This is the accessible text file for GAO report number GAO-07-448T entitled 'Aviation Security: Progress Made in Systematic Planning to Guide Key Investment Decisions, but More Work Remains' which was released on February 13, 2007. This text file was formatted by the U.S. Government Accountability Office (GAO) to be accessible to users with visual impairments, as part of a longer term project to improve GAO products' accessibility. Every attempt has been made to maintain the structural and data integrity of the original printed product. Accessibility features, such as text descriptions of tables, consecutively numbered footnotes placed at the end of the file, and the text of agency comment letters, are provided but may not exactly duplicate the presentation or format of the printed version. The portable document format (PDF) file is an exact electronic replica of the printed version. We welcome your feedback. Please E-mail your comments regarding the contents or accessibility features of this document to Webmaster@gao.gov. This is a work of the U.S. government and is not subject to copyright protection in the United States. It may be reproduced and distributed in its entirety without further permission from GAO. Because this work may contain copyrighted images or other material, permission from the copyright holder may be necessary if you wish to reproduce this material separately. Testimony before the Subcommittee on Homeland Security, Committee on Appropriations, House of Representatives: United States Government Accountability Office: GAO: For Release on Delivery Expected at 10:00 a.m. EST: Tuesday, February 13, 2007: Aviation Security: Progress Made in Systematic Planning to Guide Key Investment Decisions, but More Work Remains: Statement of Cathleen A. Berrick, Director: Homeland Security and Justice Issues: GAO-07-448T: GAO Highlights: Highlights of GAO-07-448T, a testimony before the Subcommittee on Homeland Security, Committee on Appropriations, House of Representatives Why GAO Did This Study: The Transportation Security Administration (TSA), established in November 2001, has developed and implemented a variety of programs to secure the commercial aviation system. To implement these efforts, TSA funding related to aviation security has totaled about $20 billion since fiscal year 2004. Other Department of Homeland Security (DHS) components, such as the U.S. Customs and Border Protection (CBP) and the Science and Technology Directorate (S&T), also play roles in securing commercial aviation. In this testimony, we address the efforts TSA has taken or planned to strengthen aviation security, and the challenges that remain, in three key areas: airline passenger prescreening, airline passenger and checked baggage screening, and air cargo screening. My comments are based on issued GAO reports and testimonies and our preliminary observations from ongoing work on TSA’s passenger checkpoint screening procedures and technologies, and staffing standards for Transportation Security Officers (TSO). What GAO Found: DHS and TSA have undertaken numerous initiatives to strengthen the security of the nation’s aviation system, and should be commended for these efforts. However, more work remains. Meeting the congressional mandates to screen airline passengers and checked baggage alone was a tremendous challenge. Since that time, TSA has turned its attention to, among other things, strengthening passenger prescreening; more efficiently allocating, deploying, and managing the TSO workforce; strengthening screening procedures; developing and deploying more effective and efficient screening technologies; and improving domestic air cargo security. Some of the actions taken by TSA in these areas were in response to GAO recommendations. For example, consistent with GAO’s recommendation to strengthen checked baggage screening, TSA has developed a strategic planning framework and identified several funding and financing strategies for installing optimal checked baggage screening systems. While TSA has undertaken numerous efforts to strengthen aviation security, GAO found that DHS and TSA could strengthen their risk-based decision-making efforts and collaboration with stakeholders. For example, as TSA moves forward with Secure Flight—TSA’s prospective domestic passenger prescreening program—it will need to employ a range of program management disciplines, which we previously found missing, to control program cost, schedule, performance, and privacy risks. TSA has put in place a new management team, but it is too early to know how this change will affect the program’s development. In addition, while TSA has tested some proposed modifications to passenger screening procedures at airports to help determine whether to implement the changes, GAO identified that TSA’s data collection and analyses could be improved. GAO also found that limited progress has been made in developing and deploying technologies due to planning and funding challenges. For example, limited progress has been made in fielding explosives detection technology at passenger screening checkpoints, and while TSA has begun to systematically plan for the optimal deployment of checked baggage screening systems and to identify funding and financing strategies for installing these systems, the agency has identified that under current investment levels, installation of optimal checked baggage screening systems will not be completed until approximately 2024. Additionally, the federal government and the air cargo industry face several challenges that must be overcome to effectively implement technologies to inspect air cargo, such as ensuring that air cargo can be inspected in a timely manner to meet the delivery time frames of air carriers. GAO also found that more work is needed to fully implement a risk-based approach to securing air cargo, including finalizing a methodology and schedule for completing assessments