[House Hearing, 110 Congress]
[From the U.S. Government Publishing Office]


 
  MOVING BEYOND THE FIRST FIVE YEARS: HOW THE TRANSPORTATION SECURITY 
ADMINISTRATION (TSA) WILL CONTINUE TO ENHANCE SECURITY FOR ALL MODES OF 
                             TRANSPORTATION

=======================================================================

                                HEARING

                               before the

                SUBCOMMITTEE ON TRANSPORTATION SECURITY
                     AND INFRASTRUCTURE PROTECTION

                                 of the

                     COMMITTEE ON HOMELAND SECURITY
                        HOUSE OF REPRESENTATIVES

                       ONE HUNDRED TENTH CONGRESS

                             SECOND SESSION

                               __________

                             APRIL 15, 2008

                               __________

                           Serial No. 110-105

                               __________

       Printed for the use of the Committee on Homeland Security
                                     
[GRAPHIC] [TIFF OMITTED] TONGRESS.#13

                                     

  Available via the World Wide Web: http://www.gpoaccess.gov/congress/
                               index.html

                               __________

                     U.S. GOVERNMENT PRINTING OFFICE
43-357 PDF                 WASHINGTON DC:  2008
---------------------------------------------------------------------
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov  Phone: toll free (866) 512-1800; (202) 512ï¿½091800  
Fax: (202) 512ï¿½092104 Mail: Stop IDCC, Washington, DC 20402ï¿½0900012008


                     COMMITTEE ON HOMELAND SECURITY

               Bennie G. Thompson, Mississippi, Chairman

Loretta Sanchez, California          Peter T. King, New York
Edward J. Markey, Massachusetts      Lamar Smith, Texas
Norman D. Dicks, Washington          Christopher Shays, Connecticut
Jane Harman, California              Mark E. Souder, Indiana
Peter A. DeFazio, Oregon             Tom Davis, Virginia
Nita M. Lowey, New York              Daniel E. Lungren, California
Eleanor Holmes Norton, District of   Mike Rogers, Alabama
Columbia                             David G. Reichert, Washington
Zoe Lofgren, California              Michael T. McCaul, Texas
Sheila Jackson Lee, Texas            Charles W. Dent, Pennsylvania
Donna M. Christensen, U.S. Virgin    Ginny Brown-Waite, Florida
Islands                              Gus M. Bilirakis, Florida
Bob Etheridge, North Carolina        David Davis, Tennessee
James R. Langevin, Rhode Island      Paul C. Broun, Georgia
Henry Cuellar, Texas                 Candice S. Miller, Michigan
Christopher P. Carney, Pennsylvania
Yvette D. Clarke, New York
Al Green, Texas
Ed Perlmutter, Colorado
Bill Pascrell, Jr., New Jersey

       Jessica Herrera-Flanigan, Staff Director & General Counsel

                     Rosaline Cohen, Chief Counsel

                     Michael Twinchek, Chief Clerk

                Robert O'Connor, Minority Staff Director

                                 ______

 SUBCOMMITTEE ON TRANSPORTATION SECURITY AND INFRASTRUCTURE PROTECTION

                 Sheila Jackson Lee, Texas, Chairwoman

Edward J. Markey, Massachusetts      Daniel E. Lungren, California
Peter A. DeFazio, Oregon             Ginny Brown-Waite, Florida
Eleanor Holmes Norton, District of   Gus M. Bilirakis, Florida
Columbia                             Paul C. Broun, Georgia
Yvette D. Clarke, New York           Peter T. King, New York (Ex 
Ed Perlmutter, Colorado              Officio)
Bennie G. Thompson, Mississippi (Ex 
Officio)

                     Erin Daste, Director & Counsel

                   Natalie Nixon, Deputy Chief Clerk

                 Coley O'Brien, Minority Senior Counsel

                                  (II)


                            C O N T E N T S

                              ----------                              
                                                                   Page

                               Statements

The Honorable Sheila Jackson Lee, a Representative in Congress 
  From the State of Texas, and Chairwoman, Subcommittee on 
  Transportation Security and Infrastructure Protection:
  Oral Statement.................................................     1
  Prepared Statement.............................................     4
The Honorable Daniel E. Lungren, a Representative in Congress 
  From the State of California, and Ranking Member, Subcommittee 
  on Transportation Security and Infrastructure Protection.......     5
The Honorable Ginny Brown-Waite, a Representative in Congress 
  From the State of Florida:
  Prepared Statement.............................................     7

                               Witnesses

Mr. Kip Hawley, Assistant Secretary, Transportation Security 
  Administration, Department of Homeland Security:
  Oral Statement.................................................     9
  Prepared Statement.............................................    10
Ms. Cathleen Berrick, Director, Homeland Security and Justice, 
  Government Accountability Office:
  Oral Statement.................................................    17
  Prepared Statement.............................................    19
Mr. Clark Kent Ervin, Director, Homeland Security Initiative, 
  Aspen Institute:
  Oral Statement.................................................    30
  Prepared Statement.............................................    32
Mr. C. Stewart Verdery, Jr., Partner, Monument Policy Group, LLC:
  Oral Statement.................................................    34
  Prepared Statement.............................................    37

                                Appendix

Questions From Chairwoman Sheila Jackson Lee.....................    59
Questions From Honorable Mike Rogers.............................    78


  MOVING BEYOND THE FIRST FIVE YEARS: HOW THE TRANSPORTATION SECURITY 
ADMINISTRATION (TSA) WILL CONTINUE TO ENHANCE SECURITY FOR ALL MODES OF 
                             TRANSPORTATION

                              ----------                              


                        Tuesday, April 15, 2008

             U.S. House of Representatives,
                    Committee on Homeland Security,
Subcommittee on Transportation Security and Infrastructure 
                                                Protection,
                                                    Washington, DC.
    The subcommittee met, pursuant to notice, at 2:10 p.m., in 
Room 311, Cannon House Office Building, Hon. Sheila Jackson Lee 
[chairwoman of the subcommittee] presiding.
    Present: Representatives Jackson Lee, Clarke, Perlmutter, 
Lungren, and Bilirakis.
    Ms. Jackson Lee [presiding.] Good afternoon. The 
subcommittee will come to order. The subcommittee is meeting 
today to receive testimony on moving beyond the first 5 years, 
how the Transportation Security Administration will continue to 
enhance security for all modes of transportation. Importantly, 
this testimony will discuss what the Transportation Security 
Administration has accomplished in the first 5 years since the 
creation of the Department of Homeland Security and what work 
remains to be done to secure the Nation's transportation 
system.
    Let me first of all acknowledge the presence of the ranking 
member, Mr. Lungren, of California, and Mr. Bilirakis of 
Florida.
    We are delighted that our Assistant Secretary Hawley is 
here amongst the other witnesses. Let me thank them all.
    Mr. Hawley, Ms. Berrick and Mr. Ervin, it is good to see 
you again, and, Mr. Verdery, it is good to see you, as well.
    I will attempt to yield myself 5 minutes and to speak 
pithily in my opening remarks. Many of us are double-scheduled. 
This is an extremely important hearing. I want to give time to 
the witnesses and also time for the members, who may have to go 
back to the floor.
    As I said, good afternoon, and we thank you again for 
coming to this hearing and participating, again, in the hearing 
that speaks about the first 5 years of the Transportation 
Security Administration. But, in light of where we are after 9/
11, to really focus on how we improve transportation in all 
modes.
    We have had some challenges. As we have discussed, the 
needs for the air traffic marshals, if you will, the air 
marshals, U.S. air marshals; as we have listened to the overall 
challenges addressing the question of utilization of air 
traffic controllers; as we continue to look for new technology 
as it impacts the air cargo aspect; as we find that our flight 
deck officers are facing maybe the possibility of accidental 
utilization of guns in the cockpit. We know that there is much 
to be done.
    As we continue to work and to make better the work in 
progress that is the transportation security screeners, we do 
that by inviting Assistant Secretary Hawley to our respective 
jurisdictions, as he did just recently in the city of Houston 
at the Bush International Airport to look at--and as he has 
done across the Nation--but to listen to and to look at ways of 
enhancing the training and professional development of the TSA 
screeners and to work on what is not a diminishing of security 
but a consistency in security.
    So, with a smile on my face, we certainly are not here, 
Ranking Member Lungren, to tip off the terrorists, because with 
all that we are trying to improve, I have said consistently 
that this should give no comfort to any terrorist. The United 
States is far better prepared and ready than it has ever been. 
Certainly the tragedy, the horrific tragedy of 9/11, has caused 
to be prepared. But we can always work to do better. For a 
Nation, the necessity for funding and the necessity for 
technology have to be utilized, along with oversight and hard 
questions. We should not run away from hard questions.
    As we welcome the witnesses today, I think we will be 
speaking about many very important issues. We recognize the 
significant milestone that is the Department of Homeland 
Security's fifth year anniversary. This subcommittee will take 
the opportunity to reflect on the work that TSA has done to 
secure our Nation's aviation and surface transportation systems 
and what work has to be done.
    First, I would like to recognize, again, the work that the 
TSA employees and the team have done.
    Thank you, and thank you to Assistant Secretary Hawley for 
your work.
    However, in the business of security, there is always work 
to be done for those of us charged with doing all we can to 
protect the American public from those who wish to do us harm. 
The work never ends, and we can never rest.
    As such, we are here today to discuss not only what has 
been accomplished in aviation and surface transportation 
security, but what needs to be done. The TSA is responsible for 
the security of highways, railroads, buses, mass transit 
systems, ports and the 450 U.S. airports and employs 
approximately 50,000 individuals who have the very important 
mission of keeping the traveling public safe from terrorist 
threats.
    There are many aspects of securing transportation. First, 
there must be an overarching plan and comprehensive strategy 
under which all programs and policies must flow. Those programs 
need to be administered efficiently in combination with 
developments, in screening and detection, technology, to make 
sure that threats are discovered.
    We must have well-thought-out grant programs that quickly 
get money to mass transit or transit systems and an appropriate 
risk assessment so that continuing security investments can be 
made that are tailored to particular transit systems to provide 
the most comprehensive security networks, an all-important 
component of security that I consider a paramount priority in 
the continuing training of front-line workers. They are our 
first line of defense against our enemies, and we owe it to 
them to provide them with the best training, supportive work 
environment and opportunities for professional development.
    With respect to technology, we must cut out the red tape. 
The longer we are engaged in red tape, the less secure America 
becomes. If we must screen air cargo, then we must do it with 
the latest technology. If it is available, we have to cut the 
layers and layers of approval that now the DHS subjects 
entrepreneurs and inventors of new technology that can actually 
help us.
    Do I want to build in fraud? Absolutely not. I want to 
build in efficiency, expediency, detailed knowledge of the 
technology and then approval, if it is a product or a 
technology that works.
    When this Congress passed into law the 9/11 bill, we 
directed the Department to make improvements in the aviation 
cargo screening, expanded the surface transportation security 
grants, defined criteria for the handling of security-sensitive 
materials on railroads and provided significant employee 
training programs and protections.
    I would like to think this committee has been part of the 
solution. The subcommittee has worked very hard on including in 
its oversight the improvement of transportation employees, 
security employees. It is vitally important that the Department 
continues to carry out the mandates created in the 9/11 bill. 
These provisions were created in a bipartisan manner with 
significant input from the Department and industry stakeholders 
to close security gaps and fulfill the recommendations of the 
9/11 Commission.
    To be sure, the TSA has taken steps to secure the plane and 
the passenger but has still left the system vulnerable to 
attacks. In essence, I believe that our focus has 
disproportionately been on protecting aircraft from past attack 
scenarios, such as suicide hijackings, which we should never 
forget, and IEDs carried out by airline passengers, and has not 
given enough attention by other potential vulnerabilities.
    I am encouraged by the progress that has been made within 
the TSA, such as including refining the checkpoints, advances 
made in behavior recognition.
    Assistant Secretary Hawley, I will be asking you about a 
success story we recently had in introducing technologies that 
improve screening. However, there remains cause for concern, as 
well. By TSA's own covert testing, TSA screeners are still 
underperforming when it comes to detecting potential bombs and 
bomb parts, calling into question whether TSOs are getting the 
training they need to do the job that we need them to do and 
that they desire to do.
    Training, resources, we can't nickel-and-dime the security 
of Americans. We must also not lose sight of the need for 
robust surface transportation security programs. I wonder how 
many of us have paid attention to the buses that travel upon 
the roads and highways of this Nation, taking hardworking 
Americans to work.
    The intelligence tells us that transportation continues to 
be the most significant security threat facing us today. 
Aviation is still a premium for terrorists, but as attacks 
around the world have shown us, rail and mass transit is also 
an extremely attractive target for those who want to cause mass 
casualties and panic, and buses, as I previously said.
    When 11.3 million people are traveling by mass transit each 
weekday, we cannot afford to lose sight of this vulnerability. 
That is why this hearing is so vital. TSA is one of the most 
high-profile components of the Department of Homeland Security. 
It has a broad-based jurisdiction, and we are here to be a 
partner in, again, as I said, protecting America against 
threats and, as well, ensuring the safety and security of 
Americans.
    As the subcommittee with jurisdiction over transportation 
security and infrastructure protection, we need to be in 
constant communication with the TSA on how we can continue to 
improve transportation security. So today, in the sense of 
respect of the fifth anniversary of the department, let us 
congratulate our successes, and let us thank our front-line 
employees, but let us come together in our collective concern 
and efforts and vigilance.
    We have managed to avert a terrorist attack on our soil 
since the tragic events of September 11. But even more 
important than celebrating our efforts is thinking critically 
and creatively and with foresight about the systemic steps that 
we need to take to better secure our Nation's transportation 
systems. As you are, we are here to be of assistance and to 
make it happen.
    I thank the witnesses for their testimony. With that, I 
yield to the distinguished gentleman from California for his 
opening statement.
    [The statement of Chairwoman Jackson Lee follows:]

          Prepared Statement of Chairwoman Sheila Jackson Lee
                             April 15, 2008

    Good afternoon, I would like to thank everyone for their 
participation in this afternoon's hearing entitled, ``Moving Beyond the 
First Five Years: How the Transportation Security Administration (TSA) 
Will Continue to Enhance Security for All Modes of Transportation.'' I 
would also like to welcome our witnesses today who have come to talk 
about this very important issue. As we recognize the significant 
milestone that is the Department of Homeland Security 5-year 
anniversary, this subcommittee will take this opportunity to reflect on 
the work that the TSA has done to secure our Nation's aviation and 
surface transportation systems, and what work has to be done.
    First, I would like to recognize the hard work and dedication of 
Assistant Secretary Hawley. Under Mr. Hawley, the TSA has made 
significant strides in making aviation and surface transportation more 
secure. This committee certainly congratulates him on his successes as 
the Administrator of the TSA.
    However, in the business of security, there is always work to be 
done. For those of us charged with doing all we can to protect the 
American public from those who wish to do us harm--the work never ends, 
and we can never rest. As such, we are here today to discuss not only 
what has been accomplished in aviation and surface transportation 
security.
    The TSA is responsible for the security of highways, railroads, 
buses, mass transit systems, ports and the 450 U.S. airports, and 
employs approximately 50,000 individuals who have the very important 
mission of keeping the traveling public safe from terrorist threats.
    There are many aspects to securing transportation. First, there 
must be an overarching plan and comprehensive strategy under which all 
programs and policies must flow. Those programs need to be administered 
efficiently in combination with developments in screening and detection 
technology to make sure that threats are discovered. We must have well-
thought-out grant programs that quickly gets money to transit systems 
under an appropriate risk assessment so that continuing security 
investments can be made that are tailored to particular transit systems 
to provide the most comprehensive security network. An all-important 
component of security that I consider a paramount priority is the 
continuing training of frontline workers. They are our first line of 
defense against our enemies, and we owe it to them to provide them with 
the best training, supportive work environment, and opportunities for 
professional development.
    When this Congress passed into law the 9/11 bill, we directed the 
Department to make improvements in aviation cargo screening, expanded 
up the surface transportation security grants, defined criteria for the 
handling of security sensitive materials on railroads, and provided 
significant employee training programs and protections. It is vitally 
important that the Department continues to carryout the mandates 
created in the 9/11 bill. These provisions were created in a bi-
partisan matter, with significant input from the Department and 
industry stakeholders, to close security gaps and fulfill the 
recommendations of the 9/11 Commission.
    To be sure, the TSA has taken steps to secure the plane and the 
passenger but has still left the system vulnerable to attacks. In 
essence, I believe that our focus has disproportionately been on 
protecting aircraft from past attack scenarios--such as suicide 
hijackings and IEDs carried out by airline passengers--and has not 
given enough attention to other potential vulnerabilities.
    I am encouraged by the progress that has been made within the TSA, 
such as including refining the checkpoints, the advancements made in 
Behavior Recognition, and introducing technologies that improve 
screening. However, there remains cause for concern as well. By TSA's 
own covert testing, TSA screeners are still underperforming when it 
comes to detecting potential bombs and bomb parts, calling into 
question whether TSOs are getting the training they need to do the job 
that we need them to do and that they desire to do.
    We must also not lose sight of the need for a robust surface 
transportation security program. The intelligence tells us that 
transportation continues to be the most significant security threat 
facing us today. Aviation is still a premium target for terrorists, but 
as attacks around the world have shown us, rail and mass transit is 
also an extremely attractive target for those who want to cause mass 
casualties and panic. With 11.3 million people traveling by mass 
transit each weekday, we cannot afford to lose sight of this 
vulnerability. That is why this hearing is so vitally important. The 
TSA is one of the most high profile components of the Department of 
Homeland Security, and based on known threats, the most important.
    As the subcommittee with jurisdiction over transportation security 
and infrastructure protection, we need to be in constant communication 
with the TSA on how we can continue to improve transportation security. 
So today, in honor of the fifth anniversary of the Department, let us 
congratulate our successes. Because of our collective efforts and 
vigilance, we have managed to avert a terrorist attack on our soil 
since the tragic events of September 11. But even more important than 
celebrating our efforts is thinking critically, creatively and with 
foresight about the systemic steps we need to take to better secure our 
Nation's transportation systems and ensuring that we are committed and 
dedicated to the implementation of these steps.
    I thank the witnesses again and look forward to their testimony.

    Mr. Lungren. Thank you very much, Chairwoman Jackson Lee. 
Thank you for having this hearing.
    The Transportation Security Administration is without a 
doubt a critical partner in our Nation's domestic security 
umbrella. Therefore, before we move beyond the first 5 years, I 
believe it is important for us to reflect on what we have 
learned during these formative years for TSA and for our 
Homeland Security Department in general.
    First and foremost, and you alluded to this a moment ago, 
there have been no successful attacks against any U.S. 
transportation mode since TSA was established. I don't think 
that is by accident.
    If anybody thinks that after 9/11 Al Qaeda put its feet up 
on the table and decided that they were no longer going to try 
and attack us, I think that person is living in a dream world. 
There have been no successful attacks since--well, in 2002, 
2003, 2004, 2005, 2006, 2007 and thus far in 2008. I don't 
think that is by accident. I think it is because of the hard 
work of many men and women around the world, including those 
involved with TSA.
    So, before we look forward, it seems to me we should 
recognize and commend the outstanding work of all, including 
TSA, in fulfilling their mission in securing our air, rail and 
bus transportation systems. TSA has accomplished their mission, 
yet we know there is much more to be done. There is no 
perfection in this world, and we can always do better.
    We have had hearings in which we have pointed out 
shortcomings, as we have also acknowledged the successes within 
the Department of Homeland Security, and I hope that will 
continue.
    But it seems to me we on our side over here could be doing 
some things, too. We have not in the last year-and-a-half 
provided a homeland security authorization bill. That is 2 
consecutive years.
    It seems to me, if we are serious about finding ways TSA 
could enhance future transportation security, passing an 
authorization bill, whether or not the Senate would move along 
with it, would be an important first step. It would show 
exactly we think TSA and the Department should be going. It 
would show a commitment on a total bipartisan basis in our 
effort to ensure that we continue with progress.
    Another helpful change that we could make would be to 
consolidate congressional jurisdiction of the Homeland Security 
Department. I know how many times we have had TSA up here. I 
know how many times we have had other people from the 
Department of Homeland Security here.
    It seems to me that TSA and the Department could focus on 
its critical transportation security responsibilities in a 
better way, instead of responding to and appearing before 
countless congressional committees. I mean, that was the 
promise of reorganization here in the Congress to go along with 
the reorganization on the Executive branch.
    I will say that my side of the aisle failed to do it, and I 
was hoping that maybe we would see this in the last couple of 
years, but it hasn't. That is not a partisan issue. That is a 
congressional issue that continues.
    But we ought to step up and say, if this is a priority, we 
ought to have the courage to reorganize ourselves. Congress 
should also stop the continuous departmental reorganizations. I 
think this would stabilize the working environment and improve 
productivity in the entire Department.
    So, looking forward, TSA can enhance future security for 
all modes of transportation by not abandoning the risk-based 
security principles in pursuit of something which is elusive, 
100 percent this, 100 percent that. One hundred percent 
screening solutions at times may sound good, but they may not 
in fact be the practical way that we deal with the problem.
    Risk assessment allows TSA and the Department to 
effectively target its financial and intelligence resources for 
a greater security benefit. Without unlimited funding, and we 
will never have that, we in the Congress have to do better. We 
have to be smarter. We have to make sure that our Department is 
smarter than the terrorists. We have to use our intelligence 
and layered security measures to mitigate future risks.
    As much as I would like to say it could be true, the fact 
of the matter is risks cannot be eliminated entirely, and we 
ought to level with the American public on that. It can be 
managed and it can be practically dealt with and effectively 
dealt with in all areas. But that is also true in a 
transportation system as large as ours.
    If we tried to promise something which is impossible, 
bankruptcy will result and terrorists will win. I hope that we 
can continue to use the risk-based approach, the layered 
security approach, working in a cooperative effort between the 
Congress and the Executive branch, pointing out the warts where 
they exist, and I know occasionally you folks point out the 
warts which exist over here, as well.
    But we should be giving the American people confidence that 
we are in this together, not for partisan purposes, but on a 
bipartisan basis attempting to do the best for this country 
under the best of circumstances that we can create. So I look 
forward to the hearing today and to hear from our witnesses 
this afternoon.
    We have reviewed the prepared testimony. I might have to 
skip out for a short time for another meeting I have, but I 
will be back here for the round of questions and I know we will 
probably be interrupted by votes on the floor, too. But I will 
be back after that to make sure that we have a chance for the 
questioning round.
    So thank you very much, Madam Chairwoman.
    Ms. Jackson Lee. I thank the ranking member and join him in 
accepting the challenge. Obviously, as he admitted, when the 
House was in different leadership it was quite difficult to try 
to disturb this jurisdictional, if you will, roadblock that we 
sometimes have.
    I can assure you that myself and the Chairman of the full 
committee are committed to ensuring a well-run Department of 
Homeland Security with minimal amount of overlapping in 
jurisdiction. We are willing to take up the challenge, and I 
think as we listen to the witnesses, who may themselves wish to 
comment on streamlining the jurisdictional oversight, we will 
work together. We hope that you will have the votes on your 
side of the aisle, and we will work to get the votes on our 
side of the aisle, because it certainly is an important 
question.
    I would like to also note that you made an important point 
about authorization, and of course we did pass an authorization 
bill out of the House last year. We really will look forward to 
tackling that again and working to ensure that it happens. But 
we all are concerned about those issues, and we thank you for 
your statement.
    Let me as well now indicate that other members of the 
subcommittee are reminded that under the committee rules 
opening statements may be submitted for the record.
    [The statement of Hon. Brown-Waite follows:]

              Prepared Statement of Hon. Ginny Brown-Waite

    Thank you Chairwoman Jackson Lee and Ranking Member Lungren for 
holding this hearing today.
    While it is important for this committee to examine the role of the 
Department of Homeland Security 5 years after the Department's 
inception, I cannot overlook the committee's failure to draft and pass 
an authorization bill. As many of my colleagues have pointed out, 
passing an authorization bill is a primary responsibility of this 
committee, and we must attend to this duty as quickly as possible.
    Today, I look forward to hearing from Assistant Secretary Hawley 
and our other witnesses as they shed light on the Transportation 
Security Administration's greatest successes to date, and the looming 
challenges they face in attempting to keep our transportation system 
and critical infrastructure secure.
    Specifically, I hope that Assistant Secretary Hawley can provide an 
update on the status of Transportation Worker Identification Credential 
(TWIC) enrollment in the State of Florida. The well-intentioned TWIC 
program must be implemented in a way that does not undo the good work 
of States that took meaningful steps to protect their ports before TWIC 
was developed.
    This committee must also address how TSA plans to test airport 
worker screening methods. As Congresswoman Lowey and I signaled with 
the passage of our bill, H.R. 1413, to create a pilot program to screen 
such workers, this is an issue TSA must confront as quickly as 
possible. While there has been speculation that TSA may launch a 
similar pilot program in the near future, I hope that the Assistant 
Secretary can elaborate on his plan for approaching airport worker 
screening.
    Finally, I would like to thank the Assistant Secretary and TSA for 
their dedication to keeping Americans, especially those of us who must 
travel frequently, out of harm's way. Confronting terrorism and 
protecting this Nation is often a thankless task, but your 
accomplishments over the last 5 years have not gone unnoticed.
    Thank you.

    Ms. Jackson Lee. I welcome our panel of witnesses. Our 
first witness, Assistant Secretary Kip Hawley, is very well 
known to this committee. As the distinguished administrator of 
the Transportation Security Administration, Kip Hawley has 
exhibited his extensive transportation technology experience in 
both the private and public sectors, his tenure as Assistant 
Secretary of Homeland Security for the Transportation Security 
Administration, since his swearing in in 2005.
    Welcome.
    Our second witness is Ms. Cathy Berrick, who is Director of 
Homeland Security and Justice at the Government Accountability 
Office. In this position, she oversees GAO's reviews of 
aviation and surface transportation security matters, has 
developed a broad knowledge of transportation security 
practices and related Federal policies and Federal and private 
sector roles and responsibilities.
    Our third witness is Mr. Clark Kent Ervin, who has spent 
some of his best years in Houston, Texas. Clark Kent Ervin 
joined the Aspen Institute in January 2005 to explore the 
creation of a homeland security initiative. Before joining the 
institute, he served as the first inspector general of the 
United States Department of Homeland Security from January 2003 
to December 2004. Prior to his service at DHS, he served as the 
inspector general of the United States Department of State from 
August 2001 to January 2003. His service in the George W. Bush 
administration is preceded by his service as the associate 
director of policy in the White House Office of National 
Service in the George H.W. Bush administration.
    Welcome.
    Our fourth and final witness is Mr. Stewart Verdery of 
Monument Policy Group. From 2003 to 2005, he served as the 
first assistant secretary for policy and planning at the U.S. 
Department of Homeland Security. Following his unanimous 
confirmation by the U.S. Senate, at DHS Border and 
Transportation Security Directorate, he led efforts to develop 
and implement policies related to immigration, visas, travel 
facilitation, cargo security and international trade, 
transportation security and law enforcement. Mr. Verdery 
supervised policy development at agencies such as the U.S. 
Customs and Border Protection and the Transportation Security 
Administration. Mr. Verdery also serves as an adjunct fellow at 
the Center for Strategic and International Studies.
    Without objection, the witnesses' full statements will be 
inserted in the record. I now ask each witness to summarize his 
5 minute statement, beginning with Assistant Secretary Hawley.

 STATEMENT OF KIP HAWLEY, ASSISTANT SECRETARY, TRANSPORTATION 
    SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY

    Mr. Hawley. Thank you, Chairwoman Jackson Lee, Hon. 
Bilirakis, members of the subcommittee.
    I am pleased to appear before you today to discuss the 
first 5 years at DHS for TSA and look ahead to the next 5 
years. Two weeks ago today, Kevin Brown walked into the Orlando 
Airport. A behavior detection manager in plainclothes saw Mr. 
Brown and he saw a few things that caught his interest as a 
trained behavior specialist.
    Along with additional behavior detection officers, they 
intercepted his checked baggage before they went to screening. 
When they had searched his bags, they found everything you need 
to build a bomb.
    Brown didn't make it to the checkpoint and his bags never 
left the lobby. He was intercepted and taken into custody by 
the Orlando police, searched at curbside by the Orange County 
bomb squad and turned over to the FBI. This is layered security 
in action. It is an excellent example of TSA's partnership with 
law enforcement and it is part of our new paradigm to recognize 
and use the skill of our workforce to add layers of security to 
go on offense.
    How do we do that? There are three prongs to our approach 
to upgrade security: people, technology and process. All of 
those need to be improved, and all are moving forward as we 
speak. We call it Checkpoint Evolution because we do not have 
the game-changing technology that will at once take us back to 
pre-9/11 convenience.
    By upgrading what we do have, our significant people and 
technology resources, coupled with process innovation, we can 
get the security result we need with a lot less hassle to 
passengers. Recently, TSA announced a prototype checkpoint that 
will shortly be tested in Baltimore.
    You will see there an integrated security checkpoint 
bringing together people, technology and better process. You 
will first notice a new look, but the most significant piece 
involves our officers.
    The checkpoint configuration and technology will support a 
team approach that will be calmer and more conducive to smart 
security. It all starts with our people. They are our biggest 
investment, and if we motivate and prepare them to their best, 
they will in fact improve TSA security.
    Our TSOs are ready to use that experience and skill from 
working with passengers every day to take security up a level. 
This committee has been forward leaning, and the Chairwoman 
mentioned in her opening statement their commitment to front-
line training. TSA is committed, as well.
    We have begun a top-to-bottom retraining of our workforce. 
I and every TSO working at a checkpoint will undergo this year 
an extensive 12-hour retraining, bringing together the latest 
thinking from intelligence, from explosive detection and in 
human factors that can affect security.
    This will give us the tools to go on offense. It is not 
about completing a checklist. It is about stopping terror 
plots.
    On the technology front of Checkpoint Evolution, we will be 
upgrading the technology you see at passenger checkpoints. For 
quick, less-intrusive, highly effective screening of what is 
carried on the person, whole-body imaging will be deployed, 
this week, to JFK and LAX airports. We will begin operating 
millimeter-wave technology at those airports.
    In addition, we will be purchasing at least 30 more of the 
machines for deployment at airports this year. I have 
previously said that we are deploying 250 multi-view advanced 
X-ray machines by midyear and today I am pleased to announce 
our plan to purchase and deploy another 580 units, totaling 
830, using fiscal year 2007 supplemental and fiscal year 2008 
annual appropriations.
    We have got 250 already bought. We are announcing today we 
are going to add another 580. Multi-view advanced X-ray is a 
powerful platform on which to build additional software 
algorithms as new detection technologies become available, 
including for liquids.
    Six hundred of these machines, of the new A.T. machines, 
are going to be deployed by year-end. TSA's strategy is to 
start with intelligence, partner with law enforcement, industry 
partners and the public and use security measures that are 
flexible, widely deployable, mobile and layered to cover the 
inevitable gaps that exist or develop in our complex open 
transportation network.
    We cannot afford to spend all our energy looking for listed 
items while standing behind the magnetometer. We have to look 
up from the checklist and be proactive, engaged in really 
evaluating risk.
    TSOs and all of us at TSA are focused not only on what we 
already know, but also on being alert for clues of something 
new, different and dangerous. That is the challenge of the next 
5 years, to execute against known threats, but also to have the 
courage and imagination to put measures in place now that will 
disrupt whatever may come at us.
    Thank you very much.
    [The statement of Mr. Hawley follows:]

                    Prepared Statement of Kip Hawley
                             April 15, 2008

    Good afternoon, Chairwoman Jackson Lee, Ranking Member Lungren, and 
Members of the subcommittee. I am pleased to appear before you today to 
discuss how transportation security has evolved and what the future 
holds for transportation security.
    The Department of Homeland Security has reached a significant 
milestone in passing its fifth anniversary in March. Secretary Chertoff 
has noted that it is time to assess how far the Department has come and 
where it must go in the next 5 years. In that context, Secretary 
Chertoff outlined the Department's priorities as: Identifying the 
nature and scope of threats, assessing our vulnerabilities in relation 
to these threats, preventing these threats from materializing, and 
preparing responses to and recovery from disasters resulting from acts 
of terrorism and nature. As the Secretary recently noted, before 
September 11 we did not have an effective aviation security system to 
protect the 2 million domestic air travelers who rely on commercial 
aviation every single day. Today, the traveling public benefits from 20 
layers of screening--from hardened cockpit doors; to Federal Air 
Marshals; to 100 percent screening of passengers and their bags by the 
dedicated men and women of the Transportation Security Administration 
(TSA).
    In conjunction with Secretary Chertoff, TSA is focused on risk-
based security using all of our resources--our people, our processes 
and our technology--to get ahead of the terrorist threat. Namely: To 
stop what is in progress; to disrupt and deter what is being planned; 
and to address vulnerabilities that will strengthen our core. Two 
recent items in the news remind us of the importance of these 
challenges and of how TSA has successfully met them.
    The first concerns the eight men currently standing trial in London 
who are accused of a plot to conduct suicide bombings during the summer 
of 2006 onboard passenger planes destined for North America. As details 
of that plot emerge, the public is learning that deception and the use 
of unconventional tactics are two of the staples employed by those who 
desire to do us harm. The plot involved targeting flights bound for San 
Francisco, New York, Washington, Chicago, Montreal, and Toronto with 
home-made liquid explosives capable of being assembled and detonated 
mid-flight. In opening statements, jurors were told that these 
transatlantic flights, all leaving Heathrow Airport within 2\1/2\ hours 
of one another, would be simultaneously blown up in midair with the 
goal of killing on ``an almost unprecedented scale.'' Immediately after 
the plot was foiled, TSA developed, with the help of the Science and 
Technology Directorate, the current 3-1-1 liquids policy which, to 
date, has proven to be an effective tool to manage the threat of liquid 
explosives.
    The second concerns a successful catch by our Behavior Detection 
Officers (BDOs) earlier this month at the Orlando International 
airport. On Tuesday, April 1, a Jamaica-bound passenger, Kevin Brown, 
aroused suspicion of TSA BDOs, who, working in conjunction with the 
Orlando Police Department, the Orange County Bomb Squad, and the 
Federal Bureau of Investigation, uncovered prohibited bomb-making 
materials located in the passenger's checked bag. Their swift action 
demonstrated that BDOs, trained to detect deceptive and suspicious 
behavior, are contributing to airline security by detecting and 
discovering dangerous people and dangerous items.
    Facing a risk of unparalleled dimension, TSA has clarified its 
mission by incorporating a risk-based and layered strategy into 
security operations and programs. In evaluating our resources, we have 
invested in promising technologies designed to more effectively aid us 
in achieving our security mission. To engage our workforce, we have 
relied upon the value of their input, provided provisions for their 
safety, rewarded their work ethic through pay for performance 
incentives, provided career progression opportunities, and invested in 
their professional potential with increased training programs. In order 
to leverage the value of our partners and stakeholders in the 
transportation security community, we have developed and fostered 
relationships with other government agencies, local law enforcement, 
and the private sector. Finally, strong management of these assets has 
enabled TSA to produce a spirit of evolution and a bold security 
approach focusing on people, process, and technology.
    Despite the challenges we have faced in implementing these ideals, 
we have made significant progress, which I feel privileged to highlight 
today.

