obtain feedback on the products; and define the suspicious activities that local and tribal officials in border communities are to report and how to report them.
    Highlights of GAO-10-41 (PDF)

^ Back to topKey Reports

Information Sharing

DHS Could Better Define How It Plans to Meet Its State and Local Mission and Improve Performance Accountability
GAO-11-223, Dec 16, 2010

Critical Infrastructure Protection

DHS Efforts to Assess and Promote Resiliency Are Evolving but Program Management Could Be Strengthened
GAO-10-772, Sep 23, 2010

Information Sharing

Federal Agencies Are Helping Fusion Centers Build and Sustain Capabilities and Protect Privacy, but Could Better Measure Results
GAO-10-972, Sep 29, 2010

Public Transit Security Information Sharing

DHS Could Improve Information Sharing through Streamlining and Increased Outreach
GAO-10-895, Sep 22, 2010

Terrorist Watchlist Screening

FBI Has Enhanced Its Use of Information from Firearm and Explosives Background Checks to Support Counterterrorism Efforts
GAO-10-703T, May 5, 2010

Intelligence, Surveillance, and Reconnaissance

Overarching Guidance Is Needed to Advance Information Sharing
GAO-10-500T, Mar 17, 2010

Homeland Security

Better Use of Terrorist Watchlist Information and Improvements in Deployment of Passenger Screening Checkpoint Technologies Could Further Strengthen Security
GAO-10-401T, Jan 27, 2010

Information Sharing

Federal Agencies Are Sharing Border and Terrorism Information with Local and Tribal Law Enforcement Agencies, but Additional Efforts Are Needed
GAO-10-41, Dec 18, 2009

Justice and Law Enforcement

Firearm and Explosives Background Checks Involving Terrorist Watch List Records
GAO-09-125R, May 21, 2009

Information Sharing Environment

Definition of the Results to Be Achieved in Improving Terrorism-Related Information Sharing Is Needed to Guide Implementation and Assess Progress
GAO-08-492, Jun 25, 2008

Terrorist Watch List Screening

Opportunities Exist to Enhance Management Oversight, Reduce Vulnerabilities in Agency Screening Processes, and Expand Use of the List
GAO-08-110, Oct 11, 2007
More Reports More Results Toggle
GAO Contact
portrait of Eileen R. Larence

Eileen R. Larence

Director, Homeland Security and Justice

larencee@gao.gov

(202) 512-6510