Aviation Security: Transportation Security Administration Has	 
Made Progress in Managing a Federal Security Workforce and	 
Ensuring Security at U.S. Airports, but Challenges Remain	 
(04-APR-06, GAO-06-597T).					 
                                                                 
It has been over 3 years since the Transportation Security	 
Administration (TSA) assumed responsibility for passenger and	 
baggage screening at commercial airports. This testimony focuses 
on the progress TSA is making in strengthening aspects of	 
aviation security and the challenges that remain. Particularly,  
this testimony highlights (1) progress TSA has made, and	 
challenges it faces, in managing a federalized security 	 
workforce--including federal security directors (FSD) and	 
transportation security officers (TSO)--with operational	 
responsibility for ensuring security of passengers and their	 
baggage; and (2) actions TSA has taken, and the challenges it	 
faces, to ensure appropriate regulatory oversight of other	 
airport security activities.					 
-------------------------Indexing Terms------------------------- 
REPORTNUM:   GAO-06-597T					        
    ACCNO:   A50737						        
  TITLE:     Aviation Security: Transportation Security Administration
Has Made Progress in Managing a Federal Security Workforce and	 
Ensuring Security at U.S. Airports, but Challenges Remain	 
     DATE:   04/04/2006 
  SUBJECT:   Airport personnel					 
	     Airport security					 
	     Aviation security					 
	     Baggage screening					 
	     Cargo security					 
	     Employee training					 
	     Labor force					 
	     Passenger screening				 
	     Performance measures				 
	     Personnel management				 
	     Staff utilization					 

******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO Product.                                                 **
**                                                              **
** No attempt has been made to display graphic images, although **
** figure captions are reproduced.  Tables are included, but    **
** may not resemble those in the printed version.               **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
******************************************************************
GAO-06-597T

     

     * TSA Operational Responsibilities for Passenger and Checked B
     * TSA Regulatory Responsibilities for Air Cargo and Airport Se
     * TSA Has Taken Action to Support FSDs, but Additional Clarifi
     * TSA Has Taken Steps to Better Manage Its TSO Workforce, but
     * TSA Has Strengthened TSO Training, but Faces Challenges in D
     * TSA Has Implemented Various Approaches to Measuring the Perf
     * Additional Action Needed to Strengthen TSA Inspections and O
     * Further Steps May Be Needed to Strengthen TSA Oversight of C
     * Order by Mail or Phone

Testimony before the Subcommittee on Federal Workforce and Agency
Organization, Committee on Government Reform,House of Representatives

United States Government Accountability Office

GAO

For Release on Delivery Expected at 2:00 p.m. EDT

April 4, 2006

AVIATION SECURITY

Transportation Security Administration Has Made Progress in Managing a
Federal Security Workforce and Ensuring Security at U.S. Airports, but
Challenges Remain

Statement of Cathleen A. Berrick, Director, Homeland Security and Justice
Issues

GAO-06-597T

Mr. Chairman and Members of the Committee:

I appreciate the opportunity to participate in today's hearing to discuss
the management and deployment of federal employees charged with securing
U.S. commercial airports. After the terrorist attacks of 2001, securing
the nation's aviation system-and ensuring that a federal workforce was in
place to carry out a wide range of aviation security
responsibilities-became a key goal of the administration and the Congress.
Among the actions taken to address this need, the Aviation and
Transportation Security Act (ATSA) of 2001, which established the
Transportation Security Administration (TSA), charged the agency with,
among other things, overseeing security operations at the nation's more
than 400 commercial airports.1 In TSA, the federal workforce comprises,
among others, federal security directors (FSDs)-the ranking authority
responsible for leading and coordinating security activities at airports;
transportation security officers (TSO), formerly known as screeners; and
inspectors responsible for ensuring that air carriers, airport employees
and airport vendors comply with established security requirements.

My testimony today addresses two separate areas related to the management
and oversight of the federal airport security workforce: (1) the progress
TSA has made, and the challenges it faces, in managing a federalized
security workforce with operational responsibility for ensuring security
of passengers and their baggage, and (2) the actions TSA has taken, and
the challenges it faces, to ensure appropriate regulatory oversight of
other airport security activities.

My comments are based on issued GAO reports and testimonies addressing the
security of the U.S. commercial aviation system and our ongoing work on
TSA's staffing standards for TSOs. We did our work in accordance with
generally accepted government auditing standards. Appendix I contains a
list of related GAO products issued since September 11, 2001.

1ATSA created TSA as an agency within the Department of Transportation
(DOT) with responsibility for securing all modes of transportation,
including aviation. Pub. L. No. 107-71, S: 101, 115 Stat. 597 (2001). The
Homeland Security Act of 2002, signed into law on November 25, 2002,
transferred TSA from the DOT to the new Department of Homeland Security
(DHS). Pub. L. No. 107-296, S: 403, 116 Stat. 2135, 2178.

Summary

While TSA has made progress in managing the federalized aviation security
workforce, including its FSDs and TSOs, TSA continues to face challenges
in several key areas, including clarifying FSD roles and responsibilities,
and managing the deployment and training of its TSO workforce. TSA has
made changes to better support and empower the FSD position, including
granting greater authority and flexibility to FSDs in carrying out their
responsibilities. For example, in carrying out their responsibilities in
overseeing security at the nation's airports, FSDs have formed
partnerships with key stakeholders and participated in communication and
coordination efforts to address a range of issues, including airport
security, operations, and coordination. However, while TSA has developed
guidance that describes the many roles and responsibilities of FSDs, we
recently reported that TSA's primary document outlining FSDs' authority
was outdated and lacked clarity regarding FSD authority during security
incidents relative to other airport stakeholders with whom FSDs must
coordinate closely on aviation security matters. For example, we found
instances where confusion or conflicting opinions developed over whether
the FSD had the authority to take certain actions during particular
security incidents. Regarding its TSOs, TSA has taken and has planned
actions to strengthen the management of the TSO workforce, which must be
deployed in sufficient numbers and trained and certified in the latest
screening procedures and technology to accomplish its security mission.
Acknowledging imbalances in the screener workforce, TSA developed
standards for determining TSO staffing for all airports at which federal
screening is required and developed a Screening Allocation Model (SAM) to
determine airport staffing levels. In determining staffing allocations,
the SAM takes into account not only flight and passenger data, but also
data unique to each airport-including flight schedules, passenger and
baggage distribution curves, and TSA passenger and baggage screening
configurations. However, FSDs we interviewed had preliminary concerns
about the assumptions in the model, noting, among other things, that it
has been a challenge to attract, hire, and retain a part-time TSO
workforce at the 20 percent level indicated in the model. In addition to
having an adequate number of screeners, effective screening involves
screeners properly trained to do their job. TSA has taken numerous steps
to expand training beyond the basic training requirement to include
self-guided courses on its Online Learning Center; a recurrent training
requirement of 3 hours per week, averaged over a quarter; and training on
threat information, explosives detection, and new screening approaches.
However, insufficient TSO staffing and a lack of high-speed
Internet/intranet connectivity create impediments to the TSO workforce
taking full advantage of training opportunities. With respect to
evaluating TSOs, TSA has strengthened its efforts to measure the
performance of the various components of the passenger and checked baggage
screening systems-people, processes and technology. Specifically, TSA has
implemented and strengthened efforts to collect performance data by
performing covert (undercover, unannounced) tests, using the Threat Image
Projection (TIP) system2 at passenger screening checkpoints, and
implementing a congressionally mandated annual TSO recertification
program. Despite these efforts, TSA covert testing has identified that
weaknesses existed in the ability of TSOs to detect threat objects on
passengers, in their carry-on bags, and in checked baggage.

TSA has taken steps to strengthen the federal workforce responsible for
other key areas of aviation security, including domestic air cargo and
airport perimeters and access controls, but it faces additional challenges
in each of these areas related to performance measurement and regulatory
oversight. We reported in October 2005, for example, that TSA had
significantly increased the number of domestic air cargo inspections. We
noted, however, that TSA had not developed performance measures to
determine to what extent air carriers and indirect air carriers-carriers
that consolidate air cargo from multiple shippers and deliver it to air
carriers to be transported-are complying with air cargo security
requirements, and had not analyzed the results of inspections to
systematically target future inspections on those entities that pose a
higher security risk to the domestic air cargo system. Without these
performance measures and systematic analyses, TSA will be limited in its
ability to effectively target its workforce for future inspections and
fulfill its oversight responsibilities for this important area of aviation
security. In June 2005, TSA officials informed us that in the future they
intend to compile information on the number of instances in which specific
air cargo security requirements are inspected, and are taking steps to
enhance TSA's ability to conduct compliance inspections of indirect air
carriers, by, among other things, using undercover testing to identify air
cargo security weaknesses. We also found that TSA has made efforts to
incorporate risk-based decision making into securing air cargo, but has
not conducted assessments of air cargo vulnerabilities or critical assets
(cargo facilities and aircraft)-two crucial elements of a risk-based
management approach without which TSA may not be able to appropriately
focus its resources on the most critical security needs. Moreover, to
better allocate resources for air cargo security, TSA established a
requirement for random inspection of air cargo to address threats to the
nation's aviation transportation system-a reflection of the agency's
position that inspecting 100 percent of air cargo was not technologically
feasible and would be potentially disruptive to the flow of air commerce.
In the area of airport perimeter and access control security, we reported
in June 2004 that while background checks were not required for all
airport workers, TSA requires most airport workers who perform duties in
secured and sterile areas3 to undergo a fingerprint-based criminal history
records check. TSA further requires airport operators to compare
applicants' names against TSA's aviation security watch lists. Once
workers undergo this review, they are granted access to airport areas in
which they perform duties. In addition, ATSA mandated that TSA require
airport operators and air carriers to develop security awareness training
programs for airport workers such as ground crews and gate, ticket, and
curbside agents of air carriers. According to TSA, training requirements
for these airport workers had not been established because additional
training would result in increased costs for airport operators. In the
area of security-related training, TSA did not require airport vendors
with direct access to the airfield and aircraft to develop security
programs, which would include security measures for vendor employees and
property, as required by ATSA. In July 2004, in response to our
recommendations, TSA made several improvements in these areas, through the
issuance of a series of security directives, including requiring enhanced
background checks and improved access controls for airport employees who
work in restricted airport areas.

2The Threat Image Projection system is designed to test TSOs' detection
capabilities by projecting threat images, including images of guns and
explosives, into bags as they are screened. TSOs are responsible for
positively identifying the threat image and calling for the bag to be
searched.

