[Senate Hearing 110-1159]
[From the U.S. Government Publishing Office]



                                                       S. Hrg. 110-1159

                              OVERSIGHT OF
  TRANSPORTATION SECURITY ADMINISTRATION (TSA) FISCAL YEAR 2009 BUDGET

=======================================================================

                                HEARING

                               before the

                         COMMITTEE ON COMMERCE,
                      SCIENCE, AND TRANSPORTATION
                          UNITED STATES SENATE

                       ONE HUNDRED TENTH CONGRESS

                             SECOND SESSION

                               __________

                              MAY 13, 2008

                               __________

    Printed for the use of the Committee on Commerce, Science, and 
                             Transportation















                  U.S. GOVERNMENT PRINTING OFFICE

75-355 PDF                WASHINGTON : 2012
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing 
Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; DC 
area (202) 512-1800 Fax: (202) 512-2104  Mail: Stop IDCC, Washington, DC 
20402-0001



       SENATE COMMITTEE ON COMMERCE, SCIENCE, AND TRANSPORTATION

                       ONE HUNDRED TENTH CONGRESS

                             SECOND SESSION

                   DANIEL K. INOUYE, Hawaii, Chairman
JOHN D. ROCKEFELLER IV, West         TED STEVENS, Alaska, Vice Chairman
    Virginia                         JOHN McCAIN, Arizona
JOHN F. KERRY, Massachusetts         KAY BAILEY HUTCHISON, Texas
BYRON L. DORGAN, North Dakota        OLYMPIA J. SNOWE, Maine
BARBARA BOXER, California            GORDON H. SMITH, Oregon
BILL NELSON, Florida                 JOHN ENSIGN, Nevada
MARIA CANTWELL, Washington           JOHN E. SUNUNU, New Hampshire
FRANK R. LAUTENBERG, New Jersey      JIM DeMINT, South Carolina
MARK PRYOR, Arkansas                 DAVID VITTER, Louisiana
THOMAS R. CARPER, Delaware           JOHN THUNE, South Dakota
CLAIRE McCASKILL, Missouri           ROGER F. WICKER, Mississippi
AMY KLOBUCHAR, Minnesota
   Margaret L. Cummisky, Democratic Staff Director and Chief Counsel
Lila Harper Helms, Democratic Deputy Staff Director and Policy Director
   Christine D. Kurth, Republican Staff Director and General Counsel
                  Paul Nagle, Republican Chief Counsel














                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on May 13, 2008.....................................     1
Statement of Senator Inouye......................................     1
Statement of Senator Kerry.......................................    45
Statement of Senator McCaskill...................................    41
Statement of Senator Stevens.....................................     2
    Prepared statement...........................................     2

                               Witnesses

Berrick, Cathleen A., Director, Homeland Security and Justice 
  Issues, U.S. Government Accountability Office..................    11
    Prepared statement...........................................    12
Hawley, Hon. Edmund S. ``Kip'', Assistant Secretary and 
  Administrator, TSA, U.S. Department of Homeland Security.......     3
    Prepared statement...........................................     5

                                Appendix

Response to written questions submitted by Hon. Daniel K. Inouye 
  to:
    Cathleen A. Berrick..........................................    65
    Hon. Edmund S. ``Kip'' Hawley................................    49
Response to written questions submitted by Hon. Roger F. Wicker 
  to Hon. Edmund S. ``Kip'' Hawley...............................    62

 
 OVERSIGHT OF TRANSPORTATION SECURITY ADMINISTRATION (TSA) FISCAL YEAR 
                              2009 BUDGET

                              ----------                              


                         TUESDAY, MAY 13, 2008

                                       U.S. Senate,
        Committee on Commerce, Science, and Transportation,
                                                    Washington, DC.
    The Committee met, pursuant to notice, at 10 a.m. in room 
SR-253, Russell Senate Office Building, Hon. Daniel K. Inouye, 
Chairman of the Committee, presiding.

          OPENING STATEMENT OF HON. DANIEL K. INOUYE, 
                    U.S. SENATOR FROM HAWAII

    The Chairman. I apologize for being late.
    The public's confidence in the safety and security of our 
transportation systems is vital to our social and economic 
well-being. Since the tragic events of September 11th, there is 
no doubt that we have made significant progress in 
strengthening the security of our transportation network.
    Following the attacks, Congress moved to quickly create the 
Transportation Security Administration to better secure 
aviation, port, and surface transportation infrastructure. And 
as you are aware, we have continued to refine our efforts 
through subsequent legislation since the initial creation of 
the TSA.
    Just this past year, the Commerce Committee was 
instrumental in the passage of the Implementing Recommendations 
of the 9/11 Commission Act of 2007. This legislation closes 
potential loopholes in our Nation's aviation security regime by 
making significant improvements in air and maritime cargo 
security, airline passenger explosives screening, and the 
oversight of foreign repair stations.
    Additionally, the 9/11 Act dramatically expands and 
improves Federal security efforts for the Nation's major 
surface transportation modes by authorizing new security 
assessments, grant programs, security measures for passenger 
and freight railroads, trucks, intercity buses, and pipelines.
    While I am confident that the goals of the 9/11 Act will be 
accomplished, the TSA's Fiscal Year 2009 budget proposal raises 
a number of concerns in this regard. The Administration's 
complete overhaul of the TSA budget structure makes it unclear 
whether the mandates in the 9/11 Act are receiving proper 
resources for implementation, particularly with regard to 
improvements in surface transportation security.
    It is also unclear why the Administration is asking to 
increase funding for baggage screening when they have been slow 
to embrace the provisions in the 9/11 Act for this activity 
and, in fact, have not fully utilized the resources already 
provided.
    We must ensure our Nation remains vigilant in pursuing the 
security of our transportation systems and continues to adapt 
to evolving threats. It is critical that the Administration 
work collaboratively with this Committee and other stakeholders 
to avoid the management problems of the past, ensure the agency 
has sufficient resources, and move forward with implementing 
the provisions of the 9/11 Act in a quick and effective manner. 
And I look forward to hearing how we can best accomplish these 
tasks.
    It is my privilege to call upon the Vice Chairman of the 
Committee.

                STATEMENT OF HON. TED STEVENS, 
                    U.S. SENATOR FROM ALASKA

    Senator Stevens. Mr. Chairman, I am sorry to be slightly 
late. I do thank you for holding the hearing and welcome the 
panel. I look forward to hearing from them again.
    We know the challenges of securing the vast transportation 
system, and it will continue to grow, I think. Those challenges 
will continue to grow. The role of TSA is often thankless and 
obstacle ridden. I do commend you at the TSA for what has been 
done. I think there has to be a great deal more done, as the 
Chairman has said.
    We set forth an ambitious and demanding aviation and 
surface mode security schedule for TSA in last year's 9/11 Act. 
The proper implementation of those goals will take efficient 
use of an always strained and stretched budget, and we don't 
expect it to expand too much this year.
    We do thank you again, Mr. Chairman. Look forward to this 
hearing and the questions I have available to ask them today.
    Thank you.
    [The prepared statement of Senator Stevens follows:]

    Prepared Statement of Hon. Ted Stevens, U.S. Senator from Alaska
    Thank you, Chairman Inouye, for holding today's hearing. I welcome 
our distinguished panel and thank you for your testimony. The Committee 
intimately knows the challenges of securing our vast transportation 
system while also maintaining the flow of commerce. The role of TSA is 
often thankless and obstacle-ridden, and the Committee commends you on 
your progress; however, there is much that still needs to be done.
    Congress set forth an ambitious and demanding aviation and surface 
mode security schedule for TSA in last year's 9/11 Act. Proper 
implementation of those goals will take efficient use of an always 
strained and stretched budget.
    In the 9/11 bill, the Chairman and I authored a provision to 
dramatically improve the deployment and installation of in-line baggage 
systems at our Nation's airports by utilizing multi-year letters of 
intent that would allow airports to leverage government contributions 
in the bond market. That provision also utilized existing funds and did 
not require additional cost on the air carriers and their customers.
    However, instead of embracing and effectively utilizing our 
provision, the TSA has included a proposal for a temporary increase in 
the existing passenger security fee to purchase and install explosive 
detection machines and in-line checked baggage systems.
    While the Committee appreciates the idea of expediting deployment 
of the in-line baggage systems, the Committee cannot support an 
increase in the passenger security fee. During these times of economic 
instability we cannot afford to put an additional burden on our air 
carriers and passengers.
    We are approaching a serious period of transition and it is 
imperative that TSA set the foundation for continuity in security, 
regardless of the outcome of the next Presidential election. Security 
should not be subject to political differences or appointment; it needs 
to be stable in both the short and long-terms.
    To assist the transition, the Agency needs to get Secure Flight, 
the national passenger pre-screening program, operational. The Agency 
needs to effectively deploy new technology at our checkpoints to 
improve explosive detection. The reported lack of screener proficiency 
is not acceptable. We cannot operate under a false sense of security; 
we need screener accuracy and real security.
    Finally, I want Mr. Hawley to know how important it is to our 
economy that the air cargo screening benchmarks be met. I encourage TSA 
to work diligently and quickly to attain 100 percent screening of air 
cargo, within the bicameral agreed-upon benchmarks that were set within 
the 9/11 bill. It is essential that TSA maximize the screening of cargo 
on commercial aircraft without causing negative repercussions on the 
flow of commerce.
    In Alaska, Anchorage International Airport continues to be the 
number one cargo airport in the U.S., and the third largest worldwide 
based on cargo weight landed. In addition to our all-cargo operations, 
the airport is also a major transfer point for passenger air cargo, or 
what we like to call ``combi's''. The improved screening of passenger 
air cargo will provide a higher level of safety and security to my 
constituents. It is important to our economy that you meet those 
benchmarks.
    Thank you Mr. Chairman, I look forward to hearing from our 
witnesses.

    The Chairman. Thank you very much.
    Before I proceed, I would like to advise the witnesses and 
the Committee that at approximately 11 a.m. this morning, we 
will be having a series of roll call votes.
    With that, we are pleased to have witnesses of very 
distinguished citizens. First, the Honorable Edmund ``Kip'' 
Hawley, Assistant Secretary for Homeland Security, 
Transportation Security Administration, and the Honorable 
Cathleen Berrick, Director, Homeland Security and Justice 
Issues, Government Accountability Office.
    May I call upon Secretary Hawley?

STATEMENT OF HON. EDMUND S. ``KIP'' HAWLEY, ASSISTANT SECRETARY 
  AND ADMINISTRATOR, TSA, U.S. DEPARTMENT OF HOMELAND SECURITY

    Mr. Hawley. Thank you, Mr. Chairman, Vice Chairman Stevens.
    It is a pleasure to be on the panel again with Cathy 
Berrick from GAO, and I am also pleased to appear to discuss 
the President's Fiscal Year 2009 budget proposal and TSA's 
program activities.
    TSA's focus in the year ahead continues to be improving the 
ability of our Transportation Security Officers to detect 
improvised explosive devices and other threats to aviation 
security beyond prohibited items.
    Today, our threat environment remains high, and TSA's 
challenge is to defeat known terrorist threats, as well as 
those the terrorists invent specifically to get around our 
technology and procedures. This requires us to use technology, 
our people, and our process in ways that are effective, yet 
flexible enough so that vulnerabilities cannot be exploited and 
predicted.
    On the technology front, millimeter wave whole body imaging 
technology is now deployed at JFK, Los Angeles, Phoenix, and 
Thurgood Marshall Baltimore/Washington International Airport. 
We will deploy at least 30 more of those machines by year end. 
Also by year end, we will deploy 600 Advance Technology (AT) X-
ray machines to improve detection of IEDs by giving our 
officers a much clearer picture of what is in a carry-on bag.
    To get the most out of this technology investment, every 
TSO working at a checkpoint will undergo this year an extensive 
twelve hour training, bringing together the latest thinking 
from intelligence, explosives detection, and human factors that 
can affect security. This will give us the tools to go on 
offense, to make security smarter and harder to beat.
    Underway now is the most significant checkpoint redesign in 
30 years. We call it Checkpoint Evolution, an integrated 
security checkpoint bringing together the three elements of 
people, including passengers; technology; and better process. 
The prototype is now operational at BWI. The checkpoint 
configuration and technology supports a team approach that is 
calmer and more conducive to smart security.
    Smart security involves layers. Risk-based, layered 
security continues as a major priority for the year ahead and 
is reflected in the President's Fiscal Year 2009 budget 
request. We have added new layers of security in front of the 
checkpoint and to other areas of the airport, including the 
Travel Document Checkers; Behavior Detection Officers who can 
identify someone who may be a threat before they get to the 
checkpoint, let alone the aircraft; Bomb Appraisal Officers to 
help with IED training and detection; and our VIPR teams that 
intensify the visible presence of security in both aviation and 
surface modes.
    And I would like to point out on the issue of the surface 
modes, we have done almost 1,000 of these VIPR teams. Over half 
of them have been in the surface mode. In fact, there was one 
yesterday in Atlanta that I was a part of. So the VIPR teams 
apply both on the aviation side and on surface transportation.
    We have also added employee screening to protect the back 
side of airports, where we are running a 90-day test of 
employee screening in seven airports, including Boston, Denver, 
and Jacksonville, Florida.
    To put this in perspective, by the end of 2008, the vast 
majority of passengers will be covered by Behavior Detection 
Officers; 100 percent of passengers will be covered by Travel 
Document Checkers; and over half the flying public by AT X-ray. 
Every airport now has random screening every day of its 
employees. All of these programs work together as connected 
pieces in a multi-layered, multi-modal, total security system 
to put us one step ahead of evolving threats.
    In prior hearings, we have discussed TWIC, the 
Transportation Worker Identification Credential, and Secure 
Flight, and a quick update is in order on both of those.
    TWIC is on track. The compliance date is now set at April 
15, 2009, which does allow 18 months for the enrollment period. 
We have already got over 250,000 people enrolled and are in 
place to begin enforcement this October.
    On Secure Flight, the budget request includes an increase 
of $32 million to accelerate the implementation. And with this 
Committee's ongoing support, we anticipate beginning the Secure 
Flight program at the end of 2008 and full program 
implementation in the coming year.
    I would like to once again thank the Committee for its 
support of TSA and its mission. I look forward to discussing 
all these issues.
    Thank you.
    [The prepared statement of Mr. Hawley follows:]

    Prepared Statement of Hon. Edmund S. ``Kip'' Hawley, Assistant 
 Secretary and Administrator, TSA, U.S. Department of Homeland Security
    Good morning Chairman Inouye, Vice Chairman Stevens, and 
distinguished members of the Committee. Thank you for the opportunity 
to appear today to provide an update on the Transportation Security 
Administration's (TSA) efforts to improve aviation and surface 
transportation security and to present the President's budget request 
for TSA for Fiscal Year (FY) 2009 (Request).
    I would like to begin by thanking the members of the Committee for 
your support of TSA's initiatives to improve existing security measures 
and to implement additional layers of security. I especially want to 
thank the Members of this Committee for your support of the 
supplemental funding provided in the U.S. Troop Readiness, Veterans' 
Care, Katrina Recovery, and Iraq Accountability Appropriations Act, 
2007, P.L. 110-28, (FY07 Supplemental Act), and the level of funding in 
the Consolidated Appropriations Act, 2008, P.L. 110-161 (FY08 
Consolidated Act), which funded critical needs that the Administration 
identified in its Budget Amendment. These two Acts enhanced TSA's 
ability to implement vital security measures to face ongoing and 
emerging threats.
Ongoing Threat
    The effort to protect the security of transportation systems 
remains as important now as it ever has been in the past six and a half 
years. Since August 10, 2006, the Nation's threat level for all 
commercial aviation operating in or destined for the United States has 
been High, or Orange. The Annual Threat Assessment of the Director of 
National Intelligence released on February 5, 2008, confirmed that 
terrorists continue to pose significant threats to the United States. 
Terrorists are likely to continue to focus on prominent infrastructure 
targets with the goal of producing mass casualties and significant 
economic aftershocks. Our enemies are adaptive and innovative in 
overcoming security obstacles. This threat is real, persistent, and 
evolving. We know they are working to defeat us, and we must remain 
vigilant.
FY09 Budget Overview
    The President's overall Request of $7.1 billion for TSA reflects a 
total increase of $286 million over the FY 2008 enacted level. Of the 
total request, a significant amount supports annualization of 
initiatives expanded in FY 2008 as well as a program increase of $32M 
for Secure Flight and $30M for Other Vetting activities. The Request is 
comprised of $5.3 billion for Aviation Security, which now includes the 
Federal Air Marshal Service (FAMS); $37 million for Surface 
Transportation Security; $170 million in funding for Transportation 
Threat Assessment and Credentialing; and $926 million for 
Transportation Security Support.
Improving Efficiency in Transportation Security
    Although we face a seemingly unlimited number of possible scenarios 
to attack our transportation systems, we must execute our risk-based 
approach to security as efficient stewards of taxpayer dollars. We also 
know that prudent financial and program management improve security by 
increasing the effectiveness of existing security measures and allow us 
to expand the layers of security while improving TSA's interaction with 
the traveling public.
    TSA has aggressively pursued a number of initiatives to improve our 
overall efficiency. First, by investing in our most important asset, 
our workforce, we can deploy higher performing Transportation Security 
Officers (TSO). The Career Progression Program has been in effect for a 
full year in FY 2007. This program provides widespread career growth 
and professional development opportunities for high-performing TSOs. We 
continued workplace safety initiatives by requiring local safety teams 
at field operation locations and expanded the Nurse Case Management 
Program to help our injured employees receive proper and timely medical 
care and rehabilitation. As a result, we reduced the Lost Time Case 
Rate from 4,367 injuries or illnesses in FY 2006 to 3,228 in FY 2007--a 
26.1 percent reduction to 7.19 injuries per 200,000 work hours. We 
provide part-time employees with full-time health benefits. And, we 
require our field operations to maintain a robust Model Workplace 
Program to facilitate creative ways to improve our employees' work 
environment. These efforts contributed to reducing our TSO attrition 
rate: full-time attrition decreased from 13.6 percent in 2004 to 11.6 
percent in 2007, and part-time attrition dropped from 57.8 percent in 
2004 to 37.2 in 2007. Our attrition rates include those employees who 
have chosen to continue their Federal service at other DHS and non-DHS 
agencies. The reduction in attrition saves TSA many incremental costs, 
such as hiring and training expenses, and increases security by 
resulting in a more experienced and efficient TSO workforce. Our change 
from a centralized hiring process to one coordinated at the local 
airport level has reduced our hiring cost per TSO by over 36 percent 
from FY 2004 to FY 2007.
    TSA continues to seek efficiencies in our field operations. Through 
the use of the Staffing Allocation Model (SAM), we are able to identify 
operational and efficiency gains by better utilization of our TSOs. We 
improved our TSO scheduling to more accurately follow passenger loads 
and air carrier schedules. We increased the use of part-time employees 
and expanded the use of ``split-shift'' employees to increase staffing 
during high volume periods, which lowered our overtime pay 
significantly. We continue to install computers at or near screening 
checkpoints to allow a more efficient use of TSO time for training and 
reduce their time away from checkpoints.
    The deployment of new technology in FY 2007 increased threat 
detection and improved efficiencies in checkpoint throughput, and will 
continue to increase as the deployment of these technologies expand in 
FY 2008. We added 23 in-line Explosives Detection Systems (EDS) for 
checked baggage screening at airports. We plan to deploy over 600 
Advance Technology (AT) X-ray machines by the end of 2008 to improve 
detection of improvised explosive devices and increase passenger 
throughput by providing enhanced, multiview visual detection 
capabilities for TSOs. Bottled Liquid Scanners enhance our ability to 
discriminate between explosive or flammable liquids and benign liquids. 
TSA introduced millimeter wave in Phoenix, and rolled out this 
technology at LAX, JFK, and BWI this spring. This technology can detect 
items concealed on the body, including plastics, through a robotic 
image that will be viewed from a remote location. TSA will be working 
to socialize this technology with the American public. It is already in 
use in international transportation venues, and will improve security 
while maintaining passenger privacy by ensuring that images will not be 
saved or stored. We anticipate deploying 30 millimeter wave machines by 
the end of 2008.
    We improved our financial management in many areas, to include 
increased collection of late payment interest penalties, enhanced 
internal controls over financial reporting, reduced funding carryover, 
and payroll estimates adjusted for vacancy rates.
Improving Workforce, Effectiveness
    TSA's risk-based approach to security uses unpredictable, flexible, 
and layered security measures. Our investments in people, processes, 
and technology have allowed us to continue a proactive philosophy of 
deploying flexible security procedures.
    In FY 2007, we significantly improved security at airports by 
deploying our workforce in new locations and for new functions. We 
expanded the Travel Document Checker (TDC) program to over 340 
federalized airports. The TDC program enhances security by disrupting 
and detecting individuals who attempt to board an aircraft with 
fraudulent documents.
    We deployed hundreds of Behavior Detection Officers (BDO) at the 40 
busiest airports as part of the Screening Passengers by Observation 
Technique (SPOT) program. BDOs are trained to identify potentially 
high-risk individuals who exhibit behaviors that indicate hostile 
intent. An incident last month in Orlando, Florida, displayed the 
effectiveness and importance of this program. On April 1, 2008, a 
Jamaica-bound passenger, Kevin Brown, aroused suspicion of BDOs, who, 
working in conjunction with the Orlando Police Department, the Orange 
County Bomb Squad, and the Federal Bureau of Investigation, uncovered 
everything needed to make a bomb in the passenger's checked bag. Their 
swift action demonstrated that BDOs, trained to detect deceptive and 
suspicious behavior, are contributing to airline security by detecting 
and discovering dangerous people and dangerous items.
    We launched nationwide deployment of Visible Intermodal Prevention 
and Response (VIPR) teams in aviation and surface transportation 
sectors, comprised of TSOs, BDOs, Transportation Security Inspectors 
(TSI), and FAMs, in cooperation with Federal, state and local law 
enforcement as well as various transportation entities. VIPR teams 
enhance the security of persons and critical infrastructure; and 
prevent, prepare for, protect against, and respond to acts of terrorism 
in all modes of transportation at any location. We very much appreciate 
the strong support the Congress gave to the VIPR program in the FY 2008 
appropriation and the Implementing Recommendations of the 9/11 
Commission Act of 2007, P.L. 110-53 (9/11 Act), which allowed us to 
expand the program to over 900 VIPR operations to date. We allocated 
approximately 700 FTE for the Aviation Direct Access Screening Program 
(ADASP), which conducts random and unpredictable screening of 
individuals employed at airports and their accessible property that are 
entering secured areas of airports. TSA implemented all these actions 
through innovative uses of our resources.
FY 2009 Budget Request
    The Request is presented in a structure that proposes realignment 
and consolidation of certain Program, Project or Activity (PPA) 
elements. The proposed changes will enhance the transparency of program 
accountability and simplify financial management by aligning 
operational program and personnel funding under the same PPA. Many 
full-time equivalents (FTE) associated with certain operational 
programs are currently shown in the Headquarters Administration PPA. 
For example, FTE associated with the training of TSOs will be realigned 
to the Screener Training and Other PPA. Additionally, National 
Explosives Detection Canine Team (K-9) funding from several current 
PPAs would be consolidated under a single National Explosives Detection 
Canine Team Program. The proposed PPA changes will more closely mirror 
TSA's organizational structure and increase the accountability of 
senior leadership for their respective programs.
    The Request proposes the realignment of FAMS funding by eliminating 
the separate appropriation and incorporating it as a single PPA within 
the Aviation Security account. The proposed realignment will complete 
the integration of the FAMS back into TSA and enhance our ability to 
respond more rapidly to emerging threats to transportation.
Aviation Security
    The Request builds upon the success of many of our current programs 
while enhancing our ability to deploy a surge of resources and flexible 
security measures to meet the challenge of an evolving terrorist 
threat. The Request includes full year funding for the behavior 
detection program ($43 million/660 FTE) and the airport employee 
screening program ($36 million/750 FTE), both of which were initially 
funded in the FY 2008 Budget Amendment. The Aviation Security 
appropriation also reflects full year funding for 10 multi-modal VIPR 
teams ($30 million/225 FTE). SPOT and VIPR are two of TSA's efforts to 
enhance security by putting in place initiatives in advance of the 
checkpoint to detect, disrupt and deter terrorist activities.
    Technology. The Request reflects TSA's plan to strategically deploy 
technology to improve security for passengers, generate additional 
staffing efficiencies, and improve the passenger's travel experience. 
The Request includes $91.7 million to procure and deploy AT X-ray 
machines at checkpoints in the busiest airports. TSA will devote $1.2 
billion to recapitalize checked baggage screening devices and 
accelerate deployment of inline EDS systems to increase baggage 
throughput up to 300 percent. The Request anticipates an additional 
$426 million annually in mandatory funds generated by a four-year $0.50 
surcharge on the passenger security fee (Surcharge) with a maximum 
increase of $1.00 per one-way trip. This proposal does not lower TSA's 
appropriation through offsetting collections, but rather total funding 
for these systems would increase to $1.2 billion. The increase in 
spending would be entirely offset by fees. The temporary Surcharge 
would be deposited into the Aviation Security Capital Fund (ASCF) for 
the specific purpose of purchasing, installing and recapitalizing 
inline EDS. The Surcharge authority is being requested together with a 
proposal to allow for the use of other transaction agreements for the 
funding of inline EDS, the discretionary use of letters of intent, and 
innovative use of cost-sharing with our airport partners. We look 
forward to your support and quick enactment of this important 
initiative that will accelerate the funding to support deployment of 
optimal checked baggage screening solutions by 2012.
    Air Cargo. TSA is requesting $104.1 million for the Air Cargo 
program in FY 2009, which will be the first full year the workforce 
will be operating at the expanded staffing level of 460 inspectors and 
170 deployed explosives detection canine teams to screen air cargo at 
high volume airports. TSA anticipates deployment of the Certified Cargo 
Screening Program (CCSP) in FY 2009, which will establish full supply 
chain security of air cargo and continue the progress toward meeting 
the deadline of screening 100 percent of air cargo by August 2010, as 
required by the 9/11 Act. We are beginning pilot projects in San 
Francisco, Chicago, and Philadelphia to test the phased rollout of the 
certified cargo shipper program. Our first class of TSA canine teams 
dedicated to air cargo has ``graduated'' and the teams will begin 
operations this month. TSA will continue our incremental progress of 
increasing the percentage of screened cargo per fiscal quarter during 
FY 2008.
    Law Enforcement/FAMS. The PPA realignment proposes a new PPA for 
Law Enforcement and a new PPA for the FAMS in the Aviation Security 
appropriation. The FAMS PPA includes a request of $786 million for FY 
2009, an increase of $16.5 million over the FY 2008 FAMS appropriation. 
TSA is requesting $242.2 million for Law Enforcement, which includes 
$79.1M for Airport Law Enforcement & Assessments and the funding for 
approximately 343 airports through Cooperative Agreements to provide 
local law enforcement support for TSA activities. This program was 
significantly expanded from 271 participating airports in FY 2007 to 
343 airports in FY 2008. TSA has instituted more effective program 
management and oversight as a more efficient means of distributing the 
funds for appropriate law enforcement activities. The Request includes 
$54.5 million for the National Explosives Detection Canine Team 
Program, which reflects the expansion of the total TSA K-9 program to 
over 750 teams as a result of the FY07 Supplemental Act and the FY08 
Consolidated Act. The Law Enforcement PPA incorporates other 
appropriate functions such as the Federal Flight Deck Officer Program, 
TSA's Freedom Center (the Transportation Security Operations Center), 
Physical and Personnel Security, and the Joint Coordination Center.
The Checkpoint Is Evolving
    An effective security system must constantly be evolving. TSA is in 
the process of evaluating a fundamental shift in strategy for the 
security checkpoint which encompasses people, process, and technology. 
This is the most significant change occurring in passenger screening 
since 9/11 and even since the checkpoint was first established in the 
1970s. Through an initial pilot program, TSA is taking a fresh look at 
our checkpoint operations to see how we can improve security. We took 
what we know from the intelligence and security communities, we 
listened to our employees, we learned from passengers, we evaluated 
readily deployable technology, and have come up with changes that we 
are piloting.
    People. People are our most important asset and the human element 
is critical to achieving a high standard of security. TSA is relying 
more on personal interaction to detect irregular behavior. TSA's 
introduction of behavior detection and assuming the position of travel 
document checker have proven to be valuable methods of identifying 
people who are exhibiting unusual signs of stress, fear, and/or 
deception at the checkpoint. Behavior detection draws a contrast 
between average levels of travel stress and those intending to do harm. 
Training all security officers to increase passenger interaction on a 
one-on-one basis will achieve a calmer, quieter environment that will 
result in heightened security.
    Process. The current checkpoint during a peak travel period is 
often noisy and congested. A chaotic, noisy congested checkpoint is a 
security nightmare because it has the potential to conceal someone with 
hostile intent. The Checkpoint Evolution prototype at Thurgood Marshall 
Baltimore-Washington International Airport (BWI) gives security 
officers wireless whisper radio headsets which will enable them to 
perform their duties in a low-key demeanor and communicate more 
effectively with others on their team. Further, the prototype strives 
to provide a more convenient layout for passengers with more 
information explaining the screening process together with light and 
sound elements designed to have a calming effect.
    Another simple yet effective program that improves the checkpoint 
process is the Diamond Self-Select program currently running in Salt 
Lake City, Orlando, Denver, Spokane, Boston, Cincinnati, Raleigh-
Durham, Milwaukee, Pittsburgh, and Dallas Love Field with more planned 
in the near future. Self-Select lanes are comprised of a series of 
lanes designated by signage that directs passengers based on their 
travel needs and knowledge--Expert, for the business traveler who 
travels often and is familiar with the rules and is prepared when they 
reach the checkpoint; Casual, for passengers that travel less 
frequently, but are familiar with the security process; and Family/
Special Assistance, for passengers traveling with small children or 
strollers, elderly passengers, and passengers who may need special 
assistance. These lanes give passengers some control over the 
checkpoint process and have reduced the number of alarms and prohibited 
items and increased through-put times at the Expert lane.
    Technology. New technology does not currently exist to adequately 
address the threat alone so TSA, working closely with the Science and 
Technology Directorate, is investing in the development and deployment 
of proven technology, including multi-view X-ray and whole body 
imaging. These are the first significant additions to checkpoint 
technology since walk through metal detectors and standard X-ray 
machines were introduced in the 1970s.
Surface Transportation Security
    TSA continues to make progress in addressing major system-wide 
security risks in surface transportation. We continue to work closely 
with the Department of Transportation, its various modal 
administrations, and the many surface transportation stakeholders to 
enhance security through partnerships, proposed regulations, and the 
Federal Emergency Management Agency with grant planning, evaluation and 
awards.
    The surface transportation systems present much different security 
challenges than commercial aviation due to the inherent openness and 
mobility of each system network. Our personnel are engaged in a 
proactive manner with the stakeholders in the Pipeline, Maritime, Mass 
Transit, Rail, Highway and Motor Carrier modes of transportation. Our 
Surface TSIs assess security vulnerabilities, assist with the 
development of security plans, and help establish best practices and 
national standards. The proposed PPA realignment shifts certain funding 
and FTE to other PPAs in other appropriations; thus, the net result of 
the request for $37 million for Surface Transportation Security is an 
overall enhancement of surface transportation security initiatives. Our 
efforts in this area are complemented by funds in Aviation Security, 
such as 75 FTE to support VIPR team operations and the deployment of 
over 92 explosives detection canine teams to the largest Mass Transit 
systems. These programs work in tandem with existing surface 
transportation security initiatives enacted in the FY 2008 budget.
Transportation Threat Assessment and Credentialing
    TSA's Office of Transportation Threat Assessment and Credentialing 
(TTAC) consolidates the management of all vetting and credentialing 
programs. The mission for these programs is to identify known or 
suspected terrorist threats working or seeking access to transportation 
systems through terrorist-related threat assessment procedures.
    Secure Flight. The Request includes a program increase of $32 
million to accelerate the implementation of the Secure Flight program, 
an automated prescreening process to compare specific passenger 
reservation information against records contained in the Terrorist 
Screening Center Database. The Request provides for a total funding 
amount of $82 million. With this Committee's strong past and continued 
support, TSA anticipates the beginning of the transition of passenger 
vetting to Secure Flight in early 2009 and full assumption of the 
function by late 2009 or early 2010.
    Other Vetting. The second program increase in the Request is for 
$30 million to stabilize and enhance the infrastructure of TSA's 
existing vetting systems, for a total amount of $50.8 million for FY 
2009. The increase will enhance TSA's efforts to consolidate the 
various systems and to provide a more reliable platform for the 
increasing populations being vetted through the multiple programs 
required under the 9/11 Act, including frontline employees in mass 
transit, passenger rail and freight rail systems.
    Transportation Worker Identification Credential (TWIC). The TWIC 
program provides a tamper-resistant biometric credential to maritime 
workers requiring unescorted access to secure areas of port facilities 
and vessels regulated under the Maritime Transportation Security Act of 
2002, (P.L. 107-295). In October 2007, TSA began the enrollment process 
for TWIC cards in Wilmington, Delaware and has enrolled more than 
250,000 port workers to date at more than 100 fixed enrollment centers. 
TSA expects to complete roll-out of 147 fixed enrollment centers and 
enroll nearly one million workers in FY 2008. TSA is expecting to spend 
approximately $9 million for the fee-based program in FY 2009.
    In cooperation with the United States Coast Guard (USCG) we have 
initiated pilot programs with six partners across the country to test 
card readers. The pilots will test access control technologies in real 
world marine environments. Our current list of participants includes 
the Port Authorities of Los Angeles, Long Beach, Brownsville, and New 
York/New Jersey, in addition to Watermark Cruises in Annapolis, 
Maryland and Magnolia Marine in Vicksburg, Mississippi. We are in the 
process of finalizing the test approach for the pilots. We are working 
with DHS's Science and Technology Directorate and the National 
Institute of Standards and Technology (NIST) to establish a test plan 
that will evaluate the card-reader interface under a variety of 
conditions and assess its impact on operations. As the program 
proceeds, the pilots will inform the USCG's TWIC reader rulemaking 
process and ultimately result in final regulations that require the 
deployment of transportation security card readers consistent with the 
findings of the pilot program.
    Earlier this month, DHS announced that the final compliance date 
for the TWIC program will be April 15, 2009, which reflects a 
realignment of the Sept. 25, 2008 compliance date set in the final 
rule. The 7-month extension is a direct result of collaboration with 
port officials and industry, and realigns the enrollment period with 
the original intent of the TWIC final rule. The program is on track to 
complete enrollment for a substantial number of jurisdictions by the 
end of 2008, and several ports will be required to comply with TWIC 
regulations this year.
    Alien Flight Student Program. When the function of screening alien 
flight students who are applying for flight training was transferred 
from the Attorney General to the Secretary of the Department of 
Homeland Security, and subsequently delegated to TSA, the authority to 
require fees to offset such costs excluded recurrent training. Through 
the implementation of this program, TSA has determined that over 52 
percent of all applicants are for recurrent training. TSA has been 
absorbing approximately $1.5 million to perform background checks on 
recurrent training applicants without the ability to charge a fee to 
the applicant. TSA is requesting a revision to amend section 44939 of 
title 49, United States Code, to provide authority to assess a fee to 
cover the costs associated with foreign students seeking recurrent 
flight training. The Request anticipates that TSA will be provided the 
authority to impose fees for recurrent training applications. We look 
forward to your support for this modest but important proposal to allow 
this program to continue operating as a fee-based program.
Transportation Security Support
    TSA is an organization with over 50,000 personnel and hundreds of 
field operations locations across the Nation and around the world. Our 
primary activities in the Transportation Security Support category 
involve Intelligence, Human Capital Services, Headquarters 
Administration, and Information Technology. The proposed PPA 
realignment transferred many functions from the Headquarters 
Administration PPA to the appropriate program they support to provide 
greater clarity to the resources dedicated to each program and increase 
accountability of TSA's senior leadership. We created a new PPA, Human 
Capital Services, which combines funding that previously supported 
Human Resources (HR) Services from the Aviation Security appropriation 
and HR activities and FTE from within the Headquarters Administration 
PPA. Similarly, Information Technology (IT) activities previously 
funded under separate PPAs involving Airport Management, IT, and 
Support are now combined in this appropriation. TSA is requesting $926 
million in FY 2009.
Implementation of the 9/11 Act
    On August 3, 2007, the President signed into law the 9/11 Act, 
which implemented important recommendations from the 9/11 Commission 
and provided TSA much needed tools to improve transportation security. 
In particular, we are pleased to now have the authority to establish an 
administrative process for civil enforcement of surface transportation 
regulations and orders and the flexibility to develop a robust air 
cargo screening program that maintains the flow of commerce. Among the 
many key provisions of the Act, TSA was given clear authority for VIPR 
teams to operate in all modes of transportation. Overall, the Act 
authorized 33 programs and 20 rulemaking actions for TSA, many of which 
were already initiated by TSA. FY 2009 will be the first full year of 
TSA's expanded inspector workforce and K-9 team deployment, both 
strongly supported in the 9/11 Act.
    I want to thank the Members of this Committee for your support in 
providing $30 million to TSA in FY 2008 to implement new regulations 
and activities authorized by the 9/11 Act. TSA has developed and 
provided to the Appropriations Committees a spend plan required by the 
FY08 Consolidated Act that effectively uses these funds to advance 
implementation of many key provisions in the 9/11 Act. TSA is now 
proceeding with implementing the plan, which focuses on: developing 
regulations to enhance surface transportation security; expand the 
infrastructure to support background checks; support a national 
exercise program for surface transportation security; support security 
audits of foreign repair stations; and inspection of critical pipeline 
facilities. We will fund the 9/11 Act initiatives across TSA's separate 
appropriations and through the applicable PPAs, such as combining the 
air cargo program into the Aviation Regulation PPA, a separate PPA for 
VIPR, and consolidation of K-9 funding into the National Explosives 
Detection Canine Team Program PPA component. Through our ongoing 
efforts, including efficient use of our resources within our base 
funding, and your support, we are confident we will continue to enhance 
security across all modes of transportation.
Conclusion
    Mr. Chairman, thank you again for this opportunity to discuss the 
President's Request for TSA. I look forward to our continued work 
together and would be pleased to respond to your questions.

