[Senate Hearing 110-1183]
[From the U.S. Government Publishing Office]



                                                       S. Hrg. 110-1183

 
                OVERSIGHT OF THE TRANSPORTATION SECURITY
               ADMINISTRATION (TSA): EXAMINING THE TSA'S
              EFFORTS AND PROGRESS ON H.R. 1, IMPLEMENTING
           RECOMMENDATIONS OF THE 9/11 COMMISSION ACT OF 2007

=======================================================================

                                HEARING

                               before the

                         COMMITTEE ON COMMERCE,
                      SCIENCE, AND TRANSPORTATION
                          UNITED STATES SENATE

                       ONE HUNDRED TENTH CONGRESS

                             FIRST SESSION

                               __________

                            OCTOBER 16, 2007

                               __________

    Printed for the use of the Committee on Commerce, Science, and 
                             Transportation




                  U.S. GOVERNMENT PRINTING OFFICE
76-586                    WASHINGTON : 2012
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing Office, 
http://bookstore.gpo.gov. For more information, contact the GPO Customer Contact Center, U.S. Government Printing Office. Phone 202�09512�091800, or 866�09512�091800 (toll-free). E-mail, [email protected]  


       SENATE COMMITTEE ON COMMERCE, SCIENCE, AND TRANSPORTATION

                       ONE HUNDRED TENTH CONGRESS

                             FIRST SESSION

                   DANIEL K. INOUYE, Hawaii, Chairman
JOHN D. ROCKEFELLER IV, West         TED STEVENS, Alaska, Vice Chairman
    Virginia                         JOHN McCAIN, Arizona
JOHN F. KERRY, Massachusetts         TRENT LOTT, Mississippi
BYRON L. DORGAN, North Dakota        KAY BAILEY HUTCHISON, Texas
BARBARA BOXER, California            OLYMPIA J. SNOWE, Maine
BILL NELSON, Florida                 GORDON H. SMITH, Oregon
MARIA CANTWELL, Washington           JOHN ENSIGN, Nevada
FRANK R. LAUTENBERG, New Jersey      JOHN E. SUNUNU, New Hampshire
MARK PRYOR, Arkansas                 JIM DeMINT, South Carolina
THOMAS R. CARPER, Delaware           DAVID VITTER, Louisiana
CLAIRE McCASKILL, Missouri           JOHN THUNE, South Dakota
AMY KLOBUCHAR, Minnesota
   Margaret L. Cummisky, Democratic Staff Director and Chief Counsel
Lila Harper Helms, Democratic Deputy Staff Director and Policy Director
   Christine D. Kurth, Republican Staff Director and General Counsel
                  Paul Nagle, Republican Chief Counsel


                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on October 16, 2007.................................     1
Statement of Senator Dorgan......................................     1
Statement of Senator Klobuchar...................................    35
Statement of Senator Lautenberg..................................    40
Statement of Senator Lott........................................    48
    Prepared statement...........................................    48
Statement of Senator McCaskill...................................    32
Statement of Senator Rockefeller.................................    41
Statement of Senator Smith.......................................     2
Statement of Senator Snowe.......................................    33
Statement of Senator Stevens.....................................    43
    Prepared statement...........................................     1
Statement of Senator Thune.......................................    37

                               Witnesses

Berrick, Cathleen A., Director, Homeland Security and Justice 
  Issues, U.S. Government Accountability Office (GAO)............    13
    Prepared statement...........................................    14
Hawley, Hon. Edmund S. ``Kip'', Assistant Secretary, 
  Transportation Security Administration, U.S. Department of 
  Homeland Security..............................................     3
    Prepared statement...........................................     4

                                Appendix

Letter, dated October 26, 2007, from Marshall S. Filler, Managing 
  Director and General Counsel, Aeronautical Repair Station 
  Association to Hon. 
  Daniel K. Inouye and Hon. Ted Stevens..........................    51
Response to written questions submitted to Hon. Edmund S. ``Kip'' 
  Hawley by:
    Hon. Daniel K. Inouye........................................    53
    Hon. Frank R. Lautenberg.....................................    60
    Hon. Trent Lott..............................................    64
    Hon. Ted Stevens.............................................    60


                    OVERSIGHT OF THE TRANSPORTATION
                     SECURITY ADMINISTRATION (TSA):
                    EXAMINING THE TSA'S EFFORTS AND
                    PROGRESS ON H.R. 1, IMPLEMENTING
           RECOMMENDATIONS OF THE 9/11 COMMISSION ACT OF 2007

                              ----------                              


                       TUESDAY, OCTOBER 16, 2007

                                       U.S. Senate,
        Committee on Commerce, Science, and Transportation,
                                                    Washington, DC.
    The Committee met, pursuant to notice, at 10:09 a.m. in 
room SR-253, Russell Senate Office Building, Hon. Byron L. 
Dorgan, presiding.

          OPENING STATEMENT OF HON. BYRON L. DORGAN, 
                 U.S. SENATOR FROM NORTH DAKOTA

    Senator Dorgan. I call the hearing to order this morning. 
Senator Inouye is unable to be with us. Senator Stevens will be 
here in about 10 minutes. I'm Senator Dorgan. I'm joined by 
Senator Smith, from Oregon. We will begin the hearing.
    We very much appreciate the witnesses being present. This 
is a full committee hearing of the Senate Commerce Committee, 
an oversight hearing on the Transportation Security 
Administration, examining TSA's efforts and progress on H.R. 1, 
Implementing Recommendations of the 9/11 Commission Act of 
2007.
    We have with us today the Honorable Edmund ``Kip'' Hawley, 
Assistant Secretary for Homeland Security, and Ms. Cathleen 
Berrick, the Director of Homeland Security and Justice Issues 
in the GAO. We appreciate your attendance and your work, and we 
will proceed by asking Mr. Hawley to present testimony, and 
then we will hear from the GAO.
    Let me ask whether we have any members that wish to make 
any brief opening comments. I will put Senator Stevens' 
statement in the record. Otherwise, we'll go to the witnesses.
    [The prepared statement of Senator Stevens follows:]

    Prepared Statement of Hon. Ted Stevens, U.S. Senator from Alaska
    The 9/11 bill included a number of significant transportation 
security provisions in the surface sector modes as well as in aviation, 
which has been TSA's primary area of focus.
    Anchorage International Airport continues to be the number one 
cargo airport in the U.S. based on cargo landed weight and the third 
largest by cargo landed weight worldwide. In addition to our all cargo 
operations, the airport is also a major transfer point for passenger 
air cargo. The improved screening of passenger air cargo will provide a 
higher level of safety and security to my constituents.
    However, Alaska's economy will be severely impacted if the cargo 
screening provision in the 9/11 bill is not instituted in a manner that 
safeguards the flow of commerce.
    I encourage TSA to work diligently and quickly to attain 100 
percent screening of air cargo, within the bicameral agreed-upon 
benchmarks that were set within the 9/11 bill.
    It is essential TSA maximize the screening of cargo on commercial 
personal aircraft without causing negative repercussions on the flow of 
commerce.

    Senator Smith. I have one, Mr. Chairman.
    Senator Dorgan. Senator Smith?

              STATEMENT OF HON. GORDON H. SMITH, 
                    U.S. SENATOR FROM OREGON

    Senator Smith. I want to thank our witnesses for being 
here. It's been more than 6 years since the horrific morning of 
9/11. On that day, we all woke up to the fact that there are 
people in the world who want to do us harm. While we have made 
notable progress in the last 6 years toward securing our 
transportation systems, there is still a great deal of work, 
obviously, to be done.
    Recently, the GAO released a report detailing the progress 
of the Department of Homeland Security in implementing its 
mission and management responsibilities. The report found, 
among other things, that, in the area of aviation and surface 
transportation security, moderate progress has been made, while 
there has been substantial progress in securing the maritime 
environment. The 9/11 Commission bill, that was signed into law 
this past summer, and the SAFE Port Act, that was enacted last 
year, contained a number of mandates aimed at further 
strengthening the security of our transportation system.
    I look forward to hearing from our administrator, Assistant 
Secretary Hawley, on his plans for implementing the portions of 
the 9/11 Commission bill and the SAFE Port Act that fall to his 
agency to carry out. I also look forward to hearing his plans 
to address some of the issues raised by GAO in its progress 
report.
    So, thank you, Mr. Chairman.
    Senator Dorgan. Senator Smith, thank you very much.
    Let me just make a point on behalf of our Chairman and 
other Members as well that there's an urgency to this issue. 
Transportation security is very, very important. We know from 
our last published National Intelligence Estimate, the 
leadership of al Qaeda continues to plot additional attacks 
against our homeland. In fact, the NIE says the most 
significant threat to our country is al Qaeda and its 
leadership. They are reconstituted, they are recreating 
terrorist camps and plotting attacks against our homeland.
    It seems to me the obligation for all of us is not to try 
to figure out how to respond to attacks, but, rather, how to 
prevent attacks, and that's why there's an urgency about this 
issue of transportation security. We have passed a number of 
pieces of legislation, as my colleague, Senator Smith, 
indicated. There is, uneven progress on some of these issues. 
In some cases, the money has been spent with not as much 
progress as we would hope; in other cases, there has been some 
significant strengthening and progress in these issues of 
transportation security.
    So, your willingness to come, Secretary Hawley, and 
describe from your perspective what has happened is something 
we welcome. And, Ms. Berrick, we appreciate, as always, the 
work of the Government Accountability Office, and we are 
anxious to receive your testimony, as well.
    So, with that, Secretary Hawley, why don't you proceed. 
Your entire statement will be made a part of the permanent 
record, and you may summarize.

     STATEMENT OF HON. EDMUND S. ``KIP'' HAWLEY, ASSISTANT 
    SECRETARY, TRANSPORTATION SECURITY ADMINISTRATION, U.S. 
                DEPARTMENT OF HOMELAND SECURITY

    Mr. Hawley. Thank you, Chairman Dorgan. Good morning, 
Senator Smith, Senator McCaskill. I am pleased to be here this 
morning to talk about TSA's efforts to implement provisions 
under the new law implementing recommendations of the 9/11 
Commission Act of 2007. I'm also pleased to join Cathy Berrick, 
of the GAO, on the panel this morning.
    First, I'd like to thank this Committee for its continued 
support for TSA's mission and for your leadership in writing 
the 9/11 implementation bill. I particularly appreciate this 
Committee's detailed understanding of TSA's operational needs 
and the Committee's focus on practical solutions to complex 
problems.
    The challenges of implementing all the provisions of the 9/
11 Act are formidable, but TSA is committed to achieve the 
objectives of this Committee, the Congress, and the 9/11 
Commission. With all that we have to do, as Senator Dorgan said 
in his introductory remarks, we must keep our focus on the 
highest-priority items, priorities informed and driven by the 
current threat information.
    Since last June, we have witnessed disrupted attacks in 
London, Denmark, and Germany, as well as a completed attack on 
Glasgow's airport in Scotland. There is no reason to think that 
we are exempt from that kind of attack planning. The National 
Intelligence Estimate, as Senator Dorgan mentioned, indicates 
that, over the next 3 years, the threat will continue, with 
terrorists attempting transportation sector attacks on a grand 
scale. We know their focus is on using items easily available 
in grocery- and hardware-store shelves. That means we cannot 
rely on a checklist mentality, searching bags for a static list 
of specific prohibited objects or becoming stuck in a 
predictable, and therefore vulnerable, routine. We must use 
security measures that are unpredictable, agile, and adaptable, 
that put us one step ahead of evolving threats.
    As I've said in previous meetings with this committee, TSA 
has added layers of security and additional technology to our 
airport operations. We have continued to provide more training 
and real-threat testing to our front-line officers. Federal air 
marshals move invisibly to protect Americans wherever they fly 
around the globe. And VIPR teams deploy every week, including 
this one, somewhere in the United States, to support State and 
local security efforts everywhere in transportation. That is 
our focus every day. It is on that base of daily operations 
that we address the new requirements from the 9/11 legislation.
    In prior hearings, we've discussed TWIC and Secure Flight. 
We have discussed the challenges and opportunities of both 
programs. After a great deal of work to strengthen the 
foundations and build privacy protections into both programs, I 
am pleased to report that TWIC and Secure Flight are back on 
track and moving forward.
    When I appeared before this committee in April, I said the 
TWIC card was on its way. Today, TWIC is up and running. Over 
the next 5 years, approximately a million individuals will use 
a TWIC card, interoperable at 3,200 facilities and 10,000 
vessels. Enrollments for TWIC are underway, as we speak, in 
Delaware this morning. Already, we've had more than 1,000 pre-
enrollments online, and the pace will accelerate across the 
ports through the end of calendar year 2007 and continue at 
full speed through 2008.
    When I spoke to you last January, we had a very direct 
conversation about Secure Flight. I promised that we would 
complete the rebaselining of the program, build in privacy 
protections, and publish the rule. We have done those things, 
and we are ready to go.
    The rule for Secure Flight has been published, and, after a 
public hearing in September that was available live on the 
Internet, the comment period is open now. It closes next week, 
and we expect to get the final rule out in spring of 2008.
    Should the Congress choose to fully fund the program in 
Fiscal Year 2008, we can begin testing in 2008.
    I am mindful that, despite the progress that TSA has made 
across the board, that there is still much to do, and I look 
forward to our work together to further strengthen security 
throughout our transportation network. Thank you for the 
opportunity to appear. I would be happy to answer questions.
    Thank you.
    [The prepared statement of Mr. Hawley follows:]

    Prepared Statement of Hon. Edmund S. ``Kip'' Hawley, Assistant 
 Secretary, Transportation Security Administration, U.S. Department of 
                               Homeland 
                                Security

    Good morning, Chairman Inouye, Vice Chairman Stevens, and 
distinguished Members of the Committee. I am pleased to speak with you 
this morning to discuss the state of transportation security and the 
Transportation Security Administration's (TSA) efforts to begin 
implementation of the important bill that you just passed--the 
Implementing Recommendations of the 9/11 Commission Act of 2007, Pub. 
L. 110-53, (9/11 Act).
    First, I would like to thank this Committee for the continued 
support you have given TSA since its inception and to the Committee 
staff for its professionalism and the hard work and cooperative spirit 
they displayed in working with the Department of Homeland Security 
(Department) and TSA to finalize the provisions of the 9/11 Act.
    TSA appreciates that the 9/11 Act includes many provisions which we 
sought as tools to provide better transportation security to the United 
States. In particular, we are pleased that based on this Committee's 
leadership, the 9/11 Act gives us the flexibility to craft a robust air 
cargo security system that will provide security and an unimpeded flow 
of commerce. We also appreciate that the 9/11 Act recognizes and 
supports the expansive training that we are providing to our 
Transportation Security Officer (TSO) workforce to move our security 
outward from the static checkpoint. We very much needed authority to 
establish an administrative process for civil enforcement of surface 
transportation regulations and orders and you gave us that authority. 
Additionally, you emphatically recognized the importance of our 
integrated Visible Intermodal Prevention and Response teams (VIPR), 
which provide a mobile surge of TSA resources in all modes of 
transportation.
    It is also important to understand the challenge that the 9/11 Act 
places on TSA and our resources. Fully half of the many tasks required 
of the Department by the 9/11 Act fall on TSA's shoulders. They affect 
all aspects of transportation security, including strategic planning, 
aviation security, rail security, security of public transit 
facilities, pipelines, over-the-road buses, and trucking security. TSA 
has a big task in continuing the implementation of the 9/11 Act and in 
working with the many stakeholders in the transportation sector to 
assure the level of security that Congress and the 9/11 Commission 
envisioned. TSA will now need to integrate the many mandates in the 9/
11 Act into our current priorities and resources to enable key 
initiatives to progress without delay while not losing focus on our 
threat-based operations.
    The current restriction on funding presents an immediate challenge 
for TSA's efforts to implement certain requirements of the 9/11 Act. As 
you know, we are operating under a Continuing Resolution (CR). The CR 
presents additional financial challenges to TSA as we are limited in 
our spending to a prescribed formula based on our Fiscal Year (FY) 2007 
appropriations, and we are prohibited from initiating new programs or 
projects that were not funded in Fiscal Year (FY) 2007. Placed in the 
context of implementing the 9/11 Act, this situation creates 
particularly difficult challenges.
    Additionally, many of the rulemaking requirements mandated in the 
9/11 Act do not adequately recognize the obligations that TSA must give 
the many stakeholders affected by proposed regulations and the general 
public an opportunity to be heard throughout the development process. 
These requirements are time consuming but are time well spent to assure 
that our regulations achieve their objective in a way that is 
transparent to stakeholders and the public and does not adversely 
affect travel and commerce.
    TSA is actively working to implement the 9/11 Act and we are 
assessing what resources are needed to continue the implementation. We 
are working with our partners in the Department and other Federal 
agencies toward those goals that require close cooperation to implement 
inter-Departmental and inter-agency requirements.

Ongoing Threat
    Before I discuss in greater detail the current and future efforts 
of TSA to secure our Nation's transportation systems and fulfill the 
requirements of the 9/11 Act, I believe it is important for me to 
explain the context in which TSA operates and the direction TSA is 
going to anticipate threats to transportation.
    The effort to ensure the security of the transportation system 
remains as important now as it ever has been in the past 6 years. The 
National Intelligence Estimate on threats to the U.S. Homeland issued 
in July 2007 confirmed publicly that the terrorist threat is real. This 
threat is persistent and evolving. Terrorists maintain an undiminished 
intent to attack the Homeland and show a continued effort to adapt and 
improve their capabilities. They are innovative in overcoming security 
obstacles. They are training to use improvised explosive devices (IED). 
Terror groups continue to focus on prominent infrastructure targets 
with the goal of producing mass casualties. We know they are working to 
defeat us, and we must remain vigilant.

Keeping Ahead of Terrorists
    TSA's security strategy is based on flexible, mobile, and 
unpredictable methods. To counter the evolving threat and adaptive 
capabilities of terrorists, we are staying ahead by rethinking the 
entire screening process and changing the legacy systems that 
originated in the 1970s. We are going on the offense to address current 
threats. We are being proactive in an effort to stay ahead of the 
threats. We, therefore, rely heavily upon intelligence.
    Intelligence and information sharing are at the core of our overall 
transportation security strategy. Building on the efforts of our 
partners in the Intelligence Community (IC), we use intelligence and 
analysis to prioritize our security activities. We begin each day with 
briefings on the latest intelligence from the IC, and that information 
drives our decisionmaking process both operationally and strategically. 
In addition, we share intelligence as appropriate with our front-line 
employees and stakeholders, enabling them to make informed security 
decisions.
    Sharing intelligence information with our stakeholders in surface 
transportation is especially important as they are primarily 
responsible for providing the direct staff and resources to secure 
their respective transportation systems. Providing intelligence to 
these stakeholders enables us to partner with them through our security 
grant programs to apply resources in the most effective way possible.
    We recognize that we cannot protect every person or all property 
against every possible threat to the system. Given the nature of the 
threats to aviation, we must manage risk consistent with what we 
understand of the threats, vulnerabilities, and consequences. We will 
prioritize our resources to protect against the high-threat, high-
consequence events.

Aviation Security
    The discussion of aviation security almost always starts at the 
familiar TSA security checkpoint. For the two million travelers a day 
who fly, that is TSA to them. However, TSA looks at the checkpoint as 
but a piece--an important piece--of a much larger picture. Therefore, 
before discussing checkpoint issues, I would like to point out that TSA 
looks at the entire transportation network in evaluating risk, 
including threat information. A large part of TSA's work involves 
working closely on a daily basis with the intelligence and law 
enforcement communities and our global partners to try to stay ahead of 
the current threat.
    We have to be strong at the checkpoint, but also many other 
places--including the back, front, and sides of the airport. Risk-based 
security means that we take the whole picture into account and 
implement selective and unpredictable security measures. We must first 
deny the terrorist a stationary target where a planner can take the 
time to map an attack with high odds of success. Nothing can be 
uncovered, but likewise, we cannot fool ourselves into thinking that 
fixed, robust security is impenetrable. Our security needs to play 
offense, not just defense.
    TSA is focusing beyond the physical checkpoint--to push our borders 
out, so to speak--to look more at people and to identify those with 
hostile intent or those conducting surveillance even if they are not 
carrying a prohibited item. By spreading our layers of security 
throughout the airport environment and elsewhere, we have multiple 
opportunities to detect terrorists and leverage the capabilities of our 
workforce, our partners, and our technology.

Travel Document Checking
    We are placing specially trained TSOs at the front of the 
checkpoint to review travel documents to find fraudulent identification 
(IDs) and also to look at behavior. The 9/11 Commission recognized that 
travel documents are akin to weapons for terrorists. We will make it 
harder for dangerous people to use fraudulent documents and IDs by 
raising the standard of inspection and providing additional equipment 
for our TSOs to perform this function. We ask this Committee to fully 
support the President's budget for this program so that TSA can make a 
seamless transition from the airlines and continue the program with as 
little disruption as possible to the flow of passenger screening.

Behavior Observation
    We continue to expand the Screening Passengers by Observation 
Techniques (SPOT) program, which utilizes non-intrusive behavior 
observation and analysis techniques to identify potentially high-risk 
passengers. Individuals exhibiting specific observable behaviors may be 
referred for additional screening at the checkpoint that may include 
handwanding, pat down, or physical inspection of their carry-on 
baggage. SPOT adds an element of unpredictability to the security 
screening process that is easy for passengers to navigate but difficult 
for terrorists to manipulate. It serves as an important additional 
layer of security in the airport environment, requires no additional 
specialized screening equipment, can easily be deployed to other modes 
of transportation, and presents yet one more challenge for terrorists 
attempting to defeat our security system. The SPOT program has already 
added great value to our overall security system. For example, a 
Behavior Detection Officer recently identified an individual at a 
ticket counter carrying a loaded gun and more than 30 rounds of 
ammunition.

Aviation Direct Access Screening Program
    We continue to expand the Aviation Direct Access Screening 
Program--deploying TSOs and Transportation Security Inspectors (TSIs) 
to locations throughout airports to screen airport employees, their 
accessible property, and vehicles entering a direct access point to 
secured areas of airports. The random screening at unexpected locations 
is a valuable measure to increase the protection on the ``back side'' 
of airports.
    This random and unpredictable screening allows airport workers to 
perform their duties with minimal interruptions and keeps the aviation 
industry operating. TSA's approach is both practical and effective. 
Requiring 100 percent screening of all airport workers, even in a pilot 
program, is contrary to this philosophy; it unnecessarily diverts 
resources from higher risk operations without providing the 
improvements in security that we need. We would like to continue to 
work with the Committee to craft a pilot program that will test varying 
methods of improving an airport worker screening program that will 
offer better security.
    This strategy of active, nimble, flexible security depends on the 
quality of the people involved. TSA has had a major focus on improving 
security by improving the capabilities of its people. Better recruiting 
and hiring, better training, better incentive systems, career 
progression opportunity, more involvement in decisions effecting the 
workforce, and more recognition of the critical role played by our 
people--these efforts all have a positive effect on the security result 
TSA delivers. The success of all these programs in increasing the 
layers of security would not be possible without the incredible effort, 
professionalism, and dedication shown by TSA's workforce. Our highly 
trained and highly motivated workforce--TSOs, TSIs, Federal Air 
Marshals (FAMs), and other professionals--have proven to be a nimble, 
adaptable workforce that can quickly adjust to counter an emerging 
terrorist threat. In August of 2006, TSOs employed new standard 
operating procedures within hours to deal with the threat identified as 
part of the United Kingdom (UK) plot to blow up commercial aircraft 
with liquid explosives. TSA has rapidly deployed FAMs to international 
destinations to support its mission coverage based on new threats. We 
are constantly reviewing and adjusting our procedures and strategies to 
ensure our personnel are ahead of the next threat. TSA's workforce has 
met every challenge in the past 5 years and I am confident they will 
continue to do so.

Workforce Safety
    Maintaining a healthy, able-bodied workforce is also critical to 
TSA's mission. We improved workplace safety through a series of 
aggressive initiatives, including nurse case managers, Optimization and 
Safety Teams, automated injury claims filing process, involvement of 
the National Advisory Council in planning and implementing the Safety 
Week Campaign and other aspects of the Safety Program, deployment of 
contract safety specialists to support TSA field operations, and speedy 
investigations to correct safety problems. Through these programs, TSA 
has reduced the rate for employees losing time from duty due to injury 
by almost half from 11.56 per 100 employees in FY 2005 to 6.75 for the 
3rd quarter of FY 2007.

New Technology
    We are also adding significant new technology. A lesson from 9/11 
is that we must be proactive--we must anticipate threats that continue 
to grow in sophistication and complexity. This effort includes 
leveraging the skills of our TSOs with new technology. This next 
generation of technology will assist our TSOs in separating friend from 
foe, increasing efficiency, and helping minimize the impact to 
travelers and businesses:

   Advanced Technology (AT) X-ray. We will begin deploying AT 
        X-ray equipment for carry-on baggage. It provides TSOs with a 
        better capability to identify and detect threats through 
        improved imagery and analysis tools.

   Checkpoint Automated Carry-On Explosives Detection Systems 
        (Auto-EDS). We are exploring Auto-EDS for inspecting carry-on 
        items. Auto-EDS may provide additional detection and automation 
        opportunities.

   Whole Body Imagers. We are pilot testing whole body imagers, 
        such as the backscatter and millimeter wave technologies, to 
        quickly and safely screen passengers for prohibited items 
        without the need for physical contact on a voluntary basis.

   Cast and Prosthesis Scanner. We are testing new cast and 
        prosthesis scanners to provide a safe, dignified, and non-
        invasive way to identify potential threats and clear passengers 
        wearing casts, braces, and prosthetic devices.

   Bottled Liquids Scanners. We have begun deploying liquids 
        scanning devices at checkpoints, and are now using a hand-held 
        liquids scanner for non-checkpoint screening locations.

   New Explosives Detection Systems. We are evaluating several 
        new products that will greatly increase the speed of handling 
        and screening checked baggage, particularly when integrated 
        into an airport's baggage handling system, while reducing the 
        size of the footprint of the baggage screening location.

Improving Security By Improving the Security Experience
    Despite the critical need for enhanced security measures, such as 
the requirement to remove all shoes and the restrictions on liquids, 
gels, and aerosols, we know we need to improve the checkpoint screening 
process so it is less stressful for the traveling public.
    Working with our stakeholders, we are pursuing programs and 
processes that improve the security screening process. We are moving 
from the legacy approach of simply looking for weapons to a more fluid 
process focused on the goals of: (1) improving detection of explosives; 
and (2) developing the capability to evaluate travel documents as well 
as detect hostile intent or possible surveillance.