Background

TSA Operational Responsibilities for Passenger and Checked Baggage Security

Prior to the passage of ATSA, the screening of passengers and checked
baggage had been performed by private screening companies under contract
to the airlines. The Federal Aviation Administration (FAA) was responsible
for ensuring compliance with screening regulations. With the passage of
ATSA and the transfer of aviation security responsibilities to TSA,
including passenger and checked baggage screening at airports, TSA
assigned FSDs-the top-ranking TSA authorities responsible for security at
the nation's airports-to one or more commercial airports to oversee
security activities. TSA has approximately 157 FSD positions at commercial
airports nationwide to lead and coordinate TSA security activities.
Although an FSD is responsible for security at each commercial airport,
not every airport has an FSD dedicated solely to that airport. Most
category X airports4 have an FSD responsible for that airport alone, while
at other airports the FSD located at a hub airport has responsibility over
one or more spoke airports of the same or smaller size.

3Sterile areas are located within the terminal where passengers wait after
screening to board departing aircraft. Access to these areas is generally
controlled by TSA screeners at checkpoints where they conduct physical
screening of passengers and their carry-on baggage for weapons and
explosives.

In addition to establishing TSA and giving it responsibility for passenger
and checked baggage screening operations, ATSA also set forth specific
enhancements to screening operations for TSA to implement, with deadlines
for completing many of them. These requirements include

           o  assuming responsibility for screeners and screening operations
           at more than 400 commercial airports by November 19, 2002;
           o  establishing a basic screener training program composed of a
           minimum of 40 hours of classroom instruction and 60 hours of
           on-the-job training;
           o  conducting an annual proficiency review of all screeners;
           o  conducting operational testing of screeners;5 
           o  requiring remedial training for any screener who fails an
           operational test; and
           o  screening all checked baggage for explosives using explosives
           detection systems by December 31, 2002.6

           As mandated by ATSA, TSA hired and deployed a TSO workforce to
           assume operational responsibility for conducting passenger and
           checked baggage screening. Passenger screening is a process by
           which authorized TSA personnel inspect individuals and property to
           deter and prevent the carriage of any unauthorized explosive,
           incendiary, weapon, or other dangerous item onboard an aircraft or
           into a sterile area. TSOs must inspect individuals for prohibited
           items at designated screening locations.7 The four passenger
           screening functions are (1) X-ray screening of property, (2)
           walk-through metal detector screening of individuals, (3)
           hand-wand or pat-down screening of individuals, and (4) physical
           search of property and trace detection for explosives. Checked
           baggage screening is a process by which authorized TSOs inspect
           checked baggage to deter, detect, and prevent the carriage of any
           unauthorized explosive, incendiary, or weapon onboard an aircraft.
           Checked baggage screening is accomplished through the use of
           explosive detection systems8 (EDS) or explosive trace detection
           (ETD) systems,9 and through the use of other means, such as manual
           searches, canine teams, and positive passenger bag match,10 when
           EDS and ETD systems are unavailable.

           In addition to establishing requirements for passenger and checked
           baggage screening, ATSA charged TSA with the responsibility for
           ensuring the security of air cargo, including, among other things,
           establishing security rules and regulations covering domestic and
           foreign passenger carriers that transport cargo, domestic and
           foreign all-cargo carriers, and domestic indirect air
           carriers-carriers that consolidate air cargo from multiple
           shippers and deliver it to air carriers to be transported; and
           overseeing implementation of air cargo security requirements by
           air carriers and indirect air carriers through compliance
           inspections. In general, TSA inspections are designed to ensure
           air carrier compliance with air cargo security requirements, while
           air carrier inspections focus on ensuring that cargo does not
           contain weapons, explosives, or stowaways.11 TSA is responsible
           for inspecting 285 passenger and all-cargo air carriers with about
           2,800 cargo facilities nationwide, as well as 3,800 indirect air
           carriers with about 10,000 domestic locations. In conducting
           inspections, TSA inspectors review documentation, interview
           carrier personnel, directly observe air cargo operations, or
           conduct tests to determine whether air carriers and indirect air
           carriers are in compliance with air cargo security requirements.
           In 2004, an estimated 23 billion pounds of air cargo was
           transported within the United States, with about a quarter of this
           amount transported on passenger aircraft. Recently, DHS reported
           that most cargo on passenger aircraft is not physically inspected.

           ATSA also granted TSA the responsibility for overseeing U.S.
           airport operators' efforts to maintain and improve the security of
           commercial airport perimeters, access controls, and airport
           workers. While airport operators, not TSA, retain direct
           day-to-day operational responsibilities for these areas of
           security, ATSA directs TSA to improve the security of airport
           perimeters and the access controls leading to secured airport
           areas, as well as take measures to reduce the security risks posed
           by airport workers. Each airport's security program, which must be
           approved by TSA, outlines the security policies, procedures, and
           systems the airport intends to use in order to comply with TSA
           security requirements. FSDs oversee the implementation of the
           security requirements at airports.

           Of TSA's 950 aviation security inspectors located at airports
           throughout the United States, 750 are considered generalists who
           conduct a variety of aviation security inspections, and 200 are
           dedicated to conducting air cargo inspections. The FSD at each
           airport is responsible for determining the scope and emphasis of
           the inspections, as well as discretion for how to assign local
           inspection staff. TSA provides local airport FSDs and inspectors
           with goals for the number of inspections to be conducted per
           quarter.

           In recent years, TSA has taken numerous actions related to the
           deployment, training, and performance of their aviation security
           workforce. TSA has, for example, taken action to support the
           authority of FSDs at airports, though additional clarification of
           their roles is needed. TSA also has improved the management and
           deployment of its TSO workforce with the use of a formal staffing
           model, though hiring and deployment challenges remain. TSA has
           also strengthened TSO training, and implemented various approaches
           to measuring TSO performance related to passenger and baggage
           screening activities.

           In recent years, TSA has taken steps to ensure that FSDs, as the
           ranking TSA authorities at airports, coordinated their security
           actions with various airport stakeholders, and had sufficient
           authority to carry out their responsibilities. In September 2005,
           we reported on the roles and responsibilities of FSDs and other
           issues related to the position, including the extent to which they
           formed and facilitated partnerships with airport stakeholders.12
           At that time, we reported that the FSDs and most stakeholders at
           the seven airports we visited had developed partnerships that were
           generally working well. TSA recognized that building and
           maintaining partnerships with airport stakeholders was essential
           to FSDs' success in addressing security as well as maintaining an
           appropriate level of customer service. To that end, TSA
           established general guidance for FSDs to follow in building
           stakeholder partnerships, but left it to the FSDs to determine how
           best to achieve effective partnerships at their respective
           airports. As a part of their security responsibilities, FSDs must
           coordinate closely with airport stakeholders-airport and air
           carrier officials, local law enforcement, and emergency response
           officials-to ensure that airports are adequately protected and
           prepared in the event of a terrorist attack. FSDs' success in
           sustaining and ensuring the effectiveness of aviation security
           efforts is dependent on their ability to develop and maintain
           effective partnerships with these stakeholders. FSDs need to
           partner with law enforcement stakeholders, for example, because
           they do not have a law enforcement body of their own to respond to
           security incidents. Partnerships can be of mutual benefit to FSDs
           and airport stakeholders and can enhance customer service. For
           example, FSDs rely on air carrier data on the number of passengers
           transiting through checkpoints to appropriately schedule
           screeners, and air carriers rely on the FSD to provide an
           efficient screening process to minimize wait times for passengers.

           At the airports we visited, FSDs and stakeholders cited several
           ways FSDs maintained partnerships, including being accessible to
           their stakeholders to help resolve problems and meeting with
           stakeholders to discuss how to implement new security policies. In
           addition, a variety of communication and coordination efforts were
           in place at the airports we visited, and many of these efforts
           existed before TSA assigned FSDs to airports. Formal mechanisms
           included security and general airport operations meetings,
           incident debriefings, and training exercises to help ensure a
           coordinated response in the event of a security incident.

           We also found that in response to concerns over FSD authority in
           responding to airport-specific security needs, in 2004, TSA made a
           number of changes to better support and empower the FSD. These
           changes included

           o  establishing a local hiring initiative that vested more hiring
           authority with the FSDs to address airport staffing needs,
           o  providing flexibility to offer training locally to screeners,
           o  increasing authority to address performance and conduct
           problems,
           o  relocating five area director positions from the headquarters
           to the field in conjunction with establishing a report group to
           provide operational support and a communication link with
           headquarters, and
           o  establishing a mentoring program for newly appointed FSDs or
           their deputies.

           Most of the 25 FSDs we interviewed generally viewed these changes
           favorably. For example, most were satisfied with TSA's new local
           hiring process that provided more options for FSDs to be involved
           with hiring screeners, and most said that the new process was
           better than the more centralized hiring process it replaced. TSA
           officials concluded, among other things, that TSO candidates
           selected at airports where the FSD and staff were conducting the
           hiring process were more selective in accepting offers-leading to
           lower attrition-because they had more knowledge of what the job
           would entail than contractors did when they handled the hiring
           process. In addition, most of the FSDs we interviewed also saw
           value in the headquarters group TSA established to provide
           operational support to the field and a communication link among
           headquarters, field-based area directors, and FSDs.

           One area where we noted room for improvement at the FSD level was
           in how the FSD's authority has been defined. In September 2005, we
           reported that TSA had developed guidance that describes the many
           roles and responsibilities of FSDs, most of which is associated
           with securing commercial airports from terrorist threats.13
           However, while the guidance clearly defined FSD roles and
           responsibilities, TSA's primary document outlining FSDs' authority
           was outdated and lacked clarity regarding FSD authority relative
           to that of other airport stakeholders with whom FSDs must
           coordinate closely to help ensure the effectiveness of aviation
           security efforts. The absence of a clear understanding of the
           authority of the position had reportedly resulted in confusion
           during past security incidents and had raised concerns among some
           stakeholders at both the national and airport levels about
           possible ambiguity regarding FSDs' authority during incidents.
           Accordingly, we recommended that steps be taken to update TSA's
           Delegation of Authority to FSDs to clearly reflect the authority
           of FSDs relative to that of airport stakeholders during security
           incidents and communicate the authority of the position, as
           warranted, to the FSDs and all airport stakeholders. Such action
           would benefit FSDs by further enabling them to communicate and
           share consistent information about their authority with their
           staff and airport stakeholders, including law enforcement
           agencies. In commenting on our recommendation, DHS stated that a
           new restatement of the Delegation Order had been drafted by a
           working group composed of FSDs from the FSD Advisory Council and
           relevant stakeholders and is being internally coordinated for
           comment and clearance.

