Homeland Security: Actions Needed to Better Protect National	 
Icons and Federal Office Buildings from Terrorism (24-JUN-05,	 
GAO-05-790).							 
                                                                 
The threat of terrorism has made physical security for federal	 
real property assets a major concern. Protecting these assets can
be particularly complex and contentious for agencies whose	 
missions include ensuring public access such as the Department of
the Interior (Interior) and the General Services Administration  
(GSA). GAO's objectives were to (1) identify any challenges that 
Interior faces in protecting national icons and monuments from	 
terrorism, as well as related actions intended to address these  
challenges; and similarly, (2) determine any challenges GSA faces
related to the protection of federal office buildings it owns or 
leases and actions that have been taken.			 
-------------------------Indexing Terms------------------------- 
REPORTNUM:   GAO-05-790 					        
    ACCNO:   A27739						        
  TITLE:     Homeland Security: Actions Needed to Better Protect      
National Icons and Federal Office Buildings from Terrorism	 
     DATE:   06/24/2005 
  SUBJECT:   Counterterrorism					 
	     Facility security					 
	     Federal office buildings				 
	     Federal property					 
	     Historic preservation				 
	     Homeland security					 
	     National parks					 
	     Physical security					 
	     Policy evaluation					 
	     Real property					 
	     Recreation areas					 
	     Terrorism						 

******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO Product.                                                 **
**                                                              **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced.  Tables are included, but    **
** may not resemble those in the printed version.               **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
******************************************************************
GAO-05-790

United States Government Accountability Office

      GAO	Report to the Chairman, Committee on Government Reform, House of
                                Representatives

June 2005

HOMELAND SECURITY

  Actions Needed to Better Protect National Icons and Federal Office Buildings
                                 from Terrorism

                                       a

GAO-05-790

[IMG]

June 2005

HOMELAND SECURITY

Actions Needed to Better Protect National Icons and Federal Office Buildings
from Terrorism

                                 What GAO Found

Interior faces a range of major challenges in protecting national icons
and monuments from terrorism-these include balancing security and public
access; addressing jurisdictional and competing stakeholder issues; and
securing assets in rugged, remote areas. In addition, there was concern
among Interior officials about the department's ability to leverage
limited resources for security. Since September 11, 2001, Interior has
improved security at high-profile sites, created a central security office
to oversee its security efforts, developed physical security plans
required by Homeland Security Presidential Directive 7, and developed a
uniform risk management and ranking methodology. As Interior moves
forward, linking the results of its risk rankings to security funding
priorities at national icons and monuments is an important next step.
Also, given Interior's complex and often contentious environment, setting
forth the guiding principles by which the department balances its core
mission with security could have benefits. Other organizations have used
guiding principles to foster greater transparency in complex environments.

GSA also faces a range of major challenges, some similar to Interior's,
that include balancing security and public access, addressing
jurisdictional and competing stakeholder issues, securing federally leased
space, and adjusting to the transfer of the Federal Protective Service
(FPS) from GSA to the Department of Homeland Security (DHS). Actions GSA
has taken to address the challenges include working to develop security
standards for securing leased space and establishing a memorandum of
agreement with DHS on security at GSA's facilities. However, despite these
actions, GSA lacks a mechanism-such as a chief security officer position
or formal point of contact-that could serve in a liaison role with FPS and
tenant agencies, work to address the challenges GSA faces related to
security at its buildings, and enable GSA to better define its overall
role in security given the transfer of FPS to DHS.

Examples of Security Measures at National Icons and Federal Buildings

                 United States Government Accountability Office

Contents

  Letter

Results in Brief
Background
Terrorist Threat Poses a Range of Challenges for Interior in

Protecting National Icons and Monuments

The Threat Against Federal Office Buildings is Significant, and GSA Faces
Various Challenges as the Owner and Landlord of These Assets

Conclusions
Recommendations for Executive Action
Agency Comments and Our Evaluation

1 2 5

7

34 45 47 47

Appendixes

      Appendix I: Objectives, Scope, and Methodology 49 Appendix II: Comments
    from the General Services Administration 51 Appendix III: GAO Contact and
                                                           Acknowledgments 52

Figures	Figure 1: Figure 2: Figure 3:

Figure 4:

Figure 5: Figure 6:

Figure 7: Figure 8: Figure 9:

The Statue of Liberty in New York Harbor
Security Checkpoint for Liberty Island
Hoover Dam and Linked Boom Line Used to Enhance
Perimeter Security
Security Checkpoint on the Arizona Side of Hoover
Dam
Independence Hall in Philadelphia
Vehicle Traffic in Front of Independence Hall and Park
Service Staff Allowing Visitors to Cross Chestnut Street

Jersey Barriers and Fencing on the East Side of the
Lincoln Memorial
Jersey Barriers and Snow Fencing at the Jefferson
Memorial
Security Camera near the Amphitheatre at Mt.
Rushmore

9 10

12

13 15

17

19

21

26 27 38 Figure 10: Rugged Terrain Surrounding Mt. Rushmore Figure 11:
Bollards in Front of a Federal Building in New York

Contents

Abbreviations

BOR Bureau of Reclamation
CFA U.S. Commission on Fine Arts
DHS Department of Homeland Security
EIS Environmental Impact Statement
FBI Federal Bureau of Investigation
FPS Federal Protective Service
FSRM Federal Security Risk Management
GSA General Services Administration
HSPD-7 Homeland Security Presidential Directive Number 7
ICE Immigrations and Customs Enforcement
IG Inspector General
IMBARC Independence Mall Business and Residents Coalition
Interior Department of the Interior
INHP Independence National Historical Park
ISC Interagency Security Committee
MOU Memorandum of Understanding
NCPC National Capital Planning Commission
NHPA National Historic Preservation Act
NPS National Park Service
NPCA National Parks Conservation Association
NYPD New York Police Department
OLES Office of Law Enforcement and Security
OMB Office of Management and Budget
Park Service National Park Service
Park Police U.S. Park Police
SEPTA Southeastern Pennsylvania Transportation Authority
SHPO State Historic Preservation Officer
SSA sector-specific agency
USMS U.S. Marshals Service

This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed in
its entirety without further permission from GAO. However, because this
work may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this material
separately.

A

United States Government Accountability Office Washington, D.C. 20548

June 24, 2005

The Honorable Tom Davis Chairman, Committee on Government Reform House of
Representatives

Dear Mr. Chairman:

Since the 1995 bombing of the Alfred P. Murrah Federal Building in
Oklahoma City and the September 11, 2001, attacks, federal agencies have
devoted significant resources and attention to the physical security of
their real property assets. Protecting federal real property assets can be
particularly complex and contentious for agencies whose missions include
ensuring public access to their assets, including the Department of the
Interior (Interior) and the General Services Administration (GSA).
Interior and its eight bureaus are charged with protecting the nation's
natural, historic, and cultural treasures, including thousands of
facilities. GSA houses agencies in over 8,000 owned and leased facilities
that contain roughly 338 million square feet. These facilities are used by
over a million federal employees and contractors and are visited by
citizens receiving services from, and conducting business with, the
federal government.

In November 2002, the Department of Homeland Security (DHS) was created to
bring a central focus to the government's efforts to prevent and respond
to terrorist threats, including threats to its physical infrastructure.
DHS, through its Federal Protective Service (FPS), is directly responsible
for law enforcement and related security functions at GSA facilities and
also provides policy leadership on facility protection issues to other
agencies, including Interior. Although law enforcement and related
security functions were transferred from GSA to DHS when FPS transferred
to DHS, GSA officials said that it still assists FPS and tenant agencies
with facility security, implements various security measures that FPS
recommends, and incorporates enhanced security measures into new space it
constructs or leases.

Our objectives were to (1) identify any challenges that Interior faces in
protecting national icons and monuments from terrorism, as well as related
actions intended to address these challenges; and similarly, (2) determine
any challenges GSA faces related to the protection of office buildings it
owns or leases and the actions that have been taken. To do this work, we
interviewed officials from Interior, including officials at the department
level, the National Park Service (Park Service), U.S. Park Police (Park

Police), and the Bureau of Reclamation (BOR); GSA; and DHS, including FPS.
We also interviewed other agencies and organizations that have an interest
in security issues, including the National Capital Planning Commission and
the National Parks Conservation Association. We also reviewed pertinent
documents and policies that we obtained from these agencies and related
laws and directives. Our work included visiting sites that Interior and
GSA identified as particularly illustrative of the challenges they face
and how they are trying to address them. Additional information about our
methodology and the sites we visited, along with a complete description of
the organizations we interviewed, appears at the end of this report. We
conducted our work between January 2004 and March 2005 in accordance with
generally accepted government auditing standards.

Separately, we issued a "For Official Use Only" report detailing the
results of our review. This version of the report, for public release,
provides a general summary of the challenges identified and our
recommendations to help Interior and GSA enhance their protection of
national icons and federal office buildings from terrorism. (The "For
Official Use Only" report provided technical details to assist Interior
and GSA in their efforts.)

Results in Brief	Interior faces a range of major challenges in protecting
national icons and monuments from terrorism. First, there is an inherent
conflict between physical security initiatives and Interior's mission to
provide access to, and education about, the nation's natural and cultural
heritage. Striking a balance between protecting its assets from terrorism
and maintaining public access is a new role for Interior, which has
historically focused mainly on its preservation and education mission.
Second, jurisdictional issues and competing stakeholder interests are
another challenge. Pursuing security improvements that Interior believes
are needed often puts the department at odds with other entities-such as
planning commissions, private foundations, and local governments-that have
jurisdiction over, or input regarding, physical enhancements. Third, some
icons and monuments are in rugged, remote locations and, therefore, pose
additional challenges related to securing perimeters and ensuring an
adequate response in the event of an attack. Lastly, leveraging limited
resources is an ongoing challenge. Interior officials responsible for
security at the individual icons and monuments were concerned about
whether the department will have a sustained level of staff and funding
resources for security initiatives. Effectively addressing these
challenges is vital for Interior because highly visible assets such as the
Washington Monument and Mt. Rushmore National Memorial (Mt. Rushmore)
could be targeted for

symbolic reasons and for the purpose of harming people. Information from
Interior shows that these and other assets are vulnerable to attack in a
variety of ways.

In addition to security improvements Interior has made at individual
locations, several broader actions have been taken that are intended to
address the department's challenges and improve its security program
overall. These security improvements are as follows:

o 	The administration has identified goals for overcoming challenges and
vulnerabilities unique to national icons and monuments as part of its
national strategy for homeland security.

o 	Interior has developed physical security plans in response to Homeland
Security Presidential Directive 7 (HSPD-7). This directive establishes a
national policy for prioritizing the protection of critical infrastructure
and requires all departments and agencies to develop physical and cyber
security plans for the assets they own. In addition, the directive
designates Interior as a sector-specific agency (SSA) for the national
icons and monuments sector-SSAs are responsible for coordinating
protection in their respective sectors across all levels of government and
the private sector.

o 	To centrally manage Interior's security initiatives and address its
challenges, the department established a central coordination and
oversight office for homeland security-related activities. This office-
the Office of Law Enforcement and Security (OLES)-has worked within
Interior to identify assets that are likely targets, conduct risk
assessments using a number of external experts, and coordinate efforts by
Interior's bureaus to enhance security at individual locations.

o 	Interior has developed a uniform risk assessment methodology that it
has used to generate risk rankings for high-profile national icons and
monuments.