    The Chairman. I thank you very much, Mr. Hawley.
    May I recognize Director Berrick?

          STATEMENT OF CATHLEEN A. BERRICK, DIRECTOR,

             HOMELAND SECURITY AND JUSTICE ISSUES,

             U.S. GOVERNMENT ACCOUNTABILITY OFFICE

    Ms. Berrick. Thank you, Chairman Inouye and Vice Chairman 
Stevens, for inviting me here to discuss GAO's work reviewing 
TSA's efforts in guiding key investments in transportation 
security.
    My testimony focuses on TSA's efforts in the following four 
areas, which represents about $4.5 billion of the President's 
budget request for TSA--screening operations, including TSO 
allocations and checkpoint technologies; air cargo; passenger 
watch list matching; and surface transportation security.
    Overall, we found that TSA has more systematically planned 
for and guided investments in these areas and has taken or 
plans to take action to address many of the issues we 
previously reported. However, we found that TSA can further 
strengthen its efforts to help ensure that these programs 
achieve their desired outcomes and that resources are 
appropriately targeted.
    With respect to progress, we found that TSA has made 
significant achievements in the following three key areas, 
among others--deploying, training, and measuring the 
performance of its aviation security workforce; refining and 
testing procedures for screening passengers and their baggage; 
and conducting risk assessments, partnering with stakeholders 
and administering grant programs for surface transportation 
systems.
    For example, we reported that TSA has developed robust 
training programs for TSOs, including enhanced explosives 
detection training. TSA has also issued strategies for securing 
surface transportation modes and is pursuing a rulemaking to 
guide its efforts to secure passengers and freight rail.
    We also reported that TSA generally used sound methods to 
determine TSO allocations among airports through their staffing 
allocation model and implemented or expanded several workforce 
initiatives involving TSOs to further strengthen security, 
including the Travel Document Checker, Behavior Detection 
Officer, and Bomb Appraisal Officer initiatives, among others.
    However, we found that other key areas need continued 
attention, both in the short and long term. First, it is 
important that TSA move forward on initiatives to secure 
airport perimeters and access to restricted airport areas. 
Although TSA has completed technology pilots and issued 
guidelines for biometric identification systems, it has not yet 
determined how or when it will require the implementation of 
these systems nationwide.
    In addition, TSA is making progress in determining how to 
mitigate the risk posed by airport workers through an ongoing 
pilot, among other efforts. However, the agency has not yet 
made final decisions regarding how it will fully address this 
area of security.
    Second, with respect to checkpoint technologies, DHS and 
TSA have researched, developed, tested, and initiated 
procurements of various technologies to detect explosives and 
plan to deploy new enhanced technologies this year. However, to 
date, TSA has made limited progress in fielding emerging 
technologies due to performance, maintenance, and planning 
issues.
    Third, although TSA has made significant progress in 
strengthening the development of Secure Flight, a government-
run program to match passenger information against the 
terrorist watch list, some challenges remain, including the 
need for more sound program cost and schedule estimates, better 
management of program risks, and test plans that reflect 
comprehensive systems testing. TSA agreed with our 
recommendations in this area and has reported taking corrective 
action.
    Fourth, TSA has made progress on a number of fronts in 
securing air cargo and is pursuing a plan to meet the 
Congressional mandate to screen 100 percent of cargo on 
passenger aircraft. However, TSA has placed less attention on 
cargo transported into the United States from foreign 
locations, and DHS and TSA have made limited progress in 
deploying technologies to screen cargo.
    Finally, TSA will need to continue to define its regulatory 
or other role with respect to all surface transportation modes, 
more clearly define the mission and capabilities of its 
inspection workforce. For example, it is unclear whether TSA 
surface inspectors will be able to support the increased 
workload expected in implementing requirements of the 9/11 Act 
and new security regulations.
    In conducting our work, we found that a variety of cross-
cutting issues have hindered both DHS and TSA's progress. These 
include developing results-oriented goals and measures to 
assess performance, integrating a risk-based approach to guide 
investments, and establishing effective frameworks for 
coordinating with stakeholders. TSA has placed attention on and 
continues to make progress in all of these issues.
    We are currently reviewing TSA's efforts in many of these 
key areas for your and other committees and will continue to 
report to the Congress and public on the results of our work.
    This concludes my opening statement. I look forward to your 
questions.
    [The prepared statement of Ms. Berrick follows:]

Prepared Statement of Cathleen A. Berrick, Director, Homeland Security 
       and Justice Issues, U.S. Government Accountability Office
    Mr. Chairman and Members of the Committee:

    I appreciate the opportunity to participate in today's hearing to 
discuss the security of our Nation's transportation system. The 
Transportation Security Administration (TSA) was established in 2001 
with the mission to protect the transportation network while also 
ensuring the free movement of people and commerce. Since its inception, 
TSA has focused much of its efforts on aviation security, and has 
developed and implemented a variety of programs and procedures to 
secure commercial aviation. To implement these efforts, TSA funding for 
aviation security has totaled about $26 billion since Fiscal Year 2004. 
Other parties also play a role in securing commercial aviation, 
including air carriers that are responsible for screening air cargo, 
among other things, and the Department of Homeland Security's (DHS) 
Science and Technology Directorate (S&T), which is responsible for the 
research and development of aviation security technologies. TSA is also 
responsible for securing surface modes of transportation, including 
passenger and freight rail, mass transit, highways, commercial 
vehicles, and pipelines, in partnership with other Federal entities, 
state and local governments, and the private sector. In carrying out 
its broader homeland security responsibilities, DHS faces the daunting 
challenge of determining how to allocate its finite resources within 
the transportation system and across all sectors to address threats and 
strengthen security.
    My testimony today focuses on TSA's efforts to ensure the security 
of the following key areas of commercial aviation, which represents 
about $4.5 billion of the President's budget request for TSA for Fiscal 
Year 2009: (1) screening operations, including transportation security 
officer (TSO) and private screener allocations, and checkpoint 
screening technologies; (2) air cargo; and (3) passenger watch-list 
matching. My testimony also addresses TSA's efforts to ensure the 
security of the Nation's surface transportation systems. In particular, 
I will address the numerous efforts TSA has taken or plans to take to 
strengthen security in these areas and the challenges that remain.
    My comments are based on GAO reports and testimonies issued from 
February 2004 through April 2008 addressing the security of the 
Nation's commercial aviation and surface transportation systems, 
including the status of TSA's development of the Secure Flight program 
\1\ conducted in response to the Implementing Recommendations of the 9/
11 Commission Act of 2007.\2\ Selected updates to this work were 
conducted in February through April 2008. We conducted these 
performance audits in accordance with generally accepted government 
auditing standards. Those standards require that we plan and perform 
the audit to obtain sufficient, appropriate evidence to provide a 
reasonable basis for our findings and conclusions based on our audit 
objectives. We believe that the evidence obtained provides a reasonable 
basis for our findings and conclusions based on our audit objectives.
---------------------------------------------------------------------------
    \1\ GAO, Aviation Security: Transportation Security Administration 
Has Strengthened Planning to Guide Investments in Key Aviation Security 
Programs, but More Work Remains, GAO-08-456T (Washington, D.C.: 
February 28, 2008).
    \2\ Pub. L. No. 110-53,  1605(b), 121 Stat. 266, 481-82 (2007).
---------------------------------------------------------------------------
Summary
    DHS and TSA have undertaken numerous initiatives to strengthen the 
security of the Nation's commercial aviation system and surface 
transportation modes as well as to more effectively guide program 
investments, including taking steps to address many of our prior 
recommendations. Specifically, DHS and TSA have, among other things, 
developed and implemented a Staffing Allocation Model to determine TSO 
staffing levels at airports that reflect current operating conditions, 
and provided TSOs (formerly known as screeners) with additional 
training intended to enhance the detection of threat objects, 
particularly improvised explosive devices. TSA also proposed and 
implemented modifications to passenger checkpoint screening procedures 
based on risk (threat and vulnerability) information, while considering 
efficiency and customer service needs. TSA also explored new passenger 
checkpoint screening technologies to enhance the detection of 
explosives and other threats. Further, TSA took steps to strengthen air 
cargo security, such as conducting vulnerability assessments at several 
domestic airports, revising screening exemptions for domestic air 
cargo, and conducting inspections of air carriers to ensure that they 
are complying with existing security requirements. Finally, TSA has 
instilled more discipline and rigor into Secure Flight's development 
and implementation, including preparing key systems development 
documentation and strengthening privacy protections. With regard to 
surface transportation security, TSA has taken steps to develop a 
strategic approach for securing mass transit, passenger and freight 
rail, commercial vehicles, and highways; establish security standards 
for certain transportation modes; and conduct threat, criticality, and 
vulnerability assessments of surface transportation assets, 
particularly passenger and freight rail. TSA also hired and deployed 
compliance inspectors and conducted inspections of passenger and 
freight rail systems, and DHS developed and administered grant programs 
for various surface transportation modes.
    While these efforts should be commended, we have reported on 
several areas in which TSA could do more to strengthen transportation 
security. For example, in our previous work, we reported that some 
assumptions used in TSA's Staffing Allocation Model did not accurately 
reflect airport operating conditions. We recommended that TSA establish 
a formal, documented plan for reviewing all of the model assumptions on 
a periodic basis. TSA agreed with our recommendation and, in December 
2007, developed a Staffing Allocation Model Rates and Assumption 
Validation Plan that the agency will use to review and validate model 
assumptions. In addition, we reported that TSA could improve its 
process for evaluating the effectiveness of proposed changes to 
passenger screening procedures before implementing them nationwide. DHS 
generally agreed with our findings and recommendations, and TSA has 
taken some steps to implement them. We also testified that limited 
progress has been made in developing and deploying checkpoint 
technologies due to planning and management challenges. With respect to 
air cargo, we reported that TSA has not yet developed an inspection 
plan that includes performance goals and measures to determine the 
extent to which air carriers transporting cargo into the United States 
are complying with security requirements. Moreover, while TSA has made 
considerable progress in the development and implementation of Secure 
Flight, it has not fully addressed program management issues related to 
developing cost and schedule estimates consistent with best practices, 
fully implementing its risk management plan, developing a comprehensive 
testing strategy, and ensuring that information security requirements 
are fully implemented. With regard to surface transportation security, 
TSA has initiated efforts to develop security standards for passenger 
and freight rail, but has not yet determined its regulatory role with 
respect to other surface modes of transportation. Moreover, although 
TSA has made progress in conducting compliance inspections of some 
surface transportation systems, inspectors' roles and missions have not 
been fully defined.
    In addition to the recommendations discussed above, we have made 
other recommendations to strengthen passenger screening operations, air 
cargo security, and the implementation of the Secure Flight program. 
DHS and TSA generally agreed with our recommendations and have taken 
action to implement a number of them.
Background
    The Aviation and Transportation Security Act (ATSA), enacted in 
November 2001, created TSA and gave it responsibility for securing all 
modes of transportation.\3\ As part of this responsibility, TSA 
oversees security operations at the Nation's more than 400 commercial 
airports, including establishing requirements for passenger and checked 
baggage screening and ensuring the security of air cargo transported 
to, from, and within the United States. TSA has operational 
responsibility for conducting passenger and checked baggage screening 
at most airports, and has regulatory, or oversight, responsibility, for 
air carriers who conduct air cargo screening. While TSA took over 
responsibility for passenger checkpoint and baggage screening, air 
carriers have continued to conduct passenger watch-list matching in 
accordance with TSA requirements, which includes the process of 
matching passenger information against Federal watch-list data before 
flights depart. TSA is currently developing a program to take over this 
responsibility from air carriers for passengers on domestic flights, 
and plans to assume from the U.S. Customs and Border Protection (CBP) 
the pre-departure name-matching function for passengers on 
international flights traveling to or from the United States.
---------------------------------------------------------------------------
    \3\ See Pub. L. No. 107-71, 115 Stat. 597 (2001).
---------------------------------------------------------------------------
    According to DHS's budget execution reports and TSA's Congressional 
budget justifications, TSA received appropriations for aviation 
security that total about $26 billion since Fiscal Year 2004.\4\ During 
Fiscal Year 2004--the first year for which data were available--TSA 
received about $3.9 billion for aviation security programs, and during 
Fiscal Year 2008, received about $6.1 billion. The President's budget 
request for Fiscal Year 2009 includes about $6.0 billion to continue 
TSA's aviation security activities. This total includes about $5.3 
billion specifically designated for aviation security and about $0.76 
billion for aviation-security related programs, such as Secure Flight, 
and mandatory fee accounts, such as the Aviation Security Capital Fund. 
Figure 1 identifies reported aviation security funding for Fiscal Years 
2004 through 2008.
---------------------------------------------------------------------------
    \4\ DHS's budget execution reports are monthly statements that 
reflect the department's financial activity. In our analysis of DHS's 
budget execution reports and TSA Congressional Budget Justification, we 
included funding that we determined to be specifically designated for 
aviation security and funding for all programs, projects, and 
activities related to aviation security, to the extent they were 
identifiable, in order to present consistent total funding amounts 
across fiscal years. In addition, these aviation security totals do not 
reflect funding for activities that may support TSA's aviation security 
programs and projects, such as intelligence and administration, because 
DHS's documentation does not identify the proportion of funding 
dedicated to support aviation security. During this time period, a 
number of aviation security related activities were transferred in or 
out of TSA's jurisdiction, which affects TSA funding levels for the 
affected fiscal years.



    Source: GAO analysis of TSA budget execution reports for Fiscal 
Years 2004 to 2007 and TSA's Congressional Budget Justification for 
Fiscal Year 2009.
    Note: We used the September 30th budget execution reports for our 
analysis of TSA funding for Fiscal Years 2004 through 2006. For Fiscal 
Years 2007 and 2008, we used TSA's Fiscal Year 2009 congressional 
budget justification. According to the budget execution reports and 
congressional budget justification, figures presented include all 
rescissions and supplemental funding for the fiscal years.
    a Fiscal years 2004 and 2005 include approximately $330 
million in research and development funding for aviation security. 
Beginning in Fiscal Year 2006, research and development funding was 
consolidated within DHS S&T. Therefore, this funding, as reflected in 
TSA's budget documentation, is not included as part of TSA's 
appropriation from Fiscal Year 2006 forward.
    b Fiscal years 2006, 2007, and 2008 include 
approximately $680 million, $720 million, and $770 million 
respectively, in funding for the Federal Air Marshals Service, which 
was transferred back to TSA from U.S. Immigration and Customs 
Enforcement in October 2005. Federal Air Marshal Service funding is 
included within totals for related aviation security programs, 
projects, and activities for Fiscal Years 2006, 2007, and 2008.
    c Funding for aviation security-related programs, 
projects, and activities is reported separately. However, TSA 
designated funds from other programs, projects, and activities to 
aviation security as well, which represents the unshaded areas.

    TSA is also responsible for securing surface modes of 
transportation, including passenger and freight rail, mass transit, 
highways, commercial vehicles, and pipelines, in partnership with other 
Federal entities, state and local governments, and the private sector. 
According to TSA congressional budget justifications, TSA received 
appropriations for surface transportation security that totaled about 
$175 million since Fiscal Year 2005. During Fiscal Year 2005--the first 
year for which data were available--TSA received about $36 million for 
surface transportation security programs. TSA further received $52 
million during Fiscal Year 2006, $41 million during Fiscal Year 2007, 
and $47 million during Fiscal Year 2008 for securing surface modes of 
transportation. The President's budget request for Fiscal Year 2009 
includes about $37 million, about $10 million less than last year's 
appropriation, to continue TSA's surface transportation security 
activities, including conducting compliance inspections, developing 
best practices and standards, assessing security vulnerabilities, 
establishing baseline data against which to evaluate minimum-security 
standards, and providing domain awareness training.
Airline Passenger and Checked Baggage Screening
    One of the most significant changes mandated by ATSA was the shift 
from the use of private-sector screeners to perform airport screening 
operations to the use of Federal screeners (now referred to as TSOs). 
Prior to ATSA, passenger and checked baggage screening had been 
performed by private screening companies under contract to airlines. 
ATSA established TSA and required it to create a Federal workforce to 
assume the job of conducting passenger and checked baggage screening at 
commercial airports. The Federal screener workforce was put into place, 
as required, by November 2002.\5\
---------------------------------------------------------------------------
    \5\ ATSA further required TSA to allow airports to apply to opt-out 
of Federal screening and to use private screeners under contract with 
TSA. See 49 U.S.C.  44920. Ten airports and 1 heliport currently have 
screening operations conducted by private screening contractors under 
TSA's Screening Partnership Program.
---------------------------------------------------------------------------
    Passenger screening is a process by which personnel authorized by 
TSA inspect individuals and property to deter and prevent the carriage 
of any unauthorized explosive, incendiary, weapon, or other dangerous 
item into a sterile area or onboard an aircraft.\6\ Passenger screening 
personnel must inspect individuals for prohibited items at designated 
screening locations. The four passenger screening functions are X-ray 
screening of property, walk-through metal detector screening of 
individuals, hand-wand or pat-down screening of individuals, and 
physical search of property and trace detection for explosives. 
Typically, passengers are only subjected to X-ray screening of their 
carry-on items and screening by the walk-through metal detector. 
Passengers whose carry-on baggage alarms the X-ray machine, who alarm 
the walk-through metal detector, or who are designated as selectees--
that is, passengers selected by the Computer Assisted Passenger Pre-
Screening System (CAPPS) or other TSA-approved processes to designate 
passengers for additional screening--are screened by hand-wand or pat-
down and have their carry-on items either screened for explosives 
traces or physically searched.\7\
---------------------------------------------------------------------------
    \6\ Sterile areas are located within the terminal where passengers 
are provided access to boarding aircraft. Access to these areas is 
controlled by TSOs (or by non-Federal screeners at airports 
participating in the Screener Partnership Program) at checkpoints where 
they conduct physical screening of individuals and their carry-on 
baggage for weapons and explosives.
    \7\ CAPPS identifies passengers for secondary screening based on 
certain travel behaviors reflected in their reservation information 
that are associated with threats to aviation security, as well as 
through a random selection of passengers. At some airports, some 
passengers may also be screened by walking through an explosives trace 
portal--a machine that detects trace amounts of explosives on persons.
---------------------------------------------------------------------------
    Checked baggage screening is a process by which authorized security 
screening personnel inspect checked baggage to deter, detect, and 
prevent the carriage of any unauthorized explosive, incendiary, or 
weapon onboard an aircraft. Checked baggage screening is accomplished 
through the use of explosive detection systems \8\ or explosive trace 
detection systems,\9\ and through the use of approved alternative 
means, such as manual searches and canine teams when the explosive 
detection or explosive trace detection systems are unavailable.
---------------------------------------------------------------------------
    \8\ Explosive detection systems use computer-aided tomography X-
rays to examine objects inside baggage and identify the characteristic 
signatures of threat explosives. This equipment operates in an 
automated mode.
    \9\ Explosive trace detection works by detecting vapors and 
residues of explosives. Human operators collect samples by rubbing bags 
with swabs, which are chemically analyzed to identify any traces of 
explosive materials.
---------------------------------------------------------------------------
    The passenger and checked baggage screening systems are composed of 
three elements: the people (TSOs) responsible for conducting the 
screening of airline passengers and their carry-on items and checked 
baggage, the technology used during the screening process, and the 
procedures TSOs are to follow to conduct screening. Collectively, these 
elements help to determine the effectiveness and efficiency of 
passenger and checked baggage screening operations.
Air Cargo Security
    Air cargo ranges in size from one pound to several tons, and in 
type from perishables to machinery, and can include items such as 
electronic equipment, automobile parts, clothing, medical supplies, 
other dry goods, fresh cut flowers, fresh seafood, fresh produce, 
tropical fish, and human remains. Cargo can be shipped in various 
forms, including large containers known as unit loading devices that 
allow many packages to be consolidated into one container that can be 
loaded onto an aircraft, wooden crates, assembled pallets, or 
individually wrapped/boxed pieces, known as break bulk cargo.
    TSA's responsibilities for securing air cargo include, among other 
things, establishing security rules and regulations governing domestic 
and foreign passenger air carriers that transport cargo, domestic and 
foreign all-cargo carriers that transport cargo, and domestic indirect 
air carriers. TSA is also responsible for overseeing the implementation 
of air cargo security requirements by air carriers and indirect air 
carriers through compliance inspections, and, in coordination with 
DHS's S&T Director, for conducting research and development of air 
cargo security technologies. Air carriers (passenger and all-cargo) are 
responsible for implementing TSA security requirements, predominantly 
through a TSA-approved security program that describes the security 
policies, procedures, and systems the air carrier will implement and 
maintain in order to comply with TSA security requirements. Air 
carriers must also abide by security requirements issued by TSA through 
security directives or emergency amendments to air carrier security 
programs.
    Air carriers use several methods and technologies to screen 
domestic and inbound air cargo.\10\ These include manual physical 
searches and comparisons between airway bills and cargo contents to 
ensure that the contents of the cargo shipment matches the cargo 
identified in documents filed by the shipper, as well as using approved 
technology, such as X-ray systems, explosive trace detection systems, 
decompression chambers, explosive detection systems, and certified 
explosive detection canine teams.\11\ Under TSA's security requirements 
for domestic and inbound air cargo, passenger air carriers are 
currently required to randomly screen a specific percentage of non 
exempt air cargo pieces listed on each airway bill. All-cargo carriers 
are required to screen 100 percent of air cargo that exceeds a specific 
weight threshold. As of October 2006, domestic indirect air carriers 
are also required, under certain conditions, to screen a certain 
percentage of air cargo prior to its consolidation. TSA, however, does 
not regulate foreign freight forwarders, or individuals or businesses 
that have their cargo shipped by air to the United States. Under the 
Implementing Recommendations of the 9/11 Commission Act of 2007, DHS is 
required to implement a system to screen 50 percent of air cargo 
transported on passenger aircraft by February 2009, and 100 percent of 
such cargo by August 2010.\12\
---------------------------------------------------------------------------
    \10\ The Implementing Recommendations of the 9/11 Commission Act of 
2007 defines the term `screening' for purposes of air cargo to mean a 
physical examination or non-intrusive methods of assessing whether 
cargo poses a threat to transportation security. See 49 U.S.C.  
44901(g)(5). Such methods of screening include X-ray systems, 
explosives detection systems, explosives trace detection, explosives 
detection canine teams certified by TSA, or a physical search together 
with manifest verification. While additional methods may be approved to 
ensure that cargo does not pose a threat to transportation security, 
these additional methods cannot include solely performing a review of 
information about the contents of cargo or verifying the identity of a 
shipper of the cargo if not performed in conjunction with other 
authorized security methods, including whether a shipper is registered 
in the known shipper database.
    \11\ Certified explosive detection canine teams have been evaluated 
by TSA and shown to effectively detect explosive devices. Decompression 
chambers simulate the pressures acting on aircraft by simulating flight 
conditions, which cause explosives that are attached to barometric 
fuses to detonate.
    \12\ See Pub. L. No. 110-53,  1602(a), 121 Stat. 266, 477-480 
(2007) (codified at 49 U.S.C.  44901(g)).
---------------------------------------------------------------------------
Airline Passenger Watch List Matching
    The prescreening of airline passengers who may pose a security risk 
before they board an aircraft is one of many layers of security 
intended to strengthen commercial aviation. One component of 
prescreening is passenger watch-list matching--or the process of 
matching passenger information against the No-Fly and Selectee lists to 
identify passengers who should be denied boarding or who should undergo 
additional security scrutiny.\13\
---------------------------------------------------------------------------
    \13\ The No Fly and Selectee lists contain the names of individuals 
with known or suspected links to terrorism. These lists are subsets of 
the consolidated terrorist watch-list that is maintained by the Federal 
Bureau of Investigation's Terrorist Screening Center.
---------------------------------------------------------------------------
    Aircraft operators are currently responsible for checking passenger 
information against the No-Fly and Selectee lists to identify 
passengers who should be denied boarding or who should undergo 
additional security scrutiny. To further enhance commercial aviation 
security and in accordance with the Intelligence Reform and Terrorism 
Prevention Act of 2004 (IRTPA), TSA is developing a program to assume 
from air carriers the function of matching passenger information 
against government-supplied terrorist watch-lists for domestic 
flights.\14\ Secure Flight is the program through which TSA plans to 
meet this requirement. Following domestic implementation, TSA, through 
Secure Flight, plans to assume responsibility from CBP for watch-list 
matching of passengers on international flights bound to and from the 
United States. Secure Flight's mission is to enhance the security of 
commercial air travel by:
---------------------------------------------------------------------------
    \14\ See 49 U.S.C.  44903(j)(2)(C).

   eliminating inconsistencies in current air carrier watch-
---------------------------------------------------------------------------
        list matching procedures,

   reducing the number of individuals who are misidentified as 
        being on the No Fly or Selectee list,

   reducing the risk of unauthorized disclosure of sensitive 
        watch-list information, and

   integrating the redress process so that individuals are less 
        likely to be improperly or unfairly delayed or prohibited from 
        boarding an aircraft.

