[Congressional Bills 113th Congress]
[From the U.S. Government Publishing Office]
[S. 1893 Reported in Senate (RS)]

                                                       Calendar No. 599
113th CONGRESS
  2d Session
                                S. 1893

                          [Report No. 113-274]

To require the Transportation Security Administration to implement best 
     practices and improve transparency with regard to technology 
             acquisition programs, and for other purposes.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                           December 20, 2013

Ms. Ayotte (for herself, Mr. Blunt, and Mr. Blumenthal) introduced the 
 following bill; which was read twice and referred to the Committee on 
                 Commerce, Science, and Transportation

                           November 17, 2014

             Reported by Mr. Rockefeller, with an amendment
 [Strike out all after the enacting clause and insert the part printed 
                               in italic]

_______________________________________________________________________

                                 A BILL


 
To require the Transportation Security Administration to implement best 
     practices and improve transparency with regard to technology 
             acquisition programs, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

<DELETED>SECTION 1. SHORT TITLE.</DELETED>

<DELETED>    This Act may be cited as the ``Transportation Security 
Acquisition Reform Act''.</DELETED>

<DELETED>SEC. 2. FINDINGS.</DELETED>

<DELETED>    Congress finds the following:</DELETED>
        <DELETED>    (1) The Transportation Security Administration 
        (referred to in this Act as ``TSA'') does not consistently 
        implement Department of Homeland Security policies and 
        Government best practices for acquisition and 
        procurement.</DELETED>
        <DELETED>    (2) TSA has not developed a multiyear technology 
        investment plan. As a result, TSA has underutilized innovation 
        opportunities within the private sector, including from small 
        businesses.</DELETED>
        <DELETED>    (3) Due in part to the deficiencies referred to in 
        paragraphs (1) and (2), TSA has faced challenges in meeting key 
        performance requirements for several major acquisitions and 
        procurements, resulting in reduced security effectiveness and 
        wasted expenditures.</DELETED>

<DELETED>SEC. 3. TRANSPORTATION SECURITY ADMINISTRATION ACQUISITION 
              REFORM.</DELETED>

<DELETED>    (a) In General.--Title XVI of the Homeland Security Act of 
2002 (116 Stat. 2312 et seq.) is amended to read as follows:</DELETED>

        <DELETED>``TITLE XVI--TRANSPORTATION SECURITY</DELETED>

          <DELETED>``Subtitle A--General Provisions</DELETED>

<DELETED>``SEC. 1601. DEFINITIONS.</DELETED>

<DELETED>    ``In this title:</DELETED>
        <DELETED>    ``(1) Administration.--The term `Administration' 
        means the Transportation Security Administration.</DELETED>
        <DELETED>    ``(2) Administrator.--The term `Administrator' 
        means the Administrator of the Transportation Security 
        Administration.</DELETED>
        <DELETED>    ``(3) Plan.--The term `Plan' means the multiyear 
        technology investment plan developed by the Administrator under 
        section 1611.</DELETED>
        <DELETED>    ``(4) Security-related technology.--The term 
        `security-related technology' means any technology that assists 
        the Administration in the prevention of, or defense against, 
        threats to United States transportation systems, including 
        threats to people, property, and information.</DELETED>

     <DELETED>``Subtitle B--Transportation Security Administration 
                   Acquisition Improvements</DELETED>