           To accomplish its security mission, TSA needs a sufficient number
           of passenger and checked baggage TSOs trained and certified in the
           latest screening procedures and technology. We reported in
           February 2004 that staffing shortages and TSA's hiring process had
           hindered the ability of some FSDs to provide sufficient resources
           to staff screening checkpoints and oversee screening operations at
           their checkpoints without using additional measures such as
           overtime.14 TSA has acknowledged that its initial staffing efforts
           created imbalances in the screener workforce and has since been
           taking steps to address these imbalances over the past 2 years,
           by, among other things, meeting a congressional requirement to
           develop a staffing model for TSOs. Specifically, the Intelligence
           Reform and Terrorism Prevention Act of 2004 required TSA to
           develop and submit to Congress standards for determining the
           aviation security staffing for all airports at which screening is
           required.15 The act also directed GAO to review these standards,
           which we are doing. These staffing standards are to provide for
           necessary levels of airport security, while also ensuring that
           security-related delays experienced by airline passengers are
           minimized. In June 2005, TSA submitted its report on aviation
           security staffing standards to Congress. Known as the Screening
           Allocation Model (SAM), these standards are intended to provide an
           objective measure for determining TSO airport staffing levels,
           while staying within the congressionally mandated limit of 45,000
           FTE screeners.

           Whereas TSA's prior staffing model was demand-driven based on
           flight and passenger data, the SAM model analyzes not only demand
           data but also data on the flow of passenger and baggage through
           the airport and the availability of the workforce. In determining
           the appropriate TSO staffing levels, the SAM first considers the
           workload demands unique to each individual airport-including
           flight schedules, load factors and connecting flights, and number
           of passenger bags. These demand inputs are then processed against
           certain assumptions about the processing of passengers and
           baggage-including expected passenger and baggage processing rates,
           required staffing for passenger lanes and baggage equipment, and
           equipment alarm rates. Using these and various other data, the SAM
           determines the daily workforce requirements and calculates a work
           schedule for each airport. The schedule identifies a recommended
           mix of full-time and part-time staff and a total number of TSO
           full-time equivalents (FTE) needed to staff the airport,16
           consistent with a goal of 10 minutes maximum wait time for
           processing passengers and baggage.

           For fiscal year 2006, the SAM model estimated a requirement of
           42,170 TSO FTEs for all airports nationwide. In order to stay
           within a 43,000 TSO FTE budgetary limit for fiscal year 2006, TSA
           officials reduced the number of FTEs allocated to airports to
           42,056, a level that allowed it to fund the 615 TSO FTEs in the
           National Screener Force-a force composed of TSOs who provide
           screening support to all airports------and to maintain a
           contingency of 329 TSO FTEs in reserve to meet unanticipated
           demands, such as a new air carrier coming on line at an airport.17
           As of January 2006, there were 37,501 full-time TSOs and 5,782
           part-time TSOs on board nationwide, representing an annualized
           rate of 41,085 TSO FTEs. According to TSA headquarters officials,
           the SAM can be adjusted to account for the uniqueness of
           particular airport security checkpoints and airline traffic
           patterns. Further, it is up to the FSDs to ensure that all of the
           data elements and assumptions are accurate for their airports, and
           to bring to TSA's attention any factors that should be reviewed to
           determine if changes to the SAM are appropriate. The President's
           fiscal year 2007 budget requests a total of 45,121 FTEs under the
           Passenger and Baggage TSO personnel compensation and benefits
           categories.

           As part of our ongoing review of the SAM model, we have identified
           several preliminary concerns about TSA's efforts to address its
           staffing imbalances and ensure appropriate coverage at airport
           passenger and checked baggage screening checkpoints. At the five
           airports we visited, FSD staff raised concerns about the SAM
           assumptions as they related to their particular airports.18 Among
           other things, they noted that the recommendation for 20 percent
           part-time TSO workforce-measured in terms of FTEs-often could not
           be reached, the expected processing rates for passenger and
           baggage screening were not being realized, non-passenger screening
           at large airports was higher than assumed, and the number of TSO
           FTEs needed per checkpoint lane and per baggage screening machine
           was not sufficient for peak periods. Regarding the SAM assumption
           of a 20 percent part-time TSO FTE level across all airports, FSD
           staff we visited stated that the 20 percent goal has been
           difficult to achieve because of, among other things, economic
           conditions leading to competition for part-time workers, remote
           airport locations coupled with a lack of mass transit, TSO base
           pay that has not changed since fiscal year 2002, and part-time
           workers' desire to convert to full-time status. According to TSA
           headquarters officials, while the nationwide annual TSO attrition
           rate is about 23 percent (compared to a rate of 14 percent
           reported in February 2004), it is over 50 percent for part-time
           TSOs. TSA has struggled with hiring part-time TSOs since it began
           actively recruiting them in the summer of 2003. In February 2004,
           we reported that FSDs at several of the airports we visited stated
           that they experienced difficulty in attracting needed part-time
           TSOs, which they believed to be due to many of the same factors,
           such as low pay and benefits, undesirable hours, the location of
           their airport, the lack of accessible and affordable parking or
           public transportation, and the high cost of living in the areas
           surrounding some airports.19 These FSDs stated that very few
           full-time TSOs were interested in converting to part-time status-a
           condition that still exists-and TSA officials stated that
           attrition rates for part-time TSOs were considerably higher than
           those for full-time TSOs.

           At two of the five airports we visited as part of our ongoing
           review of the SAM model, FSD staff told us that they had not been
           able to hire up to their authorized staffing levels. In February
           2004, we reported that many of the FSDs we interviewed expressed
           concern that TSA's hiring process was not responsive to their
           needs and hindered their ability to reach their authorized
           staffing levels and adequately staff screening checkpoints.
           Specifically, FSDs expressed concern with the lack of a continuous
           hiring process to backfill screeners lost through attrition, and
           their lack of authority to conduct hiring on an as-needed basis.
           We reported that TSA was taking steps to make the hiring process
           more responsive to FSDs' needs. Since then, TSA has provided FSDs
           with more input into the hiring process in an effort to streamline
           the process and enable FSDs to more quickly meet their staffing
           needs.

           During our five airport visits, some FSD staff we interviewed also
           cited another limitation of the SAM-specifically, that the model
           does not account for screeners who are performing administrative
           or other duties. The officials also noted that, because they are
           not authorized to hire a sufficient number of mission support
           staff, TSOs are being routinely used-in some cases full time-to
           carry out non-screening and administrative duties, including
           supporting payroll, scheduling, uniform supplies, legal support,
           logistics, and operations center activities. At the five airports
           we visited in January and February 2006, out of a total of 2,572
           TSO full time equivalents (FTE) on-board at those airports,
           roughly 136 FTEs (just over five percent) were being used for
           administrative duties. FSD staff stated that some of these TSOs
           are being used on a part-time basis, while others are used on a
           full-time basis. The use of TSOs in these support functions could
           adversely affect the ability of FSDs to adequately staff their
           screening checkpoints.

           To compensate for screener shortages and to enable operational
           flexibility to respond to changes in risk and threat, in October
           2003, TSA established a National Screening Force (formerly known
           as the Mobile Screening Force established in November 2002) to
           provide screening support to all airports in times of emergency,
           seasonal demands, or under other special circumstances that
           require a greater number of screeners than regularly available to
           FSDs. In February 2004, we reported that the National Screening
           Force consisted of over 700 full-time passenger and baggage TSOs.
           TSA officials stated that while these screeners have a home
           airport to which they are assigned, they travel to airports in
           need of screening staff approximately 70 percent of the year.

           TSA budgeted from appropriations received in fiscal year 2006 for
           615 FTEs for the National Screening Force. The President's fiscal
           year 2007 budget request includes $35 million for operational
           expenses of the National Screening Force (not including salaries
           and benefits of force members). According to the budget request,
           in fiscal year 2007, the National Screening Force will generally
           be deployed only to those airports experiencing significant
           staffing shortfalls associated with increased seasonal traffic or
           when a special event, such as a Super Bowl or a large national
           conference, occurs requiring an immediate influx of additional TSO
           support. At one category X airport we recently visited, the FSD
           stated that because of challenges in hiring and retaining TSOs for
           this airport, he has had to rely on 59 members of the National
           Screening Force deployed to his airport, and had been relying on
           this force since 2004. The President's fiscal year 2007 budget
           request states that TSA will continue to review methods for
           reducing costs associated with this force, including ensuring that
           each airport has a sufficient staffing program in place to address
           short-term needs.

           In the President's fiscal year 2007 budget request, TSA identified
           several additional initiatives under way to address the management
           of the TSO workforce. These efforts include attempts to reduce
           attrition by creating a performance-based pay system, and
           establishing retention incentives to include performance bonuses,
           retention allowances, college credit reimbursement and flexible
           staffing. TSA also reported efforts to enhance opportunities for
           career advancement within the TSO job category, reducing
           on-the-job injuries by reengineering baggage screening areas, and
           deploying a national nurse care management program at 21 airports
           to assist TSOs in returning to work in a shorter period of time.

           Since we reported on TSO training in September 2003, TSA has taken
           a number of actions designed to strengthen training available to
           the TSO workforce as part of its efforts to enhance the
           performance of TSOs.20 In September 2003, we reported that TSA had
           not fully developed or deployed a recurrent training program for
           passenger TSOs. At that time, little training was available to
           TSOs once they completed their basic TSO training. Since then, TSA
           has expanded training available to the TSO workforce, such as
           introducing an Online Learning Center that makes self-guided
           courses available over TSA's intranet and the Internet and
           expanding training available to supervisory TSOs. TSA also
           established a recurrent training requirement of 3 hours per week,
           averaged over a quarter, and provided FSDs with additional tools
           to facilitate and enhance TSO training, including at least one
           modular bomb set kit-containing components of an improvised
           explosive device (IED)-and at least one weapons training kit. TSA
           has also instituted a program called Threat in the Spotlight that,
           based on intelligence TSA receives, provides screeners with the
           latest in threat information regarding terrorist attempts to get
           threat objects past screening checkpoints. Additionally, in
           December 2005, TSA reported completing enhanced explosives
           detection training for over 18,000 TSOs. This training included
           both classroom and hands-on experiences, and focused particularly
           on identifying X-ray images of IED component parts, not just a
           completely assembled bomb. TSA plans for the remaining TSO
           workforce to receive this training by June 2006 through the Online
           Learning Center or other delivery methods. TSA also has developed
           new training curriculums to support new screening approaches. For
           example, TSA recently developed a training curriculum for TSOs in
           behavior observation and analysis at the checkpoint to identify
           passengers exhibiting behaviors indicative of stress, fear, or
           deception.

