This is the accessible text file for GAO report number GAO-14-128T 
entitled 'Homeland Security: Challenges Associated with Federal 
Protective Service's Contract Guards and Risk Assessments at Federal 
Facilities' which was released on October 30, 2013. 

This text file was formatted by the U.S. Government Accountability 
Office (GAO) to be accessible to users with visual impairments, as 
part of a longer term project to improve GAO products' accessibility. 
Every attempt has been made to maintain the structural and data 
integrity of the original printed product. Accessibility features, 
such as text descriptions of tables, consecutively numbered footnotes 
placed at the end of the file, and the text of agency comment letters, 
are provided but may not exactly duplicate the presentation or format 
of the printed version. The portable document format (PDF) file is an 
exact electronic replica of the printed version. We welcome your 
feedback. Please E-mail your comments regarding the contents or 
accessibility features of this document to Webmaster@gao.gov. 

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately. 

United States Government Accountability Office: 
GAO: 

Testimony: 

Before the Subcommittee on Oversight and Management Efficiency, 
Committee on Homeland Security, House of Representatives: 

For Release on Delivery: 
Expected at 9:30 a.m. EDT: 
Wednesday, October 30, 2013: 

Homeland Security: 

Challenges Associated with Federal Protective Service's Contract 
Guards and Risk Assessments at Federal Facilities: 

Statement of Mark L. Goldstein, Director: 
Physical Infrastructure Issues: 

GAO-14-128T: 

GAO Highlights: 

Highlights of GAO-14-128T, a testimony before the Subcommittee on 
Oversight and Management Efficiency, Committee on Homeland Security, 
House of Representatives. 

Why GAO Did This Study: 

As part of the Department of Homeland Security (DHS), FPS is 
responsible for protecting federal employees and visitors in 
approximately 9,600 federal facilities under the control and custody 
of the General Services Administration (GSA). Recent incidents at 
federal facilities demonstrate their continued vulnerability to 
attacks or other acts of violence. To help accomplish its mission, FPS 
conducts facility risk assessments and provides oversight of 
approximately 13,500 contract security guards deployed to federal 
facilities. 

This testimony is based on the results of our September 2013 report 
(released by the Subcommittee today), previous reports, and 
preliminary results of work GAO conducted for a report that GAO plans 
to issue to the Chairman later this year. GAO discusses (1) challenges 
FPS faces in ensuring contract security guards deployed to federal 
facilities are properly trained and certified and (2) the extent to 
which FPS and select federal agencies’ facility risk assessment 
methodologies align with standards issued by the ISC. To perform this 
work, GAO reviewed FPS and guard company documentation and interviewed 
officials about oversight of guards. GAO also reviewed FPS’s and eight 
federal agencies’ risk assessment documentation and compared it to 
ISC’s standards. These agencies were selected based on their missions 
and types of facilities. 

What GAO Found: 

The Federal Protective Service (FPS) faces challenges ensuring that 
contract guards have been properly trained and certified before being 
deployed to federal facilities around the country. In a September 2013 
report, GAO found that providing active-shooter-response and screener 
training is a challenge for FPS. For example, according to officials 
at five guard companies, their contract guards have not received 
training on how to respond during incidents involving an active-
shooter. Without ensuring that all guards receive this training, FPS 
has limited assurance that its guards are prepared for such a threat. 
Similarly, officials from one of FPS’s contract guard companies stated 
that 133 (about 38 percent) of its approximately 350 guards have never 
received screener training. As a result, those guards may be using x-
ray and magnetometer equipment at federal facilities that they are not 
qualified to use, raising questions about their ability to properly 
screen access control points at federal facilities—one of their 
primary responsibilities. We were unable to determine the extent to 
which FPS’s guards have received active-shooter-response and screener 
training. FPS agreed with GAO’s 2013 recommendation that they take 
steps to identify guards that have not had required training and 
provide it to them. GAO also found that FPS continues to lack 
effective management controls to ensure its guards have met its 
training and certification requirements. For instance, although FPS 
agreed with GAO’s 2010 and 2012 recommendations that it develop a 
comprehensive and reliable system for managing information on guards’ 
training, certifications, and qualifications, it still does not have 
such a system. Additionally, 23 percent of the 276 guard files GAO 
examined (maintained by 11 of the 31 guard companies we interviewed) 
lacked required training and certification documentation. Examples of 
missing items include documentation of initial weapons and screener 
training and firearms qualifications. 