    TSA plans to implement Secure Flight in three releases. During 
Release One, completed in March 2008, TSA developed and tested the 
Secure Flight system. During Release Two, scheduled to be conducted 
from April 2008 through August 2008, TSA plans to begin parallel 
testing with air carriers during which both Secure Flight and air 
carriers will perform watch-list matching. Finally, during Release 
Three, TSA is to develop the capability for ``airline cutovers'' during 
which Secure Flight plans to begin conducting all watch-list matching 
for domestic air passengers. Release Three is scheduled to begin in 
September 2008. Domestic cutovers are expected to begin in January 2009 
and be completed in July 2009. TSA plans to assume from CBP watch-list 
matching for flights departing from and to the United States some time 
after domestic cutovers are completed.
    Over the last 5 years, we have reported that the Secure Flight 
program (and its predecessor CAPPS II) had not met key milestones or 
finalized its goals, objectives, and requirements, and faced 
significant development and implementation challenges.\15\ 
Acknowledging the challenges it faced with the program, TSA suspended 
the development of Secure Flight and initiated a reassessment, or re-
baselining, of the program in February 2006, which was completed in 
January 2007. We were mandated by the Implementing Recommendations of 
the 9/11 Commission Act of 2007 to assess various aspects of Secure 
Flight's development and implementation.\16\ In accordance with the 
Act, we reviewed (1) TSA's efforts to develop reliable cost and 
schedule estimates for Secure Flight; (2) progress made by TSA in 
developing and implementing the Secure Flight system, including the 
implementation of security controls; (3) TSA's efforts to coordinate 
with CBP to integrate Secure Flight with CBP's watch-list matching 
function for international flights; (4) TSA's plans to protect private 
passenger information under Secure Flight; and (5) DHS's efforts to 
assess the effectiveness of the current redress process for passengers 
misidentified as being on or wrongly assigned to the No Fly or Selectee 
list.\17\
---------------------------------------------------------------------------
    \15\ GAO, Aviation Security: Progress Made in Systematic Planning 
to Guide Key Investment Decisions, but More Work Remains, GAO-07-448T 
(Washington, D.C.: February 13, 2007).
    \16\ See Pub. L. No. 110-53,  1605(b), 121 Stat. 266, at 481-82.
    \17\ GAO is also mandated to review DHS's certification of 10 
conditions outlined in section 522(a) of the DHS Appropriations Act, 
2005, related to the development and implementation of the Secure 
Flight program. See Pub. L. No. 110-161,  513, 121 Stat. 1844 (2007).
---------------------------------------------------------------------------
    TSA's available funding for the Secure Flight program during Fiscal 
Year 2007 was $32.5 million.\18\ In Fiscal Year 2008, TSA received $50 
million and requested a transfer of an additional $24 million to the 
program under statutory authority, making as much as $74 million 
available for the program in Fiscal Year 2008.\19\ For Fiscal Year 
2009, TSA has requested $82 million in funding to allow the agency to 
continue development and implementation of the Secure Flight program 
and the full assumption of the watch-list matching function in Fiscal 
Year 2010.
---------------------------------------------------------------------------
    \18\ Fifteen million was appropriated during Fiscal Year 2007 and 
$17.5 million was carried over from the prior fiscal year, for a total 
of $32.5 million.
    \19\ As mandated by law, GAO is currently reviewing TSA's request 
for transfer of an additional $24 million to the Secure Flight program 
in Fiscal Year 2008. See Pub. L. No. 110-161,  550, 121 Stat. 1844.
---------------------------------------------------------------------------
Surface Transportation Security
    TSA shares responsibility for securing surface transportation modes 
with Federal, state, and local governments and the private sector. 
TSA's security mission includes establishing security standards and 
conducting assessments and inspections of surface transportation modes, 
including passenger and freight rail; mass transit; highways and 
commercial vehicles; and pipelines. The Federal Emergency Management 
Agency's Grant Programs Directorate provides grant funding to surface 
transportation operators and state and local governments, and the 
National Protection and Programs Directorate, in conjunction with the 
grant allocation process, conducts risk assessments of surface 
transportation facilities. Within the Department of Transportation 
(DOT), the Federal Transit Administration (FTA) and Federal Railroad 
Administration (FRA) have responsibilities for establishing standards 
for passenger rail safety and security. In addition, public and private 
sector transportation operators are responsible for implementing 
security measures for their systems.
TSA Has Made Significant Enhancements to Its Passenger Screening 
        Operations, but Can Further Strengthen Its Efforts
    TSA has taken significant steps to strengthen the three key 
elements of the screening system--people (TSOs and private screeners), 
screening procedures, and technology--but has faced management, 
planning, and funding challenges. For example, TSA developed a Staffing 
Allocation Model to determine TSO staffing levels at airports that 
reflect current operating conditions, and implemented several 
initiatives intended to enhance the detection of threat objects, 
particularly improvised explosives. We reported that TSA also proposed 
modifications to passenger checkpoint screening procedures based on 
risk (threat and vulnerability information), among other factors, but 
could do more evaluation of proposed procedures before they are 
implemented to help ensure that they achieve their intended results. 
Finally, TSA is exploring new technologies to enhance the detection of 
explosives and other threats, but continues to face management and 
funding challenges in developing and fielding technologies at airport 
checkpoints.
    Of the approximately $6.0 billion requested for aviation security 
in the President's Fiscal Year 2009 budget request, about $4.0 billion, 
or approximately 66 percent, is for passenger and checked baggage 
screening. This includes approximately $3.9 billion to support 
passenger and checked baggage screening operations, such as TSO 
salaries and training, and about $154 million for the procurement and 
installation of checked baggage explosive detection systems.\20\
---------------------------------------------------------------------------
    \20\ According to TSA's Congressional Justification, the $154 
million requested for procurement and installation of checked baggage 
explosive detection systems is in addition to the $676 in mandatory 
fees requested for the Aviation Security Capital Fund, which would 
provide $830 million in total funding for the procurement and 
installation of such systems.
---------------------------------------------------------------------------
TSA Has Efforts Under Way to Strengthen the Allocation of Its TSO 
        Workforce
    TSA has implemented several efforts intended to strengthen the 
allocation of its TSO workforce. We reported in February 2004 that 
staffing shortages and TSA's hiring process had hindered the ability of 
some Federal Security Directors (FSD)--the ranking TSA authorities 
responsible for leading and coordinating security activities at 
airports--to provide sufficient resources to staff screening 
checkpoints and oversee screening operations at their checkpoints 
without using additional measures such as overtime.\21\ Since that 
time, TSA has developed a Staffing Allocation Model to determine TSO 
staffing levels at airports.\22\ In August 2005, TSA determined that 
the Staffing Allocation Model contained complete and accurate 
information on each airport from which to estimate staffing needs, and 
the agency used the model to identify TSO allocations for each airport.
---------------------------------------------------------------------------
    \21\ GAO, Aviation Security: Challenges Exist in Stabilizing and 
Enhancing Passenger and Baggage Screening Operations, GAO-04-440T 
(Washington, D.C.: Feb. 12, 2004).
    \22\ As part of TSA's Screening Partnership Program, 10 airports 
and 1 heliport use private contract screeners in lieu of Federal TSOs. 
Although these airports and heliport do not use Federal screeners, TSA 
uses the Staffing Allocation Model to determine the full-time 
equivalent screening staff at each of these airports. These staffing 
levels, as determined by the model, serve as a limit on the number of 
private screeners that the private screening contractors could employ.
---------------------------------------------------------------------------
    FSDs we interviewed during 2006 as part of our review of TSA's 
staffing model generally reported that the model is a more accurate 
predictor of staffing needs than TSA's prior staffing model. However, 
FSDs expressed the following concerns about assumptions used in the 
Fiscal Year 2006 model:

   the model assumed that airports could achieve a 20 percent 
        part-time TSO level, even though it was difficult for airports 
        to achieve this;

   the model did not specifically account for the recurrent 
        training requirement for TSOs of 3 hours per week averaged over 
        a fiscal year quarter; and

   the model did not account for TSO's time away from screening 
        to perform operational support duties.

    To help ensure that TSOs are effectively utilized, we recommended 
that TSA establish a policy for when TSOs can be used to provide 
operational support. Consistent with our recommendation, in March 2007, 
TSA issued a management directive that provides guidance on assigning 
TSOs, through detail or permanent promotion, to duties of another 
position for a specified period of time. Further, in response to FSDs' 
input and the various mechanisms TSA had implemented to monitor the 
sufficiency of the model's allocation outputs, TSA made changes to some 
assumptions in the Staffing Allocation Model for Fiscal Year 2007, 
including assumptions related to part-time TSOs, training, and 
operational support to address the issues identified above. In our 
February 2007 report, we recommended that TSA establish a formal, 
documented plan for reviewing all of the model assumptions on a 
periodic basis to ensure that the assumptions result in TSO staffing 
allocations that accurately reflect operating conditions that may 
change over time. TSA agreed with our recommendation and, in December 
2007, developed a Staffing Allocation Model Rates and Assumptions 
Validation Plan. The plan identifies the process TSA will use to review 
and validate the model's assumptions on a periodic basis.
    Although we did not independently review TSA's staffing allocation 
for Fiscal Year 2008, the TSA Fiscal Year 2009 budget justification 
identified that the agency has achieved operational and efficiency 
gains that enabled them to implement or expand several workforce 
initiatives involving TSOs, which are summarized in table 1. For 
example, TSA reported making several changes to the Fiscal Year 2008 
Staffing Allocation Model, such as decreasing the allocation for time 
paid not worked (annual, sick, and military leave; compensatory time; 
and injury time off) based on past performance data. TSA also reported 
revising the exit lane staffing based on each checkpoint's unique 
operating hours rather than staffing all exit lanes based on the 
maximum open hours for any checkpoint at an airport.
 ----------------------------------------------------------------------------------------------------------------

              Table 1.--TSA Workforce Initiatives Involving Transportation Security Officers (TSOs)
----------------------------------------------------------------------------------------------------------------
              Workforce Initiative                                  Description of Initiative
----------------------------------------------------------------------------------------------------------------Travel document checker--------------------------TSA implemented the travel document checker initiative at over-
                                                  250 smaller airports during Fiscal Year 2007. According to the
                                                  TSA Fiscal Year 2009 budget justification, through savings
                                                  realized through adjustments in the Fiscal Year 2008 Staffing
                                                  Allocation Model, TSA was able to fund 1,033 additional full-
                                                  time-equivalent TSOs for the travel document checker
                                                  initiative. This program is intended to ensure that only
                                                  passengers with authentic travel documents access the sterile
                                                  areas of airports and board aircraft. TSA's budget
                                                  justification identifies that in Fiscal Year 2007 the agency
                                                  implemented this program at over 340 of the 450 airports with
                                                  Federal TSOs.
----------------------------------------------------------------------------------------------------------------
Behavior detection officers                      TSA completed its planned deployment of the behavior detection
                                                  officer program. These officers screen passengers by
                                                  observation technique (also known as SPOT) to identify
                                                  potentially high-risk passengers based on involuntary physical
                                                  and physiological reactions. During Fiscal Year 2007, 643
                                                  behavior detection officers were deployed at 42 airports.
----------------------------------------------------------------------------------------------------------------
Bomb appraisal officers                          TSA completed the planned deployment of the Bomb Appraisal
                                                  Officer program. These officers, who have undergone training
                                                  in the disposal of explosives, provide formal training to TSOs
                                                  to increase their ability to recognize potential improvised
                                                  explosive devices and components. The Bomb Appraisal Officer
                                                  Program was formally implemented at 107 airports during Fiscal
                                                  Year 2007.
----------------------------------------------------------------------------------------------------------------
Visible Intermodal Protection and Response       According to TSA, the agency deployed Visible Intermodal
 Teams                                            Protection and Response Teams to airports around the country.
                                                  These teams--comprised of TSOs, behavior detection officers
                                                  and other aviation security employees--are responsible for
                                                  screening passengers, looking for suspicious behavior, and
                                                  acting as a visible deterrent in multiple transportation
                                                  sectors, including buses, mass transit stations, and airports.
                                                  TSA's budget justification identified that as of February
                                                  2008, TSA had deployed over 100 Visible Intermodal Protection
                                                  and Response Teams to airports and mass transit systems around
                                                  the country.
----------------------------------------------------------------------------------------------------------------
Aviation Direct Access Screening Program         The Aviation Direct Access Screening Program is intended to
                                                  provide uniform procedures and standards for TSOs to screen
                                                  individuals, their accessible property, and vehicles upon
                                                  entering secure airport areas, and conduct visual inspections
                                                  of aircraft. Under this program, TSOs are to screen aviation
                                                  workers and inspect for the presence of explosives,
                                                  incendiaries, weapons, and other prohibited items, improper
                                                  airport identification media, and items identified through
                                                  specific intelligence. In March 2007, TSA required Federal
                                                  Security Directors to implement the Aviation Direct Screening
                                                  Program at each of their assigned airports.
Source: TSA Fiscal Year 2009 budget justification.

    TSA's Fiscal Year 2009 budget justification includes $2.7 billion 
for the Federal TSO workforce, and represents an increase of about $80 
million over Fiscal Year 2008 funding. Of the $80 million increase, 
about $38 million is for cost of living adjustments, and about $42 
million is for the annualization of the full-year cost of the Behavior 
Detection Officer and Aviation Direct Access Screening Program 
positions. According to DHS' budget justification, the $2.7 billion 
includes funding for compensation and benefits of 45,643 full-time 
equivalent personnel--approximately 46,909 TSOs and about 1,100 
screening managers.\23\ Table 2 identifies the total TSO and screening 
manager full-time equivalents and the funding levels for Fiscal Years 
2005 through 2008, as reported by TSA.
---------------------------------------------------------------------------
    \23\ The TSA Fiscal Year 2009 budget justification includes about 
$151 million for the Screening Partnership Program.
 ----------------------------------------------------------------------------------------------------------------

 Table 2.--Passenger and Checked Baggage TSO and Screening Manager Full-time Equivalents and Actual Spending for
                            TSO Personnel, Compensation, and Benefits, by Fiscal Year
----------------------------------------------------------------------------------------------------------------
                         Fiscal Year                            FY 2005      FY 2006      FY 2007     FY 2008 a
----------------------------------------------------------------------------------------------------------------Total TSOs and screening managers at airports----------------------45,690-------42,187-------42,592-------45,438
  nationwide
----------------------------------------------------------------------------------------------------------------
Actual spending (dollars in thousands)                         $2,291,572   $2,251,503   $2,444,455   $2,636,104
Source: TSA.
a Fiscal year 2008 figures represent TSA's budget in accordance with funds appropriated through Division E of
  the Consolidated Appropriations Act, 2008.

TSA Has Taken Steps to Strengthen Passenger Screening Procedures, but 
        Could 
        Improve Its Evaluation and Documentation of Proposed Procedures
    In addition to TSA's efforts to strengthen the allocation of its 
TSO workforce, TSA has taken steps to strengthen passenger checkpoint 
screening procedures to enhance the detection of prohibited items. 
However, we have identified areas where TSA could improve its 
evaluation and documentation of proposed procedures. In April 2007, we 
reported that TSA officials considered modifications to its standard 
operating procedures (SOP) based on risk information (threat and 
vulnerability information), daily experiences of staff working at 
airports, and complaints and concerns raised by the traveling 
public.\24\
---------------------------------------------------------------------------
    \24\ GAO, Aviation Security: Risk, Experience, and Customer 
Concerns Drive Changes to Airline Passenger Screening Procedures, but 
Evaluation and Documentation of Proposed Changes Could Be Improved, 
GAO-07-634 (Washington, D.C.: April 16, 2007).
---------------------------------------------------------------------------
    We further reported that for more significant SOP modifications, 
TSA first tested the proposed modifications at selected airports to 
help determine whether the changes would achieve their intended 
purpose, as well as to assess its impact on screening operations. 
However, we reported that TSA's data collection and analyses could be 
improved to help TSA determine whether proposed procedures that are 
operationally tested would achieve their intended purpose. We also 
found that TSA's documentation on proposed modifications to screening 
procedures was not complete. We recommended that TSA develop sound 
evaluation methods, when possible, to assess whether proposed screening 
changes would achieve their intended purpose and generate and maintain 
documentation on proposed screening changes that are deemed 
significant. DHS generally agreed with our recommendations and TSA has 
taken steps to implement them. For example, for several proposed SOP 
changes considered during the fall of 2007, TSA provided documentation 
that identified the sources of the proposed changes and the reasons why 
the agency decided to accept or reject the proposed changes.
    Once proposed SOP changes have been implemented, it is important 
that TSA have a mechanism in place to ensure that TSOs are complying 
with established procedures. In our April 2007 report, we identified 
that TSA monitors TSO compliance with passenger checkpoint screening 
SOPs through its performance accountability and standards system--which 
was implemented in response to a recommendation by us in 2003 \25\ and 
in response to airport staff concerns--and through local and national 
covert testing. We further reported that some TSA airport officials 
have experienced resource challenges in implementing these compliance 
monitoring efforts. TSA headquarters officials stated that they were 
taking steps, such as automating the performance accountability and 
standards system data entry functions, to address this challenge. Since 
then, TSA has also implemented a new local covert testing program 
nationwide, known as the Aviation Screening Assessment Program. This 
program is intended to measure TSO performance using realistic and 
standardized test scenarios to achieve a national TSO assessment 
measurement. TSA plans to use these test results to identify 
vulnerabilities across screening operations and to provide 
recommendations for addressing the vulnerabilities to various 
stakeholders within TSA.
---------------------------------------------------------------------------
    \25\ GAO, Transportation Security Administration: Actions and Plans 
to Build a Results Oriented Culture, GAO-03-190 (Washington, D.C.: 
January 2003).
---------------------------------------------------------------------------
DHS and TSA Are Pursuing New Checkpoint Technologies to Enhance the 
        Detection of Explosives and Other Threats, but Continue to Face 

        Challenges
    We reported in February 2007 \26\ that S&T and TSA \27\ were 
exploring new passenger checkpoint screening technologies to enhance 
the detection of explosives and other threats. However, we found that 
limited progress had been made in fielding explosives detection 
technology at passenger screening checkpoints, in part due to 
challenges S&T and TSA faced in coordinating research and development 
efforts. TSA requested $103.2 million in its Fiscal Year 2009 budget 
request for checkpoint technology and checkpoint reconfiguration. Among 
other things, TSA plans to procure and deploy Advanced Technology 
Systems to further extend explosives and prohibited item detection 
coverage at category X and I checkpoints. The President's budget 
request also identifies that TSA may purchase Whole Body Imagers, 
Bottled Liquids Scanners, Cast and Prosthesis Imagers, shoe scanner 
systems, technology integration solutions, and additional units or 
upgrades to legacy equipment, among other technologies. TSA further 
requested $11.5 million to support the optimization and reconfiguration 
of additional checkpoint lanes to accommodate anticipated airport 
growth and maintain throughput at the busiest airport checkpoints.
---------------------------------------------------------------------------
    \26\ GAO, Aviation Security: Progress Made in Systematic Planning 
to Guide Key Investment Decisions, but More Work Remains, GAO-07-448T 
(Washington, D.C.: February 13, 2007).
    \27\ DHS S&T is responsible for research and development of 
checkpoint technologies related to aviation security, managing the 
activities conducted at the Transportation Security Laboratory, and 
coordinating these efforts with TSA. TSA's Passenger Screening Program 
is responsible for evaluating and deploying systems to detect 
explosives and weapons concealed on persons or in carry-on items, while 
strengthening access control, improving screener performance, and 
reducing staffing requirements.
---------------------------------------------------------------------------
    Of the various emerging checkpoint screening projects funded by TSA 
and S&T, the explosive trace portal and the bottled liquids scanning 
device have been deployed to airport checkpoints, and a number of 
additional projects have initiated procurements or are being researched 
and developed.\28\ Table 3 provides a description of passenger 
checkpoint screening technologies that have been deployed as well as 
technologies that have initiated procurements or are in research and 
development. This list of technologies is limited to those for which 
TSA could provide documentation. TSA is planning to develop and deploy 
additional technologies. We are continuing to assess TSA's deployment 
of new checkpoint screening technologies in our ongoing work and expect 
to report on the results of this work later this year.
---------------------------------------------------------------------------
    \28\ Research and development projects generally fall within the 
following phases: (1) basic research includes all scientific efforts 
and experimentation directed to increase knowledge and understanding in 
the fields of science related to long-term national needs; (2) applied 
research includes efforts directed toward solving specific problems 
with a focus on developing and evaluating the feasibility of proposed 
solutions; (3) advanced development includes efforts directed toward 
the development of hardware for field experiments; and (4) operational 
testing includes evaluation of technologies in a realistic operating 
environment to assess the performance or cost reduction potential of 
advanced technology.
 ----------------------------------------------------------------------------------------------------------------

   Table 3.--Description of Passenger Checkpoint Screening Technologies Deployed, Procured, or in Research and
                                         Development as of January 2008
----------------------------------------------------------------------------------------------------------------
          Technology                        Description                                 Status
----------------------------------------------------------------------------------------------------------------Explosives trace portals-------Detects trace amounts of explosives---TSA initiated deployment of 95 portals to--
                                on persons (will reduce the size of   airports. However, in June 2006, TSA
                                the current explosives trace          halted the acquisition and deployment of
                                portals at checkpoints).              the portals due to performance and
                                                                      maintenance issues. Currently, 114 portals
                                                                      are in storage, which were purchased at a
                                                                      total cost of over $20 million.
----------------------------------------------------------------------------------------------------------------
Bottled liquids scanners       Screens for liquid explosives.        During Fiscal Year 2007, TSA procured 200
                                                                      units. One hundred and forty three units
                                                                      have been deployed to airports. For Fiscal
                                                                      Year 2008, TSA plans to procure 700 units.
----------------------------------------------------------------------------------------------------------------
Cast and prosthesis scanners   Provides a 2-dimensional image of     TSA procured 34 units during Fiscal Year
                                the area beneath a cast or inside a   2007 and expects delivery of the first
                                prosthetic device.                    unit in February 2008. TSA plans to deploy
                                                                      this technology to airports during 2008.
----------------------------------------------------------------------------------------------------------------
Advanced Technology            TSA plans to replace the Threat       During 2007, testing was conducted on this
Systems                         Image Projection Ready X-ray          technology, including operational testing
                                machines currently used at category   at four airports. TSA procured 250 units
                                X airports with Advanced Technology   during Fiscal Year 2007, and plans to
                                Systems that are intended to          procure 677 units and deploy 429 units
                                improve detection capability and      during Fiscal Year 2008.
                                performance.
----------------------------------------------------------------------------------------------------------------
Checkpoint explosives          Creates a three dimensional image of  This technology is currently undergoing
detection systems               bags to detect explosives and other   various types of testing, including
                                nonmetallic items.                    operational testing. During Fiscal Year
                                                                      2007, TSA procured 20 units to be deployed
                                                                      starting in 2008.
----------------------------------------------------------------------------------------------------------------
Whole body imagers             Provides two-dimensional, full-body   TSA is conducting operational pilot testing
                                images of all items on a              of the whole body imager at one airport.
                                passenger's body, including plastic   If the testing is successful, TSA plans to
                                explosives and concealed metallic,    procure and deploy the first units to
                                non-metallic, and ceramic or          airports during 2008.
                                plastic objects.
Source: TSA.