Looking Ahead in Aviation Security
Screening of Air Cargo
    As you know, the 9/11 Act requires the establishment of a system 
for industry to screen 100 percent of cargo transported on passenger 
aircraft within 3 years. As we proceed toward enabling industry to meet 
the cargo screening requirements, TSA will stress effective security 
management of the air cargo supply chain. This process will require 
substantial collaboration with stakeholders, specifically, U.S.-based 
shippers, freight forwarders, and passenger air carriers. This 
Committee was a leader in including key language in the bill that 
authorizes TSA to develop and implement a program that will enable 
shippers to screen cargo early in the supply chain using currently 
approved screening methods and meeting additional stringent facility 
and personnel security standards. This is a critical element in 
enabling the improved security for air cargo on passenger aircraft that 
Congress requires. I am grateful to the Committee for its recognition 
that better screening occurs when shipments are screened and secured at 
various points along the supply chain. Waiting until the freight is 
dropped at the airport, often in large pallets, to begin screening 
would result in less effective screening as well as defeat the whole 
purpose of the air cargo system that strives to provide expeditious 
delivery of goods from origin to destination. We are working closely 
with all stakeholders within the air cargo supply chain and our initial 
feedback has been very positive. The stakeholders clearly recognize the 
need to achieve our country's heightened security requirements while 
continuing the free flow of commerce upon which our economy relies. TSA 
will build upon our established programs: air cargo security 
regulations; Security Directives; the Known Shipper Management System; 
and increased use of TSA-certified explosives detection canine teams 
and Transportation Security Inspectors for Cargo.
    In addition, the $80 million dollars appropriated to TSA this year 
for air cargo security as part of the FY2007 Emergency Supplemental 
Appropriations Act (Pub. L. 110-28) will contribute to our increased 
efforts through the hiring of at least 150 additional cargo inspectors 
and expansion of the National Explosives Detection Canine Program by no 
fewer than 170 teams.

Secure Flight
    TSA has taken a significant step toward implementing the 
recommendation of the 9/11 Commission and the requirement of the 
Intelligence Reform and Terrorism Prevention Act of 2004 to enhance the 
vetting of aviation passengers against terrorist watch lists. On August 
23, 2007, TSA published a Notice of Proposed Rulemaking (NPRM) 
proposing implementation of the Secure Flight program. Secure Flight, 
if implemented as proposed, will bring the process of comparing 
passenger names against the watch list, now performed by aircraft 
operators, into the government, and will align domestic and 
international passenger pre-screening. By establishing a more 
consistent and effective watch list matching process, TSA will 
strengthen a key layer of security and enhance its ability to stop 
terrorists before they get to the passenger screening checkpoint. The 
program is designed to better focus enhanced passenger screening 
efforts on individuals likely to pose a threat to civil aviation, and 
to facilitate the secure and efficient travel of the vast majority of 
the traveling public by distinguishing them from individuals on the 
watch list.
    We have taken the time to build the Secure Flight program right, 
and we believe that the NPRM and associated Privacy Act System of 
Records Notice and Privacy Impact Assessment demonstrate that TSA has 
built a program with the operational requirements necessary to enhance 
aviation security while protecting the privacy and civil liberties of 
the traveling public. The Traveler Redress Inquiry Program (DHS TRIP) 
is available for passengers who feel they have been improperly delayed 
or prohibited from boarding an aircraft.
    Over the next few months, TSA intends to begin a testing period 
using data from aircraft operators that volunteer to participate. 
During testing, air carriers will continue conducting watch list checks 
for domestic flights, and TSA will compare the results of its watch 
list matching with air carrier results to ensure the validity of the 
Secure Flight system.
    It is therefore extremely critical that Congress provide the 
necessary funding for Secure Flight requested by the President in the 
FY 2008 budget. Without the necessary funding, the program will have to 
scale back benchmark testing with airlines, Secure Flight system to 
airline system testing, parallel operations with airlines, and the 
stand up of the Secure Flight Service Center or Secure Flight 
Operations Center. In short, the program would have a system with no 
ability to connect, communicate, or test with airlines for the purposes 
of implementation. Important contract awards would be postponed. From a 
schedule perspective, rollout of the Secure Flight program would be 
severely delayed. An immediate concern is the significant budget 
constraint imposed on the Secure Flight program due to the enactment of 
the current CR. The restrictions on funding under the CR will inhibit 
TSA's ability to implement this critical program to improve aviation 
security and fulfill a key recommendation of the 9/11 Commission. Now 
that we have demonstrated major progress on the Secure Flight program 
through the issuance of the NPRM and associated privacy documents, we 
need your support to fund this vital program.

General Aviation
    TSA is working closely with the general aviation (GA) community to 
develop reasonable, feasible, and effective security for GA operations 
while ensuring that these measures support continued operations and 
increased growth of the industry.
    TSA is also working with aircraft operators and Fixed Base 
Operators directly to develop voluntary programs of verifying the 
identification of passengers on board aircraft and maintaining facility 
security in and around GA aircraft.
    TSA is working closely with our interagency partners to improve GA 
security. The U.S. Customs and Border Protection (CBP) recently issued 
a NPRM that will require GA operators to submit comprehensive manifest 
data about passengers, crew, and flight information electronically to 
CBP, as part of its Electronic Advance Passenger Information System (e-
APIS), at least 60 minutes before the aircraft departs for the United 
States.
    Currently, we only receive very basic information from GA aircraft 
coming into the United States, such as who is and is not a U.S. 
citizen. That is not enough. Having this information an hour before 
departure will give CBP inspectors more time to fully pre-screen 
travelers and crews and take necessary actions to resolve threats.

Surface Transportation Security
    As the security framework for transportation continues to grow, TSA 
is moving to apply many of the same tools to protect all modes of 
transportation. TSA is building information sharing networks in surface 
transportation. We work closely with stakeholders in these industries, 
putting an emphasis on sharing intelligence, capacity, and technology 
with that of other law enforcement, intelligence or other agencies at 
every level of government.
    When I appeared before this Committee in January, I explained TSA's 
comprehensive strategy that we are applying across all transportation 
networks, regardless of mode. Today, I want to focus on the last two 
elements of our strategy: closing gaps; and developing enhanced 
security systems.

Program Improvements
    Freight Rail. Secretary Chertoff established the priority goal of 
achieving a 50 percent drop in the objectively measured risk posed by 
rail cars carrying toxic inhalation hazards (TIH) by the end of 2008. 
To achieve this goal, TSA is implementing a multi-layered security 
strategy which includes regulatory development, cooperative agreements, 
and comprehensive risk-based programs.
    On December 21, 2006, TSA published a proposed rule (NPRM) to 
strengthen the security of the Nation's freight rail systems in high 
threat urban areas (HTUA). The NPRM addressed shippers, carriers, and 
receivers of TIHs and other security-sensitive materials by rail. 
Proposed requirements include railcar location reporting within a 
specific time period and the establishment of a secure chain of custody 
in and through HTUAs. TSA also proposed requirements for designating 
rail security coordinators and suspicious incident reporting by rail 
mass transit, passenger rail, and all freight rail carriers. We intend 
to publish this final rule by the end of the year.
    Prior to publishing the NPRM, TSA separately reached an agreement 
with the rail carrier industry to reduce the standstill time of 
unattended TIH cars in HTUAs beginning in early 2007. To support this 
effort, TSA is developing a comprehensive database to identify highest 
priority risk reduction opportunities. Additionally, working in 
conjunction with TSA, the Nation's rail carriers are developing site-
specific security plans focused on reducing the risk of TIH cars in 
HTUAs.
    In addition to reducing the risks to TIH in freight rail 
transportation, TSA is working with rail carriers to raise the baseline 
in security training. TSA is developing a training video that addresses 
inspection of TIH rail cars, emphasizing the recognition of IEDs, as 
well as general security awareness for rail employees. The video will 
be available by the end of the year.
    Passenger Transit Programs and Grants. TSA, in partnership with the 
Federal Emergency Management Agency and the Federal Transit 
Administration, leverages the Transit Security Grant Program funds to 
focus on reducing risk and increasing security capabilities in State 
and local transit systems with the most risk. We are continuing 
research to expand our understanding of the vulnerabilities and the 
consequences of terrorist attacks on our critical infrastructure, 
applying the results as they are developed in immediate and phased 
mitigation strategies. We have partnered with the National Laboratories 
and affected passenger transit systems to complete assessments of the 
Nation's 29 underwater transit tunnels and produce priorities for risk 
mitigation. From the information gained, TSA developed action items 
intended to elevate security, harden targets, and mitigate risk using 
available resources and investment of grant funds.
    A recent change to the Transit Security Grant Program supports the 
ability of high-risk systems to field dedicated anti-terrorism teams 
through cooperative funding of operational packages. This initiative 
provides funding for the training and operations of teams specifically 
deployed to engage in visible and covert activities to detect, disrupt, 
and deter terrorist activities.
    TSA trains and certifies explosives detection canine teams to 
provide a mobile and flexible deterrence and detection capability to 
passenger transit systems. Since late 2005, TSA's National Explosive 
Detection Canine Team Program has partnered with passenger transit 
systems to deploy some 60 explosives detection canine teams to 14 major 
transit systems using a risk-based application of resources. More than 
50 of these teams are currently in place, with the remaining force 
projected for training, certification, and deployment in the coming 
months.
    The Department has awarded roughly $18 billion to State and local 
governments for programs and equipment that help to manage risk. In 
passenger transit, the Transit Security Grant Program, which funded 
$275 million in FY 2007, is the centerpiece of the Department's 
interagency strategy to close gaps in operator security status and 
baseline standards. The Department allocates those grants to enhance 
capabilities in areas of weakness identified in the system security 
assessments under the BASE program, with particular emphasis on 
elevating security posture in six fundamental areas underpinning the 
broader transit security strategy. These priority areas are protection 
of underwater and underground infrastructure; protection of other high 
consequence systems and assets; expanded random, unpredictable security 
activities for deterrent and disruptive effect against terrorist 
planning and reconnaissance; security training of frontline employees; 
drills and exercises; and public outreach and awareness. Cooperative 
efforts through the Regional Transit Security Working Groups in higher 
risk areas secure agreement on risk-based priorities and security 
enhancement solutions advanced by targeted application of grant funds. 
Amtrak participates in these regional meetings. Additionally, TSA 
engages directly with Amtrak to reach agreement on risk-based 
priorities and the most effective use of grant funds for risk 
mitigation and security enhancement.
    An area security assessment indicated a need for a more focused 
effort on security training for transit agency employees. Although an 
extensive Federal security training program has been implemented since 
9/11--including 17 security courses, more than 500 course 
presentations, and more than 78,000 transit employees trained--the 
assessment results indicate wide variations in the quality of transit 
agencies' security training programs and an inadequate level of 
refresher or follow-on training. Well-trained employees are a security 
force multiplier for security efforts implemented by transit agencies. 
To close the gap identified in the assessments, TSA produced a Mass 
Transit Security Training Program that assists agencies in developing 
and implementing more consistent training programs. The program aligns 
substantive training areas with specific types of employees, which in 
turn guides the development and execution of training programs. To 
support actual delivery of training courses, the Transit Security Grant 
Program offers a streamlined application process to fund the 
instruction and overtime costs incurred by substitutions for employees 
in training. This initiative significantly expands the volume and 
quality of training for transit employees during 2007. TSA anticipates 
maintaining this commitment in future years, as resources allow.
    The collective effort in passenger transit security aims to build 
security force multipliers in the rail and bus systems--the 
capabilities of law enforcement and frontline employees and the 
awareness of the traveling public--and to maximize regional 
collaboration for the employment of the full range of available 
resources in random, unpredictable applications for a deterrent effect.
    Highway. TSA is working on a number of strategies to close gaps in 
performance. We are currently considering a number of voluntary 
incentive programs and regulatory options. Prior to the enactment of 
the 9/11 Act, TSA was developing many programs and initiatives in 
collaboration with industry within the context of implementing the 
National Infrastructure Protection Plan, Transportation Systems Sector-
Specific Plan (TSSP), Highway and Motor Carrier Modal Annex.
    These programs and initiatives include the following:

        Training: The School Transportation Security Awareness Program, 
        Hazardous Materials (HAZMAT) Motor Carrier Security Self-
        Assessment Program, Federal Law Enforcement Training Center 
        (FLETC) training course for commercial motor vehicle (CMV) 
        enforcement officers and security specialists, and Operation 
        Secure Transport Training Program for the over-the-road bus 
        industry were developed.

        Standards/Guidelines: Security Standards are currently being 
        developed in collaboration with industry for the HAZMAT Motor 
        Carrier industry, the School Transportation Industry, the over-
        the-road bus industry, and the Highway Infrastructure sector.

        Information Sharing: The Highway and Motor Carrier sector 
        Government Coordinating Council (GCC) and Sector Coordinating 
        Council (SCC) have been developed and are actively meeting on a 
        regular basis. In addition, the Homeland Security Information 
        Network Highway portal, TSA Highway & Motor Carrier (HMC) 
        Webpage, internal TSA Highway and Motor monthly newsletter for 
        field personnel, and inclusion of security notes in industry 
        trade periodicals have been developed. The Highway and Motor 
        Carrier Industry Information and Analysis Center and Highway 
        Watch programs are active and continually processing reports 
        from highway operators and sharing information between industry 
        and TSA.

        Domain Awareness: Corporate Security Reviews (CSRs) are 
        conducted with organizations engaged in transportation by motor 
        vehicle, as well as those that maintain or operate key physical 
        assets within the highway transportation community, with a 
        current focus on the transportation of HAZMAT transported by 
        motor carriers. TSA is developing a pilot project for testing 
        the feasibility of tracking trucks carrying HAZMAT. This 
        practice will allow not only the continual tracking of truck 
        locations, but also hazardous load types in all 50 states. The 
        pilot includes the development of a set of protocols capable of 
        interfacing with existing truck tracking systems, State and 
        local government intelligence operations centers, and Federal 
        law enforcement agencies, as well as first responders. The 
        Integrated Intermodal Information System-Domestic Feasibility 
        Study focused on the transportation of Extremely Hazardous 
        Materials throughout the domestic transportation system.

        Plans and Exercises: The Highway and Motor Carrier GCC 
        collaborated with the HMC SCC to create the Highway 
        Infrastructure and Motor Carrier Modal Annex to the 
        Transportation System Sector-Specific Plan. This document 
        describes how the goals and objectives of the transportation 
        sector will be achieved to protect the highway transportation 
        system.

        Risk Management and Grants: The Highway Watch Program is a TSA 
        grant initiative that is administered by the American Trucking 
        Associations with an enrollment of nearly 500,000 driving 
        professionals to observe, assess, and report incidents to the 
        appropriate authorities that are potential terrorist 
        activities, accidents, disabled vehicles, hazardous road 
        conditions, or other highway incidents. In January 2006, TSA 
        initiated a CSR pilot program with the State of Missouri 
        Department of Transportation Motor Carriers Services Division 
        (MoDOT). 44 MoDOT officers were trained to conduct over 2,700 
        CSRs during their safety audits on trucking companies and their 
        equipment within Missouri. The HAZMAT Motor Carrier Security 
        Self-Assessment Training program focuses on transportation 
        security regulations and specific terrorist and criminal 
        threats to the HAZMAT motor carrier industry. It conducts 
        security assessments, produces security action items, and 
        reports procedures for security related incidents. The HMC 
        office is supporting the Intercity Bus Security Grant Program 
        in assessing which over-the-road motorcoaches qualify for 
        grants and how the grant funding can be used to enhance 
        motorcoach security. Additionally, in partnership with the 
        motorcoach industry, we developed training entitled ``Operation 
        Secure Transport'', which is specifically geared toward 
        passenger motor carrier operators.

    Pipeline. TSA initiated a number of programs to assist pipeline 
companies in their efforts to secure these vital systems. For example, 
through the CSR Program, we compiled the best security practices 
observed throughout the industry and established that pipeline 
companies adopt a minimum of 70 percent of TSA pipeline security 
guidelines.
    TSA partnered with our counterparts in Natural Resources Canada 
(NRCan) to hold an International Pipeline Security Forum. This event 
provided an opportunity for pipeline companies, industry associations, 
and government representatives to exchange security information and 
best practices. We continue to work with NRCan on cross border pipeline 
assessments in accordance with the Security and Prosperity Partnership 
agreement.
    Identifying a shortfall in security awareness training through the 
CSR results, TSA developed a compact disc-based training program. Over 
300 U.S. pipeline companies, representing approximately 61,000 industry 
employees, have requested the CD and accompanying brochure.

Enhanced Systems of Security
    The final part of our strategy is to enhance the systems of 
security. As we take actions to close gaps, we also need to improve 
security technology and practices that apply to multiple modes of 
transportation.
    Over this past summer we began to more broadly deploy VIPR teams in 
aviation and surface transportation facilities. Comprised of TSOs, 
TSIs, and FAMs, VIPR teams collaborate with local law enforcement 
agencies to intensify the visible presence of security personnel at 
various points throughout the transportation system. More than 100 VIPR 
deployments have been conducted at key commuter and regional passenger 
rail facilities, Amtrak stations, ferries, and airports. VIPR teams 
have proven that TSA and our stakeholders can greatly improve security 
by altering and enhancing security measures at transportation 
facilities.
    The Department is developing a number of screening techniques and 
technologies which may be implemented or deployed quickly to systems 
facing a specific threat, or in support of major events such as 
National Special Security Events. Pilot programs to test these 
technologies are already underway in several major American cities.
    Mitigation of risk to underwater and underground infrastructure is 
a top priority of the joint Department Science and Technology 
Directorate and TSA research and development effort. Collaborative 
efforts with particular systems as operational test beds advance 
development of anomaly detection and explosives trace detection; smart 
video surveillance; and integrated prevention and response actions by 
security and law enforcement personnel. As one example, through the 
Rail Security Pilot, the Department field tested the effectiveness of 
explosives detection techniques and imaging technologies in partnership 
with the Port Authority of New York and New Jersey.
    Finally, we maintain mobile security equipment, which can fit into 
two standard size shipping containers, for rapid deployment for use in 
screening and detection at any major system in the country, should the 
need arise.
    In addition to technologies that may apply primarily to passenger 
modes, TSA is working closely with a number of parties to develop 
advanced railcar tracking systems with geofenced event-notification 
capabilities. TSA is also cooperating in efforts to develop next 
generation hazardous materials rail cars designed to better withstand 
terrorist attacks and operating accidents.
    TSA is working with selected hazardous material carriers to test 
truck tracking and control technologies. We are also in the early 
stages of security technology applications to the pipeline industry. 
Two specific areas TSA is involved in are blast mitigation and unmanned 
aerial surveillance vehicles.
    In addition to our progress toward implementing the requirements of 
the 9/11 Act, I am pleased to report to this Committee the success of 
another milestone for TSA and the Department. Today, port workers, 
longshoremen, truckers, and others at the port of Wilmington, Delaware 
became the first workers in the Nation to begin enrollment in the DHS 
Transportation Worker Identification Credential (TWIC) program. This 
program will ensure that any individual with unescorted access to 
secure areas of port facilities and vessels received a thorough 
background check and is not a security threat. TWIC will be one of the 
world's most advanced, interoperable biometric credentialing programs 
and is powered by state-of-the-art technologies. I would like to thank 
our partners, the U.S. Coast Guard, and maritime stakeholders for their 
valuable input, for making the launching of the TWIC program a reality.
Conclusion
    Although the threats and challenges to the security of 
transportation systems are numerous, so are the solutions and efforts 
of TSA to continue to successfully carry out our mission. We will 
continue to use our personnel, information, and technology in 
innovative ways to stay ahead of the evolving threats and facilitate 
passenger travel and the flow of commerce.
    Chairman Inouye, Vice Chairman Stevens, thank you again for the 
opportunity to testify today. I am happy to respond to the Committee's 
questions.

    Senator Dorgan. We're going to ask Ms. Berrick to present 
her testimony from the Government Accountability Office, at 
which point we will be able to ask questions of both witnesses.
    Ms. Berrick, thank you very much for being here, and you 
may proceed.

          STATEMENT OF CATHLEEN A. BERRICK, DIRECTOR,

             HOMELAND SECURITY AND JUSTICE ISSUES,

          U.S. GOVERNMENT ACCOUNTABILITY OFFICE (GAO)

    Ms. Berrick. Thank you, Senator Dorgan, Vice Chairman 
Stevens, and Members of the Committee, for inviting me here to 
discuss GAO's work assessing TSA's progress in securing the 
transportation network.
    In August 2007, shortly after the Department of Homeland 
Security's 4-year anniversary, we reported on DHS's progress in 
satisfying its key mission and management functions, including 
securing aviation and surface modes of transportation. We based 
our assessment on over 400 reports and testimonies we've 
completed, assessing DHS's operations, and, by determining 
whether DHS generally achieved or generally did not achieve key 
performance expectations set out for them by Congress, the 
Administration, and the Department itself.
    Overall, we reported that TSA has made moderate progress in 
securing transportation systems. With respect to commercial 
aviation, we found that TSA generally achieved about 70 percent 
of the 24 performance expectations established for them. For 
example, TSA has made significant progress in hiring, 
deploying, training, and measuring the performance of its 
aviation security workforce. These efforts include the 
development of robust training programs for TSO's, including 
enhanced explosives detection training and standards for 
determining appropriate TSO staffing levels at airports. TSA 
also made significant progress in balancing security and 
efficiency in its checkpoint screening procedures and in 
deploying checked baggage screening equipment. However, we 
found that DHS and TSA have made less progress in securing 
airport perimeters and access to restricted areas, deploying 
technologies to detect explosives at checkpoints and to screen 
air cargo, and fielding a system to prescreen airline 
passengers against terrorist watch lists for domestic flights, 
although progress is being made in all of these areas.
    One of the most critical areas in which limited progress 
has been made is in the deployment of technologies at airport 
checkpoints to detect explosives on passengers and in their 
carry-on bags. Although DHS is developing and testing these 
technologies today, the Department reported that the extensive 
deployment of new technologies at the checkpoint will not be 
realized for another 2 years.
    Regarding the security of surface modes of transportation, 
we reported that TSA generally achieved about 60 percent of the 
performance expectations established for them, or three of five 
expectations, but their efforts, especially related to 
commercial vehicles and highway infrastructure, are still 
relatively in the early stages.
    In terms of progress, DHS and TSA have developed an 
approach for securing surface transportation modes through a 
strategy, have conducted risk assessments of related assets, 
and they have administered grant programs; however, TSA has not 
determined whether it will issue standards for securing all 
surface transportation modes, and is still defining what its 
regulatory and oversight role will be for these modes.
    We also found that, although TSA has made progress in 
conducting compliance inspections of some systems, inspectors' 
roles and missions have not yet been fully defined.
    We also reported that a variety of cross-cutting issues 
have affected DHS's and TSA's efforts in implementing its 
mission and management functions. These include developing 
results-oriented goals and measures to assess performance, 
developing and integrating a risk-based approach to guide 
investment decisions, and establishing effective frameworks and 
mechanisms for sharing information and coordinating with 
stakeholders. It will be important for the entire Department to 
continue to address these issues as it moves forward.
    In closing, TSA has made considerable progress in securing 
the transportation network, especially related to commercial 
aviation, and its efforts should be commended. However, the 
agency still has work to do in some key areas, most especially 
related to the deployment of technologies to screen for 
explosives at checkpoints and in air cargo and more fully 
defining its regulatory role in security for surface 
transportation modes.
    We are currently reviewing many of these key areas, and 
will continue to report to this committee and others on the 
results of our work.
    This concludes my opening statement. I would be pleased to 
respond to any questions.
    [The prepared statement of Ms. Berrick follows:]

Prepared Statement of Cathleen A. Berrick, Director, Homeland Security 
    and Justice Issues, U.S. Government Accountability Office (GAO)

    Mr. Chairman and Members of the Committee:
    I appreciate the opportunity to participate in today's hearing to 
discuss the Department of Homeland Security's (DHS) progress and 
challenges in securing our Nation's transportation systems. The 
Transportation Security Administration (TSA), originally established as 
an agency within the Department of Transportation in 2001 but now a 
component within DHS, is charged with securing the transportation 
network while also ensuring the free movement of people and commerce. 
TSA has primary responsibility for security in all modes of 
transportation and since its inception has developed and implemented a 
variety of programs and procedures to secure commercial aviation and 
surface modes of transportation, including passenger and freight rail, 
mass transit, highways, commercial vehicles, and pipelines. Other DHS 
components, Federal agencies, state and local governments, and the 
private sector also play a role in transportation security. For 
example, with respect to commercial aviation, the U.S. Customs and 
Border Protection (CBP) has responsibility for conducting passenger 
prescreening--in general, the matching of passenger information against 
terrorist watch lists prior to an aircraft's departure--for 
international flights operating to or from the United States, as well 
as inspecting inbound air cargo upon its arrival in the United States. 
In addition, responsibility for securing rail and other surface modes 
of transportation is shared among Federal, state, and local governments 
and the private sector.
    My testimony today will focus on: (1) the progress TSA, and other 
DHS components have made in securing the Nation's aviation and surface 
transportation systems, and (2) challenges which have impeded DHS's 
(and, as they relate to transportation security, TSA) efforts to 
implement its mission and management functions. My comments are based 
on issued GAO reports and testimonies addressing the security of the 
Nation's aviation and surface transportation systems, including an 
August 2007 report that highlights the progress DHS has made in 
implementing its mission and management functions.\1\ In this report, 
we reviewed the extent to which DHS has taken actions to achieve 
performance expectations in each of its mission and management areas 
that we identified from legislation, Homeland Security Presidential 
Directives, and DHS strategic planning documents. Based primarily on 
our past work, we made a determination regarding whether DHS generally 
achieved or generally did not achieve the key elements of each 
performance expectation. An assessment of ``generally achieved'' 
indicates that DHS has taken sufficient actions to satisfy most 
elements of the expectation; however, an assessment of ``generally 
achieved'' does not signify that no further action is required of DHS 
or that functions covered by the expectation cannot be further improved 
or enhanced. Conversely, an assessment of ``generally not achieved'' 
indicates that DHS has not yet taken actions to satisfy most elements 
of the performance expectation. In determining the department's overall 
level of progress in achieving performance expectations in each of its 
mission and management areas, we concluded whether the department had 
made limited, modest, moderate, or substantial progress.\2\ These 
assessments of progress do not reflect, nor are they intended to 
reflect, the extent to which actions by DHS and its components have 
made the Nation more secure. We conducted our work in accordance with 
generally accepted government auditing standards.