GAO’s preliminary results indicate that several agencies, including 
FPS, do not use a methodology to assess risk at their facilities that 
aligns with the Interagency Security Committee’s (ISC) risk assessment 
standards. Risk assessments help decision-makers identify and evaluate 
security risks and implement protective measures to mitigate the risk. 
ISC’s standards state that agencies’ facility risk assessment 
methodologies must: 1) consider all of the undesirable events 
identified by ISC as possible risks to federal facilities, and 2) 
assess the threat, vulnerability, and consequence of specific 
undesirable events. Most commonly, agencies’ methodologies that GAO 
reviewed are inconsistent with ISC’s standards because they do not 
assess facilities’ vulnerabilities to specific undesirable events. If 
an agency does not know its facilities’ potential vulnerabilities to 
specific undesirable events, it cannot set priorities to mitigate 
these vulnerabilities. In addition, as GAO reported in August 2012, 
although federal agencies pay FPS millions of dollars to assess risk 
at their facilities, FPS’s risk assessment tool is not consistent with 
ISC’s risk assessment standards because it does not assess consequence 
(i.e., the level, duration, and nature of loss resulting from 
undesirable events). As a result, FPS and the other non-compliant 
agencies GAO reviewed may not have a complete understanding of the 
risks facing approximately 57,000 federal facilities located around 
the country (including the 9,600 protected by FPS). 

What GAO Recommends: 

DHS and FPS agreed with GAO’s recommendations in its September 2013 
report. 

View [hyperlink, http://www.gao.gov/products/GAO-14-128T]. For more 
information, contact Mark Goldstein, (202) 512-2834 or 
GoldsteinM@gao.gov. 

[End of section] 

Chairman Duncan, Ranking Member Barber, and Members of the 
Subcommittee: 

We are pleased to be here to discuss the results of our September 2013 
report, which the Subcommittee is releasing today, and the efforts of 
the Department of Homeland Security's (DHS) Federal Protective Service 
(FPS) to protect the nearly 9,600 federal facilities that are under 
the control and custody of the General Services Administration (GSA). 
The 2012 shooting at the Anderson Federal Building in Long Beach, 
California, and the results of our 2009 covert testing and FPS's 
ongoing penetration testing demonstrate the continued vulnerability of 
federal facilities. Moreover, the challenge of protecting federal 
facilities is one of the major reasons why we have designated federal 
real property management as a high-risk area.[Footnote 1] 

FPS is authorized (1) to protect the buildings, grounds, and property 
that are under the control and custody of GSA, as well as the persons 
on the property; (2) to enforce federal laws and regulations aimed at 
protecting such property and persons on the property; and (3) to 
investigate offenses against these buildings and persons.[Footnote 2] 
FPS conducts its mission by providing security services through two 
types of activities: (1) physical security activities--conducting 
security assessments and recommending countermeasures aimed at 
preventing incidents--and (2) law enforcement activities--proactively 
patrolling facilities, responding to incidents, conducting criminal 
investigations, and exercising arrest authority. To accomplish its 
mission, FPS currently has almost 1,200 full-time employees and about 
13,500 contract guards deployed at federal facilities across the 
country. It expects to receive approximately $1.3 billion in fees for 
fiscal year 2013.[Footnote 3] 

Since 2008, we have reported on the challenges FPS faces with carrying 
out its mission, including overseeing its contract guards and 
assessing risk at federal facilities. FPS's contract guard program is 
the most visible component of the agency's operations, and the agency 
relies on its guards to be its "eyes and ears" while performing their 
duties. However, we reported in 2010 and again in 2013 that FPS 
continues to experience difficulty ensuring that its guards have the 
required training and certifications. Before guards are assigned to a 
post (an area of responsibility) at a federal facility, FPS requires 
that they all undergo employee fitness determinations[Footnote 4] and 
complete approximately 120 hours of training provided by the 
contractor and FPS, including basic training and firearms training. 
Among other duties, contract guards are responsible for controlling 
access to facilities; conducting screening at access points to prevent 
the introduction of prohibited items, such as weapons and explosives; 
and responding to emergency situations involving facility safety and 
security.[Footnote 5] FPS also faces challenges assessing risks at the 
9,600 facilities under the control and custody of GSA. For instance, 
in 2012, we reported that FPS's ability to protect and secure federal 
facilities has been hampered by the absence of a risk assessment 
program that is consistent with federal standards. 