Overall, these efforts have been positive steps. As Interior moves
forward, linking the results of its risk assessments and related risk
rankings to security funding priorities at national icons and monuments is
an important next step that we are recommending. This should allow for
well-informed decisions by stakeholders-such as Interior, OMB, and
Congress-about where to direct resources so that they have an optimal
return on investment in terms of better protection. Furthermore, given
Interior's

complex and often contentious environment, setting forth the guiding
principles by which the department balances its core mission with
security-which we are also recommending-could have benefits. Guiding
principles have been used by other organizations to foster greater
transparency and thus allow stakeholders to better understand the basis
for decisions. By identifying and conveying the principles it follows for
making security-related decisions, Interior could be better positioned to
achieve additional transparency and more mutually acceptable outcomes with
its stakeholders. Interior did not comment on our recommendations.

GSA also faces a range of major challenges-some similar to those facing
Interior-related to security at buildings it owns or leases. First,
federal buildings are where the government and the public transact
business, and striking a balance between security and public access is an
ongoing challenge. This challenge is of particular concern with federally
leased space, where the government does not have complete control over
building access. Second, GSA faces challenges in addressing jurisdictional
and competing stakeholder interests, particularly in urban areas where
local governments and others have a role in the type of security that is
employed. Finally, the transfer of FPS to DHS has presented a major
challenge for GSA. In addition to no longer having direct control over
security services in its buildings, GSA officials were concerned about
their ability to track security expenditures and stay informed about FPS
protection activities in GSA buildings. In general, GSA officials said
that GSA is still trying to define its overall role in security given the
transfer of FPS. Addressing these challenges is critical because the
terrorist threat against federal office buildings is significant. The
Oklahoma City bombing and September 11 attacks demonstrated that
terrorists possess the capabilities to destroy these types of assets. In
the post-September 11 era, warnings from DHS have shown that there is
still a concern regarding the threat that terrorists will use methods such
as truck bombs to destroy office buildings. GSA owns many federal office
buildings, on which an attack could seriously disrupt the business of
government and harm federal employees and the public.

To address the challenges associated with protecting federal office
buildings, a number of actions have been taken. GSA has continued with the
implementation of security enhancements to buildings in its inventory that
it began after the Oklahoma City bombing-these enhancements are designed,
in part, to achieve a balance between security and access. GSA has worked
with the Interagency Security Committee (ISC) to develop security design
criteria for newly constructed office buildings and security

standards for addressing challenges associated with federally leased
space. Established after the Oklahoma City bombing, ISC has a range of
governmentwide responsibilities related to protecting nonmilitary
facilities and has representation from all the major property-holding
agencies. The administration has also identified the challenge of
protecting federal office buildings as a top priority in the critical
infrastructure area. In addition, ISC is responsible for coordinating
agencies' building security efforts. The transfer of FPS to DHS-though a
challenge for GSA-was intended to improve law enforcement and related
functions by centralizing building security activities with other homeland
security functions. A March 2003 operational memorandum of agreement
between GSA and DHS made FPS responsible for the same types of security
services that FPS provided for GSA properties prior to the transfer to
DHS. These include performing risk assessments, managing the installation
of some security equipment, conducting criminal investigations, and
managing the contract guard program. These actions are all steps in the
right direction. However, despite the range of challenges GSA faces, it
lacks a mechanism-such as a chief security officer position or formal
point of contact-to coordinate homeland security efforts at its buildings
with FPS and tenant agencies. The officer/official in such a position,
which we are recommending, could serve in a liaison role with FPS and
tenant agencies, work to address the challenges GSA faces related to
security in buildings it owns and leases, and enable GSA to better define
its overall role in security given the transfer of FPS to DHS. Having such
a position is recognized in the security community as essential in
organizations that own and operate large numbers of mission-critical
facilities. GSA concurred with this recommendation.

Background	Interior is responsible for the safety of 70,000 employees and
200,000 volunteers, 1.3 million daily visitors, and over 507 million acres
of public lands that include a number of sites of historical or national
significance (national monuments and icons), and the security of dams and
reservoirs. The Park Service's mission is the unimpaired preservation of
the natural and cultural resources and values of the national park system
for the enjoyment, education, and inspiration of current and future
generations. According to Interior officials, the Park Service cooperates
with various partners to extend the benefits of natural and cultural
resource conservation and outdoor recreation throughout this country and
the world. Within Interior, the Park Service is responsible for managing
and protecting some of the nation's most treasured icons, including the
Washington Monument, the Lincoln and Jefferson Memorials, the Statue of

Liberty, Independence Hall and the Liberty Bell in Philadelphia, and Mt.
Rushmore in South Dakota. The Park Service welcomes 428 million visitors
to its 388 national park units each year throughout the United States,
American Samoa, Guam, Puerto Rico, and the Virgin Islands.

The Park Police provides security and law enforcement services to Park
Service monuments and memorials in the District of Columbia, New York
City, and in conjunction with Park Service rangers in San Francisco. Park
superintendents and rangers manage and provide security and law
enforcement services at the other parks throughout the United States in
conjunction with their other duties. These other duties include management
of public use, dissemination of scientific and historical information, and
protection and management of natural and cultural resources.

Among Interior's other bureaus, BOR has an important role in protecting
critical infrastructure because of its responsibilities related to dams.
BOR's core mission is to manage, develop, and protect water and related
resources in an environmentally and economically sound manner. It is the
largest wholesale water supplier in the nation, delivering 10 trillion
gallons of water to over 30 million people each year. According to
information from BOR, it manages 471 dams, making it the nation's second
largest producer of hydropower; the dams generate approximately 42 billion
kilowatt hours each year. BOR, among other things, is responsible for
managing and protecting well-known assets, such as Hoover Dam in Arizona
and Nevada.

While Interior is responsible for protecting icons, monuments, and dams,
GSA serves as the federal government's landlord and designs, builds, and
manages facilities to support the needs of other federal agencies
throughout all three branches of government. GSA is responsible for
managing over 8,000 owned and leased buildings that comprise roughly 3
billion square feet of building floor area. FPS was created in 1971 to
provide security services and law enforcement to GSA-owned facilities
across the United States. FPS has the authority to, among other things;
enforce laws and regulations that protect federal property, and persons on
such property, and conduct investigations. As a result of the Homeland
Security Act, 22 agencies-including FPS-were centralized under DHS, and
FPS retained its role related to law enforcement and security at GSA
buildings. In accordance with the act, the transfer of FPS from GSA to DHS
became effective on March 1, 2003. GSA officials said that GSA still
assists FPS and tenant agencies with facility security, implements various
security measures that FPS recommends, and incorporates enhanced security

measures into new space it constructs or leases. Within DHS, FPS fell
under the authority of the Immigration and Customs Enforcement (ICE),
which, according to DHS, is its largest investigative arm. DHS also chairs
ISC, which has representation from all the major property-holding agencies
and was established after the Oklahoma City bombing. ISC has a range of
governmentwide responsibilities related to protecting nonmilitary
facilities. In July 2004, we reported on issues related to the transfer of
FPS from GSA to DHS; and in November 2004, we reported on progress ISC has
made and key practices in facility protection.1

  Terrorist Threat Poses a Range of Challenges for Interior in Protecting
  National Icons and Monuments

The September 11 attacks demonstrated the nation's vulnerability to the
threat posed by formidable, well-organized terrorists. As evidenced by the
attacks, the terrorists are sophisticated, relentless, and patient in
their planning and execution. This new type of threat represents a shift
from historical assumptions about national security, where the military,
foreign policy establishment, and intelligence community are responsible
for protecting the nation, to a new paradigm where others-such as
Interior, state and local governments, and the private sector-also have a
role in homeland security. National icons and monuments represent the
nation's heritage, tradition, values, and political power. Among Interior
assets that could logically be categorized as potential symbolic targets
are national icons and monuments such as Mt. Rushmore and the Washington
Monument. Destroying these icons would likely have a profound effect on
the nation's morale. In addition, Interior's portfolio includes assets
that are part of the nation's critical infrastructure, such as the 471
dams it operates that provide hydropower to Western states. Information
from Interior shows that these assets are vulnerable to attack in a
variety of ways and that Interior faces a range of challenges to improving
protection. These challenges include the inherent conflict between
security and public access, jurisdictional issues and competing
stakeholder issues regarding such matters as access and oversight of
enhancements, the effect that the rugged and remote location of some
assets has on perimeter security, and the ability to leverage available
resources to address vulnerabilities by implementing security
enhancements.

1GAO, Homeland Security: Transformation Strategy Needed to Address
Challenges Facing the Federal Protective Service, GAO-04-537 (Washington,
D.C.: July 14, 2004); GAO, Homeland Security: Further Actions Needed to
Coordinate Federal Agencies' Facility Protection Efforts and Promote Key
Practices, GAO-05-49 (Washington, D.C.: Nov. 30, 2004).

    Balancing Security with Public Access at Icons and Monuments Is a Major
    Challenge

Security versus Access: The Statue of Liberty

Interior officials and staff at the icons and monuments we visited
acknowledged, and the Interior Inspector General (IG) has reported, that
balancing security with access is a major challenge facing the department.
Implementing appropriate physical protection measures can be a challenge
because such measures often run counter to societal values that associate
access to icons and monuments with living in a free society. And, the core
missions of some of the Interior's agencies-including the Park Service-
reflect a high level of public accessibility and interaction. As reported
by the Interior IG and discussed by Interior officials we interviewed, the
organizational challenge of shifting to a homeland security focus in a
culture rooted in preservation and education is also significant.2
Overall, the challenge of balancing protection against terrorism with
public access is formidable and transcends other challenges Interior
faces, including jurisdictional issues and competing stakeholder
interests.

The Park Service's efforts to balance security with access at the Statue
of Liberty demonstrate this challenge. The Statue of Liberty is one of the
nation's most treasured sites and is an international symbol of American
values. Located on 12-acre Liberty Island in New York Harbor, the Statue
of Liberty was a gift of international friendship from the people of
France to the people of the United States and is one of the most universal
symbols of political freedom and democracy. It is a popular tourist
attraction for visitors from around the world. In fiscal year 2003, over
3.2 million people visited the Statue. Park Service management of the
Statue of Liberty and Liberty Island also includes Ellis Island and its
facilities. The Statue consists of three sections: the Statue, the
pedestal, and a base known as Fort Wood. The Park Service and Park Police
oversee the monument's security program, including operation of screening
facilities housed at Battery Park in Lower Manhattan in New York and
Liberty State Park in New Jersey. Park Service and Park Police officials
consider these locations, plus Governor's Island, part of a 5-point
security perimeter that they monitor within New York Harbor. Figure 1
shows the Statue of Liberty, which is surrounded by New York Harbor.

2U.S. Department of the Interior, Office of the Inspector General, Review
of National Icon Park Security, Report 2003-I-0063 (Washington, D.C.:
August 2003).

Figure 1: The Statue of Liberty in New York Harbor

Source: GAO.

Due to concerns about additional terrorist attacks, the Park Service
closed Liberty Island and the Statue of Liberty immediately following
September

11. The Park Service reopened Liberty Island in December 2001 but
refrained from allowing access to the Statue until additional security and
fire safety assessments could be done. These assessments identified a
number of steps that needed to be taken before visitors could be allowed
back into the Statue. In addition, the primary threats included aerial
attacks and explosives detonated inside the structure.