<DELETED>``SEC. 1611. MULTIYEAR TECHNOLOGY INVESTMENT PLAN.</DELETED>

<DELETED>    ``(a) In General.--The Administrator--</DELETED>
        <DELETED>    ``(1) not later than 180 days after the date of 
        the enactment of this subtitle, shall develop and submit to 
        Congress a strategic multiyear technology investment plan, 
        which may include a classified addendum to report sensitive 
        transportation security risks, technology vulnerabilities, or 
        other sensitive security information; and</DELETED>
        <DELETED>    ``(2) to the extent possible, shall publish the 
        Plan in an unclassified format within the public 
        domain.</DELETED>
<DELETED>    ``(b) Consultation.--The Administrator shall develop the 
Plan in consultation with--</DELETED>
        <DELETED>    ``(1) the Under Secretary for 
        Management;</DELETED>
        <DELETED>    ``(2) the Chief Information Officer; and</DELETED>
        <DELETED>    ``(3) the Under Secretary for Science and 
        Technology.</DELETED>
<DELETED>    ``(c) Approval.--The Administrator may not publish the 
Plan under subsection (a)(2) until it has been approved by the 
Secretary.</DELETED>
<DELETED>    ``(d) Contents of Plan.--The Plan shall include--
</DELETED>
        <DELETED>    ``(1) an analysis of transportation security risks 
        and the associated technology gaps, including consideration of 
        the most recent Quadrennial Homeland Security Review under 
        section 707;</DELETED>
        <DELETED>    ``(2) a set of transportation security-related 
        technology acquisition needs that--</DELETED>
                <DELETED>    ``(A) is prioritized based on risk and 
                gaps identified under paragraph (1); and</DELETED>
                <DELETED>    ``(B) includes planned technology programs 
                and projects with defined objectives, goals, and 
                measures;</DELETED>
        <DELETED>    ``(3) an analysis of current trends in domestic 
        and international passenger travel;</DELETED>
        <DELETED>    ``(4) an identification of currently deployed 
        security-related technologies that are at or near the end of 
        their lifecycle;</DELETED>
        <DELETED>    ``(5) an identification of test, evaluation, 
        modeling, and simulation capabilities that will be required to 
        support the acquisition of the security-related technologies to 
        meet those needs;</DELETED>
        <DELETED>    ``(6) an identification of opportunities for 
        public-private partnerships, small and disadvantaged company 
        participation, intragovernment collaboration, university 
        centers of excellence, and national laboratory technology 
        transfer;</DELETED>
        <DELETED>    ``(7) an identification of the Administration's 
        acquisition workforce needs that will be required for the 
        management of planned security-related technology acquisitions, 
        including consideration of leveraging acquisition expertise of 
        other Federal agencies;</DELETED>
        <DELETED>    ``(8) an identification of the security resources, 
        including information security resources, that will be required 
        to protect security-related technology from physical or cyber 
        theft, diversion, sabotage, or attack; and</DELETED>
        <DELETED>    ``(9) an identification of initiatives to 
        streamline the Administration's acquisition process and provide 
        greater predictability and clarity to small, medium, and large 
        businesses, including the timeline for testing and 
        evaluation.</DELETED>
<DELETED>    ``(e) Leveraging the Private Sector.--To the extent 
possible, and in a manner that is consistent with fair and equitable 
practices, the Plan shall--</DELETED>
        <DELETED>    ``(1) leverage emerging technology trends and 
        research and development investment trends within the public 
        and private sectors;</DELETED>
        <DELETED>    ``(2) incorporate feedback and input received from 
        the private sector through requests for information, industry 
        days, and other innovative means consistent with the Federal 
        Acquisition Regulation; and</DELETED>
        <DELETED>    ``(3) leverage market research conducted by the 
        Under Secretary for Science and Technology to identify 
        technologies that exist or are in development that, with or 
        without adaptation, could be utilized to meet mission 
        needs.</DELETED>
<DELETED>    ``(f) Disclosure.--The Administrator shall include with 
the Plan a list of any nongovernment persons that contributed to the 
writing of the Plan.</DELETED>
<DELETED>    ``(g) Update and Report.--Once every 2 years after the 
initial strategic Plan is submitted to Congress, the Administrator 
shall submit to Congress--</DELETED>
        <DELETED>    ``(1) an update of the Plan; and</DELETED>
        <DELETED>    ``(2) a report on the extent to which each 
        security-related technology acquired by the Administration 
        since the last issuance or update of the Plan is consistent 
        with the planned technology programs and projects identified 
        under subsection (d)(2) for that technology.</DELETED>

<DELETED>``SEC. 1612. ACQUISITION JUSTIFICATION AND REPORTS.</DELETED>

<DELETED>    ``(a) Acquisition Justification.--Before the 
Administration implements any security-related technology acquisition, 
the Administrator, in accordance with the Department's policies and 
directives, shall determine whether the acquisition is justified by 
conducting a comprehensive analysis that includes--</DELETED>
        <DELETED>    ``(1) an identification of the type and level of 
        risk to transportation security that would be addressed by such 
        technology acquisition;</DELETED>
        <DELETED>    ``(2) an assessment of how the proposed 
        acquisition aligns to the multiyear technology investment plan 
        developed under section 1611;</DELETED>
        <DELETED>    ``(3) a comparison of the total expected lifecycle 
        cost against the total expected quantitative and qualitative 
        benefits to transportation security;</DELETED>
        <DELETED>    ``(4) an analysis of alternative security 
        solutions to determine if the proposed technology acquisition 
        is the most effective and cost-efficient solution based on 
        cost-benefit considerations;</DELETED>
        <DELETED>    ``(5) an evaluation of the privacy and civil 
        liberties implications of the proposed acquisition that 
        includes, to the extent practicable, consultation with 
        organizations that advocate for the protection of privacy and 
        civil liberties, and a determination that the proposed 
        acquisition is consistent with fair information practice 
        principles issued by the Privacy Officer of the Department; 
        and</DELETED>
        <DELETED>    ``(6) confirmation that there are no significant 
        risks to human health and safety posed by the proposed 
        acquisition.</DELETED>
<DELETED>    ``(b) Reports and Certification to Congress.--</DELETED>
        <DELETED>    ``(1) In general.--Not later than the end of the 
        30-day period preceding the award by the Administration of a 
        contract for any security-related technology acquisition 
        exceeding $30,000,000, the Administrator shall submit, to the 
        Committee on Commerce, Science, and Transportation of the 
        Senate and the Committee on Homeland Security of the House of 
        Representatives--</DELETED>
                <DELETED>    ``(A) the results of the comprehensive 
                acquisition analysis required under this section; 
                and</DELETED>
                <DELETED>    ``(B) a certification by the Administrator 
                that the security benefits justify the contract 
                cost.</DELETED>
        <DELETED>    ``(2) Extension due to imminent terrorist 
        threat.--If there is a known or suspected imminent threat to 
        transportation security, the Administrator--</DELETED>
                <DELETED>    ``(A) may reduce the 30-day period under 
                paragraph (1) to 5 days in order to rapidly respond; 
                and</DELETED>
                <DELETED>    ``(B) shall provide immediate notice of 
                such imminent threat to the Committee on Commerce, 
                Science, and Transportation of the Senate and the 
                Committee on Homeland Security of the House of 
                Representatives.</DELETED>