This testimony is based on our September 2013 report, released today, 
[Footnote 6] previous reports,[Footnote 7] and preliminary results of 
work we conducted for a report that we plan to issue to the Chairman 
later this year.[Footnote 8] This testimony discusses (1) challenges 
FPS faces in ensuring contract security guards deployed to federal 
facilities are properly trained and certified and (2) the extent to 
which FPS and select federal agencies' facility risk assessment 
methodologies align with federal risk assessment standards issued by 
the Interagency Security Committee (ISC).[Footnote 9] To identify 
challenges associated with ensuring FPS's contract guards are properly 
trained and certified, we analyzed selected guard services contracts 
active as of September 2012 and FPS's Security Guard Information 
Manual. We drew a non-generalizable sample of 31 contracts from FPS's 
117 guard services contracts (one contract for every guard company 
with which FPS has contracted for non-emergency guard services). 
[Footnote 10] A subset (11) of the 31 guard contracts was chosen based 
on geographic diversity and geographic density of contracts within FPS 
regions to allow us to conduct file reviews for multiple contracts 
during each of four site visits that we conducted. For each of these 
11 contracts, we reviewed the contracts as well as a random sample of 
guard files associated with each contract. The remaining 20 guard 
services contracts we selected were the most recent contract for each 
of the remaining guard companies that FPS had contracted with as of 
November 2012. We also interviewed officials from each of the 31 
contract guard companies. 

To determine the extent to which contract guard companies documented 
compliance with FPS's guard training and certification requirements, 
we examined documentation related to our non-generalizeable sample of 
11 contracts, as previously discussed. From these 11 contracts, we 
randomly selected 276 guard files to review for compliance with FPS 
requirements. For each guard file, we compared the file documents to a 
list of requirements contained in FPS's Administrative Audit and 
Protective Security Officer File Review Forms, which FPS uses to 
conduct its monthly guard file reviews. 

To identify the management controls and processes FPS and the guard 
companies use to ensure compliance with training, certification, and 
qualification requirements, we reviewed FPS's procedures for (1) 
conducting monthly guard file reviews; (2) documenting compliance with 
guard training, certification, and qualification requirements; and (3) 
monitoring performance. We also visited 4 of FPS's 11 regions to 
discuss how regional officials ensure that guards are qualified to be 
deployed to federal facilities. We selected the 4 regions to provide 
geographic density of contracts in the region to facilitate reviews of 
guard files, diversity in the size of guard companies, and geographic 
diversity. In addition, we interviewed officials from each of FPS's 31 
guard companies regarding their policies and procedures for complying 
with FPS's guard training and certification requirements. While the 
results of our work are not generalizeable, about 40 percent of the 
GSA facilities with guards are located in the four regions where we 
conducted our site visits and our review of guard files involved 11 of 
FPS's 31 guard companies. To assess the extent to which FPS's monthly 
guard-file review results identified files with missing documentation 
of training, certifications, and qualifications, we compared FPS's 
monthly file review results from the month in which we conducted our 
file review for each of the 11 contracts to identify guard files that 
were included in both our review and FPS's monthly review. We 
identified any discrepancies between the reviews and used FPS's file 
review forms to examine the discrepancies. 

To determine the extent to which FPS and select federal agencies' 
facility risk assessment methodologies align with ISC's risk 
assessment standards, we reviewed and analyzed risk assessment 
documentation and interviewed officials at nine federal agencies and 
compared each agency's methodology to ISC's standards. The nine 
selected agencies include: Department of Energy, Office of Health, 
Safety, and Security; Department of Interior; Department of Justice, 
Justice Protective Service; Department of State, Diplomatic Security; 
Department of Veterans Affairs; Federal Emergency Management Agency; 
Federal Protective Service; Nuclear Regulatory Commission; and Office 
of Personnel Management. These agencies were selected to achieve 
diversity with respect to the number and types of agencies' 
facilities, as well as the agencies' missions. 

We conducted our ongoing work from August 2012 to October 2013 in 
accordance with generally accepted government auditing standards. 
Also, our previously issued reports were done in accordance with these 
standards. Those standards require that we plan and perform the audit 
to obtain sufficient, appropriate evidence to provide a reasonable 
basis for our findings and conclusions based on our audit objectives. 
We believe that the evidence obtained provides a reasonable basis for 
our findings and conclusions based on our audit objectives. 

FPS Faces Challenges Ensuring Contract Guards Have Been Properly 
Trained and Certified before Being Deployed to Federal Facilities: 

Some FPS Contract Guards Have Not Received Required Training on 
Responding to Active-Shooter Scenarios: 

According to FPS officials, since 2010 the agency has required its 
guards to receive training on how to respond to an active-shooter 
scenario. However, as our 2013 report shows,[Footnote 11] FPS faces 
challenges providing active-shooter response training to all of its 
guards. According to FPS officials, the agency provides guards with 
information on how they should respond during an active-shooter 
incident as part of the 8-hour FPS-provided orientation training. FPS 
officials were not able to specify how much time is devoted to this 
training, but said that it is a small portion of the 2-hour special 
situations training.[Footnote 12] According to FPS's training 
documents, this training includes instructions on how to notify law 
enforcement personnel, secure the guard's area of responsibility, 
appropriate use of force, and direct building occupants according to 
emergency plans. 

