This is the accessible text file for GAO report number GAO-04-865R 
entitled 'Status of Key Recommendations GAO Has Made to DHS and Its 
Legacy Agencies' which was released on July 16, 2004.

This text file was formatted by the U.S. Government Accountability 
Office (GAO) to be accessible to users with visual impairments, as part 
of a longer term project to improve GAO products' accessibility. Every 
attempt has been made to maintain the structural and data integrity of 
the original printed product. Accessibility features, such as text 
descriptions of tables, consecutively numbered footnotes placed at the 
end of the file, and the text of agency comment letters, are provided 
but may not exactly duplicate the presentation or format of the printed 
version. The portable document format (PDF) file is an exact electronic 
replica of the printed version. We welcome your feedback. Please E-mail 
your comments regarding the contents or accessibility features of this 
document to Webmaster@gao.gov.

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately.

United States General Accounting Office:

Washington, DC 20548:

July 2, 2004:

The Honorable Jim Turner: 
Ranking Member: 
Select Committee on Homeland Security: 
House of Representatives:

Subject: Status of Key Recommendations GAO Has Made to DHS and Its 
Legacy Agencies:

Dear Mr. Turner:

Since the terrorist attacks of September 11, 2001, the federal 
government has undertaken numerous actions to enhance the nation's 
homeland security, including the creation of the Department of Homeland 
Security (DHS). One of the primary reasons for the establishment of DHS 
was to unify the vast national network of organizations and 
institutions involved in efforts to protect our nation. Since it began 
operations on March 1, 2003, DHS has faced enormous challenges to 
protect the nation from terrorism while it organizes itself into a 
coherent and integrated agency. As you know, we support Congress by 
reviewing various government programs and activities to help improve 
their performance and accountability. When our work identifies a 
significant need for action by the Congress or an agency, we develop 
recommended solutions. These recommendations identify actions we 
believe the department, agency, bureau, or office should implement to 
ensure government programs operate effectively and efficiently. We have 
issued numerous recommendations to DHS and its legacy agencies to 
improve the programs and activities they administer.

This report responds to your request that we provide you with status 
information on key recommendations we have made to DHS and its legacy 
agencies. On June 30, 2004, we briefed your office on the results of 
our review. This report transmits information provided during that 
briefing, including (1) the status of key GAO recommendations issued to 
DHS, (2) timeframes DHS established for implementing key 
recommendations, and (3) challenges DHS faces in implementing such 
recommendations.

This report is one in a series of GAO efforts to assess and baseline 
the progress and effectiveness of federal agency efforts to improve 
homeland security mission performance. We recently evaluated and 
reported on congressionally chartered commissions' recommendations, by 
mission area, related to homeland security.[Footnote 1] In addition, we 
have ongoing work on key departments' plans to implement the National 
Strategy for Homeland Security and the challenges they will face in 
doing so. Efforts to implement key recommendations from GAO, 
congressionally chartered commissions, or other homeland security 
experts, to incorporate critical actions into agency strategic plans, 
and to identify milestones, timelines, and challenges will provide 
measures by which to assess whether homeland security is being 
improved.

Background:

Under the Homeland Security Act of 2002,[Footnote 2] 22 federal 
agencies were merged into DHS, which officially began operations as a 
new department on March 1, 2003. To carry out its responsibilities, DHS 
is organized into four directorates and one division.

The Border and Transportation Security (BTS) Directorate (BTS), which 
is responsible for maintaining the security of our nation's borders and 
transportation systems and enforcing the nation's immigration laws. 
Additionally, BTS manages and coordinates port-of-entry activities and 
oversees the protection of government buildings.

The Emergency Preparedness and Response (EPR) Directorate, which is 
tasked with helping the nation prepare for catastrophes, whether 
natural disasters or the result of terrorist-related attacks. As such, 
EPR coordinates with first responders and oversees the federal 
government's national response and recovery strategy.

The Information Analysis and Infrastructure Protection (IAIP) 
Directorate, which identifies and assesses threats to the homeland, 
maps those threats against vulnerabilities, issues warnings, and 
recommends measures necessary to protect the key resources and critical 
infrastructure of the United States.

The Science and Technology (S&T) Directorate, which coordinates DHS's 
efforts in research and development. As such, S&T is responsible for 
organizing the scientific and technological resources of the United 
States to assist in preventing or mitigating the impact resulting from 
terrorist attacks against the United States or its allies.

The Management Division, which is responsible for administering DHS's 
budget, financial management systems, procurement activities, human 
resources functions, information technology systems, facilities 
management, and performance measurement efforts.

Scope and Methodology:

To address the status of key recommendations we issued to DHS, the 
timeframes DHS established for implementing key 
recommendations,[Footnote 3] and related challenges, we reviewed 325 
recommendations made in our unclassified and limited official use 
reports issued to DHS and its 22 legacy agencies between March 1, 1997, 
and March 1, 2004. We selected March 1, 2004, because it reflects the 
1-year anniversary of the operational startup of DHS. We then consulted 
with the subject matter experts that made these recommendations to 
prioritize them according to the greatest risk. As a result, we 
identified 104 key recommendations that reflect actions we believe 
should be taken either to aid in securing the nation's homeland or to 
swiftly and appropriately respond to future terrorist attacks.[Footnote 
4]

We also met with DHS officials and obtained documentation on actions 
taken to implement key recommendations, timeframes established for the 
implementation of these recommendations, and related challenges facing 
DHS. We then analyzed this documentation and consulted with our subject 
matter experts to assess the status of each recommendation discussed in 
the documentation based on actions DHS reported taking. As part of this 
assessment, our subject matter experts reviewed documentation provided 
by DHS to verify that certain actions DHS reported taking to implement 
key recommendations were completed. In some cases, complete 
verification of actions taken would have required extensive follow-up 
audit work. Thus, in these cases, our experts reviewed documentation 
provided and discussed actions taken with agency officials.

We conducted our work from January through June 2004 in accordance with 
generally accepted government auditing standards.

Results:

As of June 28, 2004, DHS had implemented 40 of 104 recommendations that 
we consider key to the agency's ability to effectively fulfill its 
homeland security mission. For a list of implemented recommendations, 
see enclosure II. DHS is currently addressing another 63 key 
recommendations. For a list of recommendations not yet fully 
implemented, see enclosure III. Additionally, GAO closed one key 
recommendation in August 2001, although action taken by one of DHS's 
legacy agencies did not fully address the intent of the recommendation 
prior to closure.

Of the 104 key recommendations issued to DHS, 38 were issued prior to 
the agency's official formation on March 1, 2003. Of these, 20 have 
been fully implemented. The other 66 recommendations were issued after 
the creation of DHS. Of these 66, 20 have been fully implemented.

More than half of the key recommendations--60--have been directed to 
BTS or its legacy agencies, which address border and transportation 
security as well as immigration enforcement. Of these, 27 have been 
fully implemented, while another 33 are currently being addressed by 
BTS.

DHS's efforts to address the key recommendations have generated 
positive results toward improved mission effectiveness. For example, 
the 27 recommendations fully implemented within DHS's BTS directorate 
have resulted in a reduction in the vulnerabilities and inefficiencies 
of the land ports of entry inspection process. BTS has also benefited 
with respect to more timely and accurate information pertaining to the 
smuggling of aliens and the legal status of immigrants. Within the EPR 
directorate, the implementation of 3 of the key 6 recommendations have 
resulted in improved emergency response and related planning efforts.

DHS provided documentation and other information to us describing 
specific actions taken by the agency or its legacy agencies to 
implement 55 of the 63 remaining key recommendations.[Footnote 5] This 
documentation provides information on timeframes for planned 
implementation of actions pertaining to 38 of the recommendations. For 
example, one document describes preparation of a National Plan for 
Critical Infrastructure and Key Resources Protection, with a completion 
date of December 17, 2004.[Footnote 6] DHS did not provide timeframes 
for 6 key recommendations because it maintains that it has taken action 
to fully implement these recommendations.

Effective implementation of the remaining 63 key recommendations could 
also help to strengthen mission effectiveness. For example, effective 
implementation of the remaining 33 recommendations related to the BTS 
directorate could result in reducing the nation's current security 
vulnerabilities in such activities as passenger screening, border 
security, and ports of entry. Similarly, the implementation of the 
remaining 3 recommendations related to the EPR directorate could better 
position the federal government to provide essential services in the 
event of a disaster.

While DHS is working to address the remaining 63 key recommendations, 
agency documents and other information DHS provided indicated that the 
agency faces challenges related to 24 of these recommendations, such as 
funding and other resource constraints. These challenges will need to 
be overcome for DHS to effectively address these recommendations.

Agency Comments:

We provided a draft copy of this report to DHS for comment. DHS 
provided formal written comments, which are presented in enclosure IV. 
In commenting on the draft report, DHS noted that it generally welcomed 
the insight and guidance our recommendations impart. DHS also stated 
that they would like us to work with its staff to develop a functional 
approach to consolidate and resolve open recommendations, allowing DHS 
to devote appropriate attention to current homeland security issues. 
The recommendations discussed in this report focus on homeland security 
issues that are key to DHS's ability to effectively fulfill its 
homeland security mission. Therefore, we believe implementation of 
these recommendations will help reduce current vulnerabilities in areas 
such as passenger screening, border security, and ports of entry. DHS 
also suggested that we consider closing recommendations that are no 
longer applicable due to evolving missions. In conducting this review, 
we considered the validity and applicability of all key recommendations 
yet to be implemented in light of DHS' mission and concluded that the 
recommendations are still valid. Additionally, DHS noted that we should 
take into account that some recommendations were previously targeted to 
legacy units (such as the such as the National Infrastructure 
Protection Center or the Critical Infrastructure Assurance Office) that 
are now dissolved or partially integrated into DHS. We agree that some 
legacy units no longer exist. However, while the entities no longer 
exist, their overall goals and objectives with respect to homeland 
security are still vital. Consequently, the responsibility for 
implementing the key recommendations in this report previously targeted 
to these entities now resides with DHS.

We have and will continue to work with DHS to enhance the process and 
clarify the criteria for closing recommendations. We recognize the 
tremendous responsibility DHS has and the importance of the agency 
succeeding in its mission to ensure the safety and security of the 
nation's citizens. We continue to believe that effective implementation 
of our key recommendations can greatly assist DHS in achieving this 
goal.

We plan no further distribution of this report until 30 days after the 
date of this report. At that time, we will send copies of this report 
to the Subcommittee on Homeland Security, Senate Appropriations 
Committee; Senate Governmental Affairs Committee; Subcommittee on 
Homeland Security, House Appropriations Committee; House Government 
Reform Committee; the Chairman, House Select Committee on Homeland 
Security; the Secretary of Homeland Security; the Director, Office of 
Management and Budget, and other interested parties. We will also make 
copies available to others on request.