<DELETED>``SEC. 1613. ACQUISITION BASELINE ESTABLISHMENT AND 
              REPORTS.</DELETED>

<DELETED>    ``(a) Baseline Requirements.--</DELETED>
        <DELETED>    ``(1) In general.--Before the Administration 
        implements any security-related technology acquisition, the 
        appropriate acquisition official of the Department shall 
        establish and document a set of formal baseline 
        requirements.</DELETED>
        <DELETED>    ``(2) Contents.--The baseline requirements under 
        paragraph (1) shall--</DELETED>
                <DELETED>    ``(A) include the estimated costs 
                (including lifecycle costs), schedule, and performance 
                milestones for the planned duration of the acquisition; 
                and</DELETED>
                <DELETED>    ``(B) identify the acquisition risks and a 
                plan for mitigating these risks.</DELETED>
        <DELETED>    ``(3) Feasibility.--In establishing the 
        performance milestones under paragraph (2)(A), the appropriate 
        acquisition official of the Department, to the extent possible 
        and in consultation with the Under Secretary for Science and 
        Technology, shall ensure that achieving these milestones is 
        technologically feasible.</DELETED>
        <DELETED>    ``(4) Test and evaluation plan.--The 
        Administrator, in consultation with the Under Secretary for 
        Science and Technology, shall develop a test and evaluation 
        plan that describes--</DELETED>
                <DELETED>    ``(A) the activities that will be required 
                to assess acquired technologies against the performance 
                milestones established under paragraph 
                (2)(A);</DELETED>
                <DELETED>    ``(B) the necessary and cost-effective 
                combination of laboratory testing, field testing, 
                modeling, simulation, and supporting analysis to ensure 
                that such technologies meet the Administration's 
                mission needs; and</DELETED>
                <DELETED>    ``(C) an efficient schedule to ensure that 
                test and evaluation activities are completed without 
                undue delay.</DELETED>
        <DELETED>    ``(5) Verification and validation.--The 
        appropriate acquisition official of the Department--</DELETED>
                <DELETED>    ``(A) subject to subparagraph (B), shall 
                utilize independent reviewers to verify and validate 
                the performance milestones and cost estimates developed 
                under paragraph (2) for a security-related technology 
                that pursuant to section 1611(d)(2) has been identified 
                as a high priority need in the most recent multiyear 
                technology investment plan; and</DELETED>
                <DELETED>    ``(B) shall ensure that the utilization of 
                independent reviewers does not unduly delay the 
                schedule of any acquisition.</DELETED>
        <DELETED>    ``(6) Streamlining access for interested 
        vendors.--The Administrator shall establish a streamlined 
        process for an interested vendor of a security-related 
        technology to request and receive appropriate access to the 
        baseline requirements and test and evaluation plans that are 
        necessary for the vendor to participate in the acquisitions 
        process for such technology.</DELETED>
<DELETED>    ``(b) Review of Baseline Requirements and Deviation; 
Report to Congress.--</DELETED>
        <DELETED>    ``(1) Review.--</DELETED>
                <DELETED>    ``(A) In general.--The appropriate 
                acquisition official of the Department shall review and 
                assess each implemented acquisition to determine if the 
                acquisition is meeting the baseline requirements 
                established under subsection (a).</DELETED>
                <DELETED>    ``(B) Test and evaluation assessment.--The 
                review shall include an assessment of whether--
                </DELETED>
                        <DELETED>    ``(i) the planned testing and 
                        evaluation activities have been completed; 
                        and</DELETED>
                        <DELETED>    ``(ii) the results of such testing 
                        and evaluation demonstrate that the performance 
                        milestones are technologically 
                        feasible.</DELETED>
        <DELETED>    ``(2) Report.--Not later than 30 days after making 
        a finding described in clause (i), (ii), or (iii) of 
        subparagraph (A), the Administrator shall submit a report to 
        the Committee on Commerce, Science, and Transportation of the 
        Senate and the Committee on Homeland Security of the House of 
        Representatives that includes--</DELETED>
                <DELETED>    ``(A) the results of any assessment that 
                finds that--</DELETED>
                        <DELETED>    ``(i) the actual or planned costs 
                        exceed the baseline costs by more than 10 
                        percent;</DELETED>
                        <DELETED>    ``(ii) the actual or planned 
                        schedule for delivery has been delayed by more 
                        than 180 days; or</DELETED>
                        <DELETED>    ``(iii) there is a failure to meet 
                        any performance milestone that directly impacts 
                        security effectiveness;</DELETED>
                <DELETED>    ``(B) the cause for such excessive costs, 
                delay, or failure; and</DELETED>
                <DELETED>    ``(C) a plan for corrective 
                action.</DELETED>

<DELETED>``SEC. 1614. INVENTORY UTILIZATION.</DELETED>

<DELETED>    ``(a) In General.--Before the procurement of additional 
quantities of equipment to fulfill a mission need, the Administrator, 
to the extent practicable, shall utilize any existing units in the 
Administration's inventory to meet that need.</DELETED>
<DELETED>    ``(b) Tracking of Inventory.--</DELETED>
        <DELETED>    ``(1) In general.--The Administrator shall 
        establish a process for tracking--</DELETED>
                <DELETED>    ``(A) the location of security-related 
                equipment in such inventory;</DELETED>
                <DELETED>    ``(B) the utilization status of security-
                related technology in such inventory; and</DELETED>
                <DELETED>    ``(C) the quantity of security-related 
                equipment in such inventory.</DELETED>
        <DELETED>    ``(2) Internal controls.--The Administrator shall 
        implement internal controls to ensure accurate data on 
        security-related technology utilization.</DELETED>
<DELETED>    ``(c) Logistics Management.--</DELETED>
        <DELETED>    ``(1) In general.--The Administrator shall 
        establish logistics principles for managing inventory in an 
        effective and efficient manner.</DELETED>
        <DELETED>    ``(2) Limitation on just-in-time logistics.--The 
        Administrator may not use just-in-time logistics if doing so 
        would--</DELETED>
                <DELETED>    ``(A) inhibit necessary planning for 
                large-scale delivery of equipment to airports or other 
                facilities; or</DELETED>
                <DELETED>    ``(B) unduly diminish surge capacity for 
                response to a terrorist threat.</DELETED>

