Risk management (11 - 20 of 140 items)
High-Containment Laboratories: Comprehensive and Up-to-Date Policies and Stronger Oversight Mechanisms Needed to Improve Safety
GAO-16-305: Published: Mar 21, 2016. Publicly Released: Apr 19, 2016.
Most of the 8 departments and 15 agencies that GAO reviewed had policies that were not comprehensive, and some departments and agencies had policies that were not up to date. Specifically, policies at 5 departments and 9 agencies were not comprehensive because they did not contain all six elements that GAO identified as key for managing biological agents in high-containment laboratories. These ele...
Quadrennial Homeland Security Review: Improved Risk Analysis and Stakeholder Consultations Could Enhance Future Reviews
GAO-16-371: Published: Apr 15, 2016. Publicly Released: Apr 15, 2016.
The Department of Homeland Security (DHS) assessed risk for the second Quadrennial Homeland Security Review (QHSR) and considered threats, vulnerabilities, and consequences; however, DHS did not document how its various analyses were synthesized to generate results, thus limiting the reproducibility and defensibility of the results. Without sufficient documentation, the QHSR risk results cannot ea...
Emergency Management: Improved Federal Coordination Could Better Assist K-12 Schools Prepare for Emergencies
GAO-16-144: Published: Mar 10, 2016. Publicly Released: Apr 11, 2016.
The Departments of Education (Education), Health and Human Services (HHS), Homeland Security (DHS), and Justice (Justice) support K-12 schools in preparing for emergencies with various resources, including training, technical assistance, and funding, but their efforts are not strategically coordinated. Since jointly issuing a Guide for Developing High-Quality School Emergency Operations Plans in...
Critical Infrastructure Protection: Sector-Specific Agencies Need to Better Measure Cybersecurity Progress
GAO-16-79: Published: Nov 19, 2015. Publicly Released: Nov 19, 2015.
Sector-specific agencies (SSA) determined the significance of cyber risk to networks and industrial control systems for all 15 of the sectors in the scope of GAO's review. Specifically, they determined that cyber risk was significant for 11 of 15 sectors. Although the SSAs for the remaining four sectors had not determined cyber risks to be significant during their 2010 sector-specific planning pro...
Maritime Critical Infrastructure Protection: DHS Needs to Enhance Efforts to Address Port Cybersecurity
GAO-16-116T: Published: Oct 8, 2015. Publicly Released: Oct 8, 2015.
Similar to other critical infrastructures, the nation's ports face an evolving array of cyber-based threats. These can come from insiders, criminals, terrorists, or other hostile sources and may employ a variety of techniques or exploits, such as denial-of-service attacks and malicious software. By exploiting vulnerabilities in information and communications technologies supporting port operations...
Homeland Security: Actions Needed to Better Manage Security Screening at Federal Buildings and Courthouses
GAO-15-445: Published: Mar 31, 2015. Publicly Released: Apr 30, 2015.
The Department of Homeland Security's (DHS) Federal Protective Service (FPS) and the Department of Justice's (DOJ) United States Marshals Service (USMS) experience a range of challenges in their efforts to provide effective security screening, including:Building characteristics and location may limit security options: many General Services Administration (GSA) buildings were designed and construct...
Homeland Security: Action Needed to Better Assess Cost-Effectiveness of Security Enhancements at Federal Facilities [Reissued on April 2, 2015]
GAO-15-444: Published: Mar 24, 2015. Publicly Released: Mar 24, 2015.
The federal civilian entities GAO selected—the Department of Homeland Security's (DHS) Federal Emergency Management Agency (FEMA), the General Services Administration (GSA), the Department of Justice's United States Marshals Service (USMS), the Smithsonian Institution (Smithsonian), and the Social Security Administration (SSA)—have implemented a range of enhancements to improve physical securi...
Aviation Security: TSA Should Take Additional Action to Obtain Stakeholder Input when Modifying the Prohibited Items List
GAO-15-261: Published: Feb 4, 2015. Publicly Released: Mar 6, 2015.
Transportation Security Administration (TSA) officials stated that TSA considers four factors when determining whether to make modifications to the Prohibited Items List (PIL), but the agency did not fully assess risk when considering its recent proposed PIL modifications, as GAO has previously recommended. TSA generally considers the following four factors when determining whether to modify the P...
Aviation Security: Rapid Growth in Expedited Passenger Screening Highlights Need to Plan Effective Security Assessments
GAO-15-150: Published: Dec 12, 2014. Publicly Released: Dec 12, 2014.
Since the Transportation Security Administration (TSA) implemented its expedited screening program—known as TSA Pre✓TM in 2011, the number of passengers receiving expedited screening grew slowly, and then increased about 300 percent in October 2013 when TSA expanded its use of methods to increase passenger participation, such as conducting automated risk assessments of all passengers. In condu...
Combating Terrorism: Strategy to Counter Iran in the Western Hemisphere Has Gaps That State Department Should Address
GAO-14-834: Published: Sep 29, 2014. Publicly Released: Oct 21, 2014.
The Department of State (State) uses a variety of mechanisms to collaborate with interagency partners and host governments to address activities of Iran in the Western Hemisphere. In developing the strategy, which includes an Intelligence Community Assessment developed by the Office of the Director of National Intelligence (ODNI), State's Bureau of Western Hemisphere Affairs worked with other U.S...