                EVOLUTION OF SECURITY AT THE CHECKPOINT

    An effective security system must constantly be evolving. TSA is in 
the process of a fundamental shift in strategy for the security 
checkpoint which encompasses people, process, and technology. This is 
the most significant change occurring in passenger screening since 9/11 
and even since the checkpoint was first established in the 1970's. TSA 
has taken a fresh look at our checkpoint operations to see how we can 
improve security. We took what we know from the intelligence and 
security communities, we listened to our employees, we learned from 
passengers, we evaluated readily deployable technology, and have come 
up with changes that we are piloting.
    People.--The human element is critical to achieving a high standard 
of security. TSA is overhauling the process at the checkpoint and 
relying more on personal interaction to detect irregular behavior. 
TSA's introduction of behavior detection and assuming the position of 
travel document checker have proven to be valuable methods of 
identifying people who are exhibiting unusual signs of stress, fear, 
and/or deception at the checkpoint. Behavior detection draws a contrast 
between average levels of travel stress and those intending to do harm. 
Training all security officers to increase passenger interaction on a 
one-on-one basis will achieve a calmer, quieter environment that will 
result in heightened security.
    Process.--The current checkpoint during a peak travel period is 
often noisy and congested. Part of the noise comes from security 
officers shouting instructions at travelers. A chaotic, noisy congested 
checkpoint is a security nightmare because it can potentially conceal 
the enemy. The prototype at Thurgood Marshall Baltimore-Washington 
International Airport (BWI) gives screeners wireless whisper radio 
headsets which will allow them to perform their duties in a more low-
key demeanor and communicate more effectively with others on their 
team. Further, the prototype has light and sound elements designed to 
have a calming effect.
    Another simple yet effective program that improves the checkpoint 
process is Self-Select Lanes currently running in Salt Lake City, 
Orlando, Denver, Spokane, Boston, Orlando, Cincinnati, and Raleigh-
Durham, with more planned in the near future. Self-Select Lanes are 
comprised of a series of lanes designated by signage that directs 
passengers based on their travel needs and knowledge--Expert, for the 
business traveler who flies several times a month; Casual, for 
passengers that travel less frequently, but are familiar with the 
security process; and Family/Special Assistance, for passengers 
traveling with small children or strollers, elderly passengers, and 
passengers who may need special assistance. These lanes give passengers 
some control over the checkpoint process and have reduced the number of 
alarms and prohibited items at the checkpoint.
    Technology.--New technology does not currently exist to adequately 
address the threat alone so TSA, working closely with the Science and 
Technology Directorate, is investing in the development and deployment 
of proven technology, including multi-view X-ray and whole body 
imaging. These are the first significant additions to checkpoint 
technology since walk-through metal detectors and standard X-ray 
machines were introduced in the 1970's. Multi-view X-ray gives the 
security officers a better look at what is in the carry-on and will 
potentially speed up the process because fewer bag checks will be 
required. The other advantage is the equipment can be upgraded as new 
software algorithms are mastered.
    TSA introduced millimeter wave in Phoenix, and we will roll out 
this technology at LAX and JFK this month and BWI later this spring. 
This technology can detect items concealed on the body, including 
plastics, through a robotic image that will be viewed from a remote 
location. TSA will be working to socialize this technology with the 
American public. It is already in use in international transportation 
venues, and will improve security while maintaining passenger privacy 
by ensuring that images will not be saved or stored.

                          DEFINING OUR MISSION

Risk-Based, Layered Security
    Checkpoint evolution is based upon a risk-based strategy that 
requires us to envision the whole picture and implement selective and 
unpredictable security measures. TSA is focusing beyond the physical 
checkpoint--pushing our borders out and concentrating on persons with 
hostile intent or those conducting surveillance even if they are not 
carrying a prohibited item. By spreading our layers of security 
throughout the airport environment and elsewhere, we have multiple 
opportunities to detect terrorists and leverage the capabilities of our 
workforce, our partners, and our technology.
    Using this approach, we have significantly improved security at 
airports by deploying our workforce in new locations and for new 
functions. Our Travel Document Checker (TDC) program, which enhances 
security by detecting individuals who attempt to board an aircraft with 
fraudulent identification documents, has been implemented at all 
federalized airports. We deployed 1,323 Behavior Detection Officers 
(BDO) and trained them to identify potentially high-risk individuals 
who exhibit behaviors indicating hostile intent at over 88 of our 
busiest airports as part of the Screening Passengers by Observation 
Technique (SPOT) program. In cooperation with Federal, State and local 
law enforcement and aviation and surface transportation entities 
nationwide, we have also deployed Visible Intermodal Protection and 
Response (VIPR) teams, comprised of TSOs, BDOs, Transportation Security 
Inspectors (TSIs), and Federal Air Marshals. VIPR teams enhance the 
security of persons and critical infrastructure and prevent, prepare 
for, protect against, and respond to acts of terrorism in all modes of 
transportation at any location.
    Enhanced Employee Screening.--In addition to the extensive scrutiny 
that employees working in a sensitive airport environment must undergo 
before being allowed unescorted access to the Security Identification 
Display Areas (SIDA) or the sterile areas of our Nation's airports-
criminal history records checks and name-based checks against terrorist 
watchlists, we have developed the Aviation Direct Access Screening 
Program (ADASP), which conducts random and unpredictable screening of 
individuals employed at airports who enter secured areas of airports 
and their accessible property.
    Screening of Air Cargo.--In carrying out the Implementing 
Recommendations of the 9/11 Commission Act (9/11 Act), Pub. L. 110-53 
(2007), requirement of screening 100 percent of cargo transported on 
passenger aircraft, TSA is stressing effective security management of 
the air cargo supply chain. Collaborating with stakeholders--U.S.-based 
shippers, freight forwarders, and passenger air carriers--TSA is 
developing a program that will facilitate screening early in the supply 
chain using currently approved screening methods and stringent facility 
and personnel security standards. TSA will build upon our established 
programs: air cargo security regulations, Security Directives, and 
increased use of TSA-certified explosives detection canine teams and 
TSIs for Cargo.
    TSA's strategy will involve every component of the air cargo 
shipping system from the entity originating the freight to the freight 
consolidators/forwarders, airports, and finally to air carriers who 
transport the cargo--and the people involved in the process that have 
access to cargo at every point in the supply chain. This program is 
designed to harmonize with the international community since a large 
portion of air cargo moves on international flights.
    TSA employs 300 Cargo TSIs who are exclusively dedicated to the 
oversight of air cargo. An additional 150 air cargo TSIs will be added 
by the end of fiscal year 2008. Inspectors conducted more than 30,000 
compliance reviews in fiscal year 2006 and initiated more than 1,300 
formal investigations based on suspected non-compliance with TSA. Along 
with performing daily oversight of cargo operators, inspectors also 
conduct covert testing of the air cargo system and participate in 
``cargo strike'' surge activities at our Nation's largest cargo 
airports.
    General Aviation.--TSA is collaborating with the general aviation 
(GA) community and our interagency partners to develop reasonable, 
feasible, and effective security for GA operations while ensuring that 
these measures support continued operations and increased growth of the 
industry. TSA currently vets aircrew and passengers in certain high-
interest GA sectors, including flights flying into the ``Maryland-3'' 
airports (Potomac, Hyde, and College Park), GA flights flying into or 
out of Reagan Washington National Airport, and certain categories of 
private charter flights and general aviation aircraft. TSA is also 
working with aircraft operators and Fixed Base Operators directly to 
develop voluntary programs of verifying the identification of 
passengers on board aircraft and maintaining facility security in and 
around GA aircraft.
    Internationally, the U.S. Customs and Border Protection (CBP) 
recently issued a Notice of Proposed Rulemaking (NPRM) that will 
require GA operators to submit comprehensive manifest data about 
passengers, crew, and flight information electronically to CBP, as part 
of its Electronic Advance Passenger Information System (e-APIS), at 
least 60 minutes before the aircraft departs for the United States. 
Currently, we only receive very basic information from GA aircraft 
coming into the United States, such as who is and is not a U.S. 
citizen. Having this information an hour before departure will give CBP 
officers more time to fully pre-screen travelers and crews and take 
necessary actions to resolve threats.
Vetting
    TSA's Office of Transportation Threat Assessment and Credentialing 
(TTAC) consolidates the management of all vetting and credentialing 
programs designed to identify known or suspected terrorist threats 
seeking access to transportation systems, using terrorist-related 
threat assessments. Since late 2003, TTAC has continually vetted flight 
crews and other crewmembers on commercial and all-cargo flights flying 
internationally into, out of, or over the United States or its 
territorial airspace, representing about 50,000 crewmembers daily.
    TTAC's mission has expanded to include vetting in other critical 
sectors of transportation, including truck drivers applying for a 
HAZMAT endorsement and persons or entities within the United States 
engaging indirectly in air transportation of property on passenger 
aircraft. Also, each and every foreign national applying for flight 
training, leading to an additional skill, at any FAA-certified school 
anywhere in the world is vetted before beginning that training. TSA is 
seeking fee legislation to capture the costs related to these 
applications ensuring a self-supporting sustainable fee-funded program.
    Secure Flight.--To enhance the vetting of aviation passengers 
against terrorist watch lists, TSA published a NPRM to implement the 
Secure Flight program on August 23, 2007. As proposed, Secure Flight 
will bring the process of comparing passenger names against the watch 
list, now performed by aircraft operators, into the government and will 
align domestic and international passenger pre-screening. This will 
establish a more consistent and effective watch list matching process 
and enhance our ability to stop terrorists before they get to the 
passenger screening checkpoint. TSA is now evaluating the comments 
received from the public and industry and preparing the Final Rule. We 
have taken the time to build the Secure Flight program right. We have 
built a program with the operational requirements necessary to enhance 
aviation security while protecting the privacy and civil liberties of 
the traveling public. The DHS Traveler Redress Inquiry Program (DHS 
TRIP) is available for passengers who feel they have been improperly 
delayed or prohibited from boarding an aircraft.
    TSA has begun voluntary testing with airlines to validate the 
Secure Flight watch list matching system, in which volunteer aircraft 
operators provide data to TSA, while continuing to conduct watch list 
checks for their flights. TSA will compare the results of its watch 
list matching with these air carrier results to ensure the validity of 
the Secure Flight system.
    Transportation Worker Identify Card (TWIC).--The TWIC program 
provides a tamper-resistant biometric credential to maritime workers 
requiring unescorted access to secure areas of port facilities and 
vessels regulated under the Maritime Transportation Security Act of 
2002, Pub. L. 107-295. As of April 8, 2008, TSA has enrolled more than 
213,000 port workers at approximately 90 fixed enrollment centers and 
expects to complete national roll-out of 147 fixed enrollment centers 
and enroll nearly 1 million workers during 2008.
    In cooperation with the United States Coast Guard (USCG), we have 
initiated pilot programs with partners in five distinct locations 
across the country to test card readers in real world marine 
environments. Current participants are the Port Authorities of Los 
Angeles, Long Beach, Brownsville, and New York/New Jersey, and vessel 
operations in Annapolis, Maryland and Vicksburg, Mississippi. We are 
also working with DHS's Science and Technology Directorate and the 
National Institute of Standards and Technology (NIST) to execute our 
test plan that will evaluate the card-reader interface under a variety 
of conditions and assess its impact on operations.

                   EFFICIENTLY ALIGNING OUR RESOURCES

People
    TSA continues to seek efficiencies in our field operations. Through 
the use of the Staffing Allocation Model (SAM), we are able to identify 
operational and efficiency gains by better utilizing our TSOs. We have 
improved our TSO scheduling to more accurately align with passenger 
loads and air carrier schedules, increased the use of part-time 
employees and expanded the use of ``split-shift'' employees to increase 
staffing during high-volume periods. We have also installed computers 
at or near screening checkpoints to allow a more efficient use of TSO 
time for training and reduce their time away from checkpoints.
Technology
    As a result of our close relationship with the Science and 
Technology Directorate, working through the Capstone Integrated Product 
Team (IPT) process, we are constantly seeking new technology solutions. 
The events on 9/11 and the details of the London plot being made public 
now teach us that we must anticipate threats that continue to grow in 
sophistication and complexity. This effort includes leveraging the 
skills of our TSOs with new technology designed to increase threat 
detection and improve efficiencies in checkpoint throughput. We added 
23 in-line Explosives Detection Systems (EDS) for checked baggage 
screening at airports and are adding significant next generation 
technologies. We are deploying liquids scanning devices at checkpoints 
and are now using a hand-held liquids scanner for non-checkpoint 
screening locations. We will begin deploying Advanced Technology (AT) 
X-ray equipment for carry-on baggage, which provides TSOs with a better 
capability to identify and detect threats through improved imagery and 
analysis tools.
    Other technology is being evaluated. We are pilot testing whole 
body imagers to quickly and safely screen passengers for prohibited 
items without the need for physical contact on a voluntary basis. We 
are exploring Automated Carry-On Explosives Detection Systems (Auto-
EDS) for inspecting carry-on items, and we are testing new cast and 
prosthesis scanners that will provide a safe, dignified, and non-
invasive way to identify potential threats and clear passengers wearing 
casts, braces, and prosthetic devices. Finally, we are evaluating 
several new products that will greatly increase the speed of handling 
and screening checked baggage, particularly when integrated into an 
airport's baggage handling system, while reducing the size of the 
footprint of the baggage screening location.
    The President's fiscal year 2009 budget request reflects TSA's plan 
to strategically deploy additional technology that will improve 
security for passengers, generate additional staffing efficiencies, and 
improve the passenger's travel experience. The request anticipates an 
additional $426 million annually in mandatory funds generated by a 4-
year $0.50 temporary surcharge on the passenger security fee with a 
maximum increase of $1.00 per one-way trip. The temporary surcharge 
would be deposited into the Aviation Security Capital Fund (ASCF) for 
the specific purpose of purchasing, installing, and recapitalizing 
inline EDS. This is being requested together with a proposal to allow 
for more flexible funding of inline EDS, including the discretionary 
use of letters of intent. This additional funding will allow TSA and 
our airport partners to greatly accelerate the implementation of the 
checked baggage screening investment plan.
Improvised Explosive Device (IED) Mitigation
    Our TSOs undergo some of the world's most intensive IED training to 
understand the nature of explosives and detect even the most cleverly 
conceived devices. To learn to identify anomalies and enhance detection 
of liquid explosives and other emerging threats, TSOs receive extensive 
classroom, checkpoint, and computer-based IED recurrent training. 
Practical exercises further enhance the ability to carefully scrutinize 
the images which appear on the X-ray machines in order to recognize IED 
components that are artfully concealed or disguised as innocuous items, 
such as gels, shampoos, toothpaste, and shaving cream within bottles 
and containers. The training is flexible and updated to respond to any 
new potential threat against the Nation's transportation systems. 
Additionally, TSA deploys special bomb simulation kits for recurrent 
training purposes at all airport checkpoints. These kits are designed 
to train TSOs to ``think like a terrorist,'' by creatively constructing 
and concealing simulated explosive components and materials, and 
attempting to get them through the checkpoints.

                         ENGAGING OUR WORKFORCE

    The success of any operation depends on the quality of the people 
involved. TSA has had a major focus on improving security by improving 
the capabilities of its people. Better recruiting and hiring, better 
training, better incentive systems, career progression opportunity, 
more involvement in decisions effecting the workforce, and more 
recognition of the critical role played by our people--these efforts 
all have a positive effect on the security result TSA delivers.
    Training.--We are in the process of rolling out a major training 
package that ties together the latest intelligence analysis, more 
advanced explosives detection skills, and ways to engage with 
passengers in a way that gets calmer environment and better security 
result.
    Career Progression.--The Career Progression Program has been in 
effect for a full year in fiscal year 2007. This program provides 
widespread career growth and professional development opportunities for 
high-performing TSOs. The plan allows TSOs to continue to advance in 
their work based on their skills and performance; this will open up 
more opportunities for TSOs to potentially qualify for security, 
protection, or law enforcement jobs elsewhere within the Department of 
Homeland Security.
    Policies.--Recently, I met with the second generation National 
Advisory Committee (NAC-2), which is a group comprised of all levels of 
screening personnel selected by their peers. Together, we made 
significant changes to the performance management system based on their 
recommendations because we want our security professionals engaged in 
their work and gaining knowledge through training as opposed to being 
bogged down with assessment requirements. We want our supervisors and 
managers on the floor, coaching and involved with the activity at the 
checkpoint, not spending all of their time with program administration. 
TSA leadership is serious about implementing human capital policies, 
including pay, that reflect the critical importance of TSA people being 
engaged and motivated for our vital job.
    Safety.--Maintaining a healthy, able-bodied workforce is also 
critical to TSA's mission. We have improved workplace safety through a 
series of aggressive initiatives, including Optimization and Safety 
Integrated Product Teams, involvement of the National Advisory Council 
in planning aspects of the Safety program including the Safety Week 
Campaign, the deployment of contract safety specialists to support TSA 
field operations, and timely investigation of incidents to identify and 
correct safety problems. We have automated the injury claim filing 
process for injured TSOs to ensure that benefits are uninterrupted, and 
our Nurse Case Manager Program is helping to return injured TSOs to 
productive duty once they are medically capable. As a result, we 
reduced the number of TSO Lost Time injuries and illnesses by 26.1 
percent from 4,367 in fiscal year 2006 to 3,228 in fiscal year 2007--a 
reduction to 7.19 injuries per 200,000 work hours.

            DEVELOPING STRONG PARTNERSHIPS WITHIN ALL MODES

Surface Transportation Security
    Strong partnerships have especially proven to be critical as we 
expand our presence in modes of surface transportation security. TSA 
continues to make progress in addressing major system wide security 
risks in surface transportation and build information sharing networks. 
We work closely with stakeholders in these industries, putting an 
emphasis on sharing intelligence, capacity, and technology with that of 
other law enforcement, intelligence or other agencies at every level of 
government. We also continue to work closely with the Department of 
Transportation (DOT), its various modal administrations, and the many 
other surface transportation stakeholders to enhance security through 
partnerships, proposed regulations, and the Federal Emergency 
Management Agency (FEMA) with grant planning, evaluation and awards.
    Freight Rail.--Secretary Chertoff established the priority goal of 
achieving a 50 percent reduction in the objectively measured risk posed 
by rail cars carrying toxic inhalation hazards (TIH) by the end of 
2008. To achieve this goal, TSA has implemented a multi-layered 
security strategy which includes regulatory development, cooperative 
agreements, and comprehensive risk-based programs. To objectively 
measure success in reducing the risk associated with TIH rail 
transportation, TSA developed a program that will track and measure the 
standstill time of TIH cars in high threat urban areas (HTUA)'s. Using 
a detailed set of tracking data and comprehensive field inspections, to 
date TSA has been able to document a 42.9 percent reduction in the 
overall risk.
    On December 21, 2006, TSA published a proposed rule (NPRM) to 
strengthen the security of the Nation's freight rail systems in (HTUA). 
The NPRM addressed shippers, carriers, and receivers of TIHs and other 
security-sensitive materials by rail. Proposed requirements include 
railcar location reporting within a specific time period and the 
establishment of a secure chain of custody from shippers to railroads 
and from railroads to receivers within HTUAs. TSA also proposed 
requirements for designating rail security coordinators and suspicious 
incident reporting by rail mass transit, passenger rail, and all 
freight rail carriers. We intend to publish this final rule by the end 
of the year.
    Passenger Transit Programs and Grants.--As a strategic priority, 
TSA focuses on elevating terrorism prevention and immediate response 
capabilities in passenger transit systems through operational 
deterrence, security training and exercises, and key infrastructure 
protection.
    A critical component of this effort is the Baseline Assessment for 
Security Enhancement (BASE). TSA Transportation Security Inspectors 
assess passenger transit systems in 17 areas foundational to an 
effective security program. Applying the results of the 63 
comprehensive security assessments completed to date, TSA has developed 
and implemented programs and allocated resources for counterterrorism 
training of frontline employees, dedicated anti-terrorism operational 
packages, and transit system-focused terrorism prevention and response 
exercises--each eligible for funding as priorities under the Transit 
Security Grant Program.
    The success of the BASE program reflects the close security 
partnership developed with passenger transit systems. To facilitate 
development of effective security strategies and programs, TSA 
established the Transit Policing and Security Peer Advisory Group. 
Formed under the framework of the Government and Sector Coordinating 
Councils, the Advisory Group brings together the expertise of 15 
transit police chiefs and security directors from systems across the 
Nation as a consultative forum with extensive experience to help align 
security strategies and programs with operational realities.
    Highway.--TSA is working on a number of strategies to close gaps in 
security in various aspects of the highway sector-school buses, over-
the-road buses, commercial motor vehicles (CMV), HAZMAT motor carriers, 
and highway infrastructure. Collaborating with industry and our 
governmental partners, ongoing programs and initiatives include 
training and development of standards and guidelines. TSA partners with 
the Federal Emergency Management Agency (FEMA) to support these 
efforts.
    To facilitate information sharing, the Highway and Motor Carrier 
Sector Government Coordinating Council (GCC) and Sector Coordinating 
Council (SCC) meet on a regular basis. TSA has also developed a 
Homeland Security Information Network Highway portal, a TSA Highway & 
Motor Carrier (HMC) Web page, an internal TSA Highway and Motor monthly 
newsletter for field personnel, and contributes security notes to 
industry trade periodicals. The Highway and Motor Carrier Industry 
Information and Analysis Center and Highway Watch programs are active 
and continually processing reports from highway operators and sharing 
information between industry and TSA.
    To facilitate domain awareness, TSA conducts Corporate Security 
Reviews (CSRs) with motor vehicle transportation organizations, as well 
as organizations that maintain or operate key physical assets within 
the highway transportation community with a current focus on the 
transportation of HAZMAT by motor carriers. TSA is developing a pilot 
project for testing the feasibility of tracking trucks carrying HAZMAT 
by location and load type. The pilot includes the development of a set 
of protocols capable of interfacing with existing truck tracking 
systems, State and local government intelligence operations centers, 
Federal law enforcement agencies, and first responders. The Integrated 
Intermodal Information System-Domestic Feasibility Study focused on the 
transportation of Extremely Hazardous Materials throughout the domestic 
transportation system.
    Pipeline.--TSA initiated a number of programs to assist pipeline 
companies in their efforts to secure these vital systems. For example, 
through the CSR Program, we have reviewed company adoption of the 
pipeline security guidelines and developed a best security practices 
document based on observations throughout the industry.
    TSA partnered with our counterparts in Natural Resources Canada 
(NRCan) to hold an International Pipeline Security Forum. This event 
provided an opportunity for pipeline companies, industry associations, 
and government representatives to exchange security information and 
best practices. We continue to work with NRCan on cross-border pipeline 
assessments in accordance with the Security and Prosperity Partnership 
agreement.
9/11 Act Implementation
    Finally, the recent 9/11 Act implemented important recommendations 
from the 
9/11 Commission and affirmed that Congress remains one of our strongest 
partners. This legislation received overwhelming support from Members 
of Congress and provided TSA with much needed tools to evolve 
transportation security. In particular, we are pleased to now have the 
authority to establish an administrative process for civil enforcement 
of surface transportation regulations and orders, the flexibility to 
develop a robust air cargo screening program that maintains the flow of 
commerce, and the authority for VIPR teams to operate in all modes of 
transportation. Overall, the act authorized 33 programs and 20 
rulemaking actions for TSA, many of which were already initiated by 
TSA. Fiscal year 2009 will be the first full year of TSA's expanded 
inspector work force and K-9 team deployment, both strongly supported 
in the 9/11 Act. TSA will utilize this legislation as another vehicle 
to deliver the evolution of transportation security.

                               CONCLUSION

    The needs of people must continue to drive the focus of 
transportation security. The American people and the traveling public 
require a transportation infrastructure that can be secured without the 
expense of unreasonable burdens. The people in our workforce require 
investments that will allow them to perform effectively and grow 
professionally. The people within our homeland security partnerships 
and network require cooperation, communication, and leadership. The 
strength of these relationships has been fundamental to our progress 
and must continue to remain a focal point as we more forward.
    Madam Chairwoman, thank you again for this opportunity to highlight 
the progress TSA has made since its creation and to provide a road map 
for the evolution of transportation security. I look forward to our 
continued work together and would be pleased to respond to your 
questions.

    Ms. Jackson Lee. Thank you very much for your testimony.
    I now recognize Ms. Berrick to summarize her statement for 
5 minutes.

STATEMENT OF CATHLEEN BERRICK, DIRECTOR, HOMELAND SECURITY AND 
           JUSTICE, GOVERNMENT ACCOUNTABILITY OFFICE

    Ms. Berrick. Thank you, Madam Chairwoman and Ranking Member 
Bilirakis for inviting me here to discuss GAO's work assessing 
TSA's progress in securing the transportation network and 
needed focus moving forward.
    Since its creation, we have reported that TSA has made 
moderate progress in securing aviation and surface 
transportation modes. In other words, we reported that TSA has 
generally achieved between half and three-quarters of the 
expectations set out for them by Congress, the administration 
and DHS itself.
    With respect to progress, we found that TSA has made 
significant achievements in the following four key areas: 
hiring, deploying, training and measuring the performance of 
its aviation security workforce; developing, implementing and 
testing procedures for screening passengers and baggage; 
deploying systems to screen checked baggage for explosives; and 
conducting risk assessments, partnering with stakeholders and 
administering grant programs for surface transportation 
systems.
    For example, we reported that TSA has developed robust 
training programs for TSOs, including enhanced explosives 
detection training. TSA also issued strategies for securing 
transportation modes and is pursuing a rulemaking to guide its 
efforts in securing passenger and freight rail systems.
    However, we found that other key areas need continued 
attention, both in the short and long terms. First, it is 
important that TSA move forward on initiatives to secure 
airport perimeters and access to restricted airport areas.
    Although TSA has completed technology pilots and issued 
guidelines for biometric identification systems, it has not yet 
determined how or when it will require the implementation of 
these systems nationwide. In addition, TSA is making progress 
in determining how to mitigate the risk posed by airport 
workers through an ongoing pilot, among other efforts. However, 
the agency has not yet made final decisions regarding how it 
will address this vulnerability.
    Second, with regard to checkpoint screening technologies, 
DHS and TSA have researched, developed, tested and initiated 
procurements of various technologies to detect explosives and 
plan to deploy new, enhanced technologies this year. However, 
to date, TSA has made limited progress in fielding emerging 
technologies due to performance, maintenance and planning 
issues.
    Third, although TSA has made significant progress in 
strengthening the development of Secure Flight, a government-
run program to match passenger information against a terrorist 
watch list, some challenges remain, including the need for more 
sound program cost and schedule estimates, better management of 
program risks and test plans that reflect comprehensive systems 
testing.
    Fourth, TSA made progress on a number of fronts in securing 
air cargo and is pursuing a plan to meet the congressional 
mandate to screen 100 percent of cargo on passenger aircraft. 
However, TSA has placed less attention on cargo transported 
into the United States from foreign locations and DHS and TSA 
have made limited progress in deploying technologies to screen 
cargo.
    Finally, TSA will need to continue to define its regulatory 
or other role with respect to all surface transportation modes 
and more clearly define the mission and capabilities of its 
inspections workforce. For example, it is unclear whether TSA's 
surface inspectors will be able to support the increased 
workload expected in implementing the requirements of the 9/11 
Act and new security regulations.
    In conducting our work, we have found that a variety of 
cross-cutting issues have impacted DHS and its components' 
efforts, including TSA. These include developing results-
oriented goals and measures to assess performance, integrating 
a risk-based approach to guide investments and establishing 
effective frameworks for coordinating with stakeholders.
    TSA has placed attention on and continues to make progress 
in addressing all of these issues. We are currently reviewing 
TSA's efforts in many of these key areas and will continue to 
report to the Congress and the public on the results of our 
work.
    This concludes my opening statement. I look forward to your 
questions.
    [The statement of Ms. Berrick follows:]

               Prepared Statement of Cathleen A. Berrick
                             April 15, 2008

  TRANSPORTATION SECURITY: EFFORTS TO STRENGTHEN AVIATION AND SURFACE 
  TRANSPORTATION SECURITY CONTINUE TO PROGRESS, BUT MORE WORK REMAINS
                              GAO-08-651T

    Madam Chairwoman and Members of the subcommittee, I appreciate the 
opportunity to participate in today's hearing to discuss the Department 
of Homeland Security's (DHS) progress and challenges in securing our 
Nation's transportation systems. The Transportation Security 
Administration (TSA) is charged with securing the transportation 
network while ensuring the free movement of people and commerce. Other 
DHS components, Federal agencies, State and local governments, and the 
private sector also play a role in transportation security. In carrying 
out its broader homeland security responsibilities, DHS faces the 
challenge of determining how to allocate its finite resources within 
the transportation system and across all sectors to address threats and 
strengthen security. My testimony today focuses on: (1) The progress 
TSA and other DHS components have made in securing the Nation's 
aviation and surface transportation systems, and the challenges that 
remain; and (2) crosscutting issues that have impeded TSA's efforts in 
strengthening security. My comments are based on GAO reports and 
testimonies issued from February 2004 to February 2008 and selected 
updates to this work obtained in April 2008. In obtaining these 
updates, we reviewed documents related to TSA security efforts and 
interviewed TSA and transportation industry officials. In addition, we 
included some of our preliminary findings from ongoing work regarding 
the security of the Nation's aviation and surface transportation 
systems. We conducted these performance audits in accordance with 
generally accepted government auditing standards. Those standards 
require that we plan and perform the audit to obtain sufficient, 
appropriate evidence to provide a reasonable basis for our findings and 
conclusions based on our audit objectives. We believe that the evidence 
obtained provides a reasonable basis for our findings and conclusions 
based on our audit objectives.