    Despite TSA's efforts to develop passenger checkpoint screening 
technologies, we reported that limited progress has been made in 
fielding explosives detection technology at airport checkpoints. For 
example, we reported that TSA had anticipated that the explosives trace 
portals would be in operation throughout the country during Fiscal Year 
2007. However, due to performance and maintenance issues, TSA halted 
the acquisition and deployment of the portals in June 2006. As a 
result, TSA has fielded less than 25 percent of the 434 portals it 
projected it would deploy by Fiscal Year 2007. TSA officials are 
considering what to do with the portals that were procured and are 
currently in storage. In addition to the portals, TSA has fallen behind 
in its projected acquisition of other emerging screening technologies. 
For example, we reported that the acquisition of 91 Whole Body Imagers 
was previously delayed in part because TSA needed to develop a means to 
protect the privacy of passengers screened by this technology.
    While TSA and DHS have taken steps to coordinate the research, 
development, and deployment of checkpoint technologies, we reported in 
February 2007 that challenges remained. For example, TSA and S&T 
officials stated that they encountered difficulties in coordinating 
research and development efforts due to reorganizations within TSA and 
S&T. A senior TSA official further stated at the time that, while TSA 
and the DHS S&T have executed a Memorandum of Understanding to 
establish the services that the Transportation Security Laboratory is 
to provide to TSA, coordination with S&T remained a challenge because 
the organizations had not fully implemented the terms of the agreement. 
Since our February 2007 testimony, according to TSA and S&T, 
coordination between them has improved.
    We also reported that TSA did not have a strategic plan to guide 
its efforts to acquire and deploy screening technologies, and that a 
lack of a strategic plan or approach could limit TSA's ability to 
deploy emerging technologies at those airport locations deemed at 
highest risk. The Consolidated Appropriations Act, 2008, provides that, 
of TSA's appropriated funds for Transportation Security Support, 
$10,000,000 may not be obligated until the Secretary of Homeland 
Security submits to the House and Senate Committees on Appropriations 
detailed expenditure plans for checkpoint support and explosive 
detection systems refurbishment, procurement, and installation on an 
airport-by-airport basis for Fiscal Year 2008, along with the strategic 
plan for checkpoint technologies previously requested by the committees 
no later than 60 days after the date of enactment of the Act (enacted 
December 26, 2007). According to TSA officials, they currently plan to 
submit the strategic plan to Congress by June 2008. We will continue to 
evaluate S&T's and TSA's efforts to research, develop and deploy 
checkpoint screening technologies as part of our ongoing review.
TSA Has Taken Action to Strengthen Air Cargo Security, but Additional 
        Efforts Are Needed
    TSA has taken steps to enhance domestic and inbound air cargo 
security, but more work remains to strengthen this area of aviation 
security. For example, TSA has issued an Air Cargo Strategic Plan that 
focused on securing the domestic air cargo supply chain. However, in 
April 2007, we reported that this plan did not include goals and 
objectives for addressing the security of inbound air cargo, or cargo 
transported into the United States from a foreign location, which 
presents different security challenges than cargo transported 
domestically.\29\ We also reported that TSA had not conducted 
vulnerability assessments to identify the range of security weaknesses 
that could be exploited by terrorists related to air cargo operations. 
In addition, we also reported that TSA had established requirements for 
air carriers to randomly screen air cargo, but had exempted some 
domestic and inbound cargo from screening. With respect to inbound air 
cargo, we reported that TSA lacked an inspection plan with performance 
goals and measures for its inspection efforts, and recommended that TSA 
develop such a plan. Finally, TSA is taking steps to compile and 
analyze information on air cargo security practices used abroad to 
identify those that may strengthen DHS's overall air cargo security 
program, as we recommended. For Fiscal Year 2009, the President's 
budget includes a request of about $104 million for TSA's air cargo 
security program. Specifically; TSA is requesting $52 million for 460 
air cargo inspectors, $33.5 million for 170 canine teams, and $2.8 
million for the Certified Cargo Screening Program.\30\ We issued two 
reports that examined TSA's efforts to secure domestic air cargo and 
inbound air cargo.\31\ Table 4 summarizes our key findings, 
recommendations, and TSA's response.
---------------------------------------------------------------------------
    \29\ GAO, Aviation Security: Federal Efforts to Secure U.S.-Bound 
Air Cargo Are in the Early Stages and Could Be Strengthened, GAO-07-660 
(Washington, D.C.: April 2007).
    \30\ According to TSA, the funding requested for the Certified 
Cargo Screening Program could change if the agency has any contract 
activity in Fiscal Year 2008 for this program.
    \31\ GAO, Aviation Security: Federal Action Needed to Strengthen 
Domestic Air Cargo Security, GAO-06-76 (Washington, D.C.: October 2005) 
and GAO-07-660; GAO, Aviation Security: Federal Efforts to Secure U.S.-
Bound Air Cargo Are in the Early Stages and Could Be Strengthened, GAO-
07-660 (Washington, D.C.: April 2007).
 ----------------------------------------------------------------------------------------------------------------

             Table 4.--Key GAO Recommendations Related to Air Cargo Security and TSA's Response \32\
----------------------------------------------------------------------------------------------------------------
       Identified Issue                   Recommendation                                Status
----------------------------------------------------------------------------------------------------------------Air Cargo Strategic Plan did---DHS develop a risk-based strategy to--CBP issued its International Air Cargo-----
 not include goals and          address inbound air cargo security    Security Strategic Plan in June 2007.
 objectives for addressing      that should define TSA's and CBP's    According to TSA officials, the agency
 the security of air cargo      responsibilities for ensuring the     plans to revise its Air Cargo Strategic
 transported into the United    security of inbound air cargo.        Plan during the third quarter of Fiscal
 States from another country.                                         Year 2008, and will incorporate a strategy
                                                                      for addressing inbound air cargo security,
                                                                      including how the agency will partner with
                                                                      CBP. TSA reported that the updated
                                                                      strategic plan will also incorporate the
                                                                      requirement that TSA develop a system to
                                                                      screen 100 percent of air cargo prior to
                                                                      its transport on passenger aircraft as
                                                                      required by the Implementing
                                                                      Recommendations of the 9/11 Commission Act
                                                                      of 2007.
----------------------------------------------------------------------------------------------------------------
TSA had not conducted          TSA develop a methodology and         TSA implemented an Air Cargo Vulnerability
 vulnerability assessments to   schedule for completing these         Assessment program in November 2006 and,
 identify the range of          assessments.                          as of April 2008, had completed
 security weaknesses that                                             vulnerability assessments at five domestic
 could be exploited by                                                airports. TSA plans to complete
 terrorists related to air                                            assessments of all Category X airports by
 cargo operations.                                                    2009. Officials stated that the results of
                                                                      these assessments will assist the agency
                                                                      with its efforts to collaborate with
                                                                      foreign governments to conduct joint
                                                                      assessments at foreign airports that will
                                                                      include a review of air cargo
                                                                      vulnerabilities.
----------------------------------------------------------------------------------------------------------------
TSA established requirements   TSA examine the rationale for         TSA issued a security directive and
 for air carriers to randomly   existing domestic and inbound air     emergency amendment in July 2007 to
 screen air cargo, but          cargo screening exemptions and        domestic and foreign air carriers
 exempted some domestic and     determine whether such exemptions     operating within and from the United
 inbound cargo from             left the air cargo system             States that limited the screening
 screening.                     unacceptably vulnerable.              exemptions; however, these did not apply
                                                                      to inbound air cargo. The Implementing
                                                                      Recommendations of the 9/11 Commission Act
                                                                      of 2007 requires DHS to conduct an
                                                                      assessment of screening exemptions granted
                                                                      under 49 U.S.C.  44901(i)(1) for cargo
                                                                      transported on passenger aircraft and an
                                                                      analysis to assess the risk of maintaining
                                                                      such exemptions. TSA's assessment, issued
                                                                      in February 2008, includes the agency's
                                                                      plans to maintain, revise, or eliminate
                                                                      screening exemptions for particular cargo
                                                                      types transported on passenger aircraft
                                                                      departing from both domestic and foreign
                                                                      locations. GAO is required to review the
                                                                      methodology used in this assessment and
                                                                      report back to Congress by June 24, 2008,
                                                                      120 after its issuance.
----------------------------------------------------------------------------------------------------------------
TSA had not developed          TSA systematically analyze            TSA has increased the number of inspectors
 measures to assess the         compliance inspection results and     dedicated to conducting domestic air cargo
 adequacy of air carrier        use the results to target future      compliance inspections, and has begun
 compliance with air cargo      inspections.                          analyzing the results of these inspections
 security requirements, or                                            to prioritize their inspections on those
 assessed the results of its                                          entities that have the highest rates of
 domestic compliance                                                  noncompliance, as well as newly approved
 inspections to target higher-                                        entities that have yet to be inspected.
 risk air carriers or
 indirect air carriers for
 future reviews.
----------------------------------------------------------------------------------------------------------------
TSA lacked an inbound air      TSA develop such a plan.              TSA officials stated that the agency formed
 cargo compliance inspection                                          an International Cargo Working Group to
 plan with performance goals                                          develop inspection prompts to guide
 and measures for its                                                 inspectors in their examinations of
 inspection efforts.                                                  foreign and U.S. air cargo operators
                                                                      departing from foreign locations to the
                                                                      United States.
----------------------------------------------------------------------------------------------------------------
GAO identified foreign         TSA compile and analyze information   TSA is taking steps to compile and analyze
 security practices that are    on air cargo security practices       this information. According to TSA
 currently not used by TSA      used abroad to identify those that    officials, the agency reviewed foreign
 but that potentially could     may strengthen DHS's overall air      countries' models for screening air cargo,
 help strengthen the security   cargo security program.               which is performed early in the supply
 of inbound and domestic air                                          chain by government certified shippers and
 cargo supply chains. TSA did                                         freight forwarders, when designing their
 not systematically collect                                           Certified Cargo Screening Program. TSA
 information on such                                                  officials believe this program will assist
 practices.                                                           the agency in meeting the requirement to
                                                                      screen 100 percent of air cargo
                                                                      transported on passenger aircraft by
                                                                      August 2010, as mandated by the
                                                                      Implementing Recommendations of the 9/11
                                                                      Commission Act of 2007.\33\ We have not
                                                                      independently assessed TSA's Certified
                                                                      Cargo Screening Program.
Source: GAO Analysis.

TSA Has Made Progress in Developing and Implementing the Secure Flight 
        Program, but Can Further Strengthen Its Efforts
---------------------------------------------------------------------------
    \32\ The table represents the key recommendations GAO made 
regarding air cargo, but does not encompass all of them. See GAO-06-76 
and GAO-07-660 for the complete list of recommendations.
    \33\ In fulfilling this mandate, DHS must provide for the screening 
of 50 percent of all cargo transported on passenger aircraft by 
February 2009, 18 months after enactment of the Act. See 49 U.S.C.  
44901(g).
---------------------------------------------------------------------------
    In February 2008, we reported that TSA has made substantial 
progress in instilling more discipline and rigor into Secure Flight's 
development and implementation, but challenges remain that may hinder 
the program's progress moving forward.\34\ For example, TSA developed a 
detailed concept of operations, established a cost and schedule 
baseline, and drafted key management and systems development documents, 
among other efforts. However, while TSA developed a life-cycle cost 
estimate and an integrated master schedule for Secure Flight, the 
program has not fully followed best practices that would help to ensure 
reliable and valid cost and schedule estimates. We also reported that 
TSA can strengthen its systems development efforts by demonstrating 
that it has fully implemented its risk management plan, incorporated 
end-to-end testing \35\ as part of the program's testing strategy, and 
more fully addressed system security requirements and vulnerabilities. 
We further reported that DHS and TSA can strengthen their assessment of 
the current redress process for passengers who believe they were 
inappropriately inconvenienced during the watch-list matching process. 
TSA officials stated that they have considerably strengthened Secure 
Flight's systems development efforts, and have already taken or plan to 
take action to address the issues we identified. We made a number of 
recommendations to strengthen TSA's development and implementation of 
Secure Flight to address the issues discussed below, which officials 
generally agreed with.
---------------------------------------------------------------------------
    \34\ See GAO-08-456T.
    \35\ End-to-end testing is conducted to verify that the entire 
system, including any external systems with which it interfaces, 
functions as intended in an operational environment.
---------------------------------------------------------------------------
TSA Has Made Progress in Strengthening Secure Flight's Development and 
        Implementation
    TSA has taken numerous steps to address previous GAO 
recommendations related to strengthening Secure Flight's development 
and implementation, as well as additional steps designed to strengthen 
the program.\36\ TSA has, among other things, developed a detailed, 
conceptual description of how the system is to operate, commonly 
referred to as a concept of operations; established a cost and schedule 
baseline; developed security requirements; developed test plans; 
conducted outreach with key stakeholders; published a notice of 
proposed rulemaking on how Secure Flight is to operate; and issued a 
guide to key stakeholders (e.g., air carriers and CBP) that defines, 
among other things, system data requirements. Collectively, these 
efforts have enabled TSA to more effectively manage the program's 
development and implementation.
---------------------------------------------------------------------------
    \36\ GAO, Aviation Security: Secure Flight Development and Testing 
Under Way, but Risks Should Be Managed as System is Further Developed, 
GAO-05-356 (Washington, D.C.: March 28, 2005); and GAO, Aviation 
Security: Significant Management Challenges May Adversely Affect 
Implementation of the Transportation Security Administration's Secure 
Flight Program, GAO-06-374T (Washington, D.C.: February 9, 2006).
---------------------------------------------------------------------------
    TSA has also taken steps to integrate the domestic watch-list 
matching function with the international watch-list matching function 
currently operated by CBP. We previously reported that TSA and CBP 
experienced coordination challenges which, among other things, could 
result in a duplication of effort and conflicting results from domestic 
and international watch-list matching.\37\ We recommended that DHS take 
additional steps and make key policy and technical decisions that were 
necessary to more fully coordinate these programs. TSA and CBP have 
since worked with DHS to develop a strategy called the One DHS 
Solution, which is to align the two agencies' domestic and 
international watch-list matching processes, information technology 
systems, and regulatory procedures to provide a seamless interface 
between DHS and the airline industry. TSA and CBP also agreed that TSA 
will take over the screening of passengers against the watch list for 
international flights from CBP, though CBP will continue to match 
passenger information to the watch list in fulfillment of its border-
related functions. Full implementation of an integrated system is not 
planned to take place until after Secure Flight acquires the watch list 
matching function for domestic flights.
---------------------------------------------------------------------------
    \37\ See GAO-07-448T.
---------------------------------------------------------------------------
    TSA has also taken steps to address key privacy principles in plans 
to protect private passenger information for the Secure Flight program. 
We previously reported that TSA, as part of its requirements 
development process, had not clearly identified the privacy impacts of 
the Secure Flight system or the full actions it planned to take to 
mitigate them. We also reported that TSA violated provisions of the 
Privacy Act by not fully disclosing its use of personal information 
during systems testing.\38\ In March 2005, we recommended that TSA 
specify how Secure Flight will protect personal privacy.\39\ In August 
2007, TSA published, for public comment, the required privacy impact 
assessment \40\ and system of records notice \41\ that address key 
privacy protection principles.\42\ TSA also developed a Program Privacy 
Architecture describing key aspects of TSA's plans to protect private 
passenger information. We will continue to monitor TSA's efforts as 
part of our ongoing work to ensure that privacy protections continue to 
be appropriately considered.
---------------------------------------------------------------------------
    \38\ See GAO, Aviation Security: Transportation Security 
Administration Did Not Fully Disclose Uses of Personal Information 
during Secure Flight Program Testing in Initial Privacy Notices, but 
Has Recently Taken Steps to More Fully Inform the Public, GAO-05-864R 
(Washington, D.C.: July 22, 2005).
    \39\ See GAO-05-356.
    \40\ The E-Government Act of 2002 requires agencies to conduct 
privacy impact assessments (PIA). Pub. L. No. 107-347,  208, 116 Stat. 
2899, 2921-23 (2002). A PIA is an analysis of how personal information 
is collected, stored, shared, and managed in a Federal system. Agencies 
are required to make their PIAs publicly available.
    \41\ The Privacy Act places limitations on agencies' collection, 
disclosure, and use of personal information maintained in systems of 
records and requires agencies to publish a public notice, known as a 
System of Records Notice (SORN), in the Federal Register. See 5 U.S.C. 
 552a.
    \42\ TSA will not issue final notices until it completes its 
evaluation of public comments on notice of proposed rulemaking. The 
comment period for the Secure Flight rulemaking closed on November 21, 
2007.
---------------------------------------------------------------------------
TSA Has Not Fully Followed Best Practices for Developing Reliable and 
        Valid Cost and Schedule Estimates for Secure Flight
    Although TSA has developed a life-cycle cost estimate and maintains 
an integrated master schedule for Secure Flight, the program has not 
fully followed best practices for developing reliable and valid cost 
and schedule estimates, and several program milestones have been missed 
or have slipped. The Office of Management and Budget (OMB) endorsed the 
use \43\ of GAO's Cost Assessment Guide in the development of life-
cycle cost and program schedule estimates.\44\ Without adhering to 
these best practices in the development of its cost and schedule 
estimates, TSA is at risk of the Secure Flight program experiencing 
cost overruns, missed deadlines, and performance shortfalls.
---------------------------------------------------------------------------
    \43\ OMB's Capital Programming Guide (Supplement to Office of 
Management and Budget Circular A-11, Part 7: Planning, Budgeting, and 
Acquisition of Capital Assets) identifies that there are certain key 
criteria that OMB will look for in the justification of spending for 
proposed new capital assets including credible cost estimates. Appendix 
9 of the guide identifies that following the guidelines in GAO's Cost 
Assessment Guide will help agencies meet most cost estimating 
requirements.
    \44\ See GAO, Cost Assessment Guide: Best Practices for Estimating 
and Managing Program Costs, Exposure Draft, GAO-07-1134SP (Washington, 
D.C.: July 2007).
---------------------------------------------------------------------------
    Life-cycle cost estimate. We reported that TSA has not fully 
followed best practices for developing a reliable and valid life-cycle 
cost estimate. Using our Cost Assessment Guide's 12-step process for 
creating cost estimates, we assessed the Secure Flight cost estimate 
against these best practices.\45\ DHS's Cost-Benefit Analysis 
Guidebook, which TSA program officials stated that TSA used to develop 
the life-cycle cost estimate for Secure Flight, contains most of the 
best practices outlined in our Guide. TSA followed some of these 
practices in developing its cost estimate, including defining the 
purpose of the program and estimate purpose; identifying many program 
cost elements, including expenditures for facilities, hardware, and 
software; and identifying the numbers of staff, their pay, and 
associated travel and training costs, among other elements. However, it 
is unclear whether TSA followed other best practices or did not address 
the practices in developing its estimate. For example, it is unclear 
whether the cost estimate had been updated to reflect the current 
program because the detailed support for the estimate was produced 
between 2004 and 2006, and does not reflect the current program plan. 
In addition, the cost estimate does not capture all key costs. For 
example, the estimate does not capture costs beyond 2012 even though 
the system is expected to be operational beyond that date. TSA 
officials stated that the program's cost figures were updated in 2007 
and continue to be updated as changes warrant. Officials further stated 
that their estimates were prepared in accordance with DHS and OMB 
guidance and were reviewed and approved by DHS and OMB. However, 
without adhering to the best practices discussed above, as recommended 
by OMB, TSA's cost estimate may not provide a meaningful baseline from 
which to track progress, and effectively support investment 
decisionmaking.
---------------------------------------------------------------------------
    \45\ The 12 steps involved in developing a high-quality cost 
estimating process are (1) define the estimate's purpose, (2) develop 
the estimating plan, (3) define the program, (4) determine the 
estimating structure, (5) identify ground rules and assumptions, (6) 
obtain the data, (7) develop the point estimate and compare it to an 
independent cost estimate, (8) conduct sensitivity analysis, (9) 
conduct risk and uncertainty analysis, (10) document the estimate, (11) 
present estimate to management, and 12) update the estimate to reflect 
actual costs and changes.
---------------------------------------------------------------------------
    Schedule estimate. We reported that TSA also did not fully follow 
best practices for developing a reliable and valid schedule estimate. 
GAO's Cost Assessment Guide includes 9 best practices, which if 
followed correctly, should result in high quality, reliable, and valid 
schedule estimates.\46\
---------------------------------------------------------------------------
    \46\ The 9 best practices are (1) capturing key activities, (2) 
sequencing key activities, (3) establishing the duration of key 
activities, (4) establishing the critical path for key activities, (5) 
assigning resources to key activities, (6) identifying ``float time'' 
between key activities, (7) distributing reserves to high risk 
activities (including conducting an independent cost estimate), (8) 
integrating key activities horizontally--to link products and outcomes 
associated with already sequenced activities--and vertically--to ensure 
that traceability exists among varying levels of activities and 
supporting tasks, and (9) completing schedule risk analysis.
---------------------------------------------------------------------------
    Without a reliable schedule baseline and careful monitoring of its 
status, a program may not be able to determine when forecasted 
completion dates differ from planned dates. TSA has made progress in 
developing a reliable and valid schedule estimate, including capturing 
key activities and accounting for the development of program 
requirements and testing. However, TSA officials could not provide 
evidence that their scheduling software can produce a critical path 
(i.e., the longest path of sequential activities in a schedule) driven 
by discrete lower level tasks. Best practices call for the critical 
path to be generated using scheduling software. We also reported that 
the schedule is not fully integrated because several lower level 
activities were not connected in a logical manner, as called for by 
best practices. As a result, the Secure Flight schedule estimate may 
not provide a meaningful benchmark from which to gauge progress, 
identify and address potential problems, and make informed decisions. 
For example, the inability to institute a reliable schedule could 
affect TSA's ability to effectively measure contractor performance in 
meeting deliverables. TSA officials stated that their scheduling 
software can create a critical path, and that lower level tasks in 
their schedule were logically linked together; however, they did not 
provide evidence that supported this.
    In February 2008, we reported that since TSA completed a re-
baselining of the Secure Flight program, and began using its current 
schedule, the program has missed milestones and experienced schedule 
slippages.\47\ For example, while TSA reported that it had met most of 
its March 2007 schedule milestones to date, the August 2007 milestone 
for developing Memoranda of Understanding and other written agreements 
(e.g., service level agreements) with key Secure Flight stakeholders 
(e.g., CBP) was missed and had not yet been met. TSA officials 
attributed schedule slippages in part to an extension in the Secure 
Flight rulemaking comment period and underestimating the time needed to 
complete key activities.
---------------------------------------------------------------------------
    \47\ See GAO-08-456T.
---------------------------------------------------------------------------
    In February 2008, we recommended that TSA fully incorporate best 
practices into the development of Secure Flight life-cycle cost and 
schedule estimates. TSA generally agreed with these recommendations. We 
will continue to assess TSA's efforts to develop life-cycle cost and 
schedule estimates as part of our ongoing review of the Secure Flight 
Program.
TSA Has Made Progress in Strengthening Secure Flight's Development, but 
        Can 
        Further Strengthen Efforts
    While TSA has taken numerous steps to strengthen the development of 
Secure Flight, additional challenges remain. These challenges include: 
(1) implementing the program's risk management plan, (2) planning and 
conducting end-to-end testing as part of their overall parallel testing 
strategy, and (3) addressing information security requirements and 
vulnerabilities.
    Risk management. In October 2006, TSA issued a risk management plan 
for identifying, managing, and mitigating Secure Flight program risks 
that was consistent with relevant guidance and best practices. TSA also 
acquired an electronic tool to guide its risk management efforts. 
However, TSA has not yet provided us with evidence that it has 
implemented all aspects of the plan, including developing an inventory 
of risks and related information to demonstrate that its risk 
management tool has been populated and is being used to identify, 
prioritize, mitigate, and monitor risk. In November 2007, TSA hired a 
risk management coordinator, a position that had been vacant since June 
2007. According to program officials, the coordinator has been tasked 
with supporting the risk management board in implementing the risk 
management plan and has provided related training for its members. We 
will continue to assess TSA's efforts to mange risk as part of our 
ongoing review of Secure Flight.
    End-to-end test planning. Secure Flight does not fully outline 
plans for end-to-end testing in its overall test and evaluation plan, 
or other test plans. Federal guidance and related best practices 
recommend end-to-end testing to verify that the systems that 
collectively support a program like Secure Flight will interoperate as 
intended in an operational environment, either actual or simulated.\48\ 
We reported in March 2005 on the importance of Secure Flight end-to-end 
testing and recommended that TSA perform such testing.\49\ TSA agreed 
with this recommendation. However, Secure Flight's current test and 
evaluation master plan only outlines plans for partner organizational 
entities (e.g., CBP for integration of international watch-list 
functions) to test their respective parts of the system on their own--
rather than a coordinated end-to-end test involving all parties. TSA 
developed a preliminary working draft of an end-to-end testing 
strategy,called the parallel testing strategy. However, the plan does 
not contain provisions for (1) testing that ensures that supporting 
systems will operate as intended in an operational environment, (2) 
definitions and dates for key milestone activities and parties 
responsible for completing them, or (3) the revision of other test 
plans, such as the test and evaluation master plan, to reflect the 
performance of end-to-end tests. In February 2008, we reported that 
Secure Flight officials stated that they plan to conduct full end-to-
end testing of the program, beginning in the spring of 2008, and that 
they planned to reflect this testing in test plans that were still 
under development. While we commend TSA's plans to conduct end-to-end 
testing, the draft of TSA's test plan that discusses end-to-end testing 
does not define a scope that extends to all aspects of the program. 
Until TSA has well-defined and approved end-to-end test plans and 
procedures, it will be challenged in its ability to demonstrate that 
Secure Flight will perform in a way that will allow it to achieve 
intended program outcomes and results. We will continue to assess TSA's 
testing strategy, to include end-to-end testing, as part of our ongoing 
review of the program.
---------------------------------------------------------------------------
    \48\ Risks of testing in the production environment must be 
thoroughly analyzed and precautions taken to preclude damage to systems 
and data. See GAO, Year 2000 Computing Crisis: A Testing Guide, GAO/
AIMD-10.1.21 (Washington. D.C.: November 1998).
    \49\ See GAO-05-356.
---------------------------------------------------------------------------
    Information security. While the Secure Flight program office has 
completed important steps to incorporate security into the system's 
development, it has not fully completed other steps to ensure security 
is effectively addressed. Federal standards and guidance identify the 
need to address information security throughout the life-cycle of 
information systems, and specifies a minimum set of security steps 
needed to effectively incorporate security into a system during its 
development.\50\ The Secure Flight program has performed several steps 
that incorporate security into the system's development, including 
performing a security risk assessment, identifying and documenting 
recommended security control requirements, and testing and evaluating 
security controls for the system and incorporating identified 
weaknesses in remedial action plans. However, other steps pertaining to 
ensuring that security requirements are tested, preparing security 
documentation, and conducting certification and accreditation 
activities were not adequately completed.\51\ For example, security 
requirements planned for Release One did not always trace to test 
activities for this release.\52\ Program officials stated that some 
security requirements were deferred until future releases due to delays 
in funding for acquiring specific hardware and other requirements 
require coordination with the information system security official to 
verify whether they were tested as part of security test and 
evaluation. In addition, security documentation contained incorrect or 
incomplete information. To illustrate, the systems security plan did 
not identify all interconnecting systems that Secure Flight will 
interface with, such as those operated by the DHS Watch List Service, 
the organization that will transmit the watch-list to Secure Flight. 
Program officials stated that security documentation was outdated or 
incorrect because there was insufficient time to update the 
documentation for changes in the computing environment and security 
requirements.
---------------------------------------------------------------------------
    \50\ National Institute of Standards and Technology (NIST), 
Technology Administration, U.S. Department of Commerce, Security 
Considerations in the Information System Development Life-Cycle, NIST 
Special Publication 800-64 (Gaithersburg, MD: June 2004).
    \51\ OMB requires that agency management officials formally 
authorize their information systems to process information and accept 
the risk associated with their operation. This management authorization 
(accreditation) is to be supported by a formal technical evaluation 
(certification) of the management, operational, and technical controls 
established in an information system's security plan. See GAO, 
Information Security: Although Progress Reported, Federal Agencies Need 
to Resolve Significant Deficiencies, GAO-08-496T, (Washington, D.C.: 
February 14, 2008).
    \52\ These activities include (1) system testing performed as part 
of software development, and (2) security test and evaluation performed 
as part of certification and accreditation.
---------------------------------------------------------------------------
    Furthermore, program officials granted an authorization to 
operate--one of three possible accreditation decisions made in the 
certification and accreditation process--although the system had 46 
known vulnerabilities, including 11 high-risk and 27 moderate-risk 
vulnerabilities and the controls had not yet been implemented. \53\ 
Federal guidance as well as DHS policy provide for an interim authority 
to operate accreditation when significant restrictions or limitations 
exist and certain deficiencies and corrective actions need to be 
addressed within a specified period. Although security officials 
identified plans of actions and milestones for addressing the 
vulnerabilities within 60 and 90 days for the high and moderate risks, 
respectively, given their significance, an interim authorization to 
operate would be the more appropriate determination. In addition, 
hardware components used to implement controls over user identity and 
account management (i.e., authentication, logins and passwords, and 
user roles and privileges), as well as the alternate processing site 
had not yet been implemented. Once implemented, the security controls 
over these components could have an impact on the information security 
and, therefore, may require a re-accreditation. Program officials chose 
the authority to operate accreditation because they asserted that the 
DHS Chief Information Security Officer does not allow interim 
authorizations. If these security activities are not completed, there 
is an increased risk that key security controls and requirements may 
not be fully developed, tested, implemented or documented. In February 
2008, we recommended that TSA fully implement the Secure Flight risk 
management plan; finalize and approve Secure Flight's end-to-end 
testing strategy; and strengthen information security documentation and 
controls. TSA generally agreed with these recommendations.
---------------------------------------------------------------------------
    \53\ TSA defines high-risk vulnerabilities as those where there is 
a strong need for corrective measures, the probability of serious 
incident is likely and risks are not normally acceptable, corrective 
action plans must be in place as soon as possible, and the 
authorization to operate may be receded or not granted. Moderate-risk 
vulnerabilities are those where the probability of incident is 
elevated, with increased probability of unauthorized disclosure or 
disruption of operations, and risks are probably not acceptable.
---------------------------------------------------------------------------
DHS and TSA Lack Performance Measures to Fully Evaluate the 
        Effectiveness of the Redress Process, but Plan Additional 
        Measures Under Secure Flight
    DHS and TSA have not developed a complete set of performance 
measures to assess the effectiveness of the redress process for 
passengers inconvenienced as a result of watch-list matching.\54\ 
Measuring performance allows organizations to track the progress they 
are making toward their goals and gives managers critical information 
on which to base decisions for improving their programs. DHS and TSA 
are developing additional measures for the redress process that they 
plan to implement when Secure Flight becomes operational.
---------------------------------------------------------------------------
    \54\ In general, performance measures are indicators, statistics, 
or metrics used to gauge program performance.
---------------------------------------------------------------------------
    TSA, supported by the Terrorist Screening Center, provides 
opportunities for airline passengers to seek redress in cases where 
they experienced inconveniences during the check-in and screening 
processes due to the possibility they have been misidentified as being 
on or wrongly assigned to the terrorist watch-list.\55\ The redress 
process enables these individuals to file an inquiry to have erroneous 
information corrected in DHS systems that may prevent future delays and 
inconveniences at the airport. In February 2007, DHS established the 
Traveler Redress Inquiry Program (TRIP) to serve as the central 
processing point within the department for redress inquiries. TSA's 
Office of Transportation Security Redress (OTSR) is responsible for 
reviewing redress inquiries submitted by air passengers through TRIP.
---------------------------------------------------------------------------
    \55\ The term ``misidentified'' refers to a person initially 
matched by a screening entity to a name on the watch-list, but upon 
closer examination, the person is found to not match any watch-list 
record.
---------------------------------------------------------------------------
    TRIP and OTSR's redress program goals are to process redress 
applications as quickly and as accurately as possible. However, to 
measure program performance against these goals, TRIP and OTSR 
currently track only one measure for redress related to the timeliness 
of case completion, and do not track any performance measures related 
to program accuracy. Previous GAO work identified that agencies 
successful in evaluating performance had measures that used attributes 
from GAO's best practices.\56\ Specifically, our previous work 
identified that agencies successful in evaluating performance had 
measures that demonstrated results, covered multiple priorities, 
provided useful information for decisionmaking, and successfully 
addressed important and varied aspects of program performance. TRIP and 
OTSR officials stated that they do not plan to develop additional 
performance measures, such as measures related to accuracy of the 
redress process, but rather are awaiting the implementation of Secure 
Flight to determine the program's impact on the redress process before 
creating additional measures. Secure Flight is intended to reduce the 
inconveniences experienced by air passengers by taking over from air 
carriers the responsibility for prescreening passengers in order to 
ensure consistent and effective use of the cleared list,\57\ which 
should impact the effectiveness of the redress process.\58\
---------------------------------------------------------------------------
    \56\ GAO, Tax Administration: IRS Needs to Further Refine Its Tax 
Filing Season Performance Measures, GAO-03-143, (Washington, D.C.: 
November 22, 2002).
    \57\ The cleared list contains the names and other personal 
identifying information of individuals who have gone through the 
redress process and have been checked and cleared as being persons not 
on the No Fly or Selectee lists.
    \58\ Under Secure Flight, as described by TSA's notice of proposed 
rulemaking, TSA plans to introduce a unique redress number that would 
enable Secure Flight to ``pre-clear'' individuals who have previously 
been misidentified, have gone through the redress process, and who 
provide additional identifying information when making a reservation. 
TSA expects this to reduce the likelihood of travel delays at check-in 
for those passengers.
---------------------------------------------------------------------------
    In addition to TRIP and OTSR's performance measures for the redress 
process, the Secure Flight program office is working with OTSR to 
develop redress performance measures for the Secure Flight Program. 
Secure Flight plans to use the TSA redress process that is currently 
available for individuals affected by the air carrier identity-matching 
processes. Secure Flight is coordinating with OTSR to determine how 
this process will be integrated with other Secure Flight requirements. 
Secure Flight and OTSR are jointly developing a set of performance 
measures and targets covering multiple priorities for redress that are 
to be implemented when Secure Flight becomes operational, and officials 
told us that they will follow best practices in the development of 
these measures.
    While we commend TSA for developing redress performance measures 
for the Secure Flight Program, since the program is not scheduled to be 
implemented until January 2009, DHS and OTSR's current redress process 
lacks a complete set of measures with which they can assess performance 
and make program improvements. Since measures are often the key 
motivators of performance and goal achievement, the program's overall 
success is at risk if all priorities are not addressed and information 
is not obtained to make future adjustments and improvements to the 
program. Moreover, such performance data would provide a baseline 
against which to benchmark Secure Flight's progress and planned 
improvements to the redress process. In February 2008, we recommended 
that DHS and TSA reevaluate redress performance measures and consider 
creating and implementing additional measures that, consistent with 
best practices, demonstrate results, cover multiple priorities, and 
provide useful information for decisionmaking. TSA generally agreed 
with this recommendation.
TSA Has Taken Steps to Secure the Nation's Surface Transportation 
        Systems, but More Work Remains
    DHS, primarily through the efforts of TSA, has undertaken 
initiatives to strengthen the security of the Nation's surface 
transportation systems. While TSA has devoted the vast majority of its 
resources to securing commercial aviation and to meeting related 
statutory requirements, it has more recently increased its focus on the 
security of surface modes of transportation. However, these efforts are 
still largely in the early stages. International events such as the 
March 2004 bombing of commuter trains in Madrid, Spain, and the July 
2005 bombings and attempted attacks against public transit in London, 
England, have, in part, contributed to this increased focus. TSA and 
other DHS components have developed a strategic approach for securing 
surface modes of transportation, have taken steps to conduct risk 
assessments of surface transportation assets and have administered 
related grant programs. TSA also issued a proposed rule in December 
2006 which, if finalized as proposed, will require freight and 
passenger rail operators to implement additional security requirements, 
and will increase TSA's oversight of operators' security efforts.\59\ 
However, TSA has not issued standards for securing all surface 
transportation modes or determined whether it will issue standards for 
all modes, and is still defining what its regulatory role will be for 
these modes. We have ongoing work assessing the security of surface 
modes of transportation, and will report on our results later this 
year.
---------------------------------------------------------------------------
    \59\ See 71 Fed Reg. 76,852 (Dec. 21, 2006).
---------------------------------------------------------------------------
Strategic Approach for Implementing Security Functions
    In September 2005, DHS completed the National Strategy for 
Transportation Security. This strategy identified and evaluated 
transportation assets in the United States that could be at risk of a 
terrorist attack and addressed transportation sector security needs. 
Further, in May 2007, DHS issued a strategic plan for securing the 
transportation sector and supporting annexes for each of the surface 
transportation modes, and reported taking actions to adopt the 
strategic approach outlined by the plan. The Transportation Systems 
Sector-Specific Plan describes the security framework that is intended 
to enable sector stakeholders to make effective and appropriate risk-
based security and resource allocation decisions within the 
transportation network. TSA has begun to implement some of the security 
initiatives outlined in the sector-specific plan and supporting modal 
plans. Additionally, the Implementing Recommendations of the 9/11 
Commission Act imposes a deadline of May 2008, for the Secretary of DHS 
to develop and implement the National Strategy for Public 
Transportation Security. Our work assessing DHS's efforts in 
implementing its strategy for securing surface transportation modes is 
being conducted as part of our ongoing reviews of mass transit, 
passenger and freight rail, commercial vehicle, and highway 
infrastructure security. We will report on the results of this work 
later this year.
Threat, Vulnerability, and Criticality Assessments
    TSA has taken actions to assess risk by conducting threat, 
criticality, and vulnerability assessments of surface transportation 
assets, particularly for mass transit, passenger rail, and freight 
rail, but its efforts related to commercial vehicles and highway 
infrastructure are in the early stages. For example, TSA had conducted 
threat assessments of all surface modes of transportation. TSA has also 
conducted assessments of the vulnerabilities associated with some 
surface transportation assets. For example, regarding freight rail, TSA 
has conducted vulnerability assessments of rail corridors in eight High 
Threat Urban Areas where toxic-inhalation-hazard shipments are 
transported. With respect to commercial vehicles and highway 
infrastructure, TSA's vulnerability assessment efforts are ongoing. 
According to TSA, the agency performed 113 corporate security reviews 
on highway transportation organizations through Fiscal Year 2007, such 
as trucking companies, state Departments of Transportation, and motor 
coach companies.\60\ However, TSA does not have a plan or a time-frame 
for conducting these reviews on a nationwide basis. Furthermore, DHS's 
National Protection and Programs Directorate's Office of Infrastructure 
Protection conducts vulnerability assessments of surface transportation 
assets to identify protective measures to reduce or mitigate asset 
vulnerability. With regard to criticality assessments, TSA reported in 
April 2008 that the agency had conducted 1,345 assessments of passenger 
rail stations.\61\ Additionally, the Implementing Recommendations of 
the 9/11 Commission Act has several provisions related to security 
assessments. For instance, the Act requires DHS to review existing 
security assessments for public transportation systems as well as 
conduct additional assessments as necessary to ensure that all high-
risk public transportation agencies have security assessments. 
Moreover, the Act also requires DHS to establish a Federal task force 
to complete a nationwide risk assessment of a terrorist attack on rail 
carriers. We will continue to review threat, vulnerability, and 
criticality assessments conducted by TSA related to securing surface 
modes of transportation during our ongoing work.\62\
---------------------------------------------------------------------------
    \60\ TSA conducts corporate security reviews in multiple modes of 
transportation to establish baseline data against which to evaluate 
minimum-security standards and identify coverage gaps in reviewed 
systems.
    \61\ According to TSA, the agency completed 945 criticality 
assessments in Fiscal Year 2007 and 400 assessments in Fiscal Year 
2008. TSA officials stated that some of these assessments may have been 
conducted to update previously completed ones.
    \62\ For more information, see GAO, Passenger Rail Security: 
Enhanced Federal Leadership Needed to Prioritize and Guide Security 
Efforts, GAO-07-225T (Washington, D.C.: Jan. 18, 2007).
---------------------------------------------------------------------------
Issuance of Security Standards
    TSA has taken actions to develop and issue security standards for 
mass transit, passenger rail, and freight rail transportation modes. 
However, TSA has not yet developed or issued security standards for all 
surface transportation modes, such as commercial vehicle and highway 
infrastructure, or determined whether standards are necessary for these 
modes of transportation. Specifically, TSA has developed and issued 
both mandatory rail security directives and recommended voluntary best 
practices--known as Security Action Items--for transit agencies and 
passenger rail operators to implement as part of their security 
programs to enhance both security and emergency-management 
preparedness. TSA also issued a notice of proposed rulemaking in 
December 2006, which if finalized as proposed, would include additional 
security requirements for passenger and freight rail transportation 
operators.\63\ For example, the rule would include additional security 
requirements designed to ensure that freight railroads have protocols 
for the secure custody transfers of toxic-inhalation-hazard rail cars 
in High Threat Urban Areas. DHS and other Federal partners have also 
been collaborating with the American Public Transportation Association 
(APTA) and public and private security professionals to develop 
industry-wide security standards for mass transit systems. APTA 
officials reported that they expect several of the voluntary standards 
to be released in mid-2008. Additionally, the Implementing 
Recommendations of the 9/11 Commission Act requires DHS to issue 
regulations establishing standards and guidelines for developing and 
implementing vulnerability assessments and security plans for high-risk 
railroad carriers and over-the-road bus operators.\64\ The deadlines 
for the regulations are August 2008 and February 2009, respectively. 
With respect to freight rail, TSA is developing a notice of proposed 
rulemaking proposing that high-risk rail carriers conduct vulnerability 
assessments and develop and implement security plans. We will continue 
to assess TSA's efforts to issue security standards for other surface 
transportation modes during our ongoing reviews.
---------------------------------------------------------------------------
    \63\ See 71 Fed. Reg. 76,852 (Dec. 21, 2006).
    \64\ See Pub. L. No. 110-53,  1512, 1531, 121 Stat. at 429-33, 
454-57.
---------------------------------------------------------------------------
Compliance Inspections
    TSA has hired and deployed surface transportation security 
inspectors who conduct compliance inspections for both passenger and 
freight rail modes of transportation; however, questions exist 
regarding how TSA will employ the inspectors to enforce new regulations 
proposed in its December 2006 Notice of Proposed Rulemaking and 
regulations to be developed in accordance with the Implementing 
Recommendations of the 9/11 Commission Act.\65\ TSA officials reported 
having 100 surface transportation inspectors during Fiscal Year 2005 
and, as of December 2007, were maintaining an inspector workforce of 
about the same number. The agency's budget request for Fiscal Year 2009 
includes $11.6 million to fund 100 surface transportation security 
inspectors--which would maintain its current staffing level. 
Inspectors' responsibilities include conducting on-site inspections of 
key facilities for freight rail, passenger rail, and transit systems; 
assessing transit systems' implementation of core transit security 
fundamentals and comprehensive security action items; conducting 
examinations of stakeholder operations, including compliance with 
security directives; identifying security gaps; and developing 
effective practices. To meet these compliance responsibilities, TSA 
reported in December 2007 that it had conducted voluntary assessments 
of 50 of the 100 largest transit agencies, including 34 passenger rail 
and 16 bus-only agencies, and has plans to continue these assessments 
with the next 50 largest transit agencies during Fiscal Year 2008. With 
respect to freight rail, TSA reported visiting, during 2007, almost 300 
railroad facilities including terminal and railroad yards to assess the 
railroads' implementation of 17 DHS-recommended Security Action Items 
associated with the transportation of toxic-inhalation-hazard 
materials.
---------------------------------------------------------------------------
    \65\ See, e.g., Pub. L. No. 110-53,  1534, 121 Stat at 461-62.
---------------------------------------------------------------------------
    TSA has raised concerns about the agency's ability to continue to 
meet anticipated inspection responsibilities given the new regulations 
proposed in its December 2006 Notice of Proposed Rulemaking and 
requirements of the Implementing Recommendations of the 9/11 Commission 
Act. For example, the Act mandates that high-risk over-the-road bus 
operators, railroad carriers, and public transportation agencies 
develop and implement security plans which must include, among other 
requirements, procedures to be implemented in response to a terrorist 
attack.\66\ The Act further requires the Secretary of DHS to review 
each plan within 6 months of receiving it. TSA officials stated that 
they believe TSA inspectors will likely be tasked to conduct these 
reviews. The Act also requires that the Secretary of DHS develop and 
issue interim final regulations by November 2007, for a public 
transportation security training program.\67\ As of April 2008, these 
interim regulations have not been issued. According to TSA officials, 
TSA inspectors will likely be involved in ensuring compliance with 
these regulations as well. To help address these additional 
requirements, the Implementing Recommendations of the 9/11 Commission 
Act authorizes funds to be appropriated for TSA to employ additional 
surface transportation inspectors, and requires that surface 
transportation inspectors have relevant transportation experience and 
appropriate security and inspection qualifications.\68\ However, it is 
not clear how TSA will meet these new requirements since the agency has 
not requested funding for additional surface transportation security 
inspectors for Fiscal Year 2009. We will continue to assess TSA's 
inspection efforts during our ongoing work.\69\
---------------------------------------------------------------------------
    \66\ See Pub. L. No. 110-53,  1405, 1512, 1531, 121 Stat. at 402-
05, 429-33, 454-57.
    \67\ See Pub. L. No. 110-53,  1408, 121 Stat. at 409-11 (requiring 
that the Secretary develop and issue final regulations for the training 
program by August 2008).
    \68\ See Pub. L. No. 110-53,  1304, 121 Stat. at 393-94.
    \69\ For more information, see GAO, Passenger Rail Security: 
Enhanced Federal Leadership Needed to Prioritize and Guide Security 
Efforts, GAO-06-181T (Washington, D.C.: Oct. 20, 2005).
---------------------------------------------------------------------------
Grant Programs
    DHS has developed and administered grant programs for various 
surface transportation modes, although stakeholders have raised 
concerns regarding the current grant process. For example, the DHS 
Office of Grants and Training, now called the Grant Programs 
Directorate, has used various programs to fund passenger rail security 
since 2003. Through the Urban Areas Security Initiative grant program, 
the Grant Programs Directorate has provided grants to urban areas to 
help enhance their overall security and preparedness level to prevent, 
respond to, and recover from acts of terrorism. The Grant Programs 
Directorate used Fiscal Year 2005, 2006, and 2007 appropriations to 
build on the work under way through the Urban Areas Security Initiative 
program, and create and administer new programs focused specifically on 
transportation security, including the Transit Security Grant Program, 
Intercity Passenger Rail Security Grant Program, and the Freight Rail 
Security Grant Program. However, some industry stakeholders have raised 
concerns regarding DHS's current grant process, including the shifting 
of funding priorities, the lack of program flexibility, and other 
barriers to the provision of grant funding. For example, transit 
agencies have reported that the lack of predictability in how TSA will 
assess grant projects against funding priorities makes it difficult to 
engage in long-term planning of security initiatives. Specifically, 
transit agencies have reported receiving funding to begin projects--
such as retrofitting their transit fleet with security cameras or 
installing digital video recording systems--but not being able to 
finish these projects in subsequent years because TSA had changed its 
funding priorities. The Implementing Recommendations of the 9/11 
Commission Act codifies surface transportation grant programs and 
imposes statutory requirements on the administration of the 
programs.\70\ For example, the Act lists authorized uses of these grant 
funds and requires DHS to award the grants based on risk.\71\ It also 
requires that DHS and DOT determine the most effective and efficient 
way to distribute grant funds, authorizing DHS to transfer funds to DOT 
for the purpose of disbursement.\72\ According to the TSA Fiscal Year 
2009 budget justification, to ensure that the selected projects are 
focused on increasing security, DHS grants are to be awarded based on 
risk. We will continue assessing surface transportation related grant 
programs as part of our ongoing work.\73\
---------------------------------------------------------------------------
    \70\ See Pub. L. No. 110-53,  1406, 1513, 1532, 121 Stat. 405-08, 
433-35, 457-60.
    \71\ See, e.g., Pub. L. No. 110-53,  1406(b), (c)(2), 121 Stat. at 
405-07.
    \72\ See Pub. L. No. 110-53,  1406(d), 1532(e), 121 Stat. at 407, 
459.
    \73\ For more information see GAO-06-181T.
---------------------------------------------------------------------------
Conclusions
    DHS and TSA have undertaken numerous initiatives to strengthen the 
security of the Nation's transportation system, and should be commended 
for these efforts. Regarding commercial aviation, TSA has developed 
processes to more efficiently allocate and deploy the TSO workforce, 
strengthened screening procedures, is working to develop and deploy 
more effective screening technologies, strengthened the security of air 
cargo, and improved the development of a program to prescreen 
passengers against terrorist watch-lists. Further, TSA has more 
recently taken actions in a number of areas to help secure surface 
modes of transportation. More work, however, remains. For example, 
TSA's surface transportation security efforts are still largely in the 
early stage, and the nature of its regulatory role, and relationship 
with transportation operators, is still being defined. Opportunities 
therefore exist to further strengthen these efforts, in particular in 
the areas of risk management and program planning and monitoring. Our 
work has shown--in homeland security and in other areas--that a 
comprehensive risk management approach can help inform decisionmakers 
in the allocation of finite resources to the areas of greatest need. We 
are encouraged that risk management has been a cornerstone of DHS and 
TSA policy, and that TSA has implemented risk-based decisionmaking into 
a number of its efforts. Despite this commitment, however, TSA will 
continue to face difficult decisions and trade-offs--particularly as 
threats to transportation systems evolve--regarding acceptable levels 
of risk and the need to balance security and its investments among all 
transportation modes. We recognize that doing so will not be easy.
    Mr. Chairman this concludes my statement. I would be pleased to 
answer any questions that you or other members of the Committee may 
have at this time.