           However, as we reported in May 2005, insufficient TSO staffing and
           a lack of high-speed Internet/intranet connectivity to access the
           Online Learning Center have made it difficult for all TSOs
           screeners at many airports to receive required training and has
           limited TSO access to TSA training tools.21 As previously
           discussed, TSA is taking steps to address the TSO staffing
           challenges. However, it is too soon to determine whether TSA's
           efforts will address TSA's ability to provide required training
           while maintaining adequate coverage for screening operations. In
           terms of access to the Online Learning Center, TSA plans to
           complete the deployment of high-speed Internet/intranet
           connectivity to airports during fiscal year 2007. TSA established
           its Online Learning Center to provide passenger and baggage
           screeners with online, high-speed access to training courses.
           However, effective use of the Online Learning Center requires
           high-speed Internet/intranet access, which TSA has not been able
           to provide to all airports. In May 2005, we reported that as of
           October 2004, about 45 percent of the TSO workforce did not have
           high speed Internet/intranet access to the Online Learning Center.
           The President's fiscal year 2007 budget request reports that
           approximately 220 of the more than 400 airport and field locations
           have full information technology infrastructure installation, to
           include high-speed network connectivity, while the rest of the
           airports operate with dial-up access to TSA systems. According to
           the budget request, TSA will use $120 million in fiscal year 2006
           to deploy high-speed connectivity to all category X and I airports
           and preliminary high-speed connectivity to all category II, III,
           and IV airports. The budget request includes a request for a total
           of $90 million to support this effort in fiscal year 2007, of
           which $54 million is needed to complete the deployment of
           high-speed connectivity at category II, III, and IV airports.22

           TSA has strengthened its efforts to measure the performance of the
           various components of the passenger and checked baggage screening
           systems-people, processes, and technology-but results of covert
           testing identified that weaknesses and vulnerabilities continue to
           exist. In November 2003, we reported on the need for TSA to
           strengthen its efforts to measure the performance of its screening
           functions.23 At that time, TSA had collected limited data on the
           effectiveness of its aviation security initiatives, to include
           screening functions. Specifically, limited covert (undercover,
           unannounced) testing had been performed, the TIP system used to
           aid TSOs in identifying threat objects within baggage was not
           fully operational at passenger screening checkpoints and was not
           available for checked baggage screening systems, and TSA had not
           fully implemented a congressionally mandated annual TSO
           proficiency review. Since then, TSA has implemented and
           strengthened efforts to collect performance data in each of these
           areas.

           In the area of covert testing, TSA headquarters increased the
           amount of passenger and checked baggage screening covert tests it
           performs and recently changed its approach to covert testing to
           focus its resources on catastrophic threats-threats that can take
           down an airplane or blow up an airplane. TSA's Office of
           Inspections (OI) (formerly the Office of Internal Affairs and
           Program Review, or OIAPR) conducts unannounced covert tests of
           TSOs to assess their ability to detect threat objects and to
           adhere to TSA-approved procedures. These tests, in which
           undercover OI inspectors attempt to pass threat objects through
           passenger screening checkpoints and in checked baggage, are
           designed to measure vulnerabilities in passenger and checked
           baggage screening systems and to identify systematic problems
           affecting performance of TSOs in the areas of training,
           procedures, and technology. OI, which began covert testing in
           September 2002, conducted 836 tests in fiscal year 2003 and 2,369
           tests in fiscal year 2004 using its staff of 183
           full-time-equivalents.24 In reporting its covert testing results,
           OI makes recommendations to TSA leadership that address
           deficiencies identified during testing and are intended to improve
           screening effectiveness. As of December 2005, OI had issued 29
           reports to management on the results of its checkpoint and checked
           baggage covert testing. In total, the reports include 19 distinct
           recommendations related to passenger and checked baggage
           screening.25 Of these 19 recommendations, 11 relate to screener
           training. In September 2005, OI began implementing a revamped
           testing process that included a more risk-based approach and
           focused its resources on catastrophic threats. OI officials stated
           that they will continue testing. However, TSA leadership is
           reviewing the results of the revised testing, and final decisions
           regarding the structure, content, and frequency of future tests
           have not yet been made.

           Our analysis of TSA's covert testing results for tests conducted
           between September 2002 and September 2005 identified that overall,
           weaknesses existed in the ability of screeners to detect threat
           objects on passengers, in their carry-on bags, and in checked
           baggage. Covert testing results in this analysis cannot be
           generalized either to the airports where the tests were conducted
           or to airports nationwide.26

           In February 2004, TSA provided protocols to help FSDs conduct
           their own covert testing of local airport passenger screening
           activities-a practice that TSA had previously prohibited.27
           Between May 2004 and April 2005, FSDs conducted a total of 17,954
           local covert tests at 350 airports; as of February 2006, TSA
           reported that FSDs had conducted a total of 48,826 local covert
           tests. In February 2005, TSA released a general procedures
           document for local covert testing at checked baggage screening
           locations. Between March 2005 and September 2005, 1,370 local
           tests of EDS screening were conducted at 71 airports. TSA
           headquarters officials stated that a key challenge FSDs face in
           conducting local testing is the lack of available federal staff to
           conduct the testing, particularly at smaller airports. In May
           2005, we reported that TSA officials stated that they had not yet
           begun to use data from local covert testing to identify training
           and performance needs because of difficulties in ensuring that
           local covert testing is implemented consistently nationwide.28 TSA
           officials stated in March 2006, that the data are available for
           FSDs to use to identify training needs and levels of TSO
           performance.

           Covert testing is one method TSA uses to measure the security
           effectiveness of passenger and checked baggage screening
           procedures and technologies in the operating environment in
           addition to other TSA measures that assess the performance of
           passenger and checked baggage TSOs. One other source of
           information on TSO performance in detecting threat objects is the
           results from the TIP system. TIP is designed to test passenger
           screeners' detection capabilities by projecting threat images,
           including images of guns, knives, and explosives, onto bags as
           they are screened during actual operations. TSOs are responsible
           for identifying the threat image and calling for the bag to be
           searched. Once prompted, TIP identifies to the screener whether
           the threat is real and then records the TSO's performance in a
           database that could be analyzed for performance trends.29 TIP
           threat detection results in conjunction with OI covert test
           results and local testing are intended to assist TSA in
           identifying specific training and performance improvement efforts.

           In May 2005, we reported that in October 2003 TSA reactivated TIP
           as planned with an expanded library of 2,400 images at all but one
           of the more than 1,800 checkpoint lanes nationwide.30 In December
           2005, TSA reported that it has further expanded the image library
           to include additional images of IEDs and IED components as part of
           its effort to improve TSOs' detection of explosives. Additionally,
           the President's fiscal year 2007 budget request states that TSA
           plans to maximize the training benefits of the TIP system by
           tailoring TIP sessions to address individual TSO weaknesses
           revealed in user performance data. For example, if a TSO has
           particular difficulty identifying IEDs, the TIP would trigger the
           projection of a higher proportion of simulated IEDs while that TSO
           was operating the machine under standard circumstances.

           Despite these improvements, TIP is not yet available for checked
           baggage screening. In April 2004, we reported that TSA officials
           stated that they were working to resolve technical challenges
           associated with using TIP for checked baggage screening on
           explosives detection system (EDS) machines and have started EDS
           TIP image development.31 However, in December 2004, TSA officials
           stated that because of severe budget reductions, TSA will be
           unable to begin implementing a TIP program for checked baggage in
           fiscal year 2005. Officials did not specify when such a program
           might begin.

           Another measure of TSO performance is the results of annual
           recertification testing. ATSA requires that each TSO receive an
           annual proficiency review to ensure he or she continues to meet
           all qualifications and standards required to perform the screening
           function. To meet this requirement, TSA established a
           recertification program. The first recertification program-which
           was conducted during the period October 2003 through March
           2004-was composed of two assessment components, one of TSOs'
           performance and the other of TSOs' knowledge and skills. During
           the performance assessment component of the recertification
           program, TSOs are rated on both organizational and individual
           goals, such as maintaining the nation's air security, vigilantly
           carrying out duties with utmost attention to tasks that will
           prevent security threats, and demonstrating the highest levels of
           courtesy to travelers to maximize their levels of satisfaction
           with screening services. The knowledge and skills assessment
           component consists of three modules: (1) knowledge of standard
           operating procedures, (2) image recognition, and (3) practical
           demonstration of skills.

           Across all airports, TSOs performed well on the recertification
           testing for the first 2 years the program was in place, with about
           1 percent of TSOs subject to recertification failing to complete
           this requirement. In both years, TSOs faced the greatest
           difficulty on their first attempt to pass the practical
           demonstration of skills module-a hands-on simulated work sample
           used to evaluate a screener's knowledge, skill, and ability when
           performing specific screener tasks along with the ability to
           provide customer service.32 According to TSA officials, at the
           completion of recertification at an airport, TSA management has
           access to reports at both the individual TSO and airport level,
           which identify the specific areas that were missed during testing.
           National level reports are also available that isolate areas that
           need improvement and can be targeted in basic and recurrent
           training. In fiscal year 2004, TSA established a performance
           measure for the recertification program.33

           During the first year of recertification testing, dual-function
           TSOs who were actively working as both passenger and checked
           baggage TSOs were required to take only the recertification test
           for passenger TSOs. They were therefore not required to take the
           recertification testing modules required for checked baggage, even
           though they worked in that capacity.34 TSA's second annual
           recertification testing, which began in October 2004, included
           components for dual-function TSOs, but did not include an image
           recognition module for checked baggage TSOs-which would include
           dual-function screeners performing checked baggage screening. TSA
           officials stated that a decision was made to not include an image
           recognition module for checked baggage TSOs during this cycle
           because not all checked baggage TSOs would have completed training
           on the onscreen resolution protocol by the time recertification
           testing was conducted at their airports.35 In October 2005, TSA
           released guidance for screener recertification that included an
           image recognition module for checked baggage and dual-function
           screeners trained in the onscreen alarm resolution protocol.

           In addition to enhancing its efforts to measure the performance of
           TSOs, TSA also has developed two performance indexes to measure
           the effectiveness of the passenger and checked baggage screening
           systems. These indexes measure overall performance through a
           composite of indicators and are derived by combining specific
           performance measures relating to passenger and checked baggage
           screening, respectively. Such measures can be useful in
           identifying shortfalls that might be addressed by initiatives to
           enhance the workforce, such as providing special training.
           Specifically, these indexes measure the effectiveness of the
           screening systems through machine probability of detection and
           covert testing results;36 efficiency through a calculation of
           dollars spent per passenger or bag screened; and customer
           satisfaction through a national poll, customer surveys, and
           customer complaints at both airports and TSA's national call
           center. We reported in May 2005 that the screening performance
           indexes developed by TSA can be a useful analysis tool, but
           without targets for each component of the index, TSA will have
           difficulty performing meaningful analyses of the parts that make
           up the index. For example, without performance targets for covert
           testing, TSA will not have identified a desired level of
           performance related to screener detection of threat objects.
           Performance targets for covert testing would enable TSA to focus
           its improvement efforts on areas determined to be most critical,
           as 100 percent detection capability may not be attainable.37 In
           January 2005, TSA officials stated that the agency planned to
           track the performance of individual index components and establish
           performance targets against which to measure these components.
           Since then, TSA has finalized targets for the indexes, including
           targets for passenger and checked baggage covert testing.

