Homeland Security: Key Cargo Security Programs Can Be Improved	 
(26-MAY-05, GAO-05-466T).					 
                                                                 
U.S. Customs and Border Protection (CBP) has in place two	 
programs to help address the threat posed by terrorists smuggling
weapons of mass destruction (WMD) into the United States: the	 
Customs-Trade Partnership Against Terrorism (C-TPAT) and the	 
Container Security Initiative (CSI). In July 2003, GAO reported  
that these programs had management challenges that limited their 
effectiveness. Given plans to expand both programs, in two	 
recently issued reports GAO examined selected aspects of both	 
programs' operations. This statement is a summary of those	 
publicly available reports.					 
-------------------------Indexing Terms------------------------- 
REPORTNUM:   GAO-05-466T					        
    ACCNO:   A25197						        
  TITLE:     Homeland Security: Key Cargo Security Programs Can Be    
Improved							 
     DATE:   05/26/2005 
  SUBJECT:   Cargo security					 
	     Container security 				 
	     Counterterrorism					 
	     Homeland security					 
	     Inspection 					 
	     Program evaluation 				 
	     Smuggling						 
	     Terrorism						 
	     Terrorists 					 
	     Weapons of mass destruction			 
	     International trade				 
	     Strategic planning 				 
	     Program management 				 
	     Border control					 
	     Border security					 
	     Agency missions					 
	     Customs Service Container Security 		 
	     Initiative Program 				 
                                                                 
	     Customs Service Trade Partnership			 
	     Against Terrorism Program				 
                                                                 

******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO Product.                                                 **
**                                                              **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced.  Tables are included, but    **
** may not resemble those in the printed version.               **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
******************************************************************
GAO-05-466T

United States Government Accountability Office

GAO	Testimony Before the Permanent Subcommittee on Investigations,
Committee on Homeland Security and Governmental Affairs, United States
Senate

For Release on Delivery

Expected at 9:30 a.m. EDT HOMELAND SECURITY

Thursday, May 26, 2005

                  Key Cargo Security Programs Can Be Improved

Statement of Richard M. Stana, Director, Homeland Security and Justice Issues

GAO-05-466T

[IMG]

April 26

HOMELAND SECURITY

Key Cargo Security Programs Can Be Improved

  What GAO Found

In return for committing to making improvements to the security of their
shipments, C-TPAT members receive a range of benefits that may change the
risk characterization of their shipments, thereby reducing the probability
of extensive inspection. Before providing benefits, CBP reviews the
selfreported information contained in applicants' membership agreements
and security profiles. Also, CBP assesses the compliance history of
importers before granting them benefits. However, CBP grants benefits
before members undergo the validation process, which is CBP's method to
verify that their security measures are reliable, accurate, and effective.
Although CBP's goal was to validate members within 3 years, to date it has
validated 11 percent of them. Further, the validation process is not
rigorous, as the objectives, scope, and methodology of validations are
jointly agreed upon with the member, and CBP has no written guidelines to
indicate what scope of effort is adequate for the validation. Also,
although CBP has recently moved to a risk-based approach to selecting
members for validation, it has not determined the number and types of
validations that are needed to manage security risks or the CBP staff
required to complete them. Further, CBP has not developed a comprehensive
set of performance measures for the program, and key program decisions are
not always documented and programmatic information is not updated
regularly or accurately.

The CSI program is designed to target and inspect high-risk cargo
containers at foreign ports before they leave for the United States. It
has resulted in improved information sharing between U.S. and foreign
customs operations and a heightened level of international awareness
regarding securing the global shipping system. Yet, several factors limit
CBP's ability to successfully target containers to determine if they are
high-risk. One factor is staffing imbalances, caused by political and
practical considerations, which impede CBP's targeting efforts at CSI
ports. As a result, 35 percent of U.S.-bound shipments from CSI ports were
not targeted and not subject to inspection overseas-the key goal of the
CSI program. In addition, as of September 11, 2004, 28 percent of the
containers referred to host governments for inspection were not inspected
overseas for various reasons such as operational limitations. One percent
of these referrals were denied by host government officials, generally
because they believed the referrals were based on factors not related to
security threats. For the 72 percent of referred containers that were
inspected overseas, CBP officials told us that no WMD were discovered.
However, the nonintrusive inspection equipment used at CSI ports varies in
detection capability, and there are no minimum technical requirements for
equipment used as part of CSI. As a result, CBP has limited assurance that
inspections conducted under CSI are effective at detecting and identifying
terrorist WMD in containers. Finally, CBP continues to make refinements to
the strategic plan and performance measures needed to help manage the
program and achieve program goals. Until these refinements are completed,
it will be difficult to assess progress made in CSI operations.

United States Government Accountability Office

Mr. Chairman and Members of the Subcommittee:

I appreciate the opportunity to be here today to provide a summary of our
recent reports for you on the Department of Homeland Security's (DHS)
programs to improve the security of the international supply chain, as
well as target oceangoing cargo containers for inspection at foreign
seaports before they arrive at destinations in the United States.

In the aftermath of the terrorist attacks of September 11, 2001, there is
heightened concern that terrorists may try to smuggle weapons of mass
destruction (WMD) into the United States, specifically by using one of the
millions of cargo containers that arrive at our nation's seaports each
year. If terrorists did so and detonated such a weapon (e.g., a
radiological explosive device) at a seaport, the incident could cause
widespread death and damage to the immediate area, perhaps shut down
seaports nationwide, cost the U.S. economy billions of dollars, and
seriously hamper international trade.

DHS and its U.S. Customs and Border Protection (CBP) are responsible for
addressing the threat posed by terrorists smuggling weapons into the
United States. To carry out this responsibility, CBP has in place programs
known as the Customs-Trade Partnership Against Terrorism (C-TPAT) and the
Container Security Initiative (CSI). The C-TPAT program attempts to
improve the security of the international supply chain (flow of goods from
manufacturer to retailer). It is a cooperative program between CBP and
members of the international trade community in which private companies
agree to improve the security of their supply chains in return for a
reduced likelihood that their containers will be inspected. C-TPAT
membership is open to U.S.- and foreign-based companies whose goods are
shipped to the United States via air, rail, ocean, and truck carriers. The
CSI program specifically addresses the security of oceangoing cargo
containers. Under the program, CBP places staff at foreign seaports to
work with foreign counterparts to use risk assessment information to
select, or target, those containers at risk of containing WMD and inspect
them before they are shipped to the United States.