In addition, the report will be available on GAO's Web site at http://
www.gao.gov. If you or your staff have any questions about this report, 
please contact me at (202) 512-8777 or by e-mail at yimr@gao.gov or 
Debra Sebastian at (202) 512-9385 or by e-mail at sebastiand@gao.gov. 
Key contributors to this report were Amy Bernstein, Roosevelt R. Burns, 
R.E. Canjar, Amanda Rose, Gladys Toro, and Margaret A. Ullengren.

Sincerely yours,

Signed by: 

Randall A. Yim, Managing Director: 
Homeland Security and Justice Issues:

Enclosures - IV:

[End of section]

Enclosure 1: Briefing to Ranking Member Turner:

[See PDF for image]

[End of slide presentation]

[End of section]

Enclosure II: List of Key GAO Recommendations to DHS That Have Been 
Fully Implemented:

Directorate of Border and Transportation Security[B]: 

Report title: Homeland Security: Risks Facing Key Border and 
Transportation Security Program Need to Be Addressed; 
Key recommendation[A]: To address the U.S. Visitor and Immigrant 
Status Indicator Technology (US-VISIT) as a governmentwide program and 
to minimize the risks facing the program, the Secretary of Homeland 
Security, in collaboration with cabinet officials from US-VISIT 
stakeholder departments and agencies, should establish and charter an 
executive body, chaired by the Secretary's designee, potentially co-
chaired by the leadership from key stakeholder departments and 
agencies, and composed of appropriate senior-level representatives 
from DHS and each stakeholder organization, to guide and direct the 
US-VISIT program; 
Report number and date of issuance: GAO-03-1083 (September 19, 2003).

Report title: Homeland Security: Limited Progress in Deploying 
Radiation Detection Equipment at U.S. Ports of Entry; 
Key recommendation[A]: In order to ensure that the Bureau of Customs 
and Border Protection (BCBP) deploys radiation detection equipment as 
efficiently and quickly as possible, the Commissioner of Customs should 
complete BCBP's plan for deploying radiation detection equipment at 
U.S. ports of entry, including total costs and schedules for all 
categories of entry points; 
Report number and date of issuance: GAO- 03-963 LOU (September 4, 
2003).

Report title: Land Border Ports of Entry: Vulnerabilities and 
Inefficiencies in the Inspections Process; 
Key recommendation[A]: In relation to land border ports of entry, the 
Commissioner of BCBP should review existing security arrangements and 
controls over persons referred for secondary inspections at all ports 
of entry and take steps to address any identified weaknesses; 
Report number and date of issuance: GAO-03-782NI (July 11, 2003).

Report title: Land Border Ports of Entry: Vulnerabilities and 
Inefficiencies in the Inspections Process; 
Key recommendation[A]: In relation to land border ports of entry, the 
Commissioner of BCBP should develop and implement a field-training 
program that provides on-the-job training to new inspectors before they 
independently conduct inspections, and continuing training to all 
inspectors to sharpen their skills; 
Report number and date of issuance: GAO-03-782NI (July 11, 2003).

Report title: Land Border Ports of Entry: Vulnerabilities and 
Inefficiencies in the Inspections Process; 
Key recommendation[A]: In relation to land border ports of entry, the 
Commissioner of BCBP should establish a standard list of essential 
equipment for all inspectors stationed at land border ports and ensure 
such equipment is provided; 
Report number and date of issuance: GAO-03-782NI (July 11, 2003).

Report title: Land Border Ports of Entry: Vulnerabilities and 
Inefficiencies in the Inspections Process; 
Key recommendation[A]: BCBP should provide all border inspectors with 
continuing training on the detection of fraudulent documents and 
establish controls to ensure that such training is received at 
appropriate intervals; 
Report number and date of issuance: GAO-03-782NI (July 11, 2003).

Report title: Foreign Military Sales: Actions Needed to Provide Better 
Controls over Exported Defense Articles; 
Key recommendation[A]: To strengthen the BCBP's role in controlling 
the export of Foreign Military Sales (FMS) shipments, the Secretary of 
Homeland Security should revise guidelines on seizure authority over 
FMS exports to clearly establish Customs inspectors' authority to 
seize FMS articles when exports violate laws or regulations; 
Report number and date of issuance: GAO-03-599 (June 5, 2003).

Report title: Foreign Military Sales: Actions Needed to Provide Better 
Controls over Exported Defense Articles; 
Key recommendation[A]: To strengthen BCBP's role in controlling the 
export of FMS shipments, the Secretary of Homeland Security should 
establish guidelines for the proper recording and subtracting of FMS 
shipments against the appropriate export value, as defined by the 
interagency work group mentioned previously; 
Report number and date of issuance: GAO-03-599 (June 5, 2003).

Report title: Foreign Military Sales: Actions Needed to Provide Better 
Controls over Exported Defense Articles; 
Key recommendation[A]: To strengthen BCBP's role in controlling the 
export of FMS shipments, the Secretary of Homeland Security should 
ensure each shipment matches the information provided in FMS's shipping 
document noted in the previous recommendation; 
Report number and date of issuance: GAO-03-599 (June 5, 2003).

Report title: Rail Safety and Security: Some Actions Already Taken to 
Enhance Rail Security, but Risk-based Plan Needed; 
Key recommendation[A]: To help meet the requirement to secure all 
modes of transportation under the Aviation and Transportation Security 
Act, the Secretary of Homeland Security should work jointly with the 
Secretary of Transportation to develop a risk-based plan that 
specifically addresses the security of the nation's rail 
infrastructure. This plan should build upon the railroad industry's 
experience with rail infrastructure and the transportation of hazardous 
materials and establish time frames for implementing specific security 
actions necessary to protect hazardous material rail shipments. Among 
the areas that should be addressed in developing this plan are (1) the 
appropriate roles of the private sector and federal, state, and local 
governments; (2) minimum security standards for hazardous materials 
stored in transit in rail cars; and (3) the appropriate level of 
disclosure to local communities of the types and quantities of 
hazardous materials passing through or stored in transit in these 
communities; 
Report number and date of issuance: GAO-03-435 (April 30, 2003).

Report title: Customs Service Modernization: Automated Commercial 
Environment Progressing, but Further Acquisition Management 
Improvements Needed; 
Key recommendation[A]: The Commissioner of the Customs Service should 
direct the Chief Information Officer (CIO) to immediately develop and 
implement each of the missing Software Engineering Institute Software 
Acquisition Capability Maturity Model practices for the key process 
areas discussed in this report and, until this is accomplished, report 
to its appropriations subcommittees quarterly on the progress of its 
efforts to do so; 
Report number and date of issuance: GAO-03-406 (February 28, 2003).

Report title: Aviation Security: Vulnerabilities and Potential 
Improvements for the Air Cargo System; 
Key recommendation[A]: The Under Secretary of Transportation for 
Security should develop a comprehensive plan for air cargo security 
that includes priority actions identified on the basis of risk, costs 
of these actions, deadlines for completing those actions, and 
performance targets; 
Report number and date of issuance: GAO-03-344 (December 20, 2002).

Report title: Customs Service Modernization: Management Improvements 
Needed on High-Risk Automated Commercial Environment Project; 
Key recommendation[A]: To improve Customs' Automated Commercial 
Environment (ACE) modernization management, the Customs Service 
Commissioner should direct the chief information officer, as the 
designated modernization executive, to develop and implement process 
controls for the Software Engineering Institute's Software Acquisition 
Capability Maturity Model level 2 key process areas and the level 3 
acquisition risk management key process area; 
Report number and date of issuance: GAO-02-545 (May 13, 2002).

Report title: Customs Service Modernization: Management Improvements 
Needed on High-Risk Automated Commercial Environment Project; 
Key recommendation[A]: To improve Customs' ACE modernization
management, the Customs Service Commissioner should direct the chief 
information officer, as the designated modernization executive, to 
certify to Customs' House and Senate appropriations subcommittees, 
before building each ACE release (i.e., beginning detailed design and 
development), that the enterprise architecture has been sufficiently 
extended to provide the requisite enterprise design content and has 
been updated to ensure consistency and integration across business 
areas; 
Report number and date of issuance: GAO-02-545 (May 13, 2002).

Report title: Defense Trade: Lessons to Be Learned from the Country 
Export Exemption; 
Key recommendation[A]: To strengthen enforcement activities, the 
Commissioner of the U.S. Customs Service should update, finalize, and 
disseminate its guidance on defense export inspection requirements to 
all inspectors; 
Report number and date of issuance: GAO-02-63 (March 29, 2002).

Report title: Defense Trade: Lessons to Be Learned from the Country 
Export Exemption; 
Key recommendation[A]: To strengthen enforcement activities, the 
Commissioner of the U.S. Customs Service should assess the threat of 
illegal defense exports at all ports along the northern border and 
evaluate whether reallocation of its inspectors, additional training, 
or other actions are warranted to augment the capability of inspectors 
to enforce export regulations; 
Report number and date of issuance: GAO-02-63 (March 29, 2002).

Report title: Information Technology Management: Coast Guard Practices 
Can Be Improved; 
Key recommendation[A]: In order to improve the Coast Guard's 
Information Technology management practices, the Secretary of 
Transportation should direct the Coast Guard Commandant to ensure that 
the appropriate officials implement appropriate corrective actions on 
the network security weaknesses that GAO identified; 
Report number and date of issuance: GAO-01-190 (December 12, 2000).

Report title: Alien Smuggling: Management and Operational Improvements 
Needed to Address; 
Key recommendation[A]: The Commissioner of the Immigration and 
Naturalization Service (INS) should establish criteria for opening an 
anti-smuggling case to help ensure that INS' s anti- smuggling 
resources are focused on the highest-priority cases; 
Report number and date of issuance: GGD-00-103 (May 1, 2000).

Report title: Alien Smuggling: Management and Operational Improvements 
Needed to Address Growing Problem; 
Key recommendation[A]: The Commissioner of INS should establish a cost-
effective case tracking and management system of alien smuggling 
investigations that is automated, agencywide, and readily available to 
investigative personnel and program managers to facilitate the sharing 
of case information and prevent duplication of effort; 
Report number and date of issuance: GGD-00-103 (May 1, 2000).

Report title: Alien Smuggling: Management and Operational Improvements 
Needed to Address Growing Problem; 
Key recommendation[A]: The Commissioner of INS should require that 
intelligence reports be prepared using a database format so the 
information can be systematically analyzed; 
Report number and date of issuance: GGD-00- 103 (May 1, 2000).

Report title: Drug Control: INS and Customs Can Do More To Prevent 
Drug-Related Employee Corruption; 
Key recommendation[A]: The Attorney General should require the 
Commissioner of INS to comply with policies that require employment 
reinvestigations to be completed when they are due; 
Report number and date of issuance: GGD-99-31 (March 30, 1999).

Report title: Drug Control: INS and Customs Can Do More To Prevent 
Drug-Related Employee Corruption; 
Key recommendation[A]: The Attorney General should direct the 
Commissioner of INS to strengthen internal controls at Southwest 
Border ports of entry and at Border Patrol checkpoints by 
establishing: (1) one or more methods to deprive drivers of their 
choice of inspection lanes at ports of entry; (2) a policy for the 
inspection of law enforcement officers or their vehicles at ports of 
entry and Border Patrol checkpoints; and (3) a recusal policy 
concerning the performance of inspections by immigration inspectors 
and Border Patrol agents where their objectivity may be in question; 
Report number and date of issuance: GGD-99-31 (March 30, 1999).