<DELETED>``SEC. 1615. SMALL BUSINESS CONTRACTING GOALS.</DELETED>

<DELETED>    ``Not later than 90 days after the date of enactment of 
this subtitle, and annually thereafter, the Administrator shall submit 
a report to the Committee on Commerce, Science, and Transportation of 
the Senate and the Committee on Homeland Security of the House of 
Representatives that includes--</DELETED>
        <DELETED>    ``(1) a restatement of the Administration's 
        published goals for contracting with small businesses, 
        including small and disadvantaged businesses;</DELETED>
        <DELETED>    ``(2) the Administration's performance record with 
        respect to meeting the goals referred to in paragraph (1) 
        during the preceding fiscal year;</DELETED>
        <DELETED>    ``(3) if the goals referred to in paragraph (1) 
        were not met or the Administration's performance was below the 
        published goals of the Department--</DELETED>
                <DELETED>    ``(A) an itemized list of challenges, 
                including deviations from the Administration's 
                subcontracting plans, that contributed to the level of 
                performance during the preceding fiscal year; 
                and</DELETED>
                <DELETED>    ``(B) the extent to which contract 
                bundling was a contributing factor to such level of 
                performance;</DELETED>
        <DELETED>    ``(4) an action plan, with benchmarks, for 
        addressing each of the challenges identified in paragraph 
        (3)(A), which--</DELETED>
                <DELETED>    ``(A) was prepared after consultation with 
                the Secretary of Defense and the heads of Federal 
                departments and agencies that achieved their published 
                goals for prime contracting with small and minority 
                owned businesses, including small and disadvantaged 
                businesses, in prior fiscal years; and</DELETED>
                <DELETED>    ``(B) identifies policies and procedures 
                that could be incorporated by the Administration in 
                furtherance of achieving the Administration's published 
                goal for such contracting; and</DELETED>
        <DELETED>    ``(5) a status report on the implementation of the 
        action plan that was developed in the preceding fiscal year in 
        accordance with paragraph (4).</DELETED>

<DELETED>``SEC. 1616. CONSISTENCY WITH THE FEDERAL ACQUISITION 
              REGULATION AND DEPARTMENTAL POLICIES AND 
              DIRECTIVES.</DELETED>

<DELETED>    ``The Administrator shall execute the responsibilities set 
forth in this subtitle in a manner consistent with, and not duplicative 
of, the Federal Acquisition Regulation and the Department's policies 
and directives.''.</DELETED>
<DELETED>    (b) Clerical Amendment.--The table of contents in section 
1(b) of the Homeland Security Act of 2002 is amended by striking the 
items relating to title XVI and inserting the following:</DELETED>

             <DELETED>``TITLE XVI--TRANSPORTATION SECURITY

               <DELETED>``Subtitle A--General Provisions

<DELETED>``Sec. 1601. Definitions.
     <DELETED>``Subtitle B--Transportation Security Administration 
                        Acquisition Improvements

<DELETED>``Sec. 1611. Multiyear technology investment plan.
<DELETED>``Sec. 1612. Acquisition justification and reports.
<DELETED>``Sec. 1613. Acquisition baseline establishment and reports.
<DELETED>``Sec. 1614. Inventory utilization.
<DELETED>``Sec. 1615. Small business contracting goals.
<DELETED>``Sec. 1616. Consistency with the Federal acquisition 
                            regulation and departmental policies and 
                            directives.''.
<DELETED>    (c) Prior Amendments Not Affected.--Nothing in this 
section may be construed to affect any amendment made by title XVI of 
the Homeland Security Act of 2002 as in effect before the date of the 
enactment of this Act.</DELETED>

<DELETED>SEC. 4. GOVERNMENT ACCOUNTABILITY OFFICE REPORTS.</DELETED>

<DELETED>    (a) Implementation of Previous Recommendations.--Not later 
than 1 year after the date of the enactment of this Act, the 
Comptroller General of the United States shall submit a report to 
Congress that contains an assessment of the Transportation Security 
Administration's implementation of recommendations regarding the 
acquisition of technology that were made by the Government 
Accountability Office before the date of the enactment of this 
Act.</DELETED>
<DELETED>    (b) Implementation of Subtitle B of Title XVI.--Not later 
than 1 year after the date of the enactment of this Act and 3 years 
thereafter, the Comptroller General of the United States shall submit a 
report to Congress that contains an evaluation of the Transportation 
Security Administration's progress in implementing subtitle B of title 
XVI of the Homeland Security Act of 2002 (116 Stat. 2312), including 
any efficiencies, cost savings, or delays that have resulted from such 
implementation.</DELETED>