This statement presents a summary of our latest efforts in a series of GAO
reports that evaluate CBP's response to the terrorist threat.1 As
requested,

1A list of related GAO reports appears at the end of this statement.

my testimony will focus on our assessment of CBP's efforts under both
C-TPAT and CSI. Regarding C-TPAT, I will address the following issues:

o  What benefits does CBP provide to C-TPAT members?

o  	Before providing benefits, what approach does CBP take to determine
C-TPAT members' eligibility for them?

o  	After providing benefits, how does CBP verify that members have
implemented their security measures?

o  	To what extent has CBP developed strategies and related management
tools for achieving the program's goals?

Regarding CSI, I will address the following issues:

o  	What factors affect CBP's ability to target shipments at overseas
seaports?

o  	Under CSI, to what extent have high-risk containers been inspected
overseas prior to their arrival at U.S. destinations?

o  	To what extent has CBP developed strategies and related management
tools for achieving the program's goals?

My statement today represents a summary of two unrestricted reports we
have provided to Congress on these programs-that is, our March 2005 report
on C-TPAT2 and our April 2005 report on CSI.3

  Summary

                                 C-TPAT Issues

Our report on C-TPAT noted that C-TPAT members receive a range of benefits
that reduce the level of scrutiny CBP provides to their shipments

2GAO, Cargo Security: Partnership Program Grants Importers Reduced
Scrutiny with Limited Assurance of Improved Security. GAO-05-404
(Washington, D. C.: March 11, 2005).

3GAO, Container Security: A Flexible Staffing Model and Minimum Equipment
Requirements Would Improve Overseas Targeting and Inspection Efforts.
GAO-05-557 (Washington, D.C.: April 26, 2005).

bound for the United States. These benefits may change the risk
characterization of their shipments, thereby reducing the probability of
extensive documentary and physical inspection. Before providing benefits,
CBP uses a two-pronged approach to assess C-TPAT members. First, CBP has a
certification process to review the self-reported information contained in
applicants' membership agreements and security profiles. Second, CBP has
in place a vetting process to try to assess the compliance with customs
laws and regulations and violation history of and intelligence data on
importers before granting them benefits. However, CBP grants benefits to
members before they undergo the validation process, which is CBP's method
to verify that members' characterization of their security measures are
accurate and that the security measures have been implemented.

Regarding the validation process, we found several weaknesses that
compromise CBP's ability to provide an actual verification that members'
supply chain security measures are accurate and are being followed. First,
the validation process is not rigorous enough to ensure that the security
procedures outlined in members' security profiles are reliable, accurate,
and effective. For example, CBP officials told us that validations are not
considered independent audits, and the objectives, scope, and methodology
of validations are jointly agreed upon with the member company. Related to
this, CBP has no written guidelines to indicate what scope of effort is
adequate for the validation to ensure that the member's measures are
reliable, accurate, and effective. Finally, CBP has not determined the
extent to which validations are needed, abandoning its original goal to
validate all members within 3 years because of rapid growth in membership
and CBP staffing constraints. In 3 years of C-TPAT operation, CBP has
validated about 11 percent of its certified members.

We also found weaknesses in some of the tools CBP uses to manage the
program that could hinder achieving the program's goals. The new CBP
strategic plan appears to provide the bureau with a general framework on
which to base key decisions, including key strategic planning elements
such as strategic goals, objectives, and strategies. CBP told us it has
developed some initial performance measures to capture the program's
impact but has not developed a comprehensive set of performance measures
and indicators to monitor the status of program goals. Finally, the C-TPAT
program lacks an effective records management system. CBP's record keeping
for the program is incomplete, as key decisions are not always documented
and programmatic information is not updated regularly or accurately.

Our report contained several recommendations to enhance the C-TPAT
program. Specifically, we made recommendations to CBP to provide
appropriate guidance to specialists conducting validations, determine the
extent to which members should be validated in lieu of the original goal
to validate all members within 3 years of certification, complete
performance measures and a human capital plan, and implement a records
management system for the program. CBP generally agreed with our
recommendations and cited corrective actions the bureau either had taken
or planned to take to implement them.

                                   CSI Issues

Our report on CSI noted improved information sharing between U.S. and
foreign customs operations and a heightened level of bilateral cooperation
and international awareness regarding securing the whole global shipping
system across governments. However, other, negative factors limit CBP's
ability to successfully target containers to determine if they are
high-risk. One such factor is staffing imbalances, which impede CBP from
targeting all containers shipped from some CSI ports before they leave for
the United States. For example, political and practical considerations
have limited the number of staff at some ports. As a result of these
limitations, 35 percent of U.S.-bound shipments from CSI ports were not
targeted and were therefore not subject to inspection overseas-the key
goal of the CSI program. We also noted that CBP's reliance on placing
staff at overseas ports without considering whether some targeting
functions could be performed domestically limits the program's operational
efficiency and effectiveness.

Our report also noted that as of September 2004, 28 percent of the
containers referred to host governments for inspection had not been
inspected overseas. These containers were not inspected for reasons such
as operational limitations that prevented the containers from being
inspected before they left the port. One percent of these referrals were
denied by host government officials, generally because they believed the
referrals were based on factors not related to security threats, such as
drug smuggling. For the 72 percent of referred containers that were
inspected overseas, CBP officials told us that no WMD were discovered,
although they acknowledged that technologies to detect other WMDs have
limitations. Also, considering that the nonintrusive inspection equipment
used at CSI ports varies in detection capability and that there are no
minimum technical requirements for equipment used as part of CSI, CBP has
limited assurance that inspections conducted under CSI are effective at
detecting and identifying terrorist WMD in containers.

The bureau continues to make refinements to management tools needed to
help achieve program goals. Although CBP issued a strategic plan for CSI
in February 2004, the bureau continues to develop three key elements: (1)
describing how performance goals are related to general goals of the
program, (2) identifying key external factors that could affect program
goals, and (3) describing how programs are to be evaluated. Although CBP
has made progress in the development of some outcome-oriented performance
measures, it continues to face challenges in developing performance
measures to assess the effectiveness of CSI targeting and inspection
activities. Therefore, it is difficult to assess progress made in CSI
operations over time, and it is difficult to compare CSI operations across
ports.

Our report made several recommendations to improve the CSI program.
Specifically, we recommended that CBP revise its staffing model, develop
minimum detection capability requirements for nonintrusive inspection
equipment used in the program, and complete development of performance
measures for all program objectives. CBP generally agreed with our
recommendations and cited corrective actions the bureau either had taken
or planned to take to implement them.