    The Chairman. Thank you very much, Director Berrick.
    If I may ask the Administrator, Mr. Secretary, why is the 
Administration proposing an increase in fees just after 
Congress considered a similar request and rejected it? And how 
much funding do you have at the current time for the EDS 
program, which has not been expended?
    Mr. Hawley. For the issue of the fee financing, it is 
significantly different from the previous request in that it is 
limited by time. It is a four year surcharge to get through the 
in-line baggage system process, and we have that in for over 
$400 million in 2009 and about $1.7 billion or so for the 4 
years, which would complete within that time-frame all of the 
EDS restructuring that now is going to take more than a decade.
    So that is--the reason is to accelerate the deployment, and 
we thought this was a better way to do it than being able to 
get additional appropriated dollars, increases to get that done 
as well.
    And then for the unobligated, I can provide that for the 
Committee. But I would like to raise one other issue that is 
important here, and that is that we are looking with the 
National Laboratories--Sandia National Labs, Lawrence 
Livermore, Los Alamos--at what the standards are for checked 
baggage screening in view of additional technology, both in the 
airframe security to make the airframe stronger as well as 
improvements in detection capability that might open up more 
cost-effective routes for us to do checked baggage screening 
that would have that effect by lowering the cost of 
accelerating the deployment.
    So we are expecting to get further word from the National 
Labs here in the next month or so, and that will better inform 
us on the best deployments. But we have also set up the 
strategic plan--I think we did that last week--that projects 
all of the 2008 proposed funding.
    The Chairman. So you do have leftover, but you don't know 
how to spend that yet?
    Mr. Hawley. No, no. We know how to spend it. In fact, we 
have sent up to the Congress the deployment plan for 2008. And 
what it says is we have this much money, and here is how we 
would spend it.
    The Chairman. The Committee has been advised that airports 
need more money at this time to improve their infrastructure, 
and they are not prepared at the present time for the 
installation of the EDS. Is there any truth to that?
    Mr. Hawley. The reconstruction of airports is extremely 
expensive, and in the 9/11 bill that you and the Vice Chairman 
mentioned in your comments, the requirement of using the first 
$250 million that drops in from the user fees gets spent on 
these systems. So the reason it would take another decade or so 
is that the needs are so great and so expensive.
    And so, we either have to find a way to do it much cheaper, 
using a different technology, or a financing mechanism like a 
surcharge that would allow us to speed it up. Those are the two 
levers that we can play with to accelerate the deployment. 
Other than that, it is on a longer term that doesn't make me 
comfortable. And I think the clear message from this Committee 
and ATSA was get these machines deployed system-wide as soon as 
possible.
    The Chairman. I will be back again. But I would like to ask 
Ms. Berrick, do you believe that the TSA plan to meet the 
requirement to inspect 100 percent of the cargo transported on 
passenger aircraft is being carried out or can be carried out?
    Ms. Berrick. They do have plans that we are aware of, and I 
know that they are kicking off a pilot to begin this effort. 
And it involves moving the screening further down the supply 
chain. We have done work on air cargo security before and did 
identify that this method is being used in some other countries 
successfully, and the United Kingdom is one place where it is 
being used.
    So the idea and the concept of this has proven effective in 
other countries. We haven't yet seen the specific details and 
plans on how TSA plans to implement it here, but that is 
something we will be looking at, that we have been asked by 
Congress to do follow up work on.
    The Chairman. So you haven't had the opportunity to study 
the TSA plan?
    Ms. Berrick. Not in detail, no.
    The Chairman. What primary actions do you believe that TSA 
should take to strengthen the security of air cargo?
    Ms. Berrick. I think one is developing detailed plans for 
their strategy for securing 100 percent of cargo and screening 
100 percent of cargo on passenger aircraft. That is one area.
    Another area is cargo coming into the United States. TSA 
has done a lot of security efforts to strengthen cargo 
transported domestically. There has been less of a focus by CBP 
and TSA on cargo coming into the United States from foreign 
countries. For example, there is a lot of cargo that is 
exempted from screening that is coming into the United States 
from foreign countries. Also, TSA and CBP's inspection program 
is less rigorous for cargo coming into the United States from 
foreign countries.
    So I think developing the plan for 100 percent screening 
and also putting an increased focus on cargo coming into the 
United States should be two priorities.
    The Chairman. Do you believe that the technology being 
planned for use by TSA would meet the requirements?
    Ms. Berrick. We have reported that DHS's Science and 
Technology Office, which is spearheading the technology effort 
in partnership with TSA, has been slow. There are a lot of 
technology pilots underway. I think about 10. There is one that 
we have been able to identify where there are specific time-
frames on when they expect it to be deployed, and that is EDS-
type screening. But the rest, it has been unclear when the 
completion dates for those have been expected.
    So, to answer your question, there are a lot of 
technologies in the works. It is unclear when they are going to 
be available for cargo.
    The Chairman. Thank you very much.
    Senator Stevens?
    Senator Stevens. Thank you very much.
    First, Mr. Hawley, I have said many times when you are here 
before us that in our state 70 percent of our cities are 
reached only by air. We fly probably 10, 15 times the amount of 
any Americans, and yet I find that there is no recognition of 
this in this plan.
    Alaskans are dependent upon air travel as their primary 
means of transportation, are forced to pay the surcharge every 
time they take off. Air travelers, per se, are the only ones 
that pay for security in this country.
    Now, why should we continue to increase the surcharge on 
people who fly every day in our state when, in any other State, 
they would be getting on a commuter train or they would be 
getting on a bus or getting in a taxi and paying no cost at all 
for their security? Why do you continue this?
    Mr. Hawley. I appreciate the point. The reason is to try to 
accelerate the deployment of these systems and----
    Senator Stevens. But why don't you exempt some of the small 
areas? The small hub airports are very busy little airports, 
but they are primarily serving just the local area, commuters 
in from various places into a place like Bethel. And then once 
you get to Bethel, you wait until the next day to get on a 
plane to go to Anchorage. And then you wait in Anchorage until 
the next day for a plane to go to Seattle.
    Now I don't know any other state that really uses air 
transportation the way we do, but your regulations don't 
recognize that difference for Alaska. Why?
    Mr. Hawley. It is a large-scale fee tool, and I suppose 
that in the drafting of the legislation to enact it, it would 
be possible to reflect some of the things that you are talking 
about.
    Senator Stevens. Well, I looked at that, and the idea we 
gave you provided discretion on where you charge them. You 
don't have to charge the same thing at hub airports you charge 
at large airports. You don't have to charge the same thing for 
intrastate as you do interstate passengers.
    At least intrastate versus interstate would make a great 
deal of difference to us. But why do you insist that intrastate 
passengers pay the same costs? As I said, some of our people 
fly two and three times in a day to just get to either 
Anchorage or Fairbanks.
    I don't know why we have to pay intrastate surcharges for 
things we are not going to get at all. As a matter of fact, you 
do not even plan for this. There is no solution for the small 
airports at all.
    Mr. Hawley. Yes, so we would be happy to work with the 
Committee staff. Frankly, as we looked at it, it was trying to 
fill the budget hole of how can we, with simplicity and 
certainty, raise the money that we need to fill it, and that 
kind of fine-tuning, we would be happy to work with the 
Committee on.
    Senator Stevens. Well, I hope you would because you 
probably have 10,000, 15,000 people in my state that are flying 
more than any other Americans, but they are flying within our 
own state. And I don't see any reason why we should pay for 
security for Chicago and New York and Los Angeles. And that is 
what we are doing. We are paying more per capita than anyone, 
and yet there are fewer of us paying in.
    I would hope you would take a good look at it. The 
intrastate thing just makes no sense to me in terms of this. I 
will get to you, and you may disagree with me at the GAO.
    But let me go on to air cargo, and that has been mentioned 
by GAO. The concept of this, the requirements of the 9/11 bill 
mandates inspection of 100 percent of cargo within 3 years. Now 
our Anchorage airport is number one in the U.S. for landed 
weight cargo aircraft, number three in the world for cargo 
throughput. How do you plan to catch up with the requirements 
of the 9/11 bill if you haven't started at all with regard to 
our airport?
    Mr. Hawley. We are looking only at air cargo carried on 
passenger aircraft for that particular provision. There are two 
provisions. One is directed primarily on the maritime sector, 
and then this one is aimed at the passenger jets that have 
cargo on them. And so, it is an approach very much similar to 
what the GAO recommended in the study they did, and it gets to 
the issue that Ms. Berrick raised about international 
partnership.
    So we are using a system that is used in other countries. 
And that by having a system that can align with these other 
nations, we think that addresses the issue that Ms. Berrick 
raised about screening of incoming. But----
    Senator Stevens. Aren't we included in the 100 percent 
requirement for air cargo within 3 years?
    Mr. Hawley.--it is 50 percent by February 2009 and then, 18 
months later, 100 percent of cargo carried on passenger 
aircraft. And so, that is----
    Senator Stevens. You are not inspecting cargo airplanes at 
all?
    Mr. Hawley.--not a part of this program. There is a 
separate security plan for all cargo aircraft that does not 
contemplate screening every individual package on it. So the 
view from a risk perspective is that the passenger aircraft 
represent a bigger risk.
    Senator Stevens. I would question that. All right, let me 
go on then to TWIC. As you know, TWIC enrollment in Alaska 
began on April 30th, and it is planned for Anchorage, Nikiski, 
and Valdez. I am told you plan to have mobile enrollment sites 
at Kodiak, Cordova, Dutch Harbor, Ketchikan, Craig, Haines, 
Skagway, Sitka, Petersburg, and Wrangell.
    Now the problem is for people who have to travel long 
distances, Alaskan new hires have to fly to Anchorage or other 
central locations to enroll in these plans at their cost. And 
when you are talking about Dutch Harbor, you are talking about 
flying about 1,200 miles. Or if you are up in Barrow, it is a 
good 2,000.
    Why? Why do these people have to fly, and why can't you 
take people out to these areas on a scheduled basis and have 
them get enrolled?
    Mr. Hawley. Well, the ports in Alaska are, as you know, a 
big logistical challenge. So we are looking at that.
    And what we are hoping is that we can get over the next 
year, as people travel into the sites where we do have the 
mobile screening locations, that we can get the majority of 
them. And, then at some point, to then make a decision based on 
where we have populations that need to be credentialed and to 
then deploy other mobile screening to folks we need to cover.
    And that is another reason why we extended the compliance 
deadline until next April, to account for some of the 
logistics.
    Senator Stevens. You have extended the compliance time? I 
did not realize that.
    Mr. Hawley. Until April 15, 2009. And that was done in 
conjunction with industry to accommodate many of the concerns 
that you are articulating.
    Senator Stevens. OK, that means that these people are 
coming onboard now before 2009 don't have to be--have TWIC at 
all, right?
    Mr. Hawley. There will not be the access control compliance 
enforcement until then. They are getting the threat 
assessments. They have them. They are subject to spot checks. 
But the date by which everybody has to have it is moved to 
April 15.
    There will be some enforcement in October in the New 
England area, and that is worked out with the captain of the 
port and the industry there.
    Senator Stevens. We do have half the coastline in the 
United States. Have you ever been to Dutch Harbor?
    Mr. Hawley. Not to Dutch Harbor, no, sir. I have been to 
Alaska, but not Dutch Harbor.
    Senator Stevens. But I really think--have you ever been to 
southeastern Alaska--Juneau, Ketchikan?
    Mr. Hawley. Well, Kodiak.
    Senator Stevens. You have a good fishing knowledge, I can 
see.
    Mr. Hawley. Not a great deal. Not success anyway.
    Senator Stevens. OK. Well, I am worried about the fact that 
these regulations, again, are imposed upon us when we are 
spread out so thin around an area one-fifth the size of the 
U.S., and this puts the burden on our workers to travel long 
distances to meet your people. And I think you have--there is 
enough so that your people could travel the long distances and 
have a schedule to enroll our prospective workers, and I don't 
quite understand how you are going to get there with what you 
have got planned.
    Mr. Hawley. Well, we start in Nikiski, as you know, next 
week, and that is another population that we will be serving. 
And I think a lot of it has to do with the communication with 
the industry to get the word out so that folks who are 
traveling into the areas where we do have the stations will 
have a chance to enroll. But, it is our responsibility and that 
with our partner, Lockheed Martin, who provides these, to 
service the community and whatever it takes to get people 
enrolled.
    Senator Stevens. Have you ever thought of letting the Post 
Offices do this? So many other things, like getting passports 
and what not, you go to the Post Office and you can fill out 
the form and get it and do it right and mail it in.
    Why can't you use the facilities that are already 
available, supported by the economy, and have them be able to 
identify themselves and get the application? The Postmaster in 
all these places can verify a passport or identification just 
as well as your TWIC guys can. I don't understand why the 
expense of the system the way you have designed it in areas 
like mine.
    Mr. Hawley. I think that is a common sense suggestion, and 
we will pursue it.
    Senator Stevens. Thank you.
    Let me go to you, Ms. Berrick. This burden is placed on air 
travelers where this temporary surcharge is leveraging 
Government contributions for long-term funding from the bond 
markets. Do you support the Administration's preference for the 
short-term approach rather than a long-term solution to the 9/
11 bill?
    Ms. Berrick. Well, we haven't looked specifically at the 
fee and the surcharge and assessed that. We have reported that 
in-line systems can significantly increase security and create 
efficiencies in terms of TSA needing less TSOs to screen 
baggage, and we said that it doesn't make sense for all 
airports, but it is one good solution for a lot of airports.
    But in terms of time-frames, we recommended that TSA come 
up with a strategy for how they are going to address this. They 
have issued the strategy. We didn't make a comment on at what 
point this should be implemented, but we did identify that this 
can provide significant benefits, and it is important to pursue 
it.
    Senator Stevens. Do you agree that this surcharge is an 
unnecessary burden on air travelers in terms of the concept 
involved? I don't know why we should have a temporary surcharge 
to deal with a problem like this. Why shouldn't we have a 
percentage increase in the surcharge, per se, and not have this 
be temporary?
    It seems to me there is a temporary, right, and then 
theoretically, it has got to end? I don't remember many 
surcharges ending when they are supposed to end. But it does 
seem to me that this places an unnecessary burden on those who 
are very frequent travelers on airplanes. Have you looked at 
the impact of this on frequent travelers as opposed to those 
who just fly maybe once or twice a year?
    Ms. Berrick. No, we have not, sir.
    Senator Stevens. Do you think it would be worthwhile to do?
    Ms. Berrick. We could certainly talk to your staff about 
your interest and maybe a way to possibly do that, if you would 
like.
    Senator Stevens. Well, I hope you will because it does seem 
to me that a temporary surcharge and this concept--I can 
understand where it might be necessary in these areas where you 
are going to make changes. We are going to pay--our people are 
going to pay this surcharge, and no changes are contemplated 
for our area at all.
    So we will have this surcharge for how many years, Mr. 
Hawley? Three years?
    Mr. Hawley. Four years.
    Senator Stevens. Four years. We pay the surcharge more than 
anybody else, and there are no changes contemplated by the plan 
in our state. I really--I think you both should understand our 
antipathy for this concept of a surcharge that is never going 
to benefit us.
    Now does the GAO believe that TSA can meet its deadline for 
Secure Flight by 2010, Ms. Berrick?
    Ms. Berrick. We are looking at Secure Flight right now. We 
reported a couple of months ago that TSA has made significant 
progress in developing the program. They have instilled a lot 
more discipline and rigor into the development.
    We did cite some concerns, and one relates to program costs 
and schedule estimates. We looked at the estimates TSA 
developed. We thought that they could be improved. So we cited 
some concerns with that. And obviously, that could impact their 
time-frames.
    So we made recommendations for TSA to strengthen their 
schedule and cost estimates, among some other areas. TSA agreed 
with that. We are going back in now to look at TSA's current 
efforts. And as you know, we are mandated by legislation to 
review TSA's development of Secure Flight after DHS certifies 
the program, which is expected in August of this summer.
    So before they roll this out nationwide, GAO does have to 
do a review and report to the Congress on the development of 
the program, which we will do.
    Senator Stevens. Would it be a burden to find out for us 
how much of this surcharge will come from intrastate as opposed 
to interstate passengers?
    Ms. Berrick. I would have to--we would have to look into 
that. I don't know off the top of my head. We could research 
that.
    Senator Stevens. It does apply, Mr. Hawley, to commuters as 
well to mainline air flights, right? Anyone who has a 
commercial flight----
    Mr. Hawley. Yes, sir, as proposed.
    Senator Stevens.--ticket is going to pay the surcharge.
    Mr. Hawley. That is the proposal.
    Senator Stevens. Even if you are just going from Sitka to 
Juneau or from Ketchikan to Wrangell in southeast Alaska, you 
are going to pay the surcharge. When you go from Sitka to 
Ketchikan to Wrangell to Petersburg to Sitka to Juneau, you are 
going to pay it five times, right?
    Mr. Hawley. No, just twice. It is capped at $1 per trip. It 
is 50 cents per leg.
    Senator Stevens. But that is per day, isn't it? I mean, if 
I have a schedule to go to all those places, I spend a day in 
each place to catch the next plane, how----
    Mr. Hawley. So it is per day.
    Senator Stevens.--it is per day, right?
    Mr. Hawley. I believe--well, that is the intent. And I 
guess in the legislation it would be a little bit clearer, but 
that is--I think the intent is that it would be for----
    Senator Stevens. Again, I would urge you to take a look at 
the impact of deciding it would only apply to interstate 
passengers rather than apply the surcharge to intrastate 
passengers.
    Thank you, Mr. Chairman.
    The Chairman. Thank you very much.
    Senator McCaskill?