           TSA has taken steps to strengthen oversight for key areas of
           aviation security, including domestic air cargo security
           operations conducted by air carriers, and airport perimeter
           security operations and access controls carried out by airport
           operators. For air cargo, TSA has increased the number of
           inspectors used to assess air carrier and indirect air carrier
           compliance with security requirements, and has incorporated
           elements of risk-based decision making to guide air cargo security
           needs. As of October 2005, however, TSA had not developed
           performance measures to determine to what extent air carriers and
           indirect air carriers are complying with air cargo security
           requirements, limiting TSA's ability to effectively target its
           workforce for future inspections and fulfill its oversight
           responsibilities. On airport premises, TSA had, at the time of our
           2004 review, begun evaluating the security of airport perimeters
           and the controls that limit access into secured airport areas, but
           had not completed actions to ensure that all airport workers
           employed in these areas were vetted prior to hiring and then
           trained.

           We reported in October 2005 that TSA had significantly increased
           the number of domestic air cargo inspections conducted of air
           carrier and indirect air carrier compliance with security
           requirements. 38 We noted, however, that TSA had not developed
           performance measures to determine to what extent air carriers and
           indirect air carriers were complying with security requirements,
           and had not analyzed the results of inspections to systematically
           target future inspections on those entities that pose a higher
           security risk to the domestic air cargo system. Without these
           performance measures and systematic analyses, TSA will be limited
           in its ability to effectively target its workforce for future
           inspections and fulfill its oversight responsibilities for this
           essential area of aviation security. We also reported on other
           actions that TSA had taken to focus limited resources on the most
           critical security needs.

           Our analysis of TSA's inspection records39 showed that between
           January 1, 2003, and January 31, 2005, TSA conducted 36,635 cargo
           inspections of air carriers and indirect air carriers and found
           4,343 violations.40 Although TSA had compiled this information,
           the agency had not determined what constitutes an acceptable level
           of performance or compared air carriers' and indirect air
           carriers' performance against this standard. Without measures to
           determine an acceptable level of compliance with air cargo
           security requirements, TSA cannot assess the performance of
           individual air carriers or indirect air carriers against national
           performance averages or goals that would allow TSA to target
           inspections and other actions on those that fall below acceptable
           levels of compliance. According to TSA officials, the agency was
           working on developing short-term and long-term outcome measures
           for air cargo security, but they did not provide a timetable for
           when this effort would be completed.

           In addition, TSA had taken initial steps to compile information on
           the results of its compliance inspections of air carriers and
           indirect air carriers and identify the most frequent types of
           violations found. For example, from January 1, 2003, to January
           31, 2005, TSA identified violations committed by air carriers and
           indirect air carriers involving noncompliance with air cargo
           security requirements in several areas-such as cargo acceptance
           procedures, access control to cargo facilities, and physical cargo
           inspections-that TSA had determined to be high-risk because they
           would pose the greatest risk to the safety and security of air
           cargo operations. TSA identified indirect air carriers' failure to
           comply with their own security programs as the area with the most
           violations, which according to TSA officials is due, in part, to
           indirect air carriers' unfamiliarity with air cargo security
           requirements. While TSA had identified frequently occurring
           violations, it had not yet determined the specific area of
           violation for a large number of inspections. In addition, TSA
           could not identify how many of its 36,635 inspections covered each
           air cargo security requirement. As a result, TSA could not
           determine the compliance rate for each specific area inspected.
           Without complete information on the specific air cargo security
           requirements that air carriers and indirect air carriers violated,
           as well as the number of times each topic area was inspected, TSA
           was limited in its ability to determine the compliance rates for
           specific air cargo security requirements and effectively target
           future inspections for air cargo security requirements that were
           most frequently violated and the air carriers and indirect air
           carriers that violate them. In June 2005, TSA officials informed
           us that in the future they intended to compile information on the
           number of instances in which specific air cargo security
           requirements were inspected.

           In addition, while TSA compiled information on the results of its
           compliance inspections, the agency had not yet systematically
           analyzed these results to target future inspections on security
           requirements and entities that pose a higher risk. Analyzing
           inspection results would be consistent with our internal control
           standards calling for comparisons of data to identify
           relationships that could form the basis for corrective actions, if
           necessary.41 TSA officials and the agency's fiscal year 2005
           annual domestic inspection and assessment plan identified the need
           for such analyses. According to TSA officials, the agency had
           recently hired one staff person to begin analyzing inspection
           data. In June 2005, TSA officials also stated that the agency was
           working to revise its Performance and Results Information System
           database to allow for more accurate recording of inspection
           violations. However, the agency had not systematically analyzed
           the results of its inspections to target future inspections of
           those entities that pose an increased security risk. Without an
           analysis of the results of its inspections, TSA had a limited
           basis to determine how best to allocate its inspection resources.

           Further, analyzing key program performance data and using the
           results of this analysis to effectively allocate resources are
           consistent with elements of a risk management approach.
           Specifically, analyzing the results of compliance inspection data
           could help focus limited inspection resources on those entities
           posing a higher security risk. Such targeting is important because
           TSA may not have adequate resources to inspect all air carriers
           and indirect air carriers on a regular basis. For example, as we
           reported in October 2005, according to TSA inspection data for the
           period from January 1, 2003, to January 31, 2005, compliance
           inspections identified a greater incidence of violations by
           indirect air carriers than by air carriers. In addition, the
           percentage of inspections of air carriers that did not identify a
           violation of air cargo security requirements was significantly
           higher than that for indirect air carriers. According to TSA
           officials, the agency was taking steps to enhance its ability to
           conduct compliance inspections of indirect air carriers.42

           To further target its inspections, TSA was conducting special
           emphasis assessments, which include testing to identify air cargo
           security weaknesses.43 On the basis of its review of compliance
           inspection results for the period of January 2003 to January 2005,
           TSA identified 25 indirect air carriers and 11 air carriers with a
           history of violations related to air cargo security requirements.
           TSA officials stated that the agency began conducting tests on
           these air carriers and indirect air carriers in April 2005.44 TSA
           officials stated that the agency planned to conduct additional
           tests. However, TSA officials stated that the agency had not yet
           determined how it will use the results of its testing program to
           help interpret the results from its other compliance inspection
           efforts. TSA had also not analyzed inspection results to identify
           additional targets for future testing. Such analysis could include
           focusing compliance testing efforts on air carriers and indirect
           air carriers with a history of air cargo security violations
           related to high-risk areas.

           TSA has made efforts to incorporate risk-based decision making
           into securing air cargo, but has not conducted assessments of air
           cargo vulnerabilities or critical assets (cargo facilities and
           aircraft)-two crucial elements of a risk-based management approach
           without which TSA may not be able to appropriately focus its
           resources on the most critical security needs. TSA also completed
           an Air Cargo Strategic Plan in November 2003 that outlined a
           threat-based risk management approach and identified strategic
           objectives and priority actions for enhancing air cargo security.
           Then, in November 2004, TSA issued a proposed air cargo security
           rule to enhance and improve the security of air cargo
           transportation.45 When finalized, TSA intends for this rule to
           implement most of the objectives set forth in the strategic plan.
           TSA had also not completed a methodology for assessing the
           vulnerability and criticality of air cargo assets, or established
           a schedule for conducting such assessments because of competing
           agency efforts to address other areas of aviation security.

           TSA had established a centralized Known Shipper database to
           streamline the process by which shippers (individuals and
           businesses) are made known to carriers with whom they conduct
           business. However, the information on the universe of shippers was
           incomplete because shipper participation was not mandatory and the
           data had not been thoroughly reviewed. TSA estimated that the
           database represented less than a third of the total population of
           known shippers. Further, TSA had not taken steps to identify
           shippers who may pose a security threat, in part because TSA had
           incomplete information on known shippers. TSA was attempting to
           address this limitation by its November 2004 proposed air cargo
           security rule which would make the Known Shipper database
           mandatory. This would require air carriers and indirect air
           carriers to submit information on their known shippers to TSA's
           Known Shipper database. Finally, TSA plans to take further steps
           to identify those shippers who may pose a security risk.

           In addition, TSA established a requirement for random inspection
           of air cargo to address threats to the nation's aviation
           transportation system and to reflect the agency's position that
           inspecting 100 percent of air cargo was not technologically
           feasible and would be potentially disruptive to the flow of air
           commerce. However, this requirement, which was revised in 2005 to
           increase the percentage of inspections required, contained
           exemptions based on the nature and size of cargo that may leave
           the air cargo system vulnerable to terrorist attack. TSA's plans
           for enhancing air cargo security included implementing a system
           for targeting elevated risk cargo for inspection.46 Although the
           agency acknowledged that the successful development of this system
           was contingent upon having complete, accurate, and current
           targeting information, the agency had not yet completed efforts to
           ensure information that will be used by the system is reliable.

           Further, through its proposed air cargo security rule, TSA planned
           to require air carriers and indirect air carriers to secure air
           cargo facilities, screen all individual persons boarding all-cargo
           aircraft, and conduct security checks on air cargo workers. In
           commenting on the proposed air cargo security rule, industry
           stakeholders representing air carriers, indirect air carriers and
           airport authorities stated that several of the proposals,
           including those mentioned above, may be costly and difficult to
           implement, and that TSA may have underestimated the costs
           associated with implementing these proposed measures. Our analysis
           of TSA's estimate also suggested that it may have been an
           underestimate. TSA stated that it plans to reassess its cost
           estimates before issuing its final air cargo security rule.

           In October 2005, we made several recommendations to assist TSA in
           strengthening the security of the domestic air cargo
           transportation system.47 These recommendations included (1)
           developing a methodology and schedule for completing assessments
           of air cargo vulnerabilities and critical assets; (2) reexamining
           the rationale for existing air cargo inspection exemptions; (3)
           developing measures to gauge air carrier and indirect air carrier
           compliance with air cargo security requirements; (4) developing a
           plan for systematically analyzing and using the results of air
           cargo compliance inspections to target future inspections and
           identify system wide corrective actions; (5) assessing the
           effectiveness of enforcement actions in ensuring air carrier and
           indirect air carrier compliance with air cargo security
           requirements; (6) and ensuring that the data to be used in the
           Freight Assessment System are complete, accurate, and current. DHS
           agreed with our recommendations. We currently have an ongoing
           review assessing the security of air cargo entering the United
           States from foreign countries.