Background 	CBP maintains two overarching goals: (1) increasing security
and (2) facilitating legitimate trade and travel. Disruptions to the
supply chain could have immediate and significant economic impacts. For
example, in terms of containers, CBP data indicates that in 2003 about 90
percent of the world's cargo moved by container. In the United States,
almost half of all incoming trade (by value) arrived by containers on
board ships. Additionally, containers arrive via truck and rail. Both
admitting dangerous cargo into the country and delaying the movement of
cargo containers through ports of entry could negatively affect the
national economy. Therefore, CBP believes it is vital to try to strike a
balance between its antiterrorism efforts and facilitating the flow of
legitimate international trade and travel.

Vulnerability of the The terrorist events of September 11, 2001, raised
concerns about

Supply Chain 	company supply chains, particularly oceangoing cargo
containers, potentially being used to move WMD to the United States. An
extensive body of work on this subject by the Federal Bureau of
Investigation and academic, think tank, and business organizations
concluded that while the likelihood of such use of containers is
considered low, the movement of oceangoing containerized cargo is
vulnerable to some form of terrorist

action. Such action, including attempts to smuggle either fully assembled
WMD or their individual components, could lead to widespread death and
damage.

The supply chain is particularly vulnerable to potential terrorists
because of the number of individual companies handling and moving cargo
through it. To move a container from production facilities overseas to
distribution points in the United States, an importer has multiple options
regarding the logistical process, such as routes and the selection of
freight carriers. For example, some importers might own and operate key
aspects of the overseas supply chain process, such as warehousing and
trucking operations. Alternatively, importers might contract with
logistical service providers, including freight consolidators and
nonvessel-operating common carriers. In addition, importers must choose
among various modes of transportation to use, such as rail, truck, or
barge, to move containers from the manufacturer's warehouse to the port of
lading.

C-TPAT Is Part of CBP's Layered Enforcement Strategy

CBP has implemented a layered enforcement strategy to prevent terrorists
and WMD from entering the United States through the supply chain. One key
element of this strategy is the C-TPAT program. Initiated in November
2001, C-TPAT is a voluntary program designed to improve the security of
the international supply chain while maintaining an efficient flow of
goods. Under C-TPAT, CBP officials work in partnership with private
companies to review their supply chain security plans to improve members'
overall security. In return for committing to making improvements to the
security of their shipments by joining the program, C-TPAT members may
receive benefits that result in reduced scrutiny of their shipments (e.g.,
reduced number of inspections or shorter border wait times for their
shipments). C-TPAT membership is open to U.S.-based companies in the trade
community, including (1) air/rail/sea carriers, (2) border highway
carriers, (3) importers, (4) licensed customs brokers, (5) air freight
consolidators and ocean transportation intermediaries and
nonvessel-operating common carriers, and (6) port authorities or terminal
operators. Of these companies, CBP grants importers key program benefits.
According to CBP, program membership has grown rapidly, and continued
growth is expected, especially as member importers are requiring their
suppliers to become C-TPAT members. For example, as of January 2003
approximately 1,700 companies had become C-TPAT members. By May 2003, the
number had nearly doubled to 3,355. According to CBP officials, as of
April 2005, the C-TPAT program had over 9,000 members. For fiscal year
2005, the C-TPAT budget request was about $38 million, with a requested
budget for fiscal year 2006 of about $54 million for program expansion
efforts. As of

August 2004, CBP had hired 40 supply chain specialists, who are dedicated
to serve as the principal advisers and primary points of contact for
C-TPAT members.4 The specialists are located in Washington, D.C., Miami,
Florida, Los Angeles, California, and New York, New York.

CBP has a multistep review process for the C-TPAT program. Applicants
first submit signed C-TPAT agreements affirming their desire to
participate in the voluntary program. Applicants must also submit security
profiles- executive summaries of their company's existing supply chain
security procedures-that follow guidelines jointly developed by CBP and
the trade community. These security profiles are to summarize the
applicant's current security procedures in areas such as physical
security, personnel security, and education and training awareness. Next,
CBP established a certification process in which it reviews the
applications and profiles by comparing their contents with the security
guidelines jointly developed by CBP and the industry, looking for any
weaknesses or gaps in the descriptions of security procedures. Once any
issues are resolved to CBP's satisfaction, CBP signs the agreement and the
company is considered to be certified C-TPAT member, eligible for program
benefits. However, members that are importers must first complete another
review, as described below, before benefits can begin. CBP encourages all
members to conduct self-assessments of their security profiles each year
to determine any significant changes and to notify CBP. For example,
members may be using new suppliers or new trucking companies and would
need to update their security profiles to reflect these changes.

For certified importers, CBP has an additional review called the vetting
process in which CBP reviews information about an importer's compliance
with customs laws and regulations and violation history. Conducted
concurrently with the certification process, CBP requires the vetting
process for certified importers as a condition of granting them key
program benefits. As part of the vetting process, CBP obtains trade
compliance and intelligence information on certified importers from
several data sources. If CBP gives the importer a favorable review under
both the vetting process and the certification process, benefits are to
begin

4For fiscal year 2004, CBP had authorization for 157 positions for supply
chain specialists and support staff, but as of August 2004 had hired only
40 specialists. CBP officials noted that the bureau recognizes the need
for additional permanent positions, and CBP planned to hire, train, and
have in place an additional 30 to 50 supply chain specialists by the end
of calendar year 2004.

within a few weeks. If not, benefits are not to be granted until
successful completion of the validation process, as described below.

The final step in the review process is validation. CBP's stated purpose
for validations is to ensure that the security measures outlined in
certified members' security profiles and periodic self-assessments are
reliable, accurate, and effective. In the validation process, CBP staff
meet with company representatives to verify the supply chain security
measures contained in the company's security profile. The validation
process is designed to include visits to the company's domestic and,
potentially, foreign sites. The member and CBP jointly determine which
elements of the member's supply chain measures will be validated, as well
as which locations will be visited. Upon completion of the validation
process, CBP prepares a final validation report it presents to the company
that identifies any areas that need improvement and suggested corrective
actions, as well as a determination if program benefits are still
warranted for the member.

CSI Is Another Layer of CBP's Enforcement Strategy

Announced in January 2002, the CSI program was implemented to allow CBP
officials to target containers at foreign seaports so that any high-risk
containers may be inspected prior to their departure for U.S.
destinations. Strategic objectives for the CSI program include (1) pushing
the United States' zone of security beyond its physical borders to deter
and combat the threat of terrorism; (2) targeting shipments for potential
terrorists and terrorist weapons, through advanced and enhanced
information and intelligence collection and analysis, and preventing those
shipments from entering the United States; (3) enhancing homeland and
border security while facilitating growth and economic development within
the international trade community; and (4) utilizing available
technologies to leverage resources and to conduct examinations of all
containers posing a high risk for terrorist-related activity.