In August 2004, the Park Service reopened the Statue to visitors with
access restricted to the top of the pedestal and the exterior observation
deck. The security improvements were primarily aimed at preventing
would-be terrorists from gaining access to the interior of the Statue and
its grounds. Under this revised plan, visitors are able to tour the Statue
of Liberty Museum, see close-up views of the statue from the promenade,
view the inside structural elements of the statue, and experience a 360-

degree panoramic view of New York Harbor from the observation deck. In
addition, the Park Service and Park Police implemented other improvements,
including more rigorous visitor screening, better explosive detection
capabilities, improved fire safety, and enhanced communications. Park
Service officials also noted that new barriers were installed at the Ellis
Island service bridge and that Park Service and Park Police staffing has
been increased since September 11 to implement the improved security plan.
The Park Service reported in mid-2004 that, to make these improvements, it
had invested $19.6 million and was anticipating an additional $9 million
in future spending. In addition, the Park Service reported that the Statue
of Liberty-Ellis Island Foundation, which is a consortium of private
donors, had partnered with the Park Service to assist with funding a
number of the safety improvements. Figure 2 shows the security checkpoint
for Liberty Island.

                Figure 2: Security Checkpoint for Liberty Island

Source: GAO.

According to Park Service officials, the issue of public access to the
Statue received high visibility and publicity while a new security plan
was being developed. Some of the editorial press from this time expressed
a concern that by closing the Statue, it had "ceded to al Qaeda." The
Mayor of New York was quoted in a newspaper saying that as long as the
Statue is closed, "in some sense, the terrorists have won." Interior and
Park Service officials said that it was difficult to communicate the
rationale for initially prohibiting, then later limiting, public access to
the Statue without revealing the specific vulnerabilities that led to
their decisions. A major reason for limiting access to the Statue was the
need to adhere to building codes related to fire safety. For example, the
Statue did not meet standards for exits and fire suppression capability.
However, Interior and Park Service officials were also concerned with the
security vulnerabilities of the Statue and the fact that knowledge of
these vulnerabilities could make the Statue an even more attractive
target. Although many security improvements have been implemented at the
Statue of Liberty National Monument and Ellis Island, Park Service
officials noted that several key security challenges remain.

Security versus Access: Hoover Hoover Dam in Nevada and Arizona is another
icon that presents Interior

Dam 	with challenges related to public access. Located approximately 38
miles southeast of Las Vegas, Hoover Dam is a national, historical,
hydrological, and structural icon that is part of the nation's critical
infrastructure. Managed by BOR, it receives approximately 1 million paid
visitors every year and provides water and electricity for millions of
people throughout the Southwest. Its 4.4 million cubic yards of concrete
is recognized as a marvel of civil engineering. In addition, nearly 9
million people visit adjacent Lake Mead every year, which is the nation's
largest man-made lake and is a national recreational area managed by the
Park Service. Hoover generates electricity for southwestern states through
its 17 turbines using water from Lake Mead. Also, Interstate 93 sits on
top of the dam, serving as the region's main vehicular route across the
Colorado River.

According to BOR officials, following the terrorist attacks of September
11, BOR implemented a range of security enhancements, such as hiring
additional security officers and guards and revising and canceling some
public tours. In addition, BOR is taking steps to provide a long-term
solution for its biggest security concern to visitors-the proximity of
Interstate 93 to large crowds of visitors who also have access to the top
of the dam. Related to security staffing, BOR nearly doubled the number of
federal police officers and added new contract security guards. To help
control the flow of tourists and provide additional security, BOR added

access doors, and contract guards to certain areas of the visitor center.
BOR also improved security at the visitor center by adding blast-resistant
films to the windows. In addition, BOR improved gates and fencing in some
areas surrounding the dam to improve perimeter security. BOR also
installed a series of buoys and linked "boom lines" to serve as a security
perimeter at water access points. Figure 3 shows the dam and a linked boom
line in the water.

Figure 3: Hoover Dam and Linked Boom Line Used to Enhance Perimeter
Security

Source: GAO.

To further secure the dam's perimeter, BOR created two traffic security
checkpoints, one in Arizona and one in Nevada, to screen and inspect
passenger vehicles crossing the dam. Figure 4 shows a security checkpoint
on the Arizona side of the dam.

Figure 4: Security Checkpoint on the Arizona Side of Hoover Dam

Source: GAO.

Since September 11, BOR also made other changes to its security
operations, including performing additional background checks on
contractor personnel, obtaining security clearances for office directors
and key personnel, conducting various site security inspections,
initiating boat patrols on Lake Mead, contracting for the design of a new
integrated security system, and installing additional surveillance cameras
to monitor traffic checkpoints and other parts of the dam and visitor
areas. To address one security concern as far as visitors are
concerned-public access to the top of the dam due to the proximity to
Interstate 93-BOR is currently working with Arizona, Nevada, the Federal
Highway Administration, and others to construct a new four-lane bridge
across the Colorado River approximately 1,500 feet from the dam. This
bridge and additional roadways would re-route Interstate 93 off of the dam
and improve traffic flow for the thousands of trucks and vehicles that use
this road daily and reduce security vulnerabilities for the dam and its
visitors. The cost of the project is currently estimated at $234 million,
with funding coming through

a combination of federal and state sources. Construction has already begun
on new highways that approach the bridge, and the project is currently
scheduled to be completed in 2008. Nonetheless, although it appears that
BOR has taken the necessary steps to address the security concern with the
highway, ensuring adequate security while allowing vehicle access will
remain a unique and significant challenge for the next few years.

    Addressing Jurisdictional Issues and Competing Stakeholder Interests Is
    Another Challenge for Interior

Jurisdictional and Competing Stakeholder Issues: Independence National
Historical Park in Philadelphia

Complicating its efforts to balance security and access, balancing
jurisdictional issues and competing stakeholder interests represents
another challenge facing Interior. Pursuing security improvements that
Interior believes are needed often puts the department at odds with other
entities-such as planning commissions, private foundations, and local
governments-that have jurisdiction over, or input regarding, physical
security enhancements. For example, efforts to secure the perimeter of a
national monument or icon in an urban setting by closing streets and/or
alleyways can be prevented by local governments. Similarly, local planning
commissions and other oversight groups can prevent the placement of
various protective measures because of aesthetic concerns and other
considerations, such as perceived loss of revenue. According to
information from Interior, limiting the types of measures it can employ
can lead to delays in enhancing security and the use of potentially more
costly and/or less effective alternatives.

One location that illustrates the major challenges Interior faces related
to jurisdictional issues and competing stakeholder interests is
Independence National Historical Park (INHP) in Philadelphia,
Pennsylvania. INHP is an open, national park space in the center of a
densely populated urban area. Spanning approximately 45 acres, the park
has about 20 buildings open to the public, including Independence Hall
(site of the signing of the Declaration of Independence) and the Liberty
Bell Center. Additionally, INHP houses multiple historically irreplaceable
buildings and documents, including Carpenter's Hall (site of the first
Continental Congress), Congress Hall, and an original copy of the
Declaration of Independence. Figure 5 shows a security sign near
Independence Hall, where the Declaration of Independence and U.S.
Constitution were created.

Figure 5: Independence Hall in Philadelphia

Source: GAO.

Due to its urban location, oversight responsibility at INHP involves
several stakeholders. The Park Service and the city of Philadelphia have a
memorandum of understanding (MOU) regarding emergency response
responsibilities and other jurisdictional issues. Public city streets that
carry both pedestrian and vehicular traffic surround the park and its
buildings.

According to Interior officials, the park is surrounded by local
businesses that, along with city officials, are consulted regarding any
change in park operations. Complicating oversight, the Park Service owns
the land that covers the three blocks known as Independence Mall, and the
city of Philadelphia owns the Independence Hall building and the Liberty
Bell. The city and the Park Service operate under a cooperative agreement
for the management and operation of Independence Mall. Also, the focus on
security in this area of Philadelphia is further heightened because of the
presence of other federal assets. Within a few block radius of INHP are
multiple federal buildings, including the U.S. Mint, the Federal Reserve
Bank of Philadelphia, and a federal courthouse that houses the U.S.
District Court for the Eastern District of Pennsylvania.

Park Service officials reported that prior to September 11, INHP managed
its law enforcement and security operation consistently with the majority
of urban parks across the nation. After the Oklahoma City bombing, a blast
assessment focused primarily on Independence Hall was conducted and
influenced the design of the new Liberty Bell Center. Aside from this
assessment, no comprehensive risk assessment had been completed that
addressed overall threat potential. Following September 11, the Park
Service decided to keep the park open but added staff patrols from parks
around the country to support INHP staff for approximately 6 to 9 months.
A perimeter consisting of temporary fencing and concrete jersey barriers
was also placed around the two city blocks containing the Liberty Bell and
Independence Hall and, with the approval of city officials, Chestnut
Street was closed on December 12, 2001. With these security improvements,
staff coverage was roughly doubled, but the Park Service had to have
rangers work overtime to allow for 24-hour coverage. The Park Service also
implemented security measures that included the use of magnetometers and
individual hand searches conducted at Liberty Bell Center and Independence
Hall.

After September 11, the Park Service also contracted with a private firm
to conduct a threat assessment, which used a pre-existing blast
assessment. Park Service officials added that the blast assessment,
however, was too narrowly focused, and the lack of a comprehensive
assessment of threats and vulnerabilities limited their ability to
identify the full range of security measures that were needed to fully
protect the park. In early 2005, an Interior security official told us
that a comprehensive assessment conducted in compliance with HSPD-7 had
been completed, and Interior officials are evaluating this assessment to
determine additional security enhancements.

Interior officials told us that jurisdictional issues at INHP and the
political sensitivity of related disagreements have been the greatest
challenges in terms of implementing security enhancements since September
11. These officials said that although there is a standing operational
agreement between the Park Service and the city of Philadelphia, there is
no current MOU regarding law enforcement and security. INHP security
officials stated that their ability to effectively secure the park is
limited by a lack of authority over Chestnut Street and consensus among
stakeholders as to how to provide the best protection. This challenge is
evidenced most clearly by the ongoing disagreement between INHP and the
city of Philadelphia over the closure of Chestnut Street, the street that
carries both pedestrian and vehicular traffic between Independence Hall
and the Liberty Bell Center. INHP officials said that the city reopened
Chestnut Street on April 1, 2003, after local residents and business
owners made the case to the city that the closure would have an adverse
impact on business. Chestnut Street currently remains open to pedestrians
and traffic with the use of a controlled pedestrian intersection at Sixth
and Chestnut Streets managed by Park Service security staff and contract
guards to monitor park visitors transiting from the Liberty Bell Center to
Independence Hall. Figure 6 shows traffic in front of Independence Hall
and park rangers allowing screened visitors to cross Chestnut Street.

Figure 6: Vehicle Traffic in Front of Independence Hall and Park Service
Staff Allowing Visitors to Cross Chestnut Street

Source: GAO.

In addition to addressing jurisdictional issues related to differences
with the city, Park Service officials at INHP said that their views on
what security measures are needed often put them directly at odds with
local

stakeholder groups and business owners, specifically the Independence Mall
Business and Residents Coalition (IMBARC). IMBARC was created for the
purpose of challenging the closure of Chestnut Street. IMBARC's chairman
told us that IMBARC members are united in their belief that the security
measures implemented at INHP since September 11 are excessive and
aesthetically unappealing. In addition, potential street closures
surrounding Independence Mall also affect the Southeastern Pennsylvania
Transportation Authority (SEPTA), the regional transit provider. Chestnut
and Sixth Street are considered thoroughfares through the city's downtown,
and Park Service officials said that major changes to the traffic patterns
would likely meet additional resistance. We did not evaluate the competing
views of the Park Service, the city of Philadelphia, or IMBARC regarding
the Park Service's security efforts at INHP. Nonetheless, the situation
the Park Service faces at this park illustrates the complex and often
differing jurisdictional and competing stakeholder views that Interior
faces related to security in the post-September 11 era.