           As discussed previously, domestic commercial airport authorities
           have primary responsibility for securing airport perimeters and
           restricted areas, whereas TSA conducts regulatory inspections to
           help ensure that airport authorities are complying with TSA
           security requirements. We reported in June 2004 on TSA's efforts
           to strengthen the security of airport perimeters (such as airfield
           fencing and access gates), the adequacy of controls restricting
           unauthorized access to secured areas (such as building entry ways
           leading to aircraft), and security measures pertaining to
           individuals who work at airports.48 At the time of our review, we
           found TSA had begun evaluating commercial airport security but
           needed a better approach for assessing results. In addition, TSA
           required criminal history records checks and security awareness
           training for most, but not all, the airport workers called for in
           ATSA. Further, TSA did not require airport vendors with direct
           access to the airfield and aircraft to develop security programs,
           which would include security measures for vendor employees and
           property, as required by ATSA.

           TSA is responsible for, and, at the time of our 2004 review, had
           begun evaluating the security of airport perimeters and the
           controls that limit access into secured airport areas, but had not
           yet determined how the results of these evaluations could be used
           to make improvements to the nation's airport system as a whole.
           Specifically, we found that TSA had begun conducting regulatory
           compliance inspections, covert testing of selected security
           procedures, and vulnerability assessments at selected airports.
           These evaluations-though not yet completed at the time of our
           report-identified perimeter and access control security concerns.
           For example, TSA identified instances where airport operators
           failed to comply with existing security requirements, including
           requirements related to access control.49 In addition, TSA
           identified threats to perimeter and access control security at
           each of the airports where vulnerability assessments were
           conducted in 2003. TSA had plans to begin conducting joint
           vulnerability assessments with the FBI but had not yet determined
           how it would allocate existing resources between its own
           independent airport assessments and the new joint assessments, or
           developed a schedule for conducting future vulnerability
           assessments. In addition, TSA had not yet determined how to use
           the results of its inspections in conjunction with its efforts to
           conduct covert testing and vulnerability assessments to enhance
           the overall security of the nation's commercial airport system.

           In June 2004, we also reported that background checks were not
           required for all airport workers. TSA requires most airport
           workers who perform duties in secured and sterile areas to undergo
           a fingerprint-based criminal history records check. TSA further
           requires airport operators to compare applicants' names against
           TSA's aviation security watch lists.50 Once workers undergo this
           review, they are granted access to airport areas in which they
           perform duties. For example, those workers who have been granted
           unescorted access to secured areas are authorized access to these
           areas without undergoing physical screening for prohibited items
           (which passengers undergo prior to boarding a flight). To meet TSA
           requirements, airport operators transmit applicants' fingerprints
           to a TSA contractor, who in turn forwards the fingerprints to TSA,
           who submits them to the FBI to be checked for criminal histories
           that could disqualify an applicant for airport employment. In
           March 2006, that TSA contractor reported that its background
           clearinghouse system had processed over 2 million criminal history
           record checks of airport and airline employees. TSA also requires
           that airport operators verify that applicants' names do not appear
           on TSA's "no fly" and "selectee" watch lists to determine whether
           applicants are eligible for employment.51

           According to TSA, by December 6, 2002, all airport workers who had
           unescorted access to secured airport areas-approximately 900,000
           individuals nationwide-had undergone a fingerprint-based criminal
           history records check and verification that they did not appear on
           TSA's watch lists, as required by regulation. In late 2002, TSA
           required airport operators to conduct fingerprint-based checks and
           watch list verifications for an additional approximately 100,000
           airport workers who perform duties in sterile areas. As of April
           2004, TSA said that airport operators had completed all of these
           checks.

           ATSA also mandates that TSA require airport operators and air
           carriers to develop security awareness training programs for
           airport workers such as ground crews, and gate, ticket, and
           curbside agents of air carriers. 52 However, while TSA requires
           such training for these airport workers if they have unescorted
           access to secured areas, the agency did not require training for
           airport workers who perform duties in sterile airport areas.53
           According to TSA, training requirements for these airport workers
           have not been established because additional training would result
           in increased costs for airport operators.

           Further, TSA had not addressed the act's provision that calls for
           the agency to require that airport vendors with direct access to
           the airfield and aircraft develop security programs to address
           security measures specific to vendor employees (companies doing
           business in or with the airport).54 TSA said that expanding
           requirements for background checks and security awareness training
           for additional workers and establishing requirements for vendor
           security programs would be costly to implement and would require
           time-consuming rule-making efforts to assess potential impacts and
           obtain and incorporate public comment on any proposed regulations.

           In June 2004, we recommended, and DHS generally agreed, that TSA
           better justify future decisions on how best to proceed with
           security evaluations and implement additional measures to reduce
           the potential security risks posed by airport workers. In July
           2004, in response to our recommendations, TSA made several
           improvements in these areas, through the issuance of a series of
           security directives, including requiring enhanced background
           checks and improved access controls for airport employees who work
           in restricted airport areas.55

           Since its inception, TSA has achieved significant progress in
           deploying its federal aviation security workforce to meet
           congressional mandates related to establishing passenger and
           checked baggage screening operations. With the initial
           congressional mandates now largely met, TSA has turned its
           attention to more systematically deploying its TSO workforce and
           assessing and enhancing its effectiveness in screening passengers
           and checked baggage. TSA has developed a staffing model intended
           to identify the necessary levels of TSOs to support airport
           screening operations. However, given the challenges TSA faces in
           determining appropriate staffing levels at airports, it is
           critical that TSA carefully consider how it strategically hires,
           deploys and manages its TSO workforce to help strengthen its
           passenger and checked baggage screening programs. In addition, as
           threats and technology evolve, it is vital that TSA continue to
           enhance training for the TSO workforce. Over the past several
           years, TSA has strengthened its TSO training program in an effort
           to ensure that TSOs have the knowledge and skills needed to
           successfully perform their screening functions. However, without
           addressing the challenges to delivering ongoing training,
           including installing high-speed connectivity at airport training
           facilities, TSA may have difficulty maintaining a screening
           workforce that possesses the critical skills needed to perform at
           a desired level.

           The importance of the nation's air cargo security system and the
           limited resources available to protect it underscore the need for
           a risk management approach to prioritize security efforts so that
           a proper balance between costs and security can be achieved. TSA
           has taken important steps in establishing such a risk management
           approach, but more work remains to be done to fully address the
           risks posed to air cargo security, including assessments of
           systemwide vulnerabilities and critical assets. Without such
           assessments, TSA is limited in its ability to focus its resources
           on those air cargo vulnerabilities that represent the most
           critical security needs. In addition, without performance measures
           to gauge air carrier and indirect air carrier compliance with air
           cargo security requirements and analyzing the results of its
           compliance inspections, TSA cannot effectively focus its
           inspection resources on those entities posing the greatest risk.
           In addition, TSA's goal of developing a system to target elevated
           risk cargo for inspection without impeding the flow of air
           commerce will be difficult to achieve without ensuring that the
           information used to target such cargo is complete, accurate, and
           current. By addressing these areas, TSA would build a better basis
           for strengthening air cargo security as it moves forward in
           implementing risk-based security initiatives.

           Mr. Chairman, this concludes my statement. I would be pleased to
           answer any questions that you or other members of the Committee
           may have at this time.

           For further information on this testimony, please contact at
           Cathleen A. Berrick, (202) 512-3404 or [email protected] . Contact
           points for our Offices of Congressional Relations and Public
           Affairs may be found on the last page of this statement.

           In addition to the contact named above, John Barkhamer, Amy
           Bernstein, Kristy Brown, Philip Caramia, Kevin Copping, Glenn
           Davis, Christine Fossett, Thomas Lombardi, Laina Poon, and Maria
           Strudwick made key contributions to this testimony.

           Aviation Security: Significant Management Challenges May Adversely
           Affect Implementation of the Transportation Security
           Administration's Secure Flight Program. GAO-06-374T . Washington,
           D.C.: February 9, 2006.

           Aviation Security: Federal Air Marshal Service Could Benefit from
           Improved Planning and Controls. GAO-06-203 . Washington, D.C.:
           November 28, 2005.

           Aviation Security: Federal Action Needed to Strengthen Domestic
           Air Cargo Security. GAO-06-76 . Washington, D.C.: October 17,
           2005.

           Transportation Security Administration: More Clarity on the
           Authority of Federal Security Directors Is Needed. GAO-05-935 .
           Washington, D.C.: September 23, 2005.

           Aviation Security: Flight and Cabin Crew Member Security Training
           Strengthened, but Better Planning and Internal Controls Needed.
           GAO-05-781 . Washington, D.C.: September 6, 2005.

           Aviation Security: Transportation Security Administration Did Not
           Fully Disclose Uses of Personal Information During Secure Flight
           Program Testing in Initial Privacy Notes, but Has Recently Taken
           Steps to More Fully Inform the Public. GAO-05-864R . Washington,
           D.C.: July 22, 2005.

           Aviation Security: Better Planning Needed to Optimize Deployment
           of Checked Baggage Screening Systems. GAO-05-896T . Washington,
           D.C.: July 13, 2005

           Aviation Security: Screener Training and Performance Measurement
           Strengthened, but More Work Remains. GAO-05-457 . Washington,
           D.C.: May 2, 2005.

           Aviation Security: Secure Flight Development and Testing Under
           Way, but Risks Should Be Managed as System Is Further Developed.
           GAO-05-356 . Washington, D.C.: March 28, 2005

           Aviation Security: Systematic Planning Needed to Optimize the
           Deployment of Checked Baggage Screening Systems. GAO-05-365 .
           Washington, D.C.: March 15, 2005.

           Aviation Security: Measures for Testing the Effect of Using
           Commercial Data for the Secure Flight Program. GAO-05-324 .
           Washington, D.C.: February 23, 2005.

           Transportation Security: Systematic Planning Needed to Optimize
           Resources. GAO-05-357T . Washington, D.C.: February 15, 2005.

           Aviation Security: Preliminary Observations on TSA's Progress to
           Allow Airports to Use Private Passenger and Baggage Screening
           Services. GAO-05-126 . Washington, D.C.: November 19, 2004.

           General Aviation Security: Increased Federal Oversight Is Needed,
           but Continued Partnership with the Private Sector Is Critical to
           Long-Term Success. GAO-05-144 . Washington, D.C.: November 10,
           2004.

           Aviation Security: Further Steps Needed to Strengthen the Security
           of Commercial Airport Perimeters and Access Controls. GAO-04-728 .
           Washington, D.C.: June 4, 2004.