To participate in the CSI program, a host nation must utilize (1) a
seaport that has regular, direct, and substantial container traffic to
ports in the United States; (2) customs staff with the authority and
capability to inspect cargo originating in or transiting through its
country; and (3) nonintrusive inspection equipment. In addition, a host
nation must meet several operational criteria, including a commitment to
establishing an automated risk management system. To implement the CSI
program, CBP negotiates and enters into bilateral arrangements with
foreign governments, specifying the placement of CBP officials at foreign
ports and the exchange of information between CBP and foreign customs
administrations. CBP first solicited the participation of the 20 foreign
ports

that shipped the highest volume of ocean containers to the United States.
These top 20 ports are located in 14 countries and regions and shipped a
total of 66 percent of all containers that arrived in U.S. seaports in
2001. CBP has since expanded CSI to strategic ports, which may ship lesser
amounts of cargo to the United States but may also have terrorism or
geographical concerns. As shown in table 1, as of February 2005, CSI was
operational at 34 ports, located in 17 countries or regions. For fiscal
year 2005, the CSI budget was about $126 million, with a budget of about
$139 million requested in fiscal year 2006.

Table 1: CSI Operational Seaports, as of February 2005 Country/region CSI
port

Date CSI operations began at port

                 Canada Halifax March 2002 Montreal March 2002

        Vancouver February 2002 The Netherlands Rotterdam September 2002

France Le Havre December 2002 Marseilles January 2005 Germany Bremerhaven
  February 2003 Hamburg February 2003 Belgium Antwerp February 2003 Zeebrugge
            October 2004 Republic of Singapore Singapore March 2003

                    Japan Yokohama March 2003 Tokyo May 2004

                               Nagoya August 2004

                                Kobe August 2004

Hong Kong Special Administrative Region Hong Kong
of China May 2003

                           Sweden Gothenburg May 2003

        United Kingdom             Felixstowe                        May 2003 
                                    Liverpool                    October 2004 
                                   Southampton                   October 2004 
                                   Thamesport                    October 2004 
                                     Tilbury                     October 2004 
            Italy                     Genoa                         June 2003 
                                    La Spezia                       June 2003 
                                     Livorno                    December 2004 
                                     Naples                    September 2004 
                                   Gioia Tauro                   October 2004 
         South Korea                  Busan                       August 2003 
         South Africa                Durban                     December 2003 
           Malaysia                Port Klang                      March 2004 
                                 Tanjung Pelepas                  August 2004 
            Greece                   Piraeus                        July 2004 
            Spain                   Algeciras                       July 2004 
           Thailand               Laem Chabang                    August 2004 

Source: CBP.

CBP then deploys a CSI team, which generally consists of three types of
officials-targeters, intelligence analysts, and special agents. These
officials come from either CBP or U.S. Immigration and Customs Enforcement
(ICE). The team leader is a CBP officer or targeter who is assigned to
serve as the immediate supervisor for all CSI team members and is
responsible for coordinating with host government counterparts in the
day-to-day operations. The targeters are team members responsible for
targeting shipments and referring those shipments they determine are
high-risk to host government officials for inspection. The targeter may
also observe inspections of containers. The intelligence analyst is
responsible for gathering information to support targeters in their
efforts to target containers. In addition, the special agents are to
coordinate all investigative activity resulting from CSI-related actions,
as well as act as liaison with all appropriate U.S. embassy attaches.
Under the CSI program, the targeting of cargo is largely dependent on CBP
targeters' review of information contained within CBP's Automated
Targeting System (ATS) in conjunction with other sources to determine the
risk characterization of a container.5

CSI teams refer any containers they characterize as high-risk to host
government officials for concurrence to inspect. If host government
officials, on the basis of their review, agree that the shipment is
high-risk, they will proceed with an inspection using nonintrusive
inspection equipment (that is, X-ray) and physical examinations, if
warranted. If the host government officials determine, on the basis of
their review, that a shipment is not high-risk, they will deny inspection
of the shipment. For any high-risk shipment for which an inspection is not
conducted, CSI teams are to place a domestic hold on the shipment, so that
it will be inspected upon arrival at its U.S. destination.

Prior GAO Work Disclosed Challenges

We have conducted previous reviews of the C-TPAT and CSI programs and
CBP's targeting and inspection strategy. In July 2003, we reported that
CBP's management of C-TPAT and CSI had not evolved from a short-term focus
to a long-term strategic approach.6 We recommended that the

5For all cargo containers arriving in the United States, CBP uses a
targeting strategy that employs its computerized targeting model, the
Automated Targeting System. CBP uses ATS to review container documentation
and help characterize the risk level of shipments to determine the need
for additional documentary review or physical inspection.

6GAO, Container Security: Expansion of Key Customs Programs Will Require
Greater Attention to Critical Success Factors, GAO-03-770 (Washington,
D.C.: July 25, 2003).

Secretary of Homeland Security work with the CBP Commissioner to develop
for both programs (1) strategic plans that clearly lay out the program's
goals, objectives, and detailed implementation strategies; (2) performance
measures that include outcome-oriented indicators; and (3) human capital
plans that clearly describe how the programs will recruit, train, and
retain new staff to meet the program's growing demands as CBP implements
new program elements. In March 2004, we testified that CBP's targeting
system does not incorporate all key elements of a risk management
framework and recognized modeling practices in assessing the risks posed
by oceangoing cargo containers.7

C-TPAT Grants 	My statement will now focus on the results of our work on
the C-TPAT program.

  Importers Reduced Scrutiny with Limited Assurance of Improved Security

C-TPAT Benefits Reduce Scrutiny of Shipments

In our C-TPAT report we noted that the C-TPAT program offers numerous
benefits to C-TPAT members. As table 2 shows, these benefits may reduce
the scrutiny of members' shipments. These benefits are emphasized to the
trade community through direct marketing in presentations and via CBP's
Web site. Although these benefits potentially reduce the likelihood of
inspection of members' shipments, CBP officials noted that all shipments
entering the United States are subject to random inspections by CBP
officials or inspections by other agencies.

7GAO, Homeland Security: Summary of Challenges Faced in Targeting of
Oceangoing Cargo Containers for Inspection, GAO-04-557T (Washington, D.C.:
March 2004).

                      Table 2: Benefits for C-TPAT Members

                                                            Reduces amount of
                                                        scrutiny provided for
                                                             Benefit members?