              STATEMENT OF HON. CLAIRE McCASKILL, 
                   U.S. SENATOR FROM MISSOURI

    Senator McCaskill. Senator Stevens, I think the temporary 
surcharge is temporary only in imagination, and I think us 
directing rules doesn't do much good either in terms of 
Congressional prerogative. That is what I want to talk about 
today.
    I know, Mr. Hawley, that you and I have talked about this, 
and I have pounded on it a number of times about foreign repair 
stations. In 2003, Congress said to TSA you must develop a rule 
for security at foreign repair stations. And GAO in 2003 found 
a member of Al Qaeda working on an airplane in a foreign repair 
station.
    That was in February 2003. It was supposed to be done by 
August 2004. Once again, last year, Congress said we must have 
a rule about foreign repair stations. And so, now you have been 
told by Congress twice to complete the rule, and the rule is 
now 5 years--well, 4 years overdue.
    I understand you say it hasn't been a priority, even though 
Congress has told you twice to make it a priority. This is 
frustrating for those of us who get elected and believe we are 
trying to exercise the best judgment on behalf of the people we 
represent, that Congress says it is a priority and yet agencies 
of Government ignore what Congress says.
    When is this rule going to be finalized, and will you make 
the new deadline of August 2008?
    Mr. Hawley. Well, we certainly don't ignore the wishes of 
Congress. And on the issue of priority, I would say as a 
technical matter of threat and intelligence that it does not 
rise to the top of the charts of things that we have an 
obligation to stop in terms of stopping attacks.
    It clearly is an important area to be covered. We take the 
point that you make and in the 9/11 bill is very clear. We will 
have our proposed rule out, I believe, by the deadline in 
August. And the way the process works in terms of notice and 
comment, it takes considerably longer than the time allotted in 
the 9/11 bill.
    However, I do want to assure you that we have staffed up 
the office and are beginning to put in place security 
assessments and threat assessments, so that when we have the 
legal authority, we will have already done a number of the 
actual foreign repair stations inspections and analysis such 
that we will be able to begin applying the security now. And 
then, whenever the final rule becomes effective, that will then 
seal the deal in terms of having all of the authorities in 
place.
    Senator McCaskill. I understand that you have substituted 
your judgment as it relates to priorities, which, of course, is 
your prerogative as the head of the agency. But when you have a 
directive from Congress, I don't think that it is appropriate 
to substitute your judgment. It is the law.
    Mr. Hawley. Yes, so we are progressing as fast as one can 
write these rules. I am saying, just as a technical matter, my 
job is stop attacks against Americans, and that is the 
priority. And there are a number of live threats, and I believe 
the Director of National Intelligence called a clear and 
present danger and a number of the folks in the intelligence 
community have been quite clear of the threat environment in 
which we work.
    So I know that you and the other members of the Committee 
hold me accountable to do whatever it takes to stop attacks, 
and that is--in terms of my priority, it is that. And I believe 
the Congress recognized in creating TSA that that has to be--
the person in my job has to put those priorities first and 
clearly follow the instructions of Congress on foreign repair 
stations, and we are.
    We have already had 14 foreign assessments that we had 
folks out and doing, including----
    Senator McCaskill. But isn't it true, Mr. Hawley, that the 
only foreign assessments that you are doing are the ones where 
you have been invited?
    Mr. Hawley. We don't go in--well, we don't have legal 
authority to go in uninvited. What we have found----
    Senator McCaskill. Because there is no rule.
    Mr. Hawley. Exactly. But what we have found is cooperation 
that every single one that we have been to has opened the door 
and wants to have us look at it to ensure the security because 
they are under competitive pressure as well. So you are correct 
in terms that the rule does close--so there is no wiggle room. 
But all of the places that we have been six countries, 14 
repair stations--have let us have unfettered access.
    And we have the FAA inspectors, who also have access to it, 
and we have communicated with all of the FAA inspectors and 
have asked their support in their ongoing inspections for 
safety.
    Senator McCaskill. Have you been to any of the foreign 
repair stations unannounced?
    Mr. Hawley. I expect not in that we would make arrangements 
to go. So I think we probably--I am certain that we have made 
arrangements before showing up.
    Senator McCaskill. And have you done any of these 
assessments in any of the five nations that have foreign repair 
stations that are currently classified as terrorist Portuguese 
(Brazil) safe havens--Argentina, Brazil, Colombia, Indonesia, 
or the Philippines?
    Mr. Hawley. Yes.
    Senator McCaskill. And which one of those countries have 
you been to?
    Mr. Hawley. Colombia.
    Senator McCaskill. And was it in the border region?
    Mr. Hawley. I am not familiar with where the foreign repair 
station specifically visited was, but I can get back to you on 
that.
    Senator McCaskill. But it was not unannounced? In other 
words, they knew you were coming?
    Mr. Hawley. I frankly don't know the answer to the 
question, but I expect it was arranged in advance.
    Senator McCaskill. Well, it is my understanding that you 
have been doing some of these classified assessments as audits, 
but they are on invitation. And with some background as an 
auditor, I will tell you that someone inviting you to audit is 
generally a pretty good sign that you don't need to, whereas 
when you go in and audit regardless of whether they want you 
there or not, is generally when you find the problems that need 
to be addressed. I don't think being able to go in by 
invitation only is an assessment.
    Now tell me what is going to happen in August when they can 
no longer certify any more foreign repair stations, even though 
we have several in the process of being certified? These 
airlines are really in a bind now because they cannot certify 
any after August of this year, and there are 97 foreign repair 
stations waiting to be certified. What happens in August? We 
just shut it down?
    Mr. Hawley. No, we have to work with the airlines and the 
Congress to figure the best way forward. Our job is the 
security assessment, and we have already begun that. I expect 
that by that time we will be able to demonstrate to you and 
other Members of Congress the security measures that are in 
place that may allow for a practical way forward. But, yes, 
that needs to be developed.
    Senator McCaskill. And you do acknowledge, Mr. Hawley, 
that, in fact, the amount of foreign repairs has dramatically 
gone up in the last 5 years? Since we directed you to make the 
rule, the percentage of all the repair work being done in 
foreign repair stations has gone from approximatley 34 percent 
to 60-some percent.
    Mr. Hawley. Well, I know that there are about 720 abroad 
and over 4,000 domestically. I am not sure what the trajectory 
is in terms of growth of--in terms of revenue, but there are 
about 700 that need to be covered in these assessments.
    Senator McCaskill. And many of these airlines are using 
noncertified repair stations?
    Mr. Hawley. I would have to really check to get back to you 
whether that is a true statement. I can't affirm----
    Senator McCaskill. Ms. Berrick, isn't that a true 
statement?
    Ms. Berrick. My understanding is that some of them are, 
right.
    Senator McCaskill. I believe that is a true statement, and 
I would be more comfortable if you knew the trajectory and if 
you knew the status of airlines using noncertified foreign 
repair stations. I respect that you have to figure out what the 
priorities are in terms of our Nation's security, but I think 
this is a gaping hole.
    I know that the airlines want to take responsibility and 
want to be careful. But this is something we need to do.
    Before I yield to my colleague, I would like to briefly ask 
you one question about the checkpoint screening technologies. 
We spent a bunch of money on checkpoint technology and 
reconfiguration and on explosive trace portals.
    GAO has reported that 114 of these explosive trace portals 
are sitting in storage at a cost of over $20 million. If we 
didn't need them, why did we buy them? And if we need them, why 
are they sitting in storage?
    Mr. Hawley. Well, to get back on the foreign repair 
station, I would take issue that it is a gaping hole. I do not 
believe it is a gaping hole. I view it as one issue that among 
many a balanced security measure has to be in place.
    On the portals, so to speak, there are some maintenance 
issues with them in terms of, they are called puffers because 
they put compressed air out, lint and other things go up into 
the filters and can clog them. And we are working with the 
industry to make them more reliable.
    In other words, when you have a large portal in the 
checkpoint and it is down for maintenance, it blocks the way 
and also is not providing that level of security. So we are 
insisting on improved performance before fully deploying those. 
And also, as you may know, we are moving out with the whole 
body imager, which is a highly effective technology, and we 
have already announced that we will have 30 of them out. And 
that is another generation of technology that we think will be 
very effective.
    Senator McCaskill. Have we checked the maintenance on those 
technologies to make sure that we don't end up with $20 million 
of those in storage because they don't work?
    Mr. Hawley. Yes, we have, indeed.
    Senator McCaskill. And we are confident that we are not 
going to have a problem with spending that kind of money and 
then saying we can't use them because, frankly, they are 
impractical?
    Mr. Hawley. No. We know they work. They are in use in other 
places around the world. We have had extensive testing of them, 
and I think the real issue is public acceptance. And as you 
know, there are those advocates who are not comfortable with 
the clear image that is projected to the Officer screening. I 
think that is probably the issue, public acceptance, rather 
than the technology.
    Senator McCaskill. Thank you, Mr. Chairman.
    The Chairman. Thank you very much.
    Senator Kerry?

               STATEMENT OF HON. JOHN F. KERRY, 
                U.S. SENATOR FROM MASSACHUSETTS

    Senator Kerry. Thank you, Mr. Chairman.
    Obviously, the whole existence of Homeland Security is a 
response to America's learning in the most tragic way just how 
vulnerable our airports and our airlines were. And everybody 
still remembers painfully how horrible it was to see commercial 
airliners turned into missiles in the wrong hands. And I think 
that pain was particularly acute up in Boston because two of 
those planes took off from our city and our airport.
    We here responded, I think, swiftly and appropriately by 
saying we were going to put in place the resources and 
exponentially expand the Federal Air Marshal Service, among 
other things. And I want to talk about a few of those other 
things, but first let me focus on the Federal Air Marshal 
Service.
    The purpose of putting it in place was sort of a last line 
of defense. It was to combat terrorism, to reassure the public 
that they are safe in the skies, and finally, to act as a 
deterrent to terrorists from launching a future attack. We are 
now approaching 7 years from that period, and despite all of 
the time and energy, effort, reorganization, and money put into 
this program. Let me just preface this--I would not bring this 
up in a public hearing, as a former law enforcement officer, 
because I understand the imperatives of deterrence, and 
deterrence works off of a number of different theories.
    But CNN just weeks ago informed millions of Americans 
through an investigation that, according to whistleblowers 
within the service, ``Of the 28,000 commercial airline flights 
that take to the skies on an average day in the United States, 
fewer than 1 percent are protected by onboard armed Federal Air 
Marshals.''
    Now, again, I repeat I wouldn't personally bring this up in 
a spontaneous way. But now that is it out there, I am concerned 
about it, as Americans are concerned about it. And we, 
unfortunately, have to respond to it.
    Now I understand that TSA has publicly denied the number 
and, for reasons which I agree with, hasn't released the actual 
one, stating the number of covered flights, which is 
classified, and I think it ought to be classified. I am not 
suggesting it shouldn't be.
    But that doesn't deal with the problem of adequately 
addressing the deterrent and adequately confirming to people 
that they should feel safe. That still remains our public 
responsibility. And according to TSA's website, while the exact 
number of flights that Air Marshals protect is classified 
because you don't want terrorists to play a mathematical 
guessing game against the percentages, the actual number of Air 
Marshals employed by the agency is ``in the thousands.''
    Now my concern here is pretty simple. I think Congress 
needs assurance and the public needs assurance that this 
program is really working, that the people who would do us harm 
don't have to bet on some mathematical guessing game that right 
now all they have to do is rely on the news that is out there, 
which is not adequately responded to, frankly. And I don't 
think that is acceptable.
    I think Americans need to know that whatever level of 
deterrence is necessary and whatever level of protection they 
have come to expect, it is there. That is the right of every 
flyer and of every family in the country.
    And one Marshal stated this in the broadcast of CNN. This 
is what the Marshal said, that you folks are ``whistling past 
the graveyard, hoping against hope that this house of cards 
that you call airline security doesn't come crashing down 
around [you.]'' He said ``them.'' I changed it to ``you.''
    Now that shouldn't be acceptable. It is not acceptable to 
the Senate, to the Congress, the American people. Without a 
concrete refutation and some kind of evidence, some kind of 
statement, without a specific number that the program is 
working and a proactive public awareness campaign, I think you 
are going to have a hard time counteracting this knowledge that 
is out there now.
    And that means that the program could fail in providing two 
of the three goals that I spoke of--number one, reassuring the 
American people and, number two, actually providing an adequate 
deterrent against terrorism, even if the CNN report got it 
wrong.
    So after the report, I sent Secretary Chertoff a letter 
expressing my concerns. And as a result I have now gotten 
dozens of e-mails from current and former Federal Air Marshals, 
reaffirming the CNN report, speaking of high turnover rates, 
inadequate training for new employees, abusive management, 
abuse of traveling privileges, and discrimination and sexism. 
And people have outlined how they have been punished for 
whistleblowing in the past and have been pressured not to 
report on-the-job injury, or related illnesses.
    We have spent billions of dollars on this program since 9/
11. And the President's budget is now requesting $786 million 
more, which incidentally raises other questions. I think 
Senator Stevens, when I came in here, was asking you about the 
funding mechanism. And I gather if that funding mechanism 
doesn't pass, you actually have to cut these programs. Is that 
correct?
    Mr. Hawley. No, sir.
    Senator Kerry. You don't?
    Mr. Hawley. These are separate. We were just talking about 
the EDS deployments, the explosives detection checked baggage 
system.
    Senator Kerry. OK, these are separate. But this would mean 
if you don't get that fee, there is a reduction, isn't there?
    Mr. Hawley. No. No, sir.
    Senator Kerry. How so?
    Mr. Hawley. It is in a different budget category. There is 
a separate category for the Federal Air Marshal Service.
    Senator Kerry. I am not talking about the Federal Air 
Marshal Service. I am talking about your overall 
transportation, security, other facilities. I mean the four 
different sections.
    Mr. Hawley. It is just limited to the checked baggage 
systems is what we were talking about.
    Senator Kerry. OK. So, in other words, that fee will only 
go to----
    Mr. Hawley. Yes. Yes, exactly. It is a targeted four year 
specific fee for exactly that, checked baggage in-line system--
--
    Senator Kerry. Will the other sections of the budget, 
nevertheless, then be increased?
    Mr. Hawley. They are on their own and separately considered 
by the Congress, but the fee does not impact any of the 
security programs you have mentioned other than the checked 
baggage deployment of new systems.
    Senator Kerry. Well, let me give you an opportunity now in 
front of this Committee to help Americans understand and 
address what has been made public. Whether you agree or 
disagree that it should have been, it certainly affects notions 
of deterrence as it currently stands. We have to address that, 
both of us.
    Mr. Hawley. Yes.
    Senator Kerry. And I would like you to try to do so here 
now in order reassure passengers and anybody with any nefarious 
intent that they are listening to that this country is ready 
and prepared and that we are adequately deployed, and we are 
not going to play a gambling game based on numbers.
    Mr. Hawley. Thank you, Senator Kerry, for raising that 
issue. I very much appreciate it because the CNN story was 
completely wrong. And it was admitted by CNN it was a guess of 
somebody who was essentially anonymous and perhaps based on a 
very limited time period or geography.
    But we have--I am trying to figure out a good way to say it 
that would just kill this issue once and for all. We have, as 
you mentioned, thousands of Air Marshals. We run thousands and 
thousands of missions a month all over the world.
    Our Federal Air Marshals are among the best-trained--
highest marksmanship, best-trained officers. We like the 
reassurance. We like the deterrent. But make no mistake, the 
number-one capacity of the Federal Air Marshal Service is to 
stop attacks cold. And I have no doubt in my mind that if 
called to serve, there is no contest.
    And we change every day our Federal Air Marshal flight 
coverage based on threats, and we move them around city to 
city, country to country. Unfortunately, I guess, in some 
respects, they don't break cover very often. And there was a 
case where a flight was leaving Amsterdam in the Netherlands 
going to Indonesia, and some folks got up and were acting 
beyond something that we could tolerate, and our Federal Air 
Marshal team on that flight broke cover.
    Anybody wanting to do harm to an American aircraft has to 
know that in flights to or from areas that are at all 
interesting from a threat perspective, Air Marshals are 
covering those flights. Maybe not 100 percent of those flights, 
but Air Marshals are covering those flights.
    And anybody interested in the Olympics in Beijing this 
summer or throughout China, Federal Air Marshals are covering a 
significant number of flights there. As we look at any 
particular threat either in the U.S. or abroad, Federal Air 
Marshal teams are on those flights.
    Senator Kerry. Well, I appreciate your saying that. I think 
it is important. I am not pressing you for numbers because I 
think it would be inappropriate to do so here.
    But I will tell you, just anecdotally, that on any number 
of flights that I have been on--and I fly a lot, as we all do--
I have encountered Air Marshals. I have had conversations with 
them on flights from Washington to Boston, Boston to New York, 
New York to Washington, Washington to California, Washington to 
Miami, Europe to here. I have encountered Air Marshals.
    So I hope that whatever is going on in terms of the 
whistleblowing component and the management component of FAMS 
that you guys will address it because, under any circumstances, 
there is a lack of communication there or understanding and 
trust. And I think it is important for the agency to get its 
act together with respect to that.
    Mr. Hawley. Yes, sir. And I would pass on to you, and I 
have heard from Air Marshals myself who have flown with you and 
very much appreciate your support of them.
    Senator Kerry. Thank you very much.
    The Chairman. Because of the scheduled votes, we will have 
to adjourn the hearing earlier than expected. But if we may, 
Mr. Secretary and Madam Director, submit questions to you for 
your consideration and response?
    Ms. Berrick. Yes.
    Mr. Hawley. Yes, sir.
    The Chairman. So we will do that, and with that, the 
hearing is adjourned.
    [Whereupon, at 11:03 a.m., the hearing was adjourned.]
                            A P P E N D I X

  Response to Written Questions Submitted by Hon. Daniel K. Inouye to 
                     Hon. Edmund S. ``Kip'' Hawley
    Question 1. How is TSA determining the effectiveness of initiatives 
such as Behavioral Detection and the Aviation Direct Access Screening 
Program?
    Answer. The Screening of Passengers by Observation Techniques 
(SPOT) Program has several metrics in place to track its effectiveness. 
Some of these metrics include: the number of SPOT referrals, the number 
of SPOT referrals to Law Enforcement Officers (LEO), the specific 
reasons for the LEO referral, and the results of the LEO referral To 
date, over 11,000 SPOT referrals have been made to Law Enforcement 
Officers, resulting in over 900 arrests for various crimes, such as 
fraudulent documents, immigration violations, and outstanding warrants. 
Furthermore, Behavior Detection Officers (BDOs) who perform SPOT have 
been credited with thwarting possible nefarious acts, such as the 
recent incident in Orlando where an individual was identified by BDOs 
as displaying suspicious behavior. This individual was referred to Law 
Enforcement Officers, and components for making explosives, 
specifically pipe bombs, were discovered in his baggage. BDOs provided 
a critical layer of security that assisted in preventing the materials 
and the individual from boarding an airplane.
    The SPOT Program also utilizes a Standardization Team to conduct 
annual visits at each SPOT airport to evaluate the BDOs' procedures, 
methodology, reporting, and effectiveness of training. Recommendations 
of these standardization teams have resulted in changes to the program 
to better equip the BDOs to identify people who exhibit suspicious 
characteristics and behaviors.
    The Department of Homeland Security Science and Technology 
Directorate is also reviewing and evaluating the behaviors identified 
in the SPOT Program. This review will provide TSA with additional 
scientific expertise and help ensure that the BDOs are concentrating 
their efforts on behaviors that are indicative of threats to 
transportation security.
    The Aviation Direct Access Screening Program (ADASP) provides 
additional security and deterrence by randomly screening persons and 
property entering or present within a Security Identification Display 
Area, Air Operations Area, secured area, sterile area, or entering an 
aircraft. This program adds a measure of unpredictability and 
introduces an additional dimension of complexity designed to thwart 
actions that would be harmful to aviation security. The ADASP Program 
Manager tracks the metrics for this program, monitoring prohibited 
items and other items of interest found and ensuring that the ADASP 
operations are providing an effective use of resources.

    Question 1a. What has been the security impact of switching from 
private-sector to Federal travel document checkers?
    Answer. Replacing contract travel document checkers (TDCs) with 
Transportation Security Officers (TSOs) strengthens the current layers 
of security. TSOs provide a uniformed presence that serves as an added 
deterrent. TSOs are also better trained and equipped than the previous 
document checkers. The Transportation Security Administration (TSA) has 
invested considerable resources in deploying technology to the TDCs, 
such as magnifying loupes and ultraviolet lights used in detecting 
fraudulent documents. TSOs are vetted Federal employees and have access 
to Sensitive Security Information, to include the latest security 
threats. This information was not necessarily available to the private 
sector TDCs.
    Efficiencies are also gained in the checkpoint screening process 
with TSA performing the TDC function. There is no longer any disconnect 
between private document checkers and Federal TSOs. Passenger screening 
has become one fluid process undertaken by TSA.
    To date, over 3,700 TDC referrals to Law Enforcement Officers have 
resulted in over 350 arrests. This metric is tracked to demonstrate the 
effectiveness of the Federal document checkers in identifying 
potentially fraudulent documents or suspicious behavior in individuals 
who may wish to cause harm to the transportation system. While a 
byproduct of the TDC referral process may be the netting of low-level 
criminals, our intent is to solely identify and resolve a potential 
threat. This is further driven by current intelligence and events that 
still points to terrorists' desire to attack the transportation sector.

    Question 1b. What is the current annual attrition rate among TSA's 
senior-level and management employees? How does this compare with the 
workforce as a whole? What efforts does TSA have underway to address 
the turnover and what has been the impact of these efforts?
    Answer. The Transportation Security Administration's (TSA's) 
senior-level and management employees are in the J, K, L, and 
Transportation Security Executive Service (TSES) pay bands. These pay 
bands correspond to the General Schedule grades of 14 and above plus 
the Senior Executive Service (SES). The Fiscal Year (FY) 2007 attrition 
rates for these pay bands was 9.5 percent, 8.5 percent, 6.3 percent, 
and 14.8 percent, respectively.\1\ TSA's Fiscal Year 2007 overall 
attrition rate was 18.9 percent.
---------------------------------------------------------------------------
    \1\ This information was pulled from the National Finance Center on 
June 28, 2008. Fiscal Year 2007 information from the National Finance 
Center adjusts slightly over time because of retroactive corrections.
---------------------------------------------------------------------------
    Building on previous efforts, TSA has five training programs to 
enhance the competencies and engagement of its senior-level and 
management employees and those aspiring to those ranks. They are: (1) 
Core Skills Integration for J and K band employees in headquarters 
(CSI: J/K), (2) Foundations of Leadership for supervisory employees, 
(3) Mid-Level and (4) Senior-Level Leadership Development Programs 
(MLDP and SLDP), and (5) Leading from the Middle.
    The Critical Skills management course is for all headquarters (HQ)-
based J and K band employees. It is called Core Skills Integration: J/K 
(CSI: J/K), and is designed to enhance collaborative decisionmaking and 
process discipline skills for all employees at the critical J/K level 
at TSA HQ.
    The Foundations of Leadership Training is a 9-day course intended 
for newly promoted supervisors to provide the competencies needed by 
first line supervisors across TSA. Launched in November 2006, the 
course has now trained over 3,000 TSA supervisors, receiving strong 
participant evaluation scores. Since the course is nearly 2 years old, 
it will be reviewed to assess its impacts and to make necessary 
changes. Employee attitude survey data show improvement in some 
critical areas since the introduction of Foundations. Focus groups 
indicate the agency is realizing an additional benefit from the 
exposure participants get to peers from different parts of the 
organization. TSA plans to update the content and make the course more 
widely available.
    The Mid-Level Leadership Development Program serves the succession 
management goal of preparing employees who already have supervisory 
experience with enhanced competencies that will prepare them to be 
highly qualified bench strength for mid-level management positions both 
in the field and TSA HQ. While the program is less than a year old, it 
has already been rigorously evaluated. The highly decentralized beta 
model produced many excellent program practices at many locations. Work 
is now underway to provide structure and tools that will facilitate 
implementation of the best practices enterprise-wide.
    The Senior-Level Leadership Development Programs build bench 
strength for critical senior positions by developing competencies 
identified for those positions with mentoring, details, action learning 
projects, formal training, and other learning experiences. Currently, 
three iterations of this program are being offered:

   SLDP 1--intended to build bench strength for the critical 
        field positions of Federal Security Director, Executive Deputy 
        Federal Security Director, Special Agent in Charge, Deputy 
        Special Agent in Charge and Assistant Special Agent in Charge 
        at K Band and TSES levels. There are currently 61 participants;

   SLDP 2--intended to build bench strength for the critical 
        field positions of Assistant Federal Security Director for 
        Screening, Inspections, Operations, and the AFSD Generalist. 
        There are currently 51 participants; and

   SLDP 3--a formal Candidate Development Program, intended to 
        build bench strength for TSES positions, primarily at 
        Headquarters. TSA anticipates selecting 22 participants.

    Most SLDP 1 participants will complete the program requirements 
this fiscal year. About half have already been promoted, some more than 
once. While SLDP 2 participants only began implementing their 
individual development plans in the spring, many of them have already 
been promoted as well. Stakeholder assessments of the programs and 
their participants have been uniformly favorable, and TSA is confident 
that there is already a positive impact on bench strength for critical 
field positions. While SLDP 3 is still in the selection phase, the 
program plan calls for all participants to complete requirements by the 
end of FY 2009. In the interim, TSA's succession plan update will allow 
TSA to identify any new or emerging succession vulnerabilities and plan 
for a suitable learning and development response.
    The newest offering in the leadership suite is a highly rigorous 
course for middle managers titled, Leading from the Middle. This course 
takes a blended learning approach including candidate assessment and 
coaching, distance learning, classroom training, and directed, graded 
work on an issue paper that concerns genuine workplace concerns.

