Reports & Testimonies

  • GAO’s recommendations database contains report recommendations that still need to be addressed.

    GAO’s recommendations help congressional and agency leaders prepare for appropriations and oversight activities, as well as help improve government operations. Recommendations remain open until they are designated as Closed-implemented or Closed-not implemented. You can explore open recommendations by searching or browsing.

    GAO's priority recommendations are those that we believe warrant priority attention. We sent letters to the heads of key departments and agencies, urging them to continue focusing on these issues. These recommendations are labeled as such. You can find priority recommendations by searching or browsing our open recommendations below, or through our mobile app.

  • Browse Open Recommendations

    Explore priority recommendations by subject terms or browse by federal agency

    Search Open Recommendations

    Search for a specific priority recommendation by word or phrase



  • Governing on the go?

    Our Priorities for Policy Makers app makes it easier for leaders to search our recommendations on the go.

    See the November 10th Press Release


  • Have a Question about a Recommendation?

    • For questions about a specific recommendation, contact the person or office listed with the recommendation.
    • For general information about recommendations, contact GAO's Audit Policy and Quality Assurance office at (202) 512-6100 or apqa@gao.gov.
  • « Back to Results List Sort by   

    Results:

    Subject Term: "Perimeter security"

    3 publications with a total of 12 open recommendations
    Director: Jennifer Grover
    Phone: (202) 512-7141

    6 open recommendations
    Recommendation: To help ensure TSA's actions in overseeing and facilitating airport security are based on the most recent available risk information that assesses vulnerabilities system-wide and evaluates security events, and that these actions are orchestrated according to a strategic plan that reflects the agency's goals and objectives and its progress in meeting those goals, the Administrator of TSA should update the Risk Assessment of Airport Security to reflect changes to its risk environment, such as those updates reflected in Transportation Sector Security Risk Assessment (TSSRA) and JVA findings, and share results of this risk assessment with stakeholders on an ongoing basis.

    Agency: Department of Homeland Security: Transportation Security Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help ensure TSA's actions in overseeing and facilitating airport security are based on the most recent available risk information that assesses vulnerabilities system-wide and evaluates security events, and that these actions are orchestrated according to a strategic plan that reflects the agency's goals and objectives and its progress in meeting those goals, the Administrator of TSA should establish and implement a process for determining when additional risk assessment updates are needed.

    Agency: Department of Homeland Security: Transportation Security Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help ensure TSA's actions in overseeing and facilitating airport security are based on the most recent available risk information that assesses vulnerabilities system-wide and evaluates security events, and that these actions are orchestrated according to a strategic plan that reflects the agency's goals and objectives and its progress in meeting those goals, the Administrator of TSA should develop and implement a method for conducting a system-wide assessment of airport vulnerability that will provide a more comprehensive understanding of airport perimeter and access control security vulnerabilities.

    Agency: Department of Homeland Security: Transportation Security Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help ensure TSA's actions in overseeing and facilitating airport security are based on the most recent available risk information that assesses vulnerabilities system-wide and evaluates security events, and that these actions are orchestrated according to a strategic plan that reflects the agency's goals and objectives and its progress in meeting those goals, the Administrator of TSA should use security event data for specific analysis of system-wide trends related to perimeter and access control security to better inform risk management decisions.

    Agency: Department of Homeland Security: Transportation Security Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help ensure TSA's actions in overseeing and facilitating airport security are based on the most recent available risk information that assesses vulnerabilities system-wide and evaluates security events, and that these actions are orchestrated according to a strategic plan that reflects the agency's goals and objectives and its progress in meeting those goals, the Administrator of TSA should update the 2012 Strategy for airport security to reflect changes in risk assessments, agency operations, and the status of goals and objectives. Specifically, this update should reflect: (1) information from the Risk Assessment of Airport Security, as well as information contained in the most recent TSSRA and JVAs; (2) new airport security-related activities; (3) the status of TSA efforts to address goals and objectives; and (4) finalized outcome-based performance measures and performance levels--or targets--for each relevant activity and strategic goal.