Summary
    Within DHS, TSA is the agency with primary responsibility for 
securing the transportation sector and has undertaken a number of 
initiatives to strengthen the security of the Nation's commercial 
aviation and surface transportation systems. In large part, these 
efforts have been driven by legislative mandates designed to strengthen 
the security of commercial aviation following the September 11, 2001, 
terrorist attacks. In August 2007, we reported that DHS had made 
moderate progress in securing the aviation and surface transportation 
networks, but that more work remains.\3\ Specifically, of the 24 
performance expectations we identified for DHS in the area of aviation 
security, we reported that it has generally achieved 17 of these 
expectations and has generally not achieved 7 expectations. With regard 
to the security of surface modes of transportation, we reported that 
DHS generally achieved three performance expectations and has generally 
not achieved two others.
    DHS, primarily through TSA, has made progress in many areas related 
to securing commercial aviation and surface modes of transportation, 
and their efforts should be commended. Meeting statutory mandates to 
screen airline passengers and 100 percent of checked baggage alone was 
a tremendous challenge. To do this, TSA initially hired and deployed a 
Federal workforce of over 50,000 passenger and checked baggage 
screeners, and installed equipment at the Nation's more than 400 
commercial airports to provide the capability to screen all checked 
baggage using explosive detection systems, as mandated by law. TSA has 
since turned its attention to, among other things, strengthening 
passenger prescreening--in general, the matching of passenger 
information against terrorist watch lists prior to an aircraft's 
departure; more efficiently allocating, deploying, and managing the 
transportation security officer (TSO)--formerly known as screener--
workforce; strengthening screening procedures; developing and deploying 
more effective and efficient screening technologies; and improving 
domestic air cargo security. In addition to TSA, CBP has also taken 
steps to strengthen passenger prescreening for passengers on 
international flights operating to or from the United States, as well 
as inspecting inbound air cargo upon its arrival in the United States. 
DHS's Science and Technology (S&T) Directorate has also taken actions 
to research and develop aviation security technologies. With regard to 
surface transportation modes, TSA has taken steps to develop a 
strategic approach for securing mass transit, passenger and freight 
rail, commercial vehicles, highways, and pipelines; establish security 
standards for certain transportation modes; and conduct threat, 
criticality, and vulnerability assessments of surface transportation 
assets, particularly passenger and freight rail. TSA also hired and 
deployed compliance inspectors and conducted inspections of passenger 
and freight rail systems. DHS also developed and administered grant 
programs for various surface transportation modes.
    While these efforts have helped to strengthen the security of the 
transportation network, DHS still faces a number of key challenges that 
need to be addressed to meet expectations set out for them by Congress, 
the Administration, and the Department itself. For example, regarding 
commercial aviation, TSA has faced challenges in developing and 
implementing its passenger prescreening system, known as Secure Flight, 
and has not yet completed development efforts. As planned, this program 
would initially assume from air carriers the responsibility for 
matching information on airline passengers traveling domestically 
against terrorists watch lists. In addition, while TSA has taken 
actions to enhance perimeter security at airports, these actions may 
not be sufficient to provide for effective security. TSA has also begun 
efforts to evaluate the effectiveness of security-related technologies, 
such as biometric identification systems. However, TSA has not 
developed a plan for implementing such new technologies to meet the 
security needs of individual airports and the commercial airport system 
as a whole. Further, TSA has not yet deployed checkpoint technologies 
to address key existing vulnerabilities, and has not yet developed and 
implemented technologies needed to screen air cargo. With regard to 
surface transportation security, while TSA has initiated efforts to 
develop security standards for surface transportation modes, these 
efforts have been limited to passenger and freight rail, and have not 
addressed commercial vehicle or highway infrastructure, including 
bridges and tunnels. TSA has yet to provide a rationale or explanation 
for why standards may not be needed for these modes. Moreover, although 
TSA has made progress in conducting compliance inspections of some 
surface transportation systems, inspectors' roles and missions have not 
been fully defined.
    A variety of cross-cutting issues have affected DHS's and, as they 
relate to transportation security, TSA's efforts in implementing its 
mission and management functions. These key issues include agency 
transformation, strategic planning and results management, risk 
management, information sharing, and stakeholder coordination. In 
working toward transforming the department into an effective and 
efficient organization, DHS and its components have not always been 
transparent which has affected our ability to perform our oversight 
responsibilities in a timely manner. They have also not always 
implemented effective strategic planning efforts, fully developed 
performance measures, or put into place structures to help ensure that 
they are managing for results. In addition, DHS and its components can 
more fully adopt and apply a risk management approach in implementing 
its security mission and core management functions.\4\ They could also 
better share information with Federal agencies, state and local 
governments and private sector entities, and more fully coordinate 
their activities with key stakeholders.

Background
    The Aviation and Transportation Security Act (ATSA), enacted in 
November 2001, created TSA and gave it responsibility for securing all 
modes of transportation.\5\ TSA's aviation security mission includes 
strengthening the security of airport perimeters and restricted airport 
areas; hiring and training a screening workforce; prescreening 
passengers against terrorist watch lists; and screening passengers, 
baggage, and cargo at the over 400 commercial airports nation-wide, 
among other responsibilities. While TSA has operational responsibility 
for physically screening passengers and their baggage, TSA exercises 
regulatory, or oversight, responsibility for the security of airports 
and air cargo. Specifically, airports, air carriers, and other entities 
are required to implement security measures in accordance with TSA-
issued security requirements, against which TSA evaluates their 
compliance efforts.
    TSA also oversees air carriers' efforts to prescreen passengers--in 
general, the matching of passenger information against terrorist watch 
lists prior to an aircraft's departure--and plans to take over 
operational responsibility for this function with the implementation of 
its Secure Flight program initially for passengers traveling 
domestically. CBP also has responsibility for prescreening airline 
passengers on international flights departing from and bound for the 
United States,\6\ while DHS's Science and Technology Directorate is 
responsible for researching and developing technologies to secure the 
transportation sector.
    TSA shares responsibility for securing surface transportation modes 
with Federal, state, and local governments and the private sector. 
TSA's security mission includes establishing security standards and 
conducting assessments and inspections of surface transportation modes, 
including passenger and freight rail; mass transit; highways and 
commercial vehicles; and pipelines. The Federal Emergency Management 
Agency's Grant Programs Directorate provides grant funding to surface 
transportation operators and state and local governments, and in 
conjunction with certain grants the National Protection and Programs 
Directorate conducts risk assessments of surface transportation 
facilities. Within the Department of Transportation (DOT), the Federal 
Transit Administration (FTA) and Federal Railroad Administration (FRA) 
have responsibilities for establishing standards for passenger rail 
safety and security. In addition, public and private sector 
transportation operators are responsible for implementing security 
measures for their systems. For example, the primary responsibility for 
securing passenger rail systems rests with the passenger rail 
operators. Passenger rail operators, which can be public or private 
entities, are responsible for administering and managing passenger rail 
activities and services, including security.

DHS Has Made Progress in Securing the Nation's Aviation and Surface 
        Transportation Systems, but More Work Remains
    DHS, primarily through the efforts of TSA, has undertaken numerous 
initiatives to strengthen the security of the Nation's aviation and 
surface transportation systems. In large part, these efforts have been 
guided by legislative mandates designed to strengthen the security of 
commercial aviation following the September 11, 2001 terrorist attacks. 
These efforts have also been affected by events external to the 
department, including the alleged August 2006 terrorist plot to blow up 
commercial aircraft bound from London to the United States, and the 
2004 Madrid and 2005 London train bombings. While progress has been 
made in many areas with respect to securing the transportation network, 
we found that the department can strengthen its efforts in some key 
areas outlined by the Congress, the Administration, and the department 
itself. Specifically, regarding commercial aviation, we reported that 
DHS has generally achieved 17 performance expectations in this area, 
and has generally not achieved 7 expectations. Regarding the security 
of surface transportation modes, we reported that DHS has generally 
achieved three performance expectations and has generally not achieved 
two others. We identified these performance expectations through 
reviews of key legislation, Homeland Security Presidential Directives, 
and DHS strategic planning documents.

Aviation Security
    Since its inception, TSA has focused much of its efforts on 
aviation security and has developed and implemented a variety of 
programs and procedures to secure commercial aviation. For example, TSA 
has undertaken efforts to hire, train and deploy a screening workforce; 
and screen passengers, baggage, and cargo. Although TSA has taken 
important actions to strengthen aviation security, the agency has faced 
difficulties in implementing an advanced, government-run passenger 
prescreening program for domestic flights, and in developing and 
implementing technology to screen passengers at security checkpoints 
and cargo placed on aircraft, among other areas. As shown in table 1, 
we identified 24 performance expectations for DHS in the area of 
aviation security, and found that overall, DHS has made moderate 
progress in meeting these expectations. Specifically, we found that DHS 
has generally achieved 17 performance expectations and has generally 
not achieved 7 performance expectations.



----------------------------------------------------------------------------------------------------------------



                    Table 1.--Performance Expectations and Progress Made in Aviation Security
----------------------------------------------------------------------------------------------------------------
                                                                                 Assessment
                                                           -----------------------------------------------------
                  Performance expectation                     Generally      Generally not       No assessment
                                                              achieved         achieved              made
----------------------------------------------------------------------------------------------------------------
Aviation security strategic approach
----------------------------------------------------------------------------------------------------------------
Implement a strategic approach for aviation security                  3
 functions
----------------------------------------------------------------------------------------------------------------
Airport perimeter security and access controls
----------------------------------------------------------------------------------------------------------------
Establish standards and procedures for effective airport                                  3
 perimeter security
----------------------------------------------------------------------------------------------------------------
Establish standards and procedures to effectively control                                 3
 access to airport secured areas
----------------------------------------------------------------------------------------------------------------
Establish procedures for implementing biometric identifier                                3
 systems for airport secured areas access control
----------------------------------------------------------------------------------------------------------------
Ensure the screening of airport employees against                     3
 terrorist watch lists
----------------------------------------------------------------------------------------------------------------
Aviation security workforce
----------------------------------------------------------------------------------------------------------------
Hire and deploy a federal screening workforce                         3
----------------------------------------------------------------------------------------------------------------
Develop standards for determining aviation security                   3
 staffing at airports
----------------------------------------------------------------------------------------------------------------
Establish standards for training and testing the                      3
 performance of airport screener staff
----------------------------------------------------------------------------------------------------------------
Establish a program and requirements to allow eligible                3
 airports to use a private screening workforce
----------------------------------------------------------------------------------------------------------------
Train and deploy federal air marshals on high-risk flights            3
----------------------------------------------------------------------------------------------------------------
Establish standards for training flight and cabin crews               3
----------------------------------------------------------------------------------------------------------------
Establish a program to allow authorized flight deck                   3
 officers to use firearms to defend against any terrorist
 or criminal acts
----------------------------------------------------------------------------------------------------------------
Passenger prescreening
----------------------------------------------------------------------------------------------------------------
Establish policies and procedures to ensure that                      3
 individuals known to pose, or suspected of posing, a risk
 or threat to security are identified and subjected to
 appropriate action
----------------------------------------------------------------------------------------------------------------
Develop and implement an advanced prescreening system to                                  3
 allow DHS to compare domestic passenger information to
 the Selectee List and No Fly List
----------------------------------------------------------------------------------------------------------------
Develop and implement an international passenger                                          3
 prescreening process to compare passenger information to
 terrorist watch lists before aircraft departure
----------------------------------------------------------------------------------------------------------------
Checkpoint screening
----------------------------------------------------------------------------------------------------------------
Develop and implement processes and procedures for                    3
 physically screening passengers at airport checkpoints
----------------------------------------------------------------------------------------------------------------
Develop and test checkpoint technologies to address                   3
 vulnerabilities
----------------------------------------------------------------------------------------------------------------
Deploy checkpoint technologies to address vulnerabilities                                 3
----------------------------------------------------------------------------------------------------------------
Checked Baggage screening
----------------------------------------------------------------------------------------------------------------
Deploy explosive detection systems (EDS) and explosive                3
 trace detection (ETD) systems to screen checked baggage
 for explosives
----------------------------------------------------------------------------------------------------------------
Develop a plan to deploy in-line baggage screening                    3
 equipment at airports
----------------------------------------------------------------------------------------------------------------
Pursue the deployment and use of in-line baggage screening            3
 equipment at airports
----------------------------------------------------------------------------------------------------------------
Air cargo security
----------------------------------------------------------------------------------------------------------------
Develop a plan for air cargo security                                 3
----------------------------------------------------------------------------------------------------------------
Develop and implement procedures to screen air cargo                  3
----------------------------------------------------------------------------------------------------------------
Develop and implement technologies to screen air cargo                                    3
----------------------------------------------------------------------------------------------------------------
Total                                                                17                   7                   0
----------------------------------------------------------------------------------------------------------------
Source: GAO analysis.

    Aviation Security Strategic Approach. We concluded that DHS has 
generally achieved this performance expectation. In our past work, we 
reported that TSA identified and implemented a wide range of 
initiatives to strengthen the security of key components of the 
commercial aviation system. These components are interconnected and 
each is critical to the overall security of commercial aviation.\7\ \8\ 
More recently, in March 2007, TSA released its National Strategy on 
Aviation Security and six supporting plans that provided more detailed 
strategic planning guidance in the areas of systems security; 
operational threat response; systems recovery; domain surveillance; and 
intelligence integration and domestic and international outreach. 
According to TSA officials, an Interagency Implementation Working Group 
was established under TSA leadership in January 2007 to initiate 
implementation efforts for the 112 actions outlined in the supporting 
plans.
    Airport Perimeter Security and Access Controls. We concluded that 
DHS has generally achieved one, and has generally not achieved three, 
of the performance expectations in this area. For example, TSA has 
taken action to ensure the screening of airport employees against 
terrorist watch lists by requiring airport operators to compare 
applicants' names against the No Fly and Selectee Lists. However, in 
June 2004, we reported that although TSA had begun evaluating 
commercial airport perimeter and access control security through 
regulatory compliance inspections, covert testing of selected access 
procedures, and vulnerability assessments at selected airports, TSA had 
not determined how the results of these evaluations could be used to 
make improvements to the Nation's airport system as a whole. We further 
reported that although TSA had begun evaluating the controls that limit 
access into secured airport areas, it had not completed actions to 
ensure that all airport workers in these areas were vetted prior to 
being hired and trained.\9\ More recently, in March 2007, the DHS 
Office of Inspector General, based on the results of its access control 
testing at 14 domestic airports across the Nation, made various 
recommendations to enhance the overall effectiveness of controls that 
limit access to airport secured areas.\10\ In March through July 2007, 
DHS provided us with updated information on procedures, plans, and 
other efforts it had implemented to secure airport perimeters and 
strengthen access controls, including a description of its Aviation 
Direct Access Screening Program. This program provides for TSOs to 
randomly screen airport and airline employees and employees' property 
and vehicles as they enter the secured areas of airports for the 
presence of explosives, incendiaries, weapons, and other items of 
interest as well as improper airport identification. However, DHS did 
not provide us with evidence that these actions provide for effective 
airport perimeter security, nor information on how the actions 
addressed all relevant requirements established by law and in our prior 
recommendations.
    Regarding procedures for implementing biometric identification 
systems, we reported that TSA had not developed a plan for implementing 
new technologies to meet the security needs of individual airports and 
the commercial airport system as a whole.\11\ In December 2004 and 
September 2006, we reported on the status of the development and 
testing of the Transportation Worker Identification Credential program 
(TWIC) \12\--DHS's effort to develop biometric access control systems 
to verify the identity of individuals accessing secure transportation 
areas. Our 2004 report identified challenges that TSA faced in 
developing regulations and a comprehensive plan for managing the 
program, as well as several factors that caused TSA to miss initial 
deadlines for issuing TWIC cards. In our September 2006 report, we 
identified the challenges that TSA encountered during TWIC program 
testing, and several problems related to contract planning and 
oversight. Specifically, we reported that DHS and industry stakeholders 
faced difficult challenges in ensuring that biometric access control 
technologies will work effectively in the maritime environment where 
the Transportation Worker Identification Credential program is being 
initially tested. In October 2007, we testified that TSA had made 
progress in implementing the program and addressing our recommendations 
regarding contract planning and oversight and coordination with 
stakeholders. For example, TSA reported that it added staff with 
program and contract management expertise to help oversee the contract 
and developed plans for conducting public outreach and education 
efforts.\13\ However, DHS has not yet determined how and when it will 
implement a biometric identification system for access controls at 
commercial airports. We have initiated ongoing work to further assess 
DHS's efforts to establish procedures for implementing biometric 
identifier systems for airport secured areas access control.
    Aviation Security Workforce. We concluded that DHS has generally 
achieved all 7 performance expectations in this area. For example, TSA 
has hired and deployed a Federal screening workforce at over 400 
commercial airports nationwide, and has developed standards for 
determining TSO staffing levels at airports. TSA also established 
numerous programs to train and test the performance of its TSO 
workforce, although we reported that improvements in these efforts can 
be made. Among other efforts, in December 2005, TSA reported completing 
enhanced explosives detection training for over 18,000 TSOs, and 
increased its use of covert testing to assess vulnerabilities of 
existing screening systems. TSA also established the Screening 
Partnership Program which allows eligible airports to apply to TSA to 
use a private screening workforce. In addition, TSA has trained and 
deployed Federal air marshals on high-risk flights; established 
standards for training flight and cabin crews; and established a 
Federal Flight Deck Officer program to select, train, and allow 
authorized flight deck officers to use firearms to defend against any 
terrorist or criminal acts. Related to flight and cabin crew training, 
TSA revised its guidance and standards to include additional training 
elements required by law and to improve the organization and clarity of 
the training. TSA also increased its efforts to measure the performance 
of its TSO workforce through recertification testing and other 
measures.
    Passenger Prescreening. We reported that DHS has generally achieved 
one, and has not generally achieved two, of the performance 
expectations in this area. For example, TSA established policies and 
procedures to ensure that individuals known to pose, or suspected of 
posing, a risk or threat to security are identified and subjected to 
appropriate action. Specifically, TSA requires that air carriers check 
all passengers against the Selectee List, which identifies individuals 
that represent a higher than normal security risk and therefore require 
additional security screening, and the No Fly List, which identifies 
individuals who are not allowed to fly.\14\ However, TSA has faced a 
number of challenges in developing and implementing an advanced 
prescreening system, known as Secure Flight, which will allow TSA to 
take over the matching of passenger information against the No Fly and 
Selectee lists from air carriers, as required by law.\15\ In 2006, we 
reported that TSA had not conducted critical activities in accordance 
with best practices for large-scale information technology programs and 
had not followed a disciplined life cycle approach in developing Secure 
Flight.\16\ In March 2007, DHS reported that as a result of its 
rebaselining efforts, more effective government controls were developed 
to implement Secure Flight and that TSA was following a more 
disciplined development process. DHS further reported that it plans to 
begin parallel operations with the first group of domestic air carriers 
during Fiscal Year 2009 and to take over full responsibility for watch 
list matching in Fiscal Year 2010. We are continuing to assess TSA's 
efforts in developing and implementing the Secure Flight program. We 
have also reported that DHS has not yet implemented enhancements to its 
passenger prescreening process for passengers on international flights 
departing from and bound for the United States.\17\ Although CBP 
recently issued a final rule that will require air carriers to provide 
passenger information to CBP prior to a flight's departure so that CBP 
can compare passenger information to the terrorist watch lists before a 
flight takes off, this requirement is not scheduled to take effect 
until February 2008. In addition, while DHS plans to align its 
international and domestic passenger prescreening programs under TSA, 
full implementation of an integrated system will not occur for several 
years.
    Checkpoint Screening. We reported that DHS has generally achieved 
two, and has not generally achieved one, of the performance 
expectations in this area. For example, we reported that TSA has 
developed processes and procedures for screening passengers at security 
checkpoints and has worked to balance security needs with efficiency 
and customer service considerations.\18\ More specifically, in April 
2007, we reported that modifications to standard operating procedures 
were proposed based on the professional judgment of TSA senior-level 
officials and program-level staff, as well as threat information and 
the results of covert testing. However, we found that TSA's data 
collection and analyses could be improved to help TSA determine whether 
proposed procedures that are operationally tested would achieve their 
intended purpose. We also reported that DHS and its component agencies 
have taken steps to improve the screening of passengers to address new 
and emerging threats. For example, TSA established two recent 
initiatives intended to strengthen the passenger checkpoint screening 
process: (1) the Screening Passenger by Observation Technique program, 
which is a behavior observation and analysis program designed to 
provide TSA with a nonintrusive means of identifying potentially high-
risk individuals; and (2) the Travel Document Checker program which 
replaces current travel document checkers with TSOs who have access to 
sensitive security information on the threats facing the aviation 
industry and check for fraudulent documents. However, we found that 
while TSA has developed and tested checkpoint technologies to address 
vulnerabilities that may be exploited by identified threats such as 
improvised explosive devices, it has not yet effectively deployed such 
technologies. In July 2006, TSA reported that it installed 97 
explosives trace portal machines--which use puffs of air to dislodge 
and detect trace amounts of explosives on persons--at 37 airports. 
However, DHS identified problems with these machines and has halted 
their deployment. TSA is also developing backscatter technology, which 
identifies explosives, plastics and metals, giving them shape and form 
and allowing them to be visually interpreted.\19\ However, limited 
progress has been made in fielding this technology at passenger 
screening checkpoints. The Implementing Recommendations of the 9/11 
Commission Act of 2007 (9/11 Commission Act), enacted in August 2007, 
restates and amends a requirement that DHS issue a strategic plan for 
deploying explosive detection equipment at airport checkpoints and 
requires DHS to expedite research and development efforts to protect 
passenger aircraft from explosives devices.\20\ We are currently 
reviewing DHS and TSA's efforts to develop, test and deploy airport 
checkpoint technologies.\21\
    Checked Baggage Screening. We concluded that DHS has generally 
achieved all three performance expectations in this area. Specifically, 
from November 2001 through June 2006, TSA procured and installed about 
1,600 Explosive Detection Systems (EDS) and about 7,200 Explosive Trace 
Detection (ETD) machines to screen checked baggage for explosives at 
over 400 commercial airports.\22\ In response to mandates to field the 
equipment quickly and to account for limitations in airport design, TSA 
generally placed this equipment in a stand-alone mode--usually in 
airport lobbies--to conduct the primary screening of checked baggage 
for explosives.\23\ Based in part on our previous recommendations, TSA 
later developed a plan to integrate EDS and ETD machines in-line with 
airport baggage conveyor systems. The installation of in-line systems 
can result in considerable savings to TSA through the reduction of TSOs 
needed to operate the equipment, as well as increased security. Despite 
delays in the widespread deployment of in-line systems due to the high 
upfront capital investment required, TSA is pursuing the installation 
of these systems and is seeking creative financing solutions to fund 
their deployment. In March 2007, DHS reported that it is working with 
airport and air carrier stakeholders to improve checked baggage 
screening solutions to enhance security and free up lobby space at 
airports. The installation of in-line baggage screening systems 
continues to be an issue of congressional concern. For example, the 9/
11 Commission Act reiterates a requirement that DHS submit a cost-
sharing study along with a plan and schedule for implementing 
provisions of the study, and requires TSA to establish a prioritization 
schedule for airport improvement projects such as the installation of 
in-line baggage screening systems.\24\
    Air Cargo Security. We reported that TSA has generally achieved 
two, and has not generally achieved one, of the performance 
expectations in this area. Specifically, TSA has developed a strategic 
plan for domestic air cargo security and has taken actions to use risk 
management principles to guide investment decisions related to air 
cargo bound for the United States from a foreign country, referred to 
as inbound air cargo, but these actions are not yet complete. For 
example, TSA plans to assess inbound air cargo vulnerabilities and 
critical assets--two crucial elements of a risk-based management 
approach--but has not yet established a methodology or time-frame for 
how and when these assessments will be completed.\25\ TSA has also 
developed and implemented procedures to screen domestic and inbound air 
cargo. We reported in October 2005 that TSA had significantly increased 
the number of domestic air cargo inspections conducted of air carrier 
and indirect air carrier compliance with security requirements. 
However, we also reported that TSA exempted certain cargo from random 
inspection because it did not view the exempted cargo as posing a 
significant security risk, although air cargo stakeholders noted that 
such exemptions may create potential security risks and vulnerabilities 
since shippers may know how to package their cargo to avoid 
inspection.\26\ In part based on a recommendation we made, TSA is 
evaluating existing exemptions to determine whether they pose a 
security risk, and has removed some exemptions that were previously 
allowed. The 9/11 Commission Act requires, no later than 3 years after 
its enactment, that DHS have a system in place to screen 100 percent of 
cargo transported on passenger aircraft.\27\ Although TSA has taken 
action to develop plans for securing air cargo and establishing and 
implementing procedures to screen air cargo, DHS has not yet developed 
and implemented screening technologies. DHS is pursuing multiple 
technologies to automate the detection of explosives in the types and 
quantities that would cause catastrophic damage to an aircraft in 
flight. However, TSA acknowledged that full development of these 
technologies may take 5 to 7 years. In April 2007, we reported that TSA 
and DHS's S&T Directorate were in the early stages of evaluating and 
piloting available aviation security technologies to determine their 
applicability to the domestic air cargo environment. We further 
reported that although TSA anticipates completing its pilot tests by 
2008, it has not yet established time frames for when it might 
implement these methods or technologies for the inbound air cargo 
system.\28\

Surface Transportation Security
    Although TSA has devoted the vast majority of its resources to 
securing commercial aviation and to meeting related statutory 
requirements, it has more recently increased its focus on the security 
of surface modes of transportation. However, these efforts are still 
largely in the early stages. International events such as the March 
2004 Madrid and July 2005 London train bombings, have, in part, 
contributed to this increased focus. Specifically, TSA and other DHS 
components have developed an approach for securing surface modes of 
transportation, have taken steps to conduct risk assessments of surface 
transportation assets; and have administered related grant programs. 
However, TSA has not issued standards for securing all surface 
transportation modes, and is still defining what its regulatory role 
will be. Moreover, although TSA has made progress in conducting 
compliance inspections of some surface transportation systems, 
inspectors' roles and missions have not been fully defined. As shown in 
table 2, we identified five performance expectations for DHS in the 
area of surface transportation security and found that, overall, DHS 
primarily through the efforts of TSA has made moderate progress in 
meeting these expectations. Specifically, we found that DHS has 
generally achieved three performance expectations and has generally not 
achieved two performance expectations.



----------------------------------------------------------------------------------------------------------------



             Table 2.--Performance Expectations and Progress Made in Surface Transportation Security
----------------------------------------------------------------------------------------------------------------
                                                                                 Assessment
                                                           -----------------------------------------------------
                  Performance expectation                     Generally      Generally not       No assessment
                                                              achieved         achieved              made
----------------------------------------------------------------------------------------------------------------
Develop and adopt a strategic approach for implementing               3
 surface transportation security functions
----------------------------------------------------------------------------------------------------------------
Conduct threat, criticality, and vulnerability assessments            3
 of surface transportation assets
----------------------------------------------------------------------------------------------------------------
Issue standards for securing surface transportation modes                                 3
----------------------------------------------------------------------------------------------------------------
Conduct compliance inspections for surface transportation                                 3
 systems
----------------------------------------------------------------------------------------------------------------
Administer grant programs for surface transportation                  3
 security
----------------------------------------------------------------------------------------------------------------
Total                                                                 3                   2                   0
----------------------------------------------------------------------------------------------------------------
Source: GAO analysis.