A reduced number of inspections and reduced border wait times Yes

Reduced selection rate for trade-related compliance
examinations Yes

          Self-policing and self-monitoring of security activities Yes

Access to the expedited cargo processing at designated
FAST lanes (for certified highway carriers and certified
importers along the Canadian and Mexican borders, as well
as for certified Mexican manufacturers) Yes

Eligible for the Importer Self-Assessment Program and has
priority access to participate in other selected customs
programs (for certified importers only) Yes

A C-TPAT supply chain specialist to serve as the CBP
liaison for validations No

                      Access to the C-TPAT members list No

Eligible to attend CBP-sponsored antiterrorism training
seminars No

               Source: CBP's C-TPAT Strategic Plan, January 2005.

CBP Grants Benefits before Verification of Security Procedures

We also reported that CBP does not grant program benefits until it has
reviewed and certified applicants' security profiles and, for importers,
completed an additional review called the vetting process. According to
CBP, approximately 23 percent of the security profiles it received
contained shortcomings that prevented the companies from being certified
and eligible for program benefits. However, CBP has stated that a company
will not be rejected from participating in C-TPAT if there are problems
with its security profile. Instead, CBP says it will work with companies
to try to resolve and overcome any deficiencies with the profile itself.
Regarding the vetting process, we reported that according to CBP, to date
most members who have been vetted have proven to have favorable or neutral
importing histories. CBP officials told us that not many members have been
denied benefits as a result of the vetting process.

Although CBP does not grant program benefits until it has certified and
vetted members, we reported that neither the certification nor the vetting
process provides an actual verification that the supply chain security
measures contained in the C-TPAT member's security profile are accurate
and are being followed before CBP grants the member benefits. A direct

examination of selected members' security procedures is conducted later as
part of CBP's validation process, as discussed below.

                              Weaknesses Exist in
                             Process for Verifying
                              Security Procedures

As we reported, we found weaknesses in the validation process that limit
CBP's ability to ensure that the C-TPAT program supports the prevention of
terrorists and terrorist weapons from entering the United States. First,
we reported that CBP's validation process is not rigorous enough to
achieve its stated purpose, which is to ensure that the security
procedures outlined in members' security profiles are reliable, accurate,
and effective. CBP officials told us that validations are not considered
independent audits, and the objectives, scope, and methodology of
validations are jointly agreed upon with the member representatives. In
addition, CBP has indicated that it does not intend for the validation
process to be an exhaustive review of every security measure at each
originating location; rather, it selects specific facets of the members'
security profiles to review for their reliability, accuracy, and
effectiveness. For example, the guidance to ocean carriers for preparing a
security profile directs the carriers to address, at a minimum, three
broad areas (security program, personnel security, and service provider
requirements), which contain several more specific security measures, such
as facilities security and pre-employment screening. According to CBP
officials, as well as our review of selected case files, validations
examine only a few facets of members' security profiles. CBP supply chain
specialists, who are responsible for conducting most of the validations,
are supposed to individually determine which segments of a company's
supply chain security will be suggested to the member for validation. To
assist in this decision, supply chain specialists are supposed to compare
a company's security profile, as well as any selfassessments or other
company materials or information retrievable in national databases,
against the C-TPAT security guidelines to determine which elements of the
profile will be validated. Once the supply chain specialist determines the
level and focus of the validation, the specialist is supposed to contact
the member company with a potential agenda for the validation. The two
parties then jointly reach agreement on which security elements will be
reviewed and which locations will be visited.

Moreover, as we reported, CBP has no written guidelines for its supply
chain specialist to indicate what scope of effort is adequate for the
validation to ensure that the member's security measures are reliable,
accurate, and effective, in part because it seeks to emphasize the
partnership nature of the program. Importantly, CBP has no baseline
standard for what minimally constitutes a validation. CBP discourages
supply chain specialists from developing a set checklist of items to

address during the validation, as CBP does not want to give the appearance
of conducting an audit. In addition, as discussed below, the validation
reports we reviewed did not consistently document how the elements of
members' security profiles were selected for validation.

Second, we also reported that CBP has not determined the extent to which
it must conduct validations of members' security profiles to ensure that
the operation of C-TPAT is consistent with its overall approach to
managing risk. In 3 years of C-TPAT operation, CBP has validated about 11
percent of its certified members. CBP's original goal was to validate all
certified members within 3 years of certification. However, CBP officials
told us that because of rapid growth in program membership and its
staffing constraints, it would not be possible to meet this goal. In
February 2004, CBP indicated that approximately 5,700 companies had
submitted signed agreements to participate in the program. As shown in
figure 2, by April 2005, the number of members had grown to over 9,000,
about 4,800 of which had been certified and were thus eligible for
validation. According to CBP, as of April 2005, CBP staff had completed
validations of 550 companies, including 174 importers.

Figure 2: Status of Validating C-TPAT Members, as of April 1, 2005

In our C-TPAT report we noted that CBP has made efforts to hire additional
supply chain specialists to handle validations for the growing membership.
As of August 2004, CBP had hired a total of 40 supply chain

specialists to conduct validations, with 24 field office managers also
available to conduct validations. CBP officials told us the bureau is
currently conducting as many validations as its resources allow. However,
CBP has not determined the number of supply chain specialists it needs or
the extent to which validations are needed to provide reasonable assurance
that the program is consistent with a sound risk management approach to
securing U.S.-bound goods.

Finally, we reported that it would not be possible for CBP to meet its
goal of validating every member within 3 years of certification. Instead,
CBP told us it is using a risk-based approach, which considers a variety
of factors to prioritize which members should be validated as resources
allow. CBP has an internal selection process it is supposed to apply to
all certified members. Under this process CBP officials are supposed to
prioritize members for validation based on established criteria but may
also consider other factors. For example, recent seizures involving C-TPAT
members can affect validation priorities. If a member is involved in a
seizure, CBP officials noted that the member is supposed to lose program
benefits and be given top priority for a validation. In addition, CBP
officials told us that an importer that failed CBP's vetting process would
also be given top priority for a validation. CBP officials have taken this
approach because any importer that fails the vetting process is not
supposed to receive program benefits until after successful completion of
the validation process.

Incomplete Progress

Made in Addressing Management Weaknesses

As we reported, CBP continues to expand the C-TPAT program without
addressing management weaknesses that could hinder the bureau from
achieving the program's dual goals of securing the flow of goods bound for
the United States and facilitating the flow of trade. First, we reported
that CBP is still developing an implementation plan to address the
strategies for carrying out the program's goals and those elements
required in a human capital plan. For example, CBP said it has developed
new positions, training programs and materials, and a staffing plan.
Further, CBP said it will continue to refine all aspects of the C-TPAT
human capital plan to include headquarters personnel, additional training
requirements, budget, and future personnel profiles.