Jurisdictional and Competing Other national icons where Interior faces
jurisdictional and competing Stakeholder Issues: Monuments stakeholder
challenges are the monuments on the National Mall (the Mall)

on the National Mall in Washington, D.C.

in Washington, D.C. In particular, Interior has responsibility for several
major monuments on or near the Mall-including the Washington Monument; the
Lincoln, Jefferson, and Roosevelt Memorials; and the World War II, Korean
War, and Vietnam War Memorials. The Park Police provides protection for
these monuments and icons.

Prior to September 11, there was a concern that monuments and icons on or
near the Mall could be the focus of a terrorist attack. According to
Interior officials, after September 11, Interior worked with a private
security firm to assess the risk of terrorist attacks at Mall monuments.
This assessment examined potential threats and alternate methods of both
prevention and protection. Additionally, the Park Service identified
specific protection criteria and designated key areas with the highest
vulnerability as priority status for increased security. According to
Interior and Park Service officials, they have used the report's findings
to determine where to allocate appropriated funds and implement security
upgrades for high-risk structures.

The Park Service has pursued a number of security enhancements to the
Washington Monument and Lincoln and Jefferson Memorials, which were the
focus of our review. Construction is currently under way on a landscape
security solution for the grounds of the Washington Monument. When
construction is complete, a 30-inch-high granite retaining wall along

newly constructed pedestrian pathways will surround the monument. The wall
will serve as a vehicle barrier while also providing visitor seating. In
addition, the monument grounds will receive nearly 800 new shade and
flowering trees, upgraded lighting, and granite paving on the plaza. The
Park Service closed the monument to the public in September 2004 to
complete the final phase of the security enhancement project and reopened
it on April 1, 2005. At the Lincoln Memorial, the Park Service plans to
construct a 35-inch-high granite retaining wall at the edge of the roadway
around the north, west, and south sides of Lincoln Memorial Circle, and
install retractable bollards for a portion of the circle that does not
handle everyday traffic. The Park Service is also developing an
alternative to a 715foot line of jersey barriers on the memorial's east
side, facing the Mall. Figure 7 shows the temporary jersey barriers and
fencing on the east side of the memorial.

Figure 7: Jersey Barriers and Fencing on the East Side of the Lincoln
Memorial

Source: GAO.

For the Jefferson Memorial, the Park Service has proposed the construction
of a security barrier, closure of a U-shaped driveway next to the monument
to create a pedestrian plaza, and creation of additional parking away from
the monument to improve security by limiting vehicular access. The Park
Service's proposal includes the elimination of parking adjacent to the
monument. According to the Park Service's environmental assessment of
various options, the options under consideration would have adverse
impacts on historic structures and the cultural landscape because the
proposed security barrier would introduce a new element within the
historic scene. However, the Park Service also said that the historic
structures, cultural landscape, and aesthetic and visual quality would
benefit due to the removal of the existing security measures that
currently compromise the views, vistas, and historic scene. According to
the Park Service, safety and security would be improved because the
barrier would provide a first line of defense from the potential threat of
a vehicle bomb and would serve as a deterrent to terrorists. Figure 8
shows a jersey barrier and temporary snow fencing at the memorial.
According to Park Service officials, the snow fencing is used to control
pedestrian flow to and from the memorial.

Figure 8: Jersey Barriers and Snow Fencing at the Jefferson Memorial

Source: GAO.

In addition to these improvements at the monuments, the Park Service has
upgraded its security camera capabilities in and around the Mall. The
camera system began its initial test run in July 2002 and was fully
operational by the fall of 2002. Park Service officials reported that the
system consists of cameras mounted in and around the Mall that digitally
record footage. It is designed for redundancy; if one camera fails,
another camera could quickly cover the same area. Park Service officials
stated that in the near future, they would like to expand coverage and
progressively

upgrade the camera system. Since September 11, Interior has also
established internal security protocols directly tied to the Homeland
Security Advisory System.3

In implementing security enhancements, several entities have an oversight,
advisory, or advocacy role for the monuments on the National Mall and have
an interest in security enhancements at the monuments. These entities
include the National Capital Planning Commission (NCPC), Advisory Council
on Historic Preservation (Advisory Council), the U.S. Commission on Fine
Arts (CFA), and the District of Columbia's State Historic Preservation
Officer (SHPO). In addition, advocacy groups, including the National
Coalition to Save Our Mall and the National Parks Conservation Association
(NPCA), are involved in, and offer their views on, security enhancements
to the monuments. The roles of the major entities and organizations are as
follows:

o 	NCPC (www.ncpc.gov) is the central planning agency for the federal and
District of Columbia governments in the national capital. Established in
1924 as the National Capital Park Commission and later renamed, NCPC's
responsibilities include conducting comprehensive planning to direct
federal activities and protect federal interests, reviewing and approving
all federal development projects in the city and outlying region, leading
specific initiatives to enhance the region, and preparing an annual
Federal Capital Improvements Program. NCPC is composed of three
presidential appointees, two D.C. mayoral appointees, the Secretaries of
Defense and the Interior, the Chairmen of the Senate Committee on Homeland
Security and Governmental Affairs and House Committee on Government
Reform, the Administrator of GSA, the Mayor of the District of Columbia,
and the Chairman of the D.C. City Council.

o 	The Advisory Council (www.achp.gov) is an independent federal agency
that promotes the preservation, enhancement, and productive use of the
nation's historic resources and advises the president and Congress on
national historic preservation policy. The National Historic Preservation
Act (NHPA) established the Advisory Council in 1966. According to the

3As we reported in GAO, Homeland Security: Communication Protocols and
Risk Communication Principles Can Assist in Refining the Advisory System,
GAO-04-682 (Washington, D.C.: June 2004), the Homeland Security Advisory
System is composed of five color-coded threat conditions, which represent
levels of risk related to potential terror attack. Red is severe, orange
high, yellow elevated, blue guarded, and green low.

Advisory Council, it seeks to have federal agencies act as responsible
stewards of our nation's resources when their actions affect historic
properties. The Advisory Council recommends administrative and legislative
improvements for protecting the nation's heritage; advocates full
consideration of historic values in federal decision making; and reviews
federal programs and policies to promote effectiveness, coordination, and
consistency with national preservation policies.

o CFA (www.cfa.gov) was established by Congress in 1910 as an independent
agency to advise the federal and District of Columbia governments on
matters of art and architecture that affect the appearance of the nation's
capital. CFA's primary role is to advise on proposed public building
projects, but it also reviews private buildings adjacent to important
public buildings and grounds.

o 	NHPA provides for the designation of a SHPO in each state. SHPOs have
duties that include locating and recording historic resources; nominating
significant historic resources to the National Register of Historic
Places; fostering historic preservation programs at the local government
level; reviewing all federal projects for their impact on historic
properties in accordance with Section 106 of NHPA; and providing technical
assistance on rehabilitation projects and other preservation activities to
federal agencies, state and local governments, and the private sector.

o 	The National Coalition to Save Our Mall (www.savethemall.org) was
founded in 2000 as a coalition of professional and civic organizations and
other concerned artists, historians, and citizens to provide a national
constituency dedicated to the protection and preservation of the National
Mall in Washington, D.C. According to the Coalition's Web site, its
mission is to

"defend our national gathering place and symbol of Constitutional
principles against threats posed by recent and ongoing proposals-for new
memorials, security barriers, service buildings and roads-that would
encroach on the Mall's historical and cultural integrity, its open spaces
and sweeping vistas, and its significance in American public life."

o 	NCPA (www.ncpa.org) is an advocacy organization whose mission is to
protect and enhance the National Park System for present and future
generations. According to its Web site, NCPA has been in existence for 85
years and has 300,000 members. NCPA's objectives are to advocate for the
national parks and the Park Service, educate decision makers and the
public about the importance of preserving the parks, help to

convince Members of Congress to uphold the laws that protect the parks and
support of new legislation to address threats to the parks, fight attempts
to weaken these laws in the courts, and assess the health of the parks and
park management to better inform its advocacy work.

Interior and Park Service officials said that implementing security
measures can be particularly challenging at monuments on the Mall in
Washington, D.C., because of the number of entities and organizations that
have jurisdictional, advisory, or advocacy roles regarding changes. These
officials said that in gaining the approval for projects from NCPC and
incorporating the views of the other organizations, the Park Service tries
to strike a balance among the various stakeholders and build consensus.
For example, in an effort to streamline the process for gaining approval
and input for enhancements at the Washington Monument, the Park Service,
NCPC, ACHP, and the D.C. SHPO established a streamlined review process in
2002 that allows for public participation. However, Interior and Park
Service officials acknowledged that there is often disagreement over how
to balance security with public access and aesthetic beauty. For example,
as part of its plans for security enhancements at the Washington Monument,
the Park Service gained approval from the NCPC in April 2003 to build an
underground visitor screening area and tunnel that would lead to the
basement of the monument. However, after meeting significant resistance
from NCPA, the Save Our Mall Coalition, and other interested stakeholders,
a senior Park Service official told us that the Park Service abandoned
this concept in the interest of maintaining support for security
enhancements. Due to the high visibility that security enhancements at
Mall monuments receive, Interior officials said that addressing
jurisdictional issues and competing stakeholder interests on the Mall will
remain their biggest challenge.

    Remote Location of Some Interior Assets Poses a Security Challenge

Remote Locations: Mt. Rushmore

Due to the remote and rugged location of some assets, Interior officials
reported that some icons and monuments pose additional issues related to
securing perimeters and ensuring an adequate response in the event of an
attack. According to information from Interior, although the remoteness of
the locations may reduce the threat exposure associated with more "target
rich" environments, it can present a significant disadvantage when
Interior attempts to implement security measures.

Mt. Rushmore, which is located in the Black Hills of southwestern South
Dakota, typifies how difficult it can be for Interior to protect icons and
monuments that are located in remote and often rugged environments. Mt.

Rushmore is the world's largest sculpture and is one of the most widely
recognized symbols of the United States. In addition to its cultural and
symbolic significance, size, and location, Mt. Rushmore hosts a large
number of visitors each year, including numerous dignitaries. The monument
has a visitor center, restaurant, gift shop, and amphitheatre that are
used for various events. Each Fourth of July, the park hosts a holiday
celebration with fireworks and other activities that attracts tens of
thousands of visitors. The monument is also about 50 miles south of
Sturgis, the site of an annual motorcycle rally that can bring over
500,000 tourists to the area-many of whom visit Mt. Rushmore.
Approximately 2.9 million tourists visit the monument annually, with up to
40,000 visiting on some days during the summer months.

Mt. Rushmore has a history prior to September 11 of security incidents
involving domestic terrorists, political demonstrators, and bomb threats,
according to Park Service officials. The threats and related incidents
have included the following:

o 	Between 1970 and 1973 there were multiple efforts by the American
Indian Movement to occupy the mountain and deface the monument.

o 	In 1975, a bomb was detonated in front of the visitor center-there were
no injuries because the detonation occurred early in the morning.

o 	In 1987, the environmental group Greenpeace illegally climbed the
mountain and attempted to unfurl a protest banner.

o 	In 1991, the Park Service received multiple, credible threats to
assassinate then-President George H.W. Bush during the 50th anniversary
celebration of the monument.

o 	In 1999, a Colorado man was arrested for making a threat to blow up Mt.
Rushmore.