    Strategic Approach for Implementing Security Functions. We 
concluded that DHS has generally achieved this performance expectation. 
In May 2007, DHS issued the sector-specific plan for transportation 
systems and supporting annexes for surface transportation modes, and 
reported taking actions to adopt the strategic approach outlined by the 
plan. The Transportation Systems Sector-Specific Plan and its 
supporting modal implementation plans and appendixes establish a 
strategic approach for securing surface transportation modes based on 
the National Infrastructure Protection Plan and Executive Order 13416, 
Strengthening Surface Transportation Security. The Transportation 
Systems Sector-Specific Plan describes the security framework that is 
intended to enable sector stakeholders to make effective and 
appropriate risk-based security and resource allocation decisions. 
During the course of our work assessing freight rail, commercial 
vehicles, and highway infrastructure security, we identified that TSA 
has begun to implement some of the security initiatives outlined in the 
sector-specific plan and supporting modal plans. While DHS has issued a 
strategy for securing all transportation modes, and has demonstrated 
that it has begun to take actions to implement the goals and objectives 
outlined in the strategy, we have not yet analyzed the overall quality 
of the plan or supporting modal annexes, the extent to which efforts 
outlined in the plan and annexes have been implemented, or the 
effectiveness of identified security initiatives. In addition, we 
recognize that the acceptance of DHS's approach by Federal, state and 
local, and private sector stakeholders is crucial to its successful 
implementation. We also have not assessed the extent to which the plan 
and supporting modal annexes were coordinated with or adopted by these 
stakeholders. We will continue to assess DHS's efforts to implement its 
strategy for securing surface transportation modes as part of our 
ongoing reviews of mass transit, passenger and freight rail, commercial 
vehicle, and highway infrastructure security.
    Threat, Criticality and Vulnerability Assessments. We reported that 
DHS has generally achieved this performance expectation. TSA has taken 
actions to conduct threat, criticality, and vulnerability assessments 
of surface transportation assets, particularly for mass transit, 
passenger rail, and freight rail, but we have not yet reviewed the 
quality of many of these assessments. TSA uses threat assessments and 
information as part of its surface transportation security efforts. For 
example, TSA has conducted threat assessments of mass transit, 
passenger rail, and freight rail transportation modes. TSA has also 
conducted assessments of the vulnerabilities associated with surface 
transportation assets, to varying degrees, for most surface modes of 
transportation. For freight rail, for example, we found that TSA has 
conducted vulnerability assessments of High Threat Urban Area rail 
corridors where toxic inhalation hazard shipments are transported. 
However, TSA's vulnerability assessment efforts are still ongoing and 
in some instances, are in the early stages, particularly for commercial 
vehicles and highway infrastructure. With regard to criticality 
assessments, DHS has conducted such assessments for some surface 
transportation modes. For example, TSA has conducted Corporate Security 
Reviews with 38 state Department of Transportation highway programs. In 
addition, the National Protection and Programs Directorate's Office of 
Infrastructure Protection conducts highway infrastructure assessments 
that look at critical highway infrastructure assets. We testified in 
January 2007 that TSA had reported completing an overall threat 
assessment for mass transit and passenger and freight rail modes, and 
had conducted criticality assessments of nearly 700 passenger rail 
stations. In addition, we further reported that the Grant Programs 
Directorate developed and implemented a risk assessment tool to help 
passenger rail operators better respond to terrorist attacks and 
prioritize security measures. We will continue to review threat, 
criticality and vulnerability assessments conducted by TSA and other 
DHS components for surface modes of transportation during our ongoing 
work assessing mass transit, passenger and freight rail, highway 
infrastructure, and commercial vehicle security.\29\
    Issuance of Security Standards. We found that DHS has generally not 
achieved this performance expectation. TSA has taken actions to develop 
and issue security standards for mass transit, passenger rail, and 
freight rail modes. However, TSA did not provide us with evidence of 
its efforts to develop and issue security standards for all surface 
transportation modes, or provided a rationale or explanation why 
standards may not be needed for other modes. Specifically, TSA has 
developed and issued security directives, security action items--
recommended measures for passenger rail and mass transit operators to 
implement in their security programs to improve both security and 
emergency preparedness, and a proposed rule in December 2006 on 
passenger and freight rail security requirements.\30\ In April 2007, 
DHS reported that TSA uses field activities to assess compliance with 
security directives and implementation of noncompulsory security 
standards and protective measures with the objective of a broad-based 
enhancement of passenger rail and rail transit security. TSA also 
reported that in its December 2006 notice of proposed rulemaking on new 
security measures for freight rail carriers, it proposed requirements 
designed to ensure 100 percent positive handoff of toxic inhalation 
hazard shipments that enter high threat urban areas, as well as 
security protocols for custody transfers of toxic inhalation hazard 
rail cars in high-threat urban areas. TSA also reported that its High 
Threat Urban Area rail corridor assessments supported the development 
of the Recommended Security Action Items for the Rail Transportation of 
Toxic Inhalation Materials issued by DHS and the Department of 
Transportation in June 2006.
    Compliance Inspections. We concluded that DHS has generally not 
achieved this performance expectation. TSA has made progress in 
conducting compliance inspections, particularly in hiring and deploying 
inspectors, but inspectors' roles and missions have not yet been fully 
defined. TSA officials have reported that the agency has hired 100 
surface transportation inspectors whose stated mission is to, among 
other duties, monitor and enforce compliance with TSA's rail security 
directives. However, some mass transit and passenger rail operators 
have expressed confusion and concern about the role of TSA inspectors 
and the potential that these inspections could duplicate other Federal 
and state rail inspections. In March and April 2007, with respect to 
freight rail, TSA reported visiting terminal and railroad yards to 
measure implementation of 7 of 24 DHS recommended security action items 
for the transportation of toxic inhalation hazard materials. Through 
its Surface Transportation Security Inspection program, TSA reported 
that its inspectors conduct inspections of key facilities for rail and 
transit systems to assess transit systems' implementation of core 
transit security fundamentals and comprehensive security action items; 
conduct examinations of stakeholder operations, including compliance 
with security directives; identify security gaps; and develop effective 
practices. Although TSA has deployed inspectors to conduct compliance 
inspections and carry out other security activities in the mass 
transit, passenger rail, and freight rail modes, TSA did not provide us 
with evidence that it has conducted compliance inspections for other 
surface transportation modes or information on whether the department 
believes compliance inspections are needed for other modes.
    The 9/11 Commission Act authorizes funds to be appropriated for TSA 
to employ additional surface transportation inspectors and requires 
that surface transportation inspectors have relevant transportation 
experience and appropriate security and inspection qualifications.\31\ 
The Act also requires DHS to consult periodically with surface 
transportation entities on the inspectors' duties, responsibilities, 
authorities, and mission. We will continue to assess TSA's inspection 
efforts during our ongoing work.\32\
    Grant Programs. We reported that DHS generally achieved this 
performance expectation. More specifically, DHS has developed and 
administered grant programs for various surface transportation modes. 
However, some industry stakeholders have raised concerns regarding 
DHS's current grant process, such as time delays and other barriers in 
the provision of grant funding. We have not yet assessed DHS's 
provision of grant funding or the extent to which DHS monitors the use 
of the funds. In March 2007, we reported that the DHS Office of Grants 
and Training, now called the Grant Programs Directorate, has used 
various programs to fund passenger rail security since 2003.\33\ 
Through the Urban Area Security Initiative grant program, the Grant 
Programs Directorate has provided grants to urban areas to help enhance 
their overall security and preparedness level to prevent, respond to, 
and recover from acts of terrorism. The Grant Programs Directorate used 
Fiscal Year 2005, 2006, and 2007 appropriations to build on the work 
under way through the Urban Area Security Initiative program, and 
create and administer new programs focused specifically on 
transportation security, including the Transit Security Grant Program 
and the Intercity Passenger Rail Security Grant Program. The 9/11 
Commission Act requires DHS to establish grant programs for security 
improvements in the public transportation, passenger and freight rail, 
and over-the-road bus modes and requires DHS to take certain actions in 
implementing the grant programs.\34\ For example, the Act requires that 
DHS determine the requirements for grant recipients and establish the 
priorities for which grant funding may be used, and it requires that 
DHS and DOT determine the most effective and efficient way to 
distribute grant funds, authorizing DHS to transfer funds to DOT for 
the purpose of disbursement. We will be assessing grants distributed 
for mass transit and passenger rail as part of our ongoing work.\35\

Cross-cutting Issues Have Hindered DHS's Efforts in Implementing Its 
        Mission and Management Functions
    Our work has identified homeland security challenges that cut 
across DHS's mission and core management functions. These issues have 
impeded the department's progress since its inception and will continue 
as DHS moves forward. While it is important that DHS continue to work 
to strengthen each of its mission and core management functions, to 
include transportation security, it is equally important that these key 
issues be addressed from a comprehensive, department-wide perspective 
to help ensure that the department has the structure and processes in 
place to effectively address the threats and vulnerabilities that face 
the Nation. These issues include: (1) transforming and integrating 
DHS's management functions; (2) establishing baseline performance goals 
and measures and engaging in effective strategic planning efforts; (3) 
applying and strengthening a risk management approach for implementing 
missions and making resource allocation decisions; (4) sharing 
information with key stakeholders; and (5) coordinating and partnering 
with Federal, state and local, and private sector agencies. We have 
made numerous recommendations to DHS and its components to strengthen 
these efforts, and the department has made progress in implementing 
some of these recommendations.
    DHS has faced a variety of difficulties in its efforts to transform 
into a fully functioning department. We designated DHS's implementation 
and transformation as high-risk in part because failure to effectively 
address this challenge could have serious consequences for our security 
and economy. DHS continues to face challenges in key areas including 
acquisition, financial, human capital, and information technology 
management. This array of management and programmatic challenges 
continues to limit DHS' ability to effectively and efficiently carry 
out its mission. In addition, transparency plays an important role in 
helping to ensure effective and efficient transformation efforts. We 
have reported that DHS has not made its management or operational 
decisions transparent enough so that Congress can be sure it is 
effectively, efficiently, and economically using the billions of 
dollars in funding it receives annually. More specifically, in April 
2007, we testified that we have encountered access issues during 
numerous engagements at DHS, including significant delays in obtaining 
requested documents that have affected our ability to do our work in a 
timely manner.\36\ The Secretary of DHS and the Under Secretary for 
Management have stated their desire to work with us to resolve access 
issues and to provide greater transparency. It will be important for 
DHS and its components to become more transparent and minimize 
recurring delays in providing access to information on its programs and 
operations so that Congress, GAO, and others can independently assess 
its efforts.
    In addition, DHS has not always implemented effective strategic 
planning efforts and has not yet fully developed performance measures 
or put into place structures to help ensure that the agency is managing 
for results. We have identified strategic planning as one of the 
critical success factors for new organizations, and reported that DHS 
as well as TSA and other component efforts in this area have been 
mixed. For example, with regards to TSA's efforts to secure air cargo, 
we reported that TSA completed an Air Cargo Strategic Plan in November 
2003 that outlined a threat-based risk management approach to securing 
the Nation's domestic air cargo system, and that this plan identified 
strategic objectives and priority actions for enhancing air cargo 
security based on risk, cost, and deadlines. However, we reported that 
TSA had not developed a similar strategy for addressing the security of 
inbound air cargo--cargo transported into the United States from 
foreign countries, including how best to partner with CBP and 
international air cargo stakeholders. In another example, we reported 
that TSA had not yet developed outcome-based performance measures for 
its foreign airport assessment and air carrier inspection programs, 
such as the percentage of security deficiencies that were addressed as 
a result of TSA's on-site assistance and recommendations, to identify 
any aspects of these programs that may need attention. We recommended 
that DHS direct TSA and CBP to develop a risk-based strategy, including 
specific goals and objectives, for securing air cargo; \37\ and develop 
outcome-based performance measures for its foreign airport assessment 
and air carrier inspection programs.\38\ DHS generally concurred with 
GAO's recommendations.
    DHS has also not fully adopted and applied a risk management 
approach in implementing its mission and core management functions. 
Risk management has been widely supported by the President and Congress 
as an approach for allocating resources to the highest priority 
homeland security investments, and the Secretary of Homeland Security 
and the Assistant Secretary for Transportation Security have made it a 
centerpiece of DHS and TSA policy. Several DHS component agencies and 
TSA have worked toward integrating risk-based decisionmaking into their 
security efforts, but we reported that these efforts can be 
strengthened. For example, TSA has incorporated certain risk management 
principles into securing air cargo, but has not completed assessments 
of air cargo vulnerabilities or critical assets--two crucial elements 
of a risk-based approach without which TSA may not be able to 
appropriately focus its resources on the most critical security needs. 
TSA has also incorporated risk-based decisionmaking when making 
modifications to airport checkpoint screening procedures, to include 
modifying procedures based on intelligence information and 
vulnerabilities identified through covert testing at airport 
checkpoints. However, in April 2007 we reported that TSA's analyses 
that supported screening procedural changes could be strengthened. For 
example, TSA officials based their decision to revise the prohibited 
items list to allow passengers to carry small scissors and tools onto 
aircraft based on their review of threat information--which indicated 
that these items do not pose a high risk to the aviation system--so 
that TSOs could concentrate on higher threat items.\39\ However, TSA 
officials did not conduct the analysis necessary to help them determine 
whether this screening change would affect TSO's ability to focus on 
higher-risk threats.\40\
    We have further reported that opportunities exist to enhance the 
effectiveness of information sharing among Federal agencies, state and 
local governments, and private sector entities. In August 2003, we 
reported that efforts to improve intelligence and information sharing 
need to be strengthened, and in 2005, we designated information sharing 
for homeland security as high-risk.\41\ In January 2005, we reported 
that the Nation still lacked an implemented set of government-wide 
policies and processes for sharing terrorism-related information, but 
DHS has issued a strategy on how it will put in place the overall 
framework, policies, and architecture for sharing information with all 
critical partners--actions that we and others have recommended.\42\ DHS 
has taken some steps to implement its information sharing 
responsibilities. States and localities are also creating their own 
information ``fusion'' centers, some with DHS support. With respect to 
transportation security, the importance of information sharing was 
recently highlighted in the 9/11 Commission Act which requires DHS to 
establish a plan to promote the sharing of transportation security 
information among DHS and Federal, state and local agencies, tribal 
governments, and appropriate private entities.\43\ The Act also 
requires that DHS provide timely threat information to carriers and 
operators that are preparing and submitting a vulnerability assessment 
and security plan, including an assessment of the most likely methods 
that could be used by terrorists to exploit weaknesses in their 
security.\44\
    In addition to providing Federal leadership with respect to 
homeland security, DHS also plays a large role in coordinating the 
activities of key stakeholders, but has faced challenges in this 
regard. To secure the nation, DHS must form effective and sustained 
partnerships between legacy component agencies and a range of other 
entities, including other Federal agencies, state and local 
governments, the private and nonprofit sectors, and international 
partners. We have reported that successful partnering and coordination 
involves collaborating and consulting with stakeholders to develop and 
agree on goals, strategies, and roles to achieve a common purpose; 
identify resource needs; establish a means to operate across agency 
boundaries, such as compatible procedures, measures, data, and systems; 
and agree upon and document mechanisms to monitor, evaluate, and report 
to the public on the results of joint efforts.\45\ We have found that 
the appropriate homeland security roles and responsibilities within and 
between the levels of government, and with the private sector, are 
evolving and need to be clarified. For example, we reported that 
opportunities exists for TSA to work with foreign governments and 
industry to identify best practices for securing passenger rail, and 
air cargo, and recommended that TSA systematically compile and analyze 
information on practices used abroad to identify those that may 
strengthen the department's overall security efforts.\46\ Further, 
regarding efforts to respond to in-flight security threats, which 
depending on the nature of the threat could involve more than 15 
Federal agencies and agency components, we recommended that DHS and 
other departments document and share their respective coordination and 
communication strategies and response procedures.\47\ In September 
2005, we reported that TSA did not effectively involve private sector 
stakeholders in its decisionmaking process for developing security 
standards for passenger rail assets.\48\ We recommended that DHS 
develop security standards that reflect industry best practices and can 
be measured, monitored, and enforced by TSA rail inspectors and, if 
appropriate, rail asset owners. DHS agreed with these recommendations. 
In addition, the 9/11 Commission Act includes provisions designed to 
improve coordination with stakeholders. For example, the Act requires 
DHS and the Department of Transportation to develop an annex to the 
Memorandum of Understanding between the two departments governing the 
specific roles, responsibilities, resources, and commitments in 
addressing motor carrier transportation security matters, including the 
processes the departments will follow to promote communications and 
efficiency, and avoid duplication of effort.\49\ The Act also requires 
DHS in consultation with the Department of Transportation to establish 
a program to provide appropriate information that DHS has gathered or 
developed on the performance, use, and testing of technologies that may 
be used to enhance surface transportation security to surface 
transportation entities.\50\

Concluding Observations
    The magnitude of DHS's and more specifically TSA's responsibilities 
in securing the Nation's transportation system is significant, and we 
commend the department on the work it has done and is currently doing 
to secure this network. Nevertheless, given the dominant role that TSA 
plays in securing the homeland, it is critical that its programs and 
initiatives operate as efficiently and effectively as possible. In the 
almost 6 years since its creation, TSA has had to undertake its 
critical mission while also establishing and forming a new agency. At 
the same time, a variety of factors, including threats to and attacks 
on transportation systems around the world, as well as new legislative 
requirements, have led the agency to reassess its priorities and 
reallocate resources to address key events, and to respond to emerging 
threats. Although TSA has made considerable progress in addressing key 
aspects of commercial aviation security, more work remains in the areas 
of checkpoint and air cargo technology, airport security, and passenger 
prescreening. Further, although TSA has more recently taken actions in 
a number of areas to help secure surface modes of transportation, its 
efforts are still largely in the early stage, and the nature of its 
regulatory role, and relationship with transportation operators, is 
still being defined. As DHS, TSA, and other components move forward, it 
will be important for the department to work to address the challenges 
that have affected its operations thus far, including developing 
results-oriented goals and measures to assess performance; developing 
and implementing a risk-based approach to guide resource decisions; and 
establishing effective frameworks and mechanisms for sharing 
information and coordinating with homeland security partners. A well-
managed, high-performing department is essential to meeting the 
significant challenge of securing the transportation network. As DHS, 
TSA, and other components continue to evolve, implement their programs, 
and integrate their functions, we will continue to review their 
progress and performance and provide information to Congress and the 
public on these efforts.
    Mr. Chairman this concludes my statement. I would be pleased to 
answer any questions that you or other members of the Committee may 
have at this time.

Endnotes
    \1\ GAO, Department of Homeland Security: Progress Report on 
Implementation of Mission and Management Functions, GAO-07-454 
(Washington, D.C.: August 2007); GAO, Department of Homeland Security: 
Progress Report on Implementation of Mission and Management Functions, 
GAO-07-1081T (Washington, D.C.: September 2007); and GAO, Department of 
Homeland Security: Progress Report on Implementation of Mission and 
Management Functions, GAO-07-1240T (Washington, D.C.: September 2007).
    \2\ Limited progress: DHS has taken actions to generally achieve 25 
percent or less of the identified performance expectations. Modest 
progress: DHS has taken actions to generally achieve more than 25 
percent but 50 percent or less of the identified performance 
expectations. Moderate progress: DHS has taken actions to generally 
achieve more than 50 percent but 75 percent or less of the identified 
performance expectations. Substantial progress: DHS has taken actions 
to generally achieve more than 75 percent of the identified performance 
expectations.
    \3\ GAO-07-454.
    \4\ A risk management approach entails a continuous process of 
managing risk through a series of actions, including setting strategic 
goals and objectives, assessing risk, evaluating alternatives, 
selecting initiatives to undertake, and implementing and monitoring 
those initiatives.
    \5\ Pub. L. No. 107-71, 115 Stat. 597 (2001).
    \6\ Currently, air carriers departing the United States are 
required to transmit passenger manifest information to CBP no later 
than 15 minutes prior to departure but, for flights bound for the 
United States, air carriers are not required to transmit the 
information until 15 minutes after the flight's departure (in general, 
after the aircraft is in flight). See 19 C.F.R.  122.49a, 122.75a. In 
a final rule published in the Federal Register on August 23, 2007, CBP 
established a requirement for all air carriers to either transmit the 
passenger manifest information to CBP no later than 30 minutes prior to 
the securing of the aircraft doors (that is, prior to the flight being 
airborne), or transmit manifest information on an individual basis as 
each passenger checks in for the flight up to but no later than the 
securing of the aircraft. See 72 Fed. Reg. 48320 (Aug. 23, 2007). This 
requirement is to take effect on February 19, 2008.
    \7\ For more information, see GAO, Aviation Security: Enhancements 
Made in Passenger and Checked Baggage Screening, but Challenges Remain, 
GAO-06-371T (Washington, D.C.: April 2006).
    \8\ For more information, see GAO, Aviation Security: 
Transportation Security Administration Has Made Progress in Managing a 
Federal Security Workforce and Ensuring Security at U.S. Airports, but 
Challenges Remain, GAO-06-597T, (Washington, D.C.: April 2006) and GAO, 
Aviation Security: Further Steps Needed to Strengthen the Security of 
Commercial Airport Perimeters and Access Controls, GAO-04-728 
(Washington, D.C.: June 2004).
    \9\ GAO-06-597T and GAO-04-728.
    \10\ Department of Homeland Security Office of Inspector General, 
Audit of Access to Airport Secured Areas (Unclassified Summary), OIG-
07-35 (Washington, D.C.: March 2007).
    \11\ GAO-06-597T and GAO-04-728.
    \12\ GAO, Port Security: Better Planning Needed to Develop and 
Operate Maritime Worker Identification Card Program, GAO-05-106 
(Washington, D.C.: December 2004), and Transportation Security: DHS 
Should Address Key Challenges before Implementing the Transportation 
Worker Identification Credential Program, GAO-06-982 (Washington, D.C.: 
September 2006).
    \13\ GAO, Port Security: Better Planning Needed to Develop and 
Operate Maritime Worker Identification Card Program, GAO-05-106 
(Washington, D.C.: December 2004), and Transportation Security: DHS 
Should Address Key Challenges before Implementing the Transportation 
Worker Identification Credential Program, GAO-06-982 (Washington, D.C.: 
September 2006).
    \14\ In accordance with TSA-issued security requirements, 
passengers on the No Fly List are denied boarding passes and are not 
permitted to fly unless cleared by law enforcement officers. Similarly, 
passengers who are on the Selectee List are issued boarding passes, and 
they and their baggage undergo additional security measures.
    \15\ See 49 U.S.C.  44903(j)(2)(C).
    \16\ GAO, Aviation Security: Management Challenges Remain for the 
Transportation Security Administration's Secure Flight Program, GAO-06-
864T (Washington, D.C.: June 2006).
    \17\ GAO, Aviation Security: Progress Made in Systematic Planning 
to Guide Key Investment Decisions, but More Work Remains, GAO-07-448T 
(Washington, D.C.: February 2007) and GAO, Aviation Security: Efforts 
to Strengthen International Passenger Prescreening Are Under Way, but 
Planning and Implementation Issues Remain, GAO-07-346 (Washington, 
D.C.: May 2007).
    \18\ For more information, see GAO, Aviation Security: Risk, 
Experience, and Customer Concerns Drive Changes to Airline Passenger 
Screening Procedures, but Evaluation and Documentation of Proposed 
Changes Could Be Improved, GAO-07-634 (Washington, D.C.: May 2007); 
GAO, Aviation Security: TSA's Change to Its Prohibited Items List Has 
Not Resulted in Any Reported Security Incidents, but the Impact of the 
Change on Screening Operations Is Inconclusive, GAO-07-623R 
(Washington, D.C.: April 2007); GAO, Airport Passenger Screening: 
Preliminary Observations on Progress Made and Challenges Remaining, 
GAO-03-1173 (Washington, D.C.: September 2003); and GAO, Aviation 
Security: Enhancements Made in Passenger and Checked Baggage Screening, 
but Challenges Remain, GAO-06-371T (Washington, D.C.: April 2006).
    \19\ GAO-06-371T.
    \20\ See Pub. L. No. 110-53,  1607, 1610, 121 Stat. 266, 483-85 
(2007).
    \21\ For more information, see GAO-06-371T.
    \22\ Explosive detection systems (EDS) use specialized X-rays to 
detect characteristics of explosives that may be contained in baggage 
as it moves along a conveyor belt. Explosive trace detection (ETD) 
works by detecting vapors and residues of explosives. Human operators 
collect samples by rubbing swabs along the interior and exterior of an 
object that TSOs determine to be suspicious, and place the swabs in the 
ETD machine, which then chemically analyzes the swabs to identify any 
traces of explosive materials.
    \23\ For more information, see GAO, Aviation Security: TSA 
Oversight of Checked Baggage Screening Procedures Could Be 
Strengthened, GAO-06-869 (Washington, D.C.: July 2006), GAO-06-371T, 
and GAO-07-448T.
    \24\ See Pub. L. No. 110-88. 1603-04, 121 Stat. at 480-81.
    \25\ For more information, see GAO, Aviation Security: Federal 
Action Needed to Strengthen Domestic Air Cargo Security, GAO-06-76, 
(Washington, D.C.: October 2005) and GAO, Aviation Security: Federal 
Efforts to Secure U.S.-Bound Air Cargo Are in the Early Stages and 
Could Be Strengthened, GAO-07-660 (Washington, D.C.: April 2007).
    \26\ GAO-06-76.
    \27\ See Pub. L. No. 110-53,  1602, 121 Stat. at 477-79. This 
provision defines screening as a physical examination or non-intrusive 
method of assessing whether cargo poses a threat to transportation 
security that includes the use of technology, procedures, personnel, or 
other methods to provide a level of security commensurate with the 
level of security for the screening of passenger checked baggage. 
Methods such as solely performing a review of information about the 
contents of cargo or verifying the identity of a shipper of the cargo, 
including whether a known shipper is registered in TSA's known shipper 
database, do not constitute screening under this provision.
    \28\ GAO-07-660.
    \29\ For more information, see GAO-06-181T; GAO, Passenger Rail 
Security: Enhanced Federal Leadership Needed to Prioritize and Guide 
Security Efforts, GAO-07-225T (Washington, D.C.: January 2007); and 
GAO-06-181T.
    \30\ See 71 Fed. Reg. 76,852 (Dec. 21, 2006).
    \31\ See Pub. L. No. 110-53,  1304, 121 Stat. at 393-94.
    \32\ For more information, see GAO-07-225T; GAO-06-181T; and GAO, 
Passenger Rail Security: Enhanced Federal Leadership Needed to 
Prioritize and Guide Security Efforts, GAO-05-851 (Washington, D.C.: 
October 2005).
    \33\ GAO, Passenger Rail Security: Federal Strategy and Enhanced 
Coordination Needed to Prioritize and Guide Security Efforts GAO-07-
583T (Washington, D.C.: March 2007).
    \34\ See Pub. L. No. 110-53,  1406, 1513, 1532, 121 Stat. at 405-
08, 433-35, 457-60.
    \35\ For more information, see GAO-06-181T and GAO-07-583T.
    \36\ GAO, Department of Homeland Security: Observations on GAO 
Access to Information on Programs and Activities, GAO-07-700T, 
(Washington, D.C.: April 2007).
    \37\ GAO-07-660.
    \38\ GAO, Aviation Security: Foreign Airport Assessments and Air 
Carrier Inspections Help Enhance Security, but Oversight of These 
Efforts Can Be Strengthened, GAO-07-729 (Washington, D.C.: May 11, 
2007).
    \39\ GAO, Aviation Security: Risk, Experience, and Customer 
Concerns, GAO-07-634 (Washington, D.C.: May 2007).
    \40\ GAO, Aviation Security: Risk, Experience, and Customer 
Concerns Drive Changes to Airline Passenger Screening Procedures, but 
Evaluation and Documentation of Proposed Changes Could Be Improved, 
GAO-07-634 (Washington, D.C.: April 16, 2007).
    \41\ GAO, Homeland Security: Efforts to Improve Information Sharing 
Need to Be Strengthened, GAO-03-760. Washington, D.C.: August 2003, and 
GAO, HIGH-RISK SERIES: An Update GAO-05-207 (Washington, D.C.: January 
2005).
    \42\ GAO-07-454.
    \43\ See Pub. L. No. 110-53,  1203, 121 Stat. at 383-86.
    \44\ See Pub. L. No. 110-53,  1512(d)(2), 1531(d)(2), 121 Stat. 
at 430, 455.
    \45\ GAO-07-660.
    \46\ GAO-07-660 and GAO-05-851.
    \47\ GAO, Aviation Security: Federal Coordination for Responding to 
In-flight Security Threats Has Matured, but Procedures Can Be 
Strengthened, GAO-07-891R (Washington, D.C.: July 31, 2007).
    \48\ GAO-05-851.
    \49\ See Pub. L. No. 110-53,  1541, 121 Stat. at 469.
    \50\ See Pub. L. No. 110-53,  1305, 121 Stat. at 394-95.