<DELETED>SEC. 5. REPORT ON FEASIBILITY OF INVENTORY TRACKING.</DELETED>

<DELETED>    Not later than 90 days after the date of the enactment of 
this Act, the Administrator of the Transportation Security 
Administration shall submit a report to Congress on the feasibility of 
tracking transportation security-related technology of the 
Administration through automated information and data capture 
technologies.</DELETED>

<DELETED>SEC. 6. GOVERNMENT ACCOUNTABILITY OFFICE REVIEW OF TSA'S TEST 
              AND EVALUATION PROCESS.</DELETED>

<DELETED>    Not later than 1 year after the date of the enactment of 
this Act, the Comptroller General of the United States shall submit a 
report to Congress that includes--</DELETED>
        <DELETED>    (1) an evaluation of the Transportation Security 
        Administration's testing and evaluation activities related to 
        security-related technologies;</DELETED>
        <DELETED>    (2) information on the extent to which--</DELETED>
                <DELETED>    (A) the execution of such testing and 
                evaluation activities is aligned, temporally and 
                otherwise, with the Administration's acquisition needs, 
                planned procurements, and acquisitions for technology 
                programs and projects; and</DELETED>
                <DELETED>    (B) security-related technologies that 
                have been tested, evaluated, and certified for use by 
                the Administration are not procured by the 
                Administration, including the reasons for such failure 
                to procure; and</DELETED>
        <DELETED>    (3) recommendations--</DELETED>
                <DELETED>    (A) to improve the efficiency and efficacy 
                of such testing and evaluation activities; 
                and</DELETED>
                <DELETED>    (B) to better align such testing and 
                evaluation with the acquisitions process.</DELETED>

<DELETED>SEC. 7. NO ADDITIONAL AUTHORIZATION OF 
              APPROPRIATIONS.</DELETED>

<DELETED>    This Act and the amendments made by this Act shall be 
carried out using amounts otherwise available for such purpose. No 
additional funds are authorized to be appropriated to carry out this 
Act or such amendments.</DELETED>

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Transportation Security Acquisition 
Reform Act''.

SEC. 2. FINDINGS.

    Congress finds the following:
            (1) The Transportation Security Administration has not 
        consistently implemented Department of Homeland Security 
        policies and Government best practices for acquisition and 
        procurement.
            (2) The Transportation Security Administration has only 
        recently developed a multiyear technology investment plan, and 
        has underutilized innovation opportunities within the private 
        sector, including from small businesses.
            (3) The Transportation Security Administration has faced 
        challenges in meeting key performance requirements for several 
        major acquisitions and procurements, resulting in reduced 
        security effectiveness and wasted expenditures.

SEC. 3. TRANSPORTATION SECURITY ADMINISTRATION ACQUISITION REFORM.

    (a) In General.--Title XVI of the Homeland Security Act of 2002 
(116 Stat. 2312) is amended to read as follows:

                  ``TITLE XVI--TRANSPORTATION SECURITY

                    ``Subtitle A--General Provisions

``SEC. 1601. DEFINITIONS.

    ``In this title:
            ``(1) Administration.--The term `Administration' means the 
        Transportation Security Administration.
            ``(2) Administrator.--The term `Administrator' means the 
        Administrator of the Transportation Security Administration.
            ``(3) Plan.--The term `Plan' means the strategic 5-year 
        technology investment plan developed by the Administrator under 
        section 1611.
            ``(4) Security-related technology.--The term `security-
        related technology' means any technology that assists the 
        Administration in the prevention of, or defense against, 
        threats to United States transportation systems, including 
        threats to people, property, and information.

   ``Subtitle B--Transportation Security Administration Acquisition 
                              Improvements

``SEC. 1611. 5-YEAR TECHNOLOGY INVESTMENT PLAN.