    Question 2. When will Secure Flight be fully operational for 
domestic watch list matching? For international watch list matching 
functions?
    Answer. The Transportation Security Administration anticipates that 
it will assume full watch list matching for all domestic aircraft 
operators by July 2009 and for all international aircraft operators in 
early 2010, pending approval of the necessary funding levels and the 
publication of the Final Rule.

    Question 2a. What are TSA's key challenges in meeting Secure Flight 
scheduled completion dates?
    Answer. The main challenge facing the Secure Flight program is to 
continue to maintain our aggressive implementation schedule. The $82 
million requested in the Fiscal Year 2009 budget allows us to maintain 
our progress and allow the accelerated implementation timeline to 
assume full watch list matching for all domestic aircraft operators by 
July 2009 and for all foreign air carriers by early 2010.

    Question 2b. What is the status of the Secure Flight rulemaking?
    Answer. The Transportation Security Administration (TSA) 
anticipates that the Secure Flight Final Rule will be submitted to the 
Office of Management and Budget (OMB) for review under Executive Order 
12866 by early August. Following OMB clearance, TSA will publish the 
final rule in the Federal Register.

    Question 3. Please provide a general update on the status of the 
TSA's efforts regarding general aviation security.
    Answer. The Transportation Security Administration (TSA) is engaged 
in efforts to enhance international and domestic general aviation (GA) 
security to minimize the vulnerability of such flights being used to 
deliver illicit materials, employed as a weapon, or transport 
individuals wishing to cause harm to the United States. Listed below 
are a number of initiatives that TSA is currently developing and 
implementing to help close existing security gaps:
    Secure Fixed Based Operator (SFBO) Concept: TSA has developed, in 
close coordination with the industry, a program in which overseas FBOs 
voluntarily provide additional security for flights inbound to the 
United States. The program allows FBOs to compare passenger and flight 
crew passports to the submitted manifests to confirm identities of 
persons onboard GA aircraft prior to departure. This program currently 
serves as a proof of concept to validate the effectiveness of the 
proposed security measures and assist in positively identifying the 
pilot. Current SFBO locations are Anchorage, Alaska, and Shannon, 
Ireland. TSA is actively engaged in discussions with additional 
potential host countries and plans to continue to partner with foreign 
FBOs to expand the existing pilot program to several more locations.
    Automatic Detection and Processing Terminal (ADAPT): To enhance 
TSA's ability to enforce airspace security rules, the agency has 
implemented a joint program between the Federal Aviation Administration 
and TSA known as ADAPT. This system serves as a critical advance 
warning system by allowing TSA and other agencies to gain better 
security situational awareness of the operations occurring in the 
National Airspace System. The system is currently operational, and it 
is continually being upgraded with additional commercial and government 
databases to more precisely verify flight operations and significantly 
improve security.
    Positive Pilot Identification (PPID): To appropriately address the 
issue of positive identification of airmen, TSA is in the early phases 
of the development of a pilot program designed to explore various 
methods of pre-departure and in-flight pilot identification. While the 
program will focus on multiple types of operations, the agency will 
initially focus on operations utilizing large aircraft. The purposes of 
the phased approach are to gain an understanding of the concept of the 
operations, to enhance TSA's ability to monitor a small, manageable 
population of operators, and to determine the advantages and 
disadvantages of alternative technology and other solutions and their 
impact on GA operations. The pilot program will serve as a means of 
verifying pilot identity for access to special airspace and in the 
event of an incident management situation.
    International Outreach: To facilitate better communication and 
harmonization with our foreign partners, TSA recently signed a quad-
lateral agreement with the European Union, Australia, and Canada to 
establish a working relationship in developing security initiatives 
that have an impact on GA throughout the world. Through this 
partnership, we intend to collaborate with industry security partners 
to incorporate universally accepted security measures into the GA realm 
of aviation. This international cooperation is positive step forward 
for GA, and will not only enhance security measures and practices being 
developed in agreement with other nations, but it is also envisioned 
that these measures and practices will become more uniform and 
standardized.
    9/11 Act Recommendations: TSA is in the process of developing, 
socializing, and implementing an airport vulnerability assessment tool 
for GA airport owners/operators to conduct a security self assessment 
of their respective facility. TSA envisions that this tool will be 
interactive and offered online, and will be aligned with existing 
security practices and measures to provide effective security while 
being reasonable and feasible for industry to utilize. Additionally, 
TSA is in the process of analyzing the feasibility of establishing a 
funding mechanism for security enhancements at GA airports.

    Question 4. Included in the Implementing Recommendations of the 9/
11 Commission Act of 2007 is a requirement that the TSA develop a means 
of enhancing security ``by properly identifying authorized airline 
flight deck and cabin crew members at screening checkpoints and 
granting them expedited access through screening checkpoints.'' What is 
the status of these efforts?
    Answer. The Transportation Security Administration (TSA) is 
evaluating the feasibility of instituting a sterile area access system 
through pilot testing at three airports: Baltimore-Washington 
International Airport, Pittsburgh International Airport, and Columbia 
(South Carolina) Metropolitan Airport. TSA will conduct a pilot of the 
proposed sterile area access system for 60 days at these locations and 
has committed to a July 2008 implementation date.

    Question 5. The 9/11 Act tasks TSA with many new and important 
responsibilities for surface transportation security. For rail security 
alone, the Act requires some 12 new rulemakings, reports, and 
assessments. How does the TSA plan to implement the new surface 
transportation security provisions of the 9/11 bill without any 
increased funding for the upcoming fiscal year?
    Please provide a list of all the mandates given to TSA in the 9/11 
Act, including for rail and surface transportation, and whether or not 
the mandate has been completed. If the mandate has not yet been 
completed, please include the expected completion date.
    Answer. The Transportation Security Administration (TSA) has 
developed implementation plans for all of the provisions in the 
Implementing Recommendations of the 9/11 Commission Act of 2007 (9/11 
Act) pertaining to freight rail transportation. Additional funding to 
implement a number of the provisions in the 9/11 Act (including several 
rail provisions) was included in the Fiscal Year (FY) 2008 Consolidated 
Appropriations Act and a spend plan has been approved. The funding will 
carry through FY 2009. TSA is identifying the specific processes needed 
to implement the actions required in the 9/11 Act. This includes the 
identification of the data necessary to assessing the economic impacts 
of specific taskings and rulemakings deployment. TSA is working 
diligently to meet its obligations in the 9/11 Act.
    The Transportation Security Administration tracks the status the 9/
11 Commission Act implementation on a monthly basis as part of a 
Department of Homeland Security managed working group. The attached 
spreadsheet lists all mandates given to TSA in the 9/11 Act and their 
current status. We would be happy to provide additional information to 
Congress regarding estimated completion dates on particular mandates of 
interest. Certain tasks lack sufficient resources to allow them to be 
completed in accordance with the 9/11 Act's deadlines. Projected 
completion dates are provided if known or reasonably predictable. Tasks 
that have not been resourced will not have an expected completion date.

    Question 6. Please explain why FEMA, presumably with TSA's 
guidance, has limited the use of FY 2008 grant funds for the Class I 
freight railroads to just training when the 9/11 Act clearly provides 
22 different appropriate uses for the funds.
    Answer. The Implementing Recommendations of the 9/11 Commission Act 
of 2007 authorized a grant program for freight railroad carriers. The 
Fiscal Year (FY) 2008 Consolidated Appropriations Act appropriated $400 
million for Public Transportation Security and Railroad Security 
Assistance. For FY 2008, the Department of Homeland Security (DHS) 
awarded $7.4 million from this appropriation to the freight railroad 
carriers.
    DHS focused the Railroad Security Assistance on Class II and Class 
III railroads, which have smaller operating budgets and profit margins 
and, therefore, do not have the funds to pay for security enhancements 
and mitigation efforts through their own budgets. The Class I 
railroads, having already prepared robust vulnerability assessments and 
security plans, were afforded an opportunity to obtain grants for the 
enhancement of training for frontline employees. Training of frontline 
employees is a top funding priority for DHS across all transportation 
grant programs.

    Question 7. Why did the FY 2009 budget proposal seek to eliminate 
all funding for freight railroad security efforts, despite the 9/11 Act 
authorization of $300 million for this purpose? Do you believe that the 
freight railroads' operations are totally secure and that no risks 
exist?
    Answer. The freight railroads and their owners are well positioned 
financially to make the necessary operational and infrastructure 
changes to improve their security posture. Funds have been made 
available to the freight railroads through the Freight Railroad 
Security Grant Program (FRSGP) administered by the Federal Emergency 
Management Agency. The FRSGP provided assistance to both small and 
large railroads to improve their security foundation by making funding 
available for conducting vulnerability assessments, developing security 
plans, and conducting security-related training for frontline 
employees.
    The Transportation Security Administration (TSA) has identified 
risks in freight railroad operations and is actively working with the 
industry to reduce vulnerabilities and minimize the consequences of a 
terrorist attack. For example, 2 years ago, TSA identified the 
transportation of Toxic Inhalation Hazard (TIH) materials through high 
population density areas to be the primary security risk for freight 
railroads and the communities they serve. TSA negotiated a voluntary 
agreement with the freight rail industry that would drive TIH risk 
reduction. This program's goal is to reduce the objectively measured 
risk of TIH rail transportation by 50 percent by the end of 2008. To 
date, this program has achieved a reduction of 52.7 percent in the 
measured risk. This reduction has been attained through the diligent 
and concerted efforts of the railroad carriers to make operational 
changes that reduce the time that TIH rail cars spend transiting high 
threat areas. The rail carriers have also instituted measures that 
provide better monitoring of these rail cars while they are standing 
still (referred to as ``dwell time'') so as to better detect and deter 
potential acts of terrorism. TSA has and will continue to monitor 
efforts to reduce the vulnerability of these security-sensitive 
shipments through field inspections and examination of rail car trip 
data. The TSA surface inspection force has conducted over 3,100 
individual surveys to verify the management of these cars by the 
railroads.
    In addition, TSA published a notice of proposed rulemaking on 
December 21, 2006, proposing rule security requirements for freight 
railroad carriers; intercity, commuter, and short-haul passenger train 
service providers; rail transit systems; and rail operations at 
certain, fixed-site facilities that ship or receive specified hazardous 
materials by rail. TSA anticipates issuing the final rule before the 
end of 2008.

    Question 8. Although you have moved all of your canine units and 
Visible Intermodal Protection and Response teams under aviation 
security, you indicate that a large number of them will still be used 
for surface transportation purposes. What percentage of these resources 
will be solely allocated to surface transportation?
    Answer. Since the program's inception in 2005, Visible Intermodal 
Protection Response (VIPR) deployments have been conducted in both the 
aviation and surface transportation areas.
    Of the 783 canine teams that are projected to be deployed by the 
end of Fiscal Year (FY) 2009, 82 teams, or approximately a little more 
than 10 percent, will be allocated to surface transportation.
    The percentage of VIPR teams that will be allocated to surface 
transportation cannot be accurately projected, because VIPR resources 
are not allocated by transportation mode, but rather by intelligence 
and/or threats, or through the direction of senior security managers.
    Absent specific intelligence information, the decision to conduct a 
VIPR operation at a particular transportation venue is made by the 
Federal Security Director and/or the Federal Air Marshal Special Agent 
in Charge. Historically, approximately half of all deployments have 
been focused in the aviation domain. The allocation of additional 
funding to the Transportation Security Administration (TSA) for VIPR 
deployments in the FY 2008 budget enabled TSA to support all modes of 
transportation and respond to intelligence and/or emerging threats.

    Question 9. On December 15, 2006, your agency issued a proposed 
rule to strengthen the security of the Nation's rail systems in high-
threat urban areas. The proposed rule would require freight railroads 
to increase the security of hazardous material shipments and to appoint 
a rail security coordinator to share information with the Federal 
Government. This proposed rule would also formalize the TSA's freight 
and passenger rail inspection authority and allow the TSA to impose 
fines for security violations. Congress has been promised many times 
that this rule would be finalized soon, but it is still not complete. 
When can we expect to see this important rule finally completed?
    Answer. The Transportation Security Administration anticipates 
publishing the final rule in the fourth quarter of this calendar year.

----------------------------------------------------------------------------------------------------------------
Statutory reference                 Task Description                                   Status
----------------------------------------------------------------------------------------------------------------
Section 1202(b)      Conduct a revision of the National Strategy    The revision is in progress. The strategy
                      for Transportation Security (NSTS).            must align with other strategies and plans
                                                                     required by the 9/11 Act and with the
                                                                     Transportation Systems Sector Security Plan
                                                                     (TS-SSP). Estimate completion by the end of
                                                                     the calendar year.
----------------------------------------------------------------------------------------------------------------
Section 1202(c)      Submit an expanded Periodic Progress Report    A progress report is undergoing agency
                      on the National Strategy for Transportation    review.
                      Security.
----------------------------------------------------------------------------------------------------------------
Section 1202(c)      Submit a written explanation of                This requirement has been completed. A
                      transportation security activities not         written explanation of transportation
                      delineated in the NSTS.                        security activities not delineated in the
                                                                     National Strategy for Transportation
                                                                     Security (NSTS) was delivered to Congress
                                                                     on November 19, 2007.
----------------------------------------------------------------------------------------------------------------
Section 1203(a)      Establish and submit a report containing the   The Transportation Security Information
 Title XII (49        Transportation Security Information Sharing    Sharing Plan (TSISP) is undergoing agency
 U.S.C.               Plan (TSISP), 150 days after enactment, and    review. Anticipate submission to Congress
 114(u)(6)(A))        annually thereafter. The plan shall contain    by the end of the calendar year.
                      a ``reasonable deadline'' by which the Plan
                      will be implemented.
----------------------------------------------------------------------------------------------------------------
Section 1203(a)      Submit a report on updates to the              The first annual report will be due one year
 Title XII (49        Transportation Security Info Sharing Plan 1    after the Transportation Security
 U.S.C.               year from enactment.                           Information Sharing Plan (TSISP) is
 114(u)(6)(B))                                                       implemented.
----------------------------------------------------------------------------------------------------------------
Section 1203 (b)(1)  Submit a semi-annual report on number of       The first semi-annual report will be due six
 Title XII            public and private stakeholders who were       months after the Transportation Security
                      provided with each Comptroller General         Information Sharing Plan (TSISP) is
                      report.                                        implemented.
----------------------------------------------------------------------------------------------------------------
Section 1302(a)      Establish regulations for civil penalties for  Regulation is under development.
                      nonaviation modes.
----------------------------------------------------------------------------------------------------------------
Section 1302(a)      Issue report to the public of all              TSA will meet the deadline of December 31,
                      transportation enforcement actions via the     2008.
                      Federal Register.
----------------------------------------------------------------------------------------------------------------
Section 1302(a)      Submit a report to the public via Congress on  This requirement has been completed. A
                      transportation security enforcement process.   report on the transportation security
                                                                     enforcement process was delivered to
                                                                     Congress on February 25, 2008.
----------------------------------------------------------------------------------------------------------------
Section 1303         Develop VIPR (Visible Intermodal Protection    This requirement has been completed. The
                      Response) Team.                                Visible Intermodal Protection Response
                                                                     (VIPR) teams have been created and are
                                                                     currently operating.
----------------------------------------------------------------------------------------------------------------
Section 1304         Deploy surface transportation inspectors to    This requirement has been completed. TSA has
                      assist carriers and enforce transportation     deployed transportation security inspectors-
                      security regulations and directives.           surface and will deploy additional
                                                                     inspectors commensurate with funding.
----------------------------------------------------------------------------------------------------------------
Section 1307(b)      Increase the number of explosives detection    This requirement has been completed. The
                      canine team up to 200 canine teams annually.   National Explosives Detection Canine Team
                                                                     Program (NEDCTP) has begun training and
                                                                     deploying canine teams. 170 new teams
                                                                     should be deployed by the end of the end of
                                                                     the calendar year.
----------------------------------------------------------------------------------------------------------------
Section 1307(c)      Establish criteria to ensure that the canine   The National Explosives Detection Canine
                      explosives detection teams trained by          Team Program (NEDCTP) is increasing the
                      external organizations are adequately          number of canine teams and is studying
                      trained and maintained.                        options for engaging external
                                                                     organizations.
----------------------------------------------------------------------------------------------------------------
Section 1309         Review TWIC regulations on conformity with     This requirement has been completed. In the
                      statute.                                       Transportation Worker Identification
                                                                     Credential (TWIC) rulemaking, TSA
                                                                     established the eligibility and
                                                                     qualifications standards workers must meet
                                                                     in order to apply for and receive a TWIC.
                                                                     These standards include the list of
                                                                     criminal offenses set forth in Section
                                                                     1309.
----------------------------------------------------------------------------------------------------------------
Section 1404(a)      Develop and implement the ``National Strategy  This requirement has been completed. The
                      for Public Transportation Security'' plan.     existing Mass Transit Annex to
                                                                     Transportation Systems Sector Security Plan
                                                                     (TS-SSP) meets the requirement.
----------------------------------------------------------------------------------------------------------------
Section 1405(a)      Review and study the DOT-FTA public            This requirement has been completed.
                      transportation security assessments.           Security assessments conducted by the
                                                                     Federal Transit Administration (FTA) were
                                                                     provided to TSA.
----------------------------------------------------------------------------------------------------------------
Section 1405(b)      Conduct local bus-only public transportation   Assessments have been completed and
                      system security assessments to determine       information is being prepared for use by
                      local public transportation security needs.    the transportation system operators.
----------------------------------------------------------------------------------------------------------------
Section 1405(c)      Require high-risk public transportation        Through TSA's Baseline Assessments and
                      agencies to develop comprehensive security     Security Enhancement (BASE) program 70 mass
                      plans.                                         transit systems were assessed, confirming
                                                                     that security plans have been developed and
                                                                     are being implemented. Assessment results
                                                                     are being used to develop parameters for
                                                                     the mandated regulation.
----------------------------------------------------------------------------------------------------------------
Section 1405(c)      Review, amend and approve high-risk public     Security assessments conducted under TSA's
                      transportation agencies' security plans.       Baseline Assessments and Security
                                                                     Enhancement (BASE) program (70 total)
                                                                     confirm security plans have been developed
                                                                     and are being implemented. Assessment
                                                                     results are informing development of the
                                                                     parameters for the mandated regulation.
----------------------------------------------------------------------------------------------------------------
Section 1405(e)      Update public transportation system security   This requirement has been completed.
                      assessments.                                   Baseline Assessments and Security
                                                                     Enhancement (BASE) program assessments were
                                                                     used to update the Federal Transit
                                                                     Administration (FTA) assessments. Revisions
                                                                     to the BASE assessment checklist since
                                                                     implementation in August 2006 have
                                                                     streamlined the process.
----------------------------------------------------------------------------------------------------------------
Section 1405(f)      Establish and adopt security improvement       This requirement has been completed and is
                      priorities.                                    on-going. Baseline Assessments and Security
                                                                     Enhancement (BASE) program assessments were
                                                                     used to set priorities for the assessed
                                                                     agencies.
----------------------------------------------------------------------------------------------------------------
Section 1406(a)      Establish public transportation grant          This requirement has been completed. It was
                      program.                                       completed with a joint letter by the
                                                                     Secretaries of DHS and Department of
                                                                     Transportation (DOT) specifying DHS as the
                                                                     lead on substantive and administrative
                                                                     matters pertaining to the Transportation
                                                                     Security Grant Program (TSGP). The letter
                                                                     was sent to the appropriate Congressional
                                                                     committees on December 21, 2007.
----------------------------------------------------------------------------------------------------------------
Section 1407(a)      Establish a new program that is part of the    TSA's Intermodal Security Training and
                      larger National Exercise Program that          Exercise Program (I-STEP) meets the
                      conducts security exercises for the public     exercise program requirements.
                      transportation sector (excluding ferries).
----------------------------------------------------------------------------------------------------------------
Section 1408(a)      Issue interim final regulations on public      Interim final regulations are under
                      transportation security training program.      development. The Congressional purpose has
                                                                     been met--security training guidelines by
                                                                     subject areas and categories of employees
                                                                     were published in February 2007 with
                                                                     streamlined application and eligible
                                                                     expenses funded under Transit Security
                                                                     Grant Program (TSGP).
----------------------------------------------------------------------------------------------------------------
Section 1408(a)      Issue final regulations on public              TSA is proceeding in an integrated approach
                      transportation security training program.      for the surface modes required to produce
                                                                     regulations on security plans that include
                                                                     training requirements. TSA prepared a draft
                                                                     security training rule, including preamble
                                                                     and regulatory text, for mass transit and
                                                                     passenger rail.
----------------------------------------------------------------------------------------------------------------
Section 1408(d)      Approve or require amendment to a public       This requirement is contingent on the
                      transportation agency's training program.      publication of the regulations and receipt
                                                                     of training programs.
----------------------------------------------------------------------------------------------------------------
Section 1408(g)      Secretary shall ensure the public              Requirements for making the public
                      transportation security training program is    transportation security training program a
                      a component of the larger National Training    component of the National Training Program
                      Program.                                       will be incorporated into the regulatory
                                                                     project.
----------------------------------------------------------------------------------------------------------------
Section 1410(a)      Ensure DOT receives timely notification of     This requirement has been completed.
                      all credible terrorist threats against         Notification to DOT occurs through the
                      public transportation systems.                 National Operations Center (NOC) and the
                                                                     Transportation Security Operations Center
                                                                     (TSOC) alerts and advisories and through
                                                                     direct engagement between TSA and FTA in
                                                                     the interagency Mass Transit Security
                                                                     Information Network.
----------------------------------------------------------------------------------------------------------------
Section 1410(b)      Fund public transportation ISAC.               The FY08 DHS Appropriations Act did not
                                                                     provide funding for the public
                                                                     transportation ISAC.
----------------------------------------------------------------------------------------------------------------
Section 1411         Establish a program to complete a name-based   Significant funding and time will be
                      background and immigration status check for    required to implement this requirement. TSA
                      all front-line public transportation           has begun to develop a project plan for a
                      employees.                                     rulemaking needed to satisfy this
                                                                     requirement.
----------------------------------------------------------------------------------------------------------------
Section 1412         Submit a report on implementation of Title     The report is undergoing agency review.
                      XIV (Public Transportation Security) action
                      items to include the amount of funds needed
                      to carry the Title XIV's mandates that have
                      not been appropriated or obligated.
----------------------------------------------------------------------------------------------------------------
Section 1413(i)      Publish regulations documenting process by     The regulatory project has been initiated.
                      which persons may contact DHS to report
                      public transportation security problems.
----------------------------------------------------------------------------------------------------------------
Section 1414(b)      Routinely update guidance and recommendations  This requirement has been completed.
                      given to public transit agencies for           Guidance approved by OMB in November 2007.
                      conducting voluntary security background
                      checks.
----------------------------------------------------------------------------------------------------------------
Section 1414(e)      Publish a regulation covering process for      A draft interim final rule has been
                      handling false statements.                     developed and is undergoing agency review.
----------------------------------------------------------------------------------------------------------------
Section 1557(d)      If determined necessary by the Secretary,      Evaluation of the need for regulations is on-
                      issue security regulations for pipeline        going.
                      operators.
----------------------------------------------------------------------------------------------------------------
Section 1501(13)     Define security-sensitive material.            A proposed definition for security-sensitive
                                                                     material (SSM) is undergoing agency review.
----------------------------------------------------------------------------------------------------------------
Section 1502(a)      Establish procedures to ensure all grants      This requirement has been completed.
                      made under Title XV (Surface Transportation    Procedures have been established.
                      Security) are expended in accordance with
                      this Title.
----------------------------------------------------------------------------------------------------------------
Section 1502(d)      Notify Congress within 5 days of issuing a     This requirement has been completed.
                      Letter of Intent (LOI).                        Appropriate Congressional delegations and
                                                                     staffs receive formal notification (within
                                                                     five days of issuing a Letter of Intent
                                                                     (LOI)).
----------------------------------------------------------------------------------------------------------------
Section 1504         Develop a Railroad and Over-the-Road Bus       This requirement has been completed. A
                      Security Public Outreach and Awareness Plan.   letter including the January 2008 plan was
                                                                     sent to Congress on June 17, 2008.
----------------------------------------------------------------------------------------------------------------
Section 1511         Establish a Task Force to assess the risk of   This requirement has been completed. Task
                      a terrorist attack on railroads.               force has been established.
----------------------------------------------------------------------------------------------------------------
Section 1511(b) and  Develop and implement the modal plan titled    The ``National Strategy for Railroad
 Section 1511(e)      ``National Strategy for Railroad               Transportation Security'' (NSRTS) is under
                      Transportation Security'' (NSRTS) based on     developmment.
                      the task force's risk assessment and
                      consults with railroad-related entities and
                      submit a report containing the assessment
                      and the plan.
----------------------------------------------------------------------------------------------------------------
Section 1512(a)      Issue railroad security regulation for high-   A regulatory project has been initiated.
                      risk carriers.
----------------------------------------------------------------------------------------------------------------
Section 1512(d),     Provide technical assistance, threat info and  Contingent on completing the railroad
 and (e), (f), and    guidance to railroad carriers on developing    security regulation for high-risk carriers.
 (h)                  their security plan developed in accordance
                      with the NSRTS; Review and approve
                      vulnerability (VA) and security plans;
                      Develop a program to assign railroads to
                      risk tiers and notify appropriate railroads.
----------------------------------------------------------------------------------------------------------------
Section 1513(c)      Award security improvement grants to railroad  This requirement has been completed. Grants
                      carriers, the Alaska railroad, shippers of     award announced on May 16, 2008.
                      security sensitive materials by rail, owners
                      of railcars used to transport security
                      sensitive materials and other recipients
                      identified in Title XV.
----------------------------------------------------------------------------------------------------------------
Section 1513(g)      Submit a report on the feasibility and         This report is in the initial stages of
                      appropriateness of requiring a non-federal     development.
                      match for grants awarded to freight railroad
                      carriers.
----------------------------------------------------------------------------------------------------------------
Section 1514         Award grants to Amtrak for general security    This requirement has been completed. Grants
                      purposes as well as specific projects.         have been awarded.
----------------------------------------------------------------------------------------------------------------
Section 1516(a)      Develop a program for railroad carrier         Pilot exercises were held in the National
                      exercises that is a component of the           Capital Region from January through June
                      National Exercise Program.                     2008. This program will be consolidated as
                                                                     an exercise package for national
                                                                     dissemination.
----------------------------------------------------------------------------------------------------------------
Section 1517(a);     Issue regulations for a railroad security      A consolidated regulatory project including
 Section 1517(e)      training program that is a component of the    railroad, public transit, and over-the-road
                      National Training Program.                     bus entities has been initiated. Anticipate
                                                                     a Notice of Proposed Rulemaking (NPRM) to
                                                                     be issued in the first quarter of Calendar
                                                                     Year 2009. The requirements of the National
                                                                     Training Program will be included in the
                                                                     training regulation and program
                                                                     implementation.
----------------------------------------------------------------------------------------------------------------
Section 1517(d)      Approve or amend the railroad carrier          This requirement is contingent upon issuing
                      training program.                              the regulation and the reviewing the
                                                                     carriers' training programs.
----------------------------------------------------------------------------------------------------------------
Section 1517(f)      Submit a report on a representative sample of  The report will be submitted after the
                      the railroad training programs.                regulations are published and the training
                                                                     programs have been reviewed.
----------------------------------------------------------------------------------------------------------------
Section 1517(g)      Issue guidance and best practices for a        Completion of this requirement will be
                      railroad shipper employee security program.    concurrent with the Freight Railroad
                                                                     security regulation.
----------------------------------------------------------------------------------------------------------------
Section 1519(b)(5)   Complete a study of the probable methods of a  TSA is working with the DHS Chemical
                      terrorist attack on a railroad tank car used   Security Analysis Center (S&T) to conduct
                      to transport toxic gases (DISPERSION MODEL).   analyses of tests on release of toxic
                                                                     inhalation hazards from rail tank cars.
                                                                     Expected to begin around January 2009.
----------------------------------------------------------------------------------------------------------------
Section 1520         Establish a program to complete name-based     Significant funding and time will be
                      security background and immigration status     required to implement this requirement. TSA
                      against the consolidated terrorist watch       has begun to develop a project plan for a
                      list for all railroad frontline employees.     rulemaking needed to satisfy this
                                                                     requirement.
----------------------------------------------------------------------------------------------------------------
Section 1521(i) and  Publish regulations documenting the process    A regulatory project has been initiated.
 Section 1536(i)      by which persons may contact DHS to report     Currently, TSA via the TSA Contact Center
                      railroad security problems and over-the-road   (TCC) has in place procedures through which
                      bus security problems, deficiencies or         persons may report security related matters
                      vulnerabilities.                               including those relating to motor carriers
                                                                     and railroads.
----------------------------------------------------------------------------------------------------------------
Section 1522(b)      Routinely update guidance and recommendations  This requirement has been completed. The
                      given to railroad carriers/contractors for     guidance approved by OMB in November 2007
                      conducting voluntary security background       was disseminated to mass transit and
                      checks.                                        passenger rail security partners.
----------------------------------------------------------------------------------------------------------------
Section 1522(e)      Publish a regulation covering a process for    A draft interim final rule has been
                      handling false statements.                     developed and is undergoing agency review.
----------------------------------------------------------------------------------------------------------------
Section 1531         Publish regulations for high risk tiered over- A draft Notice of Proposed Rulemaking (NPRM)
                      the-road bus operators to conduct              is undergoing agency review.
                      vulnerability assessments and to submit a
                      security plan.
----------------------------------------------------------------------------------------------------------------
Section 1531(d) and  Provide technical assistance, threat           TSA will provide technical assistance to
 (e)                  information, and guidance to over-the-road     assist operators to comply with the
                      bus operators on completing their              requirements of the regulations when
                      vulnerability assessments and developing       published.
                      their security plan.
----------------------------------------------------------------------------------------------------------------
Section 1531(f)      Review and approve security plans of high      This requirement is contingent upon issuing
                      risk over-the-road bus operators.              the regulations and receiving the security
                                                                     plans.
----------------------------------------------------------------------------------------------------------------
Section 1531(h)      Develop a process to assign over-the-road bus  A draft Notice of Proposed Rulemaking (NPRM)
                      operators to a risk-based tier that includes   is undergoing agency review.
                      notifying the operator within 60 days of
                      assignment or reassignment.
----------------------------------------------------------------------------------------------------------------
Section 1532         Establish a program for making grants to       This requirement has been completed. All
                      private over-the-road bus operators that       awards were announced and finalized on May
                      prioritizes grants based on security risks.    16, 2008.
----------------------------------------------------------------------------------------------------------------
Section 1533         Establish a program for over-the-road bus      TSA's Intermodal Security Training and
                      exercises that is consistent with the larger   Exercise Program (I-STEP) is being adapted
                      National Exercise program.                     to serve as the over-the-road bus exercise
                                                                     program.
----------------------------------------------------------------------------------------------------------------
Section 1534(a);     Develop and issue regulations for an over-the- A draft Notice of Proposed Rulemaking (NPRM)
 Section 1534(e)      road bus training program to prepare over-     is undergoing agency review. TSA will
                      the-road frontline employees that is a         assure the necessary steps are taken to
                      component of the National Training Program.    make the over-the-road bus training program
                                                                     a component of the National Training
                                                                     Program.
----------------------------------------------------------------------------------------------------------------
Section 1534(d)      Approve over-the road bus operators' security  This requirement is contingent upon the
                      training programs.                             issuance of the training regulations and
                                                                     review of the training program plans.
----------------------------------------------------------------------------------------------------------------
Section 1534(f)      Submit a report on the over-the-road bus       The report will be submitted no later than
                      employee training program.                     two years after issuance of the regulations
                                                                     on over-the-road bus training program.
----------------------------------------------------------------------------------------------------------------
Section 1538         Submit a report containing threat assessment   The report is under development.
                      of the risk of terrorist attack on the
                      Nation's school bus system.
----------------------------------------------------------------------------------------------------------------
Section 1540         Submit a report containing threat assessment   The threat assessment has been initiated,
                      on commercial trucking security issues.        however the magnitude of the study, about
                                                                     100 threat scenarios, will preclude
                                                                     completion by the due date.
----------------------------------------------------------------------------------------------------------------
Section 1541         DHS and DOT shall execute and develop an       Annex is undergoing agency review.
                      annex to the dept's 9/28/04 MOU addressing
                      roles and responsibilities with respect to
                      motor carrier transportation security
                      matters.
----------------------------------------------------------------------------------------------------------------
Section 1551         DHS shall support the DOT secretary to         This requirement has been completed. An
                      publish a final rule requiring railroads to    Interim Final Rule (IFR) was published on
                      analyze routes over which Security Sensitive   April 16, 2008.
                      Materials are carried and adjusts the routes
                      over which SSM is carried accordingly.
----------------------------------------------------------------------------------------------------------------
Section 1551(i)(2)   Publish high-consequence targets that          A project to develop and publish the list
                      railroads must consider in transporting        has been initiated.
                      security sensitive materials.
----------------------------------------------------------------------------------------------------------------
Section 1552(a)      Develop a program to ``encourage using         This requirement has been completed.
                      improved technology'' to track rail cars
                      transporting SSM and detecting breaches in
                      the integrity of a tank car.
----------------------------------------------------------------------------------------------------------------
Section 1554         Develop a program to facilitate tracking of    A program has been developed, however it was
                      motor carrier shipments of security            not funded for implementation under the
                      sensitive materials and enhanced technology    2008 Consolidated Appropriations Act.
                      to improve their security.
----------------------------------------------------------------------------------------------------------------
Section 1554(c)      Evaluate and submit a report on the program    The evaluation is contingent on completing
                      developed to track motor carrier shipment of   Section 1501(13) and funding of the
                      security sensitive materials.                  tracking program.
----------------------------------------------------------------------------------------------------------------
Section 1556(b)      Incorporate technical corrections for          This requirement poses significant
                      background check requirements for persons      information technology challenges that TSA
                      holding a valid TWIC card.                     is currently addressing. Further changes
                                                                     may be required to the existing HME
                                                                     regulation.
----------------------------------------------------------------------------------------------------------------
Section 1557(a)      Establish a program for tasking pipeline       This requirement has been completed. Program
                      operators to comply with PHMSA security        has been established.
                      guidelines.
----------------------------------------------------------------------------------------------------------------
Section 1557(b)      Develop and implement a plan for reviewing     A plan has been developed and funds have
                      pipeline security plans of the 100 most        been allocated. TSA is taking steps to
                      critical pipeline operators.                   implement the plan.
----------------------------------------------------------------------------------------------------------------
Section 1557(d)      Issue security recommendations, as             This requirement has been completed.
                      appropriate, for pipelines operators based     Recommendations have been provided to the
                      on review of pipeline security plans.          industry.
----------------------------------------------------------------------------------------------------------------
Section 1558(a);     Develop a pipeline security and incident       TSA is developing a project plan with
 Section 1558(d)      recovery protocols plan and submit a report.   Department of Transportation (DOT) that
                                                                     includes possible use of the Transportation
                                                                     Security Center of Excellence. The report
                                                                     will be submitted by the deadline of August
                                                                     3, 2009.
----------------------------------------------------------------------------------------------------------------
Section 1607(b)      Begin implementation of strategic plan for     Implementation of strategic plan for
                      explosives detection at passenger screening    explosives detection at passenger screening
                      checkpoints.                                   checkpoints is underway.
----------------------------------------------------------------------------------------------------------------
Section 1601         Expend fund from ``Checkpoint Screening        This requirement has been completed. TSA
                      Security Fund'' for explosives detection       will purchase checkpoint evolution
                      equipment at checkpoints.                      screening equipment until funds are
                                                                     expended. A spend plan was developed and
                                                                     sent to Congress on April 11, 2008. Funds
                                                                     will be expended in accordance with the
                                                                     spend plan.
----------------------------------------------------------------------------------------------------------------
Section 1602(a)      TSA shall develop a program to screen 50       A strategy has been implemented to achieve
                      percent of air cargo on passenger aircraft     the 18-month and 36-month milestones.
                      with 18 months of and 100 percent within 36
                      months of bill passage
----------------------------------------------------------------------------------------------------------------
Section 1602(a)      Issue air cargo screening IFR and Final Rule   The Interim Final Rule (IFR) is in the
                      as necessary.                                  drafting stage. Anticipate publishing the
                                                                     IFR before the end of the calendar year.
----------------------------------------------------------------------------------------------------------------
Section 1602(a)      Secretary's explanation for not issuing final  TSA expects to release a Final Rule within
                      rule, if necessary.                            one year of issuing an Interim Final Rule
                                                                     (IFR) in accordance with the requirements
                                                                     of the 9/11 Act.
----------------------------------------------------------------------------------------------------------------
Section 1602(a)      Submit a report to Congress on air cargo       TSA is developing its 100 percent screening
                      screening system.                              strategy and will submit a report one year
                                                                     after full implementation of this strategy.
----------------------------------------------------------------------------------------------------------------
Section 1602(b)      Submit a report to Congress and GAO on air     This requirement has been completed. A
                      cargo screening exemption.                     report on air cargo screening exemption was
                                                                     sent to Congress in March 2008.
----------------------------------------------------------------------------------------------------------------
Section 1603(b)      Submit a report on the cost-sharing study for  This requirement has been completed. A
                      in-line baggage screening.                     report on the cost-sharing study was
                                                                     delivered to Congress on April 2, 2008.
----------------------------------------------------------------------------------------------------------------
Section 1604(a)      Develop a program for making grants to         Currently being implemented and completed on
                      airport sponsors for projects to improve       an annual basis.
                      aviation security such as replacing baggage
                      conveyor systems, reconfiguring terminal
                      baggage areas to install explosive detection
                      systems, etc.
----------------------------------------------------------------------------------------------------------------
Section 1604(b)      Submit a report on the prioritization          The report is undergoing agency review. A
                      schedule for airport security improvement      letter on the status of this provision was
                      projects, a corresponding timeline, and a      sent to Congress on March 31, 2008.
                      description of the funding allocation.
----------------------------------------------------------------------------------------------------------------
Section 1605(a)      Submit a report on the plan to test and        This requirement has been completed. The
                      implement advanced passenger prescreening      Secure Flight report was delivered to
                      system.                                        Congress on December 5, 2007.
----------------------------------------------------------------------------------------------------------------
Section 1607         Develop and issue a strategic plan for         An updated Strategic Plan is undergoing
                      strengthening explosives detection at          agency review.
                      passenger screening checkpoints.
----------------------------------------------------------------------------------------------------------------
Section 1609         Submit a report on the department's            Evaluation is complete and the report is
                      evaluation of the results of the blast-        undergoing agency review. A letter on the
                      resistance pilot program.                      status of this provision was sent to
                                                                     Congress on March 31, 2008.
----------------------------------------------------------------------------------------------------------------
Section 1609         Make available blast-resistant cargo           TSA has placed blast-resistant cargo
                      containers to air carriers.                    containers on the qualified products list
                                                                     and made them available to have air
                                                                     carriers.
----------------------------------------------------------------------------------------------------------------
Section 1611         Develop program for specialized security       This requirement has been completed. TSA has
                      training for TSO's.                            established ongoing training programs for
                                                                     Transportation Security Officers (TSOs) to
                                                                     develop specialized skills in the following
                                                                     areas: behavior observation and detection,
                                                                     direct access security screening, bomb
                                                                     appraisal, improvised explosive device
                                                                     recognition, and travel document
                                                                     verification.
----------------------------------------------------------------------------------------------------------------
Section 1612         Hire sufficient TSA personnel to enhance       This requirement has been completed. TSA has
                      security and reduce passenger wait time to     instituted a Screening Allocation Model
                      10 minutes.                                    that ensures that TSA has the appropriate
                                                                     level of personnel at each airport to meet
                                                                     all operational needs during both peak and
                                                                     down periods of passenger volume. The
                                                                     system-wide average wait time has never
                                                                     exceeded the 10-minute threshold cited in
                                                                     Section 1612.
----------------------------------------------------------------------------------------------------------------
Section 1613         Institute a pilot program at not more than 2   TSA is planning to institute a pilot program
                      airports to ID technologies to improve         at two airports to ID technologies to
                      security at airport exit lanes.                improve security at airport exit lanes. The
                                                                     pilot launch is expected to take place at
                                                                     Dallas Forth Worth International and
                                                                     Seattle-Tacoma International in the 4th
                                                                     quarter of 2008.
----------------------------------------------------------------------------------------------------------------
Section 1613(c)      Submit a preliminary report in the form of a   This requirement has been completed. The
                      Hill briefing on the these pilot programs.     briefing on ID technologies to improve
                                                                     security at airport exit lanes was
                                                                     submitted to the appropriate Congressional
                                                                     committees on April 16, 2008.
----------------------------------------------------------------------------------------------------------------
Section 1613(c)      Submit a final report on the results of the    A report on the results will be completed
                      pilot programs.                                within 18 months of the pilot launch. The
                                                                     pilot launch at both airports is expected
                                                                     to take place in the 4th quarter of 2008.
----------------------------------------------------------------------------------------------------------------
Section 1614(a)      Submit a preliminary report on TSA's efforts   This requirement has been completed. A
                      to institute a sterile area access system.     preliminary report on TSA's efforts to
                                                                     institute a sterile area access system was
                                                                     delivered to Congress on March 26, 2008.
----------------------------------------------------------------------------------------------------------------
Section 1614(b)      Initiate implementation of the sterile area    TSA initiated three pilots projects for its
                      access system.                                 proposed sterile area access system at
                                                                     Baltimore-Washington International,
                                                                     Pittsburgh International, and Columbia
                                                                     Metropolitan.
----------------------------------------------------------------------------------------------------------------
Section 1615(a)      Publish Federal Register notice for a          Significant funding and time will be
                      national registered armed law enforcement      required to implement this requirement. An
                      program for armed officers traveling by        integrated project team has been formed to
                      commercial aircraft.                           begin these efforts.
----------------------------------------------------------------------------------------------------------------
Section 1615(b)      Submit a report on the law enforcement         This requirement is contingent upon
                      biometric credential program.                  implementation of Section 1615(a).
----------------------------------------------------------------------------------------------------------------
Section 1616         Issue regulations for security of foreign and  A draft Notice of Proposed Rulemaking (NPRM)
                      domestic aviation repair stations.             is undergoing agency review.
----------------------------------------------------------------------------------------------------------------
Section 1616         Develop program to conduct security reviews    TSA will initiate a repair station audit
                      of foreign repair stations.                    program immediately after publication of
                                                                     the final regulation. TSA inspectors
                                                                     continue to conduct audits of foreign
                                                                     repair stations in cooperation with foreign
                                                                     governments and repair station operators.
----------------------------------------------------------------------------------------------------------------
Section 1617         TSA shall develop and implement a new threat   TSA is creating a web-based assessment tool.
                      and vulnerability assessment program for       Testing of the website begins August 2008
                      general aviation.                              with site launch targeted for Fall 2008.
----------------------------------------------------------------------------------------------------------------
Section 1617         TSA shall complete a feasibility study on      This requirement has been completed. A
                      upgrades to security at general aviation       letter on the results of the grant
                      airports.                                      feasibility study was sent to Congress on
                                                                     April 9, 2008.
----------------------------------------------------------------------------------------------------------------
Section 1617         TSA shall develop a program under which        This requirement has been completed. TSA
                      general aviation aircraft are required to      currently ensures that passenger
                      submit passenger information and advance       information submitted by international
                      notification requirements for CBP before       general aviation aircraft, as identified in
                      entering U.S. airspace.                        coordination with the FAA, is vetted
                                                                     against the appropriate databases before
                                                                     entering U.S. airspace.
----------------------------------------------------------------------------------------------------------------