    Agency: Department of Homeland Security: Transportation Security Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Recommendation: To help ensure TSA's actions in overseeing and facilitating airport security are based on the most recent available risk information that assesses vulnerabilities system-wide and evaluates security events, and that these actions are orchestrated according to a strategic plan that reflects the agency's goals and objectives and its progress in meeting those goals, the Administrator of TSA should establish and implement a process for determining when additional updates to the Strategy are needed.

    Agency: Department of Homeland Security: Transportation Security Administration
    Status: Open

    Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
    Director: Stephen Caldwell
    Phone: (202) 512-8777

    4 open recommendations
    Recommendation: Within DHS, to promote efficiency and harmonize the various assessments to advance security and resilience across the spectrum of CI in a manner consistent with the Homeland Security Act of 2002, PPD-21, and the NIPP, the Secretary of Homeland Security should direct the Under Secretary for the National Protection and Programs Directorate work with other DHS offices and components to develop and implement ways that DHS can facilitate data sharing and coordination of vulnerability assessments to minimize the risk of potential duplication or gaps in coverage.

    Agency: Department of Homeland Security
    Status: Open

    Comments: DHS has taken action in response to GAO's September 2014 recommendation to develop a department-wide process to facilitate data sharing and coordination among the various DHS components that conduct or require vulnerability assessments, but has not fully implemented the recommendation. DHS first reported to GAO in August 2015 that its Office of Infrastructure Protection (IP) and the Sector Outreach and Programs Division Innovation Center had formed a vulnerability assessment working group comprised of a variety of federal stakeholders, both within and outside DHS, to enhance overall integration and coordination of vulnerability assessment efforts. In December 2015, DHS stated that IP was conducting pilot projects to expand access to its IPGateway portal--IP's system that houses infrastructure data and identifies facilities that have been assessed by IP. In a July 2016 update, DHS reported that IP had reached agreement with DHS components to expand access to its IP Gateway portal to those partners as a means to share IP's vulnerability assessment information and help coordinate assessment visits and related activities. DHS also noted in its update that IP had begun providing access to IP Gateway to components within DHS but did not provide a date as to when that step would be complete. These are positive steps toward implementing a systematic and integrated approach for facilitating data sharing and coordination of vulnerability assessments throughout the department. However, developing a department-wide process to facilitate data sharing and coordination among the DHS offices and components that conduct or require vulnerability assessments would better enable DHS to minimize the risk of potential duplication and gaps by its offices and components in the vulnerability assessments they conduct. Because DHS is still in the process of completing these steps, the recommendation has not yet been fully implemented.
    Recommendation: Regarding SSAs and other federal departments or agencies external to DHS with CI security-related responsibilities that offer or conduct vulnerability assessment tools and methods and building on our recommendation that DHS review its own vulnerability assessments, the Secretary of Homeland Security should direct the Under Secretary for the National Protection and Programs Directorate to work with SSAs and other federal agencies that have CI security responsibilities to identify key CI security-related assessment tools and methods used or offered by SSAs and other federal agencies.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of September 2016, DHS has established a Cross-Sector Integration and Innovation Center in conjunction with the Office of Infrastructure Protection, and has designed, created, and launched a Cross-Agency Vulnerability Assessment Working Group portal on the Homeland Security Information Network-Critical Infrastructure (HSIN-CI). The Working Group, consisting of members from multiple departments and agencies, is collaborating to enhance the integration and coordination of vulnerability assessment efforts. This working group is intended to serve as an interagency forum to address several recommendations from GAO Report 14-507. However, the effort is ongoing and it is too early to determine if it will successfully address the recommendation.
    Recommendation: Regarding SSAs and other federal departments or agencies external to DHS with CI security-related responsibilities that offer or conduct vulnerability assessment tools and methods and building on our recommendation that DHS review its own vulnerability assessments, the Secretary of Homeland Security should direct the Under Secretary for the National Protection and Programs Directorate to work with SSAs and other federal agencies that have CI security responsibilities to analyze the key CI security-related assessment tools and methods offered by sector-specific agencies (SSA) and other federal agencies to determine the areas they capture.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of September 2016, DHS has established a Cross-Sector Integration and Innovation Center in conjunction with the Office of Infrastructure Protection, and has designed, created, and launched a Cross-Agency Vulnerability Assessment Working Group portal on the Homeland Security Information Network-Critical Infrastructure (HSIN-CI). The Working Group, consisting of members from multiple departments and agencies, is collaborating to enhance the integration and coordination of vulnerability assessment efforts. This working group is intended to serve as an interagency forum to address several recommendations from GAO Report 14-507. However, the effort is ongoing and it is too early to determine if it will successfully address the recommendation.
    Recommendation: Regarding SSAs and other federal departments or agencies external to DHS with CI security-related responsibilities that offer or conduct vulnerability assessment tools and methods and building on our recommendation that DHS review its own vulnerability assessments, the Secretary of Homeland Security should direct the Under Secretary for the National Protection and Programs Directorate to work with SSAs and other federal agencies that have CI security responsibilities to develop and provide guidance for what areas should be included in vulnerability assessments of CI that can be used by DHS, SSAs, and other CI partners in an integrated and coordinated manner, among and across sectors, where appropriate.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of September 2016, DHS has established a Cross-Sector Integration and Innovation Center in conjunction with the Office of Infrastructure Protection, and has designed, created, and launched a Cross-Agency Vulnerability Assessment Working Group portal on the Homeland Security Information Network-Critical Infrastructure (HSIN-CI). The Working Group, consisting of members from multiple departments and agencies, is collaborating to enhance the integration and coordination of vulnerability assessment efforts. This working group is intended to serve as an interagency forum to address several recommendations from GAO Report 14-507. However, the effort is ongoing and it is too early to determine if it will successfully address the recommendation.
    Director: Goldstein, Mark L
    Phone: (202)512-6670