    ``(a) In General.--The Administrator shall--
            ``(1) not later than 180 days after the date of the 
        enactment of the Transportation Security Acquisition Reform 
        Act, develop and submit to Congress a strategic 5-year 
        technology investment plan, that may include a classified 
        addendum to report sensitive transportation security risks, 
        technology vulnerabilities, or other sensitive security 
        information; and
            ``(2) to the extent possible, publish the Plan in an 
        unclassified format in the public domain.
    ``(b) Consultation.--The Administrator shall develop the Plan in 
consultation with--
            ``(1) the Under Secretary for Management;
            ``(2) the Under Secretary for Science and Technology;
            ``(3) the Chief Information Officer; and
            ``(4) the aviation industry stakeholder advisory committee 
        established by the Administrator.
    ``(c) Approval.--The Administrator may not publish the Plan under 
subsection (a)(2) until it has been approved by the Secretary.
    ``(d) Contents of Plan.--The Plan shall include--
            ``(1) an analysis of transportation security risks and the 
        associated capability gaps that would be best addressed by 
        security-related technology, including consideration of the 
        most recent Quadrennial Homeland Security Review under section 
        707;
            ``(2) a set of security-related technology acquisition 
        needs that--
                    ``(A) is prioritized based on risk and associated 
                capability gaps identified under paragraph (1); and
                    ``(B) includes planned technology programs and 
                projects with defined objectives, goals, timelines, and 
                measures;
            ``(3) an analysis of current and forecast trends in 
        domestic and international passenger travel;
            ``(4) an identification of currently deployed security-
        related technologies that are at or near the end of their 
        lifecycles;
            ``(5) an identification of test, evaluation, modeling, and 
        simulation capabilities, including target methodologies, 
        rationales, and timelines necessary to support the acquisition 
        of the security-related technologies expected to meet the needs 
        under paragraph (2);
            ``(6) an identification of opportunities for public-private 
        partnerships, small and disadvantaged company participation, 
        intragovernment collaboration, university centers of 
        excellence, and national laboratory technology transfer;
            ``(7) an identification of the Administration's acquisition 
        workforce needs that will be required for the management of 
        planned security-related technology acquisitions, including 
        consideration of leveraging acquisition expertise of other 
        Federal agencies;
            ``(8) an identification of the security resources, 
        including information security resources, that will be required 
        to protect security-related technology from physical or cyber 
        theft, diversion, sabotage, or attack;
            ``(9) an identification of initiatives to streamline the 
        Administration's acquisition process and provide greater 
        predictability and clarity to small, medium, and large 
        businesses, including the timeline for testing and evaluation;
            ``(10) an assessment of the impact to commercial aviation 
        passengers;
            ``(11) a strategy for consulting airport management, 
        airline representatives, and Federal security directors 
        whenever an acquisition will lead to the removal of equipment 
        at airports, and how the strategy for consulting with such 
        officials of the relevant airports will address potential 
        negative impacts on commercial passengers or airport 
        operations; and
            ``(12) in consultation with the National Institutes of 
        Standards and Technology, an identification of security-related 
        technology interface standards, in existence or if implemented, 
        that could promote more interoperable passenger, baggage, and 
        cargo screening systems.
    ``(e) Leveraging the Private Sector.--To the extent possible, and 
in a manner that is consistent with fair and equitable practices, the 
Plan shall--
            ``(1) leverage emerging technology trends and research and 
        development investment trends within the public and private 
        sectors;
            ``(2) incorporate private sector input, including from the 
        aviation industry stakeholder advisory committee established by 
        the Administrator, through requests for information, industry 
        days, and other innovative means consistent with the Federal 
        Acquisition Regulation; and
            ``(3) in consultation with the Under Secretary for Science 
        and Technology, identify technologies in existence or in 
        development that, with or without adaptation, are expected to 
        be suitable to meeting mission needs.
    ``(f) Disclosure.--The Administrator shall include with the Plan a 
list of nongovernment persons that contributed to the writing of the 
Plan.
    ``(g) Update and Report.--Beginning 2 years after the date the Plan 
is submitted to Congress under subsection (a), and biennially 
thereafter, the Administrator shall submit to Congress--
            ``(1) an update of the Plan; and
            ``(2) a report on the extent to which each security-related 
        technology acquired by the Administration since the last 
        issuance or update of the Plan is consistent with the planned 
        technology programs and projects identified under subsection 
        (d)(2) for that security-related technology.

``SEC. 1612. ACQUISITION JUSTIFICATION AND REPORTS.

    ``(a) Acquisition Justification.--Before the Administration 
implements any security-related technology acquisition, the 
Administrator, in accordance with the Department's policies and 
directives, shall determine whether the acquisition is justified by 
conducting an analysis that includes--
            ``(1) an identification of the scenarios and level of risk 
        to transportation security from those scenarios that would be 
        addressed by the security-related technology acquisition;
            ``(2) an assessment of how the proposed acquisition aligns 
        to the Plan;
            ``(3) a comparison of the total expected lifecycle cost 
        against the total expected quantitative and qualitative 
        benefits to transportation security;
            ``(4) an analysis of alternative security solutions, 
        including policy or procedure solutions, to determine if the 
        proposed security-related technology acquisition is the most 
        effective and cost-efficient solution based on cost-benefit 
        considerations;
            ``(5) an assessment of the potential privacy and civil 
        liberties implications of the proposed acquisition that 
        includes, to the extent practicable, consultation with 
        organizations that advocate for the protection of privacy and 
        civil liberties;
            ``(6) a determination that the proposed acquisition is 
        consistent with fair information practice principles issued by 
        the Privacy Officer of the Department;
            ``(7) confirmation that there are no significant risks to 
        human health or safety posed by the proposed acquisition; and
            ``(8) an estimate of the benefits to commercial aviation 
        passengers.
    ``(b) Reports and Certification to Congress.--
            ``(1) In general.--Not later than the end of the 30-day 
        period preceding the award by the Administration of a contract 
        for any security-related technology acquisition exceeding 
        $30,000,000, the Administrator shall submit to the Committee on 
        Commerce, Science, and Transportation of the Senate and the 
        Committee on Homeland Security of the House of 
        Representatives--
                    ``(A) the results of the comprehensive acquisition 
                justification under subsection (a); and
                    ``(B) a certification by the Administrator that the 
                benefits to transportation security justify the 
                contract cost.
            ``(2) Extension due to imminent terrorist threat.--If there 
        is a known or suspected imminent threat to transportation 
        security, the Administrator--
                    ``(A) may reduce the 30-day period under paragraph 
                (1) to 5 days to rapidly respond to the threat; and
                    ``(B) shall immediately notify the Committee on 
                Commerce, Science, and Transportation of the Senate and 
                the Committee on Homeland Security of the House of 
                Representatives of the known or suspected imminent 
                threat.

``SEC. 1613. ACQUISITION BASELINE ESTABLISHMENT AND REPORTS.