Report title: Drug Control: INS and Customs Can Do More to Prevent 
Drug-Related Employee Corruption; 
Key recommendation[A]: The Secretary of the Treasury should direct the 
Commissioner of Customs to strengthen internal controls at Southwest 
Border ports of entry by establishing: (1) one or more methods to 
deprive drivers of their choice of inspection lanes; (2) a policy for 
inspection of law enforcement officers and their vehicles; and (3) a 
recusal policy concerning the performance of inspections by Customs 
inspectors where their objectivity may be in question; 
Report number and date of issuance: GGD-99-31 (March 30, 1999).

Report title: Immigration Statistics: Information Gaps, Quality Issues 
Limit Utility of Federal Data to Policymakers; 
Key recommendation[A]: To reduce the uncertainty associated with 
statistical estimates of relevant demographic concepts other than 
immigration flow, fill information gaps for specific legal statuses, 
and address fragmented reporting, the Commissioner of INS and the 
Director of the Bureau of the Census should together further develop, 
test, and evaluate the three-card method that GAO devised for surveying 
foreign-born about their legal status; 
Report number and date of issuance: GGD-98-164 (July 31, 1998).

Report title: INS Management: Follow-up on Selected Problems; 
Key recommendation[A]: To help achieve the reorganization goals, the 
INS Commissioner should determine whether staffing levels need to be 
adjusted for programs, field operations, and regional offices to 
accomplish their prescribed roles and responsibilities consistent with 
the respective mission and workloads for each office; 
Report number and date of issuance: GGD-97-132 (July 22, 1997).

Report title: Criminal Aliens: INS' Efforts To Identify and Remove 
Imprisoned Aliens Need To Be Improved; 
Key recommendation[A]: The INS Commissioner should identify the causes 
of immigration agent attrition and take steps to ensure that staffing 
is adequate to achieve the Institutional Hearing Program's goals; 
Report number and date of issuance: T-GGD-97-154 (July 15, 1997).

Report title: Criminal Aliens: INS' Efforts To Identify and Remove 
Imprisoned Aliens Need To Be Improved; 
Key recommendation[A]: The INS Commissioner should (1) develop a
workload analysis model to identify the IHP resources needed in any 
period to achieve overall program goals and the portion of those goals 
that would be achievable with alternative levels of resources and (2) 
use the model to support its IHP funding and staffing requests. Such a 
model should consider several factors, including the number of foreign-
born inmates, number of prisons that must be visited, number and types 
of IHP staff, length of time to process cases, and travel time and 
costs; 
Report number and date of issuance: T-GGD-97-154 (July 15, 1997).

Directorate of Emergency Preparedness and Response[B]: 

Report title: Fire Safety: Comprehensive Information on Fire 
Incidences in Federal Facilities Is Lacking; 
Key recommendation[A]: The Administrator, U.S. Fire Administration, in 
conjunction with the Consumer Product Safety Commission, the General 
Services Administration, Occupational Safety and Health Administration, 
and other federal agencies identified as being relevant, should examine 
whether the systematic collection and analysis of data on fires in 
federal workspace is warranted. If they determine that data collection 
and analysis are warranted, data that should be considered for 
collection and analysis include: the number of fires in federal 
workspace; property damage, injuries, and deaths resulting from such 
fires; and the causes of these fires, including any products involved, 
if determined. In addition, the agencies should discuss, among other 
topics deemed relevant, the availability of resources for implementing 
any data collection system and any needed authority to facilitate 
federal agencies' cooperation in this effort; 
Report number and date of issuance: GAO-01-879 (August 20, 2001).

Report title: Combating Terrorism: Federal Response Teams Provide 
Varied Capabilities; Opportunities Remain to Improve Coordination; 
Key recommendation[A]: To provide a sound analytical basis for 
developing appropriate federal consequence management responses, the 
Director of the Federal Emergency Management Agency (FEMA) should take 
steps to require that the Weapons of Mass Destruction Interagency 
Steering Group develop realistic scenarios involving chemical, 
biological, radiological, and nuclear agents and weapons with experts 
in the scientific and intelligence communities; 
Report number and date of issuance: GAO-01-14 (November 30, 2000).

Report title: Combating Terrorism: Federal Response Teams Provide 
Varied Capabilities; Opportunities Remain to Improve Coordination; 
Key recommendation[A]: To build upon the experience and lessons 
learned by the federal response teams from the May 2000 exercise, the 
FEMA Director should sponsor periodic national-level consequence 
management field exercises involving federal, state, and local 
governments. Such exercises should be conducted together with national-
level crisis management field exercises; 
Report number and date of issuance: GAO-01-14 (November 30, 2000).

Directorate of Science and Technology[B]: 

Report title: Combating Bioterrorism: Actions Needed to Improve
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: To complete and enhance Plum Islandís 
security arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, correct physical 
security deficiencies by better securing the foot-and-mouth disease 
vaccine bank; 
Report number and date of issuance: GAO-03-847 (September 19, 2003).

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: To complete and enhance Plum Islandís 
security arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, correct physical 
security deficiencies by better securing certain features of the 
physical infrastructure that supports the continued operation of the 
Plum Island Animal Disease Center; 
Report number and date of issuance: GAO-03-847 (September 19, 2003).

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: To complete and enhance Plum Islandís 
security arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, reconsider the security 
risks at Plum Island, taking into account recent acts of disgruntled 
employees; 
Report number and date of issuance: GAO-03-847 (September 19, 2003).

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: To complete and enhance Plum Islandís 
security arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, enhance incident 
response capability by increasing the size of the guard force; 
Report number and date of issuance: GAO-03-847 (September 19, 2003).

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: To complete and enhance Plum Islandís 
security arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, limit access to 
pathogens by further developing and enforcing specific procedures, 
including internal control checks, to ensure that background checks of 
these individuals are updated regularly; 
Report number and date of issuance: GAO-03-847 (September 19, 2003).

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: To complete and enhance Plum Islandís 
security arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, limit access to 
pathogens by further developing and enforcing specific procedures, 
including internal control checks, to ensure that cleaning, 
maintenance, and repair staff entering the biocontainment area are 
escorted at all times by individuals with completed background checks; 
Report number and date of issuance: GAO-03-847 (September 19, 2003).

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: To complete and enhance Plum Islandís 
security arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, enhance incident 
response capability by developing and implementing a policy on how 
guards should deal with intruders and use weapons; 
Report number and date of issuance: GAO-03- 847 (September 19, 2003).

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: To complete and enhance Plum Islandís 
security arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, correct physical 
security deficiencies by fully implementing the physical security 
measures; 
Report number and date of issuance: GAO-03-847 (September 19, 2003).

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: To complete and enhance Plum Islandís 
security arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, consult with other 
laboratories to identify ways to mitigate the inherent difficulty of 
securing pathogens; 
Report number and date of issuance: GAO-03-847 (September 19, 2003).

Management Division[B]: 

Report title: Information Technology: Homeland Security Needs to 
Improve Entry Exit System Expenditure Planning; 
Key recommendation[A]: To help ensure the effective management and 
acquisition of the entry exit system, the Secretary of Homeland 
Security should, through whatever entry exit program governance 
structure is established, direct the entry exit program manager to 
ensure that planned investment and acquisition management controls, 
including the development of a business case, are fully implemented in 
accordance with recognized best practices and relevant federal 
requirements and guidance; 
Report number and date of issuance: GAO-03-563 (June 9, 2003).

[A] Key GAO recommendations reflect actions that must be taken either 
to aid in securing the nations homeland or to swiftly and 
appropriately respond to future terrorist attacks.

[B] GAO reports issued prior to March 1, 2003, were directed to legacy 
agencies that are now part of this directorate.

[End of table]

[End of section]

Enclosure III: Key Recommendations DHS Is Currently Addressing:

Directorate of Border and Transportation Security[B]: 

Report title: Aviation Security: Computer-Assisted Passenger 
Prescreening System Faces Significant Implementation Challenges; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To address the challenges associated with the 
development, implementation, and operation of the Computer-Assisted 
Passenger Prescreening System II (CAPPS II), the Secretary of Homeland 
Security should instruct the Administrator of the Transportation 
Security Administration (TSA) to develop policies and procedures 
outlining the CAPPS II passenger redress process that include defining 
the appeal rights of passengers and their ability to access and 
correct personal data; 
Report number and date of issuance: GAO-04-385 (February 12, 2004); 
Timeframes reported by DHS: None provided; 
Challenges reported by DHS: None provided.

Report title: Aviation Security: Computer-Assisted Passenger 
Prescreening System Faces Significant Implementation Challenges; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To address the challenges associated with the 
development, implementation, and operation of CAPPS II, the Secretary 
of Homeland Security should instruct the Administrator of TSA to 
develop policies and procedures detailing CAPPS II oversight 
mechanisms, including offices responsible for providing oversight, and 
reporting requirements for oversight information; 
Report number and date of issuance: GAO-04- 385 (February 12, 2004); 
Timeframes reported by DHS: None provided; 
Challenges reported by DHS: None provided.

Report title: Aviation Security: Computer-Assisted Passenger 
Prescreening System Faces Significant Implementation Challenges; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To address the challenges associated with the 
development, implementation, and operation of CAPPS II, the Secretary 
of Homeland Security should instruct the Administrator of TSA to 
develop results- oriented performance goals and measures to evaluate 
the program's effectiveness, including measures to assess performance 
of the system in generating reliable risk scores; 
Report number and date of issuance: GAO-04-385 (February 12, 2004); 
Timeframes reported by DHS: None provided; 
Challenges reported by DHS: None provided.

Report title: Aviation Security: Computer-Assisted Passenger 
Prescreening System Faces Significant Implementation Challenges; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To address the challenges associated with the 
development, implementation, and operation of CAPPS II, the Secretary 
of Homeland Security should instruct the Administrator of TSA to 
develop a strategy for mitigating the high risk associated with system 
and database testing that ensures (1) accuracy testing of commercial 
and government databases is conducted prior to the database being used
and (2) appropriate stress testing is conducted to demonstrate the 
system can meet peak load requirements; 
Report number and date of issuance: GAO- 04-385 (February 12, 2004); 
Timeframes reported by DHS: None provided; 
Challenges reported by DHS: None provided.

Report title: Aviation Security: Computer-Assisted Passenger 
Prescreening System Faces Significant Implementation Challenges; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To address the challenges associated with the 
development, implementation, and operation of CAPPS II, the Secretary 
of Homeland Security should instruct the Administrator of TSA to 
develop a schedule for critical security activities, including 
finalizing the security policy, the security risk assessment, and 
system certification and accreditation; 
Report number and date of issuance: GAO-04-385 (February 12, 2004); 
Timeframes reported by DHS: None provided; 
Challenges reported by DHS: None provided.