                                SUMMARY

    TSA has undertaken a number of initiatives to strengthen the 
security of the Nation's commercial aviation and surface transportation 
systems. Specifically, TSA has hired and deployed a Federal work force 
of over 50,000 passenger and checked baggage screeners, and installed 
equipment at the Nation's more than 400 commercial airports to provide 
the capability to screen all checked baggage using explosive detection 
systems, as mandated by law.\1\ TSA has since turned its attention to, 
among other things, strengthening passenger prescreening--in general, 
the matching of passenger information against terrorist watch lists 
prior to an aircraft's departure; more efficiently allocating, 
deploying, and managing the transportation security officer (TSO)--
formerly known as screener--workforce; strengthening screening 
procedures; researching and developing more effective and efficient 
screening technologies; and strengthening procedures to ensure the 
security of air cargo. TSA has also begun efforts to evaluate the 
effectiveness of security-related technologies, such as biometric 
identification systems, to secure access to restricted areas at 
airports. DHS's U.S. Customs and Border Protection (CBP) has also taken 
steps to strengthen passenger prescreening for passengers on 
international flights operating to or from the United States, as well 
as inspecting inbound air cargo upon its arrival in the United States. 
DHS's Science and Technology (S&T) Directorate has also taken actions 
to research and develop aviation security technologies. With regard to 
surface transportation modes, TSA has developed a strategic approach 
for securing these systems; established security standards for certain 
transportation modes; and conducted threat, criticality, and 
vulnerability assessments of surface transportation assets, 
particularly related to passenger and freight rail. TSA has also hired 
and deployed compliance inspectors and conducted inspections of 
passenger and freight rail systems. Finally, DHS has developed and 
administered grant programs for various surface transportation modes.
---------------------------------------------------------------------------
    \1\ See GAO, Department of Homeland Security: Progress Report on 
Implementation of Mission and Management Functions, GAO-07-454 
(Washington, DC: Aug. 17, 2007); GAO, Department of Homeland Security: 
Progress Report on Implementation of Mission and Management Functions, 
GAO-07-1081T (Washington, DC: Sept. 6, 2007); and GAO, Department of 
Homeland Security: Progress Report on Implementation of Mission and 
Management Functions, GAO-07-1240T (Washington, DC: Sept. 18, 2007).
---------------------------------------------------------------------------
    While these efforts have helped to strengthen the security of the 
transportation network, DHS still faces a number of key challenges that 
should be addressed to meet the goals and requirements set out for them 
by Congress, the administration, and the Department itself. For 
example, regarding commercial aviation, although TSA has made much 
progress in developing Secure Flight--a government-run passenger 
prescreening system--in February 2008, we reported that it can further 
strengthen its efforts by developing more-sound cost and schedule 
estimates, and strengthening security controls. In addition, while TSA 
has taken actions to enhance perimeter security and restrict access to 
secure areas at airports, it can further strengthen its efforts to 
reduce the risks posed by airport employees. TSA has also not developed 
a plan to guide and support individual airports and the commercial 
airport system as a whole with respect to future technology 
enhancements for perimeter security and access controls. Further, TSA 
is only recently beginning to deploy new checkpoint technologies to 
address key existing vulnerabilities, and has not yet developed and 
implemented technologies needed to screen air cargo. With regard to 
surface transportation security, while TSA has initiated efforts to 
develop security standards for surface transportation modes, these 
efforts have been limited to passenger and freight rail. Moreover, 
although TSA has made progress in conducting compliance inspections of 
some surface transportation systems, inspectors' roles and missions 
have not been fully defined.
    A variety of crosscutting issues have affected DHS's and, as they 
relate to transportation security, TSA's efforts in implementing its 
mission and management functions. These key issues include strategic 
planning and results management, risk management, and stakeholder 
coordination. For example, TSA has not always implemented effective 
strategic planning efforts, fully developed performance measures, or 
put into place structures to help ensure that it is managing for 
results. In addition, DHS and its components can more fully adopt and 
apply a risk-management approach in implementing its security mission 
and core management functions,\2\ and more fully coordinate their 
activities with key stakeholders. DHS and TSA have strengthened their 
efforts in these areas, but more work remains.
---------------------------------------------------------------------------
    \2\ A risk management approach entails a continuous process of 
managing risk through a series of actions, including setting strategic 
goals and objectives, assessing risk, evaluating alternatives, 
selecting initiatives to undertake, and implementing and monitoring 
those initiatives.
---------------------------------------------------------------------------
                               BACKGROUND

    The Aviation and Transportation Security Act (ATSA), enacted in 
November 2001, created TSA and gave it responsibility for securing all 
modes of transportation.\3\ TSA's aviation security mission includes 
strengthening the security of airport perimeters and restricted airport 
areas; hiring and training a screening work force; prescreening 
passengers against terrorist watch lists; and screening passengers, 
baggage, and cargo at the over 400 commercial airports nationwide, 
among other responsibilities. While TSA has operational responsibility 
for physically screening passengers and their baggage at most airports, 
TSA exercises regulatory, or oversight, responsibility for the security 
of airports and air cargo. Specifically, airports, air carriers, and 
other entities are required to implement security measures in 
accordance with TSA security requirements, against which TSA evaluates 
their compliance efforts.
---------------------------------------------------------------------------
    \3\ Pub. L. No. 107-71, 115 Stat. 597 (2001).
---------------------------------------------------------------------------
    TSA also oversees air carriers' efforts to prescreen passengers--in 
general, the matching of passenger information against terrorist watch 
lists prior to an aircraft's departure--and plans to take over 
operational responsibility for this function with the implementation of 
its Secure Flight program. CBP, which currently has responsibility for 
prescreening airline passengers on international flights departing from 
and bound for the United States, will continue to perform this function 
until TSA assumes this function under Secure Flight. DHS's S&T is 
responsible for researching and developing technologies to secure the 
transportation sector.
    TSA shares responsibility for securing surface transportation modes 
with Federal, State, and local governments and the private sector. 
TSA's security mission includes establishing security standards and 
conducting assessments and inspections of surface transportation modes, 
including passenger and freight rail; mass transit; highways and 
commercial vehicles; and pipelines. The Federal Emergency Management 
Agency's Grant Programs Directorate provides grant funding to surface 
transportation operators and State and local governments, and in 
conjunction with certain grants, the National Protection and Programs 
Directorate conducts risk assessments of surface transportation 
facilities. Within the Department of Transportation (DOT), the Federal 
Transit Administration (FTA) and Federal Railroad Administration (FRA) 
have responsibilities for passenger rail safety and security. In 
addition, public and private sector transportation operators are 
responsible for implementing security measures for their systems.

  DHS HAS MADE PROGRESS IN SECURING THE NATION'S AVIATION AND SURFACE 
             TRANSPORTATION SYSTEMS, BUT MORE WORK REMAINS

    DHS, primarily through TSA, has undertaken numerous initiatives to 
strengthen the security of the Nation's aviation and surface 
transportation systems. In large part, these efforts have been guided 
by legislative mandates designed to strengthen the security of 
commercial aviation following the September 11, 2001, terrorist 
attacks. These efforts have also been affected by events external to 
the Department, including the alleged August 2006 terrorist plot to 
blow up commercial aircraft bound from London to the United States, and 
the 2004 Madrid and 2005 London train bombings. While progress has been 
made in many areas with respect to securing the transportation network, 
we found that the Department can strengthen its efforts in some key 
areas outlined by Congress, the administration, and the Department 
itself, as discussed below.
Aviation Security
    Airport Perimeter Security and Access Controls. TSA has taken 
action to strengthen the security of airport perimeters and access to 
restricted airport areas. However, as we reported in June 2004, the 
agency can further strengthen its efforts to evaluate the effectiveness 
of security-related technologies and reduce the risks posed by airport 
employees, among other things.\4\ In 2006, TSA completed the last 
project in an access control pilot program that included 20 airports, 
and which was designed to test and evaluate new and emerging 
technologies in an airport setting. TSA is also conducting an airport 
perimeter security pilot at six airports, to test technologies such as 
vehicle inspection systems. However, TSA has not developed a plan to 
guide and support individual airports and the commercial airport system 
as a whole with respect to future technology enhancements for perimeter 
security and access controls. Without such a plan, TSA could be limited 
in assessing and improving the effectiveness of its efforts to provide 
technical support for enhancing security. In addition, we reported in 
September 2006 and October 2007 on the status of the development and 
testing of the Transportation Worker Identification Credential 
program--DHS's effort to develop biometric access control systems to 
verify the identity of individuals accessing secure transportation 
areas.\5\ However, DHS has not yet determined how and when it will 
implement a biometric identification system for access controls at 
commercial airports. In June 2004, we reported that while background 
checks were not required for all airport workers, TSA required most 
airport workers who perform duties in selected areas to undergo a 
fingerprint-based criminal history records check. TSA further required 
airport operators to compare applicants' names against TSA's security 
watch lists. In July 2004, consistent with our previous recommendation 
to determine the need for additional security requirements to reduce 
the risks posed by airport employees, TSA enhanced requirements for 
background checks for employees working in restricted airport areas. 
Also consistent with our recommendation, in 2007, TSA further expanded 
the Security Threat Assessment--which determines, among other things, 
whether an employee has any terrorist affiliations--to require airport 
employees who receive an airport-issued identification badge to undergo 
a review of citizenship status.\6\ Further, in March 2007, TSA 
implemented a random employee screening initiative--the Aviation Direct 
Access Screening Program--that uses TSOs to randomly screen airport 
workers and their property for explosives and other threat items. TSA 
has allocated about 900 full-time equivalent positions to the program 
and has requested $36 million for fiscal year 2009 for an additional 
750 full-time equivalent positions. As directed by Congress in 2008, 
TSA plans to pilot test various employee screening methods at seven 
selected airports, including conducting 100 percent employee screening 
at three of these airports.\7\ TSA plans to begin pilot testing in May 
and report on the results of its efforts--as directed--by September 1, 
2008. Finally, consistent with our previous recommendation to develop 
schedules and an analytical approach for completing vulnerability 
assessments, TSA has developed criteria for prioritizing vulnerability 
assessments at commercial airports. However, it has not compiled 
national baseline data to fully assess security vulnerabilities across 
airports. In 2004, TSA said an analysis of vulnerabilities on a 
nationwide basis was essential since it would allow the agency to 
assess the adequacy of security policies and help better direct limited 
resources. GAO is currently reviewing TSA's efforts to enhance airport 
perimeter and access control security and will report on our results 
later this year.
---------------------------------------------------------------------------
    \4\ GAO, Aviation Security: Further Steps Needed to Strengthen the 
Security of Commercial Airport Perimeters and Access Controls, GAO-04-
728 (Washington, DC: June 2004).
    \5\ GAO, Transportation Security: DHS Should Address Key Challenges 
Before Implementing the Transportation Worker Identification Credential 
Program, GAO-06-982 (Washington, DC: September 2006) and Transportation 
Security: TSA Has Made Progress in Implementing the Transportation 
Worker Identification Credential Program, but Challenges Remain, GAO-
08-133T (Washington, DC: October 31, 2007).
    \6\ TSA began conducting a name-based terrorist link analysis 
against selected terrorism databases in 2002 for workers who performed 
duties in selected airport areas.
    \7\ The Explanatory Statement accompanying Division E of the 
Consolidated Appropriations Act, 2008 (Pub. L. No. 110-161, Div. E, 121 
Stat. 1844, 2042 (2007), allocates $15,000,000 in appropriated funds 
for TSA to pilot-test various forms of employee screening at seven 
commercial airports. Among other things, TSA is to collect data on the 
benefits, costs, and impacts of 100 percent airport employee screening 
as well as of the alternative screening approaches, and brief the 
committees on Appropriations on the progress and results of the pilot 
projects no later than September 1, 2008.
---------------------------------------------------------------------------
    Aviation Security Workforce. TSA has made progress in deploying, 
training, and assessing the performance of its Federal aviation 
security work force. For example, TSA has hired and deployed a Federal 
screening work force at over 400 commercial airports nationwide, and 
developed standards for determining TSO staffing levels at airports.\8\ 
These standards form the basis of TSA's Staffing Allocation Model, 
which the agency uses to determine TSO staffing levels at airports. In 
response to our recommendation,\9\ in December 2007 TSA developed a 
Staffing Allocation Model Rates and Assumptions Validation Plan that 
identifies the process the agency plans to use to review and validate 
the model's assumptions on a periodic basis. TSA also established 
numerous programs to train and test the performance of its screening 
work force. Among other efforts, TSA has provided enhanced explosives-
detection training, and recently reported developing a monthly 
recurrent (ongoing) training plan for all TSOs. In addition, TSA has 
trained and deployed Federal air marshals on high-risk flights; 
established standards for training flight and cabin crews; and 
established a Federal Flight Deck Officer program to select, train, and 
allow authorized flight deck officers to use firearms to defend against 
any terrorist or criminal acts. In April 2006, TSA implemented a 
performance accountability and standards system to assess agency 
personnel at all levels on various competencies, including training and 
development, readiness for duty, management skills, and technical 
proficiency. Finally, in April 2007, TSA redesigned its local covert 
testing program conducted at individual airports. This new program, 
known as the Aviation Screening Assessment Program or ASAP, is intended 
to test the performance of the passenger and checked baggage screening 
systems, to include the TSO work force. During our ongoing review of 
TSA's covert testing program, we identified that TSA has implemented 
risk-based national and local covert testing programs to identify 
vulnerabilities in and measure the performance of selected aspects of 
the aviation system. However, we found that TSA could strengthen its 
program by developing a more systematic process for: (1) Recording the 
causes of covert test failures; and, (2) evaluating the test results 
and developing approaches for mitigating vulnerabilities identified in 
the commercial aviation security system. We will report on the complete 
results of this review later this year.
---------------------------------------------------------------------------
    \8\ TSA also oversees screening operations at airports utilizing 
private screeners under TSA's Screening Partnership Program. See 49 
U.S.C.  44920.
    \9\ GAO, Aviation Security: TSA's Staffing Allocation Model Is 
Useful for Allocating Staff Among Airports, but Its Assumptions Should 
Be Systematically Reassessed, GAO-07-299 (Washington, DC: Feb. 28, 
2007).
---------------------------------------------------------------------------
    Passenger Prescreening. Over the past several years, TSA has faced 
a number of challenges in developing and implementing an advanced 
prescreening system, known as Secure Flight,\10\ which will allow TSA 
to assume responsibility from air carriers for comparing domestic 
passenger information against the No Fly List and Selectee List.\11\ In 
February 2008, we reported that TSA had made substantial progress in 
instilling more discipline and rigor into Secure Flight's development 
and implementation, including preparing key systems development 
documentation and strengthening privacy protections.\12\ However, 
challenges remain that may hinder the program's progress moving 
forward. Specifically, TSA had not: (1) Developed program cost and 
schedule estimates consistent with best practices; (2) fully 
implemented its risk management plan; (3) planned for system end-to-end 
testing in test plans; and (4) ensured that information-security 
requirements are fully implemented. To address these challenges, we 
made several recommendations to DHS and TSA to incorporate best 
practices in Secure Flight's cost and schedule estimates and to fully 
implement the program's risk-management, testing, and information-
security requirements. DHS and TSA officials generally agreed with 
these recommendations. We are continuing to assess TSA's efforts in 
developing and implementing Secure Flight--which, according to TSA's 
planned schedule, will allow the agency to fully assume the watch list 
matching function from air carriers in fiscal year 2010. TSA has also 
taken steps to integrate the domestic watch-list matching function with 
the international watch-list matching function currently operated by 
CBP, consistent with our past recommendations. Specifically, TSA and 
CBP have coordinated to develop a strategy called the One DHS Solution, 
which is to align the two agencies' domestic and international watch-
list matching processes, information technology systems, and regulatory 
procedures to provide a seamless interface between DHS and the airline 
industry. TSA and CBP also agreed that TSA will take over the screening 
of passengers against the watch list for international flights from 
CBP, though CBP will continue to match passenger information to the 
watch list in fulfillment of its border-related functions. Full 
implementation of an integrated system is not planned to take place 
until after Secure Flight acquires the watch-list matching function for 
domestic flights.
---------------------------------------------------------------------------
    \10\ GAO, Aviation Security: Management Challenges Remain for the 
Transportation Security Administration's Secure Flight Program, GAO-06-
864T (Washington, DC: June 14, 2006) and GAO, Aviation Security: 
Progress Made in Systematic Planning to Guide Key Investment Decisions, 
but More Work Remains, GAO-07-448T (Washington, DC: Feb. 13, 2007).
    \11\ Passengers identified as being on the No Fly List must be 
denied boarding passes and must not be permitted to fly unless cleared 
in accordance with TSA security requirements. Passengers on the 
Selectee List are to be issued boarding passes, but they and their 
baggage are to undergo additional security measures.
    \12\ GAO, Aviation Security: Transportation Security Administration 
Has Strengthened Planning to Guide Investments in Key Aviation Security 
Programs, but More Work Remains, GAO-08-456T (Washington, DC: Feb. 28, 
2008).
---------------------------------------------------------------------------
    Checkpoint Screening. TSA has taken steps to strengthen passenger 
checkpoint screening procedures to enhance the detection of prohibited 
items and strengthen security; however, TSA could improve its 
evaluation and documentation of proposed procedures. In April 2007, we 
reported that modifications to checkpoint screening standard operating 
procedures (SOP) were proposed based on the professional judgment of 
TSA senior-level officials and program-level staff, as well as threat 
information and the results of covert testing.\13\ We also reported on 
steps TSA had taken to address new and emerging threats, such as 
establishing the Screening Passengers by Observation Technique (SPOT) 
program, which provides TSOs with a nonintrusive, behavior-based means 
of identifying potentially high-risk individuals. For proposed 
screening modifications deemed significant, such as SPOT, TSA 
operationally tested these proposed modifications at selected airports 
before determining whether they should be implemented nationwide. 
However, we reported that TSA's data collection and analysis of 
proposed SOP modifications could be improved, and recommended that TSA 
develop sound evaluation methods, when possible, to assess whether 
proposed screening changes would achieve their intended purpose. TSA 
has since reported taking steps to work with subject-matter experts to 
ensure that the agency's operational testing of proposed screening 
modifications are well designed and executed, and produce results that 
are scientifically valid and reliable. With regard to checkpoint 
screening technologies, TSA and S&T have researched, developed, tested, 
and initiated procurements of various technologies to address security 
vulnerabilities that may be exploited; however, limited progress has 
been made in fielding emerging technologies. For example, of the 
various emerging checkpoint screening projects funded by TSA and 
S&T,\14\ only the explosives trace portal and a bottled liquids 
scanning device have been deployed for use in day-to-day operations. 
However, due to performance and maintenance issues, TSA halted the 
acquisition and deployment of the portals in June 2006. Also, in 
February 2008, we testified that TSA lacked a strategic plan to guide 
its efforts to acquire and deploy screening technologies, which could 
limit its ability to deploy emerging technologies to airports deemed at 
highest risk.\15\ According to TSA officials, the agency plans to 
submit a strategic plan to Congress by June 2008. We have ongoing work 
reviewing S&T and TSA checkpoint screening technologies efforts and 
will report on our results later this year.
---------------------------------------------------------------------------
    \13\ GAO, Aviation Security: Risk, Experience, and Customer 
Concerns Drive Changes to Airline Passenger Screening Procedures, but 
Evaluation and Documentation of Proposed Changes Could Be Improved, 
GAO-07-634 (Washington, DC: Apr. 16, 2007).
    \14\ Examples of projects currently in research and development 
include the checkpoint explosives detection system and the whole body 
imager. Projects that have undergone initiated procurements include the 
cast and prosthesis scanner and the advanced technology systems.
    \15\ GAO-07-448T.
---------------------------------------------------------------------------
    Checked Baggage Screening. TSA has made significant progress in 
installing explosive detection systems to provide the capability to 
screen checked baggage at the Nation's commercial airports, as mandated 
by law. From November 2001 through June 2006, TSA procured and 
installed about 1,600 Explosive Detection Systems (EDS) and about 7,200 
Explosive Trace Detection (ETD) machines to screen checked baggage for 
explosives at over 400 commercial airports.\16\ In addition, based in 
part on recommendations we made, TSA moved stand-alone EDS machines 
that were located at airports that received new in-line EDS baggage 
screening systems to 32 airports that did not previously have them from 
May 2004 through December 2007. TSA also replaced ETD machines at 53 
airports with 158 new EDS machines from March 2005 through December 
2007. In response to mandates to field the equipment quickly and to 
account for limitations in airport design that made it difficult to 
quickly install in-line EDS systems, TSA generally placed baggage 
screening equipment in a stand-alone mode--usually in airport lobbies--
to conduct the primary screening of checked baggage for explosives.\17\ 
Based, in part, on our recommendations, TSA later developed a plan to 
integrate EDS and ETD machines in-line with airport baggage conveyor 
systems. The installation of in-line systems can result in considerable 
savings to TSA through the reduction of personnel needed to operate the 
equipment, as well as increased security. In addition, according to TSA 
estimates, the number of checked bags screened per hour can more than 
double when EDS machines are placed in-line versus being placed in the 
stand alone mode. Despite delays in the widespread deployment of in-
line systems due to the high upfront capital investment required, TSA 
is pursuing the installation of these systems and is seeking creative 
financing solutions to fund their deployment. In February 2008, TSA 
submitted a legislative proposal to increase the Aviation Security 
Capital Fund (ASCF) through a new surcharge on the passenger security 
fee. According to TSA, this proposal, if adopted, would accelerate the 
deployment of optimal checked baggage screening systems and address the 
need to re-capitalize existing equipment deployed immediately after 
September, 2001. The Implementing Recommendations of the 9/11 
Commission Act reiterates a requirement that DHS submit a cost-sharing 
study for the installation of in-line baggage screening systems, along 
with a plan and schedule for implementing provisions of the study, and 
requires TSA to establish a prioritization schedule for airport 
improvement projects related to the installation of in-line or other 
optimal baggage screening systems.\18\ As of April 3, 2008, TSA had not 
completed the prioritization schedule, corresponding timeline, and 
description of the funding allocation for these projects.
---------------------------------------------------------------------------
    \16\ Explosive detection systems (EDS) use specialized X-rays to 
detect characteristics of explosives that may be contained in baggage 
as it moves along a conveyor belt. Explosive trace detection (ETD) 
works by detecting vapors and residues of explosives. Human operators 
collect samples by rubbing swabs along the interior and exterior of an 
object that TSOs determine to be suspicious, and place the swabs in the 
ETD machine, which then chemically analyzes the swabs to identify any 
traces of explosive materials.
    \17\ See GAO, Aviation Security: TSA Oversight of Checked Baggage 
Screening Procedures Could Be Strengthened, GAO-06-869 (Washington, DC: 
July 2006), GAO, Aviation Security: Enhancements Made in Passenger and 
Checked Baggage Screening, but Challenges Remain, GAO-06-371T 
(Washington, DC: April 4, 2006), and GAO-07-448T.
    \18\ See Pub. L. No. 110-53,  1603-04, 121 Stat. 266, 480-81 
(2007).
---------------------------------------------------------------------------
    Air Cargo Security. TSA has taken steps to secure air cargo, 
including initializing efforts to provide the capability to screen 100 
percent of air cargo transported on passenger aircraft by 2010, but its 
efforts are not yet complete. In April 2007, we reported that TSA's Air 
Cargo strategic plan contained a strategy for securing domestic air 
cargo but did not include goals and objectives for addressing inbound 
air cargo, or cargo transported into the United States from a foreign 
country.\19\ We recommended that DHS develop a risk-based strategy for 
securing inbound air cargo including defining TSA's and CBP's inbound 
air cargo security responsibilities. CBP subsequently issued its 
International Air Cargo Security strategic plan in June 2007, and TSA 
plans to revise its Air Cargo strategic plan during the third quarter 
of fiscal year 2008 to incorporate a strategy for addressing inbound 
air cargo security, including how the agency will partner with CBP. We 
also reported that TSA had not conducted vulnerability assessments to 
identify the range of air cargo security weaknesses that could be 
exploited by terrorists, and recommended that TSA develop a methodology 
and schedule for completing these assessments.\20\ In response in part 
to our recommendation, TSA implemented an Air Cargo Vulnerability 
Assessment program in November 2006 and, as of April 2008, had 
completed vulnerability assessments at five domestic airports. TSA 
plans to complete assessments of all high-risk airports by 2009. In 
addition, although TSA has established requirements for air carriers to 
randomly screen air cargo, the agency had exempted some domestic and 
inbound cargo from these requirements. While TSA has since revised its 
screening exemptions for domestic air cargo, it has not done so for 
inbound air cargo. TSA is also working with DHS S&T to develop and 
pilot test a number of technologies to assess their applicability to 
screening and securing air cargo.\21\ However, as of February 2008, TSA 
had provided a completion date for only one of its five air cargo 
technology pilot programs. According to TSA officials, the agency will 
determine whether it will require the use of these technologies once it 
has completed its assessments and analyzed the results. We also 
reported in April 2007 that TSA did not systematically compile and 
analyze information on air cargo security practices used abroad to 
identify those that may strengthen the Department's overall air cargo 
security program, and we recommended that it do so.\22\ TSA has since 
begun development of a certified cargo screening program based in part 
on its review of screening models used in two foreign countries that 
rely on government-certified screeners to screen air cargo early in the 
supply chain.\23\ According to TSA, the agency plans to deploy this 
program to assist it in meeting the statutory requirement to screen 100 
percent of air cargo transported on passenger aircraft by August 2010 
(and to screen 50 percent of such cargo by February 2009), as mandated 
by the Implementing Recommendations of the 9/11 Commission Act.\24\ In 
January 2008, TSA began phase one of the program's pilot tests, and as 
of April 2008, had completed tests at six airports. TSA plans to 
conduct tests at three additional airports by June 2008.
---------------------------------------------------------------------------
    \19\ GAO, Aviation Security: Federal Efforts to Secure U.S.-Bound 
Air Cargo Are in the Early Stages and Could Be Strengthened, GAO-07-660 
(Washington, DC: Apr. 30, 2007).
    \20\ GAO, Aviation Security: Federal Action Needed to Strengthen 
Domestic Air Cargo Security, GAO-06-76 (Washington, DC: Oct. 17, 2005) 
and GAO-07-660.
    \21\ TSA's air cargo pilot programs include an air cargo explosives 
detection program; an EDS pilot program; an air cargo security seals 
pilot; the testing of hardened unit-loading devices; and, the testing 
of pulsed fast neutron analysis technology.
    \22\ GAO-07-660.
    \23\ According to TSA, the program will allow TSA-certified shipper 
sand manufacturers to screen air cargo before it leaves the factory. 
The screened cargo would then be secured with a tamper-resistant seal 
and transported to the airport for shipment.
    \24\ Pub. L. No. 110-53,  1602(a), 121 Stat. at 477-480 (2007) 
(codified at 49 U.S.C.  44901(g)).
---------------------------------------------------------------------------
Surface Transportation Security
    Strategic Approach for Implementing Security Functions. In 
September 2005, DHS completed the National Strategy for Transportation 
Security. This strategy identified and evaluated transportation assets 
in the United States that could be at risk of a terrorist attack and 
addressed transportation sector security needs. Further, in May 2007, 
DHS issued a strategic plan for securing the transportation sector and 
supporting annexes for each of the surface transportation modes, and 
reported taking actions to adopt the strategic approach outlined by the 
plan. The Transportation Systems Sector-Specific Plan describes the 
security framework that is intended to enable sector stakeholders to 
make effective and appropriate risk-based security and resource 
allocation decisions within the transportation network. TSA has begun 
to implement some of the security initiatives outlined in the sector-
specific plan and supporting modal plans. Additionally, the 
Implementing Recommendations of the 
9/11 Commission Act imposes a deadline of May 2008, for the Secretary 
of DHS to develop and implement the National Strategy for Public 
Transportation Security. Our work assessing DHS's efforts in 
implementing its strategy for securing surface transportation modes is 
being conducted as part of our ongoing reviews of mass transit, 
passenger and freight rail, commercial vehicle, and highway 
infrastructure security. We will report on the results of this work 
later this year.
    Threat, Criticality, and Vulnerability Assessments. TSA has taken 
actions to assess risk by conducting threat, criticality, and 
vulnerability assessments of surface transportation assets, 
particularly for mass transit, passenger rail, and freight rail, but 
its efforts related to commercial vehicles and highway infrastructure 
are in the early stages. For example, TSA had conducted threat 
assessments of all surface modes of transportation. TSA has also 
conducted assessments of the vulnerabilities associated with some 
surface transportation assets. For example, regarding freight rail, TSA 
has conducted vulnerability assessments of rail corridors in eight High 
Threat Urban Areas where toxic-inhalation-hazard shipments are 
transported. With respect to commercial vehicles and highway 
infrastructure, TSA's vulnerability assessment efforts are ongoing. 
According to TSA, the agency performed 113 corporate security reviews 
on highway transportation organizations through fiscal year 2007, such 
as trucking companies, State Departments of Transportation, and 
motorcoach companies.\25\ However, TSA does not have a plan or a 
timeframe for conducting these reviews on a nationwide basis. 
Furthermore, DHS's National Protection and Programs Directorate's 
Office of Infrastructure Protection conducts vulnerability assessments 
of surface transportation assets to identify protective measures to 
reduce or mitigate asset vulnerability. With regard to criticality 
assessments, TSA reported in April 2008 that the agency had conducted 
1,345 assessments of passenger rail stations.\26\ Additionally, the 
Implementing Recommendations of the 9/11 Commission Act has several 
provisions related to security assessments. For instance, the act 
requires DHS to review existing security assessments for public 
transportation systems as well as conduct additional assessments as 
necessary to ensure that all high-risk public transportation agencies 
have security assessments. Moreover, the act also requires DHS to 
establish a Federal task force to complete a nationwide risk assessment 
of a terrorist attack on rail carriers. We will continue to review 
threat, vulnerability, and criticality assessments conducted by TSA 
related to securing surface modes of transportation during our ongoing 
work.\27\
---------------------------------------------------------------------------
    \25\ TSA conducts corporate security reviews in multiple modes of 
transportation to establish baseline data against which to evaluate 
minimum-security standards and identify coverage gaps in reviewed 
systems.
    \26\ According to TSA, the agency completed 945 criticality 
assessments in fiscal year 2007 and 400 assessments in fiscal year 
2008. TSA officials stated that some of these assessments may have been 
conducted to update previously completed ones.
    \27\ For more information, see GAO, Passenger Rail Security: 
Enhanced Federal Leadership Needed to Prioritize and Guide Security 
Efforts, GAO-07-225T (Washington, DC: Jan. 18, 2007).
---------------------------------------------------------------------------
    Issuance of Security Standards. TSA has taken actions to develop 
and issue security standards for mass transit, passenger rail, and 
freight rail transportation modes. However, TSA has not yet developed 
or issued security standards for all surface transportation modes, such 
as commercial vehicle and highway infrastructure, or determined whether 
standards are necessary for these modes of transportation. 
Specifically, TSA has developed and issued both mandatory rail security 
directives and recommended voluntary best practices--known as Security 
Action Items--for transit agencies and passenger rail operators to 
implement as part of their security programs to enhance both security 
and emergency-management preparedness. TSA also issued a notice of 
proposed rulemaking in December 2006, which if finalized as proposed, 
would include additional security requirements for passenger and 
freight rail transportation operators.\28\ For example, the rule would 
include additional security requirements designed to ensure that 
freight railroads have protocols for the secure custody transfers of 
toxic-inhalation-hazard rail cars in High Threat Urban Areas. DHS and 
other Federal partners have also been collaborating with the American 
Public Transportation Association (APTA) and public and private 
security professionals to develop industry wide security standards for 
mass transit systems. APTA officials reported that they expect several 
of the voluntary standards to be released in mid-2008. Additionally, 
the Implementing Recommendations of the 9/11 Commission Act requires 
DHS to issue regulations establishing standards and guidelines for 
developing and implementing vulnerability assessments and security 
plans for high-risk railroad carriers and over-the-road bus 
operators.\29\ The deadlines for the regulations are August 2008 and 
February 2009, respectively. With respect to freight rail, TSA is 
developing a notice of proposed rulemaking proposing that high-risk 
rail carriers conduct vulnerability assessments and develop and 
implement security plans. We will continue to assess TSA's efforts to 
issue security standards for other surface transportation modes during 
our ongoing reviews.
---------------------------------------------------------------------------
    \28\ See 71 Fed. Reg. 76,852 (Dec. 21, 2006).
    \29\ See Pub. L. No. 110-53,  1512, 1531, 121 Stat. at 429-33, 
454-57.
---------------------------------------------------------------------------
    Compliance Inspections. TSA has hired and deployed surface 
transportation security inspectors who conduct compliance inspections 
for both passenger and freight rail modes of transportation; however, 
questions exist regarding how TSA will employ the inspectors to enforce 
new regulations proposed in its December 2006 Notice of Proposed 
Rulemaking and regulations to be developed in accordance with the 
Implementing Recommendations of the 9/11 Commission Act.\30\ TSA 
officials reported having 100 surface transportation inspectors during 
fiscal year 2005 and, as of December 2007, were maintaining an 
inspector work force of about the same number. The agency's budget 
request for fiscal year 2009 includes $11.6 million to fund 100 surface 
transportation security inspectors--which would maintain its current 
staffing level. Inspectors' responsibilities include conducting on-site 
inspections of key facilities for freight rail, passenger rail, and 
transit systems; assessing transit systems' implementation of core 
transit security fundamentals and comprehensive security action items; 
conducting examinations of stakeholder operations, including compliance 
with security directives; identifying security gaps; and developing 
effective practices. To meet these compliance responsibilities, TSA 
reported in December 2007 that it had conducted voluntary assessments 
of 50 of the 100 largest transit agencies, including 34 passenger rail 
and 16 bus-only agencies, and has plans to continue these assessments 
with the next 50 largest transit agencies during fiscal year 2008. With 
respect to freight rail, TSA reported visiting, during 2007, almost 300 
railroad facilities including terminal and railroad yards to assess the 
railroads' implementation of 17 DHS-recommended Security Action Items 
associated with the transportation of toxic-inhalation-hazard 
materials.
---------------------------------------------------------------------------
    \30\ See, e.g., Pub. L. No. 110-53,  1534, 121 Stat at 461-62.
---------------------------------------------------------------------------
    TSA has raised concerns about the agency's ability to continue to 
meet anticipated inspection responsibilities given the new regulations 
proposed in its December 2006 Notice of Proposed Rulemaking and 
requirements of the Implementing Recommendations of the 9/11 Commission 
Act. For example, the act mandates that high-risk over-the-road bus 
operators, railroad carriers, and public transportation agencies 
develop and implement security plans which must include, among other 
requirements, procedures to be implemented in response to a terrorist 
attack.\31\ The act further requires the Secretary of DHS to review 
each plan within 6 months of receiving it. TSA officials stated that 
they believe TSA inspectors will likely be tasked to conduct these 
reviews. The act also requires that the Secretary of DHS develop and 
issue interim final regulations by November 2007, for a public 
transportation security training program.\32\ As of April 2008, these 
interim regulations have not been issued. According to TSA officials, 
TSA inspectors will likely be involved in ensuring compliance with 
these regulations as well. To help address these additional 
requirements, the Implementing Recommendations of the 9/11 Commission 
Act authorizes funds to be appropriated for TSA to employ additional 
surface transportation inspectors, and requires that surface 
transportation inspectors have relevant transportation experience and 
appropriate security and inspection qualifications.\33\ However, it is 
not clear how TSA will meet these new requirements since the agency has 
not requested funding for additional surface transportation security 
inspectors for fiscal year 2009. We will continue to assess TSA's 
inspection efforts during our ongoing work.\34\
---------------------------------------------------------------------------
    \31\ See Pub. L. No. 110-53,  1405, 1512, 1531, 121 Stat. at 402-
05, 429-33, 454-57.
    \32\ See Pub. L. No. 110-53,  1408, 121 Stat. at 409-11 (requiring 
that the Secretary develop and issue final regulations for the training 
program by August 2008).
    \33\ See Pub. L. No. 110-53,  1304, 121 Stat. at 393-94.
    \34\ For more information, see GAO, Passenger Rail Security: 
Enhanced Federal Leadership Needed to Prioritize and Guide Security 
Efforts, GAO-06-181T (Washington, DC: Oct. 20, 2005).
---------------------------------------------------------------------------
    Grant Programs. DHS has developed and administered grant programs 
for various surface transportation modes, although stakeholders have 
raised concerns regarding the current grant process. For example, the 
DHS Office of Grants and Training, now called the Grant Programs 
Directorate, has used various programs to fund passenger rail security 
since 2003. Through the Urban Areas Security Initiative grant program, 
the Grant Programs Directorate has provided grants to urban areas to 
help enhance their overall security and preparedness level to prevent, 
respond to, and recover from acts of terrorism. The Grant Programs 
Directorate used fiscal year 2005, 2006, and 2007 appropriations to 
build on the work under way through the Urban Areas Security Initiative 
program, and create and administer new programs focused specifically on 
transportation security, including the Transit Security Grant Program, 
Intercity Passenger Rail Security Grant Program, and the Freight Rail 
Security Grant Program. However, some industry stakeholders have raised 
concerns regarding DHS's current grant process, including the shifting 
of funding priorities, the lack of program flexibility, and other 
barriers to the provision of grant funding. For example, transit 
agencies have reported that the lack of predictability in how TSA will 
assess grant projects against funding priorities makes it difficult to 
engage in long-term planning of security initiatives. Specifically, 
transit agencies have reported receiving funding to begin projects--
such as retrofitting their transit fleet with security cameras or 
installing digital video recording systems--but not being able to 
finish these projects in subsequent years because TSA had changed its 
funding priorities. The Implementing Recommendations of the 
9/11 Commission Act codifies surface transportation grant programs and 
imposes statutory requirements on the administration of the 
programs.\35\ For example, the act lists authorized uses of these grant 
funds and requires DHS to award the grants based on risk.\36\ It also 
requires that DHS and DOT determine the most effective and efficient 
way to distribute grant funds, authorizing DHS to transfer funds to DOT 
for the purpose of disbursement.\37\ According to the TSA fiscal year 
2009 budget justification, to ensure that the selected projects are 
focused on increasing security, DHS grants are to be awarded based on 
risk. We will continue assessing surface transportation related grant 
programs as part of our ongoing work.\38\
---------------------------------------------------------------------------
    \35\ See Pub. L. No. 110-53,  1406, 1513, 1532, 121 Stat. 405-08, 
433-35, 457-60.
    \36\ See, e.g., Pub. L. No. 110-53,  1406(b), (c)(2), 121 Stat. at 
405-07.
    \37\ See Pub. L. No. 110-53,  1406(d), 1532(e), 121 Stat. at 407, 
459.
    \38\ For more information see GAO-06-181T.
---------------------------------------------------------------------------
  crosscutting issues have hindered dhs's efforts in implementing its 
                    mission and management functions
    Our work has identified homeland security challenges that cut 
across DHS's mission and core management functions. These issues have 
impeded the Department's progress since its inception and will continue 
to confront DHS as it moves forward. These issues include: (1) 
Establishing baseline performance goals and measures and engaging in 
effective strategic planning efforts; (2) applying and strengthening a 
risk-management approach for implementing missions and making resource 
allocation decisions; and, (3) coordinating and partnering with 
Federal, State, and local agencies, and the private sector. We have 
made numerous recommendations to DHS and its components, including TSA, 
to strengthen these efforts, and the Department has made progress in 
implementing some of these recommendations.
    DHS has not always implemented effective strategic planning efforts 
and has not yet fully developed performance measures or put into place 
structures to help ensure that the agency is managing for results. For 
example, with regard to TSA's efforts to secure air cargo, we reported 
in October 2005 and April 2007 that TSA completed an Air Cargo 
Strategic Plan in November 2003 that outlined a threat-based risk-
management approach to securing the Nation's domestic air cargo system, 
and that this plan identified strategic objectives and priority actions 
for enhancing air cargo security based on risk, cost, and 
deadlines.\39\ However, TSA had not developed a similar strategy for 
addressing the security of inbound air cargo--cargo transported into 
the United States from foreign countries--including how best to partner 
with CBP and international air cargo stakeholders. In another example, 
we reported in April 2007 that TSA had not yet developed outcome-based 
performance measures for its foreign airport assessment and air carrier 
inspection programs, such as the percentage of security deficiencies 
that were addressed as a result of TSA's on-site assistance and 
recommendations, to identify any aspects of these programs that may 
need attention. We recommended that DHS direct TSA and CBP to develop a 
risk-based strategy, including specific goals and objectives, for 
securing air cargo;\40\ and develop outcome-based performance measures 
for its foreign airport assessment and air carrier inspection 
programs.\41\ DHS generally concurred with GAO's recommendations with 
regard to air cargo, and is taking steps to strengthen its efforts in 
this area.
---------------------------------------------------------------------------
    \39\ GAO-07-660.
    \40\ GAO-07-660.
    \41\ GAO, Aviation Security: Foreign Airport Assessments and Air 
Carrier Inspections Help Enhance Security, but Oversight of These 
Efforts Can Be Strengthened, GAO-07-729 (Washington, DC: May 11, 2007).
---------------------------------------------------------------------------
    Although DHS and TSA have made risk-based decisionmaking a 
cornerstone of departmental and agency policy, DHS and TSA could 
strengthen their application of risk management in implementing their 
mission functions. Several DHS component agencies and TSA have worked 
toward integrating risk-based decisionmaking into their security 
efforts, but we reported that these efforts can be strengthened. For 
example, TSA has incorporated certain risk-management principles into 
securing air cargo, but has not completed assessments of air cargo 
vulnerabilities or critical assets--two crucial elements of a risk-
based approach. TSA has also incorporated risk-based decisionmaking 
when making modifications to airport checkpoint screening procedures, 
to include modifying procedures based on intelligence information and 
vulnerabilities identified through covert testing at airport 
checkpoints. However, in April 2007, we reported that TSA's analyses 
that supported screening procedural changes could be strengthened. For 
example, TSA officials based their decision to revise the prohibited 
items list to allow passengers to carry small scissors and tools onto 
aircraft based on their review of threat information--which indicated 
that these items do not pose a high risk to the aviation system--so 
that TSOs could concentrate on higher threat items.\42\ However, TSA 
officials did not conduct the analysis necessary to help them determine 
whether this screening change would affect TSO's ability to focus on 
higher-risk threats.\43\ As noted earlier in this statement, TSA is 
taking steps to strengthen its efforts in both of these areas.
---------------------------------------------------------------------------
    \42\ GAO-07-634.
    \43\ GAO-07-634.
---------------------------------------------------------------------------
    In addition to providing Federal leadership with respect to 
homeland security, DHS also plays a large role in coordinating the 
activities of key stakeholders, but has faced challenges in this 
regard. Although improvements are being made, we have found that the 
appropriate homeland security roles and responsibilities within and 
between the levels of government, and with the private sector, are 
evolving and need to be clarified. For example, we reported that 
opportunities exist for TSA to work with foreign governments and 
industry to identify best practices for securing passenger rail and air 
cargo, and recommended that TSA systematically compile and analyze 
information on practices used abroad to identify those that may 
strengthen the Department's overall security efforts.\44\ With regard 
to air cargo, TSA has subsequently reviewed the models used in two 
foreign countries that rely on government-certified screeners to screen 
air cargo to facilitate the design of the agency's proposed certified-
cargo screening program. Further, in September 2005, we reported that 
TSA did not effectively involve private sector stakeholders in its 
decisionmaking process for developing security standards for passenger 
rail assets.\45\ We recommended that DHS develop security standards 
that reflect industry best practices and can be measured, monitored, 
and enforced by TSA rail inspectors and, if appropriate, rail asset 
owners. DHS agreed with these recommendations. Regarding efforts to 
respond to in-flight security threats, which, depending on the nature 
of the threat, could involve more than 15 Federal agencies and agency 
components, in July 2007 we also recommended that DHS and other 
departments document and share their respective coordination and 
communication strategies and response procedures, to which DHS 
agreed.\46\ The Implementing Recommendations of the 9/11 Commission Act 
includes provisions designed to improve coordination with stakeholders. 
For example, the act requires DHS and DOT to develop an annex to the 
Memorandum of Understanding between the two departments governing the 
specific roles, responsibilities, resources, and commitments in 
addressing motor carrier transportation security matters, including the 
processes the departments will follow to promote communications and 
efficiency, and avoid duplication of effort.\47\ The act also requires 
DHS, in consultation with DOT, to establish a program to provide 
appropriate information that DHS has gathered or developed on the 
performance, use, and testing of technologies that may be used to 
enhance surface transportation security to surface transportation 
entities.\48\ According to TSA, the agency has begun to provide transit 
agencies with information on recommended available security 
technologies through security roundtables for the top 50 transit 
agencies; the posting of an authorized equipment list on the Homeland 
Security Information Network Web site; and periodic briefings to other 
Federal agencies.
---------------------------------------------------------------------------
    \44\ See GAO-07-660 and GAO-05-851.
    \45\ See GAO-05-851.
    \46\ GAO, Aviation Security: Federal Coordination for Responding to 
In-flight Security Threats Has Matured, but Procedures Can Be 
Strengthened, GAO-07-891R (Washington, DC: July 31, 2007).
    \47\ See Pub. L. No. 110-53,  1541, 121 Stat. at 469.
    \48\ See Pub. L. No. 110-53,  1305, 121 Stat. at 394-95.
---------------------------------------------------------------------------
                        CONCLUDING OBSERVATIONS