    ``(a) Baseline Requirements.--
            ``(1) In general.--Before the Administration implements any 
        security-related technology acquisition, the appropriate 
        acquisition official of the Department shall establish and 
        document a set of formal baseline requirements.
            ``(2) Contents.--The baseline requirements under paragraph 
        (1) shall--
                    ``(A) include the estimated costs (including 
                lifecycle costs), schedule, and performance milestones 
                for the planned duration of the acquisition;
                    ``(B) identify the acquisition risks and a plan for 
                mitigating these risks; and
                    ``(C) assess the personnel necessary to manage the 
                acquisition process, manage the ongoing program, and 
                support training and other operations as necessary.
            ``(3) Feasibility.--In establishing the performance 
        milestones under paragraph (2)(A), the appropriate acquisition 
        official of the Department, to the extent possible and in 
        consultation with the Under Secretary for Science and 
        Technology, shall ensure that achieving these milestones is 
        technologically feasible.
            ``(4) Test and evaluation plan.--The Administrator, in 
        consultation with the Under Secretary for Science and 
        Technology, shall develop a test and evaluation plan that 
        describes--
                    ``(A) the activities that are expected to be 
                required to assess acquired technologies against the 
                performance milestones established under paragraph 
                (2)(A);
                    ``(B) the necessary and cost-effective combination 
                of laboratory testing, field testing, modeling, 
                simulation, and supporting analysis to ensure that such 
                technologies meet the Administration's mission needs;
                    ``(C) an efficient planning schedule to ensure that 
                test and evaluation activities are completed without 
                undue delay; and
                    ``(D) if commercial aviation passengers are 
                expected to interact with the security-related 
                technology, methods that could be used to measure 
                passenger acceptance of and familiarization with the 
                security-related technology.
            ``(5) Verification and validation.--The appropriate 
        acquisition official of the Department--
                    ``(A) subject to subparagraph (B), shall utilize 
                independent reviewers to verify and validate the 
                performance milestones and cost estimates developed 
                under paragraph (2) for a security-related technology 
                that pursuant to section 1611(d)(2) has been identified 
                as a high priority need in the most recent Plan; and
                    ``(B) shall ensure that the use of independent 
                reviewers does not unduly delay the schedule of any 
                acquisition.
            ``(6) Streamlining access for interested vendors.--The 
        Administrator shall establish a streamlined process for an 
        interested vendor of a security-related technology to request 
        and receive appropriate access to the baseline requirements and 
        test and evaluation plans that are necessary for the vendor to 
        participate in the acquisitions process for that technology.
    ``(b) Review of Baseline Requirements and Deviation; Report to 
Congress.--
            ``(1) Review.--
                    ``(A) In general.--The appropriate acquisition 
                official of the Department shall review and assess each 
                implemented acquisition to determine if the acquisition 
                is meeting the baseline requirements established under 
                subsection (a).
                    ``(B) Test and evaluation assessment.--The review 
                shall include an assessment of whether--
                            ``(i) the planned testing and evaluation 
                        activities have been completed; and
                            ``(ii) the results of that testing and 
                        evaluation demonstrate that the performance 
                        milestones are technologically feasible.
            ``(2) Report.--Not later than 30 days after making a 
        finding described in clause (i), (ii), or (iii) of subparagraph 
        (A), the Administrator shall submit a report to the Committee 
        on Commerce, Science, and Transportation of the Senate and the 
        Committee on Homeland Security of the House of Representatives 
        that includes--
                    ``(A) the results of any assessment that finds 
                that--
                            ``(i) the actual or planned costs exceed 
                        the baseline costs by more than 10 percent;
                            ``(ii) the actual or planned schedule for 
                        delivery has been delayed by more than 180 
                        days; or
                            ``(iii) there is a failure to meet any 
                        performance milestone that directly impacts 
                        security effectiveness;
                    ``(B) the cause for that excessive costs, delay, or 
                failure; and
                    ``(C) a plan for corrective action.

``SEC. 1614. INVENTORY UTILIZATION.

    ``(a) In General.--Before the procurement of additional quantities 
of equipment to fulfill a mission need, the Administrator, to the 
extent practicable, shall utilize any existing units in the 
Administration's inventory to meet that need.
    ``(b) Tracking of Inventory.--
            ``(1) In general.--The Administrator shall establish a 
        process for tracking--
                    ``(A) the location of security-related equipment in 
                the inventory under subsection (a);
                    ``(B) the utilization status of security-related 
                technology in the inventory under subsection (a); and
                    ``(C) the quantity of security-related equipment in 
                the inventory under subsection (a).
            ``(2) Internal controls.--The Administrator shall implement 
        internal controls to ensure up-to-date accurate data on 
        security-related technology owned, deployed, and in use.
    ``(c) Logistics Management.--
            ``(1) In general.--The Administrator shall establish 
        logistics principles for managing inventory in an effective and 
        efficient manner.
            ``(2) Limitation on just-in-time logistics.--The 
        Administrator may not use just-in-time logistics if doing so--
                    ``(A) would inhibit necessary planning for large-
                scale delivery of equipment to airports or other 
                facilities; or
                    ``(B) would unduly diminish surge capacity for 
                response to a terrorist threat.

``SEC. 1615. SMALL BUSINESS CONTRACTING GOALS.