According to Park Service officials, because of these incidents, the Park
Service took actions, including a security assessment in 1997 that
recommended a range of countermeasures costing approximately $2.9 million,
most of which were subsequently implemented. However, Park Service
officials told us that prior to September 11, the focus of their security
efforts was directed at protecting the monument. In light of the September
11 attacks, Park Service officials are now including visitors and
employees in their protection at Mt. Rushmore. With increases in funding

for security after September 11, Park Service officials told us in
mid-2004 that they were in the process of adding protection park rangers
and other employees. In addition, the Park Service made other security
enhancements, including the installation of security fencing, lighting,
and gates at multiple locations; improvements to existing mechanical
systems for dispatch and incident management; and the purchase of
all-terrain vehicles for use in patrols and at special events. Figure 9
shows a security camera mounted near the amphitheatre at the base of the
monument.

Figure 9: Security Camera near the Amphitheatre at Mt. Rushmore

Source: GAO.

Despite these improvements, security at Mt. Rushmore is a major Park
Service concern, due to the large area to patrol and large number of
visitors. The park has 1,278 acres, 40 acres of which are part of the
visitor service area that offers hiking and educational opportunities at
the sculptor's studio and visitor center's amphitheater, museum, and
bookstores. In addition, the area immediately surrounding the sculpture

has steep rock faces and a series of canyons. While terrain serves as a
natural barrier for most visitors and casual hikers, preventing
individuals seeking to climb to the top of the monument for nefarious
purposes is difficult. Park rangers at the monument told us that in order
to fully secure the monument's perimeter, rangers must regularly hike and
patrol the mountain-a time-consuming and physically challenging task.
Figure 10 shows the rugged terrain at the front of the sculpture and a
canyon in the area behind the sculpture.

                                  Source: GAO.

In addition, the park relies on backup from state and county law
enforcement agencies, as well as the Federal Bureau of Investigation.
According to Park Service officials, these agencies also provide support
during major events at the park.

Leveraging Limited In addition to the range of challenges with protecting
icons and Resources for Security monuments, Interior officials were also
concerned about the department's Improvements Is Viewed by ability to
leverage limited resources for its protection initiatives in terms of

security staffing and funding. These officials said that the
increasedInterior Officials as a emphasis on visitor protection and
homeland security demands that Challenge

Interior maintain a well coordinated and highly professional law
enforcement capability. However, the department's law enforcement staff is
already spread thin, according to these officials, averaging one law
enforcement officer for about every 110,000 visitors and 118,000 acres of
land. Funding challenges for Interior homeland security programs have been
well documented. According to the August 2003 Interior IG report mentioned
earlier, September 11 and the resulting increase in icon park security
have had an impact on other parks and law enforcement officers across the
Park Service.4 According to the report, rangers have been detailed from
their permanent parks to supplement the icon park forces, leaving many
other parks with a diminished protection staff. The Interior IG also
reported that law enforcement staff were strained right after September 11
because officers were working 12-hour shifts 7 days a week for several
months and with no days off. The Interior IG reported that there is a
concern about the long-term effectiveness of the protection staff and the
officers who operate under these conditions.

At the icons and monuments we visited, concerns about having adequate
resources for security were evident. In Philadelphia at INHP, Park Service
officials said that law enforcement represents the largest portion of the
INHP budget at approximately $8 million per year and accounts for more
than one-third of the park's budget. By comparison, prior to September 11,
law enforcement accounted for about $2.4 million per year. At the
Jefferson Memorial, Park Service officials told us that they sometimes
leave the snow fencing (shown in fig. 8) in place because they lack the
staff resources to remove and reinstall the fencing before and after each
major event on the Mall. At Mt. Rushmore, the need for additional staff
was, as mentioned before, an ongoing concern.

Although we did not do a detailed assessment of security funding issues,
officials at the sites we visited told us that they were concerned about
their ability to implement further security enhancements that they believe
are needed. They viewed lack of additional funding as a major challenge.
Interior officials with OLES, including the Deputy Assistant Secretary for
Law Enforcement and Security, expressed concern about the department's
inability to obtain homeland security funding through DHS. These officials
said that state and local governments receive significant funding through
DHS. These officials said that there have been discussions within the
administration about allowing other federal agencies to receive funding

42003-I-0063.

through DHS but such actions have not been taken. Nonetheless, with the
establishment of a central office to manage security matters and
Interior's efforts to respond to various governmentwide initiatives, the
department has taken some important steps to better position itself to
compete for homeland security-related funds. At the individual icons and
monuments we visited, steps clearly had been taken to improve security
since September 11, such as the Washington Monument perimeter landscaping
project, the Lincoln and Jefferson Memorial security projects, the visitor
screening system at the Statue of Liberty, increased staffing at Mt.
Rushmore, and the rerouting of Interstate 93 at Hoover Dam.

    Initiatives to Protect National Icons and Monuments Are Part of the National
    Homeland Security Strategy

Initiatives by Congress and the administration since September 11 to
improve homeland security have been intended to, among many objectives,
address the range of challenges associated with protecting national icons,
monuments, and other key assets held by Interior. The September 11
terrorist attacks prompted Congress to pass the Homeland Security Act,
which created DHS. DHS's mission includes preventing terrorist attacks
within the United States, reducing the vulnerability of the United States
to terrorism, and minimizing the damage and assisting in the recovery from
attacks that do occur. The creation of DHS centralized the government's
homeland security efforts, including policy setting with regard to
protecting national icons and monuments. As discussed earlier, several of
Interior's assets are highly visible and symbolic icons, monuments, and
critical infrastructure such as dams. Due to the prominence of Interior's
assets, protecting them has figured heavily into the broad strategic goals
set forth by the administration after September 11.

More specifically, the President's July 2002 National Strategy for
Homeland Security recognized the potential for attacks on national icons
and monuments, which could be targets for symbolic reasons and whose
destruction could profoundly damage national morale.5 The President's
February 2003 National Strategy for the Physical Protection of Critical
Infrastructures and Key Assets provides a statement of national policy to
remain committed to protecting critical infrastructures and key assets-
including national monuments, icons, and dams that Interior is responsible
for-from terrorist attacks and is based on eight guiding principles. These
principles include establishing responsibility and accountability and

5The President of the United States, National Strategy for Homeland
Security (Washington, D.C.: July 2002).

encouraging and facilitating partnering among all levels of government and
between government and industry. The strategy also establishes three
strategic objectives, which are to (1) identify and ensure the protection
of the most critical assets, in terms of national level public health and
safety, governance, and economic and national security and public
confidence; (2) ensure protection of infrastructures and assets facing
specific, imminent threats; and (3) pursue collaborative measures and
initiatives to ensure the protection of other potential targets that may
become attractive over time.6

The critical infrastructure strategy identifies Interior as the lead
federal entity for taking actions in a number of areas, in conjunction
with DHS, related to protecting icons, monuments, and other key assets.
These actions include developing guidance and standards for determining
criticalities and protection priorities, conducting threat and
vulnerability assessments, exploring opportunities for using technology to
protect visitors at monuments, and collaborating with state and local
governments and private foundations to ensure the protection of symbols
and icons outside the federal domain. In our prior work, we assessed these
plans and in February 2004 testified that the national strategy related to
critical infrastructure contained the most desirable characteristics among
the strategic plans for homeland security that the administration has
produced since September 11.7 These characteristics included addressing
such areas as purpose, scope, and methodology; problem definition and risk
assessment; and organizational roles, responsibilities, and coordination.

While the 2002 and 2003 national strategies identified a broad framework
for homeland security as it relates to critical infrastructure, HSPD-7,
which the administration issued in December 2003, establishes a national
policy for federal agencies to identify and prioritize critical U.S.
infrastructure and key resources and to protect them from terrorism.8 The
directive identified several critical infrastructure sectors, such as
agriculture, water systems, public health, and national monuments and
icons. For several of the sectors, the directive identifies lead agencies
that have sector-specific

6The President of the United States, National Strategy for the Physical
Protection of Critical Infrastructures and Key Assets (Washington, D.C.:
February 2003).

7GAO, Combating Terrorism: Evaluation of Selected Characteristics in
National Strategies Related to Terrorism, GAO-04-408T (Washington, D.C.:
Feb. 3, 2004).

8Homeland Security Presidential Directive Number 7, Critical
Infrastructure Identification, Prioritization, and Protection (Washington,
D.C.: Dec. 17, 2003).

knowledge, including Interior for national icons and monuments. SSA
responsibilities include collaborating with all relevant federal entities,
state and local governments, and the private sector; conducting or
facilitating vulnerability assessments of the specific sector; and
encouraging risk management strategies to protect against and mitigate the
effects of attacks. Section 35 of the directive also requires, on an
annual basis, that sector-specific agencies report on their efforts to
identify, prioritize, and coordinate the protection initiatives in their
respective sectors. In addition, section 34 of the directive requires that
all federal departments and agencies develop physical and cyber security
plans for the assets they own or operate.

Interior's Actions Have Been After September 11, the Secretary of the
Interior took steps to address

Positive, and Further Steps serious organizational and management problems
in the law enforcement

Could Strengthen Its Efforts in and security components of the department.
Of particular concern,

the Security Area 	according to Interior's IG, was the lack of
coordination among these components and the absence of a meaningful single
point of contact that the Secretary and senior managers could depend upon
for reliable information and advice.9 The Secretary approved a Deputy
Assistant Secretary for Law Enforcement and Security in July 2002,
established the security office named OLES, and approved the
implementation of the additional 24 recommendations from a January 2002
Inspector General report.10 OLES oversees the department's security
efforts and seeks to ensure consistent application across bureaus and
offices. OLES has responsibilities related to (1) coordinating the
development of policies and standards, (2) coordinating and overseeing
implementation of policies and standards, (3) representing the department
externally, (4) conducting compliance reviews, and (5) providing
leadership during incidents. Because Interior was designated as an SSA,
OLES prepared a sectorspecific security plan for icons and monuments, as
required by section 35 of HSPD-7. Interior also developed a physical
security plan for the assets it owns and operates in response to section
34 of HSPD-7. These plans recognize many of the major challenges facing
Interior, including security versus access, jurisdictional considerations,
security in remote locations, and security staffing issues.

9U.S. Department of the Interior, Office of Inspector General, Disquieting
State of Disorder: An Assessment of Department of the Interior Law
Enforcement, Report 2002-I-0014 (Washington, D.C.: January 2002).

102002-I-0014.

In response to HSPD-7's requirement that Interior formulate a plan for
identifying, assessing, prioritizing, and developing protective programs
for critical assets within the national icons and monuments sector,
Interior developed a uniform risk assessment and ranking methodology
called the National Monuments and Icons Assessment Methodology (NM&I
methodology). According to information from Interior, the NM&I methodology
is specifically designed to quantify risk, identify needed security
enhancements, and measure risk-reduction benefits at icon and monument
assets. The NM&I methodology has a consequence assessment phase and a risk
assessment phase. During the consequence assessment phase, there is an
asset tier ranking process, in which each asset's iconic significance is
subjectively determined. Specific attack scenarios-such as
chemical/biological, aircraft, or improvised explosive device-are used to
evaluate security at each asset and score attack consequences. Consequence
categories include casualties, economic impact, and length of disruption.
During the risk assessment phase, Interior uses the methodology to
determine the effectiveness of existing security systems for preventing or
mitigating the specified attack scenarios. Using risk values calculated
from this comparison, Interior assigns asset risk ratings of high, medium,
or low, and specific mitigation recommendations are formulated. To date,
Interior has applied this methodology to assets that fall under the
purview of the Park Service. Interior officials said that BOR has used a
risk assessment methodology for dams for several years. These officials
said that BOR's methodology is similar, but also takes into account
several factors that are unique to dams, such as downstream population at
risk, structural vulnerability, and the economic impact if the asset were
to be destroyed.