Report title: Aviation Security: Computer-Assisted Passenger 
Prescreening System Faces Significant Implementation Challenges; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To address the challenges associated with the 
development, implementation, and operation of CAPPS II, the Secretary 
of Homeland Security should instruct the Administrator of TSA to use 
established plans to track development progress to ensure that promised 
functionality is being delivered on time and within established cost 
estimates; 
Report number and date of issuance: GAO-04-385 (February 12, 2004); 
Timeframes reported by DHS: None provided; 
Challenges reported by DHS: None provided.

Report title: Aviation Security: Computer-Assisted Passenger 
Prescreening System Faces Significant Implementation Challenges; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To address the challenges associated with the 
development, implementation, and operation of CAPPS II, the Secretary 
of Homeland Security should instruct the Administrator of TSA to 
develop plans identifying the specific functionality that will be 
delivered during each increment of CAPPS II, the specific milestones 
for delivering this functionality, and expected costs for each 
increment; 
Report number and date of issuance: GAO-04-385 (February 12, 2004); 
Timeframes reported by DHS: None provided; 
Challenges reported by DHS: None provided.

Report title: Homeland Security: Risks Facing Key Border and 
Transportation Security Program Need to Be Addressed; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To address the U.S. Visitor and Immigrant Status Indicator 
Technology (US-VISIT) Program as a governmentwide program and to 
minimize the risks facing the program, the Secretary of Homeland 
Security, in collaboration with cabinet officials from US-VISIT 
stakeholder departments and agencies, should direct this executive 
body[C] to immediately take steps to (1) ensure that the human capital 
and financial resources are expeditiously provided to establish a fully 
functional and effective US-VISIT program office and associated 
management capability, (2) clarify the operational context within 
which US-VISIT must operate, and (3) decide whether proposed US-VISIT 
increments will produce mission value commensurate with costs and 
risks and disclose to the Congress planned actions based on this 
body's decisions; 
Report number and date of issuance: GAO-03-1083 (September 19, 2003); 
Timeframes reported by DHS: DHS notes that 4 months after GAO issued 
this recommendation, the US-VISIT Federal Stakeholders Advisory Board 
was chartered to provide oversight and strategic direction and to 
ensure that program plans, policies, funding, and business goals are 
aligned and moving forward for the US-VISIT program; 
Challenges reported by DHS: None provided.

Report title: Homeland Security: Risks Facing Key Border and 
Transportation Security Program Need to Be Addressed; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: Further, the Secretary of Homeland Security, through the 
Under Secretary for Border and Transportation Security, should direct 
the US-VISIT Program Director to expeditiously establish an effective 
program management capability, including immediately developing an 
analysis of incremental program costs, benefits, and risks, and 
providing this analysis to the executive body, to assist it in the 
body's deliberations and decision making; 
Report number and date of issuance: GAO-03-1083 (September 19, 2003); 
Timeframes reported by DHS: DHS notes that the cost, schedule, 
performance, and risks documents were completed and presented on 
November 25, 2003, to the DHS Investment Review Board. Approval via the 
Management Decision Memorandum was received in February 2004; 
Challenges reported by DHS: None provided.

Report title: Homeland Security: Risks Facing Key Border and 
Transportation Security Program Need to Be Addressed; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: Further, the Secretary of Homeland Security, through the 
Under Secretary for Border and Transportation Security, should direct 
the US-VISIT Program Director to expeditiously establish an effective 
program management capability, including immediately defining program 
office positional roles, responsibilities, and relationships; 
Report number and date of issuance: GAO-03-1083 (September 19, 2003); 
Timeframes reported by DHS: None provided; 
Challenges reported by DHS: None provided.

Report title: Homeland Security: Risks Facing Key Border and 
Transportation Security Program Need to Be Addressed; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: Further, the Secretary of Homeland Security, through the 
Under Secretary for Border and Transportation Security, should direct 
the US-VISIT Program Director to expeditiously establish an effective 
program management capability, including immediately developing and 
implementing a human capital strategy that provides for staffing these 
positions with individuals who have the requisite core competencies 
(knowledge, skills, and abilities); 
Report number and date of issuance: GAO-03-1083 (September 19, 2003); 
Timeframes reported by DHS: DHS believes that the agency will complete 
its human capital strategy by December 31, 2004. In the interim, DHS 
has engaged the Office of Personnel Management to assist in performing 
aspects of personnel management, such as drafting position descriptions 
and performance plans, which will contribute to the development of the 
agency's human capital strategy; 
Challenges reported by DHS: None provided.

Report title: Homeland Security: Risks Facing Key Border and 
Transportation Security Program Need to Be Addressed; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: Further, the Secretary of Homeland Security, through the 
Under Secretary for Border and Transportation Security, should direct 
the US-VISIT Program Director to expeditiously establish an effective 
program management capability, including immediately developing and 
implementing a plan for satisfying key Software Engineering Institute 
acquisition management controls, to include acquisition planning, 
solicitation, requirements development and management, project 
management, contractor tracking and oversight, evaluation, and 
transition to support; 
Report number and date of issuance: GAO-03-1083 (September 19, 2003); 
Timeframes reported by DHS: DHS believes that it will take more than 2 
years after a dedicated leader is brought on board to the US-VISIT 
office to achieve key Software Engineering Institute acquisition 
management controls. A firm goal and timeline will be set after that 
person is hired. However, the agency has not specified a timeline for 
bringing that person on board; 
Challenges reported by DHS: None provided.

Report title: Homeland Security: Risks Facing Key Border and 
Transportation Security Program Need to Be Addressed; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: Further, the Secretary of Homeland Security, through the 
Under Secretary for Border and Transportation Security, should direct 
the US-VISIT Program Director to expeditiously establish an effective 
program management capability, including immediately developing and 
implementing a risk management plan and ensuring that all high risks 
and their status are reported regularly to the executive body; 
Report number and date of issuance: GAO-03-1083 (September 19, 2003); 
Timeframes reported by DHS: DHS notes that an executive Risk Review 
Board is currently being chartered and is projected to be in place by 
September 30, 2004; 
Challenges reported by DHS: None provided.

Report title: Homeland Security: Risks Facing Key Border and 
Transportation Security Program Need to Be Addressed; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: Further, the Secretary of Homeland Security, through the 
Under Secretary for Border and Transportation Security, should direct 
the US-VISIT Program Director to expeditiously establish an effective 
program management capability, including immediately defining 
performance standards for each US-VISIT system increment that are 
measurable and reflect the limitations imposed by relying on existing 
systems for these system increments; 
Report number and date of issuance: GAO-03-1083 (September 19, 2003); 
Timeframes reported by DHS: DHS notes that US-VISIT has initiated a 
process to define performance standards that meet the criteria 
specified. US-VISIT is also defining performance measures for both 
internal managerial and external reporting purposes. DHS anticipates 
reportable criteria by September 30, 2004; 
Challenges reported by DHS: None provided.

Report title: Homeland Security: Limited Progress in Deploying 
Radiation Detection Equipment at U.S. Ports of Entry; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To apply lessons learned from its initial deployments of 
portal monitors and other radiation detection equipment and ensure 
their effective application, the Bureau of Customs and Border 
Protection (BCBP) should consider deploying sufficient isotope 
identifiers to each port of entry so that inspectors can immediately 
respond to alarms without having to retrieve equipment from another 
location; 
Report number and date of issuance: GAO-03-963 LOU (September 4, 2003); 
Timeframes reported by DHS: DHS notes that it plans to fully implement 
this recommendation by December 30, 2004; 
Challenges reported by DHS: In implementing this recommendation, DHS 
notes that it is facing funding and deployment support challenges. For 
example, due to funding constraints, there are times when an isotope 
identifier must be retrieved from one location to be used at another 
location. Additionally, DHS reports that logistical issues associated 
with deploying equipment must be addressed. Such issues include 
ensuring equipment is distributed to proper personnel and that adequate 
training is in place and provided to those who require it.

Report title: Homeland Security: Limited Progress in Deploying 
Radiation Detection Equipment at U.S. Ports of Entry; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To apply lessons learned from its initial deployments of 
portal monitors and other radiation detection equipment and ensure 
their effective application, BCBP should consider, establish, and 
implement minimum training requirements so that all inspectors have a 
clear understanding of the capabilities and limitations of the 
radiation detection equipment; 
Report number and date of issuance: GAO-03-963 LOU (September 4, 2003); 
Timeframes reported by DHS: DHS believes that it has fully implemented 
this recommendation and provided GAO with documentation to support this 
position on June 24, 2004. GAO is currently evaluating this 
documentation; 
Challenges reported by DHS: None provided.

Report title: Homeland Security: Limited Progress in Deploying 
Radiation Detection Equipment at U.S. Ports of Entry; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To apply lessons learned from its initial deployments of 
portal monitors and other radiation detection equipment and ensure 
their effective application, BCBP should consider, as it proceeds to 
deploy radiation detection equipment to air cargo facilities, analyze 
opportunities at airports to deploy portal monitors to cover multiple 
international mail, package, and air cargo facilities so that fewer 
portal monitor locations are needed to cover a greater proportion of 
goods entering the United States; 
Report number and date of issuance: GAO-03-963 LOU (September 4, 2003); 
Timeframes reported by DHS: DHS plans to complete implementation of 
this recommendation by December 30, 2004; 
Challenges reported by DHS: According to a DHS official, 
implementation of this recommendation is a multistaged process, 
requiring continuing analysis to develop lessons learned as DHS moves 
through each stage. The official also noted that the long-term nature 
of the deployment process is a challenge for DHS. For instance, there 
are a large number of ports involved for which large-scale equipment 
must be disbursed appropriately.

Report title: Homeland Security: Limited Progress in Deploying 
Radiation Detection Equipment at U.S. Ports of Entry; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To apply lessons learned from its initial deployments of 
portal monitors and other radiation detection equipment and ensure 
their effective application, BCBP should consider, for the final three 
categories of deployment, continuing to proactively engage local 
government and private entities that must be consulted before 
deploying portal monitors early in the deployment process in order to 
minimize delays resulting from protracted negotiations; 
Report number and date of issuance: GAO-03-963 LOU (September 4, 2003); 
Timeframes reported by DHS: DHS believes that it has fully implemented 
this recommendation and provided GAO with documentation to support this 
position on June 24, 2004. GAO is currently evaluating this 
documentation; 
Challenges reported by DHS: None provided.