of air cargo vulnerabilities and critical assets. TSA stated that the agency intends to perform a vulnerability assessment of U.S. air cargo operations and activities, as recommended by GAO, and plans to complete this assessment in 2007. What GAO Recommends: In prior reports, GAO has made numerous recommendations designed to strengthen aviation security, including recommendations related to passenger prescreening, passenger and checked baggage screening, and air cargo security. TSA has generally agreed with our recommendations. [Hyperlink, http://www.gao.gov/cgi-bin/getrpt?GAO-07-448T]. To view the full product, including the scope and methodology, click on the link above. For more information, contact Cathleen Berrick at (202) 512-3404 or berrickc@gao.gov. [End of section] Mr. Chairman and Members of the Committee: I appreciate the opportunity to participate in today's hearing to discuss the security of our nation's aviation system. The Transportation Security Administration (TSA) was established in 2001 with the mission to protect the transportation network while also ensuring the free movement of people and commerce. Since its inception, TSA has focused much of its efforts on aviation security, and has developed and implemented a variety of programs and procedures to secure commercial aviation. To implement these efforts, TSA funding for aviation security has totaled about $20 billion since fiscal year 2004. The U.S. Customs and Border Protection (CBP) also plays a role in securing commercial aviation. In particular, CBP has responsibility for conducting passenger prescreening--or the matching of passenger information against terrorist watch lists--for international flights operating to or from the United States, as well as inspecting inbound air cargo upon its arrival in the United States.[Footnote 1] In addition, the Department of Homeland Security's (DHS) Science and Technology Directorate (S&T) is responsible for the research and development of aviation security technologies. In carrying out its broader homeland security responsibilities, DHS faces the daunting challenge of determining how to allocate its finite resources within the aviation system and across all sectors to address threats and strengthen security. My testimony today focuses on three key areas of the aviation security system: airline passenger prescreening, airline passenger and checked baggage screening, and air cargo security. In particular, I will address the numerous efforts TSA has taken or has planned to strengthen aviation security in these three key areas, and the challenges that remain. My comments are based on issued GAO reports and testimonies addressing the security of the U.S. commercial aviation system; and our preliminary observations from ongoing work on TSA's passenger checkpoint screening procedures and technologies, air carriers' domestic passenger prescreening systems, and staffing standards for Transportation Security Officers (TSO). We plan to report on the results of this work later this year. We conducted our work in accordance with generally accepted government auditing standards. A list of our related reports on aviation security is included at the end of this testimony. Summary: DHS and TSA have undertaken numerous initiatives to strengthen the security of the nation's aviation system. Meeting the congressional mandates to screen airline passengers and 100 percent of checked baggage alone was a tremendous challenge. To do this, TSA hired and deployed a federal workforce of over 40,000 passenger and checked baggage screeners, and installed equipment at most of the nation's more than 400 commercial airports to provide the capability to screen all checked baggage using explosive detection systems, as mandated by Congress. TSA has since turned its attention to, among other things, strengthening passenger prescreening; more efficiently allocating, deploying, and managing the TSO--formerly known as screener--workforce; strengthening screening procedures; developing and deploying more effective and efficient screening technologies; and improving domestic air cargo security. More specifically, based on our past work and preliminary observations from our ongoing work, DHS and TSA have: * Taken numerous steps to strengthen the management and performance of the TSO workforce by, for example, developing and implementing a Staffing Allocation Model to determine TSO staffing levels at airports that reflect current operating conditions; implementing a variety of human capital initiatives to help recruit, hire, and retain TSOs (both full-time and part-time); and providing TSOs with additional training intended to enhance the detection of threat objects, particularly improvised explosive devices. * Proposed and implemented modifications to passenger checkpoint screening procedures based on risk (threat and vulnerability) information, and pursued several mitigating actions to reduce the need to use alternative screening procedures for screening checked baggage that have involved trade-offs in security effectiveness. * Explored new passenger checkpoint screening technologies to enhance the detection of explosives and other threats; and developed a strategic planning framework and identified several funding and financing strategies, in collaboration with key stakeholders, for installing optimal checked baggage screening systems. * Implemented measures to strengthen air cargo security, such as conducting threat assessments that identified general and specific threats related to domestic air cargo; enhancing requirements for air carriers to randomly inspect air cargo; conducting compliance inspections of air carriers to ensure that they are complying with existing air cargo security requirements; and working with DHS's Science and Technology Directorate to enhance air cargo screening technologies. While these efforts should be commended, we also found that DHS and TSA