    Senator Dorgan. Ms. Berrick, thank you very much.
    Mr. Hawley, let me ask you a couple of questions, first, 
about the Government Accountability Office assessment. One of 
the things they concluded is that the perimeter security at 
airports is probably not sufficient, and the plans, at this 
point, may not be sufficient. All of us who go to airports 
understand the security inside the airport terminal. We go 
through it. We watch it. We experience it. But the security 
with respect to the perimeter of the airport is also very, very 
important. Tell us your assessment of what you are doing in 
that area, and what the progress has been.
    Mr. Hawley. Yes, sir. The--every airport has its own 
security plan that is tailored for their particular 
circumstances, and that does include perimeter security. So, 
first of all, there is perimeter security in place that is 
inspected by us and owned and operated by the airports 
themselves. So, the commentary in the report was, I believe, in 
part, based on some pilot tests that were done and the 
criticism was, ``Hey, you've tested some of this stuff, but 
it's not widely deployed.'' And I would agree that more can be 
done. And it is a partnership that we have with the airports. I 
think, it is--it is important, as you noted, the security 
everybody sees at the front of the airport, it really extends 
to the perimeter and everything inside the perimeter. And I 
think--I view those as equally important, because if we just 
set up a strong perimeter, and don't have security that 
operates on the inside against, perhaps, the insider threat, 
that that's not a good thing. So, we need to have all of that 
covered, and that is what we're doing.
    Senator Dorgan. Mr. Hawley, let me ask about the issue of 
an award made to BearingPoint in 2004, which you're familiar 
with, to do a pilot project to provide transportation security 
credentials to 75,000 workers at various ports, airports, train 
stations, transportation sites. My understanding is that, by 
mid-2006, some $26 million had been spent, and there were only 
4,000 workers in this whole matrix that had cards. Then, in 
2007, TSA awarded a $70 million contract to Lockheed Martin to 
provide credentials to 850,000 individuals. Deployment had been 
expected in March of this year, but apparently a botched 
transfer of data from BearingPoint to Lockheed further delayed 
that.
    I ask this question because I was involved, some while ago, 
in the issue of recruiting for screeners at airports, and we 
found out that the company that did that had actually had 
recruiting sessions at the Waldorf Astoria, in New York, at 
very expensive ski resorts, and so on. And that company, of 
course, was taken to task for that, but I think there was 
pretty sloppy oversight of that company. Tell me about this 
circumstance, where we provide a contract to BearingPoint, 
didn't get the performance; now we provide a contract to 
Lockheed Martin, they couldn't transfer the data. Tell me about 
what's happening. And the reason I ask----
    Mr. Hawley. Well----
    Senator Dorgan.--the question, is because credentialing 
people at these critical sites--airports, train stations, and 
so on--is really important. You've got to know who's there and 
who has access.
    Mr. Hawley. Right. And the problems you mentioned have been 
solved, and it's--we refer to is as the TWIC program, 
Transportation Worker Identification Credential. And it's 
rolling out--in fact, today is the first day they're actually 
physically enrolling transportation workers at the Port of 
Wilmington, Delaware. And the issue there at the transition was 
essentially a technological issue of migrating systems so that 
they would interact with our other vetting systems for aviation 
and the other modes. And there--we were concerned that, if 
there was a problem with that integration, it would not only 
slow down the TWIC part, but would hurt the rest of our 
vetting. So, we took that slowly and carefully, but it is now 
resolved. That's--that was a lot of the concern that everybody 
had, frankly, this spring. But now Lockheed Martin is in place, 
those issues are behind us, and cards are being issued as we 
speak.
    Senator Dorgan. And you feel there is ample and proper 
oversight by the agency?
    Mr. Hawley. There is. The security measures--and this also 
is--a GAO report was critical of a lot of the pieces behind the 
TWIC program; and those, we did address, have addressed, and I 
believe they are resolved, at this point.
    Senator Dorgan. The GAO report was critical of the 
oversight and management.
    Ms. Berrick, what is your assessment, having looked at all 
of this, with respect to rail security? Has rail security been 
given short shrift? You know, all of us understand what happens 
when you get on an airplane. And we also understand how little 
of that occurs when you try to get on Amtrak or a passenger 
train. Has rail security been given short shrift here?
    Ms. Berrick. I think, compared to all surface modes of 
transportation, TSA and DHS have placed more of a focus on 
passenger rail and mass transit, because, based on intelligence 
information, they view that as a risk-based decision, focusing 
on the area--the areas of surface transportation modes where 
they should be spending their time. So, they've issued security 
directives for passenger rail, they've issued security action 
items. They've hired inspectors to follow up on these 
requirements and work with rail operators to strengthen 
security. We identified areas where they could do additional 
work. For example, we reported that inspectors' roles haven't 
been fully defined. Rail operators aren't completely certain 
whether or not the security directives are mandatory or 
voluntary. There can be increased communication between TSA and 
the rail operators. But we found that they have put more and 
more focus on it, and they're continuing to do that.
    Senator Dorgan. Ms. Berrick, thank you very much.
    I indicated, at the start, before some members were here, 
that Senator Inouye is not able to be at the hearing, and 
Senator Stevens will chair in his absence.
    Senator Stevens, did you wish to go in order of arrival?
    Senator Stevens. Yes. The Senator----
    Senator Dorgan. All right.
    Senator Stevens.--was ahead of me.
    Senator Dorgan. All right. Senator Smith, McCaskill, 
Stevens, Snowe, and Klobuchar would be the order of arrival.
    Senator Stevens. Right, OK. Thanks.
    Senator Dorgan. And I have to be over on the floor of the 
Senate, so Senator Stevens will recognize those Senators.
    Senator Stevens. Thank you.
    Senator Dorgan. Senator Smith?
    Senator Stevens [presiding]. Senator Smith?
    Thank you.
    Senator Smith. Thank you, Senator Stevens--Senator Dorgan, 
as well.
    Mr. Hawley, in my opening statement I referred to the 
testimony of the Government Accountability Office that quotes, 
``While TSA initiated efforts to develop security standards for 
surface transportation modes, these efforts have been limited 
to passenger and freight rail, and have not addressed 
commercial vehicles or highway infrastructure, including 
bridges and tunnels.'' How do you respond to that statement? Is 
that an accurate statement, in your view?
    Mr. Hawley. Well, on the highway side, we've done--we've 
worked with the individual states and the trucking community, 
basically, and are--have started with the hazardous materials 
drivers, those who have the hazardous materials endorsement, 
and we do full checks on those people. So, that is in place 
today, and it really is adding layers as we go. I think the 
bridges and tunnels would be a very high priority, and that is 
something that we work on with the states and also other 
elements of DHS. And the question of exactly what the 
regulatory scheme is, beyond what we have in place for 
hazardous materials, would be the next step, and we are looking 
at the vetting--basically, watch list checking against the CDL 
holders, those who have commercial driver's license. We also 
have a ``See Something, Say Something'' program that is good 
for reporting of suspicious incidents.
    Senator Smith. I understand from your reports, that roughly 
three-quarters of your budget goes toward aviation. That must 
be in response to the threat levels that you hear, or is it for 
some other reason that that's the preponderance?
    Mr. Hawley. It is for another reason. And the reason is 
that the economic model that we use for aviation is--the 
Federal Government actually does the operation of it; whereas, 
in the other modes it's done by State and local and private 
sector. It's a shared responsibility everywhere, but the bulk 
of our budget comes from paying the officers who work in the 
airports.
    Senator Smith. And do you see that shifting, over time, 
more to surface transportation?
    Mr. Hawley. No. No. I think that that's the economic 
model----
    Senator Smith. It's just a function of the State and 
Federal responsibilities.
    Mr. Hawley. Correct.
    Senator Smith. OK. I'm curious, in 2004-2005 we saw 
terrorists attack train systems in Madrid and London, England, 
and I wonder, if we have similar threats, why our focus hasn't 
been more on the rail system.
    Mr. Hawley. Well, I--the focus is on the rail system more 
than, perhaps, it appears. And you will see that in the transit 
communities with our pairing with local law enforcement and 
providing them the technology. And we do VIPR teams with them. 
But, most importantly, for both rail and transit rail, is the 
employee training, and we've seen a major shift to something 
that--in working with the Congress--what we've done is shift 
the priority of the grant money to front-line training, which 
we think has an immediate application to stop terrorist 
attacks. And so, that's on the passenger rail side. On the 
freight rail side, we have an agreement that's in place that's 
already reduced the amount of toxic material that is standing 
unattended in high-threat urban areas. And we're doing a 
regulation now to back that up, but we've already seen the 
improvement.
    Senator Smith. One final question, Mr. Chairman.
    Mr. Hawley, it's been interesting to follow TSA since 9/11, 
and the different kinds of technologies employed, and it seems 
to be getting better and better and more efficient all the 
time. And I'm wondering, as you look into the future, what is 
the best technology for providing security to the American 
people that you see?
    Mr. Hawley. The best technology is the human brain, because 
we're fighting an enemy who, when we put in place something 
that is rigid, will figure a way to go around it. So, we always 
have to have the human element to not allow them--they have 
unlimited time to plan--not allow them the ability to plan a 
perfect attack. But, I think, the technology we're testing now 
in Phoenix to detect explosives on the body, I think that is--
that has been a concern of all of ours, and that's now getting 
in place; and the privacy aspects of that are critical, and 
looking forward to the public debate as we roll that out.
    I think the explosive detection for baggage is moving along 
pretty well, but the main--the big bonus will be when we have 
stand-off explosive detection, to be able to--as people go 
through a lobby area, be able to detect it without forcing them 
to go through a bottleneck.
    Senator Smith. Very good. Thank you.
    Senator Stevens. Senator McCaskill?

              STATEMENT OF HON. CLAIRE McCASKILL, 
                   U.S. SENATOR FROM MISSOURI

    Senator McCaskill. Thank you, Mr. Chairman.
    Mr. Hawley, in December of 2001, according to the IG at the 
Department of Transportation, a senior aircraft technician at a 
foreign repair station in Singapore was found to be a member of 
the terrorist organization al Qaeda. Based on interviews with 
the repair station personnel, the IG determined that this 
technician had photographed U.S. aircraft as potential targets 
for a terrorist attack. That was in December of 2001. That was 
one of several different facts that the IG revealed in a 
scathing report concerning foreign repair stations and security 
issues. There are foreign repair stations located at a minimum 
of five countries that have been identified by the U.S. State 
Department as terrorist safe havens.
    Now, as a result of this report, Congress took it very 
seriously and passed a law, and said, in that law, by 2004, you 
had to promulgate a rule concerning foreign repair stations and 
the auditing and inspection of foreign repair stations for the 
safety of the flying public. By 2000--18 months later, you were 
supposed to be auditing all these foreign repair stations.
    I have here a draft of the rule that was supposed to be 
finished in 2004. This draft was finished in 2005. And nothing 
has happened.
    Now, I know, if we determined there was a member of al 
Qaeda that was traveling on one of our airplanes by one of the 
systems we have in place--there would be an outcry. What I 
can't figure out is why there is no sense of urgency about 
foreign repair stations, especially in light of the fact that 
we have, now, noncertified foreign repair stations that are 
doing significant work. And, by the way, all of these airplanes 
have the right to leave these foreign repair stations, some 
which are in countries we've designated as terrorist safe 
havens, and go directly to an airport and pick up passengers. 
There's no requirement they come back to be looked at again by 
people here in the United States or by any of our systems here 
in the United States. I think it is a disaster waiting to 
happen, and I would like an explanation as to why your agency 
has been unable to promulgate a rule that Congress said had to 
be done by 2004, and this is 2007.
    Mr. Hawley. I can speak to what has happened recently. I 
was not with TSA at that time, and I, frankly, don't have any 
background into what happened there. I think--I know what's 
happening now, which is, in the 9/11 bill, there is a 
requirement for us to put out a rulemaking, and then follow it 
up in 6 months with inspections. And we intend to do that. The 
regulation is working its way through the process, and that 
will kick out when it goes through the review process. And I 
can't exactly predict--except that it is being worked on. And 
as far as the current vulnerability, that is something that we 
look at, with what happens in other countries and people's 
access to the transportation infrastructure, including 
aviation. And, as you know, there are layers that are in place, 
so it is not completely uncovered. It's part of the layer and 
risk management that we look at. And we take the--clearly, the 
requirement put forth by the Congress to make this happen, and 
we will make this happen.
    Senator McCaskill. Well, there is a rule that was drafted, 
and a former employee got it to us, and nothing's happened with 
it. And, I gotta tell ya, as you well know, right now there is 
no rule even requiring background checks. When you've got 
perimeter security issues at many of these foreign repair 
stations, certified and noncertified, I would hate to have 
happen what could happen, and that is, with all the effort and 
time we're taking checking everyone's suitcases and wanding 
everyone's knee replacements, that we've got terrorists working 
under the hoods of these airplanes in foreign countries, and we 
are basically twiddling our thumbs since the Congress mandated 
this, back in 2003. I just hope that you leave this hearing 
with a sense of urgency about the issue of foreign repair 
stations.
    I've got some other questions about airport screenings I'd 
like to address if we get a chance for another around of 
questions.
    Thank you, Mr. Chairman.
    Senator Stevens. Thank you. I'm sure there will be another 
round, Senator.
    Senator Snowe?

              STATEMENT OF HON. OLYMPIA J. SNOWE, 
                    U.S. SENATOR FROM MAINE

    Senator Snowe. Thank you, Mr. Chairman.
    Mr. Hawley, I'd like to follow up on the issue of 
commercial airline cargo and what is the status. I noted, in 
the GAO report, that one of the significant failures, at this 
point, is the inability to develop and implement the 
technologies necessary. For too long, this has--cargo loophole 
has been insufficiently addressed by the Department, and, 
despite the ramping-up of efforts with the passage of the 9/11 
Commission recommendations by this committee last year, and by 
the Congress, clearly this is a major issue and flaw in the 
process. And I would like to hear what you intend to provide 
for an update on this, and why we can't close the gap. I know 
we've got the Known Shipper Program, but, again, that does not 
require extensive screening of the cargo under the Known 
Shipper Program, similar to what, you know, individuals, you 
know, have to comply with when they're going through screening 
at the airports. And certainly this provides another gaping 
hole in our system. And, frankly, it's gone on for far too 
long.
    Mr. Hawley. The report that you mention was a snapshot in 
time, looking backwards over a year ago. And we've been--
Secretary Chertoff has a very high priority of mine, as well 
as--I have my own priority to do this--to meet those issues. 
And we've done exactly that. The--there was a category of 
freight called ``exempted freight,'' and we've gone in and 
required various security measures on that. We've added the 
equivalent of 100 canine teams to focus on the cargo that 
previously had not been inspected. So, that's--that is now 
happening everywhere.
    At the 250 smallest airports, they get exactly the same 
screening as we give for checked baggage. And the 9/11 bill 
that we're talking about here puts in place--I--and I would 
really compliment this committee to work with us on practical 
solutions, a step up from where we are, and we intend to meet 
the requirements under that deadline.
    We also have the canine--170 canine teams were put in 
through the recent appropriation supplemental for air cargo. 
So, we've--we have been driven on the issue of closing any 
vulnerabilities that may have existed on air cargo, and I think 
the picture today is significantly different than it was when 
that report was written--significantly better.
    Senator Snowe. So, what is the percentage of air cargo that 
is now currently screened? And is it done on the--is it 
conducted under the Known Shipper Program? And is that cargo 
actually screened?
    Mr. Hawley. The--I know exactly what you're asking, and, in 
the new law, it says, explicitly, ``You can't use the Known 
Shipper Program to meet the requirements that we're saying.'' 
It says, ``You get 18 months to get 50 percent, and then, at 
the end of 3 years, you've got to be 100 percent, and you can't 
count Known Shipper.'' So, it's very clear on what is required. 
It defines ``screening,'' it defines what the system is 
required to do, the timeline. And I think it is workable. And, 
again, I would thank the Committee for working with us to get 
something that is workable and we will do it.
    Senator Snowe. I know the Inspector General report in 
August indicated that there were a dearth of screeners for 
cargo. So, what is the ratio of cargo screeners to airports?
    Mr. Hawley. Well, we don't assign our officers to the cargo 
side. The--where we do that is with either the law enforcement 
officer paired with a canine, our security inspectors--and 
we've got about 1,000--and then the airlines themselves have to 
do screening.
    Senator Snowe. And so--but what is--so, what's the actual 
number, though? I mean, isn't that something that you ought to 
be concerned about?
    Mr. Hawley. Well, we use our transportation security 
officers for screening people, and we do have them go in the 
back of the airport, including cargo, to do checks on the 
people working there. But the actual screening is not done by 
those officers, it's done either by the canine teams, who are 
not TSOs, our inspectors, or airline personnel.
    Senator Snowe. Ms. Berrick, can you comment on Mr. Hawley's 
response to cargo screening? Because this is a critical issue, 
and a major gap in our system that obviously needs to be 
rectified. And what would you--in response to his--the answer 
with respect to the timeline for achieving it?
    Ms. Berrick. Sure. GAO actually looked at two aspects of 
air cargo. One was cargo domestically transported to the United 
States, and we also looked at cargo from foreign countries 
coming into the United States. One point we made was that, for 
domestic air cargo security, TSA does have a lot of actions 
underway and are moving in the right direction to strengthen 
cargo security. We had a number of recommendations and things 
they can be doing, more.
    In terms of inbound air cargo coming into the United 
States, that's much more in the early stages, in terms of both 
TSA and CBP ensuring the security of this cargo.
    But, I think, probably the most important points we made in 
our report was that foreign countries that also secure their 
cargo were using some measures that potentially could be used 
in the United States. For example, some countries have a more 
robust program to verify indirect air carriers, freight 
forwarders who consolidate cargo. And they over--they're pretty 
rigorous in their oversight over these entities, which isn't 
currently happening in the United States. Also, some foreign 
countries have extra security procedures at airports where 
cargo is stored, or they have guards monitoring the cargo. 
People have to be physically screened if they go into the 
facility. Here in the United States, the cargo is on the 
airport grounds, which has its own security program, but it 
doesn't have that extra layer of security.
    Also, some other countries are using technologies to screen 
cargo--radiation detection monitors. They're also using large 
X-ray machines to screen a portion of air cargo. And other 
countries are also, similar to TSA, working to increase the 
amount of cargo that they screen. And, in fact, some view the 
United States--the risk of shipping cargo to the United States 
as higher, so some countries actually do additional security 
screening for cargo that's bound for the United States.
    But I think that the lessons from our report--a good lesson 
is the fact that other countries do have mechanisms in place to 
strengthen cargo screening, and some of these, potentially, 
could be considered and may be applied in the United States.
    Senator Snowe. Thank you.
    Thank you, Mr. Chairman.
    Senator Stevens. Thank you.
    Senator Klobuchar?

               STATEMENT OF HON. AMY KLOBUCHAR, 
                  U.S. SENATOR FROM MINNESOTA

    Senator Klobuchar. Thank you, Senator. Thank you.
    Five years ago, the 9/11 Commission provided Congress and 
the American people with a clear assessment of the need to 
reform our approaches for security. And I believe that TSA was 
created in 2001--is that correct?--has done some good work. But 
I think of, the assessment that you received in 2005, when ten 
members of the 9/11 Commission issued a report card that found 
that the TSA was either failing or providing unsatisfactory 
progress in a number of key areas. And my questions are really 
to follow up on Senator Snowe, first, about the cargo 
screening, and if you think that the 100 percent goal is 
possible to meet. And I want to clear the record that you did 
say we would meet the goals of the 9/11 Commission 
recommendation bill--I think that's 50 percent of all air cargo 
carried on commercial airplanes screened within 18 months, all 
commercial air cargo screened within 3 years. Is that correct?
    Mr. Hawley. That is correct. Yes, ma'am.
    Senator Klobuchar. And so, do you think it's possible to 
get to 100 percent?
    Mr. Hawley. Yes.
    Senator Klobuchar. How do we do that?
    Mr. Hawley. Yes. And I think Ms. Berrick, in her answer to 
Senator Snowe, outlined a lot of the tools that we're going to 
use. And we have followed, very closely, the work with our 
international partners, and some of those programs are, we 
feel, capable of being implemented here, and some of the 
technology that Ms. Berrick mentioned, that we're not currently 
using, could be configured to use in cargo. So, we are working 
through that right now, and I--this committee was instrumental 
in making it such that we are, in fact, going to be able to do 
it, and get the real screening that doesn't rely on the so-
called Known Shipper Program, that is real screening in the way 
we all know we mean it. And I think the other important piece 
is that--with our international partners--that, as we align 
with them--we are in frequent conversation with our partners 
around the world to have a unified security measure, that, as 
we meet those deadlines, it would be a similar security blanket 
for our trading partners, as well.
    Senator Klobuchar. OK. Thank you.
    Ms. Berrick, I had some questions about the GAO report on 
the passenger screening. I know that the GAO found the lack of 
a standardized process for all airlines when they look at 
cleared lists for passengers, and that they've contributed to 
delays--could you talk a little bit about that and what those 
problems are? I know the Secure Flight Program can't become 
operational until you certify that the TSA has satisfied the 
requirements. What are the barriers to getting that satisfied 
and how do we fix this?
    Ms. Berrick. Sure. In terms of the current process, the 
prescreening of passengers--the way it works is, air carriers 
match passenger information against the terrorist watch list 
that TSA supplies to them to determine if there are any high-
risk passengers that shouldn't be allowed on a flight. The 
problem with the current process is that air carriers all do it 
a little bit differently. Some may have really rigorous methods 
for doing name-matching, others may use a manual process. So, 
theoretically, you could be on one flight with one carrier and 
not be a match, get on the plane with no problem; you could be 
with another carrier, and be a match, because your name sounds 
similar to someone that's on the terrorist watch list. So, with 
the development of Secure Flight, if Secure Flight operates as 
intended, it should correct that problem, because the 
government will be taking over the function, they'll be doing 
the name-matching consistently, they'll be using a more robust 
methodology to match passenger information. And it also 
provides a security benefit, in that the government won't have 
to provide the terrorist watch list to the private sector, 
because right now, again, the carriers are receiving this--some 
carriers contract out with foreign countries, and the foreign 
countries are actually doing the name-matching. So, obviously, 
there are concerns there.
    Secure Flight, in the past we've reported that the reason 
the program has had problems--again, this is in the past--was 
that TSA wasn't following a disciplined development process. 
There is--TSA even has procedures on how you go about 
developing systems like this. And, in the need that they felt 
to implement the program quickly, some of those requirements 
were bypassed. Since that time, TSA has stood down and 
rebaselined their program consistent with GAO's 
recommendations. They've taken a lot of positive action to help 
ensure Secure Flight's success, including following more 
disciplined processes, bringing in people with the appropriate 
skills.
    We're still looking at Secure Flight. And, in fact, we're 
going to be reporting, in response to the 9/11 Act, in January 
of 2008 on what our assessment is of TSA's progress. Right now 
it's too early for us to conclude whether----
    Senator Klobuchar. Do you know how long it will take to get 
it certified, and what the timetable is?
    Ms. Berrick. Well, one of the things we've been asked in 
the 9/11 mandate was to look at TSA's time-frame for fielding 
the program to determine whether or not we think it's 
reasonable. So, that's one of the things we'll report in 
January. We don't have an answer yet on that.
    Senator Klobuchar. Mr. Hawley, do you want to add anything?
    Mr. Hawley. I think that's a good summation. And I think we 
now have got the program in good shape. The rule is out. We've 
had the public comment. We're going to be closing off public 
comment and writing the final rule, and then the various 
certifications. We're about a third of the way through from our 
end, of that work. And it will come down to the funding level 
for FY08 as to exactly how fast the program progresses.
    Senator Klobuchar. Ms. Berrick, back to the issues you 
raised about the privacy concerns. So, the actual names of the 
people on this list are going to foreign governments, or what's 
happening?
    Ms. Berrick. In some cases, under the current process, air 
carriers who do, again, the matching, they'll contract out and 
have a contractor do the matching. In some cases, they have 
done that with companies located in foreign countries. So, that 
has happened. The majority of carriers don't do that, but some 
have.
    Senator Klobuchar. Should the Congress take seriously the 
reports that airlines have supplied DHS with substantial 
information on passengers without their knowing it, some of 
these privacy concerns that have been raised?
    Ms. Berrick. We haven't looked at privacy with respect to 
the current process. We are looking at that as a part of Secure 
Flight.
    In the past, we have reported that there were some 
problems, in terms of TSA reporting how they're using passenger 
data during testing of the Secure Flight program. Since that 
time, in our work with TSA, we've found that they've built in 
more privacy safeguards into the program--again, that are 
positive. The recent privacy notice that they've implemented 
has contained information that, in fact, GAO recommended. So, 
we think they're moving in the right direction. But, again, in 
terms of Secure Flight protecting privacy, it's too early for 
us, at this point to draw any conclusions, but we will be 
talking about that in our January report.
    Senator Klobuchar. Thank you.
    Senator Stevens. Senator Thune?

                 STATEMENT OF HON. JOHN THUNE, 
                 U.S. SENATOR FROM SOUTH DAKOTA

    Senator Thune. Thank you, Mr. Chairman. Thank you for 
holding the hearing.
    And thank you, our panelists, for being here today and 
providing some testimony in what is very valuable input on 
TSA's progress toward carrying out the important piece of 
legislation that was passed, the 9/11 Commission Act of 2007.
    We've got about 9 billion, I think, passengers each year 
that use mass transit, about a 2 million a day that fly on the 
airlines, and so, obviously, we have a lot of citizens who 
depend and--upon accessible, affordable, and efficient travel, 
both for commerce and leisure, and that--the same things that, 
you know, we're concerned about, in terms of our vulnerability 
to terrorist attacks, our--those things, even though we've got 
safeguards and everything in place, continue to be a concern to 
a lot of people who travel. And, obviously, we want to make--
take every precaution, but try and do it in a way that provides 
as much ease and convenience for people that are traveling as 
possible.
    One question I have with regard to that, Mr. Hawley, is, 
can the TSA implement the provisions of the 9/11 Act, while, at 
the same time, making the airline passenger prescreening 
process more efficient and passenger friendly?
    Mr. Hawley. I think that the parts in the 9/11 Commission 
implementation bill that relate to passenger screening will put 
us in the right direction. In other words, the Secure Flight, 
the watch list matching, those programs, I think, will have an 
immediate--when Secure Flight is up, will have an immediate, 
positive, enormous effect by eliminating the people who are not 
on the watch list, who are somehow told that they are, or think 
that they are; and, when that issue goes away, I think it will 
elevate the spirit of the traveling public, as well as protect 
the security of the list. So, we've got some technology that we 
need to roll out, that we have already started rolling out for 
passenger checkpoints, and so, all of those things are going to 
go toward decluttering the checkpoint, calming the environment 
down so it's not as much of a crush, and that gives us better 
security, it also gives a better experience.
    Senator Thune. How close are we to using some of the 
biometric identifiers? You talked about technology. How far out 
is that? And are these short-term or long-term objectives for 
TSA?
    Mr. Hawley. The ones I mentioned are short-term, immediate-
term, and they're happening now.
    Senator Thune. Right.
    Mr. Hawley. On the biometrics, it's--one of the criticisms 
in the GAO report is that we haven't deployed the biometrics in 
the airport environment. So, that clearly is the next piece for 
us. We've got the--in the port environment, the TWIC card is 
being--enrollments are going on now, so that is the 
sophisticated biometric. The standards are set, and we're 
working with the airport community to get the--the difficulty 
is the interoperable card so that, as required in the 9/11 
bill, when we're talking about flight crews, that there be 
interoperability from airport to airport. So, it's much easier 
to do one airport, but a--but it's much more complicated to 
have the one issued here work at the other. So, that's the 
problem that we're working through. But I think you put your 
finger on it, that's--that is a critical next step in aviation 
security.
    Senator Thune. What--how--and what--when you say ``short-
term,'' what--``long-term time frame,'' what is the time-frame 
on that, would you say?
    Mr. Hawley. The biometrics have been much more difficult to 
implement than any of us expected. And TWIC, as everybody 
knows, has taken longer than any of us would have liked. And it 
come--it is the most sophisticated interoperable biometric 
system in the world. And so, expanding that into the aviation 
environment is not trivial, but I think we've solved most of 
the problems. We now have to figure out, ``OK, how do we--how 
do we actually implement it? And how do we make the back end 
connect to our watch-list-checking in a way that allows us to 
process it all smoothly?''
    Senator Thune. Is the interoperability that you referred 
to, and being able to integrate this on all the airports around 
the country, the limitation on that, is that a technology 
limitation or a funding limitation? Is it a--is it a matter of 
not having enough money to make that----
    Mr. Hawley. It's first the--it's first the technology and 
the operational integration from the point--it's not--nothing 
needs to be invented, but fitting the pieces together is the 
difficult part, and then the money--we'll have a big debate 
about the money. But I think all of us agree it has to happen, 
and the airports have been a great partner in it, and we'll 
work that out.
    Senator Thune. Thanks.
    Ms. Berrick, some of the critics of the U.S. aviation 
security policy argue that there has been too much emphasis 
given to previous attack scenarios, and--for example, 
hijackings, luggage bombs, those sorts of things. Do you agree 
with that assessment?
    Ms. Berrick. I----
    Senator Thune. And why, or why not, I guess is----
    Ms. Berrick. Yes. It--well, in most of our work we look at 
to what extent TSA is using threat information--current threat 
information to drive their decisions. And generally we're 
finding that they do do that. And, of course, they consider 
past threats and try to mitigate those. They also look forward: 
What are the current threats, and where should we be moving, 
you know, in the next 5 to 10 years? So, generally, we've seen 
that they've done that. Related to making risk-based decisions, 
the area where we've probably identified they could do more 
work is related to doing vulnerability assessments on how 
vulnerable are we against these various threats? But they've 
done vulnerability assessments in a lot of different areas. 
We've reported that we think we can--they can strengthen their 
efforts to look at how vulnerable we are. But, pretty 
consistently, in almost all of our work, we've found that TSA 
has incorporated threat information--and, again, not just past 
threat information, but looking forward--to help drive their 
decisions and priorities.
    Senator Thune. Thank you, Mr. Chairman.
    Senator Stevens. Thank you.
    Senator Lautenberg?