Report title: Homeland Security: Limited Progress in Deploying 
Radiation Detection Equipment at U.S. Ports of Entry; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To obtain the assistance of other federal agencies and 
national laboratories that could help, in the long term, to overcome 
technical and deployment issues in adapting radiation detection 
equipment to the border environment, the Secretary of Homeland 
Security should establish a working group composed of agencies and 
entities involved in the research and deployment of radiation 
detection equipment. This working group should include, but not be 
restricted to, representatives from BCBP, TSA, the DHS Science and 
Technology Directorate, the Department of Defense (DOD), the Department 
of Energy (DOE), and DOE's national laboratories. The working group 
should serve as a forum for exchanging information on testing and 
performance of radiation detection equipment, the conditions at U.S. 
ports of entry, the challenges to deploying radiation detection 
equipment, and ways to overcome those challenges. The working group, 
meeting as often as needed, should also provide guidance to radiation 
detection experts for research and development of new radiation 
detection technologies to ensure that those efforts provide solutions 
to current challenges; 
Report number and date of issuance: GAO-03-963 LOU (September 4, 2003); 
Timeframes reported by DHS: None provided; 
Challenges reported by DHS: None provided.

Report title: Border Security: New Policies and Procedures Are Needed 
to Fill Gaps in the Visa Revocation Process; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To strengthen the visa revocation process as an 
antiterrorism tool, the Secretary of Homeland Security should, in 
conjunction with the Secretary of State and the Attorney General, 
develop specific policies and procedures for the interagency visa 
revocation process to ensure that notification of visa revocations for 
suspected terrorists and relevant supporting information is transmitted 
from State to immigration and law enforcement agencies, and their 
respective inspection and investigation units, in a timely manner; 
Report number and date of issuance: GAO-03- 798 (June 18, 2003); 
Timeframes reported by DHS: GAO is currently reviewing the status of 
this recommendation in relation to a request by the Subcommittee on 
National Security, Emerging Threats, and Intergovernmental Relations, 
House Committee on Government Reform and plans to report on its status 
by July 6, 2004; 
Challenges reported by DHS: DHS notes that it is challenged in 
implementing this recommendation because it involves extensive 
interagency coordination with both the Department of State as well as 
the Department of Justice.

Report title: Border Security: New Policies and Procedures Are Needed 
to Fill Gaps in the Visa Revocation Process; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To strengthen the visa revocation process as an 
antiterrorism tool, the Secretary of Homeland Security should, in 
conjunction with the Secretary of State and the Attorney General, 
develop a specific policy on actions that immigration and law 
enforcement agencies should take to investigate and locate individuals 
whose visas have been revoked for terrorism concerns and who remain in 
the United States after revocation; 
Report number and date of issuance: GAO-03-798 (June 18, 2003); 
Timeframes reported by DHS: GAO is currently reviewing the status of 
this recommendation in relation to a request by the Subcommittee on 
National Security, Emerging Threats, and Intergovernmental Relations, 
House Committee on Government Reform and plans to report on its status 
by July 6, 2004; 
Challenges reported by DHS: DHS notes that it is challenged in 
implementing this recommendation because it involves extensive 
interagency coordination with both the Department of State as well as 
the Department of Justice. Additionally, once the policy is developed, 
funding issues could be a concern for DHS and other law enforcement 
agencies responsible for implementing the policy.

Report title: Border Security: New Policies and Procedures Are Needed 
to Fill Gaps in the Visa Revocation Process; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To strengthen the visa revocation process as an 
antiterrorism tool, the Secretary of Homeland Security should, in 
conjunction with the Secretary of State and the Attorney General, 
determine if persons with visas revoked on terrorism grounds are in the 
United States and, if so, whether they pose a security threat; 
Report number and date of issuance: GAO-03-798 (June 18, 2003); 
Timeframes reported by DHS: GAO is currently reviewing the status of 
this recommendation in relation to a request by the Subcommittee on 
National Security, Emerging Threats, and Intergovernmental Relations, 
House Committee on Government Reform and plans to report on its status 
by July 6, 2004; 
Challenges reported by DHS: DHS notes that it is challenged in 
implementing this recommendation because it involves extensive 
interagency coordination with both the Department of State as well as 
the Department of Justice.

Report title: Land Border Ports of Entry: Vulnerabilities and 
Inefficiencies in the Inspections Process; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: In relation to land border ports of entry, the 
Commissioner of BCBP should develop an inspections-related immigration 
intelligence program for the field, and in doing so, consider (1) 
defining the roles and responsibilities of intelligence units at 
headquarters and in the field regarding the collection, analysis, and 
use of intelligence information; (2) reassessing the need for 
intelligence officers at each field location; (3) coordinating the 
integration and sharing of intelligence information among locations; 
and (4) ensuring that inspectors have the time and opportunity to 
access and review intelligence information, including via routine 
briefings and access to NetLEADS; 
Report number and date of issuance: GAO-03-782NI (July 11, 2003); 
Timeframes reported by DHS: DHS plans to complete implementation of 
this recommendation by December 30, 2004; 
Challenges reported by DHS: DHS reports that it is difficult to assess 
resource and other field intelligence needs given the significant 
organizational restructuring resulting from the establishment of 
Customs and Border Protection and Immigration and Customs Enforcement.

Report title: Foreign Military Sales: Actions Needed to Provide Better 
Controls over Exported Defense Articles; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To strengthen BCBP's role in controlling the export of 
Foreign Military Sales (FMS) shipments, the Secretary of Homeland 
Security should establish a centralized system to identify where 
specific FMS agreements are filed to prohibit multiple port filings; 
Report number and date of issuance: GAO-03-599 (June 5, 2003); 
Timeframes reported by DHS: CBP expects to develop and establish an 
electronic repository for FMS case information that will allow for the 
transmission of database information on FMS. CBP expects it to become 
part of the Automated Commercial Environment by September 30, 2007; 
Challenges reported by DHS: DHS notes that ensuring adequate funding 
and programming resources for actions necessary to implement this 
recommendation, such as establishing an electronic repository for FMS 
case information, has been difficult. However, DHS believes the 
recommendation could be implemented earlier than September 30, 2007, 
if additional funding is provided sooner.

Report title: Customs Service Modernization: Automated Commercial 
Environment Progressing, but Further Acquisition Management 
Improvements Needed; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: The Commissioner of the Customs Service should take steps, 
as appropriate in light of Customs' merger into the Department of 
Homeland Security, to have future ACE expenditure plans specifically 
address any proposals or plans, whether tentative or approved, for 
extending and using ACE infrastructure to support other homeland 
security applications, including any impact on ACE of such proposals 
and plans; 
Report number and date of issuance: GAO-03-406 (February 28, 2003); 
Timeframes reported by DHS: CBP notes that this recommendation is of 
an ongoing nature and is not conducive to a hard target completion 
date. For example, on February 14, 2004, CBP initiated a coordinating 
meeting with the US-VISIT program seeking agreement on avenues for 
sharing and integration. CBP expects that once these results are 
formalized, the agency would expect to establish further milestone 
dates responsive to GAO's recommendation; 
Challenges reported by DHS: DHS reports that large automation projects 
typically require actions to be taken over a long-term period, thus, 
it believes implementation of this recommendation will require 
sustained efforts over the long-term.

Report title: Customs Service Modernization: Automated Commercial 
Environment Progressing, but Further Acquisition Management 
Improvements Needed; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: The Commissioner of the Customs Service should direct the 
Chief Information Officer (CIO) to develop and implement the missing 
human capital management practices discussed in this report, and until 
this is accomplished, report to its appropriations committees quarterly 
on the progress of its efforts to do so; 
Report number and date of issuance: GAO-03-406 (February 28, 2003); 
Timeframes reported by DHS: DHS plans to complete implementation of 
this recommendation by September 30, 2004; 
Challenges reported by DHS: DHS reports that it is challenged in 
implementing this recommendation by the technical nature of the project 
and the significant number of personnel required to support the Customs 
and Border Protection modernization effort.

Report title: Customs Service Modernization: Automated Commercial 
Environment Progressing, but Further Acquisition Management 
Improvements Needed; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: The Commissioner of the Customs Service should direct the 
CIO to establish an independent verification and validation function 
to assist Customs in overseeing contractor efforts, such as testing; 
Report number and date of issuance: GAO-03-406 (February 28, 2003); 
Timeframes reported by DHS: DHS plans to complete implementation of 
this recommendation by August 30, 2004; 
Challenges reported by DHS: None provided.

Report title: Homeland Security: INS Cannot Locate Many Aliens Because 
It Lacks Reliable Address Information; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: In order to promote compliance with the change of address 
notification requirements through publicity and enforcement and to 
improve the reliability of its alien address data, the Attorney General 
should direct the INS Commissioner to evaluate alternative approaches 
and their associated costs for obtaining or assembling complete alien 
address information, particularly for those aliens who do not comply 
with the change of address notification requirement; 
Report number and date of issuance: GAO-03-188 (November 21, 2002); 
Timeframes reported by DHS: DHS believes it has implemented this 
recommendation. Thus, it did not provide any future timeframes for 
completing this recommendation. GAO has requested that DHS provide it 
with documentation to demonstrate that DHS has implemented a process 
for getting complete and updated alien address information into DHS 
systems; 
Challenges reported by DHS: DHS notes that ensuring adequate funding 
for actions taken related to this recommendation is a challenge.

Report title: Homeland Security: INS Cannot Locate Many Aliens Because 
It Lacks Reliable Address Information; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: In order to promote compliance with the change of address 
notification requirements through publicity and enforcement and to 
improve the reliability of its alien address data, the Attorney General 
should direct the INS Commissioner to establish written procedures and 
controls to ensure that alien address information in all automated 
databases is complete, consistent, accurate, and current; 
Report number and date of issuance: GAO-03-188 (November 21, 2002); 
Timeframes reported by DHS: DHS believes it has implemented this 
recommendation. Thus, it did not provide any future timeframes for 
completing this recommendation. GAO has requested that DHS provide it 
with documentation to demonstrate that Customs and Immigration Services 
has developed procedures and controls to ensure that an alien's address 
information is updated appropriately in all related databases; 
Challenges reported by DHS: DHS notes that ensuring adequate funding 
for actions taken related to this recommendation is a challenge.

Report title: Homeland Security: INS Cannot Locate Many Aliens Because 
It Lacks Reliable Address Information; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: In order to promote compliance with the change of address 
notification requirements through publicity and enforcement and to 
improve the reliability of its alien address data, the Attorney General 
should direct the INS Commissioner to identify and implement an 
effective means to publicize the change of address notification 
requirement nationwide. As part of its publicity effort, INS should 
make sure that aliens have information on how to comply with this 
requirement, including where information may be available and the 
location of change of address forms; 
Report number and date of issuance: GAO-03-188 (November 21, 2002); 
Timeframes reported by DHS: DHS believes it has implemented this 
recommendation. Thus, it did not provide any future timeframes for 
completing this recommendation. GAO is requesting that DHS provide it 
with documentation to demonstrate that publicity efforts to make aliens 
aware of the notification requirement have been implemented; 
Challenges reported by DHS: DHS notes that ensuring adequate funding 
for actions taken related to this recommendation is a challenge.