           Transportation Security Administration: High-Level Attention
           Needed to Strengthen Acquisition Function. GAO-04-544 .
           Washington, D.C.: May 28, 2004.

           Aviation Security: Challenges in Using Biometric Technologies.
           GAO-04-785T . Washington, D.C.: May 19, 2004.

           Nonproliferation: Further Improvements Needed in U.S. Efforts to
           Counter Threats from Man-Portable Air Defense Systems. GAO-04-519
           . Washington, D.C.: May 13, 2004.

           Aviation Security: Private Screening Contractors Have Little
           Flexibility to Implement Innovative Approaches. GAO-04-505T .
           Washington, D.C.: April 22, 2004.

           Aviation Security: Improvement Still Needed in Federal Aviation
           Security Efforts. GAO-04-592T . Washington, D.C.: March 30, 2004.

           Aviation Security: Challenges Delay Implementation of
           Computer-Assisted Passenger Prescreening System. GAO-04-504T .
           Washington, D.C.: March 17, 2004.

           Aviation Security: Factors Could Limit the Effectiveness of the
           Transportation Security Administration's Efforts to Secure Aerial
           Advertising Operations. GAO-04-499R . Washington, D.C.: March 5,
           2004.

           Aviation Security: Computer-Assisted Passenger Prescreening System
           Faces Significant Implementation Challenges. GAO-04-385 .
           Washington, D.C.: February 13, 2004.

           Aviation Security: Challenges Exist in Stabilizing and Enhancing
           Passenger and Baggage Screening Operations. GAO-04-440T .
           Washington, D.C.: February 12, 2004.

           The Department of Homeland Security Needs to Fully Adopt a
           Knowledge-based Approach to Its Counter-MANPADS Development
           Program. GAO-04-341R . Washington, D.C.: January 30, 2004.

           Aviation Security: Efforts to Measure Effectiveness and Strengthen
           Security Programs. GAO-04-285T . Washington, D.C.: November 20,
           2003.

           Aviation Security: Federal Air Marshal Service Is Addressing
           Challenges of Its Expanded Mission and Workforce, but Additional
           Actions Needed. GAO-04-242 . Washington, D.C.: November 19, 2003.

           Aviation Security: Efforts to Measure Effectiveness and Address
           Challenges. GAO-04-232T . Washington, D.C.: November 5, 2003.

           Airport Passenger Screening: Preliminary Observations on Progress
           Made and Challenges Remaining. GAO-03-1173 . Washington, D.C.:
           September 24, 2003.

           Aviation Security: Progress Since September 11, 2001, and the
           Challenges Ahead. GAO-03-1150T . Washington, D.C.: September 9,
           2003.

           Transportation Security: Federal Action Needed to Enhance Security
           Efforts. GAO-03-1154T . Washington, D.C.: September 9, 2003.

           Transportation Security: Federal Action Needed to Help Address
           Security Challenges. GAO-03-843 . Washington, D.C.: June 30, 2003.

           Federal Aviation Administration: Reauthorization Provides
           Opportunities to Address Key Agency Challenges. GAO-03-653T .
           Washington, D.C.: April 10, 2003.

           Transportation Security: Post-September 11th Initiatives and
           Long-Term Challenges. GAO-03-616T . Washington, D.C.: April 1,
           2003.

           Airport Finance: Past Funding Levels May Not Be Sufficient to
           Cover Airports' Planned Capital Development. GAO-03-497T .
           Washington, D.C.: February 25, 2003.

           Transportation Security Administration: Actions and Plans to Build
           a Results-Oriented Culture. GAO-03-190 . Washington, D.C.: January
           17, 2003.

           Aviation Safety: Undeclared Air Shipments of Dangerous Goods and
           DOT's Enforcement Approach. GAO-03-22 . Washington, D.C.: January
           10, 2003.

           Aviation Security: Vulnerabilities and Potential Improvements for
           the Air Cargo System. GAO-03-344 . Washington, D.C.: December 20,
           2002.

           Aviation Security: Registered Traveler Program Policy and
           Implementation Issues. GAO-03-253 . Washington, D.C.: November 22,
           2002.

           Airport Finance: Using Airport Grant Funds for Security Projects
           Has Affected Some Development Projects. GAO-03-27. Washington,
           D.C.: October 15, 2002.

           Commercial Aviation: Financial Condition and Industry Responses
           Affect Competition. GAO-03-171T . Washington, D.C.: October 2,
           2002.

           Aviation Security: Transportation Security Administration Faces
           Immediate and Long-Term Challenges. GAO-02-971T . Washington,
           D.C.: July 25, 2002.

           Aviation Security: Information Concerning the Arming of Commercial
           Pilots. GAO-02-822R. Washington, D.C.: June 28, 2002.

           Aviation Security: Vulnerabilities in, and Alternatives for,
           Preboard Screening Security Operations. GAO-01-1171T . Washington,
           D.C.: September 25, 2001.

           Aviation Security: Weaknesses in Airport Security and Options for
           Assigning Screening Responsibilities. GAO-01-1165T . Washington,
           D.C.: September 21, 2001.

           Homeland Security: A Framework for Addressing the Nation's
           Efforts. GAO-01-1158T . Washington, D.C.: September 21, 2001.

           Aviation Security: Terrorist Acts Demonstrate Urgent Need to
           Improve Security at the Nation's Airports. GAO-01-1162T .
           Washington, D.C.: September 20, 2001.

           Aviation Security: Terrorist Acts Illustrate Severe Weaknesses in
           Aviation Security. GAO-01-1166T . Washington, D.C.: September 20,
           2001.

           The Government Accountability Office, the audit, evaluation and
           investigative arm of Congress, exists to support Congress in
           meeting its constitutional responsibilities and to help improve
           the performance and accountability of the federal government for
           the American people. GAO examines the use of public funds;
           evaluates federal programs and policies; and provides analyses,
           recommendations, and other assistance to help Congress make
           informed oversight, policy, and funding decisions. GAO's
           commitment to good government is reflected in its core values of
           accountability, integrity, and reliability.

           The fastest and easiest way to obtain copies of GAO documents at
           no cost is through GAO's Web site ( www.gao.gov ). Each weekday,
           GAO posts newly released reports, testimony, and correspondence on
           its Web site. To have GAO e-mail you a list of newly posted
           products every afternoon, go to www.gao.gov and select "Subscribe
           to Updates."

           The first copy of each printed report is free. Additional copies
           are $2 each. A check or money order should be made out to the
           Superintendent of Documents. GAO also accepts VISA and Mastercard.
           Orders for 100 or more copies mailed to a single address are
           discounted 25 percent. Orders should be sent to:

           U.S. Government Accountability Office 441 G Street NW, Room LM
           Washington, D.C. 20548

           To order by Phone: Voice: (202) 512-6000 TDD: (202) 512-2537 Fax:
           (202) 512-6061

           Contact:

           Web site: www.gao.gov/fraudnet/fraudnet.htm E-mail:
           [email protected] Automated answering system: (800) 424-5454 or
           (202) 512-7470

           Gloria Jarmon, Managing Director, [email protected] (202) 512-4400
           U.S. Government Accountability Office, 441 G Street NW, Room 7125
           Washington, D.C. 20548

           Paul Anderson, Managing Director, [email protected] (202)
           512-4800 U.S. Government Accountability Office, 441 G Street NW,
           Room 7149 Washington, D.C. 20548

4TSA classifies the commercial airports in the United States into one of
five security risk categories (X, I, II, III, IV, and V) based on various
factors, such as the total number of takeoffs and landings annually, and
other special security considerations. In general, category X airports
have the largest number of passenger boardings, and category IV airports
have the smallest.

5TSA defines an operational screening test as any covert test of a TSO
conducted by TSA, on any screening function, to assess the screener's
threat item detection ability or adherence to TSA-approved procedures.

6Pursuant to the Homeland Security Act, the deadline for screening all
checked baggage using explosive detection systems was, in effect, extended
until December 31, 2003.

TSA Regulatory Responsibilities for Air Cargo and Airport Security

7TSOs must deny passage beyond the screening location to any individual or
property that has not been screened or inspected in accordance with
passenger screening standard operating procedures. If an individual
refuses to permit inspection of any item, that item must not be allowed
into the sterile area or aboard an aircraft.

8Explosive detection systems use probing radiation to examine objects
inside baggage and identify the characteristic signatures of threat
explosives. EDS equipment operates in an automated mode.

9Explosive trace detection works by detecting vapors and residues of
explosives. Human operators collect samples by rubbing bags with swabs,
which are chemically analyzed to identify any traces of explosive
materials.

10Positive passenger bag match is an alternative method of screening
checked baggage that requires that the passenger be on the same aircraft
as the checked baggage.

11Domestic passenger air carriers have 11 separate areas of cargo security
that are subject to inspection, while indirect air carriers have 12 areas
that are subject to inspection. All-cargo carriers that have implemented
the voluntary all-cargo security program have 24 areas that are subject to
inspection. These areas of inspection include access to cargo, cargo
acceptance, including cargo from known shippers, and security training and
testing.

TSA Has Taken Steps to Strengthen the Management and Performance of an
Aviation Security Workforce, but Continues to Face Challenges

TSA Has Taken Action to Support FSDs, but Additional Clarification of Roles Is
Needed to Support Stakeholder Coordination

12GAO, Transportation Security Administration: More Clarity on the
Authority of Federal Security Directors Is Needed, GAO-05-935 (Washington
D.C.: Sept. 23, 2005).

TSA Has Taken Steps to Better Manage Its TSO Workforce, but Continues to Face
Deployment Challenges

13 GAO-05-935 .

14GAO, Aviation Security: Challenges Exist in Stabilizing and Enhancing
Passenger and Baggage Screening Operations, GAO-04-440T (Washington, D.C.:
Feb. 12, 2004).

15Intelligence Reform and Terrorism Prevention Act of 2004, Pub. L. No.
108-458, S: 4023, 118 Stat 3638, 3723-24.

16One full-time-equivalent is equal to one work year or 2,080 non-overtime
hours.

17This budgetary FTE limit is not to be confused with the 45,000 FTE
screener cap imposed by Congress in the FY2006 DHS Appropriations Act that
limits the total number of FTE screeners available to TSA.

18We interviewed FSD staff at 3 category X airports, 1 category I
airports, and 1 category III airport.

19 GAO-04-440T.

TSA Has Strengthened TSO Training, but Faces Challenges in Delivering the
Training

20GAO, Airport Passenger Screening: Preliminary Observations on Progress
Made and Challenges Remaining, GAO-03-1173 (Washington, D.C.: Sept. 24,
2003).

21GAO, Aviation Security: Screener Training and Performance Measurement
Strengthened but More Work Remains, GAO-05-457 (Washington, D.C.: May 2,
2005).