Second, we reported that CBP continues developing a comprehensive set of
performance measures and indicators for C-TPAT. According to CBP,
developing these measures for C-TPAT, as well as other programs in the
bureau, has been difficult because CBP lacks data necessary to exhibit
whether a program has prevented or deterred terrorist activity. For

example, as noted in the C-TPAT strategic plan, it is difficult to measure
program effectiveness in terms of deterrence because generally the direct
impact on unlawful activity is unknown. The plan also notes that while
traditional workload measures are a valuable indicator, they do not
necessarily reflect the success or failure of the bureau's efforts. CBP is
working to collect more substantive information-related to C-TPAT
activities (i.e., current workflow process)-to develop its performance
measures. In commenting on a draft of our report, CBP indicated it has
developed initial measures for the program but will continue to develop
and refine these measures to ensure program success.

Third, we reported that CBP's record keeping for the program is
incomplete, as key decisions are not always documented and programmatic
information is not updated regularly or accurately. Federal regulations
require that bureau record-keeping procedures provide documentation to
facilitate review by Congress and other authorized agencies of government.
Further, standards for internal control in the federal government require
that all transactions be clearly documented in a manner that is complete,
accurate, and useful to managers and others involved in evaluating
operations. During our review of six company files for which validations
had been completed, it was not always clear what facet of the security
profile was being validated and why a particular site was selected at
which to conduct the validation because there was not always documentation
of the decision-making process. The aspects of the security profiles
covered and sites visited did not always appear to be the most relevant.
For example, one validation report we reviewed for a major retailer-one
that imports the vast majority of its goods from Asia- indicated that the
validation team reviewed facilities in Central America. CBP officials
noted that it recently revised its validation report format to better
capture any justification for report recommendations and best practices
identified. After reviewing eight of the more recent validation reports,
we noted that there appeared to be a greater discussion related to the
rationale for validating specific aspects of the security profiles.
However, the related company files did not consistently contain other
documentation of members' application, certification, vetting, receipt of
benefits, or validation. While files contained some of these elements,
they were generally not complete. In fact, most files did not usually
contain anything other than copies of the member's C-TPAT agreement,
security profiles, and validation report.

Further, we reported that CBP does not update programmatic information
regularly or accurately. In particular, the reliability of CBP's database
to track member status using key dates in the application through
validation

processes is questionable. The database, which is primarily used for
documentation management and workflow tracking, is not updated on a
regular basis. In addition, C-TPAT management told us that earlier data
entered into the database may not be accurate, and CBP has taken no
systematic look at the reliability of the database. CBP officials also
told us that there are no written guidelines for who should enter
information into the database or how frequently the database should be
updated. We made several requests over a period of weeks to review the
contents of the database to analyze workload factors, including the amount
of time that each step in the C-TPAT application and review process was
taking. The database information that CBP ultimately provided to us was
incomplete, as many of the data fields were missing or inaccurate. For
example, more than 33 percent of the entries for validation date were
incomplete. In addition, data on the status of companies undergoing the
validation process was provided in hard copy only and included no date
information. CBP officials told us that they are currently exploring other
data management systems, working to develop a new, single database that
would capture pertinent data, as well as developing a paperless
environment for the program.

GAO Recommendations and CBP Response

Our C-TPAT report recommended that the Secretary of Homeland Security
direct the Commissioner of U.S. Customs and Border Protection to take the
following five actions:

o  	strengthen the validation process by providing appropriate guidance to
specialists conducting validations, including what level of review is
adequate to determine whether member security practices are reliable,
accurate, and effective;

o  	determine the extent (in terms of numbers or percentage) to which
members should be validated in lieu of the original goal to validate all
members within 3 years of certification;

o  	complete the development of performance measures, to include
outcome-based measures and performance targets, to track the program's
status in meeting its strategic goals;

o  	complete a human capital plan that clearly describes how the C-TPAT
program will recruit, train, and retain sufficient staff to successfully
conduct the work of the program, including reviewing security profiles,
vetting, and conducting validations to mitigate program risk; and

o  	implement a records management system that accurately and timely
documents key decisions and significant operational events, including a
reliable system for (1) documenting and maintaining records of all
decisions in the application through validation processes, including but
not limited to documentation of the objectives, scope, methodologies, and
limitations of validations, and (2) tracking member status.

In commenting on a draft of the report, CBP generally agreed with our
recommendations and outlined actions it either had taken or was planning
to take to implement them.

After our work was completed, CBP issued new security criteria for C-TPAT
importers. Although we have not assessed the new criteria in detail, the
new criteria appear to better define the minimum security expectations of
importers participating in the C-TPAT program than the prior security
guidelines. For example, under the prior security guidelines, all
importers were to secure containers' internal and external compartments
and panels. Under the new security criteria, importers are to explicitly
require all containers bound for the United States to have high-security
seals affixed to them. In addition, the new criteria appear to place a
greater emphasis on security procedures throughout importers' supply
chains than the prior guidelines. Specifically, the new criteria state
that importers must have written and verifiable processes for the
selection of business partners, as well as documentation of whether these
business partners are either C-TPAT certified or meet the C-TPAT security
criteria-requirements not found in the prior security guidelines. However,
the new security criteria do not address our recommendations for improving
the program and may place an even greater emphasis on the need to
strengthen the validation process. According to the new criteria,
importers wishing to join the C-TPAT program must submit security profiles
that address the new criteria as part of the certification process. But
importers who are already C-TPAT members are not required to provide any
written certification that they meet the new security criteria and will
not have to resubmit their security profiles. Instead, CBP will use
validations to gauge whether or not these members have adopted the new
security criteria. This places a greater emphasis on the need for CBP to
establish guidelines for what constitutes a validation and the extent to
which it must conduct validations to ensure that the C-TPAT program is
consistent with its overall approach to managing risk.

Improvements 	My statement will now focus on the results of our work on
the CSI program.

  Needed in CSI Targeting, Inspection and Management Efforts

Limitations Exist in Ability to Target Containers Overseas

In our CSI report, we noted that CBP officials told us the CSI program has
produced factors that contribute to CBP's ability to target shipments at
overseas seaports, including improved information sharing between the CSI
teams and host government officials regarding U.S.-bound shipments and a
heightened level of bilateral cooperation on and international awareness
of the need for securing the global shipping system. However, we found
factors that may limit the program's effectiveness at some ports,
including (1) staffing imbalances at CSI ports and (2) weaknesses in one
source of data CBP relies upon to target shipments.