could strengthen their risk-based decision making efforts, including planning and program evaluations, and collaboration with stakeholders. For example, for over 4 years, TSA has been unable to develop Secure Flight--a government-operated domestic passenger prescreening system-- to the point of implementation on the schedule it had established for the program due, in part, to not employing a range of management disciplines to effectively manage program cost, schedule, performance, and privacy risks. While TSA officials stated that they will be able to manage these risks--based on putting in place a new management team; rebaselining the program's goals, capabilities, costs, and schedule; and establishing more structured and controlled processes to guide future development--it is too early to know how these changes will affect the program's development. Further, TSA and CBP, although now coordinating efforts, have not yet aligned their respective domestic and international passenger prescreening programs to minimize duplication and provide a single, integrated interface to the aviation industry, and key decisions about how the international and domestic prescreening programs will be integrated have not yet been finalized. In addition, our ongoing review of TSA's process for modifying passenger checkpoint screening procedures identified that TSA's efforts to evaluate the effectiveness of proposed changes to passenger screening procedures could be improved. For example, while in some cases TSA has tested proposed modifications to passenger checkpoint screening procedures at selected airports to help determine whether the changes would achieve their intended purposes, our preliminary observations indicate that TSA's data collection and analyses could be strengthened. In addition, with respect to air cargo, while TSA conducted a variety of compliance inspections to determine whether air carriers or indirect air carriers[Footnote 2] were complying with TSA security requirements, and had begun to analyze the results of these inspections, it had not developed measures to assess the adequacy of air carrier compliance with air cargo security requirements, or systematically assessed the results of its compliance inspections to target higher-risk air carriers or indirect air carriers for future reviews. We also found that limited progress has been made in developing and deploying technologies due to planning and funding challenges. For example, our preliminary work has identified that limited progress has been made in fielding explosives detection technology at passenger screening checkpoints in part due to challenges DHS S&T and TSA face in coordinating research and development efforts, and TSA does not yet have a strategic plan in place to assist in guiding its efforts to acquire and deploy screening technologies. The lack of such a plan could limit TSA's ability to deploy emerging technologies at those airport locations deemed at higher risk. In addition, while TSA has begun to systematically plan for the optimal deployment of checked baggage screening systems--as we recommended in March 2005--and to identify funding and financing strategies for installing optimal checked baggage screening systems, TSA has identified that under current investment levels, installation of optimal checked baggage screening systems would not be completed until approximately 2024. Moreover, although TSA is working to enhance air cargo screening technologies, the federal government and the air cargo industry face several challenges that must be overcome to effectively implement technologies to inspect air cargo. These challenges include ensuring that air cargo can be inspected in a timely manner to meet the delivery time frames of air carriers, and that individuals who inspect cargo are properly trained to operate the inspection technology. Another challenge is the funding of inspection technologies, which can range in the millions of dollars. We also reported that additional work is needed to fully implement a risk-based management approach to securing air cargo. We recommended that TSA develop a methodology and schedule for finalizing assessments of air cargo vulnerabilities and critical assets that need to be protected. TSA stated that the agency intends to perform a vulnerability assessment of U.S. air cargo operations and activities, and plans to complete this assessment in 2007. Background: With the passage of the Aviation and Transportation Security Act (ATSA) in November 2001, TSA assumed responsibility for civil aviation security from the Federal Aviation Administration and for passenger and checked baggage screening from air carriers.[Footnote 3] As part of this responsibility, TSA oversees security operations at the nation's more than 400 commercial airports, including establishing requirements for passenger and checked baggage screening, and ensuring the security of air cargo transported to, from, and within the United States.[Footnote 4] While TSA has operational responsibility for conducting passenger and checked baggage screening, TSA has regulatory, or oversight, responsibility for air carriers who conduct air cargo screening. While TSA took over responsibility for passenger checkpoint and baggage screening, as directed by ATSA, air carriers have continued to conduct passenger prescreening, which includes the process of checking passenger information against federal watch list data before flights depart. In accordance with the Intelligence Reform and Terrorism Prevention Act of 2004, TSA is developing a program to take over this responsibility from air carriers for passengers on domestic flights, and CBP has issued a proposed rule that would enable it to perform its identity-matching function for passengers on international flights traveling to or from the United States prior to flight departure.