TSA Has Implemented Various Approaches to Measuring the Performance of TSOs
Conducting Passenger and Baggage Security Screening Activities

22According to the budget request, the remaining $36 million is needed to
support operations and maintenance costs, including recurring costs for
routers, switches, circuits, cabinets, racks, and network monitoring.

23GAO, Aviation Security: Efforts to Measure Effectiveness and Address
Challenges, GAO-04-232T (Washington, D.C.: Nov. 5, 2003).

24Covert testing is an ancillary duty and not a full-time assignment for
the majority of OI staff. According to OI, 14 full-time-equivalent
positions in headquarters are dedicated fully to the covert testing
program, which includes covert testing of all modes of transportation, not
just airports. These 14 full-time-equivalents are in OI's Special
Operations group and form the core of team leaders for the covert testing
trips.

25Some recommendations appear repeatedly in multiple reports issued by
OIAPR.

26Test results cannot be generalized because sample tests were not
identified using the principles of probability sampling. In a probability
sample to assess screener detection of threat objects, each screening of a
passenger or baggage would have to have a chance of being selected. A
well-designed probability sample would enable failure rates to be
generalized to all airports. However, for cost and operational reasons,
probability sampling may not be feasible for passenger and checked baggage
screening because it would require a very large sample size and an
exhaustive examination of each sampled passenger or baggage to determine
if there was a threat object to detect.

27The local covert testing protocols were updated in June 2004 and August
2004 to provide information on alternative testing methods.

28GAO, Aviation Security: Screener Training and Performance Measurement
Strengthened but More Work Remains, GAO-05-457 (Washington D.C.: May 2,
2005).

29The TIP database records both the TIP hit rate and TIP false alarm rate.
These two results are used to determine the probability of detection and
probability of false alarms, which determine overall TIP performance. The
TIP performance measure is classified as sensitive security information.

30 GAO-05-457 .

31GAO, Aviation Security: Private Screening Contractors Have Little
Flexibility to Implement Innovative Approaches, GAO-04-505T (Washington,
D.C.: April 22, 2004).

32We cannot report on the specific results of the recertification testing
because they are sensitive security information.

33Information related to the measures is sensitive security information.

34As of January 7, 2005, TSA reported that its workforce included
approximately 25,947 dual-trained screeners who were certified to serve as
passenger or baggage screeners.

35TSA's onscreen resolution protocol requires that when an EDS machine
alarm goes off, indicating the possibility of explosives, TSA TSOs, by
reviewing computer-generated images of the inside of the bag, attempt to
determine whether or not a suspect item or items are in fact explosive
materials. If the TSO is unable to make this determination, the bag is
diverted from the main conveyor belt into an area where it receives a
secondary screening by a TSO with an ETD machine.

36According to TSA, the machine probabilities of detection are established
by the certification standards for each particular model of machines, and
machines are not deployed unless they have met those standards.

TSA Has Made Progress in Providing Regulatory Oversight of Airport and Air
Carrier Security Activities, but it Could Better Target Workforce
Resources

37TSA's measures for covert testing are passenger screener covert test
results (percentage of TSOs correctly identifying and resolving threat
images) and baggage screener covert test results (percentage of TSOs
correctly identifying and resolving threat images). The targets for these
measures are classified.

Additional Action Needed to Strengthen TSA Inspections and Oversight of Domestic
Air Cargo Security

38GAO, Aviation Security: Federal Action Needed to Strengthen Domestic Air
Cargo Security, GAO-06-76 (Washington, D.C.: Oct. 17, 2005).

39TSA established an automated Performance and Results Information System
(PARIS) to compile the results of cargo inspections and the actions taken
when violations are identified. The PARIS database, established in July
2003, provides TSA a Web-based method for entering, storing, and
retrieving performance activities and information on TSA-regulated
entities, including air carriers and indirect air carriers. PARIS includes
profiles for each entity, inspections conducted by TSA, incidents that
occur throughout the nation, such as instances of bomb threats, and
investigations that are prompted by incidents or inspection findings.

40We requested all of TSA's compliance inspection data, starting in
November 2001. According to TSA, agency efforts to conduct air cargo
compliance inspections during calendar years 2001 and 2002 were minimal.
Moreover, documentation of inspection results for that period was
problematic in part because of the way the Federal Aviation Administration
reported compliance inspection data, which made it difficult to migrate
the Federal Aviation Administration's data into TSA's PARIS system.

41GAO, Internal Control Management and Evaluation Tool, GAO-01-1008G
(Washington, D.C.: August 2001).

42Factors accounting for the limited number of TSA compliance inspections
of indirect air carrier facilities are sensitive security information and
discussed in the restricted version of this report, GAO-05-446SU .

43According to TSA, special emphasis assessments are distinct from agency
efforts to conduct covert testing by TSA's Office of Internal Affairs and
Program Review. Covert testing is typically done by undercover TSA agents
and includes testing the security procedures at passenger check points and
airport access controls.

44Results of TSA's tests are considered sensitive security information and
described in the sensitive security version of this report GAO-05-446SU .

45Air Cargo Security Requirements, 69 Fed. Reg. 65,258 (proposed Nov. 10,
2004) (to be codified at 49 C.F.R pts. 1540-48).

46This system, referred to as Freight Assessment, would target elevated
risk cargo for inspection to minimize the agency's reliance on random
inspections. This system is supposed to compare information on individual
cargo shipments and shippers, among other things, against targeting
criteria to assign a risk level to cargo. This would subject elevated risk
cargo to additional inspection through physical searches or non intrusive
technology.

Further Steps May Be Needed to Strengthen TSA Oversight of Commercial Airport
Perimeters and Access Controls

47 GAO-06-76 .

48GAO, Aviation Security: Further Steps Needed to Strengthen the Security
of Commercial Airport Perimeters and Access Controls, GAO-04-728
(Washington, D.C.: June 4, 2004).

49Our evaluation of TSA's covert testing of airport access controls was
classified and was discussed in a separate classified report.

5049 U.S.C. S: 44936 requires airports and air carriers to conduct
fingerprint-based criminal history records checks for all workers seeking
unescorted access to the Security Identification Display Area.
Specifically, no individual may be given unescorted access authority if he
or she has been convicted, or found not guilty by reason of insanity, of
any of 28 disqualifying offenses during the 10 years before the date of
the individual's application for unescorted access authority, or while the
individual has unescorted access authority.

51TSA's no-fly list contains the names of individuals that pose, or are
suspected of posing, a threat to civil aviation or national security.
Individuals on this list will not be permitted to board an aircraft. There
is also a selectee process by which individuals who meet certain criteria
are set aside for additional screening.

52Pub. L. No. 107-71, S: 106(e), 115 Stat. at 610.

53TSA regulations governing security training are virtually the same as
those required previously under the regulations as administered by FAA.

Concluding Observations

54See 49 U.S.C. S: 44903(h)(4)(d).

55TSA has taken other actions that are considered sensitive security
information.

Contact Information

Appendix I: Related GAO Products

(440503)

This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed in
its entirety without further permission from GAO. However, because this
work may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this material
separately.

GAO's Mission

Obtaining Copies of GAO Reports and Testimony

Order by Mail or Phone

To Report Fraud, Waste, and Abuse in Federal Programs

Congressional Relations

Public Affairs

www.gao.gov/cgi-bin/getrpt? GAO-06-597T .

To view the full product, including the scope

and methodology, click on the link above.

For more information, contact Cathleen A. Berrick at (202) 512-3404 or
[email protected].

Highlights of GAO-06-597T , a testimony before the Subcommittee on Federal
Workforce and Agency Organization, Committee on Government Reform, House
of Representatives

April 4, 2006

AVIATION SECURITY

Transportation Security Administration Has Made Progress in Managing a
Federal Security Workforce and Ensuring Security at U.S. Airports, but
Challenges Remain

It has been over 3 years since the Transportation Security Administration
(TSA) assumed responsibility for passenger and baggage screening at
commercial airports. This testimony focuses on the progress TSA is making
in strengthening aspects of aviation security and the challenges that
remain. Particularly, this testimony highlights (1) progress TSA has made,
and challenges it faces, in managing a federalized security
workforce-including federal security directors (FSD) and transportation
security officers (TSO)-with operational responsibility for ensuring
security of passengers and their baggage; and (2) actions TSA has taken,
and the challenges it faces, to ensure appropriate regulatory oversight of
other airport security activities.

What GAO Recommends

In prior reports, GAO has made numerous recommendations designed to
strengthen aviation security with respect to aviation workforce planning,
deployment, and oversight. TSA generally agreed with our recommendations
and is taking actions to implement them. GAO also has ongoing reviews
related to TSA staffing models and other aviation security issues, and may
make additional recommendations as appropriate.

TSA has made progress in managing, deploying, and training a federalized
aviation security workforce, including FSDs (the lead authority at U.S.
airports) and TSOs (formerly known as screeners). FSDs have, for example,
formed partnerships with key federal and private-sector stakeholders at
airports engaged in security and operations. We reported, however, that
the guidance on FSD authority is outdated and lacks clarity, particularly
regarding security incidents when FSDs must coordinate with other
stakeholders. Regarding TSOs, TSA has taken and has planned actions to
strengthen the management and deployment of the TSO workforce. TSA has,
for instance, developed a screening allocation model to determine TSO
staffing levels at airports. However, FSDs have reported concerns that
despite such a model, attracting, hiring, and retaining an adequate
part-time TSO workforce remains a challenge. We have reported that, while
TSA has expanded training opportunities for TSOs, insufficient TSO
staffing and other problems hinder the ability of TSOs to take training.
To evaluate TSO performance, TSA has collected performance data by
conducting covert (undercover, unannounced) tests at passenger screening
checkpoints.

TSA has taken steps to strengthen key areas of aviation security for which
it has regulatory and oversight responsibility, including domestic air
cargo security, but faces challenges related to oversight and performance
measurement. We reported in October 2005, for example, that while TSA had
significantly increased the number of domestic air cargo inspections
conducted, performance measures to determine to what extent air carriers
and others are complying with air cargo security requirements had not been
developed. Without such performance measures, and a systematic analysis of
these results of air cargo security inspections, TSA's ability to target
its workforce for future inspections, and fulfill oversight
responsibilities, will be limited. Further, while TSA has incorporated
elements of risk-based decision making into securing air cargo, its
efforts are not yet complete. To address these and other issues, TSA
officials stated that they plan to compile additional information on air
cargo inspections to enhance their ability to conduct compliance
inspections of air carriers using covert testing, and to require random
inspection of air cargo.

Screening Passengers and Cargo Are Aviation Security Concerns
*** End of document. ***