Passenger Rail Security:
Evaluating Foreign Security Practices and Risk Can Help Guide Security Efforts
GAO-06-557T, Mar 29, 2006
The July 2005 bombing attacks on London's subway system dramatically revealed the vulnerability of passenger rail systems worldwide to terrorist attacks and demonstrated the need for an increased focus on security for these systems. This testimony, which is based primarily on GAO's September 2005 report on passenger rail security (GAO-05-851), provides information on (1) the security practices that domestic and selected foreign rail transit operators have implemented to mitigate risks and enhance security; (2) the Department of Homeland Security's (DHS) and the Department of Transportation's (DOT) funding of rail transit security and use of risk management in funding decisions; and (3) the steps DHS and DOT have taken to improve coordination on rail transit security matters. As part of its 2005 report, GAO contacted 32 U.S. rail transit operators and 13 passenger rail operators in seven European and Asian countries.
Domestic and foreign rail transit operators GAO contacted have taken similar actions to help secure their systems, including implementing customer awareness programs, increasing the number and visibility of their security personnel, and upgrading security technology. Also, both domestic and foreign operators have used risk assessments to guide security-related activities and spending. However, GAO also observed security practices that were used by certain foreign passenger rail operators, but were not employed in the United States at the time of GAO's review. For example, some foreign rail operators use covert testing to help keep employees alert to security threats or randomly screen passengers. Centralized clearinghouses on rail security technologies, such as chemical sensors, and best practices are also maintained in some foreign countries. While introducing any of these security practices into the U.S. rail system may pose political, legal, fiscal, and cultural challenges, the practices may nevertheless warrant further examination. Both DHS and DOT help fund rail transit security investments, and DHS has promoted risk-based funding decisions in the allocation of transit security grants. DHS's Office of Grants and Training is the primary source of security funding for passenger rail systems, providing over $320 million in grants to rail transit agencies for fiscal years 2003 to 2006. The Office of Grants and Training has leveraged its grant-making authority to promote risk-based funding decisions for passenger rail by requiring, for example, that operators complete a risk assessment to be eligible for a transit security grant. As we have noted in previous reports, using assessments of risk to target resources to the highest priority is especially critical given the competition for resources within the rail transit sector, and between the rail transit sector and the other modes of transportation. DOT's Federal Transit Administration (FTA) also helps fund rail transit security efforts by providing financial assistance to transit agencies and requiring that they spend 1 percent of their urbanized area formula funds on security improvements. To improve coordination on transportation security matters, including rail transit security, DHS and DOT signed a memorandum of understanding (MOU) in September 2004. DHS and DOT also signed a transit security annex to the MOU in September 2005 that delineates specific security-related roles, responsibilities, resources, and commitments for transit issues. In GAO's view, these actions are positive steps forward in addressing the coordination problems GAO previously identified. For instance, federal and rail industry officials raised questions about the feasibility of implementing and complying with TSA's May 2004 security directives, citing limited opportunities to collaborate with TSA to ensure that industry best practices were incorporated. Effective coordination between DHS and DOT will continue to be important as both departments move forward with existing programs and new security initiatives.