However, when we asked officials from 16 of the 31 contract guard 
companies we spoke to if their guards had received training on how 
guards should respond during active-shooter incidents, responses 
varied.[Footnote 13] For example, of the 16 contract guard companies 
we interviewed about this topic: 

* officials from eight contract guard companies stated that their 
guards have received active-shooter scenario training during FPS 
orientation; 

* officials from five guard companies stated that FPS has not provided 
active-shooter scenario training to their guards during the FPS-
provided orientation training; and: 

* officials from three guard companies stated that FPS had not 
provided active-shooter scenario training to their guards during the 
FPS-provided orientation training, but that the topic was covered at 
some other time. 

We were unable to determine the extent to which FPS's guards have 
received active-shooter response training. Without ensuring that all 
guards receive training on how to respond to active-shooter incidents, 
FPS has limited assurance that its guards are prepared for this 
threat. FPS agreed with our recommendation that they take immediate 
steps to determine which guards have not received this training and 
provide it to them. 

Some FPS Guards Have Not Received Required Screener Training: 

As part of their 120 hours of training, guards must receive 8 hours of 
screener training from FPS on how to use x-ray and magnetometer 
equipment. However, in our September 2013 report,[Footnote 14] we 
found that FPS has not provided required screener training to all 
guards. Screener training is important because many guards control 
access points at federal facilities and thus must be able to properly 
operate x-ray and magnetometer machines and understand their results. 
In 2009 and 2010, we reported that FPS had not provided screener 
training to 1,500 contract guards in one FPS region.[Footnote 15] In 
response to our reports, FPS stated that it planned to implement a 
program to train its inspectors to provide screener training to all of 
its contract guards. However, 3 years after our 2010 report, guards 
continue to be deployed to federal facilities who have never received 
this training. For example, an official at one contract guard company 
stated that 133 of its approximately 350 guards (about 38 percent) on 
three separate FPS contracts (awarded in 2009) have never received 
their initial x-ray and magnetometer training from FPS. The official 
stated that some of these guards are working at screening posts. 
Further, officials at another contract guard company in a different 
FPS region stated that, according to their records, 78 of 295 (about 
26 percent) guards deployed under their contract have never received 
FPS's x-ray and magnetometer training. These officials stated that 
FPS's regional officials were informed of the problem, but allowed 
guards to continue to work under this contract, despite not having 
completed required training. Because FPS is responsible for this 
training, according to guard company officials no action was taken 
against the company. Consequently, some guards deployed to federal 
facilities may be using x-ray and magnetometer equipment that they are 
not qualified to use--thus raising questions about the ability of some 
guards to execute a primary responsibility to properly screen access 
control points at federal facilities. We were unable to determine the 
extent to which FPS's guards have received screener training. FPS 
agreed with our recommendation that they take immediate steps to 
determine which guards have not received screener training and provide 
it to them. 

FPS Lacks Effective Management Controls to Ensure Guards Have Met 
Training and Certification Requirements: 

In our September 2013 report, we found that FPS continues to lack 
effective management controls to ensure that guards have met training 
and certification requirements. For example, although FPS agreed with 
our 2010 and 2012 recommendations to develop a comprehensive and 
reliable system for contract guard oversight, it still does not have 
such a system. Without a comprehensive guard management system, FPS 
has no independent means of ensuring that its contract guard companies 
have met contract requirements, such as providing qualified guards to 
federal facilities. Instead, FPS requires its guard companies to 
maintain files containing guard-training and certification information 
and to provide it with a monthly report containing this information. 
In our September 2013 report, we found that 23 percent of the 276 
guard files we reviewed (maintained by 11 of the 31 guard companies we 
interviewed) lacked required training and certification documentation. 
[Footnote 16] As shown in table 1, some guard files lacked 
documentation of basic training, semi-annual firearms qualifications, 
screener training, the 40-hour refresher training (required every 3 
years), and CPR certification. 

Table 1: Total Missing Documents Identified in 64 of 276 Guard Files 
GAO Reviewed: 

Requirement: Copy of driver's license/State ID; 
Number of instances of each missing document: 1. 

Requirement: Domestic Violence "Lautenberg" Form; 
Number of instances of each missing document: 1. 

Requirement: Medical certification; 
Number of instances of each missing document: 1. 

Requirement: Verified alien/immigration status; 
Number of instances of each missing document: 3. 