Report title: Customs Service Modernization: Management Improvements 
Needed on High-Risk Automated Commercial Environment Project; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To improve Customs' ACE modernization management, the 
Customs Service Commissioner should direct the chief information 
officer, as the designated modernization executive, to immediately 
develop and implement a Customs Modernization Office (CMO) human 
capital management strategy that provides both near-and long-term 
solutions to CMO's human capital capacity limitations, including 
defining the office's skill and capacity needs in terms that will allow 
Customs to attract qualified individuals and that will provide 
sufficient rewards and training, linked to performance, to promote 
their retention; 
Report number and date of issuance: GAO-02-545 (May 13, 2002); 
Timeframes reported by DHS: None provided; 
Challenges reported by DHS: DHS reports that it is challenged in 
implementing this recommendation by the technical nature of the 
project and the significant number of personnel required to support the 
Customs and Border Protection modernization effort.

Report title: Alien Smuggling: Management and Operational Improvements 
Needed to Address Growing Problem; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: The INS Commissioner should establish performance measures 
for the anti-smuggling efforts and intelligence program with which to 
gauge program effects; 
Report number and date of issuance: GGD-00-103 (May 1, 2000); 
Timeframes reported by DHS: None provided; 
Challenges reported by DHS: DHS notes that it is challenged in 
implementing this recommendation by ensuring that appropriate 
resources, including funding and personnel, are available.

Report title: Criminal Aliens: INS's Efforts to Identify and Remove 
Imprisoned Aliens Need to Be Improved; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: The INS Commissioner should establish a nationwide data 
system containing the universe of foreign-born inmates reported to INS 
by the Bureau of Prisons and the state departments of corrections and 
use this system to track the Institutional Hearing Program status of 
each inmate; 
Report number and date of issuance: T-GGD-97-154 (July 15, 1997); 
Timeframes reported by DHS: None provided; 
Challenges reported by DHS: DHS notes that it is challenged in 
implementing this recommendation by ensuring that appropriate 
resources, including funding and personnel, are available.

Directorate of Emergency Preparedness and Response[B]: 

Report title: Continuity of Operations: Improved Planning Needed to 
Ensure Delivery of Essential Government Services; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To ensure that agencies can continue operations in 
emergencies and are prepared for the governmentwide exercise planned 
for May 2004, the Secretary of Homeland Security should direct the 
Under Secretary for Emergency Preparedness and Response to take steps 
to ensure that agencies that do not have continuity of operations 
(COOP) plans develop them by May 1, 2004; 
Report number and date of issuance: GAO-04-160 (February 27, 2004); 
Timeframes reported by DHS: On June 24, 2004, DHS provided GAO with a 
list of actions it has taken and plans to take in relation to this 
recommendation. For example, DHS noted that as part of an exercise it 
developed, Forward Challenge 2004, which was held from May 12 through 
May 15, 2004, participating department and agencies' COOP were
successfully activated and tested. DHS also noted that it has 
developed a COOP manager's course which it plans to pilot from June 29 
to July 1, 2004. Additionally, DHS has scheduled 10 additional courses 
from June 2004 through January 2005. GAO is currently evaluating this 
information to determine the continued status of this recommendation; 
Challenges reported by DHS: None Provided.

Report title: Continuity of Operations: Improved Planning Needed to 
Ensure Delivery of Essential Government Services; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: The Secretary should direct the Under Secretary to take 
steps to improve the oversight of COOP planning by conducting 
assessments of agency continuity plans that include independent 
verification of agency-provided information, as well as an assessment 
of the essential functions identified and their interdependencies with 
other activities; 
Report number and date of issuance: GAO-04-160 (February 27, 2004); 
Timeframes reported by DHS: DHS reports that its Readiness Reporting 
System will be used to assist it in assessing agency contingency 
plans. DHS further notes that it plans to initially deploy this system 
in fiscal year 2005. Finally, DHS reported that it would conduct an 
independent validation of each departments' and agency's self-
assessment after deployment of the Readiness Reporting System; 
Challenges reported by DHS: None provided.

Report title: Continuity of Operations: Improved Planning Needed to 
Ensure Delivery of Essential Government Services; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: The Secretary should direct the Under Secretary to take 
steps to improve the oversight of COOP planning by ensuring that 
agencies correct the deficiencies in individual COOP plans identified 
here, as well as those identified in previous assessments; 
Report number and date of issuance: GAO-04-160 (February 27, 2004); 
Timeframes reported by DHS: DHS noted that it developed an exercise, 
Forward Challenge, to assist departments and agencies in improving 
individual COOP. As a result, DHS is working with those departments 
and agencies to complete after-action reports and will work with those 
agencies to improve their COOP capabilities. DHS further reports that 
the Forward Challenge after-action reports will be completed by 
September 30, 2004, and will include recommendations for measures to 
improve COOP capability. DHS also noted that it has developed a COOP 
manager's course which it plans to pilot from June 29 to July 1, 2004. 
Additionally, DHS has scheduled 10 additional courses from June 2004 
through January 2005; 
Challenges reported by DHS: None provided.

Directorate of Information Analysis and Infrastructure Protection[B]: 

Report title: Homeland Security: Voluntary Initiatives Are Under Way at 
Chemical Facilities, but the Extent of Security Preparedness Is 
Unknown; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: In order to ensure that chemical facilities take action 
to review and address security vulnerabilities, the Secretary of 
Homeland Security and the Administrator of the Environmental Protection 
Agency (EPA) should jointly develop, in consultation with the Office 
of Homeland Security, a comprehensive national chemical security 
strategy that is both practical and cost effective. This national 
strategy should specify the roles and responsibilities of each federal
agency partnering with the chemical industry; 
Report number and date of issuance: GAO-03-439 (March 14, 2003); 
Timeframes reported by DHS: Homeland Security Presidential Directive 
Number 7 (HSPD-7) requires DHS to produce a comprehensive, integrated 
National Plan for Critical Infrastructure and Key Resources Protection 
to outline national goals, objectives, milestones, and key initiatives 
by December 17, 2004. DHS states that this plan will consist of an 
overview as well as supplements addressing each critical 
infrastructure sector. As such, DHS notes that the chemical sector-
specific plan will describe the roles and responsibilities of all 
sector stakeholders, including federal agencies; 
Challenges reported by DHS: DHS indicated that it does not face any 
challenges in implementing actions on this recommendation.

Report title: Homeland Security: Voluntary Initiatives Are Under Way at 
Chemical Facilities, but the Extent of Security Preparedness Is 
Unknown; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: In order to ensure that chemical facilities take action 
to review and address security vulnerabilities, the Secretary of 
Homeland Security and the Administrator of EPA should jointly develop, 
in consultation with the Office of Homeland Security, a comprehensive 
national chemical security strategy that is both practical and cost 
effective. This national strategy should develop appropriate 
information sharing mechanisms; 
Report number and date of issuance: GAO-03-439 (March 14, 2003); 
Timeframes reported by DHS: DHS reports that a chemical information 
sharing and analysis center is currently active and serves as the 
primary information sharing mechanism within the chemical sector. DHS 
also notes that the National Infrastructure Protective Plan with its 
supporting sector-specific plans should be completed by December 2004. 
DHS reports that the chemical sector -specific plan will describe the 
information sharing mechanisms and processes within the chemical 
sector; 
Challenges reported by DHS: DHS indicated that it does not face any 
challenges in implementing actions on this recommendation.

Report title: Homeland Security: Voluntary Initiatives Are Under Way at 
Chemical Facilities, but the Extent of Security Preparedness Is 
Unknown; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: In order to ensure that chemical facilities take action 
to review and address security vulnerabilities, the Secretary of 
Homeland Security and the Administrator of EPA should jointly develop, 
in consultation with the Office of Homeland Security, a comprehensive 
national chemical security strategy that is both practical and cost 
effective. This national strategy should identify high-risk facilities 
based on factors including the level of threat and collect information 
on industry security preparedness; 
Report number and date of issuance: GAO-03-439 (March 14, 2003); 
Timeframes reported by DHS: DHS notes that the National Infrastructure 
Protective Plan with its supporting sector -specific plans should be 
completed by December 2004. As such, the chemical sector-specific plan 
will describe the process to be used in prioritizing and assessing the 
vulnerability of chemical facilities within the chemical sector. DHS 
further reports that HSPD-7 requires them to report annually, 
beginning in December 2004, on the status of DHS's efforts to identify, 
prioritize, and coordinate the protection of critical infrastructure 
and key resources within the chemical sector; 
Challenges reported by DHS: DHS indicated that it does not face any 
challenges in implementing actions on this recommendation.

Report title: Homeland Security: Voluntary Initiatives Are Under Way at 
Chemical Facilities, but the Extent of Security Preparedness Is 
Unknown; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: In order to ensure that chemical facilities take action 
to review and address security vulnerabilities, the Secretary of 
Homeland Security and the Administrator of EPA should jointly develop, 
in consultation with the Office of Homeland Security, a comprehensive 
national chemical security strategy that is both practical and cost 
effective. This national strategy should develop a legislative 
proposal, in consultation with industry and other appropriate groups, 
to require these chemical facilities to expeditiously assess their 
vulnerability to terrorist attacks and, where necessary, require these 
facilities to take corrective action; 
Report number and date of issuance: GAO-03-439 (March 14, 2003); 
Timeframes reported by DHS: None provided; 
Challenges reported by DHS: None provided.

Report title: Critical Infrastructure Protection: Challenges for 
Selected Agencies and Industry Sectors; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To assist the administration in establishing CIP 
priorities for all major federal agencies, critical infrastructure 
sectors, and the Department of Homeland Security, the Director of the 
National Infrastructure Protection Center (NIPC) should determine the 
status and identify additional actions needed to improve the quality 
and quantity of information being provided by information sharing and 
analysis centers (ISACs), and of plans made by the new department's 
Information Analysis and Infrastructure Protection directorate and the 
ISACs to enhance the current information-sharing process; 
Report number and date of issuance: GAO-03-233 (February 28, 2003); 
Timeframes reported by DHS: DHS believes that it has completed actions 
on this recommendation. Thus, DHS did not provide any specific 
timeframes for future completion. GAO is currently evaluating DHS's 
information sharing and plans to report on the issue by July 9, 2004; 
Challenges reported by DHS: DHS indicated that it does not face any 
challenges in implementing actions on this recommendation.

Report title: Critical Infrastructure Protection: Challenges for 
Selected Agencies and Industry Sectors; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To help ensure that private-sector ISACs continue efforts 
to improve their critical infrastructure protection (CIP) activities, 
the Secretary of Energy, the Secretary of Commerce, and the 
Administrator of EPA, through their lead agency responsibilities for 
the energy, electricity, information, communication, and water 
industry sectors, should assess the need for grants, tax incentives, 
regulation, or other public policy tools to encourage increased 
private-sector CIP activities and greater sharing of intelligence and 
incident information between the sectors and the federal government. 
After lead agency responsibilities for the information and 
telecommunications sector are transitioned to the Department of 
Homeland Security, the Secretary of that department would become 
responsible for that sector; 
Report number and date of issuance: GAO-03-233 (February 28, 2003); 
Timeframes reported by DHS: None provided; 
Challenges reported by DHS: None provided.