    The magnitude of DHS's and TSA's responsibilities in securing the 
Nation's transportation system is significant, and we commend the 
Department on the work it has done and is currently doing to secure 
this network. Nevertheless, given the dominant role that TSA plays in 
securing the homeland, it is critical that the agency continually 
strive to strengthen its programs and initiatives to counter emerging 
threats and improve security. In the almost 6\1/2\ years since its 
creation, TSA has had to undertake its critical mission while also 
establishing and forming a new agency. At the same time, a variety of 
factors, including threats to and attacks on transportation systems 
around the world, as well as new legislative requirements, have led the 
agency to reassess its priorities and reallocate resources to address 
key events, and to respond to emerging threats. Although TSA has made 
considerable progress in addressing key aspects of commercial aviation 
security, more work remains in some key areas, such as the deployment 
of technologies to detect explosives at checkpoints and in air cargo. 
Further, although TSA has more recently taken action in a number of 
areas to help secure surface modes of transportation, its efforts are 
still largely in the early stage, and the nature of its regulatory role 
and relationship with transportation operators is still being defined. 
As DHS and TSA move forward, it will be important for the Department to 
address the challenges that have affected its operations thus far, 
while continuing to adapt to new threats and needs, and well as 
increase the effectiveness and efficiency of existing programs and 
operations. We will continue to review DHS's and TSA's progress in 
securing the transportation network, and will provide information to 
Congress and the public on these efforts.
    Madam Chairwoman this concludes my statement. I would be pleased to 
answer any questions that you or other members of the subcommittee may 
have at this time.

    Ms. Jackson Lee. Thank you for your testimony.
    It is my pleasure now to recognize Mr. Ervin to summarize 
his statement for 5 minutes.
    Welcome.

  STATEMENT OF CLARK KENT ERVIN, DIRECTOR, HOMELAND SECURITY 
                  INITIATIVE, ASPEN INSTITUTE

    Mr. Ervin. Thank you very much, Madam Chairwoman and Mr. 
Bilirakis. Thank you very much for inviting me to testify today 
on this important topic. Let me start with the positives.
    I think that Secretary Hawley is to be commended for the 
more open and collaborative spirit he brings to the job. Under 
his leadership, TSA has been more willing to listen to, respond 
to and benefit from constructive criticism.
    Operationally, I commend the move toward introducing more 
randomness into the system so as to keep terrorists off guard 
as much as possible. I think the behavior detection program is, 
in theory, at least, very much to be applauded. A variant of it 
has worked for many years, in fact, in Israel. It led just 
recently, here in this country, in Orlando, as we have all 
noticed and spoken about, to the detection of a passenger 
carrying bomb parts.
    As important as it is to spot guns, knives, bombs and other 
potential weapons before they are used to deadly effect, it is 
at least as important, if not more so, to try to identify 
people whose behavior suggests that they might use such 
weapons.
    My concern is whether transportation security officers are 
being trained long enough and comprehensively enough to truly 
distinguish between people whose movements, mannerisms or 
demeanor suggest deadly intent and people who merely look 
different from the norm. What to a behavior detection officer 
is behavior detection may to a given subject be racial or 
ethnic profiling.
    TSA is to be commended also for the initiative to redesign 
the checkpoint to make it more aesthetically and 
psychologically appealing, and, likewise, the effort to create 
separate lines for experienced business travelers and harried 
parents and others who need more time to go through the 
checkpoint is commendable. But I remain troubled by several 
things.
    First of all, undercover government and media 
investigations continue to the present day to show what they 
have shown since 9/11: screeners far too often fail to spot 
concealed guns, knives and bombs. TSA's response to such 
results is always the same: screener performance is only one of 
several, 19 layers, at airports. A concentrated effort to 
defeat any one layer can succeed, certainly, but each layer is 
linked such that the whole is greater than the sum of its 
parts. Of course, screeners fail test nowadays. They are much 
harder than they used to be, and they get harder all the time.
    But to take these arguments in turn, the whole chain is 
only as strong as its weakest link. As links go, the checkpoint 
is the most important in terms of keeping weapons off 
airplanes.
    As a general rule, the one and only time that passengers 
and their carry-on luggage are checked for guns, knives and 
bombs is at the checkpoint. Of course we want the test to be as 
hard as possible. It is not as if terrorists will make it easy 
to spot their concealed weapons.
    TSA seems to be saying implicitly and illogically the worse 
we do on these tests, the better. The good news is that we have 
heard today from Secretary Hawley that still more technology, 
which is the ultimate key to this, will be deployed. I hope 
that this effort will be accelerated and that additional moneys 
will be provided to TSA to ensure and to further expedite the 
deployment of these technologies.
    My second concern relates to air cargo. It is good news 
that TSA is now required by law to screen 100 percent of cargo 
on passenger planes for explosives by 2010, so I was initially 
heartened to read last week's ``USA Today'' story that TSA was 
launching this effort this summer in major cities, suggesting 
that the deadline will be met sooner, rather than later.
    As I read further, though, I grew disheartened, as I 
learned that, much like the C-TPAT program that CBP employs, 
TSA will allow shippers of air cargo to volunteer to screen 
their own cargo. There is no reason to believe that shippers in 
any great numbers will be wiling to pay for the necessary 
personnel and equipment.
    Further, as to any shipper that would be willing to pay for 
the necessary personnel and equipment and conduct its own self 
screening, we simply cannot afford to outsource a critical 
security function like this in the post-9/11 world. Businesses 
are concerned about security, certainly, but understandably 
their first concern is their bottom line. When the two 
conflict, security loses out.
    My third concern relates to air marshals. I was concerned 
by the CNN story just last week that only about 1 percent of 
the 28,000 commercial flights flown in an average day are 
covered by air marshals, according to some half-dozen air 
marshals and pilots interviewed by the network. If this is 
true, this is particularly troubling, and that is especially 
the case against the backdrop of the poor results on these 
undercover tests that was just mentioned. I hope we will probe 
that today during the course of the hearing.
    Then, finally, I am concerned that while pilots and flight 
attendants are screened, like passengers, every time they go 
through checkpoints, other airport workers, some 900,000 of 
them nationwide, are not. The background check process is not 
sufficient, it seems to me, when we learned that on occasion 
workers are caught with thefts and drug smuggling, other 
crimes. If these background tests are not sufficient in that 
circumstance, they are not sufficient to protect against 
terrorism.
    This summarizes my testimony, Madam Chairwoman, and I am 
looking forward very much to your questions.
    [The statement of Mr. Ervin follows:]

                 Prepared Statement of Clark Kent Ervin
                             April 15, 2008

    Thank you very much, Mr. Chairman and members, for inviting me to 
testify today on the topic, ``Moving Beyond the First Five Years: How 
the Transportation Security Administration will Continue to Enhance 
Security for all Modes of Transportation.''
    Let me start with the positive. I think that Secretary Hawley is to 
be commended for the more open and collaborative spirit he brings to 
the job. Under his leadership, TSA has been more willing to listen to, 
respond to, and benefit from constructive criticism. The new blog, for 
example, provides an easy way for TSA leaders to communicate with and 
hear from the public, and it provides a way for travelers to vent their 
frustrations and to get things off their chest.
    Operationally, I commend the move toward introducing more 
randomness into the system, so as to keep terrorists off guard as much 
as possible.
    I think the Behavior Detection Program is, in theory at least, very 
much to be applauded. It has worked, in fact, in Israel very 
effectively for many years. And, it led just recently in Orlando to the 
detection of a passenger carrying bomb parts. As important as it is to 
spot guns, knives, bombs, and other potential weapons before they are 
used to deadly effect (about which more later), it is at least as 
important, if not more so, to try to identify people whose behavior 
suggests that they might use such weapons.
    My concern is whether Transportation Security Officers are being 
trained long enough and comprehensively enough truly to distinguish 
between people whose movements, mannerisms or demeanor suggest deadly 
intent and people who merely look different from the norm. What to a 
Behavior Detection Officer is ``behavior detection'' may, to a given 
subject, be racial or ethnic profiling. I hope that the subcommittee 
will probe into this issue today.
    TSA is to be commended also for the initiative to redesign the 
checkpoint to make it more aesthetically and psychologically appealing 
through the use of music, lighting, and such. It is easy to make fun of 
such moves, but anything that makes the traveling experience more 
pleasant without sacrificing security is a very good thing, indeed. 
Likewise, the effort to create separate lines for experienced business 
travelers and harried parents struggling with children, luggage, and 
toys (and other travelers who, for one reason or another, need more 
time to navigate the checkpoint) is commendable. I travel in both 
incarnations--sometimes alone, as a business traveler, and other times 
with my wife and 2-year-old--and I would very much appreciate being in 
a separate line with like travelers under each circumstance.
    But, I remain troubled by several things. First, government and 
media investigations continue to the present day to show what they have 
shown since 9/11--screeners far too often fail to spot concealed guns, 
knives, and bombs. This was the case in 2001, in the immediate 
aftermath of 9/11, when the Department of Transportation's Inspector 
General was responsible for conducting such tests. It was the case in 
2003-2004 during my time as the Department of Homeland Inspector 
General. It was the case in a followup DHS IG report in 2005 after I 
left. In the spring of 2006, GAO reported that they were able to sneak 
potential bomb components through checkpoints at 21 different airports 
undetected. In October 2006, it was reported that screeners at Newark 
International Airport, not incidentally one of the airports transited 
by 9/11 hijackers, failed 20 out of 22 undercover tests. USA Today 
reported a year later, last October, that screeners failed TSA's own 
undercover tests 75 percent of the time at LAX, and 60 percent of the 
time at Chicago O'Hare. And, just a couple of months ago, the DHS 
Inspector General released its latest report on covert testing of 
screeners. Only an unclassified summary was released, and it is 
impossible to tell what the results were. But, I note that the IG made 
six recommendations. It is certainly possible that the results showed 
dramatic improvement in screener performance and the IG still found it 
necessary to make six recommendations. Given the foregoing background, 
I think it more likely that six recommendations were made because there 
is still considerable room for improvement. In any event, I hope the 
subcommittee has or promptly will obtain the classified version of the 
report and learn for yourselves what the results are and how they stack 
up against the foregoing ones.
    TSA's response to such results is always the same. Screener 
performance is only one of 19 security layers at airports. A 
concentrated effort to defeat any one layer can succeed, certainly, 
but, each layer is linked such that the whole is greater than the sum 
of the parts.
    And, of course, screeners fail tests nowadays. They are much harder 
than they used to be, and they get harder all the time.
    But, to take these arguments in turn, the whole chain is only as 
strong as its weakest link. And, as links go, the checkpoint is the 
most important, in terms of keeping weapons off airplanes. As a general 
rule, the one and only time that passengers and their carry-on luggage 
are checked for guns, knives, and bombs is at the checkpoint. At the 
boarding gate, an agent or flight attendant merely checks whether each 
passenger has a boarding pass that appears to be in order. So, if 
weapons are missed at the checkpoint, chances are that they will make 
it onto airplanes.
    And, of course, we want the tests to be as hard as possible. It is 
not as if terrorists will make it easy to spot their concealed weapons. 
TSA seems to be saying, implicitly and illogically, the worse we do on 
these tests the better.
    The good news is that TSA grasps that, in addition to more and 
better training, and consequences for screeners who consistently fail 
such tests, the key to better screener performance are technologies 
like backscatter and multi-view X-ray machines. The problem is that, 
almost 7 years after 9/11, and 5 years after my office recommended such 
technologies, they are still only in the pilot or testing phase. These 
technologies, and others like them, should have been tested and piloted 
long ago. By now, they should be widely deployed throughout the 
country, ideally at every airport and checkpoint, and certainly at 
every checkpoint at the highest risk airports in the country. That 
takes money, of course, and that is something that DHS/TSA has been 
short of since its inception, and, all too often, the dollars it has 
been given have been poorly managed. I hope that the next 
administration, Republican or Democrat, will make it a priority to get 
TSA the resources it needs to move beyond the drawing board to the 
field with these technologies that can make the difference between 
terrorists' or DHS' winning the next time aviation is targeted for 
attack.
    Another problem is that, on occasion, covert tests have been 
compromised by tipoffs to screeners that they are being tested. It is 
unclear how widespread this is, but one time is one time too many. And, 
of course, TSA management itself should never be involved in tipping 
off screeners, as was suggested by the now infamous April 2006 email 
that was the subject of a full committee hearing last November. I hope 
that the Inspector General is investigating this matter and, if so, the 
investigation concludes soon.
    My second concern relates to air cargo. It is good news that TSA is 
now required by law to screen 100 percent of cargo on passenger planes 
for explosives by 2010. I was initially heartened to read last week's 
USA Today story that TSA was launching the effort this summer in major 
cities, suggesting that the deadline would be met sooner rather than 
later. As I read further, I grew disheartened as I learned that, much 
like Customs and Border Protection relies on shippers of oceangoing 
freight to police themselves through the Customs Trade Partnership 
Against Terrorism Program (C-TPAT), TSA will allow shippers of air 
cargo to volunteer to screen their own cargo. There is no reason to 
believe that shippers in any great numbers will be willing to pay for 
the necessary personnel and equipment. Further, as to any shipper that 
would be willing to pay for the necessary personnel and equipment and 
conduct its own self screenings, we simply cannot afford to outsource a 
critical security function like this in the post-9/11 world. Businesses 
are concerned about security, certainly. But, understandably, their 
first concern is their bottom line. When the two conflict, security 
loses out. We should have learned the lesson the hard way on 9/11, 
since airlines were in charge of screening passengers and baggage at 
that time. The whole point of creating TSA was the recognition that, 
left to its own devices, the private sector will put profit ahead of 
security when the two conflict every time. One hundred percent of the 
screening should be done by TSA personnel. And, if, TSA needs more 
resources to accomplish this, TSA should forthwith be given those 
additional resources.
    My third concern relates to air marshals. I had been under the 
impression that our problems with air marshals (the number of them, 
their anonymity, etc.) were behind us. So, I was aghast to see the 
recent CNN story to the effect that less than 1 percent of the 28,000 
commercial flights flown on an average day are covered by air marshals, 
according to more than a dozen air marshals and pilots interviewed by 
the network. Of course, if true, this is even more troubling against 
the backdrop of continued poor results on undercover tests of 
screeners' ability to spot concealed weapons. If terrorists can smuggle 
weapons on board aircraft, and there is no air marshal to defend the 
plane and its passengers against attack, a given plane can be an open 
target. We need to increase the budget for this vital program 
sufficiently to enable TSA to cover 100 percent of at least the highest 
risk flights, namely those into and out of the Nation's largest cities 
and busiest airports, and as high a percentage of all other flights as 
practicable. The air marshal force should be supplemented by trained 
and deputized current and former law enforcement personnel from other 
Federal, State, and local agencies, military personnel, and perhaps, 
even, veterans. And, the Federal Flight Deck Officers Program, whereby 
pilots are trained and authorized to carry a gun to protect the cockpit 
should be expanded. At present, my understanding is that there's still 
only one training facility, in a remote town in a remote state. And, 
according to this just mentioned CNN report, pilots have to pay as much 
as $3,000 of their own money for lodging and meals when they take the 
course. And, Federal Flight Deck Officers do not get additional pay for 
being willing to perform this additional, vital service. They should, 
as a further incentive to encourage still more pilots (and other 
authorized flight crew personnel) to sign up.
    My fourth concern is that, while pilots and flight attendants are 
screened, like passengers, every time they go through checkpoints, 
other airport workers, some 900,000 of them nationwide, are not. There 
have been numerous instances during recent years of airport personnel 
being involved in thefts, drug smuggling, and other crimes. So, if 
background checks are no panacea against the threat of crime, they are 
likewise no panacea against the threat of terrorism. I hopeful that the 
bill that Ms. Lowey of New York has introduced on this issue will 
ultimately, and sooner rather than later, become law.
    Finally, the title of this hearing refers to ``all modes of 
transportation.'' TSA has devoted its resources, personnel, and 
attention almost entirely to aviation related matters since its 
creation in 2001. Now is past time for TSA to devote considerably more 
resources, personnel, and attention to securing other modes of travel, 
especially mass transit. Given that terrorists aim to maximize the 
number of people killed and injured and damage to the U.S. economy, it 
is curious that we have yet to see an attack on mass transit here in 
the United States, especially since such attacks have happened since 9/
11 elsewhere in the world. Major cities like New York are taking 
appropriate steps like increased armed police presence; a greater use 
of bomb sniffing dogs and bomb detection technology; the wide 
deployment of surveillance cameras; random bag searches, and public 
awareness ``see something/say something'' campaigns. But, all these 
measures are extraordinarily costly, and, given the deteriorating 
economy, cities are increasingly strapped for funds. The Federal 
Government has an obligation to help at least the highest risk cities 
shoulder the burden of these costs, because these are the cities that 
are likeliest to be targeted by terrorists and an attack on any one of 
them would be an attack on the Nation as a whole.
    Thank you very much, again, for the invitation to testify today, 
and I look forward to your questions.

    Ms. Jackson Lee. Thank you very much for your testimony.
    Mr. Verdery, if you would summarize your statement in 5 
minutes.

STATEMENT OF C. STEWART VERDERY, JR., PARTNER, MONUMENT POLICY 
                           GROUP, LLC

    Mr. Verdery. Madam Chairwoman Jackson Lee, Congressman 
Bilirakis, thank you for having me back to the committee today. 
It is nice to be back.
    It is an interesting challenge, deploying policy, 
technology and resources to secure transportation. Over the 
past several years, TSA deserves great credit for making 
strides in this arena.
    I would ask the Congress to stick with what has worked--
risk management has worked--and not load on additional layers 
on TSA that cannot be funded and cannot be properly 
implemented. Some level of risk is inherent in transportation 
systems, especially non-aviation systems, as we will talk about 
later.
    As you mentioned, I served as Assistant Secretary for 
Policy the first 2 years of the Department. The 2 years I 
oversaw TSA from a policy perspective were a tumultuous time, 
as TSA moved from the Department of Transportation to DHS. 
Unfortunately, it was a time when TSA's every misstep seemed to 
show up on the late-night comics and led to congressional 
oversight.
    People had not yet grasped what it means to try to secure 
aviation systems or transportation more broadly. What these 
comics and critics missed was the success that was being built 
and it was mentioned by both of you in your opening statements, 
the fact that there has not been a successful incident in this 
country, and that is largely because of the investments that 
have been made.
    Other agencies now have a public awareness of what a real 
level of performance is. When a drug boat makes it past the 
Coast Guard, when an illegal migrant makes it past CBP into the 
country, when the IRS, on tax day, of all days, fails to find a 
tax cheat, people say that is just what happens. We are not 
going to be perfect. But, somehow, TSA is held to a standard, 
and every time somebody sneaks a knife past security or every 
time there is a breach in the sterile zone, it ends up on CNN.
    We have to understand the risk in the system. I think the 
American public would be very surprised to learn that in fiscal 
year 2007, the last full year, the TSA's budget was 99.8 
percent as large as the FBI's, and the FBI has a heck of a lot 
broader portfolio than the TSA, everything from 
counterterrorism to public corruption. But that is what happens 
when you go and you hire 45,000 well-trained, well-compensated, 
well-supported employees. You have gotten a good bang for the 
buck.
    But as you build out more and more mandates and add on more 
and more equipment, there are trailing costs that may not be 
worth the investment when there are so many other needs in the 
Homeland Security arena.
    People have to remember that each layer of the 20 layers 
that have been mentioned are not meant to be perfect. The goal 
of checking IDs is not to find the fake ID. The goal of the 
liquids check is not to find the liquid. It is to identify 
individuals who have a serious intent of doing harm to 
passengers or to a transportation mechanism.
    In my written testimony, I mention several successes of 
Administrator Hawley over the last couple of years, and I 
particularly want to mention the traveler redress program that 
was launched last year with help of the DHS Screening and 
Coordination Office. This has been a great success, and I 
encourage people who have watch list problems to try to use it.
    I had one individual that I work with said he had a watch 
list problem and I will just read what he wrote me yesterday. 
``I am a frequent traveler who regularly checked in online, at 
home or at the airport kiosk. In preparation for a recent trip, 
I tried to check in the night before and was told I had to see 
an agent. I went to the desk and was told I had to check in 
because I was on a security list. Apparently, there was someone 
with my same name, even the middle initial.
    ``I went to the DHS Web site, read the TRIP process, 
submitted the required forms and documents. Within 2 weeks, it 
was resolved. I received a letter from DHS that reviewed my 
case and fixed the issue. I thought the process was clear, 
quick and responsive. I was impressed.''
    So this is working well, but I ask the committee to go one 
step further, take advantage of H.R. 4719, Congresswoman 
Clarke's bill. Take it up, move it. It will codify the program 
and expand it to non-transportation modes. It is an excellent 
bill.
    In my few minutes remaining, I want to take a couple of 
programs where I think TSA has missed opportunities to work 
with the private sector in ways that would be most productive. 
First is the Registered Traveler program.
    I know the committee had an oversight hearing on this 
recently, but the basic program still--and I am a member of the 
program--while you provide fingerprints as part of the 
application process, they are not used. They are not run 
against criminal databases. They are not run against terrorist 
databases, the logic being, well, we are not changing the 
checkpoint no matter what the background check says.
    I think this is a missed opportunity. We have to look at 
risk management, and the idea that we are going to make 
somebody take off their shoes who is going through a full 
background check, has volunteered every piece of information 
that they will to the government and take up screener time to 
check millions of would-be travelers and take off their shoes I 
think is a poor use of resources that could be used for other 
purposes.
    Moreover, Customs and Border Protection, the sister agency 
of TSA, promisingly announced yesterday that Global Entry, 
International Registered Traveler program for arrivals in the 
United States, these individuals will go through a full 
interview, full criminal check, full background check, 
fingerprint check. They ought to be cross-enrolled in the 
domestic program and I understand talks are underway to make 
that happen.
    Again, that is moving people into a streamlined process and 
allowing screeners to focus on individuals they haven't seen 
before.
    We need to move forward on the Travel Document Checker 
program. It is part of the promising program that the 
administrator announced. We are now checking IDs instead of 
having it be handled by a rent-a-cop in an inconvenient, easy-
to-avoid fashion. But there is technology in the works in 
driver's licenses with watermarks that can easily be read and 
this will be able to find licenses that will be of increasing 
value as REAL ID is finalized.
    A true REAL ID-compliant license will be quite valuable if 
it is stolen or forged, and we need to be able to detect those.
    Madam Chairwoman, my 5 minutes is up. I hope during the 
question-and-answer period, we will have a chance to talk about 
Secure Flight, a program I worked on at DHS which remains in 
the works, unfortunately. It is a difficult program, but a 
priority and also how we can move forward in some of the other 
modes of transportation.
    Thank you.
    [The statement of Mr. Verdery follows:]

             Prepared Statement of C. Stewart Verdery, Jr.
                             April 15, 2008

                              INTRODUCTION

    Chairman Jackson Lee, Ranking Member Lungren and Members of the 
committee, thank you for the opportunity to return to the House 
Committee on Homeland Security to discuss the challenges that the 
country faces in developing and deploying an effective mix of policy, 
technology, and resources to secure our transportation systems. I am 
currently a partner and founder of the consulting firm Monument Policy 
Group, LLC and an Adjunct Fellow at the Center for Strategic and 
International Studies.\1\
---------------------------------------------------------------------------
    \1\ As disclosed in filings with the House and U.S. Senate, 
Monument Policy Group represents several clients with a variety of 
interests related to transportation security. Also, CSIS does not take 
policy positions. Thus, this testimony is submitted in my personal 
capacity and not on behalf of any third party.
---------------------------------------------------------------------------
    Not only must these programs deter and detect those who would 
commit acts of terrorism or crime, they must also facilitate the flow 
of travelers and goods essential to our economic livelihood and social 
fabric. Over the last several years, the Transportation Security 
Administration (TSA) has made great strides in striking this balance, 
securing our transportation systems and using its significant but 
ultimately limited resources to implement effective risk-management. I 
would ask the Congress, and this committee in particular, to resist the 
urge to hold TSA to the standard of perfection-instead, I hope that you 
will understand that some level of risk is inherent in the security 
arena, particularly if we want to balance security with the freedom of 
movement of goods and people. Furthermore, I urge TSA and those who 
fund and oversee the agency to rededicate themselves to working with 
the private sector to find solutions that utilize private sector 
expertise without requiring massive new Federal bureaucracies to secure 
our transportation systems.