            STATEMENT OF HON. FRANK R. LAUTENBERG, 
                  U.S. SENATOR FROM NEW JERSEY

    Senator Lautenberg. Yes, Mr. Chairman. Thanks very much for 
conducting this hearing. We have lots of questions about the 
inability of--a major government agency unable to meet a 
deadline. And it's a consistent problem, it seems to me, 
especially with DHS. I know there are lots of loyal, 
hardworking people there who want to get the job done right, 
they know that it's an enormous responsibility. But yet, a 
deadline for dealing with the security of bridges and tunnels 
in New York/New Jersey region. There is an amendment that I 
authored, the Fiscal Year 2007 Homeland Security appropriations 
legislation, and they were supposed to report by March 1, 2007. 
And I ask you, Mr. Hawley, what's the status of that report?
    Mr. Hawley. The report is complete, and I believe it is 
undergoing--it's a classified report, and it is undergoing 
clearance. But I should also say that anything developed from 
that report, we've discussed with the appropriate officials in 
the appropriate regions, so that there--so that we're not 
holding back information that would allow them to do security 
improvements. It's the--it's basically going through the 
clearance process.
    Senator Lautenberg. Well, this is way past April 2007, in 
case anybody didn't notice the weather change out there.
    When will TSA, Mr. Hawley, begin enrolling workers at the 
Port of New York and New Jersey in the TWIC program?
    Mr. Hawley. It will be soon. I'm trying to figure out how 
to give you an answer without making it one----
    Senator Lautenberg. Me, too.
    Mr. Hawley.--that we can't meet. I think it's going to be 
in the next big series. Obviously, that is the--that is the big 
port community on the East Coast, and there are a couple of the 
smaller ones first to get the system burned in, but it will be 
in the holiday-season/January time-frame that we'll begin in 
the New York region.
    Senator Lautenberg. The 10 or 11 test communities or 
ports--that are identified for establishing the clearance 
mechanism does not include--a port like the Port of New York 
and New Jersey, which is one of the largest ports in the 
country. We're going to smaller ports. And I don't know how 
long we have to stand and wait. If there is any risk at all 
with the people who come in, drive the trucks, and so forth--
now, most of the regular port workers have ID cards--but the 
trucks that come in by the thousands each and every day don't 
have any checks going on there. And I wonder why it is--that it 
doesn't require immediate or critical attention to a port like 
the New York/New Jersey Port, which has exposure to all kinds 
of things that we dread thinking about, like the most dangerous 
2 miles in the country, identified by the FBI, for a terrorist 
attack.
    Mr. Hawley. We've spent a lot of time working with the 
ports there, and there's a lot of security in place. They are 
right in line to get the TWIC program when it rolls out. And, 
as you know, today is the first day we've started issuing them, 
and once we get through this--the first couple of rounds, it 
will----
    Senator Lautenberg. How long might that take?
    Mr. Hawley. Well, I was projecting in the holiday-to-
January time frame.
    Senator Lautenberg. Holiday?
    Mr. Hawley. Holiday this year. Yes, between now and 
sometime in January.
    Senator Lautenberg. That we might----
    Mr. Hawley. Begin----
    Senator Lautenberg.--that we might see a rollout in the----
Port of New York/New Jersey----
    Mr. Hawley. Yes, sir.
    Senator Lautenberg.--and I want to take a moment to ask Ms. 
Berrick--has your office looked at TSA's efforts on assessing 
security of critical infrastructure--bridges and tunnels?
    Ms. Berrick. We do. We do have ongoing work, looking at 
TSA's efforts in that area. We're going to be completing a 
report, probably in the spring of 2008, so it's ongoing. And 
we're finding that TSA is doing what they call, ``corporate 
security reviews,'' where they'll go out to these bridges and 
tunnels and assess the state of security, work with the states 
there. Basically, at this point, it's in the early stages. 
They're getting an understanding of what's being done for 
security. There are some technologies that DHS is pursuing 
related to bridges and tunnels, but it's still relatively in 
the early stages.
    Senator Lautenberg. Mr. Chairman, we've grown accustomed to 
the pace here, and--not to be critical of the witness, but the 
fact is that deadlines made--don't mean that deadlines are met. 
Any deferrals of the serious problems that we might encounter 
on the bridges and tunnels is something that ought not to be 
acceptable, and it isn't.
    Thanks, Mr. Chairman.
    Senator Stevens. Senator Rockefeller?

           STATEMENT OF HON. JOHN D. ROCKEFELLER IV, 
                U.S. SENATOR FROM WEST VIRGINIA

    Senator Rockefeller. Thank you, Mr. Chairman.
    Senator Stevens. Sir.
    Senator Rockefeller. I was going to ask a bunch of 
questions on air cargo, but I understand they've already been 
asked.
    Senator McCaskill. Bunch of them have.
    Senator Rockefeller. So, that means that if I read the 
memos that come out of this, I'll know what the answers were.
    Senator McCaskill. Yes.
    Senator Rockefeller. Or I could ask them.
    Senator McCaskill. You could ask them again.
    Senator Rockefeller. I will.
    [Laughter.]
    Senator Stevens. You know, the famous Simpson statement 
that all the questions have been asked, but not everybody has 
asked them.
    [Laughter.]
    Senator Rockefeller. I am constantly amazed at the 
asymmetry between everybody going through all of this trouble, 
which I thoroughly support and was co-conspirator in writing, 
with their handbags and carry-on bags and all the rest of it, 
and then knowing that, if it's a 4-ounce something, I can put 
it in my checked suitcase, or if I was a terrorist, if it was a 
2-pound bomb, I could put it in my suitcase, and just check it. 
I don't care how many times the question has been asked, I 
don't understand that. I don't understand why we aren't doing 
more on air cargo.
    Mr. Hawley. We are doing more. And we talked a little bit 
about the old report that is now out of date, and some of the 
things that we have done between then and now. I think the 
critical point is that the Committee was instrumental in 
writing the legislation in the 9/11 bill, and I mentioned 
earlier that we expect to meet the deadlines in the bill by the 
terms written in the bill. We understand what they mean.
    Senator Rockefeller. Do you have the money?
    Mr. Hawley. To start? Yes, we're launching, and then, when 
we need more money, we'll tell you. I think, around January 
we're going to know more, in terms of what the----
    Senator Rockefeller. Is OMB releasing to you the money you 
need to do this?
    Mr. Hawley. It isn't a money issue right now; so, yes. But 
it's really at the point of program development. We have enough 
program development money to get it done--to get it rolled out, 
and then we'll figure out what the costs are.
    Senator Rockefeller. See, but that sounds to me--like--what 
you're really saying is, ``We've got good ideas, and we're 
starting to implement some of those ideas, but we're not really 
sure if we're going to have the money.''
    Mr. Hawley. No, no, no.
    Senator Rockefeller. That's what it sounds like to me.
    Mr. Hawley. Well--I'm sorry. The--Ms. Berrick mentioned 
some of the experience the international community has in air 
cargo, and that what we'll be doing is adopting some of those 
methods at--that are compatible with the language of the law, 
and applying those. Some of those do not require congressional 
appropriations, some of them are going to require expenses by 
other parties in the supply chain. I think where the money will 
come in is when we figure out what kind of technology we can 
deploy, at airports, that can handle the cargo that we're going 
to see there, and then we have to fight out who pays for that.
    So, we are----
    Senator Rockefeller. A lot of ``ifs.''
    Mr. Hawley. We--pardon me?
    Senator Rockefeller. A lot of ``ifs.''
    Mr. Hawley. No, we pretty much know what we're doing on the 
program, and it has to be driven down to the operational level 
of exactly the details. So, I think--I mean, I--this is a tough 
deadline, to hit 50 percent in 18 months, and we are accepting 
that challenge, and we will meet that. And I believe that, in 
future years--i.e., 3 years from now--that the 100 percent will 
be done, as well.
    Senator Rockefeller. OK. Oh, boy. Well, good luck. What 
about general aviation? I've done a lot of flying on that, 
which I pay for, when I have to get to West Virginia, because 
we don't have a lot of flight service. And--once, in my entire 
life, I--have been through a screening device. Once. I forget 
the airport. And I know that you have plans for identification 
and things of this sort, but I have the feeling that, in terms 
of what people carry on, and the cargo, the pilots, the 
passengers, nobody really has any idea of who they are, and, 
like in everything else, they're getting a free ride.
    Mr. Hawley. Our--we are working on, as I think we've 
discussed, regulations in that area. We've done risk assessment 
in the GA community to see what the higher-risk aircraft are, 
and what to do about them. And then--so, I would expect, in the 
coming months, that we'll come forward with the--a formal 
program on that. We already are working, as you may know, with 
our international partners on identifying aircraft as they come 
to the United States, and also, with the GA community to, as 
you mentioned, the identity validation of who's flying the 
aircraft. And then, the passenger screening comes behind that.
    Senator Rockefeller. Is it--and, I apologize; it'll just 
take 3 seconds--the--is it not true that if you have the right 
amount of explosives in a King Air, that you could pretty much 
demolish this whole complex?
    Mr. Hawley. You know, I think the answer to that is a 
classified answer, but your point is well taken. Certainly, an 
aircraft of that size loaded with explosives would----
    Senator Rockefeller. I'm not talking about even a jet, just 
a King Air.
    Mr. Hawley. No, I understand. Yes, I'm----
    Senator Rockefeller. Thanks.
    Mr. Hawley. Thank you, Mr. Chairman.

                STATEMENT OF HON. TED STEVENS, 
                    U.S. SENATOR FROM ALASKA

    Senator Stevens. Thank you. Thank you very much, Senator.
    Ms. Berrick, we've got your report, and you touched on it 
in your opening statement, but could you summarize, what does 
your agency think about the progress that has been made on the 
major programs, like TWIC and Secure Flight and cargo security 
and the surface transportation security? Have you judged that, 
relatively?
    Ms. Berrick. Well, we have given an overall assessment on 
TSA's progress in both aviation and surface. In aviation, we 
concluded, if you look at all the legislative requirements that 
Congress passed, Homeland Security Presidential Directives, 
DHS's own plans, for aviation we found that TSA met 70 percent 
of the expectations that were set out for them related to 
aviation. This doesn't include the recent requirements in the 
9/11 Act. In surface transportation security, there were much 
less requirements set out in legislation for TSA. There were 
only five. And we said that TSA met three of the five. So, in 
terms of progress, much more has been done in commercial 
aviation.
    There's definitely becoming, and we're seeing through our 
work, more of a focus on surface modes of transportation.
    Senator Stevens. How is that related to the payment into 
the system from the transportation mechanisms you reviewed? I 
mean, it seems to me that the bulk of the money is coming from 
airline passengers, and yet, part of that is going into the 
other systems. Is that right?
    Ms. Berrick. That's not our--that's not our understanding. 
And we haven't looked specifically at how the fees flow in. I 
know TWIC will be a fee-funded program, the program that you 
mentioned, which is another major effort that TSA is----
    Senator Stevens. But that's, again, airlines.
    Ms. Berrick. I'm sorry?
    Senator Stevens. That's, again, an airline program, right?
    Ms. Berrick. Well, right now it's being implemented at the 
ports. Eventually, it may be implemented to other 
transportation modes, including aviation. Right now, it's just 
being implemented at the ports.
    Senator Stevens. Will it pay for itself?
    Ms. Berrick. That may be a better question for Mr. Hawley. 
I know there were----
    Senator Stevens. Well, let me ask----
    Ms. Berrick.--appropriations----
    Senator Stevens.--him, then. Are these other systems going 
to pay for themselves? You know, I'm a little provincial. 
Seventy percent of our travel is by air. And we're paying, 
every time we travel. I think there are other people, who 
travel in various modes of transportation, that aren't 
contributing to this system. Am I wrong?
    Mr. Hawley. The TWIC cards will be paid for by the people 
buying them. So, that will be----
    Senator Stevens. They're not paying, now, are they?
    Mr. Hawley. We're just starting the implementation. But I 
think your larger point, the transit drivers pay a significant 
part of the--or transit users--pay a significant part of the 
cost. It is paid for out of the municipality where they exist. 
So, in an indirect form, I guess through taxes and also from 
the fare box--but I think your point certainly, in dollars in 
aviation, it is a large chunk of money that comes to the 
Federal Government; in transit, it's dispersed throughout----
    Senator Stevens. Well, I pay an exit tax, as well as a tax 
on my airline ticket. The rail passengers don't do that, do 
they?
    Mr. Hawley. I don't believe they pay a separate tax.
    Senator Stevens. How are we going to get to the time when 
we balance this program so that the people involved pay for the 
security that they're being delivered?
    Mr. Hawley. I think that's a larger societal issue. And--
you know, that it goes to the economic model of how we pay for 
security.
    Senator Stevens. Well, let me get real provincial. In 
airports like ours, why don't we have a line for the local 
residents, and other lines for nonresidents? I would go into 
one of these airports, and they would say, ``Hi, Ted. Take off 
your belt and shoes.'' Now, why can't we get to the point of 
recognition of local people?
    Mr. Hawley. We're working on making the whole process go 
more smoothly. And--I mentioned, earlier, in terms of spreading 
it out, the identity issue--I guess we're feeling that, at this 
point, everybody should have an exposure to some security, 
although we are looking at breaking that up, based on--random. 
So, in other people--some people get shoes, trace detection; 
other people may have, you know, belts or something else.
    Senator Stevens. All right. My last question is this. I saw 
an elderly gentlemen. He was obviously a World War II vet, not 
very articulate; he came through the system, and he set it off. 
And he was having a very difficult time, everyone trying to 
hold wands over him, everything else. He had shrapnel in him. 
Do we have identifications for those people now, so they don't 
have to go through that every time they go through that 
screening?
    Mr. Hawley. No, we don't. However, we do have--we just 
deployed machinery that will make that automatic, so that the 
people with hips and shrapnel or any other implant, basically, 
will not slow them down, so they won't trigger secondary alarm 
when they go through.
    Senator Stevens. How far away is that?
    Mr. Hawley. Well, we have it in Phoenix today, and we're 
going to put some--probably four out in 2008.
    Senator Stevens. Well, what do you do with those people, 
when no one really understands it? That gentleman was put into 
a secure room until someone figured out he was a vet with 
shrapnel in him.
    Mr. Hawley. They usually are able to resolve it at the--
right there are the magnetometer. And if the individual 
requests secondary screening, of course they'll take them back. 
But our officers are extremely well prepared for that 
situation. It happens every day.
    Senator Stevens. Senator?
    Senator McCaskill. Back to foreign repair stations, Mr. 
Hawley, the law that was passed in 2003 also mandated that you 
all begin doing auditing of foreign repair stations. How many 
foreign repair stations has TSA audited in the last year?
    Mr. Hawley. I don't believe that we've audited any.
    Senator McCaskill. And so, you've had no inspectors 
traveling to foreign repair stations, even the five countries 
where there are foreign repair stations that have been 
identified, in April of this year, as--terrorist safe havens?
    Mr. Hawley. Well, the FAA, as you know, has responsibility 
to be in there, and--for the certified areas--and I think we 
discussed, in your previous round, that we're preparing the 
rule, and we'll be deploying our inspectors within 6 months of 
the rule.
    Senator McCaskill. Well, the law specifically gives TSA the 
responsibility to audit for security; FAA just does safety. You 
specifically have been mandated by Congress to audit for 
security, and you're saying that has simply not been done.
    Mr. Hawley. No--I'm saying we intend to meet the obligation 
under the law, that we have to put out a rule that will give us 
the regulatory authority to do it. And, when the rule is out, 
then we go and inspect. And I think the law--the 9/11 law is 
very clear, and it says, ``We want this rule out quickly''--we 
are working on it--and, ``Once you get it out, 6 months later 
you'd better start inspecting,'' and we will.
    Senator McCaskill. I know you keep referring to the 9/11 
law, but I think it's important that you realize that this law, 
in fact, was a 2003 law. It's not the 9/11 law. It's been on 
the books now for 4 years, and the requirements are long past 
due. This is not something that we just passed--and the draft 
rule has been sitting around for a couple of years. So, I hope 
you work on that.
    Let me move to airport screening. I've talked about, a 
major issue, which are these foreign repair stations. This is 
kind of a minor issue, but it's like I said in another hearing. 
The face of our criminal justice system is our municipal 
courts--people who get traffic tickets, even though our 
criminal justice system is a labyrinth of people all over the 
country at various levels doing a myriad of important 
activities to keep our citizens safe. Our face of homeland 
security is airport screening. That's where most Americans are 
getting a sense as to whether or not what we're doing makes 
sense, and whether or not we are comprehensive and proactive in 
our security measures, rather than reactive and inconsistent. 
And I think that many of the things that have occurred--and I 
understand that they couldn't be helped, but the changing of 
what you can take on and what you can't take on--the example 
that Senator Stevens talked about, about the shrapnel, the 
knees, the hips, all of the things, appear to be, sometimes, 
nonsensical. And the one that more people have mentioned to me 
than anything else, and perhaps it's because I'm a woman, is 
mascara. Mascara does not have a different consistency than 
lipstick. You can smear either one. Lipstick's OK, mascara 
isn't. And the reason I think women have mentioned this to me 
is that--every other makeup product you can get, you can get in 
a powder form or lipstick, you can get it in a tube form, which 
is OK. Mascara is the only one that doesn't come in a powder 
form, which means, if someone wants to avoid having to check a 
bag, they have to put mascara in the little bag, which means 
it's not in their purse. If they're on the airplane, they don't 
want to carry the mascara along with the shampoo in their 
purse. And no one can explain to me why mascara is different 
than lipstick. I haven't gotten a good explanation. So, I 
figured I'd ask the boss.
    Mr. Hawley. OK. If you can--if you dump it out on the 
table, and it retains its form, it's OK. If you dump it out on 
the table, and it kind of goes like that, then it needs to be 
in the 3-ounce container, put in your baggie. And what quite a 
lot of people do every day is put whatever it is they want into 
that baggie, they--and carry it on, and have access to it 
during the flight. So, it's actually, I think, a pretty 
convenient way of bring it on.
    Senator McCaskill. I don't think you've talked to enough 
women.
    Mr. Hawley. No, I--well, we've--we do. We have a lot of 
work to make these things comfortable for people. The fact of 
the matter is, it's not nonsensical, and there are people 
trying to blow up aircraft using liquid explosives. And this is 
the way that we worked with the National Laboratories, the FBI, 
a lot of testing to determine what is a safe way to allow men 
and women to bring whatever they want onto the aircraft. What 
do you do for people who need medicines? What do you do for 
infants? What do you do for breast milk? All of those things, 
we've addressed and figured out a way that accommodates the 
security need, which is a very real threat, I can assure you, 
and also the passenger customer-service needs so they can 
travel without necessarily checking a bag.
    Senator McCaskill. Well, I quarrel with the notion that you 
can dump mascara out on a table. And I hope the next time we 
have a hearing, that you are as righteously indignant about 
foreign repair stations and terrorists potentially working 
under the hood of airplanes as you are about the mascara.
    Thank you, Mr. Hawley.
    Senator Stevens. Senator Lott?
    Senator Rockefeller. Oh, I'm sorry, he hasn't spoken----
    Senator Lott. Please go ahead.
    Senator Stevens. Go ahead. He hasn't had a first round. 
That's why I called him. Go ahead.
    Senator Rockefeller. I defer to Mississippi.
    Senator Lott. No, please go ahead.
    Senator Rockefeller. OK. All right.
    I want to go back to this cargo thing--you said 50 percent 
will be screened within 18 months, and virtually all of it, 
within 3 years. I don't believe that. And you can tell me that 
it's in your plans. I think you are both faced with a 
fundamental problem that anybody who works for any 
administration faces. You don't have enough money, you are 
constrained in what you can say, your testimony this morning 
was not written by you, free and clear, it was vetted by the 
Office of Management and Budget; therefore, it has to agree 
exactly with what the Bush Administration thinks. The Bush 
Administration puts homeland security as a side issue, relative 
to some wars that we may be fighting. And I just don't think 
you can get it done. You've got a whole list of things that 
you've got to do--you've got to submit a strategic plan to 
Congress, timelines, testing, you've got a great many things 
you have to do before you start to spread this out to the big 
airports, much less the small ones. And if it isn't all of 
them, since I consider Ames, Iowa, just as vulnerable as I do 
New York City. I do. You may not, but I do. I don't see any way 
that you can get it done, and I don't see what's wrong with 
your telling us that--frankly, you don't think you can, and 
what you really need is a whole lot more money and a whole lot 
more emphasis and a whole lot more pushing from the 
Administration.
    Mr. Hawley. That, sir----
    Senator Rockefeller. You could get fired, but, you'd be 
telling the truth.
    Mr. Hawley. Well, I can tell you the--a year ago, I would 
not have thought that we could do 100 percent screening in 3 
years, et cetera. Now I do. And the reason I do is because--and 
I said, at the beginning, this committee worked with us to go 
through the provisions of the law that it--was enacted--that is 
a doable deal, and it is something that we could explain over a 
period of time--and I could give you a briefing--and it would 
show you--and it is a layered and shared responsibility that 
involves the inspection, the screening of a variety of methods, 
and then securing the supply chain along the way, so that each 
step along the way there's some screening that will get to the 
same commensurate level with passenger--or checked-baggage 
screening by the time it gets to the airport. And it's a very 
well-developed program, and a lot of it we've taken from our 
European partners, specifically the U.K. So, this one--I mean, 
there's--you're right, there are 117, 120 taskings in this law 
for TSA, and we take them all seriously. This one, I personally 
was involved in the language and understanding what could be 
done, because I understand how tough it is. And we originally 
had had veto, as you may recall, on this provision, as it was 
earlier in the process, but this was not the subject of a veto 
threat because--and I give this committee tremendous credit, 
really, for sitting down and working through the thorny details 
of how we actually will do it. So, I've--this one, I believe--
regardless of what anybody else says, this one I personally was 
involved in, and I believe we are going to meet that.
    Senator Rockefeller. OK. Thank you.

                 STATEMENT OF HON. TRENT LOTT, 
                 U.S. SENATOR FROM MISSISSIPPI

    Senator Lott. Mr. Chairman, if I could, just--I have a 
couple of questions here.
    [The prepared statement of Senator Lott follows:]

  Prepared Statement of Hon. Trent Lott, U.S. Senator from Mississippi
    I am pleased that the Commerce Committee is having this hearing to 
get an update from the Transportation Security Administration (TSA) on 
it's implementation schedule of the recently enacted 9/11 bill. I would 
like to thank both of our distinguished witnesses for being here today.
    I think the work that Mr. Hawley has done at the TSA so far is 
commendable. In the past I have stressed that TSA needs to take a 
common sense approach to security and I think he has done that so far.
    One area that I believe that the Department of Homeland Security 
and TSA need to really focus on is the use of technology to improve the 
screening process. There are many promising technologies that exist, 
the challenge is to test and deploy them expeditiously. I am afraid 
that in many cases this is just taking too long. Our screeners deserve 
to have the best tool possible to do their jobs. Terrorists are 
constantly changing their methods and tactics, we need to adjust as 
well.
    I encourage TSA to continue to look for practical and innovative 
ways to address security concerns that face our transportation systems. 
Thank you, Mr. Chairman and I look forward to hearing from our 
witnesses.