Interior has made significant progress in the risk assessment area,
particularly regarding the new methodology for national icons and
monuments. Before the development of this approach, Interior did not have
a uniform, comprehensive risk management approach for icons and monuments.
It relied instead on the judgment of senior officials in determining where
resources should be directed, and the risk assessments completed at
individual sites were done by a number of external experts using different
methodologies. Given the range of challenges Interior faces, particularly
with regard to limited resources, it is especially important that
Interior's funding priorities are linked with its risk rankings so that
decision makers-including Interior, Office of Management and Budget (OMB),
and Congress-can direct resources where they will have an optimal return
on investment in terms of better protection. Setting funding priorities
for protecting assets using a uniform approach is the foundation of the

National Strategy for Homeland Security and the National Strategy for the
Physical Protection of Critical Infrastructure and Key Assets. For
example, the section of the National Strategy related to critical
infrastructure calls for DHS and stakeholders like Interior to develop a
uniform methodology for identifying facilities, systems, and functions
with national level criticality to help establish priorities.

Government agencies often face a variety of interests whose competing
demands force policymakers and managers to balance stakeholders' concerns
and other factors such as quality, cost, and customer satisfaction. For
Interior, the trade-offs that have to be made between security and its
cultural mission are often difficult, which was apparent at the sites we
visited. Full transparency regarding the basis for its decisions on
security matters could, in our view, improve Interior's ability to achieve
mutually acceptable and consistent outcomes with stakeholders. As Interior
continues with the implementation of security measures, a clearly defined
set of guiding principles for balancing security with its core cultural
mission could also be beneficial due to the complex and often contentious
environment in which Interior operates. Such principles could be used in
conjunction with the broader guiding principles the administration set
forth in the national strategy for critical infrastructure and efforts by
the department to define its guiding principles in other areas that are
already in place. For example, the Park Service's strategic plan for
fiscal years 2001 to 2005 identifies a set of guiding principles for
achieving its mission that include excellent service, productive
partnerships, and citizen involvement.

Guiding principles have been used by other organizations to improve
transparency and thus allow stakeholders to better understand the basis
for decisions. For example, the administration has outlined guiding
principles for postal reform given the U.S. Postal Service's financial
difficulties and a complex operating environment that involves multiple
competing interests and stakeholders.11 These principles relate to best
practices, transparency, flexibility, accountability, and financial
selfsufficiency. In another example that relates directly to security, the
government of Canada has identified guiding principles that are part of
its

11President's Commission on the United States Postal Service, Embracing
the Future: Making the Tough Choices to Preserve Universal Mail Service
(Washington, D.C.: July 31, 2003).

long-term plan for the Parliament Precinct area in Ottawa.12 These
principles address the issue of balancing openness, accessibility, and
security; which, like in the United States, is a concern in Canada.

  The Threat Against Federal Office Buildings is Significant, and GSA Faces
  Various Challenges as the Owner and Landlord of These Assets

Terrorism is a major threat to federally owned and leased buildings, the
civil servants and military personnel who work in them, and the public who
visits them. This threat was evidenced by the Oklahoma City bombing in
1995; the 1998 embassy bombings in Africa; the September 11, 2001, attacks
on the World Trade Center and Pentagon; and the anthrax attacks in the
fall of 2001. Since the attacks on the World Trade Center and the
Pentagon, the focus on security in federal buildings has been heightened
considerably. More recently, DHS raised the national threat level to Code
Orange in some areas in August 2004 because of specific threat information
for office buildings with critical missions. According to information from
DHS, intelligence reports indicated that al Qaeda was targeting several
specific buildings, including the International Monetary Fund and World
Bank in the District of Columbia, Prudential Financial in northern New
Jersey, and Citigroup buildings and the New York Stock Exchange in New
York. GSA owns several federal office buildings on which an attack could
seriously disrupt the business of government and harm federal employees
and the public. Overall, GSA controls more than 8,000 buildings that it
owns and leases nationwide, encompassing about 338 million square feet of
space. These properties include office buildings, courthouses, border
stations, and other types of facilities, representing about 6 percent of
all federally owned space worldwide and 39 percent of all federally leased
space worldwide. In addition to most of the major departmental
headquarters in Washington, D.C., including the Departments of State,
Justice, and Interior, GSA owns most of the key multiagency federal office
buildings in major cities, including New York, and Chicago, as well as
every federal courthouse in the country.

Various potential threats-including large-scale attacks using truck bombs
to other breaches and attempts to bring weapons, explosives, or
chemical/biological agents into the buildings-pose several challenges for
GSA as the owner and landlord of these buildings. These include
maintaining a proper level of security without limiting the public's
access to federal offices for services that the government provides and
for other

12Public Works and Government Services Canada, A Legacy for Future
Generations: The Long-Term Vision and Plan for the Parliamentary Precinct.

business; working with stakeholders and other jurisdictions that have an
interest in the type of security that is employed; securing access to
privately owned buildings and space where GSA leases space for federal
agencies, but where GSA and FPS do not have control over security for the
building; and the challenge GSA faces as a result of the transfer of FPS,
which has responsibility for providing law enforcement and security
related functions, to DHS.

    Balancing Security with Public Access at Federal Facilities Is a Major
    Challenge

A major challenge in protecting federal buildings is balancing increased
security with the public's access to government offices for services and
to transact other business. According to GSA, its intent is to create an
environment that reflects an open, welcome atmosphere, but one that
challenges those with intent to do harm. In addition, GSA also considers
federal workers' convenience and privacy an important part of these
considerations. Nonetheless, striking a balance among these competing
factors is an ongoing challenge. It is particularly challenging for
federal agencies in GSA-owned buildings that require regular public access
such as courthouses, and federal office buildings that have agencies that
interact often with the public, such as the Social Security
Administration. A GSAowned and managed federal courthouse in Nevada
demonstrates the challenge of balancing public access with security needs
and how GSA has fostered this balance. This large courthouse houses
multiple tenants requiring heightened security, including the federal
courts, the U.S. Attorney's Office, and the U.S. Marshals Service (USMS).

According to GSA officials, the courthouse is unique because it hosts
cultural events such as concerts and contains many displays of sculpture,
painting, and photographic art that are open to the public. Located in
what GSA officials said is a neglected downtown area, the courthouse is
also a key part of a business and community revitalization effort that
offers free public events and encourages public participation. Balancing
the need for securing the facility and public accessibility is especially
important given the dual roles of the courthouse.

The courthouse has many security features incorporated into its design. It
is the first courthouse to be designed with federal architectural
blastresistance guidelines adopted after the Oklahoma City bombing.
According to GSA officials, the design of the courthouse incorporated many
of the lessons learned from Oklahoma City. Some of these many security
features incorporated into the building design include the following:

o  setback from the streets;

o  window glazing and hardened exterior building;

o  advanced structure design;

o  bollards around building perimeter;

o  controlled parking for building staff;

o 	security barriers entrance to mitigate the danger of high-speed vehicle
attempting to enter the parking garage;

o 	separate sally port for prisoner transfer and elevators for transfers
of prisoners to courtrooms;

o 	unique, unobtrusive design for magnetometer checkpoints at main public
entrance;

o  access card operated doors and nonpublic elevators; and

o  surveillance cameras both within and outside the structure.

USMS and FPS provide law enforcement and security functions for federal
buildings that house court functions. Given the events of September 11,
FPS and USMS made a number of enhancements to their operations and
physical security features at the courthouse. For example, FPS and USMS
officials told us that they now hold weekly meetings with the buildings'
principal stakeholders to review security issues. In addition, USMS
officials told us that they have instituted new gun and hazardous
materials training for their officers and have stepped up evacuation
drills and training for building employees. FPS and USMS officials said
that since September 11 there has been a great deal of cooperation amongst
local law enforcement agencies. For example, one local law enforcement
agency allowed FPS to link to its radio systems to enhance communication
between the entities. The local law enforcement agency also involved USMS
in their regionwide security efforts on New Year's eve 2003, when the
national threat alert level was raised to orange. Finally, USMS and FPS
have made physical security enhancements, including, among other things,
hardening the exterior wall of the courthouse that did not have a setback
with a reinforced retaining wall and a rock garden with large boulders,
replacing the gates to the vehicle sally port-which is a secure entryway
for the loading and

unloading of prisoners and protected witnesses-with stronger iron gates,
adding surveillance cameras, adding alarms, and constructing a secure gun
locker for use by armed officers.

The fact that office buildings traditionally have been constructed with an
emphasis on ease of access makes security measures difficult to implement.
However, as mentioned above, the design of the courthouse incorporated
many of the lessons learned from the Oklahoma City bombing with respect to
building security and safety, as well as a design that emphasizes openness
and accessibility. Nonetheless, according to GSA officials, balancing
security design and enhancement with access is an ongoing challenge.

    Addressing Jurisdictional Issues and Competing Stakeholder Interests Is
    Another Challenge for GSA

In addition to the challenges related to balancing security with public
accessibility at GSA buildings, addressing the competing needs of federal
agencies, local governments, and private sector entities in securing its
buildings is a challenge. For example, local governments get involved when
GSA requests permits to implement additional security enhancements that
require such actions as closing streets, removing public parking spaces,
and installing bollards around the perimeter of the facility. One location
that typifies the jurisdictional and stakeholder issues GSA faces is a
federal building in New York City. It is a GSA-owned and managed building
that houses multiple federal agencies and is visited by thousands of
individuals each year conducting business with the government.

GSA was focused on security at the federal building before the September
11 terrorist attacks. In coordination with the FBI and the city, GSA had
developed a preliminary security upgrade plan, which included improvements
such as maintaining street control around the building, increasing the use
of building access controls, and hardening the building to protect it from
blasts. After September 11, GSA and FPS implemented several additional
security enhancements, including further strengthening perimeter security,
access control, surveillance, and blast resistance. GSA and FPS took steps
to improve the perimeter security of the federal building by accelerating
plans to install bollards and barriers around the perimeter and working
with city and fire department officials to close some nearby streets to
vehicular traffic. In addition, GSA instituted a new building access
system employing smart card technology. Smart cards contain the name,
title, and picture of the employee; electronic data that can prove the
authenticity of the card; and biometric data about the

employee. Figure 11 shows the bollards that were installed in front of the
federal building.

Source: GAO.

GSA officials said that to implement these and other security
enhancements, their greatest challenge has been dealing with competing
stakeholder interests and jurisdictional issues. GSA officials indicated
that the decision-making process involves multiple stakeholders, steps,
and requirements, most of which involve the city of New York. GSA
officials noted that in addition to new steps and requirements that arose
during the permit process, some requirements changed after permit
issuance. In these cases, city officials have retracted some permits for
security enhancements, and GSA has had to restart the permitting process.
Specifically, GSA officials noted that they encountered delays when trying
to install bollards along the building perimeter. Initially, the city
Department of Transportation was supportive of the idea; but as the

process continued, GSA officials said that issues related to historic
preservation arose that needed to be addressed. Moreover, GSA officials
also noted that the city has prevented GSA from making some security
enhancements that they believed were needed.

GSA has also experienced opposition from various groups in trying to close
a nearby street due to security concerns. According to GSA officials, the
city has asked GSA to prepare an environmental impact statement (EIS),
hold public hearings, and consider traffic and economic impacts on the
street closure. In contrast with the challenges they have encountered with
the city, GSA officials said that the New York Police Department (NYPD)
has been supportive of their security efforts. At a recent demonstration
near the federal building, GSA officials said that NYPD provided police
officers to assist with crowd control. Although GSA has been faced with
various jurisdictional issues and the process has been challenging, the
city ultimately has also allowed GSA to close streets and make several of
the previously mentioned security upgrades. Nonetheless, GSA's experience
at the federal building demonstrates the complexities it faces when
attempting to implement security enhancements for large, multitenant
buildings in urban settings.