    2 open recommendations
    Recommendation: The Secretary of Homeland Security and Attorney General should instruct the Director of FPS, and the Director of the Marshals Service, respectively, to jointly lead an effort, in consultation and agreement with the judiciary and GSA, to update the MOA on courthouse security to address the challenges discussed in this report. Specifically, in this update to the MOA stakeholders should: (1) clarify federal stakeholders' roles and responsibilities including, but not limited to, the conditions under which stakeholders may assume each other's responsibilities and whether such agreements should be documented; and define GSA's responsibilities and determine whether GSA should be included as a signatory to the updated MOA; (2) outline how they will ensure greater participation of relevant stakeholders in court or facility security committees; and (3) specify how they will complete required risk assessments for courthouses, referred to by the Marshals Service as court security facility surveys and by FPS as facility security assessments (FSA), and ensure that the results of those assessments are shared with relevant stakeholders, as appropriate.

    Agency: Department of Homeland Security
    Status: Open

    Comments: As of April 2017, The Federal Protective Service, U.S. Marshals Service, Administrative Office of the U.S. Courts, and General Services Administration were working to update the memorandum of agreement on courthouse security. An updated memorandum has been drafted, but it has yet to be signed by all parties. Consequently, resolution of this recommendation is pending until further action is taken.
    Recommendation: The Secretary of Homeland Security and Attorney General should instruct the Director of FPS, and the Director of the Marshals Service, respectively, to jointly lead an effort, in consultation and agreement with the judiciary and GSA, to update the MOA on courthouse security to address the challenges discussed in this report. Specifically, in this update to the MOA stakeholders should: (1) clarify federal stakeholders' roles and responsibilities including, but not limited to, the conditions under which stakeholders may assume each other's responsibilities and whether such agreements should be documented; and define GSA's responsibilities and determine whether GSA should be included as a signatory to the updated MOA; (2) outline how they will ensure greater participation of relevant stakeholders in court or facility security committees; and (3) specify how they will complete required risk assessments for courthouses, referred to by the Marshals Service as court security facility surveys and by FPS as facility security assessments (FSA), and ensure that the results of those assessments are shared with relevant stakeholders, as appropriate.

    Agency: Department of Justice
    Status: Open

    Comments: As of April 2017, The Federal Protective Service, U.S. Marshals Service, Administrative Office of the U.S. Courts, and General Services Administration were working to update the memorandum of agreement on courthouse security. An updated memorandum has been drafted, but it has yet to be signed by all parties. Consequently, resolution of this recommendation is pending until further action is taken.