Requirement: Current baton certification; 
Number of instances of each missing document: 3. 

Requirement: Basic training; 
Number of instances of each missing document: 3. 

Requirement: Firearms qualifications; 
Number of instances of each missing document: 3. 

Requirement: First-aid certification; 
Number of instances of each missing document: 5. 

Requirement: FPS screener training--8 hours; 
Number of instances of each missing document: 5. 

Requirement: FPS orientation; 
Number of instances of each missing document: 8. 

Requirement: Contractor employee fitness determination; 
Number of instances of each missing document: 12. 

Requirement: CPR certification; 
Number of instances of each missing document: 12. 

Requirement: AED certification; 
Number of instances of each missing document: 12. 

Requirement: Refresher training; 
Number of instances of each missing document: 15. 

Requirement: Pre-employment drug testing; 
Number of instances of each missing document: 16. 

Requirement: Initial weapons training; 
Number of instances of each missing document: 17. 

Requirement: Total; 
Number of instances of each missing document: 117[A]. 

Source: GAO analysis of contract guard company data. 

Note: These results are non-generalizeable and based on a review of 
276 randomly selected guard files for 11 of 117 FPS guard contracts. 

[A] Some of the files that did not comply with requirements were 
missing more than one document, for a total of 117 missing documents. 

[End of table] 

FPS has also identified guard files that did not contain required 
documentation. FPS's primary tool for ensuring that guard companies 
comply with contractual requirements for guards' training, 
certifications, and qualifications is to conduct monthly reviews of 
guard companies' guard files. From March 2012 through March 2013, FPS 
reviewed more than 23,000 guard files.[Footnote 17] It found that a 
majority of the guard files had the required documentation but more 
than 800 (about 3 percent) did not. FPS's file reviews for that period 
showed files missing, for example, documentation of screener training, 
initial weapons training, CPR certification, and firearms 
qualifications. However, as our September 2013 report explains, FPS's 
process for conducting monthly file reviews does not include 
requirements for reviewing and verifying the results, and we 
identified instances in which FPS's monthly review results did not 
accurately reflect the contents of guard files. For instance, FPS's 
review indicated that required documentation was present for some 
guard files, but we were not able to find documentation of training 
and certification, such as initial weapons training, DHS orientation, 
and pre-employment drug screenings.[Footnote 18] As a result of the 
lack of management controls, FPS is not able to ensure that guards 
have met training and certification requirements. 

GAO's Recommendations to Improve the Management and Oversight of FPS's 
Contract Guard Program: 

In our September 2013 report, we recommended that DHS and FPS take the 
following actions: 

* take immediate steps to determine which guards have not had screener 
or active-shooter scenario training and provide it to them and, as 
part of developing a national curriculum, decide how and how often 
these trainings will be provided in the future; 

* require that contract guard companies' instructors be certified to 
teach basic and refresher training courses to guards and evaluate 
whether a standardized instructor certification process should be 
implemented; and: 

* develop and implement procedures for monthly guard-file reviews to 
ensure consistency in selecting files and verifying the results. 

DHS and FPS agreed with our recommendations. 

Preliminary Results Indicate that FPS and Select Federal Agencies' 
Risk Assessment Methodologies Do Not Align with ISC's Risk Assessment 
Standards: 

Risk assessments help decision-makers identify and evaluate security 
risks and implement protective measures to mitigate the potential 
undesirable effects of these risks. ISC's risk assessment standards 
state that agencies' facility risk assessment methodologies must: 
consider all of the undesirable events identified by ISC as possible 
risks to federal facilities, and assess the threat, vulnerability, and 
consequence of specific undesirable events. Preliminary results from 
our ongoing review of nine federal agencies' risk assessment 
methodologies indicate that several agencies, including FPS, do not 
use a methodology that aligns with ISC's risk assessment standards to 
assess federal facilities.[Footnote 19] 

Most commonly, agencies' methodologies are not consistent with ISC's 
standards because agencies do not assess their facilities' 
vulnerabilities to specific undesirable events. For example, officials 
from one agency told us that their vulnerability assessments are based 
on the total number of protective measures in place at a facility, 
rather than how vulnerable the facility is to specific undesirable 
events, such as insider attacks or vehicle bombs. Because agencies' 
risk assessment methodologies are inconsistent with ISC's risk 
assessment standards, these agencies may not have a complete 
understanding of the risks facing approximately 57,000 federal 
facilities located around the country--including the 9,600 protected 
by FPS and several agencies' headquarters facilities.[Footnote 20] 

Moreover, because risk assessments play a critical role in helping 
agencies tailor protective measures to reflect their facilities' 
unique circumstances and risks, these agencies may not allocate 
security resources effectively, i.e., they may provide too much or too 
little protection at their facilities. Providing more protection at a 
facility than is needed may result in an unnecessary expenditure of 
government resources, while providing too little protection may leave 
a facility and its occupants vulnerable to attacks. For example, if an 
agency does not know its facility's potential vulnerabilities to 
specific undesirable events, it cannot set priorities to mitigate them. 