    The Challenge of Security for Leased Space

Securing access to privately owned buildings and space that houses federal
tenants is a unique challenge that may put the government at odds with
private lessors and other nonfederal building occupants. GSA has reported
that its goal and biggest challenge in this area is to provide the same
level of security for occupants of leased facilities as it provides for
those that GSA owns. However, this is often difficult because GSA has to
work with lessors to implement changes and in some instances coordinate
with other nonfederal tenants. As a result, GSA may have difficulty
getting the lessor to allow security countermeasures in buildings that are
not fully occupied by federal employees. This challenge arises because
many private owners resisted heightened levels of security because of the
adverse impact or inconvenience potentially caused to private tenants. GSA
officials also identified negotiating the need and costs of increased
security standards in leased properties as a significant challenge in the
post-September 11 environment. GSA officials said that negotiating with
private owners presents a challenge of determining how to effectively
secure mixed-tenant buildings without security being overly burdensome. A
GSA official, knowledgeable of leasing issues told us, however, that
September 11 changed the perspective of private owners as they realized
vulnerabilities

and recognized that federal tenants would begin requiring increased levels
of security in order to continue to lease space.

The D.C. metro area, managed by GSA's National Capital Region, has a high
concentration of federal leases. One such leased building is a 10-story,
privately owned facility located in Washington, D.C. The property is a
mixed-tenant space with both private sector and federal tenants. The
building posts guards and operates screening checkpoints at each entrance
and restricts access to elevator banks and stairwells to only those
authorized or with escort. In addition, a GSA official said that at the
request of the building's largest federal tenant, every individual
entering the building must be screened. Additionally, the building also
operates a mail facility to screen all mail, packages, and deliveries.

Due to security concerns following the September 11 attacks, FPS, along
with GSA and the building's largest federal tenant, assessed the
building's risk and began to develop and implement a comprehensive
security program. FPS conducted a threat assessment of the building and
determined the building to be classified as a Level IV13 property. Once
the building had been assessed and classified, agency officials from the
building's largest federal tenant, GSA, and FPS began developing a plan
for security program development and implementation. The program plan
included armed contract guards manning magnetometers and X-ray machines,
random spot checks of vehicles entering the parking garage, and close
monitoring of visitor badges.

Additionally, a GSA official said that technology advancement has changed
since September 11. The leased building's security program incorporates
its newest technology, the E-Pop system. The E-Pop system can be
controlled by security officials; in the event of an emergency, it is able
to connect to computers in the building and deliver emergency messages
communicating evacuation instructions. Furthermore, E-Pop allows tenants
to be immediately informed of an incident, thereby increasing their
chances of exiting the building safely. The leased building is also
considering implementing smart card technology, a building access system
that uses plastic identification cards containing an individual's personal
and

13According to Department of Justice standards, a Level IV facility has
over 450 federal employees. In addition, the facility likely has more than
150,000 square feet; a high volume of public contact; and tenant agencies
that may include high-risk law enforcement and intelligence agencies,
courts, judicial offices, and highly sensitive government records.

biometric data. This is the same system used at the federal building in
New York City.

A GSA leasing official stated that ISC's development of leased space
security standards, which will be discussed later, has been useful in
effectively communicating increased physical security needs to private
owners and involving them directly in the process of security program
development for their buildings. This official said that the standards
have established the credibility and validity of increased security
measures, where no or few guidelines existed before. A GSA official said
that even though the commercial real estate community in the capital area
has become attuned to the needs of the federal government in the
post-September 11 security environment, challenges still exist. According
to GSA and security officials, one challenge in leasing space in property
mixed with federal agency and private sector tenants is incorporating
increased security standards while balancing occupants' varying interests
and needs. Some private owners and their private sector tenants may not
want random car checks conducted or magnetometers placed at the entrances
to their buildings because this may, in some way, adversely affect their
business. GSA officials also noted that negotiating the need and costs of
increased security standards in leased properties is still a significant
challenge, as security demands for privately owned buildings are still
relatively new.

    FPS Transfer to DHS Poses a Challenge for GSA

The Homeland Security Act transferred FPS to DHS, effective March 1,
2003.14 FPS's transfer to DHS was intended to improve law enforcement and
related security functions by centralizing building security activities
with other homeland security functions. Under the act, DHS became
responsible for protecting buildings, grounds, and property owned,
occupied, or secured by the federal government that are under GSA's
jurisdiction, as well as other DHS facilities. A March 2003 operational
memorandum of agreement between GSA and DHS made FPS responsible for the
same types of security services that FPS provided for GSA properties prior
to the transfer to DHS. These include, among other things, performing risk
assessments, managing the installation of some security

14Executive Order 13286 dated February 28, 2003, amended numerous
executive orders to reflect the transfer of certain functions and
responsibilities to the Secretary of Homeland Security. Section 23 of the
Executive Order transferred the ISC chairmanship responsibility from GSA
to DHS.

equipment, conducting criminal investigations, and managing the contract
guard program.15 Although law enforcement and security related functions
were transferred to DHS from GSA, GSA officials said that it still assists
FPS and tenant agencies in implementing various security measures that FPS
recommends, and incorporating enhanced security measures into new space it
constructs or leases. In October 2003, GSA and DHS agreed on a number of
interim support services GSA would provide to FPS during the transition in
a separate memorandum of agreement. In July 2004, we reported on the
challenges FPS was facing related to the transfer, including its expanding
homeland security mission and related increase in responsibility;
unresolved issues related to how it would be funded, because its funds at
that time were tied to the rent GSA charges tenant agencies; and,
difficulties with transferring mission-support functions for FPS from GSA
to DHS.16 DHS concurred with our findings and related recommendations and
agreed to take action.

In addition to the challenges facing FPS, our work for this review showed
that GSA is facing its own management challenges because it no longer has
control over the law enforcement and related security functions of its
properties. GSA officials expressed concern about their ability to track
security expenditures and stay informed about FPS protection activities in
GSA buildings. These officials also expressed concern about not having a
formal mechanism for communicating with FPS and for ensuring that FPS is
meeting its responsibilities with regard to security enhancements and
services. The Deputy Commissioner of GSA's Public Buildings Service said
that since the departure of FPS, GSA has had difficulty adjusting to not
having responsibility for protecting its own buildings and is still trying
to define its overall role in security. This official said that GSA's new
role should be that of a coordinator between FPS and the tenant agencies
and that GSA was examining the MOU between GSA and DHS to determine if
GSA's role and visibility in facility protection could be enhanced.
Concerns about the departure of FPS were identified by GSA's Office of the
Inspector General (IG) in its August 2004 updated assessment of GSA's
major management challenges. The GSA IG identified protection of federal
facilities and personnel as one of seven major management challenges

15As of September 30, 2003, FPS had approximately 1,100 uniformed officer
full-time equivalents and 13,000 contract guards to protect GSA-owned
or-occupied facilities.

16GAO-04-537.

facing the agency.17 The GSA IG said that although FPS was transferred to
DHS, GSA will have a continual need to closely interact with security
personnel due to GSA's mission of housing federal agencies. The GSA IG
concluded that ensuring federal employees have a secure working
environment and that building assets are adequately safeguarded must
remain a primary concern of GSA.

Prior to the creation of DHS, we expressed concern about separating
security from other real property portfolio functions, such as site
location, design, and construction for new federal buildings. Decisions on
these factors have implications for what type of security will be
necessary and effective.18 We concluded that if DHS was given the
responsibility for securing facilities, the role of integrating security
with other real property functions would be an important consideration.
Given the transfer of FPS to DHS, the range of challenges FPS faces, and
the concerns about GSA's new role expressed by GSA officials and the GSA
IG, it is critical that GSA be well-equipped to engage in security-related
matters given that it is still the owner and landlord of these buildings.
However, GSA does not have an organizational unit or mechanism that is
directly accountable for security matters, such as a chief security
officer position or formal point of contact. Such an officer/official
could coordinate GSA's responsibilities related to the safety and security
of its facilities, similar to the role fulfilled by Interior's Deputy
Assistant Secretary for Law Enforcement and Security and OLES. GSA's
Deputy Commissioner for public buildings and other GSA officials who are
knowledgeable of security matters said that it would be beneficial for GSA
to have a designated position for coordination purposes. Having a chief
security officer position for physical assets is recognized in the
security industry as essential in organizations with large numbers of
mission-critical facilities. According to chief security officer
guidelines developed by ASIS International:19

17General Services Administration, Office of the Inspector General,
Updated Assessment of GSA's Major Management Challenges (Washington, D.C.:
August 2004). The other major management challenges the IG identified were
procurement activities, contract management, information technology,
management controls, aging federal buildings, and human capital.

18GAO, Building Security: Security Responsibilities for Federally Owned
and Leased Facilities, GAO-03-8 (Washington, D.C.: Oct. 31, 2002).

19ASIS International has over 33,000 security industry members and
according to its Web site is the preeminent international organization for
professionals responsible for security, including managers and directors
of security.

"Traditionally, what has previously been lacking is a single position at
the senior governance level having the responsibility for crafting,
influencing, and directing an organization-wide protection strategy. In
many organizations, accountability is dispersed, possibly among several
managers in different departments; with potentially conflicting
objectives....the diversity of today's risks comes in a complex matrix of
interrelated threats, vulnerabilities, and impacts, the safeguards for
which must, therefore, be interdependent. The ability to influence
business strategy and address matters of internal risk exposure requires a
chief security officer at the appropriate level in the organization."

    Protecting Government Facilities Is Part of the National Homeland Security
    Strategy

GSA Actions in Response to the National Homeland Security Strategy and
Other Related Initiatives

The National Strategy for the Physical Protection of Critical
Infrastructures and Key Assets mentioned earlier has clear implications
for GSA and its role as the owner and landlord of federal facilities. The
strategy identifies a number of actions intended to improve federal
facility protection. These included developing a process to screen
nonfederal tenants and visitors entering private sector facilities that
house federal organizations, determining the criticality and vulnerability
of government facilities, developing long-term construction standards for
facilities requiring specialized security measures, and implementing new
security technology at federally occupied facilities.

GSA has taken a number of positive actions, as follows:

o 	A senior GSA official chaired ISC's working group on security in
leasing; after receiving input from ISC member agencies, ISC issued its
policy on security standards for leased space in July 2003.

o 	GSA is working with DHS to utilize a risk management process called
Federal Security Risk Management (FSRM) for assessing federally owned and
leased facilities.

o 	GSA worked with ISC to develop security design criteria and is involved
with ISC's ongoing efforts to update the criteria annually.

o 	GSA is working with ISC on several technology-related initiatives,
including smart card and biometrics access control technology, nonjersey
barrier perimeter protection, and indoor air monitoring systems to prevent
uncontrolled movement of toxic air substances.

In the area of risk assessment, FPS uses a computer-based methodology that
allows FPS to evaluate risk and identify countermeasures on an ongoing
basis. FPS is able to use a series of input screens and queries to
maintain pertinent data that can be adjusted as threats and
vulnerabilities

change. The tool allows the user to enter information on each asset,
identify existing countermeasures, assign an impact of loss and a
vulnerability rating to each threat, and input countermeasure upgrade
alternatives and their associated costs.