[Footnote 5] Airline Passenger Prescreening: The prescreening of airline passengers--the process of identifying passengers who may pose a security risk before they board an aircraft- -is one of many important layers of security that is intended to help officials focus security efforts on those passengers representing the greatest potential threat to civil aviation. Within DHS, TSA is responsible for ensuring that passenger prescreening is conducted before domestic flights--flights operating entirely within the United States--take off, while CBP has responsibility for conducting passenger prescreening for international flights operating to or from the United States.[Footnote 6] TSA is developing a program, in accordance with ATSA and the Intelligence Reform and Terrorism Prevention Act of 2004, through which TSA would assume the watch list matching function currently conducted by air carriers prior to domestic flight departures.[Footnote 7] TSA has named this prospective prescreening program Secure Flight.[Footnote 8] In accordance with security directives issued by TSA, air carriers- -and not the U.S. government--currently match passenger-supplied reservation information (referred to as passenger name record (PNR) data), against the No Fly and Selectee Lists to prescreen passengers before domestic flights depart. According to TSA, the No Fly List includes the names of individuals considered to be known or suspected threats to civil aviation and are therefore precluded from boarding an aircraft traveling to, from, or within the United States, while the Selectee List includes the names of individuals who require additional security screening--which includes physical inspection of the person and a hand search of their luggage--prior to being permitted to board an aircraft. These lists are extracted from the Terrorist Screening Center's (TSC) consolidated terrorist screening database (TSDB) and are exported to the air carriers through TSA. The current domestic prescreening process also requires that air carriers operate the Computer-Assisted Passenger Prescreening System (CAPPS), which identifies passengers for additional screening based on certain behavioral characteristics.[Footnote 9] The existing identity-matching component of DHS's international aviation passenger prescreening process involves separate matching activities conducted by air carriers (prior to a flight's departure and pursuant to TSA requirements) and by CBP (generally after a flight's departure).[Footnote 10] As with domestic passenger prescreening, air carriers conduct an initial match of self-reported PNR data against the No Fly and Selectee Lists before international flight departures. CBP's process, in effect, supplements the air carrier identity matching for international flights by comparing additional passenger information collected from passports (this information becomes part of Advanced Passenger Information System (APIS) data), against the No Fly and Selectee Lists and other government databases.[Footnote 11] Under current federal regulations for CBP's prescreening of passengers on international flights, air carriers are required to provide the U.S. government with PNR data as well as APIS data to allow the government to conduct, among other things, identity matching procedures against the No Fly and Selectee Lists--which typically occur just after or at times just before the departure of international flights traveling to or from the United States, respectively.[Footnote 12] To address a concern that the federal government's identity matching may not be conducted in a timely manner, in 2004, Congress mandated that DHS issue a proposed rule requiring that the U.S. government's identity-matching process occur before the departure of international flights. CBP published this proposed rule in July 2006,[Footnote 13] and, if implemented, it will allow the U.S. government to conduct passenger prescreening in advance of flight departure, and will eliminate the need for air carriers to continue performing an identity-matching function for international flights. Airline Passenger and Checked Baggage Screening: One of the most significant changes mandated by ATSA was the shift from the use of private-sector screeners to perform airport screening operations to the use of federal screeners (now referred to as TSOs). Prior to ATSA, passenger and checked baggage screening had been performed by private screening companies under contract to airlines. ATSA required TSA to create a federal workforce to assume the job of conducting passenger and checked baggage screening at commercial airports. The federal screener workforce was put into place, as required, by November 2002.[Footnote 14] Passenger screening is a process by which personnel authorized by TSA inspect individuals and property to deter and prevent the carriage of any unauthorized explosive, incendiary, weapon, or other dangerous item onboard an aircraft or into a sterile area.[Footnote 15] Passenger screening personnel must inspect individuals for prohibited items at designated screening locations.[Footnote 16] As shown in figure 1, the four passenger screening functions are: * X-ray screening of property, * walk-through metal detector screening of individuals, * hand-wand or pat-down screening of individuals, and: * physical search of property and trace detection for explosives. Typically, passengers are only subjected to X-ray screening of their carry-on items and screening by the walk-through metal detector. Passengers whose carry-on baggage alarms the X-ray machine, who alarm the walk-through metal detector, or who are designated as selectees-- that is, passengers selected by the CAPPS or other TSA-approved processes to designate passengers for additional screening--are screened by hand-wand or pat-down and have their carry-on items screened for explosives traces or physically searched[Footnote 17]. Figure 1: Passenger Checkpoint Screening Operation: [See PDF for image] Source: GAO and Nova