                               BACKGROUND

    As you know, I served as Assistant Secretary for Border and 
Transportation Security (BTS) Policy and Planning at DHS from 2003 
through 2005. I was responsible for policy development within the BTS 
Directorate, working closely with Under Secretary Asa Hutchinson and 
Secretary Tom Ridge, in the areas of immigration and visas, 
transportation security, law enforcement, and cargo security. These 
policies largely were carried out in the field by BTS agencies such as 
U.S. Customs and Border Protection (CBP), U.S. Immigration and Customs 
Enforcement (ICE), and TSA. BTS's functions have been subsumed and 
enhanced under the new DHS structure, most notably the new DHS Office 
of Policy.
    I worked closely with TSA during my 2 years at DHS, serving as its 
advocate within the administration and with the Congress, foreign 
governments, and private sector stakeholders, and coordinating its 
activities with other DHS entities such as CBP. This was a tumultuous 
period of transition for TSA as it moved from the Department of 
Transportation to DHS. During this time, nearly misstep seemingly 
appeared on the front page of USA Today and any progress--or lack 
thereof--in key areas was often caricatured by late night comedians and 
critics in Congress and elsewhere. Unfortunately, this sort of 
criticism did not take into account the broader fact that the Executive 
branch deployed a new agency from scratch seemingly overnight. 
Furthermore, these critics failed to note that TSA has succeeded in its 
broad mission to deter transportation-based acts of terrorism in the 
United States.

                               DISCUSSION

    For most Federal agencies, the public has a general idea of an 
acceptable level of performance. And it is generally not 100 percent 
success. The public does not expect the Coast Guard to stop each 
speedboat carrying drugs to our shores; the public does not expect 
CBP's Border Patrol to catch every family of illegal migrants crossing 
the border; nor, noting today is April 15, does the public expect the 
IRS to recognize every tax cheat. Generally, it seems, we are as a 
people familiar enough with these government entities to understand 
that they will not succeed each and every time in their mission. 
Unfortunately, TSA suffers from the expectation that all efforts must 
reach 100 percent success or else they are a failure: hearings must be 
held and someone must be held accountable.
    Partially this is a result of TSA's own well intended effort to 
create metrics for success. TSA's Web site prominently notes exactly 
how many weapons were detected during the past week, the number of 
security breaches resolved, and similar statistics. This mindset, 
however, is also a function of the constant search for perfection in 
each of TSA's security layers. TSA now describes some 20 layers of 
security deployed to protect aviation, from government intelligence 
activity to passengers trying to protect themselves and their fellow 
citizens.
    While serious observers of homeland security view and value each 
layer for its multiplier effect on security, oftentimes the focus tends 
to be on whether a single layer is being executed to perfection. For 
example, the real goal of a travel document checker is not to find fake 
ID's. The goal of TSA's liquids detection efforts is not to confiscate 
expensive perfume from those who accidentally have more than three 
ounces at the checkpoint. The goal of these and other layers is to 
alert TSA to an individual whose intent is to kill or injure passengers 
or use the plane itself as a weapon. That is the goal we should all be 
holding TSA to, and that is the way performance should be measured.
    However, far too few of us take that approach, and as a result TSA 
has been stuck in a spiral of creating more and more programs, 
consuming more and more of the Federal security budget. In fact, I 
would argue that the TSA already consumes far too large a portion of 
our scarce security resources. The average American would be shocked to 
learn that in fiscal year 2007, according to the President's fiscal 
year 2009 proposed budget, government spending for TSA ($6,028,000,000) 
was 99.8 percent as large as that of the entire Federal Bureau of 
Investigation ($6,040,000,000), with its massive responsibilities, 
ranging from investigating acts of terrorism to combating public 
corruption. Clearly, hiring more than 45,000 Federal employees and 
supporting their activities with technology, equipment, training and 
benefits is extraordinarily expensive. The committee should be very 
wary of giving more mandates to TSA. These new mandates will not only 
impose new costs, in terms of employing people, buying technology and 
initiating training, but also in terms of maintaining that equipment, 
retraining those people, and replacing that equipment when it becomes 
obsolete. We should instead stop and think which security issues remain 
unaddressed yet pose significant risks to the American public, and what 
resources are necessary to close those gaps, even at the expense of 
slightly higher but acceptable risks in other areas.
    Interestingly, TSA's budget has remained relatively flat for 
several years as an increasing percentage of the broader DHS budget has 
been devoted to immigration enforcement. The proposed increases for 
fiscal year 2009 are relatively small dollar programs aimed at fixing 
holes in aviation vetting, rather than large new initiatives in 
aviation or non-aviation transportation security.
    At the same time, these slowing budget numbers may create an 
increasing disconnect with TSA's growing list of authorized mandates. 
For example, we have seen in the past year legislation to insist on 100 
percent inspections of cargo carried on aircraft and ocean carriers 
bound for the United States. Obviously, not all 100 percent mandates 
are foolish: I was proud to help implement the US-VISIT biometric entry 
program which now enrolls essentially 100 percent of foreign guests 
arriving by air and sea.
    But in general, 100 percent mandates should be viewed with great 
skepticism because they essentially mean that no level of risk 
management is acceptable. They fly in the face of efforts like TSA's 
recently unveiled air cargo plan, which focuses on increased screening 
by freight forwarders and via canine units. This may, in fact may 
spread the pain of cargo screening enough to be effective as a 
deterrent, and also be significantly more cost-effective. 
Unfortunately, many people only believe 100 percent solutions are 
acceptable, and therefore will force TSA to undertake some 
sophisticated analysis and likely require a major increase in budget 
authority, to push TSA beyond the 50 percent screening goal for fiscal 
year 2009 to the elusive mark of 100 percent in 2010.

                              TSA PROGRESS

    Assistant Secretary Hawley, his team at TSA and the broader DHS 
department deserve great credit for stabilizing TSA's mission over the 
past 3 years. They have restored public confidence in aviation security 
and are using finite but limited resources to enhance the security of 
other modes of transportation. I would like to highlight several 
programs that I think are the hallmark of Assistant Secretary Hawley's 
tenure at TSA:
    SPOT.--Building on pilots begun in 2004, the use of specialized 
training to alert transportation security officers to suspicious 
behavior at or around the checkpoint is an effective security program 
that provides a tremendous return on investment. Allowing TSO's to use 
their eyes and ears as part of the Screening Passengers by Observation 
Techniques (SPOT) program to detect threats amid the noise of the 
checkpoint strikes me as the best possible use of screener time by 
transitioning the TSA checkpoint into a law enforcement opportunity.
    Checkpoint Evolution.--Shoehorning the TSA security checkpoint 
process into the wide variety of airport configurations has been a 
tremendous challenge for TSA, its airport and airline partners, and the 
public at large. The recently unveiled ``checkpoint evolution'' or 
``checkpoint of the future'' will take time to implement across the 
spectrum of airport terminals, but represents enlightened thinking 
about how to maximize passenger flow, minimize passenger stress, and 
elevate the likelihood nefarious actors will be identified.
    Passenger Redress.--Working with the DHS Office of Screening 
Coordination, TSA launched the Traveler Redress Inquiry Program (TRIP) 
last year. While not flawless, TRIP has assisted tens of thousands of 
individuals unlucky enough to have similar to those on terrorist watch 
lists. In fact, I know first-hand of successes in this program, having 
recently directed a colleague to use the TRIP program. Several weeks 
later, he wrote me a note which said the following: ``I am a frequent 
traveler who regularly checked in online at home or at the airport 
kiosk. In preparation for a recent trip, I tried to check in the night 
before and was told I had to see an agent. I went to the desk the next 
morning and was told that I had to check in at the desk because I was 
on a security list. Apparently there was someone with the same name, 
including middle initial. I went to the DHS website and read the TRIP 
process, submitted the required forms and documents and within 2 weeks 
was able to check in online or at the kiosk again. I also received a 
letter that DHS had reviewed my case and fixed the issue. I thought 
that the process was clear, quick and responsive. I was impressed.''
    To that end, I would encourage this committee to schedule a vote on 
H.R. 4179, which will codify and improve TRIP, especially as redress 
issues are encountered outside of TSA and CBP.

                       TSA AREAS FOR IMPROVEMENT

    However, as with many glasses filled to the mid-point, the empty 
half must be evaluated as well. Amidst all of the progress outlined 
above, I am concerned that TSA has missed opportunities to utilize risk 
management in key areas.
    Registered Traveler.--TSA has made no secret of its position that 
RT is not a priority program. In fact, Administrator Hawley and others 
have argued that it is too risky to provide any changes in the 
checkpoint process for RT enrollees without private sector development 
of technology that is tested and meets some criteria for enhancing the 
security process. I believe that there is a better approach. TSA can 
and should use the RT framework to improve the checkpoint process for 
travelers in ways that will set up risk management principles far 
beyond the aviation space. For example:
   Despite the fact that RT applicants provide fingerprints 
        during the application process, TSA does not actually compare 
        them to databases of known or suspected criminals or 
        terrorists. That is a missed opportunity, and I would encourage 
        this committee to push for this process to change. While such a 
        background check will not eliminate 100 percent of the risk 
        posed by a passenger, nor does the background check on 
        government employees access eliminate possible breaches of 
        classified material or inappropriate access to government 
        buildings. The question we must face is whether the risk of, 
        for instance, allowing a person who has passed a biographic and 
        fingerprint review to keep his shoes on through security is 
        significant enough to spend scarce screener resources X-raying 
        shoes of millions of people willing to place their full 
        identity before the government for review.
   This week CBP launched the Global Entry international 
        registered traveler program for inbound U.S. citizens and legal 
        permanent residents able to pass a full background check. The 
        program will likely be opened to citizens of select foreign 
        nations who enter into information-sharing and reciprocity 
        agreements with the United States. Common sense would dictate 
        that Global Entry enrollees should automatically be approved 
        for the domestic RT program if they are willing to help pay for 
        the operation of the RT lanes. While discussions are underway 
        between CBP and TSA on this issue, they do not appear likely to 
        conclude before Global Entry begins enrollment next month. A 
        missed opportunity, for now, that should be fixed.
   Integrating the RT card standards and looming REAL ID 
        driver's license requirement is essential. While I understand 
        discussions are underway to have TSA provide RT vendors more 
        specificity for their card architecture to meet REAL ID 
        mandates, they need to produce results before new document 
        requirements hit the checkpoint.
   In addition to Global Entry members, TSA should consider 
        whether other low-risk populations--such as individuals with 
        security clearances or other Federal credentials, law 
        enforcement personnel, active duty military and certain 
        government employees--should be pre-approved for the RT 
        program, subject to their enrollment fee. This proposal has 
        long been called for by a range of groups supporting RT: it is 
        time for the government to step in and make this happen.
    Travel Document Checker.--The TDC program is a solid achievement, 
making the review of an identity document a real security layer as 
opposed to an easy-to-defeat inconvenience. However, as TSA builds a 
new checkpoint design, it would be remiss if it did not build into the 
TDC program the ability to confirm whether a driver's license is 
legitimate by reading imbedded watermarks now baked into most of these 
documents. This capability will become more important once REAL ID is 
fully in place and the value of a forged or altered driver's license 
will skyrocket.
    Secure Flight.--The Secure Flight program also represents a missed 
opportunity to date to improve our transportation security. Almost 8 
years after 9/11, and over 3 years since Secure Flight was scaled back 
to a relatively simple watchlist review of passenger manifests, the 
program appears to be far from implementation. Air carriers have 
watched as CBP's need to collect pre-departure biographical 
information, now known as the Automated Quick Query program, caught up 
to and now appears to be likely to be implemented while Secure Flight 
remains non-operational for domestic flights. It is reasonable for the 
government to request that air carriers re-design their data collection 
and transmission mechanisms one time for DHS needs, and it is 
unfortunate that the two agencies in this space have not been able to 
provide such a roadmap to date.
    Black Diamond.--We have also seen considerable press about the new 
``Black Diamond'' screening checkpoint self-selection program. As a 
parent, I can understand the attractiveness of a screening line that 
gives families and others slow to move through the checkpoint needed 
time, and a more relaxed pace to do so. To date, however, I have not 
seen any hard data on the actual effects of the program on throughput 
at the checkpoint. We would be suspicious of a highway ``EZ-Pass'' 
program that asked drivers to pick their lane based on the 0-60 speed 
of their vehicle leaving the booth, and the program simply appears too 
new to evaluate effectively. In most locations, Black Diamond will be a 
poor substitute for a true RT program that is designed to generate 
additional throughput by having conducted a security review beforehand, 
not just based on a traveler's perceived dexterity at the checkpoint.
    Biometrics.--TSA also needs to place new emphasis on the power of 
biometrics, especially when deployed in a mobile environment. The issue 
of controlling access to sensitive parts of transportation systems 
remains a difficult issue, especially in facilities never designed with 
today's stringent access control regimes in mind. The rapid improvement 
in mobile biometrics capabilities offers an increasingly cost-effective 
way to verify identity with or without card architectures. I am 
particularly interested in how TSA will learn from the access control 
pilot underway at Denver International Airport and whether mobile 
biometrics may play a role in the exit portion of the US-VISIT program.
    General Aviation.--DHS is rightfully concerned that the relatively 
unregulated nature of general aviation aircraft represents a weakness 
in an otherwise impressive security array. GA flight activity 
represents a growing market, including from overseas. Luckily, the 
nature of the market has created opportunities for TSA and CBP to 
piggy-back on reservation services to understand who is boarding 
aircraft operating in the United States. TSA should move quickly on the 
Secure Fixed Base Operator Program (SFBOP) pilots and seek funds to 
expand the program quickly.

                  NON-AVIATION MODES OF TRANSPORTATION

    Over the last 2 years, Congress has pushed for significant new 
funding in other modes of transportation beyond aviation. This reaction 
is perhaps understandable in light of vicious terrorist attacks on mass 
transit and rail systems in Europe.
    I would caution the committee against trying to compare modes and 
especially against trying to replicate the TSA aviation model for 
subway, rail, bus, or highway systems. By its very nature, aviation 
lends itself to security processes due to its natural series of 
chokepoints. Mass transit, on the other hand, is meant to be diffuse 
and easy to access. Physical screening of passengers and luggage would 
require a tremendously invasive deployment of equipment and personnel 
in environments not designed for delays and chokepoints. Therefore, I 
would encourage this committee to work with TSA on new ways to 
effectively manage risk in non-aviation modes of transportation.
    Additionally, I would encourage this committee to support TSA's use 
of behavioral analysis via SPOT and VIPR teams. This is a valuable use 
of TSA resources, and new ways to grow this effort would be worthwhile. 
TSA should leverage the experience it has gained in these programs by 
offering training to localities and transit authorities interested in 
developing their own or similar capabilities.
    DHS should also encourage the use of risk management in trusted 
traveler programs in other transportation modes. The nature of mass 
transit means government is seeing tremendous volumes of unknown 
individuals. RT programs bring more information to the table for review 
and should be adopted in environments beyond aviation.
    Lastly, according to DHS figures, there is approximately $13 
billion in unspent Federal assistance to State and local governments 
for homeland security needs. Recognizing that much of that money has 
already been spoken for in State-specific spending roadmaps and that 
States and local governments utilize that assistance for a wide variety 
of equipment and training needs, there still is room for 
transportation-focused spending where it is truly needed.