As mentioned earlier, HSPD-7 requires, on an annual basis, that
sectorspecific agencies report on their efforts to identify, prioritize,
and coordinate the protection initiatives in various critical
infrastructure sectors. Although GSA was not given responsibility for any
of the sectors identified in the directive, all federal departments and
agencies are required, under the directive, to develop physical and cyber
security plans for the assets they own or operate. However, in a July 2004
letter to the Director of OMB, GSA stated that "no GSA owned or leased
space meets the definitions for critical infrastructure and/or key
resources." The letter went on to say that "GSA owns and leases many
buildings where important activities take place, but GSA is unable to make
a determination as to whether these tenant activities are critical
infrastructure."

GSA officials said that OMB has not commented on GSA's response to HSPD-7
regarding a physical security plan. The Executive Director of ISC- which
has responsibility for reviewing agencies' HSPD-7 plans for the
administration-said that ISC has not completed its review of agencies'
plans, including GSA's response to HSPD-7. We are deferring to ISC on
whether GSA's decision not to prepare a physical security plan is
reasonable. In the future, a chief security officer position or formal
point of contact could aid in determining GSA's involvement in
governmentwide critical infrastructure efforts such as HSPD-7.

Conclusions	There is a heightened concern that terrorists may again try to
exploit the nation's vulnerabilities. In this environment, Interior has a
critical role in protecting our national icons and monuments and ensuring
the safety of the millions of people who visit them. National icons such
as the Statue of Liberty and Mt. Rushmore could be attacked for symbolic
reasons. Since September 11, Interior has made significant progress in
improving security by doing vulnerability assessments of high-profile
sites that are likely targets and implementing various security measures.
For example, at the individual icons and monuments we visited, steps
clearly had been taken to improve security since September 11, such as the
Washington Monument perimeter landscaping project, the Lincoln and
Jefferson Memorial security projects, the visitor screening system at the
Statue of Liberty, increased staffing at Mt. Rushmore, and the rerouting
of Interstate 93 at Hoover Dam.

In addition, Interior has made management changes, including creating a
central security office, intended to enhance its homeland security
initiatives, and has recently developed a uniform risk management
methodology for national icons and monuments. These actions should help
Interior address the major challenges it faces-which include balancing
security and Interior's mission related to access and education;
addressing jurisdictional and competing stakeholder issues; securing icons
and monuments in rugged, remote areas; and leveraging limited staff and
funding resources.

As Interior moves forward, it could link the results of its risk
assessments and related risk rankings to its security funding priorities.
This could allow for well-informed decisions by stakeholders-such as
Interior, OMB, and Congress-about where to direct resources so that they
have an optimal return on investment in terms of better protection. Also,
a set of guiding principles for balancing security with its core cultural
and educational mission-which Interior lacks but other organizations with
complex environments have developed-could help in addressing the
challenges. A set of guiding principles could provide decision makers and
Interior's other stakeholders with greater transparency regarding the
rationale for security decisions. An approach with these components should
yield results that would allow decision makers both within and external to
the department to better gauge and consider competing priorities.

Since September 11, security at office buildings has remained a concern,
as evidenced by threats revealed by DHS in August 2004 that al Qaeda was
targeting several office buildings in New York, northern New Jersey, and
Washington, D.C. GSA has taken action to address the challenges it faces
as the owner and landlord of federal office buildings. These challenges
include balancing security and public access, addressing jurisdictional
and competing stakeholder issues, securing federally leased space, and
adjusting to the transfer of FPS to DHS. These actions have included
working with ISC to develop security standards, continuing with upgrades
that GSA began implementing after the Oklahoma City bombing, and
establishing a memorandum of agreement with DHS related to FPS. Despite
these actions, GSA lacks a mechanism such as a chief security officer
position or formal point of contact to coordinate security efforts for its
federal office building portfolio. As a result, GSA is less equipped to
effectively share information with FPS and tenant agencies, ensure that
FPS is fulfilling its responsibilities, track security expenditures, and
define its overall role in security-capabilities that GSA officials were
concerned the agency was lacking.

  Recommendations for Executive Action

We are making two recommendations to the Secretary of the Interior and one
recommendation to the Administrator of GSA. First, to ensure that useful
information is available for decisions on resources for the protection of
national icons and monuments, we recommend that the Secretary of the
Interior link the results of the agency's risk assessments and related
risk rankings to its funding priorities. Second, given the complex nature
of the challenges Interior faces in protecting national icons and
monuments, the Secretary should also develop guiding principles for
balancing security initiatives with Interior's core mission so that
decision makers and stakeholders will have a clearer, more transparent
understanding of Interior's rationale for security enhancements at
individual assets. Regarding GSA, we recommend that the Administrator
establish a mechanism-such as a chief security officer position or formal
point of contact-that could serve in a liaison role with FPS and tenant
agencies, work to address the challenges GSA faces related to security in
buildings it owns and leases, and enable GSA to define its overall role in
security given the transfer of FPS to DHS.

Agency Comments and 	We provided a draft of this report to Interior, GSA,
and DHS for their review and comment. Interior did not comment on our
conclusions and

Our Evaluation 	recommendations. However, Interior provided technical
comments, which we incorporated, where appropriate. GSA concurred with the
report's overall findings and stated that it concurs with the
recommendation and will address it. GSA comments are contained in appendix
II. DHS provided technical comments, which we incorporated where
appropriate.

We are sending copies of this report to the Secretaries of the Interior,
Homeland Security, and the Administrator of GSA. Additional copies will be
sent to other interested Congressional Committees. We will also make
copies available to others upon request. In addition, the report will be
available at no charge on the GAO Web site at http://www.gao.gov.

If you have any questions regarding this report, please contact me on
(202) 512-2834 or at [email protected]. Contact points for our Offices of
Congressional Relations and Public Affairs may be found on the last page
of this report. GAO staff who made major contributions to this report are
listed in appendix III.

Sincerely yours,

Mark L. Goldstein Director, Physical Infrastructure Issues

Appendix I

                       Objectives, Scope, and Methodology

Our objectives were to (1) identify any challenges that the Department of
the Interior (Interior) faces in protecting national icons and monuments
from terrorism, as well as related actions intended to address these
challenges, and similarly, (2) determine any challenges the General
Services Administration (GSA) faces related to the protection of federal
office buildings it owns or leases and the actions that have been taken.
To determine what challenges Interior and GSA have faced in their efforts,
we interviewed Interior and GSA officials to identify the major
challenges, and reviewed available reports and other documents. In
addition, in consultation with these officials, we identified sites that
are illustrative of these challenges.

From the sites identified, we selected five Interior sites and three GSA
buildings for further analysis of the challenges. These eight sites were
geographically dispersed and represented a range of asset types, including
office buildings and national icons in both densely populated and remote
areas. The sites included, the Statue of Liberty, New York, NY;
Independence National Historical Park, Philadelphia, PA; Mt. Rushmore
National Memorial, Keystone, SD; Hoover Dam, Boulder City, NV; the
Washington Monument and Lincoln and Jefferson Memorials on the National
Mall in Washington, D.C.; and three major facilities in the GSA inventory.
Collectively, the sites we selected provided examples of the range of
challenges Interior and GSA reported facing. We included the Hoover Dam
because, in addition to being a source of hydropower, the dam has iconic
status and attracts large numbers of tourists. At each site, we
interviewed agency officials with primary responsibility for security
implementation, operation, and management. We toured each site and
observed the physical environment, the facilities, and the principal
security elements to gain firsthand insights on the challenges.
Furthermore, we interviewed stakeholders with significant interest in the
security program, including the National Parks Conservation Association,
the Commission on Fine Arts, the National Capital Planning Commission,
Independence Mall Business and Residents Coalition, the National Coalition
to Save our Mall, the U.S. Marshals Service, a charitable organization,
and local government and law enforcement officials. We collected
documents, when available, that contained site-specific information on
security plans, policies, procedures, budgets and staffing. Finally, we
considered prior GAO work on challenges in facility protection and
security.

To determine what actions have been taken by Interior and GSA to address
its challenges, we collected and analyzed documents from, and conducted
interviews with Interior and GSA officials. The documents collected

Appendix I
Objectives, Scope, and Methodology

provided information on these agencies' past and present security plans,
policies and procedures, organizational structures, funding and staffing.
The interviews included officials from GSA's Public Building Services and
Interior's Office of Law Enforcement and Security, National Park Service,
and Bureau of Reclamation. We also interviewed officials from the Federal
Protective Service, which is part of DHS and protects leased and owned GSA
facilities. We reviewed relevant laws and guidance including the Homeland
Security Act of 2002, the Federal Property and Administrative Services Act
of 1949, and the Interagency Security Committee Security Standards for
Leased Space. Additionally, we reviewed other pertinent reports, including
the National Strategy for Homeland Security1 and the National Strategy for
the Physical Protection of Critical Infrastructures and Key Assets.2 We
also considered past GAO work related to facility protection and security
issues at Interior and GSA, as well as broader GAO work on homeland
security issues.

Agency officials and the representatives of stakeholder organizations
provided much of the data and other information used in this report. In
cases where officials provided their views and opinions within the context
that they were speaking for their organization, we corroborated the
information with other officials. We requested official comments on this
report from Interior, GSA, and DHS.

1The President of the United States, National Strategy for Homeland
Security (Washington, D.C.: July 2002).

2The President of the United States, National Strategy for the Physical
Protection of Critical Infrastructures and Key Assets, (Washington, D.C.:
February 2003).

Appendix II

Comments from the General Services Administration

GAO-05-790 is the public version of GAO-05-367SU.

Appendix III

                        GAO Contact and Acknowledgments

GAO Contact Mark Goldstein (202) 512-2834

Staff 	In addition to those individuals named above, David Sausville,
Casey Brown, Matt Cail, Erika Carter, Roshni Dave, Daniel Hoy, Anne Izod,
Donna

Acknowledgments Leiss, and Susan Michal-Smith were key contributors to
this report.

  GAO's Mission

Obtaining Copies of GAO Reports and Testimony

The Government Accountability Office, the audit, evaluation and
investigative arm of Congress, exists to support Congress in meeting its
constitutional responsibilities and to help improve the performance and
accountability of the federal government for the American people. GAO
examines the use of public funds; evaluates federal programs and policies;
and provides analyses, recommendations, and other assistance to help
Congress make informed oversight, policy, and funding decisions. GAO's
commitment to good government is reflected in its core values of
accountability, integrity, and reliability.

The fastest and easiest way to obtain copies of GAO documents at no cost
is through GAO's Web site (www.gao.gov). Each weekday, GAO posts newly
released reports, testimony, and correspondence on its Web site. To have
GAO e-mail you a list of newly posted products every afternoon, go to
www.gao.gov and select "Subscribe to Updates."

Order by Mail or Phone 	The first copy of each printed report is free.
Additional copies are $2 each. A check or money order should be made out
to the Superintendent of Documents. GAO also accepts VISA and Mastercard.
Orders for 100 or more copies mailed to a single address are discounted 25
percent. Orders should be sent to:

U.S. Government Accountability Office 441 G Street NW, Room LM Washington,
D.C. 20548

To order by Phone: 	Voice: (202) 512-6000 TDD: (202) 512-2537 Fax: (202)
512-6061

  To Report Fraud, Contact:

Waste, and Abuse in Web site: www.gao.gov/fraudnet/fraudnet.htm

E-mail: [email protected] Programs Automated answering system: (800)
424-5454 or (202) 512-7470

Gloria Jarmon, Managing Director, [email protected] (202)
512-4400Congressional U.S. Government Accountability Office, 441 G Street
NW, Room 7125 Relations Washington, D.C. 20548

Public Affairs 	Paul Anderson, Managing Director, [email protected] (202)
512-4800 U.S. Government Accountability Office, 441 G Street NW, Room 7149
Washington, D.C. 20548

                           PRINTED ON RECYCLED PAPER
*** End of document. ***