    ``Not later than 90 days after the date of enactment of the 
Transportation Security Acquisition Reform Act, and annually 
thereafter, the Administrator shall submit a report to the Committee on 
Commerce, Science, and Transportation of the Senate and the Committee 
on Homeland Security of the House of Representatives that includes--
            ``(1) the Administration's performance record with respect 
        to meeting its published small-business contracting goals 
        during the preceding fiscal year;
            ``(2) if the goals described in paragraph (1) were not met 
        or the Administration's performance was below the published 
        small-business contracting goals of the Department--
                    ``(A) a list of challenges, including deviations 
                from the Administration's subcontracting plans, and 
                factors that contributed to the level of performance 
                during the preceding fiscal year;
                    ``(B) an action plan, with benchmarks, for 
                addressing each of the challenges identified in 
                subparagraph (A), which--
                            ``(i) was prepared after consultation with 
                        the Secretary of Defense and the heads of 
                        Federal departments and agencies that achieved 
                        their published goals for prime contracting 
                        with small and minority owned businesses, 
                        including small and disadvantaged businesses, 
                        in prior fiscal years; and
                            ``(ii) identifies policies and procedures 
                        that could be incorporated by the 
                        Administration in furtherance of achieving the 
                        Administration's published goal for such 
                        contracting; and
            ``(3) a status report on the implementation of the action 
        plan that was developed in the preceding fiscal year in 
        accordance with paragraph (2)(B), if such a plan was required.

``SEC. 1616. CONSISTENCY WITH THE FEDERAL ACQUISITION REGULATION AND 
              DEPARTMENTAL POLICIES AND DIRECTIVES.

    ``The Administrator shall execute the responsibilities set forth in 
this subtitle in a manner consistent with, and not duplicative of, the 
Federal Acquisition Regulation and the Department's policies and 
directives.''.
    (b) Conforming Amendment.--The table of contents in section 1(b) of 
the Homeland Security Act of 2002 (116 Stat. 2135) is amended by 
striking the items relating to title XVI and inserting the following:

                  ``TITLE XVI--TRANSPORTATION SECURITY

                    ``Subtitle A--General Provisions

``Sec. 1601. Definitions.

   ``Subtitle B--Transportation Security Administration Acquisition 
                              Improvements

``Sec. 1611. 5-year technology investment plan.
``Sec. 1612. Acquisition justification and reports.
``Sec. 1613. Acquisition baseline establishment and reports.
``Sec. 1614. Inventory utilization.
``Sec. 1615. Small business contracting goals.
``Sec. 1616. Consistency with the Federal acquisition regulation and 
                            departmental policies and directives.''.
    (c) Prior Amendments Not Affected.--Nothing in this section may be 
construed to affect any amendment made by title XVI of the Homeland 
Security Act of 2002 as in effect before the date of enactment of this 
Act.

SEC. 4. GOVERNMENT ACCOUNTABILITY OFFICE REPORTS.

    (a) Implementation of Previous Recommendations.--Not later than 1 
year after the date of the enactment of this Act, the Comptroller 
General of the United States shall submit a report to Congress that 
contains an assessment of the Transportation Security Administration's 
implementation of recommendations regarding the acquisition of 
security-related technology that were made by the Government 
Accountability Office before the date of the enactment of this Act.
    (b) Implementation of Subtitle B of Title XVI.--Not later than 1 
year after the date of the enactment of this Act and 3 years 
thereafter, the Comptroller General of the United States shall submit a 
report to Congress that contains an evaluation of the Transportation 
Security Administration's progress in implementing subtitle B of title 
XVI of the Homeland Security Act of 2002 (116 Stat. 2312), including 
any efficiencies, cost savings, or delays that have resulted from such 
implementation.

SEC. 5. REPORT ON FEASIBILITY OF INVENTORY TRACKING.

    Not later than 90 days after the date of the enactment of this Act, 
the Administrator of the Transportation Security Administration shall 
submit a report to Congress on the feasibility of tracking security-
related technology, including software solutions, of the Administration 
through automated information and data capture technologies.

SEC. 6. GOVERNMENT ACCOUNTABILITY OFFICE REVIEW OF TSA'S TEST AND 
              EVALUATION PROCESS.

    Not later than 1 year after the date of the enactment of this Act, 
the Comptroller General of the United States shall submit a report to 
Congress that includes--
            (1) an evaluation of the Transportation Security 
        Administration's testing and evaluation activities related to 
        security-related technology;
            (2) information on the extent to which--
                    (A) the execution of such testing and evaluation 
                activities is aligned, temporally and otherwise, with 
                the Administration's annual budget request, acquisition 
                needs, planned procurements, and acquisitions for 
                technology programs and projects; and
                    (B) security-related technology that has been 
                tested, evaluated, and certified for use by the 
                Administration but was not procured by the 
                Administration, including the reasons the procurement 
                did not occur; and
            (3) recommendations--
                    (A) to improve the efficiency and efficacy of such 
                testing and evaluation activities; and
                    (B) to better align such testing and evaluation 
                with the acquisitions process.

SEC. 7. NO ADDITIONAL AUTHORIZATION OF APPROPRIATIONS.

    This Act and the amendments made by this Act shall be carried out 
using amounts otherwise available for such purpose. No additional funds 
are authorized to be appropriated to carry out this Act or such 
amendments.
                                                       Calendar No. 599

113th CONGRESS

  2d Session

                                S. 1893

                          [Report No. 113-274]

_______________________________________________________________________

                                 A BILL

To require the Transportation Security Administration to implement best 
     practices and improve transparency with regard to technology 
             acquisition programs, and for other purposes.

_______________________________________________________________________

                           November 17, 2014

                       Reported with an amendment