                                 ______
                                 
  Response to Written Questions Submitted by Hon. Roger F. Wicker to 
                     Hon. Edmund S. ``Kip'' Hawley
    Question 1. We often hear reports of airport closures or terminal 
evacuations due to suspect baggage. How many times were airports closed 
or terminals evacuated during 2007? Of these, how often were these 
evacuations and closures based on suspect baggage identified at 
security checkpoints? Has TSA calculated the economic cost associated 
with these evacuations and closures?
    Answer. In 2007, there were 49 terminal evacuations. In all 49 
instances, the terminal evacuations were based on suspect baggage 
identified at security checkpoints or other airport locations. TSA does 
not calculate the economic cost associated with these closures.
    The Transportation Security Administration's (TSA's) Bomb Appraisal 
Officer (BAO) program is designed to help address these checkpoint 
evacuation incidents. BAOs are TSA employees who were former military 
or public safety bomb disposal technicians and have previously served 
as members of a certified bomb squad. They are graduates of one of two 
bomb disposal schools, the Federal Bureau of Investigation Hazardous 
Devices School or the Department of Defense Naval School, Explosive 
Ordnance Disposal. BAOs bring their experience with improvised 
explosive devices directly to TSA's front line. If TSA screening 
personnel are unable to resolve an alarm, BAOs provide TSA with one 
more opportunity to resolve an alarm before turning the situation over 
to a Law Enforcement Officer who may order an evacuation and call for a 
bomb squad response.
    During calendar year 2007, there were 1,156 BAO-related requests to 
conduct advanced alarm resolution procedures. Of these, the BAO cleared 
1,139 events in an average of 12.5 minutes. Of the 17 events not 
cleared by the BAO, 7 were not cleared because the BAO was not present 
to respond. The remaining 10 events resulted in bomb squad responses 
for items such as hand grenades, 20 millimeter projectiles, blasting 
caps, temperature sensors, etc. Without the involvement of TSA BAOs, 
the number of terminal evacuations summarized above may have been far 
greater.

    Question 1a. Does TSA have a national policy on resolving suspect 
baggage? What are the procedures and technologies used by TSA to 
implement this policy and contain these threats?
    Answer. The Transportation Security Administration's (TSA's) 
national policy for resolving possible threats in suspect baggage 
involves application of process algorithms, technical procedures, 
technological solutions, and the training and experience of our 
professional screening workforce. When a bag is identified as 
containing potential threat items, the screening workforce must follow 
the procedures for clearing possible threats as detailed in the 
Screening Checkpoint and Checked Baggage Standard Operating Procedures.
    At screening checkpoints, accessible property is first examined 
with X-ray systems. For those items that appear to contain a prohibited 
item, the X-ray operator refers the bag to a property search screener 
who may apply a mixture of Explosive Trace Detection (ETD) screening, 
liquid explosive screening, and/or physical search procedures. For 
items that remain a potential threat, Transportation Security Officers 
request Bomb Appraisal Officer (BAO) and/or law enforcement assistance. 
BAOs have extensive experience (military or commercial) with explosive 
handling and/or identification. BAOs are readily available to assist 
the screening workforce by providing advanced alarm resolution 
procedures in cases where there may be an improvised explosive devices 
(IED) or IED components.
    For checked baggage at airports equipped with Explosive Detection 
Systems (EDS) X-ray systems, the screening workforce utilizes On-Screen 
Alarm Resolution Protocols to determine if the bag contains a possible 
threat. Additional screening is conducted utilizing ETD devices and/or 
physical search procedures for bags identified by the EDS as a possible 
threat. At airports equipped with ETD devices only, the screening 
workforce applies a varying ETD bag search protocol to each checked bag 
(search types are applied on a random basis). If a possible threat is 
identified, additional screening is conducted utilizing physical search 
procedures. Again, BAO assistance is requested for incidents involving 
suspected explosive devices. Law enforcement is notified when checked 
luggage remains suspicious after all screening alarm resolution 
procedures and BAO resolution efforts have been exhausted.

    Question 2. I recently wrote to you regarding concerns over small 
and medium sized airports' access to the latest explosive detection 
systems. Would you agree that the need for the small and medium 
airports to receive the latest explosive detection systems is just as 
important as the larger airports?
    Answer. The Transportation Security Administration (TSA) agrees. 
Based on the current strategic plan for the Electronic Baggage 
Screening Program (EBSP), TSA intends to deploy explosives detection 
systems (EDS) to all CAT X-III airports. This includes all medium-hub 
airports and most small-hub airports across the country. TSA is 
exploring the concept of dual use, which incorporates the screening of 
carry-on and checked baggage at smaller airports. There are 
opportunities for EDS and advanced technology to enhance screening 
capabilities at the smaller airports compared to current procedures. As 
part of the initial deployments of Automated Explosives Detection 
Systems (Auto-EDS) at smaller airports, TSA will be evaluating the 
feasibility of dual-use.
    For many small airports, the latest reduced-size EDS equipment is 
optimal from a security, economic, and spatial standpoint. These 
machines are smaller, have improved false alarm rates, and are less 
expensive from a life-cycle cost perspective than the initial 
generation of EDS machines deployed at many large airports. TSA has and 
will continue to deploy these reduced-size EDS machines at smaller 
airports across the country.

    Question 2a. What is the breakdown of funding for the past 3 years 
of explosive detection systems between the different categories and 
sizes of airports?
    Answer. This data is not available for Fiscal Year (FY) 2006. The 
chart below provides the data for FY 2007 and FY 2008.
  Category                               Size 
----------------------------------FY07----------------------------------
------------------------------------------------------------------------
X                       $341,380,300  Large                 $353,763,779
I                        $89,449,473  Medium                 $75,480,028
II                       $19,089,906  Small                  $15,828,626
III                       $9,778,509  Non-hub                $15,313,644
IV                          $687,888
------------------------------------------------------------------------
                            FY07 Supplemental
------------------------------------------------------------------------
X                       $143,667,214  Large                 $145,219,136
I                        $54,082,786  Medium                 $52,530,864
------------------------------------------------------------------------
                                  FY08
------------------------------------------------------------------------
X                       $357,304,911  Large                 $364,305,523
I                        $88,177,540  Medium                 $72,878,726
II                       $33,813,323  Small                  $53,301,064
                                       &Non-hub
III, IV                  $11,189,539
------------------------------------------------------------------------
    Funding for passenger screening checkpoint equipment is broken down 
by technology, not by airport size or category. However, TSA did 
procure 20 checkpoint Auto-EDS in FY 2007 for deployment to CAT X, I, 
III and IV airports. Approximately $5.5 million for checkpoint 
screening explosive detection technology was allocated for smaller 
category airports in FY 2007. Approximately $2.7 million for checkpoint 
screening explosive detection technology was allocated for Category X 
and I airports.

    Question 2b. How does TSA determine which airports receive the 
latest security technologies?
    Answer. There are a number of factors impacting TSA's decisions on 
where to deploy the latest security technologies. While primarily 
driven by a risk-based approach, considerations are also made based 
upon the sites' capability to accommodate the equipment with regard to 
space availability, size, and weight, among others.
    Airport technology project prioritization takes into account risk 
(e.g., threat, consequence, and vulnerability) as well as operational 
and economic considerations (e.g., projected airport growth, screening 
performance, economic viability, and on-the-job injury rates). 
Deployment of new technologies at airports is based on several factors, 
including:

        1. Predicted optimal screening system for each airport--TSA 
        identifies likely candidates for specific technologies based on 
        the most cost-effective, or optimal, screening system;

        2. Specific requests from airports and Federal Security 
        Directors (FSDs)--In some cases, airports or their FSDs will 
        request specific equipment. While the Office of Security 
        Technology makes the final decision on the make and model of 
        equipment to be deployed, where practical and justified, TSA 
        attempts to provide equipment requested by airports and their 
        FSDs; and

        3. Availability of specific equipment--In some cases, TSA may 
        not have the resources needed to purchase all equipment 
        requested or total equipment requests for specific technologies 
        may exceed availability. TSA attempts to balance equipment 
        supply with demand.

    Question 3. Based on the lessons learned from the puffer detection 
system program, what changes has TSA implemented for future detection 
system testing?
    Answer. As part of the procurement process for new technology, the 
Transportation Security Administration (TSA) thoroughly tests equipment 
for effectiveness and suitability. Procurement specifications are 
defined for each new technology and systems are tested against 
detection requirements in a laboratory environment. Qualified systems 
that demonstrate detection effectiveness are piloted in the field to 
evaluate operator usability, throughput, reliability, maintainability, 
availability, and passenger acceptance. The final selection of 
technologies is based upon a consolidated evaluation of system 
performance, including results from laboratory and operational testing.
    Incorporating some lessons learned from the Explosive Trace Portal 
procurement, TSA has emphasized being a more ``program management 
centric'' organization. This has improved TSA's ability to follow the 
acquisition life cycle to ensure that product specifications are fully 
reviewed, life-cycle costs analyzed, developmental and operational test 
and evaluation results are harmonized, and procurement decisions are 
made based on the results of a documented process. This will improve 
the decision-making process when procuring from a single vendor until 
we know the equipment is sufficiently mature such that a single vendor 
can provide the equipment that detects/performs as specified at a life 
cycle cost we can afford.

    Question 3a. Have small and medium sized airports been considered 
for detection system testing?
    Answer. Yes, the Transportation Security Administration (TSA) 
considers a variety of airport locations in selecting sites for 
operational (or field) testing and evaluation. Considerations are made 
based upon evaluation objectives, operating environment, ability to 
integrate items under test into the overall security architecture, and 
potential impact on current operations. As an example of TSA's 
commitment toward including small and medium sized airports for 
detection systems testing, we are currently considering several 
Category III and IV airports for the Dual-Use Auto-EDS Field 
Assessment. Under this pilot project, TSA will evaluate computed-
tomography based systems (similar to those currently employed to screen 
checked baggage in large and medium-sized airports), for screening both 
carry-on and checked baggage.

    Question 4. It is my understanding that TSA is using a number of 
different systems for detection such as metal detectors and new 
technologies including backscatter and millimeter wave systems. Where 
is TSA in the ongoing testing of new detection technologies? As TSA 
determines the capabilities of these new systems are you also studying 
the ongoing operation and maintenance costs?
    Answer. As an example of testing activities encompassing new 
passenger screening technologies, the Transportation Security 
Administration (TSA) has recently completed evaluation of several Whole 
Body Imaging (WBI) systems at Phoenix Sky Harbor International Airport 
(PHX). The WBI systems will remain at PHX for an additional period to 
gather reliability, maintainability, and availability (RMA) data. 
Testing of the WBI systems is currently ongoing at Los Angeles 
International Airport (LAX) and John F. Kennedy International Airport 
(JFK).
    We have also recently completed evaluation of several Advanced 
Technology carry-on baggage screening systems at LAX, Albuquerque, 
Reagan National Airport, PHX, and JFK.
    To better understand total life-cycle costs associated with 
operation of aviation security devices, TSA is establishing extended 
surveillance sites for these systems. This will provide an opportunity 
to validate vendor provided life-cycle data, characterize system 
performance over a longer time-frame, examine system RMA and logistics 
supportability for these systems (and associated operations and support 
costs).
                                 ______
                                 
  Response to Written Questions Submitted by Hon. Daniel K. Inouye to 
                          Cathleen A. Berrick
    Question 1. U.S. passenger and freight rail networks rely on an 
open architecture for the movement of freight, spanning vast rural 
stretches that are difficult to patrol and secure, and traversing 
densely populated urban areas. As a result, rail networks are 
inherently vulnerable to a variety of transportation security 
incidents, including potential terrorist attacks. What are the 
significant security concerns regarding U.S. passenger and freight rail 
networks?
    Answer. To date, U.S. passenger rail systems have not been targets 
of terrorist attacks. However, worldwide, public transportation in 
general and passenger rail in particular, have been attacked multiple 
times, sometimes with grave results. According to transit agency 
officials, certain characteristics of passenger rail systems make them 
inherently vulnerable to terrorist attack and therefore difficult to 
secure. By design, passenger rail systems are open (i.e., multiple 
access points, hubs serving multiple carriers, and, in some cases, no 
barriers) so that they can move large numbers of people quickly. The 
openness of passenger rail systems can leave them vulnerable because 
personnel cannot completely monitor or control who enters or leaves the 
system. In addition, other characteristics of some passenger rail 
systems--high ridership, expensive infrastructure, and high density 
locations--also make them attractive targets for terrorists because of 
the potential for mass casualties and economic damage and disruption. 
Moreover, the same characteristics that make passenger rail difficult 
to secure also may make the sustained use of some security measures, 
such as metal detectors, difficult because they could result in long 
lines that could disrupt service. In addition, multiple access points 
along extended routes could make the cost of securing each location 
prohibitive.
    Regarding freight rail, Federal and industry stakeholders have 
identified several security risks. Specifically, TSA officials have 
determined that the rail transportation of toxic inhalation hazard 
(TIH) materials in close proximity to large population centers 
represents a significant security concern because, if released from a 
rail car in large quantities under certain atmospheric conditions, 
these materials could present a significant health hazard to people 
within the path of the resultant plume. Concern also exists regarding 
the critical role that certain infrastructure, such as key bridges and 
tunnels play in the national railroad system. For example, certain 
bridges, such as those over large rivers, play a key role in the 
national railroad system because of limited rerouting options. As a 
result, the sabotage or destruction of this infrastructure presents 
significant economic concerns. Cyber security concerns have also been 
raised regarding possible attacks against rail computer networks and 
communication and control systems.

    Question 2. What steps is the TSA currently taking to address these 
concerns? More specifically with regard to passenger rail, what are the 
various layers of security that are now deployed to secure passenger 
rail systems?
    Answer. DHS, primarily through the efforts of TSA, has undertaken 
initiatives to strengthen the security of the Nation's surface 
transportation systems. TSA has recently increased its focus on the 
security of surface modes of transportation, and while efforts are 
still largely in the early stages, they demonstrate the various layers 
of security that TSA has developed to secure passenger rail and mass 
transit systems. These security efforts include: (1) assessing risk by 
conducting threat, criticality, and vulnerability assessments of 
passenger rail and mass transit assets; (2) developing and issuing 
mandatory rail security directives and recommended voluntary best 
practices for mass transit and passenger rail; (3) issuing a notice of 
proposed rulemaking that would add additional security requirements for 
passenger rail operations; (4) collaborating with the American Public 
Transportation Association (APTA) on industry-wide security standards 
for mass transit systems; (5) hiring and deploying surface 
transportation security inspectors who are conducting compliance 
inspections of the top 100 transit agencies; (6) conducting Visible 
Intermodal Protection and Response (VIPR) operations at transit 
agencies throughout the country and (7) distributing grant monies to 
transit agencies for security enhancements through the Transit Security 
Grant Program.
    To date, TSA has largely focused its freight rail security efforts 
on addressing the risks posed by the transportation of TIH materials. 
For example, since 2004, TSA has been meeting with rail carriers 
operating in major U.S. cities to assess the security status of these 
materials while in transit. Additionally, in June and November 2006, 
TSA and DOT jointly developed and issued 27 recommended security action 
items, or best practices, for the rail transportation of TIH materials. 
These 27 action items address a range of actions that were to be taken 
to protect TIH being transported by rail including for example, 
maintaining systems to locate rail cars transporting TIH materials, and 
inspect rail cars containing TIH materials for any apparent signs of 
tampering, sabotage, attached explosives, and other items. Also, in 
December 2006, TSA issued a proposed rulemaking that would require, 
among other things, that rail carriers incorporate specific processes 
into their operating practices to mitigate the security risks posed by 
TIH materials. For example, the rule would require rail carriers, 
shippers, and receivers of certain hazardous materials, including TIH, 
to establish and provide for a secure chain of custody and control for 
rail cars in their possession containing these types of materials. 
However, this proposed rule has not yet been finalized.
    In addition to GAO's ongoing work on mass transit security and 
freight rail security, we are also conducting reviews of commercial 
vehicle security and highway infrastructure security.

                                  