In addition, we reported in 2012 that although federal agencies pay 
FPS millions of dollars to assess risk at their facilities, FPS's 
interim facility assessment tool--the Modified Infrastructure Survey 
Tool (MIST)--was not consistent with federal risk assessment standards 
and had other limitations. Specifically, FPS's risk assessment 
methodology was inconsistent with ISC's risk assessment standards 
because it did not assess the consequence of possible undesirable 
events (i.e., the level, duration, and nature of loss resulting from 
undesirable events). FPS officials told us that MIST was not designed 
to assess consequence, and that adding this component would have 
required additional testing and validation. However, without a risk 
assessment tool that includes all three components of risk--threat, 
vulnerability, and consequence--as we have recommended, FPS has 
limited assurance that facility decision-makers can efficiently and 
effectively prioritize programs and allocate resources to address 
existing and potential security risks.[Footnote 21] Furthermore, 
because MIST also was not designed to compare risks across facilities, 
FPS has limited assurance that it prioritizes and mitigates critical 
risks within the agency's portfolio of more than 9,600 federal 
facilities. 

This concludes our testimony. We are pleased to answer any questions 
you, Ranking Member Barber, and members of the Subcommittee might have. 

Contact Information: 

For further information on this testimony, please contact Mark 
Goldstein at (202) 512-2834 or by email at GoldsteinM@gao.gov. 
Individuals making key contributions to this testimony include Tammy 
Conquest, Assistant Director; Antoine Clark; Colin Fallon; Geoff 
Hamilton; Katherine Hamer; Sara Ann Moessbauer; Jaclyn Nidoh; and 
Travis Thomson. 

[End of section] 

Related GAO Products: 

Federal Protective Service: Challenges with Oversight of Contract 
Guard Program Still Exist, and Additional Management Controls Are 
Needed. [hyperlink, http://www.gao.gov/products/GAO-13-694]. 
Washington, D.C.: September 2013. 

Facility Security: Greater Outreach by DHS on Standards and Management 
Practices Could Benefit Federal Agencies. [hyperlink, 
http://www.gao.gov/products/GAO-13-222]. Washington, D.C.: January 
2013. 

Federal Protective Service: Actions Needed to Assess Risk and Better 
Manage Contract Guards at Federal Facilities. [hyperlink, 
http://www.gao.gov/products/GAO-12-739]. Washington, D.C.: August 2012. 

Homeland Security: Protecting Federal Facilities Remains a Challenge 
for the Department of Homeland Security's Federal Protective Service. 
[hyperlink, http://www.gao.gov/products/GAO-11-813T]. Washington, 
D.C.: July 13, 2011. 

Federal Facility Security: Staffing Approaches Used by Selected 
Agencies. [hyperlink, http://www.gao.gov/products/GAO-11-601]. 
Washington, D.C.: June 2011. 

Homeland Security: Preliminary Observations on the Federal Protective 
Service's Workforce Analysis and Planning Efforts. [hyperlink, 
http://www.gao.gov/products/GAO-10-802R]. Washington, D.C.: June 14, 
2010. 

Homeland Security: Federal Protective Service's Use of Contract Guards 
Requires Reassessment and More Oversight. [hyperlink, 
http://www.gao.gov/products/GAO-10-614T]. Washington, D.C.: April 14, 
2010. 

Homeland Security: Federal Protective Service's Contract Guard Program 
Requires More Oversight and Reassessment of Use of Contract Guards. 
[hyperlink, http://www.gao.gov/products/GAO-10-341]. Washington, D.C.: 
April 13, 2010. 

Homeland Security: Ongoing Challenges Impact the Federal Protective 
Service's Ability to Protect Federal Facilities. [hyperlink, 
http://www.gao.gov/products/GAO-10-506T]. Washington, D.C.: March 16, 
2010. 

Homeland Security: Greater Attention to Key Practices Would Improve 
the Federal Protective Service's Approach to Facility Protection. 
[hyperlink, http://www.gao.gov/products/GAO-10-142]. Washington, D.C.: 
October 23, 2009. 

Homeland Security: Federal Protective Service Has Taken Some Initial 
Steps to Address Its Challenges, but Vulnerabilities Still Exist. 
[hyperlink, http://www.gao.gov/products/GAO-09-1047T]. Washington, 
D.C.: September 23, 2009. 