As we reported, one factor negatively affecting CBP's ability to target
containers is staffing imbalances across ports. Although CBP's goal is to
target all U.S.-bound containers at CSI ports before they depart for the
United States, it has not been able to place enough staff at some CSI
ports to do so. As a result of these imbalances, 35 percent of U.S.-bound
shipments from CSI ports were not targeted and were therefore not subject
to inspection overseas-the key goal of the CSI program. CBP has been
unable to staff the CSI teams at the levels called for in the CSI staffing
model because of diplomatic and practical considerations. However, CBP's
staffing model for CSI does not consider whether some of the targeting
functions could be performed in the United States. For example, the model
does not consider what minimum number of targeters need to be physically
located at CSI ports to carry out duties that require an overseas presence
(such as coordinating with host government officials) as opposed to other
duties that could be performed in the United States (such as reviewing
manifests and databases). CBP has placed targeters at its National
Targeting Center to assist CSI teams in targeting containers for
inspection, which demonstrates that CBP does not have to rely exclusively
on overseas targeters as called for in its staffing model.

Further, we reported the existence of limitations in one data source CSI
teams use for targeting high-risk containers. For CSI, CBP uses manifest
information as one data source to help characterize the risk level of
U.S.-

bound shipments, information that may be unreliable and incomplete.
Although CBP officials told us that the quality of the manifest data has
improved, there is no method to routinely verify whether the manifest data
accurately reflect the contents within the cargo container.

Some Containers Were Not Inspected for a Variety of Reasons

As we reported, since the implementation of CSI through September 11,
2004, 28 percent (4,013) of containers referred to host government
officials for inspection were not inspected for a variety of reasons
including operational limitations that prevented the containers from being
inspected before they left the port. In 1 percent of these cases, host
government officials denied inspections, generally because inspection
requests were based on factors not related to security threats, such as
drug smuggling. Containers referred to host governments for inspection by
CSI teams that are not inspected overseas are supposed to be referred for
inspection upon arrival at the U.S. destination port. CBP officials noted
that between July 2004 and September 2004, about 93 percent of shipments
referred for domestic inspection were inspected at a U.S. port. CBP
officials explained that some of these shipments were not inspected
domestically because inspectors at U.S. ports received additional
information or entry information that lowered the risk characterization of
the shipments or because the shipments remained aboard the carrier and
were never offloaded at a U.S. port.

Further, we reported that for the 72 percent (10,343) of containers that
were inspected overseas, CBP officials told us there were some anomalies
that led to law enforcement actions but that no WMD were discovered. There
are two types of radiation detection devices used at CSI ports to inspect
cargo containers-radiation isotope identifier devices and radiation portal
monitors-as well as various types of X-ray and gammaray imaging machines
used at CSI ports to inspect cargo containers, each with different
detection and identification capabilities. However, the inspection
equipment used at CSI ports varies in detection capability, and there are
no minimum requirements for the detection capability of equipment used for
CSI. In addition, technologies to detect other WMD have limitations. As a
result, CBP has no absolute assurance that inspections conducted under CSI
are effective at detecting and identifying WMD. According to CBP
officials, the bureau has not established minimum technical requirements
for the nonintrusive inspection equipment or radiation detection equipment
that can be used as part of CSI because of sovereignty issues, as well as
restrictions that prevent CBP from endorsing a particular brand of
equipment. Although CBP cannot endorse a particular brand of equipment,
the bureau could still establish

general technical capability requirements for any equipment used under CSI
similar to other general requirements CBP has for the program, such as the
country committing to establishing an automated risk management system.
Because the CSI inspection could be the only inspection of a container
before it enters the interior of the United States, it is important that
the nonintrusive inspection and radiation detection equipment used as part
of CSI provides some level of assurance of the likelihood that the
equipment could detect the presence of WMD.

CBP Has Made Progress Developing a Strategic Plan and Performance Measures
for CSI, but Further Refinements Are Needed

As we reported, CBP has made some improvements in the management of CSI,
but further refinements to the bureau's management tools are needed to
help achieve program goals. Regarding a strategic plan for CSI, CBP
developed a strategic plan in February 2004 that contained three of the
six key elements the Government Performance and Results Act (GPRA)
required for executive agency strategic plans but lacked (1) a description
of how performance goals and measures are related to the general goals and
objectives of the program, (2) an identification of key factors external
to the agency and beyond its control that could affect the achievement of
general goals and objectives, and (3) a description of program
evaluations. We also reported that CBP told us it was revising the CSI
strategic plan to address the elements we raised in the report. We noted
that it appeared that the bureau's initial efforts in this area met the
intent of our prior recommendation to develop a strategic plan for CSI,
but we could not determine the effectiveness of further revisions to the
plan without first reviewing and evaluating them.

Further, we recommended in our July 2003 report that CBP expand efforts
already initiated to develop performance measures for CSI that include
outcome-oriented indicators. Until recently, CBP based the performance of
CSI on program outputs such as (1) the number and percentage of bills of
lading reviewed, further researched, referred for inspection, and actually
inspected, and (2) the number of countries and ports participating in CSI.
CBP has developed 11 performance indicators for CSI, 2 of which it
identified as outcome-oriented: (1) the number of foreign mitigated
examinations and (2) the percentage of worldwide U.S.-destined containers
processed through CSI ports. However, CSI lacks performance goals and
measures for other program objectives. In commenting on a draft of our
April 2005 report, DHS noted that CBP is continuing to refine existing
performance measures and develop new performance measures for its program
goals. For example, CBP was developing a cost efficiency measure to
measure the cost of work at a port and to contribute to staffing
decisions.

GAO Recommendations and CBP Response

  GAO Contacts and Staff Acknowledgments

Our CSI report recommended that the Secretary of Homeland Security direct
the Commissioner of U.S. Customs and Border Protection to take the
following three actions:

o  	revise the CSI staffing model to consider (1) what functions need to
be performed at CSI ports and what functions can be performed in the
United States, (2) the optimum levels of staff needed at CSI ports to
maximize the benefits of targeting and inspection activities in
conjunction with host nation customs officials, and (3) the cost of
locating targeters overseas at CSI ports instead of in the United States;

o  	establish minimum technical requirements for the capabilities of
nonintrusive inspection equipment at CSI ports, to include imaging and
radiation detection devices, that help ensure that all equipment used can
detect WMD, while considering the need not to endorse certain companies
and sovereignty issues with participating countries; and

o  	develop performance measures that include outcome-based measures and
performance targets (or proxies as appropriate) to track the program's
progress in meeting all of its objectives.