Report title: Critical Infrastructure Protection: Challenges for 
Selected Agencies and Industry Sectors; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To assist the administration in establishing CIP 
priorities for all major federal agencies, critical infrastructure 
sectors, and the Department of Homeland Security, the Director of the 
Critical Infrastructure Assurance Office should determine the status 
of, and identify additional actions needed to improve the federal 
government's efforts and progress in implementing, federal CIP policy, 
including identifying the federal government's critical assets, 
completing vulnerability assessments for these assets, remedying 
identified vulnerabilities, and incorporating these assets into 
continuity of operations plans; 
Report number and date of issuance: GAO-03-233 (February 28, 2003); 
Timeframes reported by DHS: HSPD-7 requires all Federal departments 
and agencies to develop plans for protecting the physical and cyber 
critical infrastructure and key resources that they own or operate. 
These plans must address identification, prioritization, protection, 
and contingency planning, including the recovery and reconstitution of 
essential capabilities. OMB is requiring that all federal agencies and 
departments submit such plans by July 31, 2004; 
Challenges reported by DHS: DHS indicated that it does not face any 
challenges in implementing actions on this recommendation.

Report title: Critical Infrastructure Protection: Significant 
Challenges in Developing National Capabilities; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: The Attorney General should task the FBI Director to 
require the NIPC[D] Director to develop a comprehensive written plan 
for establishing analysis and warning capabilities that integrates 
existing planning elements and includes a description of the 
relationship between the long-term goals and objectives and the annual 
performance goals; 
Report number and date of issuance: GAO-01-323 (April 25, 2001); 
Timeframes reported by DHS: DHS reports that the U.S. Computer 
Emergency Readiness Team (U.S. CERT) was created in September 2003 and 
serves as the national focal point for computer security efforts, 
including the analysis and reduction of cyber threats and 
vulnerabilities; the dissemination of cyber threat warning 
information; and the coordination of incident response. GAO 
acknowledges that U.S. CERT has been established, but that its 
establishment alone does not fully address the recommendation and 
further analysis is needed; 
Challenges reported by DHS: DHS indicated that it does not face any 
challenges in implementing actions on this recommendation.

Report title: Critical Infrastructure Protection: Significant 
Challenges in Developing National Capabilities; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: The Attorney General should task the FBI Director to 
require the NIPC[E] Director to develop a comprehensive written plan 
for establishing analysis and warning capabilities that integrates 
existing planning elements and includes a description of how program 
evaluations could be used to establish or revise strategic goals, along 
with a schedule for future program evaluations; 
Report number and date of issuance: GAO-01-323 (April 25, 2001); 
Timeframes reported by DHS: DHS reports that the U.S. Computer 
Emergency Readiness Team (U.S. CERT) was created in September 2003 and 
serves as the national focal point for computer security efforts, 
including the analysis and reduction of cyber threats and 
vulnerabilities; the dissemination of cyber threat warning 
information; and the coordination of incident response. GAO 
acknowledges that U.S. CERT has been established, but that its 
establishment alone does not fully address the recommendation and 
further analysis is needed; 
Challenges reported by DHS: DHS indicated that it does not face any 
challenges in implementing actions on this recommendation.

Report title: Critical Infrastructure Protection: Significant 
Challenges in Developing National Capabilities; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: The Attorney General should task the FBI Director to 
require the NIPC[E] Director to develop a comprehensive written plan 
for establishing analysis and warning capabilities that integrates 
existing planning elements and includes approaches (or strategies) and 
the various resources needed to achieve the goals and objectives; 
Report number and date of issuance: GAO-01-323 (April 25, 2001); 
Timeframes reported by DHS: DHS reports that the U.S. Computer 
Emergency Readiness Team (U.S. CERT) was created in September 2003 and 
serves as the national focal point for computer security efforts, 
including the analysis and reduction of cyber threats and 
vulnerabilities; the dissemination of cyber threat warning 
information; and the coordination of incident response. GAO 
acknowledges that U.S. CERT has been established, but that its 
establishment alone does not fully address the recommendation and 
further analysis is needed; 
Challenges reported by DHS: DHS indicated that it does not face any 
challenges in implementing actions on this recommendation.

Report title: Critical Infrastructure Protection: Significant 
Challenges in Developing National Capabilities; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: The Attorney General should task the FBI Director to 
require the NIPC[E] Director to develop a comprehensive written plan 
for establishing analysis and warning capabilities that integrates 
existing planning elements and includes milestones and performance 
measures; 
Report number and date of issuance: GAO-01-323 (April 25, 2001); 
Timeframes reported by DHS: DHS reports that the U.S. Computer 
Emergency Readiness Team (U.S. CERT) was created in September 2003 and 
serves as the national focal point for computer security efforts, 
including the analysis and reduction of cyber threats and 
vulnerabilities; the dissemination of cyber threat warning 
information; and the coordination of incident response. GAO 
acknowledges that U.S. CERT has been established, but that its 
establishment alone does not fully address the recommendation and 
further analysis is needed; 
Challenges reported by DHS: DHS indicated that it does not face any 
challenges in implementing actions on this recommendation.

Report title: Critical Infrastructure Protection: Significant 
Challenges in Developing National Capabilities; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To ensure that NIPC[E] develops the response, 
investigative and crisis management capabilities required by 
Presidential Decision Directive (PDD) 63, the Attorney General should 
direct the FBI Director to direct the NIPC Director to (1) formalize 
relationships between NIPC and other federal entities, including DOD 
and the Secret Service, and private sector Information Sharing and 
Analysis Centers (ISAC) so that a clear understanding of what is 
expected from the respective organization exists, (2) develop a plan to 
foster the two-way exchange of information between NIPC and the ISACs, 
and (3) ensure that the Key Asset Initiative is integrated with other 
similar federal activities; 
Report number and date of issuance: GAO-01-323 (April 25, 2001); 
Timeframes reported by DHS: DHS anticipates completing the HSPD-7 
mandated National Plan for Critical Infrastructure by December 2004, 
which DHS states it will provide clarification on roles and 
relationships of federal agencies with regard to critical 
infrastructure protection and ensure that the key asset initiative is 
integrated with other similar federal activities; 
Challenges reported by DHS: DHS indicated that it does not face any 
challenges in implementing actions on this recommendation.

Directorate of Science and Technology[B]: 

Report title: The Department of Homeland Security Needs to Fully Adopt 
a Knowledge-Based Approach to Its Counter-MANPADS Development Program; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: The Secretary of Homeland Security should fully adopt the 
knowledge-based approach, including the use of exit criteria, to help 
ensure that key decisions in DHS's effort to develop and demonstrate a 
counter man-portable air defense systems (MANPADS) are based on 
sufficient information; 
Report number and date of issuance: GAO-04- 341R (January 30, 2004); 
Timeframes reported by DHS: DHS reports that implementation of this 
recommendation is being conducted in two phases. The first phase is 
scheduled to occur from January through July 2004. The second phase 
will take place from August 2004 to January 2006; 
Challenges reported by DHS: DHS notes that it faces several challenges 
in implementing this recommendation, including (1) ensuring the 
contractor meets rigorous system performance requirements, (2) 
integrating the defense systems into commercial aircraft, (3) 
obtaining Federal Aviation Administration certification, (4) ensuring 
that there is an appropriate maintenance plan for the program, (5) 
fully evaluating and testing the system, and (6) conducting 
appropriate lifecycle cost analysis.

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To complete and enhance Plum Island's security 
arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, correct physical 
security deficiencies by addressing the specific security shortcomings 
identified by GAO's Office of Special Investigations; 
Report number and date of issuance: GAO-03-847 (September 19, 2003); 
Timeframes reported by DHS: DHS has addressed several components of 
this recommendation such as key control and enhanced security of 
overnight accommodations. On June 28, 2004, a DHS official informed GAO 
that the fire brigade is fully operational. GAO is currently working to 
verify this information; 
Challenges reported by DHS: The background checks GAO has recommended 
require access to the Federal Bureau of Investigation's database, and 
no permanent arrangement has been made that provides Plum Island Animal 
Disease Center (PIADC) the needed access or working relationships (and 
reimbursement for services) to accomplish these checks on an ongoing 
basis.

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To complete and enhance Plum Island's security 
arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, enhance incident 
response capability by resolving the issue of the guards' authority to 
carry firearms and make arrests; 
Report number and date of issuance: GAO-03-847 (September 19, 2003); 
Timeframes reported by DHS: DHS will implement this recommendation by 
assigning responsibility to its Federal Protective Service (FPS). On 
June 28, 2004, a DHS official informed GAO that an initial FPS officer 
was placed on-site at the island. Additional personnel are to be 
assigned by the fall of 2004. GAO will work with DHS to verify 
information provided as of June 28, 2004, and to determine the 
continued status of this recommendation; 
Challenges reported by DHS: While security guards at PIADC currently 
carry firearms, DHS notes that they do not have the authority to make 
arrests. This recommendation will not be fully implemented until the 
guard force has the authority to make arrests. DHS reports that placing 
such officers on-site is a complex action involving several DHS offices 
and the General Services Administration.

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To complete and enhance Plum Island's security 
arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, revise, as necessary, 
security and incident response plans to reflect any redefined, risks, 
threats, and assets; 
Report number and date of issuance: GAO-03-847 (September 19, 2003); 
Timeframes reported by DHS: The site security plan and the incident 
response plan have been revised to reflect redefine risks, threats, 
and assets. However, this plan will not be finalized until FPS is on 
site at PIADC. As mentioned above, On June 28, 2004, a DHS official 
informed GAO that an initial FPS officer was placed on-site at the 
island. Additional personnel are to be assigned by the fall of 2004. 
GAO will work with DHS to verify information provided as of June 28, 
2004, and to determine the continued status of this recommendation; 
Challenges reported by DHS: This recommendation will not be fully 
implemented until such resources are on-site at PIADC. DHS reports 
that placing such officers on-site is a complex action involving 
several DHS 
offices and the General Services Administration.

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To complete and enhance Plum Island's security 
arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, consult with 
appropriate state and local law enforcement and intelligence agencies 
to revisit the threats specific to PIADC; 
Report number and date of issuance: GAO-03-847 (September 19, 2003); 
Timeframes reported by DHS: None provided; 
Challenges reported by DHS: DHS reports that it is not facing any 
challenges in implementing this recommendation.

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To complete and enhance Plum Island's security 
arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, enhance incident 
response capability by conducting exercises with local law enforcement 
to test the efficiency and effectiveness of Plum Island's response 
capability; 
Report number and date of issuance: GAO- 03-847 September 19, 2003); 
Timeframes reported by DHS: DHS is working to place FPS personnel on-
site at the PIADC. On June 28, 2004, a DHS official informed GAO that 
an initial FPS officer was placed on-site at the island. Additional 
personnel are to be assigned by the fall of 2004. GAO will work with 
DHS to verify that Plum Island's response capabilities are enhanced 
through exercises conducted with local law enforcement; 
Challenges reported by DHS: This recommendation will not be fully 
implemented until FPS resources are on-site at PIADC. DHS reports that 
placing such officers on-site is a complex action involving several 
DHS offices and the General Services Administration.