Homeland Security: Federal Protective Service Should Improve Human 
Capital Planning and Better Communicate with Tenants. [hyperlink, 
http://www.gao.gov/products/GAO-09-749]. Washington, D.C.: July 30, 
2009. 

Homeland Security: Preliminary Results Show Federal Protective 
Service's Ability to Protect Federal Facilities Is Hampered by 
Weaknesses in Its Contract Security Guard Program. [hyperlink, 
http://www.gao.gov/products/GAO-09-859T]. Washington, D.C.: July 8, 
2009. 

Homeland Security: The Federal Protective Service Faces Several 
Challenges That Raise Concerns About Protection of Federal Facilities. 
[hyperlink, http://www.gao.gov/products/GAO-08-897T]. Washington, 
D.C.: June 19, 2008. 

Homeland Security: The Federal Protective Service Faces Several 
Challenges That Raise Concerns About Protection of Federal Facilities. 
[hyperlink, http://www.gao.gov/products/GAO-08-914T]. Washington, 
D.C.: June 18, 2008. 

Homeland Security: The Federal Protective Service Faces Several 
Challenges That Hamper Its Ability to Protect Federal Facilities. 
[hyperlink, http://www.gao.gov/products/GAO-08-683]. Washington, D.C.: 
June 11, 2008. 

Homeland Security: Preliminary Observations on the Federal Protective 
Service's Efforts to Protect Federal Property. [hyperlink, 
http://www.gao.gov/products/GAO-08-476T]. Washington, D.C.: February 
8, 2008. 

[End of section] 

Footnotes: 

[1] GAO, High Risk Series: An Update, [hyperlink, 
http://www.gao.gov/products/GAO-13-283] (Washington, D.C.: Feb. 14, 
2013). 

[2] Section 1315(a) of title 40, United States Code, provides that: 
"To the extent provided for by transfers made pursuant to the Homeland 
Security Act of 2002, the Secretary of Homeland Security…shall protect 
the buildings, grounds, and property that are owned, occupied, or 
secured by the Federal Government (including any agency, 
instrumentality, or wholly owned or mixed-ownership corporation 
thereof) and the persons on the property." 

[3] To fund its operations, FPS charges fees for its security services 
to federal tenant agencies in GSA-controlled facilities. 

[4] A contractor employee's fitness determination is based on the 
employee's suitability for work for or on behalf of the government 
based on character and conduct. 

[5] In general, guards may only detain, not arrest, individuals at 
their facility. Some guards may have arrest authority under conditions 
set forth by the individual states. 

[6] GAO, Federal Protective Service: Challenges with Oversight of 
Contract Guard Program Still Exist, and Additional Management Controls 
Are Needed, [hyperlink, http://www.gao.gov/products/GAO-13-694] 
(Washington, D.C.: September 2013). 

[7] GAO, Federal Protective Service: Actions Needed to Assess Risk and 
Better Manage Contract Guards at Federal Facilities, [hyperlink, 
http://www.gao.gov/products/GAO-12-739] (Washington, D.C.: August 
2012), GAO, Homeland Security: Federal Protective Service's Contract 
Guard Program Requires More Oversight and Reassessment of Use of 
Contract Guards, [hyperlink, http://www.gao.gov/products/GAO-10-341] 
(Washington, D.C.: April 2010), and GAO, Homeland Security: The 
Federal Protective Service Faces Several Challenges That Hamper Its 
Ability to Protect Federal Facilities, [hyperlink, 
http://www.gao.gov/products/GAO-08-683] (Washington, D.C.: June 2008). 

[8] That report will contain our final evaluation and recommendations 
about agencies' risk assessment methodologies. 

[9] The Interagency Security Committee (ISC) was created pursuant to 
Executive Order 12977, 60 Fed. Reg. 54411 (Oct. 19, 1995), as amended 
by Executive Order 13286, 68 Fed. Reg. 10610 (March 5, 2003). The ISC 
is a permanent body established to address continuing government-wide 
security for federal facilities and was tasked with, among other 
things, developing security standards for federal facilities. The ISC 
is comprised of primary members from federal executive branch agencies 
designated by the executive order as well as associate members from 
other agencies and departments not designated in the executive order. 
The ISC is to be chaired by the Secretary of DHS or a designee of the 
Secretary. 

[10] When we chose contracts for review, FPS had a total of 117 
contracts with 32 guard companies. However, 1 of the 32 companies had 
a contract with FPS for only emergency guard services. As such, we 
chose 1 contract for review for each company with which FPS had 
contracted for non-emergency guard services as of November 2012. 

