Risk management (21 - 30 of 140 items)
Secure Flight: TSA Could Take Additional Steps to Strengthen Privacy Oversight Mechanisms
GAO-14-647: Published: Sep 9, 2014. Publicly Released: Sep 18, 2014.
The Transportation Security Administration (TSA) has taken steps to implement several of the privacy oversight mechanisms it planned to establish when Secure Flight implementation began in 2009, but additional actions could allow TSA to sustain and strengthen its efforts. Overall, TSA has implemented mechanisms to identify privacy implications associated with program operations and address them as...
Critical Infrastructure Protection: DHS Action Needed to Enhance Integration and Coordination of Vulnerability Assessment Efforts [Reissued on September 17, 2014]
GAO-14-507: Published: Sep 15, 2014. Publicly Released: Sep 15, 2014.
During fiscal years 2011 to 2013, various Department of Homeland Security (DHS) offices and components conducted or required thousands of vulnerability assessments of critical infrastructure (CI), but DHS is not positioned to integrate them in order to identify priorities. Although the Homeland Security Act of 2002 and the National Infrastructure Protection Plan (NIPP) call for DHS to integrate...
Maritime Critical Infrastructure Protection: DHS Needs to Better Address Port Cybersecurity
GAO-14-459: Published: Jun 5, 2014. Publicly Released: Jun 5, 2014.
Actions taken by the Department of Homeland Security (DHS) and two of its component agencies, the U.S. Coast Guard and Federal Emergency Management Agency (FEMA), as well as other federal agencies, to address cybersecurity in the maritime port environment have been limited.While the Coast Guard initiated a number of activities and coordinating strategies to improve physical security in specific po...
Federal Protective Service: Protecting Federal Facilities Remains A Challenge
GAO-14-623T: Published: May 21, 2014. Publicly Released: May 21, 2014.
The Federal Protective Service continues to face challenges ensuring that contract guards have been properly trained and certified before being deployed to federal facilities around the country. In September 2013, for example, GAO reported that providing training for active shooter scenarios and screening access to federal facilities poses a challenge for FPS. According to officials at five guard...
Federal Facility Security: Additional Actions Needed to Help Agencies Comply with Risk Assessment Methodology Standards
GAO-14-86: Published: Mar 5, 2014. Publicly Released: Apr 7, 2014.
Three of the nine selected agencies' risk assessment methodologies that GAO reviewed—the Department of Energy (DOE), the Department of Justice (DOJ), and the Department of State (State)—fully align with the Interagency Security Committee's (ISC) risk assessment standards, but six do not—the Department of the Interior (DOI), the Department of Veterans Affairs (VA), the Federal Protective Serv...
Homeland Security: Federal Protective Service Continues to Face Challenges with Contract Guards and Risk Assessments at Federal Facilities
GAO-14-235T: Published: Dec 17, 2013. Publicly Released: Dec 17, 2013.
FPS faces challenges ensuring that contract guards have been properly trained and certified before being deployed to federal facilities around the country. In its September 2013 report, GAO found that providing active shooter response and screener training is a challenge for FPS. For example, according to officials at five guard companies, their contract guards have not received training on how to...
GPS Disruptions: Efforts to Assess Risks to Critical Infrastructure and Coordinate Agency Actions Should Be Enhanced
GAO-14-15: Published: Nov 6, 2013. Publicly Released: Nov 6, 2013.
To assess the risks and potential effects from disruptions in the Global Positioning System (GPS) on critical infrastructure, the Department of Homeland Security (DHS) published the GPS National Risk Estimate (NRE) in 2012. In doing so, DHS conducted a scenario-based risk assessment for four critical infrastructure sectors using subject matter experts from inside and outside of government. Risk as...
Nuclear Terrorism Response Plans: Major Cities Could Benefit from Federal Guidance on Responding to Nuclear and Radiological Attacks
GAO-13-736: Published: Sep 30, 2013. Publicly Released: Sep 30, 2013.
Many emergency managers from the 27 major cities responding to GAO's questionnaire, although not all, reported that their city had assessed the risks of a terrorist attack using a radiological dispersal device (RDD) or improvised nuclear device (IND) and had ranked the risk of these attacks as lower than the risk of other hazards they face. Also, 11 of the 27 reported that they had completed RDD r...
Information Sharing: Agencies Could Better Coordinate to Reduce Overlap in Field-Based Activities
GAO-13-471: Published: Apr 4, 2013. Publicly Released: Apr 4, 2013.
Five types of field-based information-sharing entities are supported, in part, by the federal government--Joint Terrorism Task Forces, Field Intelligence Groups, Regional Information Sharing Systems (RISS) centers, state and major urban area fusion centers, and High Intensity Drug Trafficking Area (HIDTA) Investigative Support Centers--and have distinct missions, roles, and responsibilities. Howev...
Critical Infrastructure Protection: Preliminary Observations on DHS Efforts to Assess Chemical Security Risk and Gather Feedback on Facility Outreach
GAO-13-412T: Published: Mar 14, 2013. Publicly Released: Mar 14, 2013.
Since 2007, the Department of Homeland Securitys (DHS) Infrastructure Security Compliance Division (ISCD) has assigned about 3,500 high-risk chemical facilities to risk-based tiers under its Chemical Facilities Anti-Terrorism Standards (CFATS) program, but it has not fully assessed its approach for doing so. The approach ISCD used to assess risk and make decisions to place facilities in fina...