    Ms. Jackson Lee. I thank the witnesses for their testimony 
and I remind each member that he or she will have 5 minutes to 
question the panel, and I now recognize myself for questions.
    Certainly the witnesses have given us a broad perspective 
of the success stories, but yet recognizing that our oversight 
is crucial. I think that we should spend our time recognizing 
the work that the vast numbers of employees of TSA have done 
and never let any question that may come forward diminish that.
    At the same time, we have precious little time to engage 
with the administration and to ensure that our concerns are 
sufficiently heard.
    So let me start first with Assistant Secretary Hawley, and 
tell me, how expanded, or how expansive, is the behavioral 
assessment program? What kind of funding resources have you 
invested in it? How many of your overall employees--and I think 
Mr. Verdery said 45,000, and as he is looking, he is saying 
give or take a few--really had the opportunity to have this 
training?
    Mr. Hawley. In terms of budget support we have gotten that, 
and the President sent up a budget amendment in the fall for 
fiscal year 2007 that has helped us, along with the 2008 
appropriation, go from approximately 1,200 behavior detection 
officers that we have now, and we expect to have about 2,000 by 
the end of the year.
    As you know, this is a separate category in terms of rank, 
because one comes in as a TSO and then the behavior detection 
officer is an opportunity for career progression. It is a 
promotion and it is a full-time behavior detection capability. 
So we have 2,000 out of the total workforce, or will have 
2,000.
    Ms. Jackson Lee. I think you have just made a point, will 
have 2,000, and that is out of 45,000. What would that 
generally allow per airport, or major airport?
    Mr. Hawley. Well, our goal is to cover all of the hours 
that are open at the checkpoints and we will be able to get 
through the large cat X, so to speak, and the cat ones, and I 
am not sure how deep into all of the airports. However, we do 
have roving patrols that move around from place to place.
    I have to just correct one thing on a factual basis. On the 
CNN report about air marshals covering 1 percent, that number 
is absolutely wrong by an order of magnitude. It was a guess by 
the folks there, and I just have to say that number is 
completely false.
    No disrespect to Clark Kent Ervin who was quoting what he 
heard on CNN, but just that number is not correct.
    Ms. Jackson Lee. Now, would you venture to say that it is 
sizably larger than that?
    Mr. Hawley. Yes.
    Ms. Jackson Lee. I will give Mr. Ervin a chance to respond.
    Let me proceed and ask further on how much progress is 
being made on the watch list, the Secure Flight. It is a 
constant, if you will--raises continued concerns with the 
traveling public and the airlines trying to balance the 
necessity of security with competence, because it is a question 
of competence. We can't seem to get an integrated and concise 
list.
    Mr. Hawley.
    Mr. Hawley. As Mr. Verdery mentioned it, it has had a stop-
and-start history, but it really is back on track and I think 
Ms. Berrick noted some steps yet to take. But we expect the 
final rule to be out in the summer, and the development of the 
program is going along and we are now doing benchmark testing, 
actually operating the system with benchmark data.
    So our expectation is that it will be ready to go, assuming 
the rule is out, in the very beginning of 2009.
    Ms. Jackson Lee. Let me ask Ms. Berrick, what is the 
premier issue that TSA has to address if we are to move forward 
in our security in the transportation system?
    Ms. Berrick. I think there are probably three areas. One is 
really that the airport perimeter security and access controls, 
and there is really two aspects of this. One is the 
implementation of a biometric identification system to control 
access to restricted airport areas.
    TSA has issued guidelines. They have done some pilot 
efforts to get this off of the ground, but this program has not 
been implemented nationwide.
    Another area related to airport security is the screening 
of airport employees, and TSA also has some efforts underway 
through random screening. They also have a pilot effort 
underway that was actually mandated by Congress to explore 
different options for employee screening, but they haven't yet 
made final decisions, so that is one area.
    Another area is air cargo. As was mentioned, TSA is 
mandated to begin 100 percent of screening of air cargo on 
passenger aircraft by 2010. That is going to be a huge effort. 
It is going to be a big change in how they do things right now.
    They have got a plan to do that. GAO has been requested by 
this committee and others to look at their strategy for doing 
that and, as they roll this out, we will be looking at their 
efforts, but that is going to be a challenge moving forward.
    Then, finally, Secure Flight, as you just asked about. GAO 
has been reviewing this program for the past 4 years and I have 
to agree that Secure Flight has made significant progress the 
past year-and-a-half. There is a lot more discipline and rigor 
and the development of Secure Flight.
    There are a few areas that we think TSA should still focus 
on related to the program. One is cost and schedule estimates. 
We don't think that TSA's estimates on the cost and the 
schedule of Secure Flight were developed based on best 
practices, and we had some recommendations to TSA to strengthen 
that.
    Another area is testing. The draft test plans that we have 
seen identify testing, but not end-to-end testing. As you are 
aware, Secure Flight is going to screen both domestic and 
international passengers, so TSA will have to coordinate with 
CBP in getting data to do matching.
    Ms. Jackson Lee. How do you portend to improve the testing?
    Ms. Berrick. We think that in the test plans it should 
reflect the end-to-end system testing from start to stop. So 
instead of doing individual tests at different locations within 
TSA, within CBP, it needs to be end-to-end.
    We highlighted this to TSA. TSA agreed that that is 
important and said that they do plan on doing it. We just 
haven't seen it in the testing.
    Ms. Jackson Lee. The air cargo, do you see a present and 
future plan that TSA is now engaged in to lay out the road map 
as to how they meet the requirements of the deadline that 
Congress has set?
    Ms. Berrick. Yes, they do have a strategy that they have 
rolled out that is moving security further down the supply 
chain where they will certify manufacturers and shippers, 
maintain a chain of custody of cargo. That practice, in fact, 
has been successful in some foreign countries that we have 
highlighted in past reports.
    We haven't independently assessed that. We have been asked 
by this committee and others to do that, and we will be 
reviewing that over the next year.
    Ms. Jackson Lee. Mr. Ervin, I will hold my questions for 
you, because I will now yield 5 minutes to the distinguished 
gentlemen from Florida, Mr. Bilirakis.
    Mr. Bilirakis. Thank you, Madam Chair. Thank you so much 
for holding this hearing, as well.
    One of my concerns has to do with the security and safety 
of our Nation's pipelines. There was an incident near my 
congressional district several months ago in which a pipeline 
carrying dangerous gas was breached, resulting in an evacuation 
of the area.
    This incident and the Federal response raised question 
about the role of TSA in pipeline security and industry 
compliance with the Federal safety and security guidance. I 
have a couple of questions for Mr. Hawley.
    Would you please explain to us how TSA assesses pipeline 
security threats and monitors industry compliance with Federal 
security standards and guidance. As well, how would you 
characterize industry compliance with those standards?
    Mr. Hawley. In the how do we keep them posted and how do we 
develop threat information and share that, that is something 
that we do on a daily basis and, as we identify threat 
information anywhere in the world, we share it with the 
industry. We do not, unlike some of the other areas that we 
regulate, have a fleet of inspectors for pipelines.
    So what we do is we work with best practices with industry 
associations and industry companies that the pipeline is a 
network and having security measures that keep the network 
operating is the No. 1 priority. Then individual security plans 
all along the way are things that we work with them on best 
practices and then go out and do audits of whether or not they 
are complying with them. In the audits that we have done, we 
have found very good compliance and a willingness to change, as 
need be.
    Mr. Bilirakis. Okay, again for Mr. Hawley.
    In your written testimony, you mention that the TSA has 
reviewed company adoptions of pipeline security guidelines and 
developed a best security practices document based on the 
observations throughout the industry. Are these guidelines 
voluntary and, if yes, does TSA have the authority to require 
industry compliance with these guidelines and standards?
    Mr. Hawley. They are voluntary and they are, from the point 
of view of we have overall authority if there were to be a 
particularly compelling need for public health and safety to 
get at compliance.
    However, it is an interesting area and, again, in terms of 
authorization legislation coming out of this committee, I think 
it could be clarified to some extent.
    Mr. Bilirakis. Thank you. Do you agree with me that an act 
of vandalism against a pipeline, such as the one in my 
congressional district, carrying hazardous substances, can 
threaten the public in the same manner in which a deliberate 
act of terrorism against them? Do you believe the Federal 
pipeline security guidance adequate to stop acts of vandalism 
against pipelines like the incident, again, in my district, or 
something worse, a deliberate act of terrorism?
    Mr. Hawley. Vandalism is something that is pretty hard to 
prevent, but we look at the networks, so first of all there are 
controls within the network that would limit damage to one 
area. Then, frankly, as individual punctures, perhaps, are 
made, there are safeguards in place to limit the damage that 
could be done there. There are prudent security measures that 
go to the hardening and the physical security of it.
    But given the length of the pipelines in this country, 
preventing the vandalism opportunity is extremely, extremely 
difficult.
    Mr. Bilirakis. Are there clear roles and responsibility for 
TSA and DOT regarding preparing for and responding to pipeline 
safety and security incidents?
    Mr. Hawley. Yes, we have an MOU between us and that is 
written down and signed.
    Mr. Bilirakis. Okay, how does TSA differentiate between a 
security-related pipeline breach and a safety-related pipeline 
incident?
    Mr. Hawley. We have those issues across the board with DOT 
and we have agreements that define them. But, essentially, it 
is on a security threat, we have to share equally back and 
forth because first you may not know. But it is principally at 
the intel level at the kinds of regulatory things that we come 
out with or recommended practices that we come out with that 
would get at a security breach that may not be addressed by a 
safety breach, in other words, willful intent versus an act of 
God.
    Mr. Bilirakis. Thank you.
    Madam Chairwoman, one more question.
    The 9/11 bill included a requirement for TSA to visit the 
top 100 most critical pipeline facilities in the United States, 
six of which are in Florida. Does the fiscal year 2009 budget 
request provide sufficient funding to develop and implement the 
required strategy to review the security plans of pipeline 
operators and actually carry out inspections to ensure their 
adherence to existing Federal security guidance?
    Mr. Hawley. I don't know, but I will have to get back to 
you on that.
    Mr. Bilirakis. Okay, thank you very much. Thank you.
    Ms. Jackson Lee. The gentleman's time has expired.
    Let me acknowledge the presence of the distinguished 
gentlelady from New York, Ms. Clarke, and Mr. Perlmutter, the 
distinguished gentleman from Colorado.
    I now yield 5 minutes to the distinguished gentlelady from 
New York.
    Ms. Clarke. Thank you very much, Madam Chair, Ranking 
Member Lungren.
    Over the past several years, as DHS and other security-
related agencies have implemented new procedures, one of the 
biggest changes has been the combining of several watch lists 
into a single database, I suppose in an effort to be efficient. 
The use of that database was to screen the public.
    In the years since this began, we have found that while it 
is a great idea in concept, there have been problems putting it 
into practice, as many innocent people have been mistakenly 
swept up, most commonly while traveling.
    Although the long-awaited Secure Flight program should help 
reduce the number of misidentifications, it will not nearly 
solve the problem by itself. It must be supported by an actual 
redress program.
    In February 2007, TSA, which scans more people against the 
database than any other government entity, implemented the DHS 
TRIP program, which has since been reclassified as the 
Department's Office of Appeals and Redress, to provide such a 
program that should allow passengers the opportunity to clear 
their names and to avoid misidentification.
    Assistant Secretary, would you give us sort of a sense of 
where we are with that process, how accessible it is to the 
public and what your assessment of its effectiveness has been 
when you look at the mis-IDs in the data base?
    Mr. Hawley. Yes, Secure Flight, I believe, will virtually 
solve the problem in that there won't be misidentifications 
because we will be getting the data, specifically date of birth 
and the other data elements, that will allow us to resolve 
whether or not that is the person.
    So in terms of people who are misidentified, I think that 
problem will virtually go away.
    Secretary Chertoff has as one of his top personal 
initiatives with TSA putting in place whatever we can do 
immediately, given the problems that it causes for regular 
travelers. And is a function of the airlines' reservation 
systems, where some airlines have a very good way of matching 
people. Others do not, so it really does depend on what is 
going on in the airline reservation system.
    So, working with the airlines and making some process 
changes with how we handle it, we are working actually in 
advance of Secure Flight to try to meaningfully address that 
problem so people don't have to wait until Secure Flight.
    Ms. Clarke. I mean, is this real time? We have a global 
event coming up in the Olympics, where a lot of people with a 
lot of different types of names are going to be moving around 
the world, some coming through U.S. airports. Do you believe 
that we are in a position by the time that the Olympics start, 
to be able to screen people efficiently and effectively.
    Mr. Hawley. I do. I think another part of this, the 
Terrorist Screening Center, has announced, and we have 
supported and helped with reducing the actual names on the 
watch list, to scrub it and re-scrub it to have it be the 
smallest possible, which obviously gets at the root cause.
    I am highly confident that anybody who should be caught by 
the filter is going to be caught by the filter. The consequence 
of course is, as you note, with many configurations of names, 
it is possible to misidentify people. So that is a challenge, 
and I am not sure that that effort that I just described, to 
get ready before Secure Flight, will be ready in fact for the 
Olympics. But, clearly, we have a lot of plans across the U.S. 
Government for the Olympics to make them successful.
    Ms. Clarke. Thank you, Assistant Secretary.
    Mr. Verdery, you represent the National Business Travelers 
Association, which has extensive experience with the 
transportation system. To what extent have they been impacted 
by problems with the use of screening programs?
    Mr. Verdery. I have seen increasing cases of 
misidentification. Most of the times, it is just the fact that 
people have the same names, common names, and that the TSA and 
other screening agencies just don't have enough information to 
differentiate the people on the spot.
    We did a survey earlier this year and found that there was 
a large number of people, of companies, that had had employees 
in this situation. Many of them had used the DHS TRIP program. 
Those that had used it found it successful, but not enough 
people knew about it.
    In addition to Secure Flight, which I support and hope will 
move quickly, Customs and Border Protection sees lots of people 
every day at land borders and air borders and people are 
screened for other purposes, whether it is buying guns or other 
purposes you can imagine coming down the pike for registered 
traveler programs and registered other programs.
    So that is why we have been very supportive of your bills, 
to codify TRIP and expand it and provide it the resources. We 
think a program of this magnitude deserves an authorization, 
and so we have been happy to work with your office and hope 
that the committee will move forward on it.
    Ms. Clarke. Thank you, Madam Chair.
    Ms. Jackson Lee. The gentlelady's time has expired.
    It is now my pleasure to yield 5 minutes to the ranking 
member, Mr. Lungren.
    Mr. Lungren. Thank you very much, Madam Chair, and I was 
glad that I could get back while we are still going on and 
before we have a vote.
    Let me ask the four of you, one of the controversial 
programs that was started a number of years ago was the Federal 
Flight Deck Officers Program, which allows officers, that is, 
pilots and copilots, when properly trained, to carry weapons 
onboard in the cockpit. Do any of you have any problems with 
the continuation of that program?
    Mr. Hawley. No, sir, I find it very effective security.
    Ms. Berrick. GAO hasn't reviewed this program. DHS IG has. 
They identified some positives and then also some areas for 
improvement.
    Mr. Ervin. I am supportive of the program, sir. If 
anything, I think it should be expanded. My understanding is 
that there is still only one training facility in New Mexico.
    I think the number of training facilities should be 
expanded. I think more pilots ought to be allowed to 
participate in this program. Furthermore, my understanding is 
that they have to pay their own lodging and food expenses, so 
anything to increase the ranks, with proper training, of 
course, is something that I would very much support.
    Mr. Lungren. Mr. Verdery.
    Mr. Verdery. I support it, although I get worried with all 
the tarmac delays of what kind of mood the pilots are in.
    Mr. Lungren. I would ask all four of you, then, we are now 
taking a retrospective of the first 5 years of TSA. We are 
looking forward. What would be your one or two top priorities 
going forward with TSA?
    Mr. Hawley. To work with the Congress to have the 
imagination and courage to step beyond the got-you mentality, 
to go at proactive security and I think support our officers in 
the training and their ability to act nimbly. I think that 
would be No. 1.
    Mr. Lungren. Ms. Berrick.
    Ms. Berrick. A few. Implementing a biometric identification 
system for airports nationwide to restrict access to restricted 
areas within airports. Then also TSA making final decisions 
about what to do in terms of screening airport employees--they 
have a pilot right now--having made a final decision on how 
they are going to address that vulnerability. Then, finally, 
moving forward on their strategy for doing 100 percent 
screening of air cargo, making sure that their plans are solid 
and that they have controls in place to make sure that it is 
working properly.
    Mr. Lungren. Mr. Ervin.
    Mr. Ervin. I would largely agree with Ms. Berrick, sir. I 
think it is absolutely critical, and I am pleased by what 
Secretary Hawley said today about expanding the deployment of 
technologies like multi-view X-ray technology and backscatter. 
I would like ideally to see that deployed at every checkpoint, 
at least at our major airports in the country as quickly as 
possible. I would support further appropriations to TSA to 
facilitate that. That is the only way, ultimately, that we can 
increase these performances on these undercover tests.
    Second, as Ms. Berrick said, air cargo, I think it is 
essential that we move forward on 100 percent screening and 
that all that screening be done by TSA personnel. Then, third 
and finally, as she said, I am very concerned about the fact 
that we are not routinely screening all airport workers other 
than pilots and flight attendants.
    Mr. Lungren. Mr. Verdery.
    Mr. Verdery. Three quick ones. One is making sure to align 
your authorizing requirements with the appropriators. We are 
getting a little bit out of whack with authorizing language 
coming down that can't be funded or isn't being funded. That 
leaves Mr. Hawley and his successors in the impossible position 
of mandates that they just don't have money to go fulfill.
    Second, your jurisdictional argument you made, I think I 
have personally appeared before 22 of the subcommittees out of 
the 86 that have some jurisdiction over DHS. It is 
unconscionable, even the hearings that you see is just the tip 
of the iceberg of oversight that just swallows up so much time 
by the secretary on down. It has to be streamlined.
    Third is use of biometrics, mobile biometric equipment, 
especially, in a range of applications, whether it is access 
controls, employee screening or the construction of an exit 
program for US-VISIT.
    Mr. Lungren. Mr. Hawley, if I could switch gears a moment, 
we talked a lot about aviation but surface transportation and 
rail, there is a responsibility in your TSA to come up with 
rules with respect to HAZMAT, and I know you share that with 
DOT. I know DOT's rulemaking, I believe their work that they 
have done is I think before OMB right now. I wonder, where is 
TSA with respect to it? As I understand it, you focus on where 
the highly HAZMAT cars are attended and where they are handed 
off between railroads or between a railroad and a shipper, as 
opposed to DOT's responsibility. Can you give us an update as 
to where you are with rulemaking on that?
    Mr. Hawley. I believe it is undergoing administration 
clearance. We have a very--it is the same things we talked 
about pipelines--a very close relationship with the Federal 
Rail Administration, and we do in fact look at particularly the 
HAZMAT cars, wherever they may be. Our particular focus is to 
get them out of areas, standing still and, particularly, 
unattended. So that is the center of our target area that we 
want to keep them out of there.
    But we have to be able to identify where they are if indeed 
there is, particularly a terrorist threat, we need to know 
where the cars that might be targets are. That is something 
that we share with DOT.
    Mr. Lungren. Thank you very much, and thank you.
    Ms. Jackson Lee. Thank the ranking member.
    The gentleman's time has expired. I yield 5 minutes to the 
distinguished gentleman from Colorado, Mr. Perlmutter.
    Mr. Perlmutter. Thanks, Madam Chair.
    Secretary Hawley, a couple months ago you and I attended a 
conference out in Denver about the employee screening and I 
think under the 9/11 bill there are seven airports that are 
selected as models or pilots, thank you, for this employee 
screening.
    Can you tell us where we are on that?
    Mr. Hawley. Yes, I believe they will start next month, in 
May, including in Denver. We will have an answer for the 
Congress by the end of the year.
    Mr. Perlmutter. The chairwoman and I and a couple of others 
visited Colorado last summer, where we were at the 
Transportation Technology Center and, as part of that 9/11 
bill, we also authorized Pueblo, Colorado, Transportation 
Technology Center, to be one of the centers of learning for 
transportation security.
    Are you familiar with that at all? Do you know where we are 
on that?
    Mr. Hawley. I am familiar with the center. I am not exactly 
sure what aspect of that we are driving at. I can certainly 
check----
    Mr. Perlmutter. The goal was to put together some training 
facilities there that not only focused on safety, which was 
more the transportation side of it, but also to develop some 
security measures as, for instance, subways or trains that 
might be subject to sabotage in some fashion or another. I know 
that that is now part of our whole six or seven training 
centers. What is it called, consortium? The national 
consortium.
    I can't spell, either. I guess I can spell national. I 
can't spell consortium. I can. I really can.
    Ms. Jackson Lee. We won't test you today.
    Mr. Perlmutter. Would you check on that for us?
    Mr. Hawley. Yes, sir.
    Mr. Perlmutter. Last question, or I guess I can have a 
couple more, Congress has appropriated a significant amount of 
funding to DHS and TSA for research, development, test and 
evaluation and deployment of checkpoint screening technology 
since 9/11, yet when I read your papers, I think that only two 
new technologies have been deployed.
    Is there anything in particular blocking the development of 
the new technologies? Maybe other members of the panel have 
some comments on this.
    Mr. Hawley. I think if I got a couple extra on Mr. 
Lungren's question about things for the future, I think the way 
the capital markets deal with security technology is a massive 
problem in that we get an appropriation from Congress to buy 
certain things and there are companies that step forward and 
say, yes, I have got those and we will take your money.
    However, there is a vast scientific community in the world, 
and certainly in the United States, who, if we could get them 
engaged earlier in the process to present new ideas and new 
technology to us, we would be able to move a whole lot faster.
    So I think there is an acquisition-based mentality about 
purchasing security equipment that does hold us back. Having 
said that, I did say we are rolling out the A.T. now at an 
additional 580 machines this year, 30 new millimeter wave, 200 
new of the liquid bottle scanner. We will have by the end of 
the year over 900 handheld new explosive detection devices.
    So we are moving it out, but I think it could move faster.
    Ms. Berrick. The GAO has reported on checkpoint 
technologies and we have reported that the deployment of these 
has been slow, I think slower than TSA anticipated. The 
explosive trace portals were deployed. There were maintenance 
and performance issues with those. The deployment was halted. 
The liquid bottle scanners were also deployed.
    Now, in the coming year, there is going to be a lot more 
deployments. Some of those technologies have also been delayed 
due to performance and maintenance issues. Some of the causes 
we identified were coordination problems between DHS S&T. They 
do have a memorandum of understanding that they have been 
signed and I think coordination has improved.
    Also, Congress mandated that TSA develop a strategic plan 
for their strategy for deploying technologies. TSA hasn't yet 
delivered that, although they can articulate, obviously, a 
strategy for moving forward on checkpoint technologies. We are 
going to be issuing a comprehensive report on how to improve 
the process of fielding technologies in a couple of months.
    Mr. Perlmutter. Madam Chair, I yield back.
    Ms. Jackson Lee. I thank the gentleman. His time has 
expired.
    I have a few more questions. I yield myself 5 minutes. I 
note the ranking member does.
    But let me try to be very pointed with this line of 
questioning and also rapid-fire. Some of the answers, I may ask 
for you to put them in writing and I may also abbreviate your 
answers, and I apologize for that.
    As we indicated, we are grateful for the employees, and we 
should not be questioned about our commitment to the duty of 
the employees and the leadership because we are asking 
questions that will further enhance the security of this 
Nation.
    So I am concerned, Assistant Secretary Hawley, about the 
GAO's high-risk list that some of the aspects of your 
Department are engaged in. My question is, just quickly, are 
steps being taken to remove the TSA from high-risk areas, 
according to GAO?
    Mr. Hawley. Yes, a number of the recommendations made from 
the GAO reports we agree and have taken action on. I think Ms. 
Berrick mentioned air cargo, a study that they did in 
recommending that we evaluate an international air cargo regime 
and we have in fact done that, and in fact that is the 
direction that we are headed.
    Ms. Jackson Lee. But, in your tenure, do you believe that 
you can answer all the questions that placed in these aspects 
of your Department on the at-risk list? Is that something that 
you are looking to achieve?
    Mr. Hawley. We are addressing all the issues on the 
programs we have. We cannot get them all solved in this 
immediate time, because very many of the recommendations have 
to do with building long-term, sustainable processes that take 
time and actually taking the time to do it right. But I think 
that is the way to go.
    Ms. Jackson Lee. Would you please give me maybe your 
resolutions and your status in writing--I would appreciate 
that--to the committee?
    I also would like to just hear a yes or no answer. There is 
a transition, there are Presidential elections coming up. Is 
TSA in particular looking at the transition and preparing a 
road map so that there is no gap in leadership from the time of 
transition from one administration to the next.
    Mr. Hawley. Yes, can I give a short----
    Ms. Jackson Lee. Short.
    Mr. Hawley. The deputy administrator is a career official 
who has been in the business 30 years, one of the founders of 
TSA. Our senior leadership team has been meeting for over a 
year without me to prepare for this and there are three 
political appointees at TSA, so I view our preparations as 
complete.
    Ms. Jackson Lee. Would you provide that to this committee 
in writing, as well? I think it is a very serious issue.
    I believe that we should look at all aspects of information 
askance, but I do believe that information in the media 
provides an important opportunity for information that we 
should have. As you well know, and you indicated, that we may 
have not had all of the accurate facts regarding the CNN story 
on the U.S. air marshals, the Federal Air Marshal Service, but 
can we not at least admit or concede that there have been 
discussions about morale and discussions about work conditions 
that need to be improved?
    My question to you is does any of that impact the security 
of this Nation and, as the person who has oversight over that 
service, the air marshals, what unique changes are being made 
to ensure, one, that there is an expanded coverage of our 
airlines, particularly when we see airlines getting larger and 
larger, by merger, and that we improve the work conditions.
    I would like Mr. Ervin, if he is in any sense aware, even 
from the time he was at the Department of Homeland Security, 
how we can fix some of the factors that are in the Air Marshal 
Service.
    Secretary Hawley.
    Mr. Hawley. When I came into the job, one of my top 
priorities was people of the Federal air marshals, that the 
agency was stood up quickly. Dana Brown, who is the director, 
has that as his top priority. He has been in the job 2 years 
now and they have had extensive outreach, extensive changes. I 
think if you were to visit widely with the Federal Air Marshal 
Service, as I do, as you know. I do these town halls, and there 
is definitely an uptick in opening and opening communication 
and their mission importance is unbelievable and I think that 
raises morale, as one of the most important tools the secretary 
has across the board for counterterrorism.
    So the VIPERs, some of these things are addressing issues 
such as I don't want to be stuck in a plane my entire career. 
Give me some additional things where I can use my brain and 
keep fresh. We have done that and I think the results show it.
    Ms. Jackson Lee. Well, I want to publicly say on the record 
that I would like to have a meeting with a number of the front-
line air marshals that are actually flying. I hope that you 
would give them the privilege of speaking clearly and openly. I 
do think that is a concern.
    They are law enforcement officers and they have attention 
to order. We have not been able to get directly the actual 
impressions of many of them, and I would hope maybe to invite 
you and have them feel free to be able to express their 
concerns, which deal with ours, which deal with transfers, time 
off, but more importantly, all of that impacts the security of 
this Nation.
    Would you, Mr. Ervin, comment? You were enthusiastic about 
the Flight Deck Officers Program, but I must raise the question 
that there was an unfortunate accident that occurred by a gun 
going off by one of the pilots, one of the major airlines. 
There is some suggestion that the equipment is not appropriate. 
Did you see any need for changes or oversight that we can do 
better?
    I happen to believe training, the right kind of equipment, 
it may not be the best kind of equipment, and the training 
process may be fractured or may be failing, and we can't afford 
those kinds of accidents any time it is used. We hope it is not 
used, but we certainly hope it is used both in need, but also 
that it is used successfully, a weapon that a pilot may carry. 
Can you speak to the air marshals, as well as the issue dealing 
with the flight deck officers carrying guns?
    Mr. Ervin. Certainly, Madam Chair. Thank you for the 
opportunity to do that. Certainly, I deplore that accident, and 
there is no question but that with regard to the Federal Flight 
Deck Officers Program there has got to be adequate training. 
That is why I mentioned there is still only one training 
facility, as I understand it. That has got to be expanded. 
Training has got to be----
    Ms. Jackson Lee. So you would suggest that one of our 
investments should be another training facility.
    Mr. Ervin. Absolutely. In theory, the program is a great 
one and it can serve to supplement the air marshal program, so 
to segue into that----
    Ms. Jackson Lee. Should we also look at the equipment that 
they use? It may not be well-suited for the flight deck.
    Mr. Ervin. Absolutely. There is no question but that we 
need to do that. I am simply saying that in theory the program 
is a good one and it can amplify the air marshal workforce. 
With regard to air marshals, I was very careful in my testimony 
to say that this was a CNN report.
    I hope Secretary Hawley is right that the overall coverage 
is more than 1 percent, but obviously we can't talk about that 
in any detail in open session. I just urge the subcommittee to 
verify what Mr. Hawley has said. I hope he is right. I expect 
that he is right, but to verify that by calling on either GAO 
or the inspector general to do a classified investigation of 
the matter.
    We have to have 100 percent coverage of at least the 
highest-risk flights into and out of our largest cities and as 
much coverage as possible of the other flights in the country. 
If we need to supplement the workforce with additional current 
and retired law enforcement personnel, military personnel, we 
ought to do that.
    Ms. Jackson Lee. Would you hold to the fact that morale, 
work conditions, is certainly a key responsibility of this 
committee in terms of oversight, but, more importantly, plays 
very keenly into the security of our Nation in terms of how air 
marshals either are staffed and/or what their conditions are, 
what the level of their performance is at the time that they 
are on the job? All these elements, I think, have to be 
improved.
    Mr. Ervin. Absolutely. Morale is a huge issue, not just 
with regard to pilots and with regard to air marshals, but also 
with regard to transportation security officers. Morale is a 
security issue in the post-9/11 world.
    Ms. Jackson Lee. I have one more question and it goes to 
this continuing challenge that we have on the 100 percent 
inspection of cargo. You know the 9/11 Commission Act of 2007 
wants or dictates to screen 50 percent of air cargo transported 
on passenger aircraft within 18 months and 100 percent within 3 
years.
    Here is my dilemma, and this is to Assistant Secretary 
Hawley, I understand that you have been aggressively moving a 
program to screen all major airport activities. I understand 
the program is relying heavily on the use of X-ray 
technologies.
    I think you know there has been significant concern by 
passenger cargo carriers and their customers that the current 
screening process, and to some degree the use of X-ray 
technology has been ineffective, may cause some delays. I am 
committed to 100 percent screening. Our ranking member has 
indicated we may need to look at this and how we move it, but I 
am committed to technology. I am interested in what 
technologies TSA is considering.
    What is the internal process used to test and certify such 
technologies, given the rapidly approaching 2010 deadline for 
100 percent cargo screening? What is TSA's timeline to 
implement new cargo screening methods? Are you looking at the 
vast array of technology?
    For example, I had the opportunity to visit a major 
passenger cargo carrier facility and I personally witnessed the 
loading and unloading of cargo. But, during that visit, I saw 
not only the carrier's current cargo screening process, I was 
able to see new technology on the premises that were being 
demonstrated by a small, minority-owned company, and you know 
that this committee, the large committee, is focused on these 
opportunities for looking for good technology, efficient and 
effective.
    I later discovered that it was the carrier that expressed 
an interest in this new technology, not TSA, that the 
technology has either been reviewed by TSA but certainly has 
not been approved by TSA because of the layered and complex 
approval process.
    Is TSA relying on carriers to source new technologies and 
set standards for treating cargo? If so, what direction, if 
any, is TSA giving the carriers? It seems TSA has placed the 
responsibility squarely on the carriers. What efforts are you 
making to move internally technology through the process, so 
that if it is good, if it does work, it can be implemented and 
be a partner with TSA to meet our goal of 2010 for 100 percent 
screening?
    Mr. Hawley.
    Mr. Hawley. Yes, before giving the detailed answer, I think 
both you and the ranking member talked about being part of the 
solution and cooperatively working together, and I think air 
cargo is a perfect example, where I remember contentious 
hearings on this topic in the past. We worked very hard 
together to arrive at a solution where now our conversations, 
we agree on the goal. Now it is on the oversight of how we are 
to implementing it, so I think that is a very positive thing.
    As to the technology, last week, we put out to the airlines 
the list of technologies that they can go ahead and buy now and 
start screening with. We have worked with some of the cargo 
intermediaries, 60 of them, I think, and we have got about $12 
million, where we are going to help to use that as seed money 
to get them to--it answers the question Mr. Ervin raised in his 
testimony about getting the intermediaries to step up and start 
screening.
    Ms. Jackson Lee. We can see that X-ray is not always the 
best technology for this.
    Mr. Hawley. That is correct, and we are looking at ways. 
The biggest problem is getting palletized freight, once it is 
already built up into a pallet, to do effective screening of 
that. If we could do that at palletized, it would open up more 
opportunities at the airport, whereas today what we are trying 
to do is get them while they are still in boxes screened before 
they are put into pallets and then secure it before it gets to 
checkpoint.
    Ms. Jackson Lee. Does that mean the idea of this new 
technology that I was able to visit, or to see, rather, and it 
might be occurring in airports or cargo areas around the 
Nation, is there a streamlined and expedited process that you 
can then expedite the review and assessment of whether these 
are credible new technologies and get them out there, working?
    Mr. Hawley. Yes, this is probably the area I am most 
personally involved with on the air cargo program is the 
opening up of the accessible technologies to get at it. So it 
is something very, very high priority for me.
    Ms. Jackson Lee. Well, I would like to direct these 
individuals that are scattered across the Nation to a system 
that really works. I would ask for, again, in writing for the 
committee, what the process is for streamlining assessment of 
technologies, what is the array of technologies that you are 
using beyond X-ray and, I guess, your assessment of the ability 
to reach our goal by 2010.
    I think asking the question on December 31, 2009, is not 
going to be helpful to whether or not we get 100 percent 
screening. It is in the law now and it is certainly something 
that we should try to establish. So I would ask for a full, if 
you will, reporting on that and that assessment.
    Let me indicate that the ranking member have additional 
questions, and at this time I will yield to him.
    Mr. Lungren. Thank you very much. First of all, just a 
comment on the episode with the one flight deck officer. That 
is one out of many.
    Now, we have been briefed on how many there are and how 
many flights and so forth, but we can't say that in public. All 
I can say is that was one out of very many, and that is not a 
bad record.
    Mr. Hawley. I can say for that holster, which has been in 
use for a little under 2 years, there have been over a million 
flights with that holster without a problem. I think the 
problem is not the holster.
    Mr. Lungren. That is not bad, one out of a million. That is 
kind of the record we set around here in Congress. We make one 
mistake out of a million. We kind of like that.
    Then, for the Federal air marshals, let us be honest, that 
is a tough job from the standpoint of morale. You are flying on 
airplanes and there is no trouble, you go on an another 
airplane, there is no trouble. You go on another airplane, 
there is no trouble.
    I mean, any of us who have any family members who have ever 
been in law enforcement know about law enforcement. I mean, you 
can go through boring times and then you have some exciting 
times. Then you go through some boring times. Thank God, in 
most cases, our Federal air marshals get no exciting times.
    So, I know, Mr. Hawley, you have tried to do some other 
things which allowed them, perhaps, to take on some other 
responsibilities on a rotating basis, and I know you have 
gotten some criticism for that, as well. But I understand that 
is an immediate challenge.
    Let me ask you a question that was brought up by the 
written testimony of Mr. Ervin, and the was talking about the 
behavior detection program and concern that there is adequate 
training such that we don't have a problem of either racial 
profiling or ethnic profiling. The reason why I think it would 
be good for you to make some observations on that is just this 
weekend I was with some people who have nothing to do with law 
enforcement, nothing to do with TSA, not in politics and they 
were talking about that one incident, which they thought was 
very positive. But they say, how do you make sure there isn't 
that kind of profiling? I tried to explain it to them, but 
maybe you could, for the record.
    Mr. Hawley. I think it is a very legitimate question, 
because it is one of the best pieces of security we have, and 
we need to make sure that it withstands all of the tests so 
that we can keep using it. We have a very disciplined program 
at TSA for how we do it and measure it and track it.
    However, I have asked for a full civil rights, civil 
liberties review of the program, independent review, to lay 
out, so that people will have some confidence in this question, 
so that it is not just me answering the question that we have 
disciplines in it, that we will have an outside look. I think 
it is very important that the credibility of the program be 
strong, because it is so much more effective than trying to 
find little scraps of metal on an X-ray image 2 million times a 
day.
    So having that behavior-detection layer is a critical piece 
of the total security package.
    Mr. Lungren. Is it not true that the Israelis have used 
that for years as an effective means of their screening 
program, particularly at the airports?
    Mr. Hawley. Yes, and ours is different in some respects 
from theirs, and certainly law enforcement has used it over 
many, many years in different forms. Our approach is that we 
have it constrained very tightly and disciplined, so that we 
are able to explain why this spot intervention was made and why 
that one wasn't, so that it is clear it is not based on race or 
any other thing.
    Mr. Lungren. Now, I presume that you are--well, I hope you 
are constantly updating it such that you are taking information 
from the intelligence community and other episodes around the 
world that would give you up-to-date information on kinds of 
things people would be attempting to do, and therefore 
behavioral responses to those duties, terrorist duties, that 
they might be embarking on.
    Mr. Hawley. We are indeed. There are two parts of it. One 
is this training I mentioned in my opening statement, that we 
are doing 12 hours' worth of training for everybody, and a 
large part of that are things that we have learned on the 
behavioral side and then how terrorists approach and try to do 
distractions, et cetera.
    The other is locking in the document checker with the 
behavior detection, so that that is a way, because you are 
going to be able to talk to the individual at the document 
checker. So the behavior person will identify somebody they 
want a little extra attention to and then the document checker 
can check the documents and have a conversation, so locking all 
that together.
    Mr. Lungren. Well, that is why they took so much time with 
me at Dulles Airport just 2 weeks ago.
    Let me just ask all four of you, very quickly, are we doing 
a good enough job--and I will start with Mr. Verdery and move 
in reverse order. Are we doing a good enough job in leveraging 
the private sector in this? In other words, are we doing a good 
enough job of making sure that the private sector is part and 
parcel of our effort?
    We spend a lot of money on budget and everything else. Of 
course, I keep thinking of registered travelers being one 
possibility where the private sector works to complement what 
the public sector is doing. I am not talking about the bells 
and whistles, but I am talking about some additional 
information and so forth that they might have. If we are not, 
do you have any suggestions about how we could do a better job 
of leveraging the private sector's participation in this 
overall effort?
    Mr. Verdery.
    Mr. Verdery. Well, on the equipment procurement side, as 
Mr. Hawley mentioned, it is a problem that the budgetary ways 
of Congress of allocating money year to year doesn't match up 
with kind of the buying equipment that is very expensive and 
takes many years to recoup that investment, so that is a 
problem on how things are purchased, especially in an era when 
TSA's budget is essentially flat.
    Over the last couple of years, more and more money, more 
and more DHS money is being sucked up by CBP and ICE on 
immigration enforcement. I won't argue about the relative 
merits of it, but it is a fact.
    I do think, with working on the private sector, we are 
going to see two big things come together as what we are going 
to do with Registered Traveler, and I spoke to that in my 
statement. I am supportive of it and would like to see it 
expand. Then what we are going to do on the exit program for 
US-VISIT, which we understand the rule that is going to be 
promulgated imminently. The question is are you going to ask 
the airlines to do this? Are you going to allow Registered 
Traveler providers to take care of this, or is TSA going to 
take responsibility?
    We know what the administration wants to do is to have the 
airlines do it, but they are an unwilling recipient of the 
football here, and so it is going to be a rulemaking, we will 
have to fight it out. But those two issues are going to come 
together at the checkpoint, where you have private sector 
equities in play and it is going to require some tough 
decisions as to who has the responsibility and who can do 
things the most efficiently.
    Ms. Jackson Lee. I just want to remind the witnesses, we 
are going to have votes in 5 minutes, and if your answers could 
be concise, thank you.
    Mr. Ervin. I will be very brief. Mr. Lungren, it is really 
difficult to give a short answer to that question. It is a very 
big question. I would agree with what Mr. Verdery said about 
Registered Traveler. I am a supporter of that program. It is a 
very good example of a partnership between TSA and the private 
sector.
    As he said, I think that the contracting procedures are too 
cumbersome, in that they ought to be streamlined so that 
smaller businesses in particular can bring to the fore 
technologies that they have developed. On the flip side of it, 
though, I would stress that I don't think we should outsource 
security to the private sector, and so that is why, as I 
highlighted in my testimony, I have been concerned about this 
notion that airlines should be allowed to police themselves 
with regard to this 100 percent cargo requirement. I think that 
is going in the wrong direction.
    The whole point of creating TSA after 9/11 was the 
recognition that, left to their own devices, airlines won't 
police themselves.
    Ms. Berrick. I think partnerships have significantly 
improved since GAO started looking at aviation security 5 years 
ago, both in aviation and surface modes of transportation. Some 
quick examples on aviation: I think TSA is putting a lot more 
focus on coordinating with international partners in other 
countries. I think that is a great success story.
    Also, passenger pre-screen, matching passenger information 
against terrorist watch lists, TSA is doing a much better job 
coordinating with air carriers. On the surface modes of 
transportation, TSA has really reached out this past year-and-
a-half to work with stakeholders on surface modes of 
transportation and work collaboratively with them, which wasn't 
always the case prior to that.
    One area to focus on, I think, related to partnerships is 
in surface modes of transportation. I mentioned in my opening 
statement that the 9/11 Act has a lot of requirements for TSA 
to implement and also the transportation operators to implement 
for security.
    TSA has about 100 inspectors to do a lot of work. We have 
heard from TSA and also from transportation operators that they 
are concerned these inspectors are really going to be taxed. It 
is going to be hard for them to implement all of these 
requirements to check security programs, to check training 
programs. So I think that is one area of focus that TSA should 
focus on moving forward.
    Mr. Hawley. In 280 days, I shall be returning to the 
private sector, going back to California. I know from my 
previous experience in the private sector, I would not even 
consider doing business with the government, because it was 
just too complicated, too slow, too many requirements. I think 
that is a problem that the business community, the private 
sector outside of the Beltway, be brought into the game a 
little bit more in terms of thinking about the marketplace for 
the public through the government. I think that is a very 
important thing we need to do.
    I would disagree with Mr. Ervin's comment in terms of I 
think we have to work with our private sector partners. They 
are part and parcel of security, and you don't want TSA 
officers everywhere, but we need to have every airline 
employee, every airport employee, mass transit--all private 
sector, public sector, and even passengers, actively engaged in 
the security process.
    Whether or not it is natural, it has to be a part of the 
security package of this country.
    Ms. Jackson Lee. Let me thank all the witnesses.
    Ranking Member, I was going to interrupt Secretary Hawley 
and rule him out of order when he said that he would be 
departing in 280 days. But we thank the witnesses. In 
conclusion, let me just simply say, Mr. Hawley, I hope you will 
go back. We appreciate the private sector involvement, but it 
is my view that the cargo process needs technology approved by 
TSA and utilized by TSA and to have the oversight that Mr. 
Ervin has spoken about.
    I also want to take note that I believe that we have made 
great strides with the U.S. Federal air marshals, but there is 
more work to be done. We appreciate an accident and one shot, 
but we would like to think that we would want to ensure that 
those kinds of accidents are diminished, because any suggestion 
that we must not be worried leaves us vulnerable to what could 
happen in flight.
    So I would ask for your response to the committee's 
questions on the oversight of this Flight Deck Officer Training 
Program and the U.S. marshals program and, as well, I think one 
of the issues Ms. Berrick has mentioned that is very important, 
the perimeters of the airport and the IDing of the employees 
coming on, working with the employees and unions.
    Let me also say that this committee will have a field 
hearing on the issue of mass transportation and so we are 
concerned about those issues. We thank the ranking member and 
the members who are here.
    I thank the witnesses for their valuable testimony and the 
members for their questions. The members of the subcommittee 
have additional questions for the witnesses.
    We will ask you to respond expeditiously in writing to 
those questions.
    Hearing no further business, thanking the ranking member 
and the committee members, the subcommittee stands now 
adjourned.
    [Whereupon, at 3:45 p.m., the subcommittee was adjourned.]


                            A P P E N D I X

                              ----------                              

Questions From Chairwoman Sheila Jackson Lee for Kip Hawley, Assistant 
   Secretary, Transportation Security Administration, Department of 
                           Homeland Security

                          GAO'S HIGH RISK LIST

    Question 1. Please provide a written response to TSA's resolutions 
and status on the steps being taken to remove the TSA from high-risk 
areas, as outlined in the GAO report. In your response, please include 
a thorough assessment on how the recommendations sighted in this report 
will be incorporated into a plan of action toward ``building long-term, 
sustainable processes'' as the Assistant Secretary had described.
    Answer. Although the Transportation Security Administration (TSA) 
does not have any individual items on the Government Accountability 
Office's (GAO) high-risk list, TSA is participating in the Department 
of Homeland Security's (DHS) efforts to address Department-wide high-
risk items. TSA is an active participant in the newly formed DHS 
Performance Improvement Council which will provide input into the DHS 
Transformation and Integration Corrective Action Plan through the DHS/
GAO Performance Improvement Initiative.
    Component contributions to this Initiative are still in the initial 
stages and each component will meet with GAO to receive feedback on 
current Government Performance Results Act performance measures and 
milestones. Steps will be formulated to address performance improvement 
processes and measures. TSA is scheduled to have its initial meeting 
with GAO in mid-June and as a follow-up will develop or revise 
processes and specific measures based on GAO recommendations.
    TSA is committed to adhering to DHS/GAO guidance on submitting 
timely reports on progress under this Initiative to building long-term 
sustainable processes for the future.

                        CHECKPOINT TECHNOLOGIES

    Question 2. Given the significant investments DHS and TSA have made 
in research, development, and deployment in new screening technologies 
to detect explosives and other threat items on passengers and their 
carry-on items, how effectively are the new technologies working in the 
airports? To what extent has the government's ability to detect liquid 
explosives and other types of explosives at the checkpoint been 
improved by deployment of the explosives trace portal and the hand-held 
bottled liquid screeners?
    Answer. The Explosives Trace Portal (ETP), while improving the 
Transportation Security Administration's (TSA) capability to detect 
certain explosive substances that may be carried by passengers, has not 
been entirely successful in detecting the full range of explosive 
threats of interest to TSA. TSA has worked closely with the ETP vendors 
in order to improve detection sensitivity and product reliability; 
however, TSA is not sufficiently satisfied with the results to commence 
widespread deployment. In addition to the ETP, TSA has begun 
operational testing of Whole Body Imagers (WBI) to detect a broad range 
of explosives and other threat items on passengers. Utilizing 
backscatter X-ray and millimeter wave technologies, the WBI pilots show 
significant promise in detecting explosives and other non-metallic 
threat items that may be concealed on passengers, while the enhanced 
Walk Through Metal Detectors (WTMD) continue to provide weapons 
detection of knives, guns, and other metal threats, as well as 
improvised explosives device (IED) components (i.e. detonators & 
wiring) that would be used in conjunction with the explosives to create 
an IED. To detect liquid threats, prior to the deployment of hand-held 
Bottle Liquid Scanners (BLS), TSA relied on screeners utilizing X-ray 
images on the TRX systems to identify inconsistencies, such as 
detonators and wiring protruding from bottles that were present in 
passenger carry-on baggage. The BLS systems that have been deployed 
enable screeners to screen ``3-1-1'' permitted liquid items and larger 
exemptible liquids (i.e. medications and baby formula) to detect the 
presence of one of the most readily available, liquid explosives 
threats, even at very low levels of concentration. In addition, TSA is 
currently beginning the replacement of aging TRX X-ray units with a new 
generation of Advanced Technology (AT) X-rays. The ATs have 
demonstrated a marked improvement in the detection of liquid explosives 
and other threat items contained in carry-on items.

                      BEHAVIORAL DETECTION OFFICER

    Question 3. How expansive the Behavioral Assessment Program? What 
kind of funding resources have you invested in it? How many of your 
overall employees have had the opportunity to participate in the 
training? Additionally, what is the standard operating procedure for a 
Behavior Detection Officer, once he or she identifies a suspect at an 
airport? What paperwork is filed by the officer, who maintains those 
records, and what office at TSA is tasked with managing the records and 
identifying systemic problems that may surface?
    Answer. The Transportation Security Administration (TSA) operates 
the Screening of Passengers by Observation Techniques (SPOT) Program at 
all CAT X and CAT I airports and a large number of CAT II airports 
nationwide. The specific number of airports using this program and the 
number of Behavior Detection Officers (BDO) deployed nationwide, 
however, is Sensitive Security Information (SSI) and would need to be 
provided in a secure setting.
    The BDO Standard Operating Procedure document is also SSI in its 
entirety, but generally speaking, the program includes the 
identification of specific types of behavior that trigger specific 
responses. Once someone manifests a cluster of these identified types 
of behavior, he or she may be referred to secondary screening or a law 
enforcement officer.
    The SPOT Program was officially launched in fiscal year 2007. 
Funding for fiscal year 2007 for Non-Personnel Costs & Benefits (non-
PC&B) was $1.5 million, and the program was funded $41.5 million for 
PC&B. For fiscal year 2008, non-PC&B costs to date are $1.2 million and 
end of year estimates are $3.2 million. For PC&B these costs are $30.2 
million and $80.1 million, respectively.
    BDO positions have been competitively offered at many airports 
across the country. All TSA employees who qualify at those airports 
have had the opportunity to apply for these positions, and those 
selected for the program receive the requisite training. We are still 
building this program and the number of employees trained in it changes 
weekly. The end-of-year goal is to have well over 2,000 employees 
trained, though the actual number is SSI and would have to be provided 
in a secure setting.
    In addition to the specific behavior detection training that the 
BDOs receive under the SPOT Program, all Transportation Security 
Officers (TSO) receive general behavioral awareness training through 
the TSA On-line Learning Center program as do many Transportation 
Security Inspectors (TSI). This general behavior awareness training, 
though not directly associated with the SPOT Program, is intended to 
enhance the overall capability of the workforce in this area of 
security.
    In reference to SPOT referrals, once a BDO identifies an individual 
manifesting suspicious behavior, he or she institutes what is known as 
``SPOT referral screening.'' This referral screening is non-invasive 
and includes a bag search and engaging the passenger in casual 
conversation in order to identify the origin of the passenger's 
suspicious behavior. As a result of this process, there are two types 
of reporting that can occur: (1) The completion of a SPOT Score Sheet 
and (2) completion of an Incident Report (produced only in the event 
that Law Enforcement Officer assistance is requested).
    The SPOT Score Sheet is a document that the BDO completes following 
each incident of SPOT referral screening. The BDO uses this document to 
record and outline the specific behavior he or she identified that led 
to the referral as well as the action taken as a result of the 
subsequent referral screening (if any action was deemed necessary, 
which does not occur in every case). No personally identifiable 
information is included on the SPOT Score Sheet. This includes name, 
physical characteristics, and ethnicity. A section on the SPOT Score 
Sheet is checked off only if the passenger is assessed an initial point 
if they qualify based on intel-driven specific age and gender 
information. The only other passenger information included on the Score 
Sheet is the flight data and the person's immigration status, if 
applicable (illegal alien or self-deporting.) The Score Sheet also 
includes a section for the BDO's professional analysis and comments on 
the event, and a section for the resulting action taken (if any). This 
score sheet is completed by the BDO at the end of the shift and is not 
done in the presence of the passenger.
    Information from the completed SPOT Score Sheets is entered into a 
national database on a daily--but not less than weekly--basis, and the 
paper copy is filed in a locked cabinet at the respective airport. The 
SPOT Program Office at TSA Headquarters has full oversight of this 
database. The airports also have the ability to monitor the score 
sheets at their airports to maintain full visibility of their program. 
The Incident Reports are provided to the appropriate chain of command 
at each airport for appropriate processing/follow-up activity.
    The SPOT Program is responsible for the overall management of the 
SPOT database electronic records and for establishing an appropriate 
record retention process. The record retention process includes the 
establishment of a record disposition schedule for approval by the 
National Archives and Records Administration to develop a formal policy 
and procedures for SPOT paperwork. This process is currently in the 
coordination and approval phase. The only physical paperwork produced 
is appropriately maintained at the airport level.
    While BDO Transportation Security Managers at each airport are 
tasked with reviewing the referrals made at their airport for trends, 
the SPOT Program Office also provides oversight on a national level 
through its weekly review and analysis of the electronic data captured 
in the national database, utilization of a standardization team, and 
relationship management with the airports' SPOT points of contact. The 
airport SPOT POC is the individual responsible for having local 
oversight of the SPOT program at his or her respective airport. This 
role may be filled by the Assistant Federal Security Director or 
another TSA management representative at the airport.