    Senator Lott. Mr. Hawley, the GAO testimony points out 
that, while TSA has developed the so-called backscatter 
technology, ``limited progress has been made in fielding this 
technology at passenger screening checkpoints.'' And, as you 
know, I've long been an advocate of using innovative technology 
to screen passengers and baggage to move the process along and 
to also be more thorough. I understand that the testing has 
indicated the technology is very effective at detecting 
explosives and weapons that might be concealed on a person. Is 
that correct? And why are you still experiencing delays 
fielding the backscatter technology?
    Mr. Hawley. The backscatter technology is, as you know, 
tested in prototype, and we are satisfied with its work. We're 
going to continue to work with it. But it is--it's meeting 
expectation, and I expect that we will continue the deployment. 
We've talked about adding additional cities after Phoenix. I 
also should point out that we've--we are deploying a 
significant amount of new technology at the passenger 
checkpoint for carry-on bags, which is a very significant 
deployment of technology----
    Senator Lott. And you are doing that in pilot areas, aren't 
you?
    Mr. Hawley. Well, on the checkpoint technology for the 
passenger bags, we've already done the pilot, and we've put out 
a buy to get about 250 of the machines right away.
    Senator Lott. All right, sir. So, you're still planning on 
trying to go forward with fielding this technology----
    Mr. Hawley. Yes, sir.
    Senator Lott.--correct? Uh-huh.
    One of the problems, I suspect, is that TSA doesn't have 
direct control over research and development, but they still 
have to deploy it. The research and development is done by DHS. 
You've got one agency doing the research and development, 
you've got another agency that is charged with deploying it. It 
seems to me like that's the typical Federal Government 
bureaucratic process.
    Ms. Berrick. We are actually looking at that, as it relates 
specifically to checkpoint technologies. And, as you mentioned, 
Department of Homeland Security, their Science and Technology 
Office, has a role. They manage all research and development. 
And TSA is a major customer of that.
    What we found was, although DHS Science and Technology 
manages research for all of the components, all of the 
components are involved in the requirements for those programs, 
so there'll be working groups where TSA would be a part of it 
and could identify to DHS what their requirements are.
    We did see some break-downs, though, in communication and 
coordination. There's a Memorandum of Understanding between DHS 
and TSA on how they're going to work together with 
technologies. And there have been complaints from both sides 
that that hasn't been fully implemented. So, we're exploring 
this further as a part of our work, but--we have found that 
there have been some breakdowns in communication, but we are 
seeing that TSA is definitely very much a part of that process 
and are communicating with S&T in what their requirements are.
    Senator Lott. I wish you would pursue that, because, again, 
it appears to me that things are better at these airport 
terminals. I still see things that, you know, defy common 
sense, and I still wonder why it takes so long to employ new 
technology or new processes.
    For instance, Mr. Hawley, the Registered Traveler plan, 
that was delayed and delayed and delayed and delayed. I guess 
it's been implemented. Is it being utilized very much? What's 
happening with that?
    Mr. Hawley. It's out there, and we've got seven operations 
where passengers are going through. And we've got----
    Senator Lott. ``Seven operations,'' you mean seven----
    Mr. Hawley. Airports.
    Senator Lott.--airports?
    Mr. Hawley. Yes. And about 48,000 people have signed up. 
And so, it is up. It is not running at full speed, I don't 
think. I certainly wouldn't say that, and I don't think----
    Senator Lott. What does it cost a registered traveler to go 
through this process and get whatever it is he or she gets?
    Mr. Hawley. It's about $100, and I think either $28 or $31 
of that is--goes to the background checking that we do. And the 
promise for Registered Traveler is to get beyond the ``cut to 
the front of the line'' privilege, which is what it is now. And 
that's the part that I see as exciting and promising, is 
additional security deployed will help and be able to speed up 
the processing for those people, and other identification 
things that will smooth their way through the airport.
    We do have a shoe scanner that one of the providers put out 
there, on their own money, which was terrific, and we're 
continuing to work with them to get it to the point where we 
can use it so the people can keep their shoes on.
    Senator Lott. That would be very nice.
    Mr. Hawley. Yup.
    [Laughter.]
    Senator Lott. Thank you very much.
    Mr. Hawley. Yes, sir.
    Senator Stevens. I'm going to put the statement I would 
have made, had I been here at the beginning, in the record 
after Senator Dorgan's comments.
    I do urge that we find a way to deal with some of these 
issues that the Members have spoken about, because we still 
have some legislation that's got to go by--across the floor, 
and I would like not to get so many amendments to that, these 
appropriations bills dealing with this subject. So, I'd like to 
find a chance where we might visit with you, Mr. Hawley, and 
the Chairman, before those bills come to the floor.
    Thank you very much, Ms. Berrick.
    This concludes this hearing. Thank you very much.
    [Whereupon, at 11:31 a.m., the hearing was adjourned.]
                            A P P E N D I X

                    Aeronautical Repair Station Association
                                   Alexandria, VA, October 26, 2007

Hon. Daniel Inouye,
Chairman,
Senate Committee on Commerce, Science, and Transportation,
Washington, DC.

Hon. Ted Stevens,
Vice Chairman,
Senate Committee on Commerce, Science, and Transportation,
Washington, DC.

        Re: Submission to Record for October 16, 2007 
            Hearing on 
            Oversight of the Transportation Security 
            Administration (TSA)
            

Dear Chairman Inouye and Vice-Chairman Stevens:

    We are writing to address issues raised about the use of foreign 
repair stations at the October 16, 2007 hearing on oversight of TSA. In 
particular, it is important that the leadership of the subcommittee 
understand the following about foreign repair station security:

   Foreign repair stations are an essential component of the 
        global aviation system. Without them there would be no 
        international travel.

   Security standards do exist for repair stations based on 
        their location. Such standards come from existing TSA 
        regulations and the International Civil Aviation Organization 
        (ICAO).

   Pushing TSA to quickly produce rules mandating additional 
        security requirements will reallocate limited oversight 
        resources from areas where the threat is greatest.

   Given the broad scope of the aviation maintenance industry, 
        adequate time is needed to review any rules proposed by TSA, 
        and mandates for new repair station security rules by August 
        2008 are unrealistic given TSA's current resources.

    While ARSA understands the concern of the Committee that government 
inaction may be putting the public at risk, we wish to underscore the 
fact that there are both safety and security regulations already in 
place. It is in the best interests of the industry to maintain high 
standards in both of these areas.
Foreign repair stations are an essential component of the international 
        aviation system. Without them there would be no international 
        travel.
    The Chicago Convention of 1944 and ICAO standards require that the 
State of Registry (i.e., the country in which an aircraft is 
registered) oversee the maintenance performed on that aircraft and 
related components, regardless of where the work is performed.\1\ 
Consequently, a U.S. registered aircraft requiring maintenance while 
outside of the U.S. must have that work performed by an FAA-
certificated maintenance provider. Similarly, when an aircraft of 
foreign registry requires maintenance while in the U.S., only a repair 
station certificated or validated by the relevant National Aviation 
Authority (NAA) may perform the work. For example, only a European 
Aviation Safety Agency (EASA)-certificated repair station may perform 
maintenance on an aircraft of French registry within the U.S.
---------------------------------------------------------------------------
    \1\ See, ICAO Annex 8, Airworthiness,  4.2.1(b).
---------------------------------------------------------------------------
    Prohibiting or otherwise limiting the use of repair stations 
overseas would make international travel impossible, since aircraft 
need some level of work performed when they land at their destination. 
Furthermore, foreign authorities may choose to take retaliatory action 
against U.S. counterparts for any restrictions put in place.
    Indeed, it seems such action is possible. In a letter dated October 
22, 2007 from Mark Wilson, Chairman of the EASA Advisory Board, 
Congress's proposals regarding the requirement for additional 
inspections of foreign repair stations and proposed drug and alcohol 
testing were examined. Chairman Wilson stated, ``Adoption of such 
legislative text would bring to an end any possibility to finalise a 
balanced, reciprocal EU-US Bilateral Aviation Safety Agreement (BASA) 
and association Maintenance Implementing Procedures (MIPs) . . .''
    Given this warning, it is necessary for Congress to closely examine 
the effect its proposals will have not just on the traveling public, 
but on the global aviation community.
Security standards do exist for repair stations based on their 
        location. Such standards come from the FAA, existing TSA 
        regulations, and ICAO.
    Domestically, many repair stations located on an airport are 
required to have their personnel undergo criminal background checks 
under TSA regulations if they require unescorted access to the 
designated airport security identification display area (SIDA). 
Therefore, a repair station employee that performs line maintenance for 
an air carrier would have the same 10-year criminal background check 
requirement as an airline mechanic. Many repair stations voluntarily 
implement additional security procedures since the quality and safety 
of their work directly affects their business.
    However, many U.S. repair stations are located miles away from 
airports and perform specialized work on component parts that have been 
removed from the airplane and sent to them for repair. These facilities 
are usually small businesses; thus, imposing undue security burdens on 
them would jeopardize an entire sector of highly-specialized workers. 
Our members understand the need for safety and security, since their 
livelihood depends upon it, and we ask that Congress recognize the 
difference in repair facilities, remembering that our industry shares 
their same goal: maintaining a high level of safety and security.
    Internationally, each country must implement the types of security 
procedures to be followed just as they must do in the safety area. 
These are based on ICAO standards contained in Annex 17 and thus are 
very similar to TSA regulations. They include, but are not limited to:

   A national civil aviation security program with continuous 
        threat monitoring and mandatory quality control procedures;

   Airport security programs for each airport serving 
        international carriers;

   Air operator security programs;

   Background checks for persons implementing security control 
        measures and persons with unescorted access to restricted 
        security areas; and

   Periodic ICAO security audits.

    The professionals at the TSA, ICAO and other countries' security 
oversight organizations have concluded that resources should be focused 
where the threat is greatest. Therefore, FAA foreign repair stations 
working on components and located miles away from an airport are not 
required to implement background checks for their employees. However, 
if they perform line maintenance at an international airport or 
otherwise require access to the ramp area, foreign repair station 
employees would be subject to similar security requirements to their 
FAA counterparts, including background checks.
    Neither domestic nor international security requirements are based 
on whether a person works for an airline or a repair station; they are 
dependent on the degree of access the individual has to an aircraft. 
Further, mandating additional security requirements where none are 
truly needed will reallocate limited oversight resources from areas 
where the threat is greater. This could have the unintended consequence 
of reducing the level of security for the traveling public.
Pushing TSA to quickly produce rules mandating additional security 
        requirements will reallocate limited oversight resources from 
        areas where the threat is greater.
    The testimony given by Assistant Secretary Kip Hawley mentioned 
several of the initiatives TSA is working on to increase safety, from 
highways and rail, to aviation and cargo shipments. Threats exist 
throughout all modes of transportation, and TSA must be allowed the 
opportunity to prioritize its resources to those areas where the threat 
is greatest. During the October 16 hearing, Assistant Secretary Hawley 
testified that the TSA currently is committed to focusing its resources 
on ``high priority items'' facing national security interests.
Given the broad scope of the aviation maintenance industry, adequate 
        time is needed to review any rules proposed by TSA, and 
        Congressional mandates for new repair station security rules by 
        August 2008 are unrealistic given TSA's current resources.
    Congress's recently passed mandate in section 1616 of H.R. 1 
(Public Law 110-53) severely limits the ability of TSA to conduct an 
adequate rulemaking. While ARSA understands Congress's concern over the 
delay, as stated above, TSA must be allowed to prioritize its resources 
and personnel to address the areas with the greatest need. As Secretary 
Hawley stated in his written testimony,

        ``. . . many of the rulemaking requirements mandated in the 9/
        11 Act do not adequately recognize the obligations that TSA 
        must give the many stakeholders affected by proposed 
        regulations and the general public . . . These requirements are 
        time consuming but are time well spent to assure that our 
        regulations achieve their objective in a way that is 
        transparent to stakeholders and the public and does not 
        adversely affect travel and commerce.''

    Furthermore, punishing industry for government inaction sets a very 
dangerous precedent. The penalties in section 1616 hurt repair stations 
and companies who are doing their best to comply with existing law, and 
which do not have the ability or influence to force TSA to promulgate 
these new rules.
    Congress may not have considered the fact that restrictions such as 
those in section 1616 may adversely affect the trade balance between 
the U.S. and other countries, specifically the EU. There are only 698 
FAA-certificated repair stations outside the U.S.; yet there are 
approximately 1,200 EASA-certificated repair stations and numerous 
other NAA-certificated repair stations in the U.S.
Conclusion
    Although ARSA has testified before on this subject, we felt it was 
important to underscore the safety and economic necessity of foreign 
repair stations. With the topic of maintenance overseas gaining more 
and more visibility with the press, it is important to emphasize the 
facts, and not allow legislation or news coverage to be based on fear.
    Furthermore, as the possibility of retaliation by foreign civil 
aviation authorities looms, now is the time for the Senate to look 
carefully at the effect it is having on the international aviation 
community.
    Should you have any questions or require additional information, do 
not hesitate to contact me.
            Regards,
                                        Marshall S. Filler,
                             Managing Director and General Counsel.
                                 ______
                                 
  Response to Written Questions Submitted by Hon. Daniel K. Inouye to 
                     Hon. Edmund S. ``Kip'' Hawley

    Question 1. Can you provide greater detail regarding the efforts 
the TSA is taking to comply with the new requirements in the 9/11 
Commission Recommendations Law, that specifies that 50 percent of cargo 
on commercial passenger aircraft must be screened in 18 months and 100 
percent screening be achieved within 3 years? How does the new system 
compare with current international efforts to screen cargo transported 
on commercial passenger flights?
    Answer. The Transportation Security Administration's (TSA) approach 
to air cargo security is comprised of multiple programs, which form a 
layered security approach to include vetting, screening, and risk-based 
targeting of air cargo to guard against potential attack. To comply 
with the air cargo screening requirements of the Implementing 
Recommendations of the 9/11 Commission Act of 2007, TSA plans to build 
upon established programs and is in the process of developing a 
Certified Cargo Screener Program. Together, enhancements to existing 
air cargo screening requirements and the planned Certified Cargo 
Screener Program will satisfy the requirement that 100 percent of air 
cargo transported on passenger aircraft is screened to provide a level 
of security commensurate with the level of security for the screening 
of passenger checked baggage. The Certified Cargo Screener Program is 
an entirely new program that TSA is developing whereby indirect air 
carriers, third party logistics entities, and shippers will perform 
cargo screening functions and implement secure supply chain security 
practices. The Certified Cargo Screener Program will be a robust 
combination of stringent security standards at the facility and 
personnel level. It will require Certified Screeners to implement 
secure standard operating procedures and utilize chain of custody 
measures that will establish and maintain the security of cargo as it 
moves throughout the supply chain. All Certified Screeners will be 
subject to TSA inspection to ensure that they are complying with all 
applicable program requirements.
    TSA's existing security programs concentrate the responsibility for 
screening cargo to aircraft operators and foreign air carriers, 
utilizing TSA-approved physical and technological screening methods. 
The Certified Cargo Screener Program will similarly require entities 
that are validated and certified to screen air cargo to use TSA-
approved physical and technological screening methods. However, a 
greater level of screening can be achieved because screening will be 
allocated across the air cargo supply chain. By spreading the 
responsibility for screening air cargo to entities other than aircraft 
operators and air carriers, TSA will be able to meet the legislative 
mandate that 100 percent of air cargo transported on passenger aircraft 
be screened to provide a level of security commensurate with the level 
of security for the screening of passenger checked baggage.
    TSA has examined and leveraged the United Kingdom's and Ireland's 
Known Consignor Programs to provide a solid framework for TSA's planned 
Certified Cargo Screener Program. These programs require certification 
of the entity's supply chain security practices and require the entity 
to implement secure standard operating procedures as well as utilize 
chain of custody measures that will establish and maintain the security 
of cargo as it moves throughout the supply chain.

    Question 2. What efforts does the TSA have underway to develop 
``in-line'' explosive detection systems (EDS) systems at airports that 
requested support through the agency's Letter of Intent (LOI) process? 
How long does the TSA expect it will take to deploy in-line EDS systems 
at the airports that require them?
    Answer. The Transportation Security Administration (TSA) welcomes 
the opportunity to make use of the resources provided in the 
Implementing Recommendations of the 9/11 Commission Act of 2007 to 
continue its efforts to expand the number of airports with in-line 
checked baggage screening solutions at those airports where such a 
system is determined to be the optimal solution. The Implementing 
Recommendations of the 9/11 Commission Act of 2007 requires TSA to 
allocate $250 million each Fiscal Year (2008 through 2028) to support 
airport improvement projects to fulfill Letters of Intent for in-line 
baggage screening systems. Of the total amount, $50 million is to be 
allocated to projects at small hub and non-hub airports.
    In February 2006, TSA published an Electronic Baggage Screening 
Program (EBSP) Strategic Framework for identifying airports that would 
benefit from in-line systems, and within that framework we have an 
airport prioritization model (APM) to prioritize airports for Federal 
funding of these checked baggage screening systems.
    Pursuant to the Intelligence Reform and Terrorism Prevention Act of 
2004, in February 2007, DHS turned to the Aviation Security Advisory 
Committee (ASAC) to sponsor a Baggage Screening Investment Study 
(BSIS). The ASAC, comprised of industry stakeholders, outlined a number 
of financing and cost sharing options that could be considered for 
funding in-line systems. TSA is evaluating each of these options, and 
others, to identify the most efficient and cost effective methods for 
deploying these resources to the highest priority airports.
    Because the aviation industry is dynamic and changes to operations 
are sometimes unpredictable, a spend plan is developed each fiscal year 
designating the projects that will be funded using appropriated funds 
for the purchase and installation of checked baggage explosives 
detection systems (EDS). TSA also determines where it is appropriate to 
reimburse airports for eligible costs associated with in-line systems 
that the airports have already built without Federal funding. TSA 
continues to work with its industry partners and the Administration to 
effect the most economical and effective process available to support 
construction of these types of systems.

    Question 3. When do you expect the TSA to begin testing and 
implementing the Secure Flight program? What do you believe to be the 
agency's biggest challenges in implementing the Secure Flight program?
    Answer. The following key milestones for the program are based on 
the President's Fiscal Year (FY) 2008 budget request, but are subject 
to change based on the impact of the Continuing Resolution (CR) and 
final FY 2008 funding:

   Benchmark testing with volunteer aircraft operators--
        December 2007

   Parallel testing begins--Third Quarter FY 2008

   Domestic cutovers begin--Second Quarter FY 2009

    Funding is the biggest challenge for Secure Flight implementation. 
In FY 2007, the program expended $31 million, but the rate used to 
calculate the CR is based on the FY 2007 enacted level of $15 million. 
This rate leaves the Secure Flight program significantly short of 
funding for the duration of the CR. If the CR extends into calendar 
year 2008, TSA will be forced to take steps that would result in 
significant delays to the Secure Flight program. Furthermore, funding 
for the FY 2008 budget at less than the President's requested level 
will delay development and deployment of Secure Flight. The progress 
the Secure Flight program has made in the last year is substantial with 
strong forward momentum. The future of this important aviation security 
program and 9/11 Commission recommendation is in jeopardy unless the 
current funding is resolved.
    Stakeholder understanding and commitment are also important to the 
success of the Secure Flight program. It is a highly visible program 
including diverse stakeholder groups such as the travel industry, 
passengers, Congress, airlines, and privacy advocacy groups. TSA will 
continue to reach out to stakeholders to engage them in the program and 
to obtain input.

    Question 4. What actions has DHS taken to establish standards and 
guidelines for developing and implementing the vulnerability 
assessments and security plans for railroad carriers and over-the-road 
bus operators?
    Answer.
Freight Railroad
    After September 11, 2001, the freight railroad industry developed 
and implemented their own corporate security plans. In an ongoing 
effort to ensure a robust level of security planning, the 
Transportation Security Administration (TSA) in 2007 conducted 
Corporate Security Reviews on all seven of the Class I carriers. These 
reviews include an assessment of a carrier's plan, its implementation, 
and if necessary, TSA recommendations for improvement. TSA's Corporate 
Security Review (CSR) program is one layer of freight rail security 
that TSA will use to inform its regulatory efforts.
    TSA has begun developing the vulnerability assessment and security 
plan regulations for freight railroad carriers required under section 
1512 of the Implementing Recommendations of the 9/11 Commission Act of 
2007. TSA will draw on existing Department of Homeland Security (DHS) 
and private industry knowledge of security planning including the U.S. 
Coast Guard and infrastructure protection security plan regulations and 
the Association of American Railroads industry plan in developing its 
Notice of Proposed Rulemaking (NPRM) required under the Act.
Mass Transit
    TSA has begun developing the concepts that will produce the 
required regulation of security plans for mass transit and passenger 
rail systems. We anticipate the conduct of vulnerability assessments 
will be a component of the required plans. Consultation with the mass 
transit and passenger rail community--including representatives of 
systems, law enforcement and security forces, and employee 
organizations--as well as public safety officials will facilitate the 
development of requirements that meet the statutory requirements and 
reflect operational realities.
    Mass transit and passenger rail systems operating in the Nation's 
sizable metropolitan areas are among the most thoroughly assessed of 
all transportation modes. Since 9/11, they have undergone security 
assessments by the Federal Transit Administration (FTA), the former 
Office of Grants and Training at DHS (for grant funding eligibility), 
the American Public Transportation Association, private sector security 
consultants (funded by DHS grants), and now under the Baseline 
Assessment for Security Enhancement (BASE) program conducted by TSA 
Surface Transportation Security Inspectors (STSIs).
    Through the BASE program, TSA assesses a transit system's security 
posture on the 17 Security and Emergency Management Action Items. The 
Actions Items cover a range of areas that are foundational to an 
effective security program, including security program management and 
accountability, security and emergency response training, drills and 
exercises, public awareness, protective measures for Homeland Security 
Advisory System (HSAS) threat levels, physical security, personnel 
security, and information sharing and security. Particular emphasis is 
placed on posture in the six Transit Security Fundamentals (protection 
of underground/underwater infrastructure; protection of other high 
consequence systems and assets; random, unpredictable deterrence; 
training; exercises; and public awareness). This program is dynamic, 
with regular reviews to ensure assessment tools continue to reflect 
security realities and priorities.
    TSA completed BASE reviews of 45 of the largest 50 mass transit and 
passenger rail agencies, plus 8 others ranked in the 51-100 range in 
size, with the goal of completing the largest 100 by the end of Fiscal 
Year (FY) 2008. Simultaneous with the BASE reviews, TSA engaged each of 
the top 50 agencies directly during January-February 2007 to complete 
self-assessments on their posture in the Transit Security Fundamentals. 
All 50 agencies completed these self-assessments, showing remarkable 
candor in their review of their respective agencies' posture.
    TSA development and implementation of focused security programs and 
initiatives and resource allocations, notably Transit Security Grant 
Program funds, for security enhancement has directly resulted from 
these reviews. Specific examples include the streamlined security 
training initiative, authorization of grant funding for deployment of 
dedicated anti-terrorism teams, and cooperative agreements on risk-
based priorities and targeted mitigation projects through the Regional 
Transit Security Working Groups.
Highway and Motor Carrier
    Many of TSA's surface transportation modal divisions have conducted 
threat, criticality and vulnerability assessments for two to 3 years 
under the CSR process. The process places modal security specialists in 
stakeholder sites for a thorough overview and analysis of the 
stakeholder's security preparedness plans and points of vulnerability. 
Despite the fact that most surface modes have not yet been subjected to 
TSA regulatory requirements for comprehensive security plans, the 
Agency has made significant progress in identifying security gaps and 
in recommending appropriate mitigation tools from industry best 
practices, technology and newly-developed policy guidance. The process 
is especially valuable when it is combined with DHS's intelligence 
offices and linked to timely and credible threat information. TSA is 
expanding its CSR system now with the use of DHS field personnel and 
on-site law enforcement agencies to reach the massive stakeholder 
community.
    TSA is also partnering with the motorcoach industry and is 
developing a set of security action items (SAI) that when implemented 
will provide critical gap closures within the industry. These SAIs are 
being vetted through the industry and other partners.

    Question 5. What progress has TSA made in implementing its surface 
transportation inspection program?
    Answer. Substantial progress has been made in implementing the TSA 
Surface Transportation Security Inspections Program (STSIP) since its 
inception in 2005.
    The surface inspectors develop and implement programs and 
initiatives to improve regional collaboration and coordination to 
ensure security resources are applied in the most effective manner. For 
optimal effectiveness, leadership of the STSIP at Transportation 
Security Administration (TSA) headquarters and regional levels work in 
concert with the Office of Security Operations (OSO) Federal Security 
Directors, the Federal Air Marshal Service (FAMS), and the staffs of 
Transportation Security Network Management (TSNM)-Mass Transit and 
TSNM-Freight Rail. National priorities set by TSNM lead to customized 
security products that are developed in coordination with the STSIP and 
drive the activities of inspectors on the national level. The 
Transportation Security Inspectors (TSIs)-Surface act as fact finders 
and Ambassadors for TSA's security policies and programs in the field.
    The success of this integrated OSO-TSNM approach through the STSIP 
is demonstrated in the achievements made since the STSIP began 
operations in earnest in the fall of 2005. Highlights include:

   TSA has advanced a regional engagement strategy for mass 
        transit security by networking with transit systems in 
        metropolitan areas to: (1) expand visible, random, and 
        unpredictable security activities; (2) facilitate the delivery 
        of security training programs to broader audiences of transit 
        system employees; and (3) make security tools available for use 
        in systems;

   In a coordinated effort involving the Federal Transit 
        Administration (FTA) and the Federal Railroad Administration 
        (FRA), TSA developed several comprehensive security assessment 
        and review programs to determine and elevate the security 
        baseline in passenger rail and mass transit. These programs 
        include the Security Analysis and Action Program (SAAP), 
        Security Directive Reviews (SDR), and the more recent Baseline 
        Assessment for Security Enhancement (BASE) program;

   TSA has completed assessments under the SDR or SAAP programs 
        of multiple rail/transit properties;

   TSA has conducted BASE assessments of 54 transit agencies 
        nationwide, including 45 of the largest 50 transit systems;

   STSIP Inspectors have conducted more than 1,000 Transit 
        Station Profiles and 40 rail and mass transit Operations Center 
        Profiles nationwide. These profiles provide valuable critical 
        infrastructure data and give the Department of Homeland 
        Security (DHS) and TSA an accurate picture of security 
        countermeasures that are in place, the location of the 
        transportation asset, and accurate contact information on each 
        asset;

   In a coordinated effort with the FTA, TSA has engaged with 
        the State Safety Oversight Agencies (SSOA) to support the 
        conduct of on-site security assessments and audits required for 
        heavy rail (i.e., subway) systems under 49 CFR Part 659. The 
        initial effort took place in the Bay Area Rapid Transit (BART) 
        system. The program is expanding dramatically, due in large 
        part to the coordinated Federal effort and engagement with the 
        SSOAs through their biannual conferences;

   TSA has partnered with the FTA, the DHS Offices of Grants 
        and Training and Science and Technology, the American Public 
        Transportation Association (APTA), and the mass transit 
        industry to develop voluntary security standards and 
        recommended practices for both mass transit rail and bus 
        transportation;

   The STSIP participates in the interagency Mass Transit 
        Security Information Sharing Network, a forum comprised of 
        subject matter experts from the Department of Transportation, 
        DHS, TSA, and FTA to streamline Federal information gathering 
        and exchange to support timely decision-making and information 
        products in threat situations, incident response, and normal 
        operations. TSIs-Surface channel and receive information 
        through this process in response to incidents in transit 
        systems in their areas of responsibility as well as during 
        international events and regular drills and exercises;

   TSA has developed a voluntary inspection program of the 
        Nation's freight railroads using the Toxic Inhalation Hazmat 
        (TIH) Freight Rail Security Action Items to elevate the level 
        of security in freight rail yards, storage facilities, and 
        rights of way. To date, STSIs have completed over 1,600 field 
        inspections and interviewed more than 3,000 front-line railroad 
        employees in 46 high-threat urban areas.

    Although TSA has issued a Notice of Proposed Rule Making for rail 
and passenger rail, there does not yet exist a regulatory regime for 
the STSIP. At this stage of its development, the STSIP performs 
voluntary assessments only and is primarily in a supportive and 
facilitative role with the mass transit, passenger rail, and freight 
rail communities.
    Close alignment of the STSIs with TSA strategies ensures an 
integrated approach that has demonstrated success in advancing security 
programs in surface transportation. Priority taskings for the STSIP 
align with national risk-based strategies as described below:

   Security Action Item TIH reviews in freight rail through 
        November 2008.

   BASE reviews of mass transit systems through the completion 
        of the Top 100 systems.

   Security Analysis and Action Program vulnerability and risk 
        assessments in freight and passenger rail environments with 
        special emphasis on high threat urban areas and major passenger 
        rail infrastructure.

   Building a nationwide rail and mass transit infrastructure 
        profile database.