[11] [hyperlink, http://www.gao.gov/products/GAO-13-694]. 

[12] This training is provided during a block of training on special 
situations, which includes information on how guards should respond to 
situations other than their normal duties, such as reports of missing 
or abducted children, bomb threats, and active-shooter scenarios. FPS 
officials stated that guards hired before 2010 should have received 
this information during guard-company-provided training on the guards' 
post orders (which outline the guards' duties and responsibilities) as 
part of basic and refresher training. 

[13] The remaining 15 guard companies did not respond to this question. 

[14] [hyperlink, http://www.gao.gov/products/GAO-13-694]. 

[15] GAO, Homeland Security: Federal Protective Service Has Taken Some 
Initial Steps to Address Its Challenges, but Vulnerabilities Still 
Exist, [hyperlink, http://www.gao.gov/products/GAO-09-1047T] 
(Washington, D.C.: Sept. 23, 2009) and [hyperlink, 
http://www.gao.gov/products/GAO-10-341]. 

[16] See [hyperlink, http://www.gao.gov/products/GAO-13-694]. During 
our non-generalizeable review of 276 randomly selected guard files, we 
found that 64 files (23 percent) were missing one or more required 
documents. 

[17] FPS has approximately 13,500 contract guards, but FPS may review 
a guard file more than once annually. 

[18] For more information on this review and our methodology, see 
[hyperlink, http://www.gao.gov/products/GAO-13-694]. 

[19] ISC's risk assessment standards define "federal facilities" as 
government leased or owned facilities in the United States occupied by 
federal employees for nonmilitary activities. Aside from intelligence-
related exceptions, executive branch agencies and departments are 
required to cooperate and comply with ISC's standards, including its 
risk assessment standards. These standards do not apply to legislative 
branch agencies and federal facilities occupied by military employees. 

[20] For example, if an agency's methodology does not consider all the 
undesirable events identified by ISC, and/or it does not assess all 
three components of risk (threat, vulnerability, and consequence), 
then the agency would have an incomplete picture of risk at facilities 
assessed using this methodology. 

[21] FPS agreed with our 2012 recommendation, but has yet to implement 
it. 

[End of section] 

GAO’s Mission: 

The Government Accountability Office, the audit, evaluation, and 
investigative arm of Congress, exists to support Congress in meeting 
its constitutional responsibilities and to help improve the 
performance and accountability of the federal government for the 
American people. GAO examines the use of public funds; evaluates 
federal programs and policies; and provides analyses, recommendations, 
and other assistance to help Congress make informed oversight, policy, 
and funding decisions. GAO’s commitment to good government is 
reflected in its core values of accountability, integrity, and 
reliability. 

Obtaining Copies of GAO Reports and Testimony: 

The fastest and easiest way to obtain copies of GAO documents at no 
cost is through GAO’s website [hyperlink, http://www.gao.gov]. Each 
weekday afternoon, GAO posts on its website newly released reports, 
testimony, and correspondence. To have GAO e-mail you a list of newly 
posted products, go to [hyperlink, http://www.gao.gov] and select 
“E-mail Updates.” 

Order by Phone: 

The price of each GAO publication reflects GAO’s actual cost of 
production and distribution and depends on the number of pages in the 
publication and whether the publication is printed in color or black 
and white. Pricing and ordering information is posted on GAO’s 
website, [hyperlink, http://www.gao.gov/ordering.htm]. 

Place orders by calling (202) 512-6000, toll free (866) 801-7077, or 
TDD (202) 512-2537. 

Orders may be paid for using American Express, Discover Card, 
MasterCard, Visa, check, or money order. Call for additional 
information. 

Connect with GAO: 

Connect with GAO on facebook, flickr, twitter, and YouTube.
Subscribe to our RSS Feeds or E mail Updates. Listen to our Podcasts.
Visit GAO on the web at [hyperlink, http://www.gao.gov]. 

To Report Fraud, Waste, and Abuse in Federal Programs: 

Contact: 
Website: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]; 
E-mail: fraudnet@gao.gov; 
Automated answering system: (800) 424-5454 or (202) 512-7470. 

Congressional Relations: 

Katherine Siggerud, Managing Director, siggerudk@gao.gov: 
(202) 512-4400: 
U.S. Government Accountability Office: 
441 G Street NW, Room 7125: 
Washington, DC 20548. 

Public Affairs: 

Chuck Young, Managing Director, youngc1@gao.gov: 
(202) 512-4800: 
U.S. Government Accountability Office: 
441 G Street NW, Room 7149: 
Washington, DC 20548. 

[End of document]