                       SECURE FLIGHT--WATCH LISTS

    Question 4a. What critical activities are included in the $82 
million request for fiscal year 2009 funding for Secure Flight?
    Answer.

                     FISCAL YEAR 2009 SECURE FLIGHT
------------------------------------------------------------------------
                                                                Proposed
                                                                 Amount
                  Critical Spend Activities                       (in
                                                               Millions)
------------------------------------------------------------------------
Personnel Compensation & Benefits (PC&B) for Program Full            $16
 Time Equivalents (FTEs) and Facilities Costs................
Business Operations, Program Management Office (PMO), Privacy         12
 and Implementation Support..................................
Iterative Secure Flight System Development and post-                  15
 production application support..............................
Operations and Maintenance of the Secure Flight System and            12
 associated hardware/software................................
Secure Flight Resolution Service Center Operations...........         12
New IT hardware purchases and technology refresh.............          4
Airline Employee Vetting activities..........................          5
DHS Router Costs.............................................          6
                                                              ----------
      TOTAL..................................................         82
------------------------------------------------------------------------

    Question 4b. When will the system be fully operational for domestic 
watch list matching? For international watch list matching functions? 
Do you believe your schedule is realistic, given the program's past 
history?
    Answer. The Transportation Security Administration anticipates that 
it will assume full watch list matching for all domestic aircraft 
operators by July 2009 and for all international aircraft operators in 
early 2010, pending congressional approval of recommended funding 
levels and the publication of a final rule.
    TSA believes this schedule is realistic. As TSA works aggressively 
to implement the program, Secure Flight remains on track for 
acceleration. In December 2007, the Department of Homeland Security 
(DHS) delivered a Report to Congress on Secure Flight's implementation 
plan, outlining a schedule for achieving key program milestones. Table 
1 below highlights the program schedule.

------------------------------------------------------------------------
              Key Milestones                    Estimated  Completion
------------------------------------------------------------------------
Program planning complete after:            Q1 FY07  Completed
   Governance infrastructure
 implemented, in accordance with industry
 and government best practices;
   Integrated Master Schedule
 defined;
   Life-Cycle Cost Estimates
 completed; and
   Privacy and security woven into
 the program.
Benchmark Testing begins after:             Q1 FY08  Completed
   Interim Authority to Operate
 (IATO) has been granted;
   Secure Flight Exemption Rule is
 effective.
System complete after (release 2):          Q2 FY08
   Design phase complete;
   Development phase complete; and
   System testing complete.
Parallel testing begins after:              Q3 FY08
   Implementation support provided
 to aircraft operators;
   Network interface engineering
 complete; and
   Operational testing with first
 groups of domestic aircraft operators
 conducted.
Service Center staffing, training, and      Q3 FY08
 operational testing begins..
DHS Certification complete................  Q4 FY08
Parallel testing complete; Secure Flight    Q2 FY09
 will begin full watch list matching
 responsibility for domestic flights
 after:
   Operational testing with
 subsequent groups of domestic aircraft
 operators conducted.
Parallel testing with first group of        Q2 FY09
 aircraft operators complete. Domestic
 cutovers begin and Secure Flight assumes
 full watch list matching responsibility
 for initial group of domestic aircraft
 operators.
------------------------------------------------------------------------

    Secure Flight is moving quickly toward full implementation. The 
program is executing a comprehensive test approach, and TSA plans to 
begin parallel testing with the first groups of domestic aircraft 
operators in 2008, and to take over full responsibility for watch list 
matching for both domestic and international aircraft operators in 
fiscal year 2010, pending funding and the publication of the final 
rule.
    Secretary Chertoff has been clear that acceleration of the Secure 
Flight program remains a priority and TSA remains committed to meeting 
this key recommendation of the 9/11 Commission Report and requirement 
of the Intelligence Reform and Terrorism Prevention Act of 2004.
    Question 4c. What are TSA's key challenges in meeting Secure Flight 
scheduled completion dates?
    Answer. If Secure Flight does not receive approval for transfer of 
$24 million in fiscal year 2008 and the President's request of $82 
million in fiscal year 2009, the program will have to delay key work 
scheduled for the current fiscal year and will not be able to continue 
on an accelerated implementation timeline to assume full watch list 
matching for all domestic aircraft operators by July 2009 and for all 
foreign aircraft operators by early 2010. Further, the timely 
publication and effective date of the Final Rule will ensure that TSA 
is able to assume full watch list matching for all domestic aircraft 
operators by July 2009 and by early 2010 for all foreign aircraft 
operators.
    Question 4d. What is the status of the Secure Flight rulemaking?
    Answer. The Secure Flight Final Rule is still in the deliberative 
process and should be promulgated in a timely manner.

                          100% CARGO SCREENING

    Question 5a. In October 2005, GAO reported that TSA had taken a 
number of actions intended to strengthen domestic air cargo security, 
but factors existed that may have limited their effectiveness. In April 
2007, GAO reported that DHS (TSA and CBP) have taken a number of 
actions to secure air cargo entering the United States, but many of 
these efforts are still in the early stages and could be strengthened. 
Since GAO's reports were released, Congress enacted 9/11 Act, which 
mandates 100 percent screening of air cargo transported on passenger 
aircraft. Specifically, this act calls for a system to be developed and 
implemented to provide a level of security commensurate with the level 
of security for the screening of passenger checked baggage to screen 
100 percent of air cargo on passenger aircraft within 3 years of the 
date of enactment.
    What is the status of TSA's efforts to meet the requirement set 
forth in the Implementing the Recommendations of the 9/11 Commission 
Act of 2007 to screen 50 percent of air cargo transported on passenger 
aircraft within 18 months of the enactment of the act and 100 percent 
of air cargo within 3 years of its enactment?
    Answer. The Transportation Security Administration (TSA) is in the 
process of developing and implementing the Certified Cargo Screening 
Program (CCSP), a regulatory program that will enable industry to meet 
the screening requirements contained in the Implementing 
Recommendations of the 9/11 Commission Act of 2007 (9/11 Act).
    At this time, air carriers perform the screening of all cargo to be 
transported on passenger aircraft. However, due to the large volume of 
such cargo (approximately 6,000 tons per day), air carriers alone will 
not be able to screen cargo in the volume required to meet the 50 
percent and 100 percent requirements of the 9/11 Act.
    The CCSP is intended to enable the entire industry (original 
manufacturers, shippers, and indirect air carriers) to perform 
screening in order for cargo to arrive at the air carrier fully 
screened and ready to load onto aircraft. CCSP participants will use 
either physical search or non-intrusive screening methods such as X-ray 
and explosive trace detection systems to screen cargo destined for 
passenger aircraft.
    To date, the TSA Air Cargo Division has briefed over 1,000 
corporate representatives on the CCSP, and the response from industry 
has been positive. Additionally, TSA is currently coordinating an 
aggressive screening technology pilot program in support of the 
Certified Cargo Screening Program at almost 60 Indirect Air Carrier 
locations owned by 14 different companies. These locations are high-
volume cargo processing centers which build consolidated loads for air 
carriers. None of the individual sites are operational to date, but TSA 
anticipates that most will be operational prior to fall 2008.
    TSA is also operating a similar pilot with approximately 80 shipper 
locations in nine cities. However, these are all in preliminary 
development but TSA plans to have the majority of these locations 
validated, certified, and operational in fall 2008.
    Question 5b. What is the status of TSA's report to Congress 
assessing each exemption granted under 49 U.S.C. 44901(i)(1) for the 
screening of cargo transported on passenger aircraft, required by the 
Implementing Recommendations of the 9/11 Commission Act of 2007?
    Answer. In response to Section 1602 of the Implementing 
Recommendations of the 9/11 Commission Act of 2007, on February 25, 
2008, the Department of Homeland Security delivered a document entitled 
Report to Congress on Air Cargo Subject to Alternate Screening to the 
Chairmen and Ranking Members of the House Committee on Homeland 
Security, the Senate Committee on Commerce, Science, and 
Transportation, and the Senate Committee on Homeland Security and 
Governmental Affairs, as well as the Government Accountability Office.
    Question 5c. What progress has TSA made in implementing its 
targeting system for elevated risk domestic air cargo transported on 
passenger aircraft, referred to as Freight Assessment?
    Answer. The Freight Assessment System has completed its pre-system 
pilot test and has received authority to operate from the 
Transportation Security Administration Information Technology office. 
The system will be deployed to industry in conjunction with the 
Certified Cargo Screening Program.
    Question 5d. What progress has TSA made in coordinating with the 
U.S. Customs and Border Protection (CBP) to enhance the security of air 
cargo transported into the United States?
    Answer. The Transportation Security Administration (TSA) is 
currently collaborating with the U.S. Customs and Border Protection 
(CBP) on a key component of its risk-based approach for securing 
inbound air cargo. As part of this approach, TSA has engaged CBP to 
leverage its Automated Targeting System (ATS) and in a joint CBP/TSA 
international inbound air cargo targeting pilot. The pilot will 
evaluate the use of existing ATS trade data and its automated risk 
assessment program to identify elevated-risk air cargo.
    CBP has given TSA an initial briefing on the capabilities of ATS, 
and TSA has likewise briefed CBP on its authority and policy vehicles 
in the international environment. In addition, TSA has provided to CBP 
its risk assessment of inbound cargo on passenger planes. Included in 
this assessment is an analysis of threats, vulnerabilities, and 
consequences. Going forward, the agencies will collaborate on how to 
implement changes that address these potential risks via ATS.
    As such changes are successfully tested, the goal for both TSA and 
CBP will be to jointly consider how such integrated risk-assessment 
efforts could be accomplished prior to departure of an aircraft from an 
international last point of departure.
    Question 5e. What is the status of TSA's efforts to develop and 
implement technology to inspect air cargo?
    Answer. The Transportation Security Administration's (TSA) Office 
of Security Technology is supporting air cargo security goals and 
objectives by testing, evaluating, and qualifying technology to detect 
explosives and stowaways as well as ensure the integrity of the air 
cargo supply chain. TSA plans to both optimize currently available 
technologies and provide cargo specific screening procedures coupled 
with protocols to support these technologies in the operational 
environment.
    The Department of Homeland Security's Office of Science and 
Technology (S&T) Directorate is about to conclude the congressionally 
directed Air Cargo Explosives Detection Pilot Program and provide the 
report on the results of that effort later this year. TSA will be 
conducting an operational test at some airports, domestic and 
international, to develop requirements, specifications, and testing 
protocols to qualify carbon dioxide (CO2) monitors. The 
CO2 monitor is expected to be qualified in fiscal year 2009. 
Heartbeat Monitors are susceptible to environmental factors at the 
airports that will be addressed in future research efforts before they 
are qualified by TSA for use by the cargo freighters. TSA has deployed 
certified checked baggage screening technologies into actual air cargo 
screening operations, at about twelve different sites, to determine all 
the integration, training, and operational issues. TSA has also 
initiated pilot tests to study ways to integrate counter-to-counter air 
cargo into the existing airport checked baggage screening 
infrastructure using Explosives Detection System (EDS) and Explosive 
Trace Detection (ETD) screening equipment.
    The technologies showing promise in the near-term are existing or 
slightly modified explosives detection screening technologies such as 
EDS, Cargo Optimized EDS, ETD, and dual energy, multi-view Advanced 
Technology X-ray (AT-X-ray) technologies, and some CO2 
monitors for detecting stowaways.
    TSA will have screening technologies qualified to core air cargo 
screening requirements by January-March 2009. To get on the qualified 
products list (QPL) means: (a) That the technology has successfully 
completed commodity based integration test and evaluation (IT&E) 
qualification testing; (b) that the technology has successfully 
completed the subsequent operational test to ensure the product is 
operationally suitable and effective in an operational environment; (c) 
that the air cargo screening procedures and alarm resolution protocols 
for the technology have been developed and incorporated into Standing 
Operating Procedures for Transportation Security Officers and 
incorporated into TSA Security Directives and Aircraft Operators and 
Indirect Air Carrier Standard Security Programs; and (d) that the 
screener training curriculum and course materials have been developed 
and validated.
Candidate Air Cargo Screening Technologies for Use by Indirect Air 
        Carriers in Screening Break Bulk Cargo
Explosives Detection Systems (EDS)
   GE CTX 2500
   GE CTX 5500
   GE CTX 9000/9400
   L3 6000/6600
   Reveal CT-80/80DR
Explosives Trace Detectors (ETD)
   GE Itemiser 2
   Smiths Ionscan 400B
   Smiths Ionscan 500DT
   Smiths Sabre 4000 (Particle Mode Only)
Advanced Technology (AT) X-ray
   AT X-ray/Small
   L3 ACX 6.4
   Rapiscan 620DV
   Smiths 6040 aTiX
Advanced Technology (AT) X-ray/Medium
   L3 MVT HR
   L3 VIS HR
   Rapiscan MVXR5000
   Smiths 10080 EDtS
   Smiths 10080 EDtS++
    1. The Transportation Security Administration (TSA) is in the 
        process of evaluating and testing the technologies on this list 
        for screening air cargo. Future testing may result in 
        modifications to this list.
    2. ETDs must be present for use in either alarm resolution (EDS) or 
        for use IN CONJUNCTION with AT X-Ray (directed search).
    3. ETDs can be used as primary detection technology.
    4. Protocols for use in screening air cargo with these technologies 
        are being finalized and will be provided later.
    5. Not all technologies are appropriate for all commodities.
    6. The TSA would encourage Indirect Air Carriers to propose 
        screening processes and procedures based on their unique 
        operational needs.
Candidate Air Cargo Screening Technologies for Use by Air Carriers in 
        Screening Break Bulk Cargo
Explosive Detection System (EDS)
   GE CTX 2500
   GE CTX 5500
   GE CTX 9000/9400
   L3 6000/6600
   Reveal CT-80/80DR
Explosive Trace Detectors (ETD)
   GE Itemiser 2
   Smiths Ionscan 400B
   Smiths Ionscan 500DT
   Smiths Sabre 4000 (Particle Mode Only)
Advanced Technology (AT) X-ray
   AT X-ray/Small
   L3 ACX 6.4
   Rapiscan 620DV
   Smiths 6040 aTiX
Advanced Technology (AT) X-ray/Medium
   L3 MVT HR
   L3 VIS HR
   Rapiscan MVXR5000
   Smiths 10080 EDtS
   Smiths 10080 EDtS++
    1. The Transportation Security Administration (TSA) is in the 
        process of evaluating and testing the technologies on this list 
        for screening air cargo. Future testing may result in 
        modifications to this list.
    2. ETDs must be present for use in either alarm resolution (EDS) or 
        for use IN CONJUNCTION with AT X-Ray (directed search).
    3. ETDs can be used as primary detection technology.
    4. Protocols for use in screening air cargo with these technologies 
        are being finalized and will be provided later.
    5. Not all technologies are appropriate for all commodities.

                               TRANSITION

    Question 6. Please provide a written response as to how TSA is 
preparing a transition blueprint in the upcoming months. Do you have a 
Senior Leadership Team in place to assist with this transition 
blueprint? If so, who is a member of the Senior Leadership Team? In 
your response, please carefully and with as much detail as possible 
include TSA's plan of action to provide incoming leadership team with 
identified best practices and lessons learned; standard communication 
forums/mechanism through which incoming leadership can discuss ongoing 
policy transition issues throughout their first year in office; and 
reports outlining lessons learned within critical components at TSA and 
program success and failures within specific offices, as well as 
objective recommendations on how the incoming leadership should move 
forward.
    Answer. The Transportation Security Administration (TSA) is closely 
working under the umbrella of the Department of Homeland Security (DHS) 
and the Office of the Under Secretary for Management (USM) to ensure a 
smooth transition process. The Under Secretary for Management Paul 
Schneider and Deputy Under Secretary for Management Elaine Duke provide 
the overall leadership for the Department's, and TSA's, transition 
efforts. In June, RADM John Acton of the United States Coast Guard 
(USCG) will be detailed to USM to serve as DHS Transition Director 
where he will lead the USM core team that is currently in place. TSA 
has designated a senior career executive as its Senior Transition 
Officer to support the Department's transition team. He is assisted by 
a career Deputy Transition Officer and each office within TSA has a 
designated Point of Contact to ensure that complete and timely 
information is provided to incoming appointees of the new 
administration.
    TSA also has a longstanding Senior Leadership Team (SLT) comprised 
of the Deputy Administrator, all Assistant Deputy Administrators, and 
other office heads. The SLT was created in 2005 and is a forum for the 
career leadership of the agency to make key policy decisions and 
recommendations to the Assistant Secretary. The SLT meets weekly. We 
anticipate that the SLT will continue its critical role during the 
transition. TSA's SLT will be able to provide the new political 
leadership of the next administration with professional advice on the 
programs they administer.
    TSA is well placed to respond to the demands to ensure that its 
core functions of providing security throughout the transportation 
networks continues during and beyond the transition period. TSA's 
Deputy Administrator is a career civil servant as are all of the 
Assistant Administrators with the exception of Legislative Affairs and 
Strategic Communications and Public Affairs, and in each instance we 
have career professionals to lead those offices during the transition. 
Furthermore, TSA has been diligently working on succession planning to 
make certain that as some of our senior leaders either retire or move 
to other positions, there is a deep bench in place to continue the 
agency's mission. In fact for the past 2 years a major focus of the SLT 
has been on leadership and management development programs for the next 
generation of TSA leaders to head a rapidly maturing agency that is 
still less than 7 years old.

                             GRANT FUNDING

    Question 7a. Please describe the procedures and differences that 
are used in determining grant funding decisions for Tier 1 and Tier 2 
transit agencies.
    Answer. Projects that have the highest efficacy in reducing our 
Nation's transit risk are funded with transit security grants. All 
projects for fiscal year 2008 were scored using a formula as described 
in the grant guidance. The formula is a function of risk, project 
effectiveness, quality, and regional collaboration. All transit 
agencies had the opportunity to be provided their agency specific risk 
score. The project effectiveness values were laid out clearly in the 
grant guidance and were based on the type of project proposed in the 
application. The methodology and the formula were explained in detail 
during the stakeholder conferences. Transit agencies also had 
opportunities to ask questions either via email or during the weekly 
conference calls.
    There were differences in the procedures for how Tier 1 and Tier 2 
were scored for ``quality'' and ``regional collaboration.'' For Tier 2, 
the quality and regional collaboration factors were scored by the 
National Review Panel composed of subject matter experts. Since the 
process for Tier 2 is competitive, applications were evaluated solely 
on the information submitted with the application. For Tier 1, the 
projects are awarded the maximum quality score since they are arrived 
at through a collaborative process at the Regional Transit Security 
Working Groups, working with the Transportation Security Administration 
(TSA) to ensure high quality projects.
    Tier 1 and Tier 2 scores were then ranked separately. The 
recommended funding for Tier 2 was under the target allocation, so all 
projects recommended for funding were funded. For Tier 1, a minimum 
score threshold was determined based on the national slate of projects 
submitted, and funded projects generally exceeded that score. In Tier 
1, due to excess funds in Tier 2 and the Freight Rail Security Grant 
Program, several regions received more than their target allocation 
announced on February 1, 2008, with the release of the grant guidance. 
These funds were allocated to regional projects that were ``next in 
line'' and able to be fully funded on the project lists submitted by 
regions.
    Question 7b. What are some of the barriers that TSA is experiencing 
to releasing grant funding in a timely manner?
    Answer. The Federal Emergency Management Agency (FEMA) is 
responsible for administering the transportation security grants for 
intercity bus, AMTRAK, freight rail, transit, and trucking. The 
Transportation Security Administration (TSA) has the programmatic lead 
for these grant programs. TSA is responsible for coordinating and 
leading the development of recommended funding for all submitted 
investments. TSA does not release grant funding for any of the 
transportation security grant programs. FEMA is responsible for 
releasing grant funds based on those recommended funding levels. There 
are several factors that in the past have caused delays in the release 
of funding from FEMA including lack of detailed budget submissions by 
agencies, and environmental historical preservation reviews. In an 
effort to mitigate such delays this year, TSA engaged in extensive 
outreach activities that included nationwide workshops, weekly 
teleconferences with both Tier I and II security partners, and regular, 
recurring meetings with Tier I groups in such cities as Philadelphia, 
San Francisco, New York, and Los Angeles. As TSA's partner and a full 
participant in all outreach activities, FEMA provided prospective 
grantees with detailed information regarding requirements for budget 
submissions and environmental historical preservation reviews.
    Question 7c. Please discuss how TSA determines the grant funding 
priorities for the transit security grant program and discuss whether 
these priorities are risk-based.
    Answer. The Transportation Security Administration (TSA) developed 
six risk-based Transit Security Fundamentals (TSFs) for implementation 
by transit agencies as a means of enhancing the security posture of 
individual agencies and establishing a security baseline throughout the 
transit mode. The TSFs consist of protection of high-risk/high 
consequence underwater and underground rail assets; protection of other 
high-risk/high consequence assets and systems that have been identified 
through system-wide risk assessments; use of visible, unpredictable 
deterrence; targeted counter-terrorism training for key front-line 
staff; emergency preparedness drills and exercises; and public 
awareness and preparedness campaigns. Each of these fundamentals 
supports the achievement of the National Preparedness Goal, as well as 
other national and regional strategies to mitigate risk. The TSFs, 
developed in coordination with transit security partners, have been the 
basis of project priorities under the Transit Security Grant Program. 
TSA security assessments focus particular attention on posture in the 
TSFs and the overall assessment results advance the development of risk 
mitigation priorities, security enhancement programs, and resource 
allocations.
    In partnership with the Federal Transit Administration (FTA) and 
the mass transit and passenger rail community, TSA developed and 
implemented the Baseline Assessment for Security Enhancement (BASE) 
program. The BASE program aims to expand TSA's awareness and 
understanding of the current security posture in the passenger rail and 
mass transit mode, enable more effective targeting of security programs 
and technical assistance to elevate security, and facilitate sharing of 
best security practices. TSA's Transportation Security Inspectors 
(TSIs) complete these comprehensive assessments by thoroughly reviewing 
and rating mass transit and passenger rail agencies in 17 Security and 
Emergency Management Action Items. Updated in 2006 in a collaborative 
effort by TSA and FTA in coordination with representatives of the mass 
transit and passenger rail community, the Action Items encompass 
security and emergency management plans, security program 
accountability, terrorism prevention and response training and 
exercises, public awareness campaigns, physical security, personnel 
security, information security, procedures to elevate security measures 
as the threat level increases, internal security audits, and 
operational security measures. As of May 15, 2008, TSA had completed 64 
BASE assessments of mass transit and passenger rail agencies. The 
detailed reports TSIs produce of results of BASE assessments provide 
the data for analysis of areas and trends requiring improvement, both 
in individual mass transit and passenger rail agencies and nationally 
based on a consolidation of results.
    As one example, well-trained employees are a force multiplier for 
security efforts implemented by mass transit and passenger rail 
agencies. When the BASE results demonstrated the need for significant 
improvement in continuing security training of employees, TSA developed 
and published the Mass Transit Security Training Program in February 
2007. Produced in coordination with the Department of Homeland 
Security's Federal Emergency Management Agency (DHS/FEMA), FTA, the 
Sector Coordinating Council, and the Transit Security and Policing Peer 
Advisory Group, this program provides detailed guidelines on 
implementing an effective security training program, citing the subject 
areas in which particular categories of employees should receive 
training. Identified course options include programs funded by FTA/TSA 
(transit specific terrorism prevention and response) and FEMA (general 
terrorism prevention and response). Supported by the Transit Security 
Grant Program, this initiative expanded significantly the volume and 
quality of training for transit employees.

                         TSO WORKFORCE STAFFING

    Question 8a. A few weeks ago TSA announced changes to the pay for 
performance system, known as PASS, for your transportation security 
officer (TSO) workforce. While some of the changes are welcomed by the 
workforce there are a number of questions, particularly on training and 
testing for TSOs. As part of the PASS changes there will be reduction 
in required training in 2009.
    How do you expect to refine and reduce the training requirements 
for 2009, and still ensure that TSOs are properly prepared for the 
duties of the job?
    Answer. The Transportation Security Administration's Office of 
Human Capital and the Office of Security Operations (OSO) have been 
working with the National Advisory Council (NAC) Training and 
Performance Accountability and Standards System (PASS) subcommittees, 
to review the mandatory training plan. The amount of training being 
considered for reduction will solely reflect those items not directly 
related to core security screening functions and federally mandated 
courses. Non-essential training will still be available as elective 
courses. The NAC subcommittee will submit recommendations for 
consideration in June 2008.
    Question 8b. Will TSA increase its TSO workforce so that employees 
can have time to properly train?
    Answer. The Transportation Security Administration (TSA) Office of 
Operational Performance/Workforce Utilization stated that funding for 
Full-Time Equivalency (FTE) positions increased from 651 to 1,473 for 
the fiscal year 2008 Staffing Allocation Model. TSA has changed its 
weekly training requirement to a quarterly requirement. This factor 
alone has allowed the Transportation Security Officer workforce time to 
complete training requirements and complete the daily security mission. 
Additionally, Federal Security Directors are scheduling training hours 
into the daily duty schedules.
    Question 8c. What is the percentage of workplace injury cases for 
the TSO workforce? How does this compare to the average across the 
Federal Government?
    Answer. The Total Case Rate (TCR) is the rate of injury per 100 
employees. The TCR for the Transportation Security Administration (TSA) 
Transportation Security Officer (TSO) workforce is 10.96. The Federal 
Government does not provide a TCR for specific workforces, such as the 
TSO, however, the Federal Government overall TCR is 4.26. In 
comparison, all TSA workplace injury cases resulted in a TCR of 9.99. 
Although TSA's TCR is higher than the Federal Government's overall TCR, 
it is important to note that for fiscal year 2008 the TSO TCR has been 
reduced by 21.71 percent over the same period in fiscal year 2007.
    Question 8d. How is TSA working to ensure that your employees are 
aware of preventative measures for injuries and if injured, can take 
the time the need to heal properly before returning to work?
    Answer. The Transportation Security Administration (TSA) has 
implemented cross-functional teams that facilitate and expedite 
programs or projects designed to improve checked baggage and checkpoint 
screening efficiency by reviewing airport/office space ergonomics, work 
environments, and health/safety risks. Additionally, the TSA 
Optimization and Safety section secures funding and support for 
activities such as workspace configuration and redesign and equipment 
purchase. Each of these initiatives is aimed at reducing TSA losses 
associated with Transportation Security Officer on-the-job injury 
claims.
    The TSA Occupational Safety, Health, and Environment program has 
placed Occupational Safety and Health specialists at the TSA Mission 
Support Centers that are responsible for working with each airport to 
ensure that there is a viable and effective occupational safety and 
health program in place which includes outreach and communication to 
TSA employees. These specialists also conduct formal safety inspections 
of each airport and ensure that incidents are investigated promptly, 
and that any corrective actions are implemented.
    Further, TSA's Office of Human Capital has implemented a national 
nurse case management program to provide focus and direction for early 
medical intervention for injured employees. When an employee is 
injured, a contracted nurse contacts the employee within 24 hours of 
the injury to provide support and assistance. Through on-going 
contacts, the nurse monitors the employee's medical condition to ensure 
quality medical care to facilitate their medical progress and return to 
duty when medically feasible. The nurse case managers ensure that the 
medical documentation received from the treating physician is clear and 
complete, so that limited duty assignments are appropriate and 
consistent with the employee's medical restrictions.

                   WHISTLEBLOWER PROTECTION FOR TSOS

    Question 9a. Our transportation security officers are the frontline 
at our Nation's airports and these employees do not enjoy the same 
rights and protections as other Federal employees, including 
whistleblower protections. TSA took steps to remedy this in late 
February by signing a Memorandum of Agreement (MOA) between TSA and the 
Merit System Protection Board (MSPB). As I understand it, based on the 
MOA, MSPB will now be able to hear whistleblower cases from TSA 
employees.
    Have the cost details of this agreement been reconciled between TSA 
and MSPB. If not, when can we expect them to be?
    Answer. The Transportation Security Administration (TSA) and the 
Merit Systems Protection Board (MSPB) have agreed to the terms of TSA 
reimbursement for MSPB's direct costs incurred to adjudicate 
transportation security screeners' whistleblower retaliation appeals. 
The agencies are in the process of finalizing an Interagency Agreement 
addressing this issue.
    Question 9b. The MOA outlines that either party upon 30 days of 
written notice to the other party may terminate the MOA--is there a 
contingency plan in place should this happen?
    Answer. The Transportation Security Administration (TSA) and Merit 
Systems Protection Board (MSPB) anticipate that the Memorandum of 
Agreement (MOA) will be continued and will not be terminated by either 
party. In the event that termination becomes foreseeable, TSA and MSPB 
will work together to ensure that transportation security officers' 
whistleblower retaliation appeals receive timely, fair resolution.
    Question 9c. What are the biggest challenges to staffing up TSA--is 
it finding qualified candidates necessary for the vacant positions? Is 
it competitiveness pay issues in some localities? How can these 
challenges be best addressed?
    Answer. The challenges the Transportation Security Administration 
(TSA) faces today for staffing Transportation Security Officer (TSO) 
positions nationwide vary from airport to airport. For several airports 
the starting pay scale is not competitive for their labor market, such 
as competing with the oil industry in Wyoming, the hotel industry in 
tourist locations such as the Hawaiian Islands, and the fishing 
industry in remote Alaska locations. In other locations, the challenge 
is competition with other Federal employers in the same region. Higher 
attrition rates are experienced in these positions because many of the 
available work schedules are for part-time or split-shift positions, 
and many employees transfer to other Federal agencies after passing the 
probationary period. Additionally, the hiring process itself can be 
lengthy and candidates applying for part-time positions have accepted 
other jobs prior to our offer being made.
    To address these current challenges, TSA offers incentive pay for 
hard-to-fill areas to be competitive with starting pay scales. To 
attract long-term employees and reduce attrition, TSA continues to 
provide more extensive information to prospective candidates depicting 
a realistic job preview so that future employees understand the job 
they are accepting and the career path available within TSA. TSA is 
also offering incentives to current employees who recruit future 
employees with the hope that these future employees will understand the 
job and career path and be looking for long-term employment. Increased 
benefits are available for part-time employees, which not only draws 
candidates into applying but gives them incentive to stay. TSA is 
continually looking at the hiring process to decrease the time to hire 
and ensure candidates understand where they are in this multi-step 
process.
    Question 9d. A challenge across the Department is keeping qualified 
and committed individuals on staff. Can you please provide to us the 
attrition rates for TSOs and if exit interviews have been conducted, 
what have been the top three reasons for employee departures?
    Answer. The Transportation Security Administration (TSA) utilizes 
the National Exit Survey to collect information regarding reasons for 
leaving from those employees who voluntarily depart TSA. Completion of 
the survey is voluntary. The National Exit Survey was revised in July 
2007 to provide departing employees with the ability to rank the top 
three reasons for leaving TSA. From July 2007 to March 2008, the top 
three reasons why employees leave TSA are as follows:

------------------------------------------------------------------------
                                                                Response
                     Reasons for Leaving                        Rate in
                                                               Percent *
------------------------------------------------------------------------
Pay..........................................................         54
Career Advancement...........................................         53
Personal Reasons.............................................        50
------------------------------------------------------------------------
* Percentages will not equal 100 percent because participants may have
  selected more than one ``most important'' reason for leaving.

    The response rate for Transportation Security Officers (TSO) 
employees who completed the National Exit Survey during this time 
period is 16 percent. The national average response rate for employees 
completing an exit survey is 20 percent.
    Transportation Security Officer (TSO) attrition statistics are in 
the table below.