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To complete and enhance Plum Island's security 
arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, enhance incident 
response capability by developing an incident response plan that 
includes precise detail about what to do in the event an incident 
occurs that exceeds the capability of the security system, such as a 
terrorist attack; 
Report number and date of issuance: GAO- 03-847 (September 19, 2003); 
Timeframes reported by DHS: DHS has prepared a site security plan, 
including the Incident Response Plan, which can be finalized and 
approved when FPS arrives at PIADC. On June 28, 2004, a DHS official 
informed GAO that an initial FPS officer was placed on-site at the 
island. Additional personnel are to be assigned by the fall of 2004. 
GAO will work with DHS to verify that an incident response plan has 
been enhanced and can be implemented; 
Challenges reported by DHS: This recommendation will not be fully 
implemented until such resources are on-site at PIADC. DHS reports that 
placing such officers on-site is a complex action involving several 
DHS offices and the General Services Administration.

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To complete and enhance Plum Island's security 
arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, enhance incident 
response capability by completing an agreement with local law 
enforcement agencies to ensure backup assistance when needed; 
Report number and date of issuance: GAO-03-847 (September 19, 2003); 
Timeframes reported by DHS: DHS is working to place FPS personnel on-
site at the PIADC. On June 28, 2004, a DHS official informed GAO that 
an initial FPS officer was placed on-site at the island. Additional 
personnel are to be assigned by the fall of 2004. GAO will work with 
DHS to verify that agreements are in place for obtaining backup law 
enforcement assistance; 
Challenges reported by DHS: This recommendation will not be fully 
implemented until such resources are on-site at PIADC. DHS reports 
that placing such officers on-site is a complex action involving 
several DHS offices and the General Services Administration.

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To complete and enhance Plum Island's security 
arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, limit access to 
pathogens by further developing and enforcing specific procedures, 
including internal control checks, to ensure that all individuals 
involved in laboratory activities in the biocontainment area--including 
students and regardless of citizenship--have been approved, in 
accordance with the law; 
Report number and date of issuance: GAO-03-847 (September 19, 2003); 
Timeframes reported by DHS: To partially address this recommendation, 
DHS has established and implemented an escort procedure within the bio-
containment area. On June 28, 2004, a DHS official informed GAO that 
an initial FPS officer was placed on-site at the island. Additional 
personnel are to be assigned by the fall of 2004. GAO will work with 
DHS to verify that access to the laboratory bio-containment area is 
limited to those who have been approved for access in accordance with
the law; 
Challenges reported by DHS: DHS escort procedures in the bio-
containment area require that assigned escorts stay in continuous 
contact with uncleared persons. To allow access to the island by 
foreign visitors, DHS's Office of Security performs background checks. 
PIADC does not have access to the necessary databases to do the checks 
themselves. Once FPS is on-site at the island, access to the databases 
can be established and all visitor names can be checked at PIADC. DHS 
reports that placing such officers on-site is a complex action 
involving several DHS offices and the General Services Administration.

Report title: Combating Bioterrorism: Actions Needed to Improve 
Security at Plum Island Animal Disease Center; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: To complete and enhance Plum Island's security 
arrangements, the Secretary of Homeland Security should, in 
consultation with the Secretary of Agriculture, enhance incident 
response capability by defining an adequate response time for law 
enforcement to respond to incidents; 
Report number and date of issuance: GAO-03-847 (September 19, 2003); 
Timeframes reported by DHS: The incident response plan can be 
finalized and approved when FPS is on board at PIADC and has agreed 
that the provisions in the draft are acceptable and sufficient for the 
memorandum of agreement, which DHS proposes to enter into with local 
law enforcement. The draft plan's actions are in effect in the interim; 
Challenges reported by DHS: This recommendation will not be fully 
implemented until FPS resources are on-site at PIADC and FPS has agreed 
that the provisions in the draft are acceptable and sufficient and 
training exercises have been completed to determine adequate response 
time. DHS reports that placing such officers on-site is a complex 
action involving several DHS offices and the General Services 
Administration.

Management Division[B]: 

Report title: Homeland Security: Efforts to Improve Information 
Sharing Need to Be Strengthened; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: In developing its enterprise architecture, the Secretary 
of Homeland Security should work with the Attorney General of the 
United States; the Secretary of Defense; the Director, Office of 
Management and Budget; the Director, Central Intelligence Agency; and 
other appropriate federal, state, and city authorities and the private 
sector to ensure that the enterprise architecture efforts incorporate 
the existing information-sharing guidance that is contained in the 
various national strategies and the information-sharing procedures 
required by the Homeland Security Act to be established by the 
President; 
Report number and date of issuance: GAO-03-760 (August 27, 2003); 
Timeframes reported by DHS: According to DHS, Version 2.0 of the 
homeland security enterprise architecture will be completed in 
September 2004. DHS states that this version will feature sustained 
business involvement and increased state and local participation, with 
significant emphasis on information sharing, interoperability, and 
information technology integration. It will also demonstrate how 
stakeholders fit into the information flow that enables them to 
actively participate in securing the homeland; 
Challenges reported by DHS: None provided.

Report title: Homeland Security: Efforts to Improve Information 
Sharing Need to Be Strengthened; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: In developing its enterprise architecture, the Secretary 
of Homeland Security should work with the Attorney General of the 
United States; the Secretary of Defense; the Director, Office of 
Management and Budget; the Director, Central Intelligence Agency; and 
other appropriate federal, state, and city authorities and the private 
sector to ensure that the enterprise architecture efforts establish a 
clearinghouse to coordinate the various information-sharing initiatives 
to eliminate possible confusion and duplication of effort; 
Report number and date of issuance: GAO-03-760 (August 27, 2003); 
Timeframes reported by DHS: DHS reports that the Chief Information 
Officer is exploring the costs and benefits associated with a Web-
based application to gather information on information-sharing 
initiatives in a more structured manner and to simplify the data 
collection burden on other levels of governments. Additionally, DHS 
notes that it will establish a program management office responsible 
for crystallizing a vision, defining a comprehensive strategy, and 
monitoring performance toward achieving the information sharing goals 
of the National Homeland Security Strategy. However, DHS did not 
provide a timeframe for completing these efforts; 
Challenges reported by DHS: None provided.

Report title: Homeland Security: Efforts to Improve Information 
Sharing Need to Be Strengthened; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: In developing its enterprise architecture, the Secretary 
of Homeland Security should work with the Attorney General of the 
United States; the Secretary of Defense; the Director, Office of 
Management and Budget; the Director, Central Intelligence Agency; and 
other appropriate federal, state, and city authorities and the private 
sector to ensure that the enterprise architecture efforts fully 
integrate states and cities in the national policy-making process for 
information sharing and take steps to provide greater assurance that 
actions at all levels of government are mutually reinforcing; 
Report number and date of issuance: GAO-03-760 (August 27, 2003); 
Timeframes reported by DHS: DHS reports that it established a state
and local working group by partnering with the National Association of 
State Chief Information Officers and has been an active participant in 
the development of DHS's enterprise architecture; DHS further notes 
that it will coordinate its activities with the Information Sharing 
Program Management Office. This office will be responsible for 
establishing policy and utilizing the enterprise architecture to 
ensure compliance when information technology modernization 
initiatives are implemented. However, DHS did not provide a timeframe 
for the completion of this effort; 
Challenges reported by DHS: None provided.

Report title: Homeland Security: Efforts to Improve Information 
Sharing Need to Be Strengthened; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: In developing its enterprise architecture, the Secretary 
of Homeland Security should work with the Attorney General of the 
United States; the Secretary of Defense; the Director, Office of 
Management and Budget; the Director, Central Intelligence Agency; and 
other appropriate federal, state, and city authorities and the private 
sector to ensure that the enterprise architecture efforts identify and 
address the perceived barriers to federal information sharing; 
Report number and date of issuance: GAO- 03-760 (August 27, 2003); 
Timeframes reported by DHS: DHS reports that it intends to address 
barriers and obstacles to information sharing in the risk management 
section of its Enterprise Architecture (version 2.0) and in guidance 
to related projects. However, DHS did not provide a timeframe for 
completing this action; 
Challenges reported by DHS: None provided.

Report title: Homeland Security: Efforts to Improve Information 
Sharing Need to Be Strengthened; 
Key recommendation[A]: Directorate of Border and Transportation 
Security[B]: In developing its enterprise architecture, the Secretary 
of Homeland Security should work with the Attorney General of the 
United States; the Secretary of Defense; the Director, Office of 
Management and Budget; the Director, Central Intelligence Agency; and 
other appropriate federal, state, and city authorities and the private 
sector to ensure that the enterprise architecture efforts include the 
use of survey methods or related data collection approaches to 
determine, over time, the needs of private and public organizations 
for information related to homeland security and to measure progress 
in improving information sharing at all levels of government; 
Report number and date of issuance: GAO-03-760 (August 27, 2003); 
Timeframes reported by DHS: None provided; 
Challenges reported by DHS: None provided.

[A] Key GAO recommendations reflect actions that must be taken either 
to aid in securing the nation's homeland or to swiftly and 
appropriately respond to future terrorist attacks.

[B] GAO reports issued prior to March 1, 2003, were directed to legacy 
agencies that are now part of this directorate/division.

[C] GAO also recommended that the Secretary of Homeland Security, 
establish and charter an executive body to guide and direct the US 
Visit Program, which DHS completed. For the full recommendation related 
to this executive body, see enclosure II.

[D] Upon transfer of the NIPC from the Department of Justice to DHS, 
DHS became responsible for implementation of this recommendation.

[End of table]

[End of section] 

Enclosure IV: Comments from the Department of Homeland Security:

[See PDF for image]

[End of figure]

[End of section]

FOOTNOTES

[1] See U.S. General Accounting Office, Homeland Security: Selected 
Recommendations from Congressionally Chartered Commissions and GAO, 
GAO-04-591 (Washington, D.C.: Mar. 31, 2004). 

[2] P.L. 107-296 (Nov. 25, 2002).

[3] We believe that the implementation of these recommendations is key 
to the agency's ability to effectively fulfill its homeland security 
mission.

[4] Since March 1, 2003, we have and will continue to issue 
recommendations, many of which are key to DHS's ability to effectively 
fulfill its homeland security mission. For example, in May 2004, we 
issued Overstay Tracking: A Key Component of Homeland Security and a 
Layered Defense that cites recommendations that are relevant to the 
evaluation of DHS's new U.S. Visitor and Immigrant Status Indicator 
Technology program, see GAO-04-82, May 21, 2004. This report and its 
recommendations as well as others like it are not included in the 
results of our review since they are outside the scope of our work.

[5] In commenting on our reports, which contained the other 8 
recommendations, DHS generally indicated concurrence with the 
recommendations. 

[6] This plan addresses the recommendations contained in our report, 
Critical Infrastructure Protection: Significant Challenges in 
Developing National Capabilities, GAO-01-323, (Washington, D.C.: Apr. 
25, 2001).