   Supporting Visible Intermodal Protection and Response (VIPR) 
        teams, which consist of varying force packages of Federal Air 
        Marshals, TSIs, Transportation Security Officers, behavior 
        detection officers, TSA explosives detection canine teams, and 
        supporting equipment, that work with local security and law 
        enforcement officials to supplement existing security 
        resources, provide deterrent presence and detection 
        capabilities, and introduce an element of unpredictability to 
        disrupt potential terrorist planning activities.

    In addition to these primary responsibilities, TSIs-Surface are 
actively involved in a variety of other functions critical to TSA's 
surface transportation security efforts. These include:

   Security Incident Response--TSIs are responsible for 
        responding on scene to a significant surface transportation 
        security incident or natural disaster in order to ensure the 
        timely and accurate communication of information to TSA 
        headquarters and the Freedom Center and effective liaison with 
        passenger rail and rail and bus transit systems.

   Heightened Threat Deployments--TSIs staff stakeholder 
        transportation operations centers or emergency operations 
        centers, as directed, during periods of heightened threat in 
        order to provide timely information from the local level to TSA 
        headquarters and the Freedom Center and ensure effective 
        liaison with passenger rail and rail and bus transit systems. 
        Additionally, TSIs support other TSA operations during specific 
        threats (for example, providing support to TSA airport 
        operations during an aviation-specific threat).

   Special Event Support--TSIs provide additional operational 
        and subject matter expertise to multiagency task forces during 
        National Special Security Events (NSSE) or other high threat 
        events.

   Stakeholder Outreach--TSIs establish and maintain 
        partnerships among public and private transportation 
        stakeholders in order to enhance information sharing 
        capabilities, best practice development, and coordinated 
        response planning.

   Transportation Security Grant Program (TSGP)--TSIs 
        participate as subject matter experts to review grant 
        applications under the DHS TSGP.

    TSIs regularly collaborate with other government and private 
industry stakeholders on large scale assessments that cross 
jurisdictions and/or have regional implications.
    TSIs coordinate their activities, when appropriate, with the FRA 
pursuant to the TSA/FRA Memorandum of Understanding (MOU) (September 
2006), which outlines roles and responsibilities of inspectors as well 
as inspection coordination requirements. Additionally, there are MOUs 
between TSA and the FTA and TSA and the Pipeline and Hazardous 
Materials Safety Administration that govern coordination of mass 
transit security and hazardous materials transportation security 
issues, respectively.

   TSIs accompany FRA safety inspectors on their compliance 
        reviews under 49 CFR Part 239 (emergency preparedness plans and 
        programs for passenger/commuter rail).

   TSIs coordinate with other agencies during response to 
        significant security or other incidents that impact surface 
        transportation.

   TSIs regularly participate on regional security roundtables 
        and working groups that include Federal, State, and local 
        governments, as well as industry representatives.

   TSIs collaborate with the SSOAs that have a specific 
        responsibility for security oversight of rail fixed guideway 
        systems under 49 CFR Part 659.

   TSIs regularly participate in local emergency response 
        drills and exercises.

   TSIs participate on TSA VIPR teams, which consist of varying 
        force packages of Federal Air Marshals, TSIs, Transportation 
        Security Officers, Behavior Detection Officers, TSA explosives 
        detection canine teams, and supporting equipment, that work 
        with local security and law enforcement officials to supplement 
        existing security resources, provide deterrent presence and 
        detection capabilities, and introduce an element of 
        unpredictability to disrupt potential terrorist planning 
        activities.

   TSIs participate on National Transit Security Roundtables, 
        which are twice yearly forums that bring together the security 
        chiefs and directors from the top 50 transit agencies (by 
        passenger volume) in a working seminar to develop effective 
        solutions to security challenges.

   TSIs participate in PortSTEP exercises, which are 
        intergovernmental, multi-jurisdictional regional exercises 
        executed through the Area Maritime Security committees.

   TSIs represent TSA in the joint initiative of the American 
        Public Transportation Association Standards Development 
        Committee and Federal security partners (TSA, FTA, and DHS 
        Standards Executive and the Federal Emergency Management 
        Agency) to develop operational and technology security 
        standards.

    Question 6. The 9/11 Commission Recommendations Law requires 
significant levels of cooperation and coordination between the TSA and 
the DOT in order to enhance security while improving efficiency and the 
use of Department resources. Can you describe the efforts that your 
agency is taking to strengthen your relationship with DOT? Are you 
getting the cooperation you need from Transportation Secretary Mary 
Peters?
    Answer. The Department of Homeland Security (DHS), the 
Transportation Security Administration (TSA), and the Department of 
Transportation (DOT) have an ongoing, active, and cooperative 
relationship concerning security matters. Each mode maintains a 
Government Coordinating Council that includes representatives from DHS, 
TSA, DOT, and other appropriate Federal agencies. The tasks from the 
Implementing the Recommendations of the 9/11 Commission Act of 2007 are 
discussed and, as appropriate, are collaboratively addressed through 
these councils. In addition, DHS, TSA, and DOT jointly evaluated the 
requirements of the Act, agreed to the designations of lead agencies, 
and identified points of contact. DHS, TSA and DOT are also cooperating 
through other existing committees, councils, and working groups to 
coordinate research and development, cyber security, and threat 
assessments, HAZMAT regulations, transportation system recovery 
planning, and aviation security operations and planning.

    Question 7. Your testimony suggests that since the budget 
allocations and homeland security appropriations bill were considered 
prior to enactment of the 9/11 Commission Recommendations Law, 
appropriations equal to the funding authorized by it are unlikely. 
Given that these programs and funding levels were provided based on the 
recommendations of the 9/11 Commission, will the President be 
requesting additional funding in FY 2008 either through a Supplemental 
Appropriations request, or a budget amendment?
    Answer. The President has submitted an Amendment to the Fiscal Year 
(FY) 2008 Budget Request to address critical security gaps identified 
in the FY 2007 National Intelligence Estimate. While the Amendment was 
not specifically formulated to address the Implementing Recommendations 
of the 9/11 Commission Act of 2007 requirements, it does contain 
funding for two of the mission-critical items identified by the Act. 
The FY 2008 Budget Amendment proposes $20 million in funding for 10 
additional Visible Intermodal Protection and Response teams which will 
provide protection in multiple modes of transportation as well as $10 
million to support 92 additional K-9 teams for multi-modal coverage (46 
teams through Cooperative agreements and 46 TSA-led teams).

    Question 8. The Department of Homeland Security Appropriations Act 
of 2006 consolidated all of the funding for the Department's research 
and development functions within the Science and Technology Directorate 
(S&T). In August 2006, you signed a Memorandum of Understanding (MOU) 
with S&T which shifted the Transportation Security Laboratory (TSL) 
from TSA to S&T. Do you think this consolidation has weakened the TSL's 
core mission and made the process for certifying EDS for the TSA more 
inefficient? Please explain why or why not.
    Answer. Shifting the Transportation Security Laboratory (TSL) from 
the Transportation Security Administration (TSA) to the Science and 
Technology Directorate (S&T) has not weakened TSL's core mission. As a 
customer of the S&T Directorate, TSA's work remains the number one 
priority of TSL.
    The S&T Directorate is working closely with TSA to ensure that the 
S&T Directorate is meeting TSA's priorities and requirements. TSL has 
accomplished priority certifications and qualifications of equipment 
for TSA, including work with EDS, in a timely fashion.

    Question 9. To what extend has the DHS, the TSA and the TSL 
considered the qualification and certification of EDS for use in modes 
of transportation other than aviation?
    Answer. The Transportation Security Administration (TSA) is 
responsible for certifying and qualifying technology across all modes 
of transportation. The Science and Technology (S&T) Directorate and TSL 
support TSA and other customers in developing solutions that can fill 
their technology gaps. These technology gaps are identified in a 
collaborative process where TSA works with S&T and TSL on a continuing 
and reoccurring basis.

    Question 10. On Wednesday, October 3, 2007, you announced that 
Honolulu, Hawaii, would begin to enroll seaport personnel for TWIC in 
mid-November. That time has arrived and no one with the TSA nor with 
the contractor Lockheed Martin can provide the most basic operational 
information such as how many trusted agents are hired and trained to 
enroll workers; how many fixed and mobile enrollment stations will be 
deployed; or what the enrollment facilities' hours of operation will 
be. How confident are you that this enrollment process will be 
implemented efficiently, successfully, and on time?
    Answer. The enrollment center in Honolulu opened on November 7, 
2007. Lockheed Martin provided Port stakeholders with advance notice of 
the plans for when pre-enrollment and enrollment activities were to 
begin. There are 4 trusted agents staffed at the Honolulu enrollment 
center, with two fixed and one mobile enrollment station. The hours of 
operation are Monday through Friday from 8 a.m. to 5 p.m. However, 
Lockheed is currently evaluating changing these hours to 7:30 a.m. to 
4:30 p.m. in order to better accommodate the workforce.

    Question 11. When can we expect to see the deployment schedule for 
the TWIC program at the other 134 enrollment locations?
    Answer. On October 31, 2007, the Transportation Security 
Administration (TSA) released a general schedule for all 147 enrollment 
locations. TSA and the U.S. Coast Guard expanded the original list of 
134 to 147 based on stakeholder input. This listing provides monthly or 
quarterly deployment time-frames. The list is available to the public 
on TSA's website at www.tsa.gov/twic. As the start of the enrollment 
period for each grouping of ports nears, TSA will post a specific 
enrollment start date in the Federal Register. To date, TSA has 
announced the start of enrollment for 22 locations in the Federal 
Register.

    Question 12. How does an employer go about arranging for a trusted 
agent to enroll employees at its facility?
    Answer. If an employer is interested in arranging for a mobile 
enrollment center, they should contact the Lockheed Martin Operations 
Manager, Stacy Bonnah-DeMoss at 703310-9157 or the Field Coordinator to 
discuss arrangements at the requestor's facility.
                                 ______
                                 
     Response to Written Question Submitted by Hon. Ted Stevens to 
                     Hon. Edmund S. ``Kip'' Hawley

    Question. The recently enacted 9/11 Commission recommendations 
legislation (Pub. L. 110-53) provides significant resources and an 
expanded Letter of Intent program to expedite the installation of in-
line electronic screening systems for the enhanced screening of checked 
baggage at our Nation's airports.
    The Committee was clear on its intent that TSA and the 
Administration should fully utilize the 20 year horizon for LOIs. 
However, the Committee is concerned by rumblings that the 
Administration may be pursuing a limited short-term view of the 
program, which would have detrimental effects on the ability of 
airports to obtain requisite funding from the financial bond markets.
    Is it TSA's intention to issue multi-year Letters of Intent to 
airports for in-line projects? Can TSA assure the Committee that the 
Department will issue multi-year LOIs for in-line systems in FY 2008, 
in accordance with the law?
    Answer. The Transportation Security Administration (TSA) welcomes 
the opportunity to make use of the resources provided for in the 9/11 
Commission recommendations legislation to continue its efforts to 
expand the number of airports with in-line checked baggage screening 
solutions, at those airports where such a system is determined to be 
the optimal solution. TSA will continue to work with its industry 
partners and the Administration throughout Fiscal Year 2008 to affect 
the most economical and effective process available to support 
construction of these types of systems.
                                 ______
                                 
Response to Written Questions Submitted by Hon. Frank R. Lautenberg to 
                     Hon. Edmund S. ``Kip'' Hawley

    Question 1. When will TSA begin enrolling workers at the Port of 
New York and New Jersey in the TWIC program? What about the Port of 
Philadelphia/Camden?
    Answer. Enrollments at the Port of New York and New Jersey are 
currently targeted to begin the week of December 17, 2007. There will 
be a total of 3 sites. The other two will open within a month of the 
opening of the first site. Enrollment at the Port of Philadelphia/
Camden is currently targeted to begin the week of December 10, 2007. A 
second site is targeted for mid-2008. Plans are being finalized for 
these locations and notifications to port stakeholders will begin 
shortly.

    Question 2. Do you believe our Nation's rail and vehicle bridges 
and tunnels are sufficiently protected against terrorist attack? Has 
the Department completed a security assessment of the Nation's rail and 
vehicle bridges and tunnels?
    Answer. The Transportation Security Administration (TSA) considers 
mitigation of risk to underwater transit tunnels as a strategic 
priority. Protecting this infrastructure requires an integrated 
approach aligning Federal capabilities with mass transit and passenger 
rail systems that operate in this infrastructure. To harness Federal 
expertise and advance coordinated effort, TSA convened an interagency 
Tunnel Risk Mitigation Working Group in 2006. This interagency effort 
brings together Subject Matter Experts from a range of relevant fields 
among Department of Homeland Security and Department of Transportation 
organizational elements to identify, assess, and prioritize the risk to 
mass transit and passenger rail systems with underwater tunnels in the 
United States. This effort also assists transit agencies in planning 
and implementing protective measures to deter and prevent attacks as 
well as blast mitigation and emergency response strategies in the event 
of a terrorist attack and/or all hazards incident or event.
    Through regular meetings, this working group has developed 
mitigation strategies, engaged stakeholders, analyzed and applied the 
results of risk assessments, prepared statements of work for testing 
and modeling programs, and integrated the overall risk mitigation 
effort for a cohesive, coordinated, and effective approach. The 
initiative has:

   Identified and assessed risk to all 29 underwater tunnels in 
        the nation;

   Prioritized tunnel risk mitigation based on risk to drive 
        grant funding to most pressing areas;

   Developed strategies for funding future technology research 
        and development aimed at producing novel approaches to this 
        challenging problem; and

   Produced and disseminated recommended protective measures 
        transit agencies may implement to enhance security with 
        available resources or through targeted grant funding.

    These recommended measures derive from the experience gained in 
Federal security assessments and the ongoing work to identify and 
prioritize tunnels and develop a strategic plan to mitigate risk. The 
interagency group is working closely with the transit industry to 
ensure the implementation of protective measures to mitigate risk in 
transit tunnels. TSA security assessments of passenger rail and mass 
transit agencies with tunnel infrastructure include review of 
protective measures implemented to mitigate risk.
    To advance this concerted effort, the Transit Security Grant 
Program has made projects to protect high risk underwater and 
underground assets and systems a top funding priority.

    Question 3. A report on the security of bridges and tunnels in the 
New York/New Jersey region was due last March. When will you submit 
this report to Congress?
    Answer. A classified report, as required by the Department of 
Homeland Security Appropriations Act, 2007, was delivered to the 
Chairman and Ranking Members of the Senate Committee on Commerce, 
Science, and Transportation, the House Committee on Transportation and 
Infrastructure, and the House and Senate Committees on Appropriations 
on October 22, 2007.

    Question 4. Do you know how much funding will be required to better 
secure our Nation's highest-priority bridges and tunnels, especially 
high-priority rail tunnels?
    Answer. The Transportation Security Administration (TSA) 
recognizes, through the assessments it has conducted, that there are 
operational and structural aspects to improving bridge and tunnel 
security and that each bridge and tunnel requires varying approaches to 
achieve the desired level of security. TSA, State and regional 
authorities, and the owners and operators of the highest priority 
bridges and tunnels have focused their efforts primarily on operational 
security solutions that include: establishment of an interagency Tunnel 
Risk Mitigation Working Group, assessment of vulnerabilities of the 
Nation's 29 underwater transit tunnels, development of security 
recommendations and guidelines, assessment of risk mitigation measures 
employed through the Baseline Assessment for Security Enhancement 
Program inspections conducted by TSA Surface Transportation Security 
Inspectors, deployments of Visible Intermodal Protection and Response 
Teams, and increased security awareness campaigns.
    As an example, one of the most symbolic of America's highway 
bridges has been spending approximately $6 million annually just on 
security. They have invested in intruder detection technology and 
personnel to monitor those devices, perimeter fencing, structural 
hardening, and both full- and part-time emergency response staff as 
well as oversight contracts with local law enforcement units. While 
improvements in technology may help displace personnel costs in the 
future, the security needs of just the Nation's most critical bridges 
and tunnels will involve significant costs for many years to come.
    The Transit Security Grant Program funds many operational 
initiatives. In Fiscal Year (FY) 2006, $136 million was awarded under 
the TSGP. About one-third of that amount was awarded for operational 
security improvements in the Nation's most critical tunnels. The FY 
2007 awards have not been finalized.
    Structural security improvements require a substantially greater 
investment. Efforts are underway to determine the requirements for 
security improvements, and ultimately the costs of those improvements, 
at some of the Nation's highest priority underwater tunnels. Structural 
options under consideration include the replacement of antiquated 
structures or hardening existing structures to improve their resilience 
to attack. The costs of these initiatives are roughly estimated to be 
between $100 million to $500 million per structure for hardening and up 
to several billion dollars per structure for replacement.

    Question 5. When will TSA comply with Section 125 of the SAFE Port 
Act of 2006 concerning threat assessments of port truck drivers?
    Answer. The Transportation Security Administration (TSA) 
anticipates completion of the threat assessments for port truck drivers 
by summer 2008. Collection of driver information from all state motor 
vehicle licensing agencies is underway at this time. There is 
substantial variation in the technological capabilities of the states, 
leading some to respond to TSA's request earlier than others. Also, as 
the Transportation Worker Identification Credential is deployed across 
the country we will enroll these drivers and they will go through a 
much more thorough check than the name-based check, and it will be done 
perpetually.

    Question 6. Will the President request sufficient levels of 
security funding for Amtrak's capital and operating needs in the 
Department of Homeland Security's 2009 budget? Do you anticipate that 
Amtrak will be required to use funding from sources other than DHS 
grants for these functions?
    Answer: The Department of Homeland Security has been working in 
conjunction with the Department of Transportation and the National 
Railroad Passenger Corporation to identify and address security needs 
for Amtrak. Historically, Federal grant assistance has been provided to 
Amtrak through FEMA's Grant Programs Directorate both for capital and 
operating needs.
    DHS believes that sufficient levels of security funding for 
Amtrak's capital and operating needs will be included in the 
President's Fiscal Year 2009 Budget Request, and does not anticipate 
additional funding requirements from sources other than DHS grants.

    Question 7. Since the inception of the agency, how many TSA 
employees have notified the Office of Special Counsel of agency abuse, 
fraud, or waste pursuant to whistleblower complaint procedures and are 
still employed by the TSA? How many complainants are no longer employed 
by the TSA?
    Answer. The Office of Special Counsel (OSC) does not provide the 
Transportation Security Administration (TSA) with the names of all 
complainants or the number of employees who have filed complaints 
pursuant to the whistleblower complaint procedures. OSC only notifies 
TSA when OSC determines that it is appropriate for a complaint to 
proceed to mediation or a full investigation. Throughout Fiscal Years 
2006 and 2007, there were 14 active complaints in OSC's investigative 
process. Two of these are still open investigations and one has been 
settled. The remaining 11 have all been closed by OSC with no further 
action taken. Three of these 14 individuals are currently TSA employees 
(one has one of the open investigations, two had cases closed with no 
further action).

    Question 8. What is TSA doing to improve its ability to check 
passenger carry-on bags for explosives?
    Answer. To drive improvement in the screening system nationwide, 
the Transportation Security Administration (TSA) has made covert 
assessments very difficult for our screening workforce, and we 
frequently use high-level vulnerability testing to identify best 
practices in explosives detection. We believe that covert testing is a 
powerful tool to identify vulnerabilities in the system, and we are 
building a culture of heightened awareness of threat items at every 
airport in the country.
    A key to building this culture is the implementation of covert 
drills involving simulated improvised explosive devices (IEDs) for the 
screening workforce. As part of this effort, TSA deployed 5,800 bomb 
test kits to the field and provided intensive onsite training to every 
Transportation Security Officer (ISO). IED recognition is at the 
forefront of our training objectives, and we have incorporated emerging 
threats such as liquid explosives. Today, TSA conducts 2,500 IED 
recognition drills a day, and we are currently conducting a study to 
identify an optimal level and frequency of drills.
    Further, TSA recognized that a more systematic, nationwide 
framework to assess the effectiveness of the screening process and 
identify areas to focus our resources in training and technology was 
needed. Therefore, TSA instituted a comprehensive program to measure 
screening performance called the Aviation Screening Assessment Program 
(ASAP). ASAP is aggressively focused on improving recognition of IEDs, 
and TSA has performed thousands of covert assessments at airports 
across the country in just 6 months. Through ASAP, we are assessing our 
performance every day in every aspect of the screening process.
    Findings from ASAP are reported directly to TSA leadership, and we 
will use these performance metrics to make strategic decisions within 
the screening environment, from the type of equipment TSA purchases to 
the type of training TSA delivers to our TSOs.
    In addition, TSOs undergo extensive individual training using the 
Threat Image Projection (TIP) system, which displays fictional threat 
items within x-ray images of actual passenger bags in order to evaluate 
the ISO's ability to detect threat items. TSO responses are recorded 
and downloaded monthly for analysis and reporting. TIP is a 
multifunctional system that extends well beyond an evaluation tool. It 
provides screeners with real-time experience in detecting threats and 
resolving alarms in passenger baggage. It is an immediate feedback and 
reinforcement system that increases screener accuracy. At a higher 
level, TIP data shows performance trends by airport and nationally and 
these trends help TSA identify national training needs.
    The result of all of these performance assessment efforts is that 
our TSOs are the most tested workforce in the country. TSOs are tested 
every day, on every shift, at every checkpoint in the United States, 
and we believe that this intensive activity will drive the improvements 
we all desire in our explosives detection capabilities.
    To support our IED training initiatives, the Bomb Appraisal Officer 
(BAO) Program has been instituted at our Nation's airports. BAOs spend 
a substantial amount of their time providing IED training to TSOs. 
Their expertise proves invaluable when conducting this training. This 
program is still in the deployment phase, having grown from an initial 
class of 13 to more than 100 BAOs currently in the field. As of October 
2007, BAOs have conducted over 12,500 hours of training to 
approximately 40,000 TSOs.
    In addition to the training and testing of TSOs, we are working 
hard to deploy new explosives detection technology, including 
backscatter and millimeter wave imaging, automated explosives detection 
systems, and other technologies that will play an important role in 
TSA's layered security approach. The deployment of advanced technology 
will be guided by a 5-year strategic plan that has two core goals: (1) 
improving explosives detection capabilities, and (2) developing the 
capacity to detect hostile intent before and during the screening 
process. Examples of this technology include:

   Whole Body Imagers. We are field testing whole body imagers, 
        such as the backscatter and millimeter wave technologies, to 
        quickly and safely screen passengers for prohibited items 
        without the need for physical contact. Field testing is 
        underway at Phoenix, and test sites will be expanded to two 
        other major airports in early 2008.

   Bottled Liquids Scanners. After recently completing field 
        testing at six major airports, we have purchased and are 
        deploying over 200 bottled liquids scanning devices at 
        checkpoints, and are now using a hand-held liquids scanner for 
        non-checkpoint screening locations.

   Hand-Held Explosives Scanners. In the 3rd quarter of the 
        2007 Fiscal Year, we purchased 23 hand-held explosives scanners 
        to supplement the over 50 devices now in use. These devices are 
        mobile and can be used for explosives detection at non-
        checkpoint locations.

   Advanced Technology (AT) X-ray. We have recently completed 
        field testing of AT X-ray equipment for carry-on baggage at 
        four airports. This technology will provide TSOs with enhanced 
        capability to identify and detect threats through improved 
        imagery and analysis tools. We will begin deploying these 
        systems in 2008.

   Checkpoint Automated Carry-On Explosives Detection Systems 
        (Auto-EDS). We are field testing Auto-EDS for inspecting carry-
        on items at four additional airports, and we have plans to test 
        these systems' capabilities to inspect both carry-on and 
        checked baggage at smaller airports. Auto-EDS supports enhanced 
        threat detection through computed tomography X-ray, 3D imagery 
        and automated explosives and weapons detection. A limited 
        quantity of these systems is expected to be deployed in 2008.

   Cast and Prosthesis Scanner. After completing field testing 
        at three airports, we have purchased cast and prosthesis 
        scanners to provide a safe, dignified, and non-invasive way to 
        identify potential threats and clear passengers wearing casts, 
        braces, and prosthetic devices. Deployment activities for these 
        units are expected to begin in 2008.

    We will continue to explore additional technologies to maintain our 
evolving ability to detect prohibited items at checkpoints.
    An initiative critical to the second core goal is Screening of 
Passengers by Observation Techniques (SPOT), a program initiated to 
develop strong behavior observation skills in our TSOs. TSA must not 
make the mistake of focusing so intently on the property individuals 
carry through checkpoints that we miss indicators that an individual 
could be engaged in criminal and/or terrorist activity. SPOT 
systematically identifies high-risk passengers exhibiting significant 
levels of stress, fear, and deception associated with criminal intent, 
allowing our officers to either refer the passenger for enhanced 
screening or to law enforcement.
    Because behavioral screening has a strong record of effectiveness 
in the prevention of criminal and terrorist activity, TSA has 
significantly increased the number of airports with SPOT to now cover 
over 75 percent of the traveling public. To date, TSA Behavior 
Detection Officers have made passenger referrals resulting in 391 
arrests. The program will be expanded to 155 airports in 2008.
    A third initiative strengthening security at our checkpoints is the 
Optimization Program. Through this effort, TSA sends optimization teams 
to airports to observe their checkpoints in action and find ways to 
improve how they operate. The teams are made up of experts in screening 
procedures, staffing models, equipment and checkpoint design, and 
passenger flow, and they improve security by reducing passenger delays 
and frustration and eliminating structural problems that are obstacles 
to an effective screening process. Recommendations from the 
optimization team are presented to the airport's Federal Security 
Director, and every recommendation is tracked at TSA headquarters to 
ensure that airports are provided the assistance they need to be 
successful.
                                 ______
                                 
     Response to Written Questions Submitted by Hon. Trent Lott to 
                     Hon. Edmund S. ``Kip'' Hawley

    Question 1. The GAO's testimony points out that while TSA has 
developed backscatter technology, ``limited progress has been made in 
fielding this technology at passenger screening checkpoints.'' As you 
know, I have long been an advocate of using innovative technology to 
screen passengers and baggage. My understating is that testing has 
indicated that this technology is very effective at detecting 
explosives and weapons that might be concealed on a person, is this 
correct? Why have there been delays in fielding backscatter technology?
    Answer. The Transportation Security Administration (TSA) is 
currently conducting a field operational pilot of whole body imaging 
technology; which includes both backscatter and millimeter wave 
technology. While laboratory testing has validated detection 
capabilities of whole body imaging technology, it is crucial to also 
evaluate technology on its operational effectiveness and efficiency 
prior to procuring technology for full deployment. Additionally, TSA, 
in consultation with the DHS Privacy Office, continues to work closely 
with the vendors in the development of privacy protection algorithms 
that will not diminish the effectiveness of the technology. TSA is 
currently conducting the pilot of backscatter and millimeter wave 
technologies at Phoenix Sky Harbor International Airport and is 
expanding it to Los Angeles International Airport and John F. Kennedy 
International Airport in New York. A pilot using only millimeter wave 
technology is planned for the Miami International Airport. TSA 
anticipates completing the operational pilots by the end of the third 
quarter in Fiscal Year 2008 and will make procurement and deployment 
decisions based on the results of the pilot.

    Question 2. The 9/11 bill requires that TSA develop a strategic 
plan for deploying explosive detection equipment at airport 
checkpoints. What is the status of this plan?
    Answer. The report to Congress required by the Implementing 
Recommendations of the 9/11 Commission Act of 2007, entitled ``Aviation 
Security Report--Development of a Passenger Checkpoint Strategic 
Plan,'' dated September 2007, was delivered to Congress, including the 
Senate Committee on Commerce, Science, and Transportation, on October 
4, 2007.