            TRANSPORTATION SECURITY OFFICER (TSO) ATTRITION SUMMARY AS OF 05/10/08 (PAY PERIOD 0809)
----------------------------------------------------------------------------------------------------------------
                  Data as of 5/24/2008  (PP 0810)                    *--FY08 YTD Includes Attrition Through 3/1/
--------------------------------------------------------------------                2008 (Percent)
                                                                    --------------------------------------------
                         TSO Attrition Type                                                                FY08
                                                                       FY04     FY05     FY06     FY07    YTD *
----------------------------------------------------------------------------------------------------------------
Full-Time (all paybands/reasons)...................................     18.9     18.9     16.5     14.4     14.3
Part-Time (all paybands/reasons)...................................     72.4     55.9     45.8     44.6     42.5
                                                                    --------------------------------------------
      TOTAL (all paybands/reasons).................................     24.2     23.7     20.9     21.2     21.0
----------------------------------------------------------------------------------------------------------------

           SURFACE TRANSPORTATION SECURITY INSPECTION PROGRAM

    Question 10a. Since 2005, TSA has deployed Surface Transportation 
Security Inspectors at field offices across the country to identify and 
reduce vulnerabilities and gaps in passenger and freight rail and to 
enforce existing security requirements.
    In fiscal year 2007, was TSA's Surface Transportation Security 
Inspection Program sufficiently staffed to fulfill all of its 
responsibilities? If not, please explain?
    Answer. In fiscal year 2007, the Surface Transportation Security 
Inspection Program (STSIP) was sufficiently staffed with 100 Full-Time 
Equivalent (FTE) to achieve agency performance goals related to 
Baseline Assessment for Security Enhancement (BASE) reviews in mass 
transit, Security Action Item (SAI) reviews in freight rail (Toxic 
Inhalation Hazard risk reduction), and Station Profile development in 
passenger and mass transit rail. Additionally, during this time the 
STSIP was able to sufficiently support numerous Visual Intermodal 
Protection and Response (VIPR) operations nationwide, conduct extensive 
security partner outreach, and provide ongoing incident response to 
enhance information sharing capabilities in the surface modes. The 
STSIP was authorized to hire an additional 75 FTE in a supplemental 
appropriation in fiscal year 2008 to facilitate enhancement of and help 
offset the resource requirements of the VIPR program, for a total of 
175 FTE. This staffing level was sufficient for fiscal year 2008 as 
well.
    Question 10b. The Baseline Assessment for Security Enhancement 
(BASE) is TSA's primary tool for assessing mass transit agencies. Has 
TSA conducted any assessments of the BASE's effectiveness in 
identifying and reducing vulnerability gaps? If yes, what were the 
results?
    Answer. The Transportation Security Administration (TSA) 
continuously assesses the effectiveness of the Baseline Assessment for 
Security Enhancement (BASE) program in identifying and reducing 
security vulnerabilities. This approach is reflected in the development 
of the program, its implementation, the application of assessment 
results, and quality control efforts.
    The BASE program, which commenced fully in November 2006, assesses 
the security posture of mass transit and passenger rail agencies in the 
Security and Emergency Management Action Items. Developed in a joint 
effort of TSA, the Department of Homeland Security (DHS), the 
Department of Transportation (DOT), and mass transit and passenger rail 
operating and security officials engaged through the Mass Transit 
Sector Coordinating Council (SCC) and Transit Policing and Security 
Peer Advisory Group (PAG), the Action Items cover a range of areas that 
are foundational to an effective security program. Components include 
security program management and accountability, security and emergency 
response training, drills and exercises, public awareness, protective 
measures for Homeland Security Advisory System (HSAS) threat levels, 
physical security, personnel security, and information sharing and 
security. Particular emphasis is placed on posture in the six Transit 
Security Fundamentals (protection of underground/underwater 
infrastructure; protection of other high consequence systems and 
assets; random, unpredictable deterrence; training; exercises; and 
public awareness).
    TSA's Surface Transportation Security Inspectors (STSIs) conduct 
the BASE assessments in partnership with the mass transit and passenger 
rail agencies' security chiefs and directors. To date, 64 BASE 
assessments have been completed in total, covering 47 of the largest 50 
agencies, 2 second assessments on top 50 agencies, 9 ranked in the 51-
100 range in size, and 6 smaller agencies. The results of the 
assessments inform development of risk mitigation priorities, security 
enhancement programs, and resource allocations, notably transit 
security grants. Three representative examples illustrate these points.
   Well-trained employees are a force multiplier for security 
        efforts implemented by mass transit and passenger rail 
        agencies. When the BASE results demonstrated the need for 
        significant improvement in continuing security training of 
        employees and provided insights on the cause of this situation, 
        TSA acted expeditiously to develop and implement solutions. In 
        February 2007, TSA published the Mass Transit Security Training 
        Program and revamped the Transit Security Grant Program (TSGP) 
        to expand the scope and quality of security training of mass 
        transit and passenger rail employees. Produced in coordination 
        with the Department of Homeland Security's Federal Emergency 
        Management Agency (DHS/FEMA), the Federal Transit 
        Administration (FTA), the SCC, and the PAG, this program 
        provides detailed guidelines on implementing an effective 
        security training program, citing the subject areas in which 
        particular categories of employees should receive training. 
        Identified course options include programs funded by FTA/TSA 
        (transit specific terrorism prevention and response) and FEMA 
        (general terrorism prevention and response). Acting on the 
        indications that restrictions on appropriate uses of TSGP funds 
        inhibited investment in training, TSA and FEMA, assisted with 
        coordination by the SCC and PAG, adjusted the TSGP guidance to 
        permit use of grant funds to cover backfill and overtime costs 
        incurred to maintain operations when employees leave their 
        normal duties to attend training courses. Additionally, a 
        streamlined application and review process eased preparation of 
        training project proposals for eligible mass transit and 
        passenger rail agencies and expedited delivery of funding. As 
        an example of this effort's effectiveness, the proportion of 
        grant awards for security training among eligible mass transit 
        and passenger rail agencies in Tier 2 under the TSGP rose from 
        3 percent of the total funding allocation in fiscal year 2006 
        to 68 percent in fiscal year 2007.
   As a strategic priority, TSA emphasizes the expansion of 
        random, unpredictable security activities to enhance 
        deterrence. The BASE results indicated the need for greater 
        effort to assist mass transit and passenger rail agencies in 
        higher risk areas to implement these types of measures. Through 
        the operational package option for eligible Tier 1 mass transit 
        and passenger rail agencies under the TSGP, during fiscal year 
        2007 DHS commenced funding of projects to assemble, train, and 
        equip dedicated anti-terrorism teams to operate in a mass 
        transit and passenger rail systems. The specialized expertise 
        these teams develop enhances security through implementation of 
        operational activities focused on terrorism prevention and by 
        creating a specially trained and experienced cadre to provide 
        training to and to share their experience with other law 
        enforcement officers and employees in their organizations.
   Building on the BASE assessment results, which show mass 
        transit and passenger rail agencies conduct and participate 
        regularly in drills and exercises, TSA enhances the focus of 
        these activities on terrorism prevention and immediate response 
        for threats and incidents within the systems. In partnership 
        with agencies in the National Capital Region, TSA is developing 
        a multi-phased, multi-jurisdictional, and cross-functional 
        anti-terrorism exercise program. STSIs in the region are 
        directly involved in this effort. The objective is to produce a 
        package to facilitate planning, preparation, and execution of 
        terrorism prevention and immediate response exercises that can 
        be adapted and implemented by mass transit and passenger rail 
        agencies nationally. This effort will produce the national 
        exercise program required under the Implementing 
        Recommendations of the 9/11 Commission Act of 2007 (Public Law 
        110-53). Drills and exercises remain among the priorities for 
        funding in the TSGP.
    Of note, the 2-second assessments conducted on transit agencies 
ranked among the top 50 in passenger volume do reflect improvement in 
performance, in one case dramatic improvement, producing risk 
mitigation. We anticipate similar results as second assessments occur 
later in fiscal year 2008 and throughout fiscal year 2009. 
Additionally, the process of preparing for a BASE assessment mitigates 
risk as the agency reviews its security plans, programs, and procedures 
and initiated enhancements. The BASE results report, a copy of which 
the assessed agency received, details the agency's status in each of 
the Action Items, summarizing effectiveness in implementation and 
noting weaknesses and needed improvements. The report, therefore, 
provides the assessed agency a comprehensive guide for security 
enhancement efforts and, for an eligible agency, informs the 
development of project proposals under the TSGP.
    Finally, TSA continuously reviews the data received through the 
BASE assessments, including the analytical reports on each agency's 
assessment, in a quality control process to assure completeness, 
accuracy, and consistency in approach. Revisions of the BASE checklist 
templates have tailored the assessments to specific types of public 
transportation--long-distance and commuter rail, rail transit, and bus 
transit. Future phases of BASE will adjust areas of emphasis in light 
of developments in the nature of the threat and to maintain a dynamic 
approach that thoroughly assesses an agency's operational and 
programmatic effectiveness.
    Question 10c. Public Law 110-53--the implementing 9/11 
Recommendations Act--required DHS to hire an additional 50 surface 
transportation security inspectors in fiscal year 2008, up from 100. 
What progress has TSA made on hiring, training and deploying these 
additional inspectors? What will be the primary focus for these 
inspectors?
    Answer. The Consolidated Appropriations Act, 2008, (Pub. L. 110-
161, December 26, 2007), funds an additional 75 Surface Transportation 
Security Inspectors in an effort to offset the impact of Visible 
Intermodal Protection and Response (VIPR) activities on the Surface 
Transportation Security Inspection Program (STSIP). The hiring process 
for the additional 75 is on-going.
    The 9/11 Act also contains new requirements which may impact the 
surface transportation inspectors such as reviewing security plans and 
reviewing training programs for transit agencies.
    Question 11a. Public Law 110-53 also contains new requirements 
which may impact the surface transportation inspectors such as 
reviewing security plans and reviewing training programs for transit 
agencies.
    Does TSA believe it has the inspector workforce necessary to meet 
all of the planned inspection activities for fiscal year 2008, 
including the additional requirements contained in the 9/11 
legislation? If not, what is your plan for prioritizing inspector 
responsibilities?
    Answer. The Transportation Security Administration's (TSA) Surface 
Transportation Security Inspection Program (STSIP) has the inspector 
workforce necessary to meet all of the planned inspection activities in 
freight and passenger rail industries for fiscal year 2008. The STSIP 
originally planned to conduct 1,344 freight rail toxic inhalation 
hazard (TIH) Security Action Item inspections in fiscal year 2008. 
Currently, we are on target to conduct 2,020 freight rail TIH 
inspections in fiscal year 2008. Additionally, the STSIP planned to 
conduct 50 Baseline Assessment for Security Enhancement (BASE) 
assessments on the Top 51-100 transit agencies in fiscal year 2008. 
Forty-five transit agencies agreed to allow TSA to conduct these 
voluntary BASE reviews in 2008. Regulations required by the 
Implementing Recommendations of the 9/11 Commission Act of 2007 are 
under development. Therefore, we envision compliance inspections for 
these additional security requirements to commence in fiscal year 2009.
    Question 11b. In December 2006, TSA issued a Notice of Proposed 
Rulemaking that proposed giving TSA regulatory authority for conducting 
security inspections of passenger rail systems, as well as additional 
security requirements on passenger and freight rail operators. When 
does TSA expect to issue the final rule and how closely will it align 
with the proposed rule? What process was followed to incorporate 
industry comments?
    Answer. The Transportation Security Administration (TSA) final rule 
on rail transportation security is undergoing review at the Department 
of Homeland Security (DHS). Following DHS approval, the rule will go to 
the Office of Management and Budget (OMB) for review under Executive 
Order 12866. We believe the final rule will achieve the security 
objectives identified in the Notice of Proposed Rulemaking (NPRM). TSA 
obtained the views of our security partners by holding a public meeting 
and through the public comment process initiated by the NPRM. TSA 
received over 70 public comments on the NPRM from trade associations, 
affected companies, labor unions, States and localities, and private 
individuals. TSA reviewed and evaluated each comment and will respond 
to all the issues raised in the preamble to the final rule.
    Question 11c. TSA has previously issued security directives for 
passenger rail as well as a proposed regulation that would place 
security requirements on passenger rail systems. However, TSA has not 
issued security requirements for other mass transit systems, such as 
bus systems? What are TSA's plans to do so, if any?
    Answer. In the absence of a substantial security threat or incident 
warranting expedited action to require specific enhancement activities, 
the Transportation Security Administration (TSA) does not anticipate 
issuing new security directives in the mass transit and passenger rail 
mode. Rather, TSA is working to meet the requirements of the 
Implementing Recommendations of the 9/11 Commission Act of 2007 (Public 
Law 110-53) for promulgation of regulations concerning security plans, 
assessments, and training programs for designated passenger rail and 
mass transit agencies, including bus systems. TSA is doing this in 
consultation with Federal security partners and the mass transit and 
passenger rail community as represented by the Mass Transit Sector 
Coordinating Council and the Transit Policing and Security Peer 
Advisory Group. TSA anticipates the security plan regulation, when it 
takes effect, will formally supersede the security directives 
applicable to passenger rail carriers.

              SURFACE TRANSPORTATION--PERFORMANCE MEASURES

    Question 12a. What are the key performance measures TSA uses to 
track performance of its surface transportation initiatives?
    Answer. The Transportation Security Administration's (TSA) Surface 
Transportation Security Program uses the following six performance 
measures to track performance:
    1. The percent reduction in risk from Toxic Inhalation Hazard bulk 
        cargoes in rail transportation;
    2. Percent of mass transit and passenger rail agencies that are in 
        full compliance with industry agreed upon Security and 
        Emergency Management Action items to improve security;
    3. Number of rail inspections conducted per 1,000 inspector hours;
    4. Percentage of applicable passenger and mass transit rail systems 
        having undergone a Security Directive review;
    5. Number of high-risk Pipeline corporate systems on which Pipeline 
        Corporate Security Reviews have been conducted; and
    6. Percent of highway infrastructure systems that have undergone a 
        Corporate Security Review.
    These performance measures are included in the Program Assessment 
Rating Tool (PART), and results for TSA's Surface Transportation 
Security Program can be found at the Office of Management and Budget's 
Web site at www.whitehouse.gov/omb/expectmore.
    Question 12b. What percentage of nationally critical surface 
transportation assets or systems by mode have been assessed and have 
mitigation strategies developed based on those assessments?
    Answer. The percentage of nationally critical surface 
transportation assets or systems by mode that have been assessed and 
have mitigation strategies developed based on those assessments is as 
follows:
   Pipeline Mode.--As of May 2008, 84 percent of the high-risk 
        corporate pipeline systems have undergone a Corporate Security 
        Review.
   Mass Transit Mode.--As of October 2007, 72 percent of the 
        applicable passenger and mass transit rail systems have 
        undergone a Security Directive review.
   Freight Rail Mode.--The independently owned and operated 
        Freight Railroads have identified their critical infrastructure 
        and developed security plans that provide for protective 
        measures during heightened states of alert.
   Highway Motor Carrier Mode.--As of March 2008, 80 percent of 
        highway infrastructure systems have undergone a Corporate 
        Security Review.
    Question 12c. How does DHS track the surface transportation assets 
or systems by mode have been assessed and have mitigation strategies 
developed based on those assessments?
    Answer. The Transportation Security Administration uses the Office 
of Management and Budget's Program Assessment Rating Tool to track the 
surface transportation assets or systems that have been assessed and 
then have mitigation strategies developed, based on those assessments.

  SURFACE TRANSPORTATION--TRANSPORTATION SYSTEMS SECTOR-SPECIFIC PLAN 
                                 (TSSP)

    Question 13a. The Transportation Systems Sector-Specific Plan 
(TSSP) and its supporting modal implementation plans and appendixes 
establish a strategic approach for securing surface transportation 
modes based on the National Infrastructure Protection Plan and 
Executive Order 13416, Strengthening Surface Transportation Security. 
The Transportation Systems Sector-Specific Plan describes the security 
framework that is intended to enable sector stakeholders to make 
effective and appropriate risk-based security and resource allocation 
decisions.
    In your opinion, do these plans include the necessary specific 
actions and milestones, quantitatively define the costs and benefits of 
securing the surface transportation system, and outline the specific 
roles and resources each partner will contribute?
    Answer. The Transportation Systems Sector-Specific Plan (TS SSP) 
includes, as appendices, plans for each of the six transportation 
modes. These modal plans have varying degrees of specificity regarding 
actions and milestones to secure the mode. The Transportation Security 
Administration (TSA) reports implementation of the TS SSP to the 
Secretary of the Department of Homeland Security on a monthly basis. A 
list of specific actions with milestones was developed using the TS SSP 
as a basis. The specific roles and responsibilities for the security 
partners are adequately delineated.
    While TSA does not have an aggregate accounting of the costs and 
benefits of securing the surface transportation system, TSA 
quantitatively evaluates the economic impacts of regulatory actions, 
security directives, major guidelines, and recommended security action 
items to determine if the benefits are sufficient to justify the costs.
    Question 13b. What has been the effect of having the TSSP and 
strategy for surface transportation?
    Answer. The Transportation Systems Sector-Specific Plan (TS SSP) 
provided the sector's partners with a definitive approach to evaluating 
security gaps, setting security priorities, and reaching consensus on a 
path forward to reduce security risks. It provided the mechanism for 
improved industry and government information exchange, increased 
understanding of shared responsibilities, and established enhanced 
cooperation for common security objectives. Improved coordination among 
the sector's partners led to greater efficiency in identifying and 
implementing risk-reduction initiatives, ultimately benefiting the 
transportation system users and taxpayers.
    Question 13c. To what extent has the development of the 
Transportation Sector Specific Plan (TSSP) and supporting modal annexes 
been coordinated with or adopted by industry stakeholders?
    Answer. Each mode has active Government Coordinating Councils and 
Sector Coordinating Councils. While each mode is unique in the state of 
engagement of its security partners, all use these mechanisms to 
exchange information and to coordinate security initiatives. These 
councils were used extensively during the Transportation Systems 
Sector-Specific Plan (TS SSP) drafting process and signed the published 
plan. They have been used increasingly for drafting the Sector Annual 
Reports, and as the partnership relationships are better understood and 
the member rosters stabilize, we anticipate even more effective 
participation during the upcoming revision of the TS SSP. TSA 
anticipates that as the sense of joint ownership of the sector plans 
improves, the extent of our security partners' contributions will 
improve with a corresponding increase in the use of the TS SSP as the 
sector's primary planning document.
    Question 13d. How does TSA assess the degree to which Federal and 
industry surface transportation security efforts are achieving the 
transportation security goals and objectives outlined in the 
Transportation Systems Sector-Specific Plan (TSSP)?
    Answer. The Transportation Security Administration (TSA) assesses 
the achievement of the sector's goals in the TS SSP through several 
means. First, monthly reports of the accomplishment of the specific 
milestones in the TS SSP implementation plan sent to the Secretary of 
the Department of Homeland Security (DHS). Second, periodic metrics are 
reported to DHS's Office of Infrastructure Protection through the 
National Infrastructure Protection Plan Metrics Portal. Third, TSA 
submits, on behalf of the Sector, an annual report to DHS that assesses 
the progress made implementing the TSSP and its goals. Fourth, progress 
implementing specific tasks is reported quarterly to the Office of 
Management and Budget, as identified in the Performance Assessment 
Rating Tool and in the Future Year Homeland Security Plan.

                SURFACE TRANSPORTATION--RISK ASSESSMENTS

    Question 14. TSA is responsible for coordinating and ensuring the 
security of the entire surface transportation system. Other DHS 
components, including the Coast Guard and the National Programs and 
Protection Directorate also have responsibilities which cover surface 
transportation related assets and systems. For example, bridges and 
tunnels: How does TSA ensure Federal risk assessments of surface 
transportation assets are coordinated and not redundant?
    As required by Public Law 110-53, what is TSA progress in 
fulfilling the following requirements:
   Complete, within 6 months after enactment (Feb. 3, 2008), a 
        nationwide risk assessment of a terrorist attack on railroad 
        carriers;
   Require each railroad carrier assigned to a high-risk tier 
        to conduct a vulnerability assessment and prepare, submit to 
        the Secretary for approval, and implement a security plan;
   Assign railroad carriers to a risk-based tier and establish 
        standards and guidelines for developing and implementing the 
        vulnerability assessments and security plans for railroad 
        carriers assigned to high-risk tiers?
    Answer. In both freight and passenger rail, Transportation Security 
Administration (TSA) has implemented comprehensive security assessment 
programs evaluating carriers' posture in Security Action Items 
developed in coordination with the respective communities. The Action 
Items encompass areas foundational to effective security programs. The 
results of the assessments drive risk mitigation priorities and inform 
development of security enhancement programs and resources allocations, 
including Federal security grants.
    The Department of Homeland Security (DHS) has already completed 
much of the groundwork that will serve as a basis for the National Rail 
Risk Assessment. Prior to the 9/11 Act, the TSA began a national risk 
assessment of the rail network. TSA concluded that the greatest threat 
to the security of the freight rail network is the transportation of 
toxic inhalation hazard (TIH) materials. This finding led to the 
development of nationwide programs to reduce the risk associated with 
the rail transportation of TIH materials including the significant risk 
of standing, unattended TIH railcars. The Security Action Items are a 
component of this effort, enhancing freight rail security generally and 
mitigating the risk of rail TIH transport in particular.
    In passenger rail, systems operating in the Nation's sizable 
metropolitan areas are among the most thoroughly assessed of all 
transportation modes. Since 9/11, they have undergone security 
assessments by the Federal Transit Administration (FTA), the former 
Office of Grants and Training at DHS (for grant funding eligibility), 
the American Public Transportation Association, private sector security 
consultants (often funded by DHS grants), and now under the Baseline 
Assessment for Security Enhancement (BASE) program conducted by TSA 
Surface Transportation Security Inspectors (STSIs). Through the BASE 
program, fully implemented as of November 2006, TSA assesses a transit 
system's security posture on the 17 Security and Emergency Preparedness 
Action Items. The Actions Items cover a range of areas that are 
foundational to an effective security program, including security 
program management and accountability, security and emergency response 
training, drills and exercises, public awareness, protective measures 
for Homeland Security Advisory System (HSAS) threat levels, physical 
security, personnel security, and information sharing and security. 
Particular emphasis is placed on posture in the six Transit Security 
Fundamentals (protection of underground/underwater infrastructure; 
protection of other high consequence systems and assets; random, 
unpredictable deterrence; training; exercises; and public awareness).
    Risk-based tiering of rail carriers has effectively been 
implemented through these collective efforts. In freight rail, TSA's 
security enhancement and assessment efforts focus on rail carriers 
operating in and through designated High Threat Urban Areas. In 
passenger rail, DHS has effected risk-based tiering through the Transit 
Security Grant Program. Tier 1 consists of mass transit and passenger 
rail agencies operating in the Nation's largest metropolitan areas--New 
York, Boston, Philadelphia, Washington, DC, Atlanta, Chicago, Los 
Angeles, and San Francisco. Tier 2 includes numerous agencies in other 
metropolitan areas, such as Buffalo, Cleveland, Dallas, Houston, 
Milwaukee, Minneapolis, Denver, San Diego, and Seattle. This list is 
not exhaustive. The entire list may be viewed in the fiscal year 2008 
Transit Security Grant Program guidance at http://www.tsa.gov/assets/
pdf/fy_2008_tsgp.pdf (see Table 4, pages 16-17).

                    SURFACE TRANSPORTATION--PIPELINE

    Question 15a. Has TSA completed a pipeline infrastructure study to 
identify the highest risk systems of the Nation and outline the 
security mitigation initiatives TSA will undertake to address these 
risks?
    Answer. The Transportation Security Administration's (TSA) Pipeline 
Security Division has identified the pipeline systems at highest risk 
in the United States. TSA is using its Corporate Security Review 
program to evaluate the security planning and implementation at these 
high-risk systems and to determine security deficiencies within the 
mode. Through this process, TSA has identified pipeline industry 
security gaps and outlined mitigation measures to implement over a 5-
year period. These measures are delineated in the Pipeline Modal Annex 
of the Transportation Systems Sector Specific Plan.
    Question 15b. When does TSA expect to develop a timeline and 
project plan for developing a long-term risk reduction outcome measure 
for the pipeline mode?
    Answer. The Transportation Security Administration (TSA) is 
currently developing a risk gap analysis tool that identifies threat, 
vulnerability, and incident consequence to the Nation's highest risk 
pipeline systems. By the end of fiscal year 2008, TSA's Pipeline 
Security Division will utilize the risk gap analysis planning tool to 
establish a timeline and project plan for developing a long-term risk 
reduction outcome measure.

               SURFACE TRANSPORTATION--COMMERCIAL VEHICLE

    Question 16. The Implementing the Recommendations of the 9/11 
Commission Act mandates, among other things, that the Secretary of 
Homeland Security develop a tracking program for motor carrier 
shipments of hazardous materials by February 2008 and complete a 
security risk assessment on the trucking industry by August 2008. What 
is the status of these efforts? Has the hazardous materials tracking 
program been completed? Will TSA be able to complete a risk assessment 
of the trucking industry by August 2008, and if so how is the agency 
planning to complete this assessment of 1.2 million trucking firms with 
the resources it has?
    Answer. In December 2007 the Transportation Security 
Administration's Highway and Motor Carrier Office developed a high-
level plan for implementing Section 1554 of the Implementing 
Recommendations of the 9/11 Commission Act of 2007 (9/11 Act) that sets 
requirements for establishing a Hazardous Materials (HAZMAT) Truck 
Security program. To meet the agency mission, TSA started the HAZMAT 
Truck Security Pilot project in 2005. Seven tracking vendors and twelve 
HAZMAT carriers participated in the pilot project. The pilot project 
has concluded and the final report will be published in June 2008. The 
results of the pilot included the following:
   Frequent or continuous communications.--TSA has developed a 
        set of tested protocols that are capable of interfacing with 
        existing truck tracking systems, State/local law enforcement 
        agencies and first responders, and with Federal intelligence 
        and emergency management centers.
   Vehicle position location and tracking capabilities.--TSA 
        has implemented a tested and functioning truck tracking center 
        that allows TSA to monitor truck locations and track load types 
        in the continental United States.
   A feature that allows a driver of such vehicles to broadcast 
        an emergency distress signal.--TSA has developed and tested a 
        concept that is being vetted by government and industry 
        volunteers. This facilitates effective responses to drivers' 
        emergency distress signals.

             SURFACE TRANSPORTATION--HIGHWAY INFRASTRUCTURE

    Question 17a. Why do the National Programs and Protection 
Directorate and the Federal Highway Administration have a greater 
presence with the highway infrastructure stakeholders than TSA, the 
lead Federal agency for transportation? What are the consequences?
    Answer. The Federal Highway Administration (FHWA) is the highway 
infrastructure stakeholder community's primary Federal provider of 
funds, safety regulations, engineering expertise, and cooperative 
activity. FHWA has been in existence since 1938 and currently has a 
stronger presence in the highway environment than the Transportation 
Security Administration (TSA). TSA relies on the FHWA for engineering 
and safety subject matter expertise in highway infrastructure matters.
    Question 17b. What benefits exist for establishing an annex to the 
existing MOU with DOT to address any underlying jurisdictional 
ambiguity and delineate respective roles and responsibilities, as it 
concerns securing highway infrastructure?
    Answer. The Transportation Security Administration (TSA) and the 
Federal Highway Administration (FHWA) have not experienced significant 
jurisdictional disputes in this community. As TSA matures and assumes 
regulatory and compliance roles in the highway infrastructure element, 
an annex with FHWA can help to avoid overlap and conflict by clarifying 
the roles and responsibilities of each agency during this transition.
    Question 17c. Has TSA completed a highway infrastructure study to 
identify the highest risk systems of the Nation and outline the 
security mitigation initiatives TSA will undertake to address these 
risks?
    Answer. The Transportation Security Administration (TSA) has not, 
to date, completed such a study for highway infrastructure, nor is 
there yet a formally approved National Bridge/Tunnel Security Strategy. 
However, comprehensive risk studies are currently underway (trucks, 
motor-coaches, school buses). Infrastructure will be the subject of a 
comprehensive study when these other reports (some mandated by the 
Implementing Recommendations of the 9/11 Commission Act of 2007 (9/11 
Act)) are completed. The lack of a single comprehensive report, 
however, should not suggest that TSA has not engaged in comparative 
risk analysis for infrastructure assets. Using accepted threat, 
vulnerability, and consequence tools, TSA has identified critical 
infrastructure and has encouraged our security partners to take 
appropriate mitigation steps.
    One aspect of this activity is our work within the Homeland 
Infrastructure Threat and Risk Analysis (HITRAC) program run by the 
Department of Homeland Security Office of Infrastructure Protection. 
This is a data call made to all States through the regional Protective 
Security Advisors to nominate highway infrastructure for the Tier 1/
Tier 2 critical infrastructure lists. Additionally, TSA has shared with 
its highway infrastructure security partners our report on results from 
infrastructure Corporate Security Reviews, which highlights the most 
common findings and recommends actions based on the best practices 
found in the field. TSA is in the process of reviewing the critical 
transportation infrastructure within certain major cities. This effort 
will be available to Federal Security Directors to ensure their 
awareness of critical infrastructure within their areas of 
responsibility. Finally, TSA is leading the creation of a multi-
disciplinary National Highway Bridge Security Working Group to address 
highway bridge security through the following goals:
   Identify, assess, and prioritize risk to critical bridges 
        from terrorist or criminal acts;
   Provide to bridge owners and operators standard means of 
        risk assessment and risk mitigation based on threats, 
        vulnerabilities, and consequences;
   Establish a means to prioritize available Federal security 
        funding to address security gaps at the Nation's most critical 
        bridge infrastructure;
   Establish priorities for research and development and 
        security enhancement projects over the long-term; and
   Encourage and guide the incorporation of risk-reducing 
        technologies and construction practices in improvements to 
        existing bridges and future highway bridge design.
    Question 17d. When does TSA expect to develop a timeline and 
project plan for developing a long-term risk reduction outcome measure 
for the highway infrastructure mode?
    Answer. The Transportation Security Administration (TSA) 
anticipates initial outcome measures for long-term risk reduction to be 
developed in fiscal year 2008. TSA is currently completing initial 
baseline corporate security reviews of all State Departments of 
Transportation and will finish the initial assessments in fiscal year 
2010. In addition, TSA has started revisiting sites that have had an 
initial baseline review. Comparing the results of the second review 
with the initial review will allow us to measure the impact of 
additional security measures as they are implemented by highway 
infrastructure owners and operators.
    Question 17e. What does it cost to conduct a Corporate Security 
Review (CSR?)
    Answer. The cost of conducting a Corporate Security Review, on 
average, is approximately $1,900.00 (considering 1 subject matter 
expert for 1 night and 1 day). On average about $1,400 for travel and 
$500 for salaries.
    Question 17f. What are the challenges related to implementing a 
risk management framework for highway infrastructure?
    Answer. The challenges to implementing a risk management framework 
for highway infrastructure lie in determining the traditional elements 
of risk (threat, vulnerability, and consequence) and the development 
and implementation of subsequent countermeasures to address the risk.
   Although there has been a continuous stream of information 
        concerning threats against the Nation's infrastructure, there 
        have not been credible threats identified against the Nation's 
        highway infrastructure.
   The type of infrastructure, as well as its geographic 
        location, affects highway infrastructure risk. Additionally, 
        the sheer size and diversity of the highway community magnifies 
        the total vulnerability. ``Highway infrastructure'' encompasses 
        more than 580,000 steel and concrete structures--bridges and 
        tunnels of widely varied construction and durability--and more 
        than 4 million miles of highway. It also includes traffic 
        management centers and commercial vehicle terminals. Its owners 
        are broadly distributed and represent a challenge in aligning 
        their efforts to enhance security.
    Question 18. Please describe the milestones for implementing the 
following highway risk mitigation priorities identified in the 
Transportation Sector-Specific Plan Annex D:
   Highway and Motor Carrier Modal Implementation Plan;
   Standardized risk assessment and risk mitigation approaches;
   Establish measurable security action items;
   Integrate security measures into the design on the Nation's 
        transportation network;
   Explore the use of existing grant programs to support 
        critical highway infrastructure security improvements.
    Answer. The Transportation Security Administration (TSA) has 
developed standardized risk assessment procedures and currently uses 
them when conducting corporate security reviews of highway 
infrastructure systems through State Departments of Transportation and 
private operators, trucking operators, school bus districts and 
operators, and motor coach operators. TSA has developed standardized 
risk mitigation approaches in the Hazardous Material (HAZMAT) Motor 
Carrier industry through the Security Action Items that have been 
developed and are in the TSA publication process. Additional 
standardized risk mitigation methods and approaches for the school bus 
transportation and the motor coach industries are in development.
    TSA has developed standardized risk mitigation approaches in the 
HAZMAT Motor Carrier industry through draft Security Action Items that 
we expect to issue within the next few months. These have been 
developed in close collaboration with industry security partners. 
Additional standardized risk mitigation methods and approaches for the 
school bus transportation and the motor coach industries are also being 
prepared for publication.
    TSA is working closely with the Federal Highway Administration, 
other government agencies and industry to develop a National Strategy 
for Bridge and Tunnel Security that includes specific security measures 
for the highway transportation network. This strategy document is 
currently in the review process within TSA and the Department of 
Homeland Security.
    Currently, there are two security grants programs that pertain to 
the highway transportation mode: (1) the over-the-road bus security 
grants program; and, (2) the trucking security grants program. The 
over-the-road bus security grants program is designed to enable 
intercity bus operators to enhance security. The trucking security 
grants program helps to train commercial drivers to identify and report 
suspicious events. It also funds information sharing between the 
industry and the government.
    TSA is exploring ways of developing a security grants program to 
help highway infrastructure owners and operators to enhance security. 
TSA has approved grant funding for projects involving security 
enhancements to bridges and other dual use infrastructure.
 Questions From Hon. Mike Rogers for Kip Hawley, Assistant Secretary, 
Transportation Security Administration, Department of Homeland Security
    Question 1. What does the Department spend to acquire and maintain 
X-ray cargo scanning machinery? What is the range of prices for these 
machines?
    Answer. With respect to the air cargo environment, the 
Transportation Security Administration (TSA) does not acquire and 
maintain X-ray screening equipment. However, TSA has piloted Explosives 
Detection System screening technologies, in an ongoing effort, at 
several airports in air carrier facilities, to assess performance to 
screen cargo.
    X-ray machines vary in price from $60K to $3.3 million per machine.
    Question 2. Do you expect that with the increased use of explosives 
detection dogs for screening, you will have a decreased need for X-ray 
technology? Or do you view these two systems as entirely complementary?
    Answer. The Transportation Security Administration (TSA) views the 
use of screening technology and canines as complementary methods of 
screening cargo. TSA canines will primarily be used on-airport to 
complement screening performed by the airlines. The need still exists 
for X-ray, as well as other TSA-approved technologies, to enable 
industry to screen cargo further up the supply chain prior to its 
arrival at the airport and to ensure commerce is not impeded.
    Question 3. Can you tell us how the President's fiscal year 2009 
budget request for cargo screening breaks down for the canine program?
    Answer. The President's fiscal year 2009 budget request includes a 
total of $37.7 million for canine cargo screening that is split among 
two PPAs. The $86.3 million Air Cargo PPA request includes $19.9 
million to support half of the 170 air cargo canine teams (85 teams) 
included in the fiscal year 2007 Supplemental Appropriation. These 85 
teams are led by Transportation Security Inspectors (TSIs). Another 
$17.8 million is contained within the proposed Law Enforcement PPA to 
fund non-Federal teams, including $10.8 million to fund the remaining 
85 teams included in the fiscal year 2007 Supplemental Appropriation 
and $7 million to fund legacy non-Federal teams that are partially 
dedicated to cargo screening.

                                 