In commenting on a draft of the report, DHS generally agreed with our
recommendations and outlined actions CBP either had taken or was planning
to take to implement them.

This concludes my statement. I would now be happy to answer any questions
for the subcommittee.

For further information about this testimony, please contact me at (202)
512-8816. Stephen L. Caldwell, Deena D. Richart, and Kathryn E. Godfrey
also made key contributions to this statement.

Related GAO Products

Maritime Security: Enhancements Made, But Implementation and
Sustainability Remain Key Challenges. GAO-05-448T (Washington, D.C.: May
17, 2005).

Container Security: A Flexible Staffing Model and Minimum Equipment
Requirements Would Improve Overseas Targeting and Inspection Efforts.
GAO-05-557 (Washington, D.C.: April 26, 2005).

Maritime Security: New Structures Have Improved Information Sharing, but
Security Clearance Processing Requires Further Attention. GAO-05-394
(Washington, D.C.: April 15, 2005).

Preventing Nuclear Smuggling: DOE Has Made Limited Progress in Installing
Radiation Detection Equipment at Highest Priority Foreign Seaports.
GAO-05-375 (Washington, D.C.: March 31, 2005).

Cargo Security: Partnership Program Grants Importers Reduced Scrutiny with
Limited Assurance of Improved Security. GAO-05-404 (Washington, D.C.:
March 11, 2005).

Homeland Security: Process for Reporting Lessons Learned from Seaport
Exercises Needs Further Attention. GAO-05-170 (Washington, D.C.: January
14, 2005).

Port Security: Planning Needed to Develop and Operate Maritime Worker
Identification Card Program. GAO-05-106 (Washington, D.C.: December 10,
2004).

Maritime Security: Better Planning Needed to Help Ensure an Effective Port
Security Assessment Program. GAO-04-1062 (Washington, D.C.: September 30,
2004).

Maritime Security: Substantial Work Remains to Translate New Planning
Requirements into Effective Port Security. GAO-04-838 (Washington, D.C.:
June 30, 2004).

Border Security: Agencies Need to Better Coordinate Their Strategies and
Operations on Federal Lands. GAO-04-590 (Washington, D.C.: June 16, 2004).

Homeland Security: Summary of Challenges Faced in Targeting Oceangoing
Cargo Containers for Inspection. GAO-04-557T (Washington, D.C.: March 31,
2004).

Rail Security: Some Actions Taken to Enhance Passenger and Freight Rail
Security, but Significant Challenges Remain. GAO-04-598T (Washington,
D.C.: March 23, 2004).

Department of Homeland Security, Bureau of Customs and Border Protection:
Required Advance Electronic Presentation of Cargo Information. GAO-04-319R
(Washington, D.C.: December 18, 2003).

Homeland Security: Preliminary Observations on Efforts to Target Security
Inspections of Cargo Containers. GAO-04-325T (Washington, D.C.: December
16, 2003).

Posthearing Questions Related to Aviation and Port Security. GAO-04-315R
(Washington, D.C.: December 12, 2003).

Homeland Security: Risks Facing Key Border and Transportation Security
Program Need to Be Addressed. GAO-03-1083 (Washington, D.C.: September 19,
2003).

Maritime Security: Progress Made in Implementing Maritime Transportation
Security Act, but Concerns Remain. GAO-03-1155T (Washington, D.C.:
September 9, 2003).

Container Security: Expansion of Key Customs Programs Will Require Greater
Attention to Critical Success Factors. GAO-03-770 (Washington, D.C.: July
25, 2003).

Homeland Security: Challenges Facing the Department of Homeland Security
in Balancing Its Border Security and Trade Facilitation Missions.
GAO-03-902T (Washington, D.C.: June 16, 2003).

Transportation Security: Federal Action Needed to Help Address Security
Challenges. GAO-03-843 (Washington, D.C.: June 30, 2003).

Transportation Security: Post-September 11th Initiatives and Long-Term
Challenges. GAO-03-616T (Washington, D.C.: April 1, 2003).

Border Security: Challenges in Implementing Border Technology. GAO-03-546T
(Washington, D.C.: March 12, 2003).

Customs Service: Acquisition and Deployment of Radiation Detection
Equipment. GAO-03-235T (Washington, D.C.: October 17, 2002).

Port Security: Nation Faces Formidable Challenges in Making New
Initiatives Successful. GAO-02-993T (Washington, D.C.: August 5, 2002).

This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed in
its entirety without further permission from GAO. However, because this
work may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this material
separately.

GAO's Mission

Obtaining Copies of GAO Reports and Testimony

The Government Accountability Office, the audit, evaluation and
investigative arm of Congress, exists to support Congress in meeting its
constitutional responsibilities and to help improve the performance and
accountability of the federal government for the American people. GAO
examines the use of public funds; evaluates federal programs and policies;
and provides analyses, recommendations, and other assistance to help
Congress make informed oversight, policy, and funding decisions. GAO's
commitment to good government is reflected in its core values of
accountability, integrity, and reliability.

The fastest and easiest way to obtain copies of GAO documents at no cost
is through GAO's Web site (www.gao.gov). Each weekday, GAO posts newly
released reports, testimony, and correspondence on its Web site. To have
GAO e-mail you a list of newly posted products every afternoon, go to
www.gao.gov and select "Subscribe to Updates."

Order by Mail or Phone 	The first copy of each printed report is free.
Additional copies are $2 each. A check or money order should be made out
to the Superintendent of Documents. GAO also accepts VISA and Mastercard.
Orders for 100 or more copies mailed to a single address are discounted 25
percent. Orders should be sent to:

U.S. Government Accountability Office 441 G Street NW, Room LM Washington,
D.C. 20548

To order by Phone: 	Voice: (202) 512-6000 TDD: (202) 512-2537 Fax: (202)
512-6061

To Report Fraud, Contact:

Waste, and Abuse in Web site: www.gao.gov/fraudnet/fraudnet.htm

E-mail: [email protected] Programs Automated answering system: (800)
424-5454 or (202) 512-7470

Gloria Jarmon, Managing Director, [email protected] (202)
512-4400Congressional U.S. Government Accountability Office, 441 G Street
NW, Room 7125 Relations Washington, D.C. 20548

Public Affairs 	Paul Anderson, Managing Director, [email protected] (202)
512-4800 U.S. Government Accountability Office, 441 G Street NW, Room 7149
Washington, D.C. 20548

                           PRINTED ON RECYCLED PAPER
*** End of document. ***