Development Corporation. Note: Explosive trace detection (ETD) works by detecting vapors and residues of explosives. Human operators collect samples by rubbing swabs along the interior and exterior of an object that TSOs determine to be suspicious, and place the swabs in the ETD machine, which then chemically analyzes the swabs to identify any traces of explosive materials. [A] BDOs are TSOs specially trained to detect suspicious behavior in individuals approaching the checkpoint. Should the BDO observe such behavior, he or she may refer the individual for additional screening or to a law enforcement officer. [B] The hand-wand or pat-down is conducted if a passenger is identified or randomly selected for additional screening because he or she met certain criteria or alarmed the walk-through metal detector. [C] Manual or ETD searches of accessible property occur if the passenger is identified or randomly selected for additional screening or if the TSO identified a potential prohibited item on X-ray. [End of figure] Checked baggage screening is a process by which authorized security screening personnel inspect checked baggage to deter, detect, and prevent the carriage of any unauthorized explosive, incendiary, or weapon onboard an aircraft. As shown in figure 2, checked baggage screening is accomplished through the use of explosive detection systems[Footnote 18] or explosive trace detection systems,[Footnote 19] and through the use of alternative means, such as manual searches, canine teams, and positive passenger bag match,[Footnote 20] when the explosive detection or explosive trace detection systems are unavailable. Figure 2: Checked Baggage Screening Operation: [See PDF for image] Source: GAO and Nova Development Corporation. [End of figure] The passenger and checked baggage screening systems are composed of three elements: the people (TSOs) responsible for conducting the screening of airline passengers and their carry-on items and checked baggage, the technology used during the screening process, and the procedures TSOs are to follow to conduct screening. Collectively, these elements help to determine the effectiveness and efficiency of passenger and checked baggage screening. Air Cargo Security: TSA's responsibilities for securing air cargo include, among other things, establishing security rules and regulations covering domestic and foreign passenger air carriers that transport cargo, domestic and foreign all-cargo carriers that transport cargo, and domestic indirect air carriers. TSA is also responsible for overseeing the implementation of air cargo security requirements by air carriers and indirect air carriers through compliance inspections, while air carriers are required to inspect air cargo for weapons, explosives, or stowaways. Air carriers (passenger and all-cargo) are responsible for implementing TSA security requirements, predominantly through a TSA-approved security program that describes the security policies, procedures, and systems air carriers are required to implement.[Footnote 21] These requirements include measures related to the acceptance, handling, and inspection of cargo; training of employees in security and cargo inspection procedures; testing employee proficiency in cargo inspection; and access to cargo areas and aircraft. If threat information or events indicate that additional security measures are needed to secure the aviation sector, TSA may issue revised or new security requirements in the form of security directives or emergency amendments applicable to domestic or foreign air carriers. The air carriers must implement the requirements set forth in the security directives or emergency amendments in addition to those requirements already imposed and enforced by TSA. Air cargo ranges in size from one pound to several tons, and in type from perishables to machinery, and can include items such as electronic equipment, automobile parts, clothing, medical supplies, other dry goods, fresh cut flowers, fresh seafood, fresh produce, tropical fish, and human remains. Cargo can be shipped in various forms, including large containers known as unit loading devices that allow many packages to be consolidated into one container that can be loaded on an aircraft, wooden crates, assembled pallets, or individually wrapped/ boxed pieces, known as break bulk cargo. Participants in the international air cargo shipping process include shippers, such as individuals and manufacturers; freight forwarders or regulated agents, who consolidate shipments and deliver them to air carriers; air cargo handling agents, who process and load cargo onto aircraft on behalf of air carriers; and passenger and all-cargo carriers that store, load, and transport air cargo.[Footnote 22] International air cargo may have been transported via ship, train, or truck prior to its loading onboard an aircraft. Figure 3 identifies cargo being loaded onto an aircraft for transport. Figure 3: Air Cargo Being Loaded Onto an Aircraft: [See PDF for image] Source: GAO and TSA. [End of figure] Fiscal Years 2004 Through 2007 Aviation Security Funding and Fiscal Year 2008 Budget Request for Aviation Security: According to DHS's budget execution reports,[Footnote 23] TSA's appropriations for aviation security have totaled about $20 billion since fiscal year 2004.[Footnote 24] In fiscal year 2004--the first year for which data was available--TSA received about $3.9 billion for aviation security programs. In fiscal year 2007, TSA received about $5.7 billion. The President's budget request for fiscal year 2008 includes about $5.7 billion to continue TSA's aviation security efforts. This total includes about $5.0 billion specifically designated for aviation security and about $0.79 billion for aviation-security related programs. Figure 4 identifies reported aviation security funding for fiscal years 2004 through 2007. Figure 4: DHS's Reported Aviation Security Funding For TSA For Fiscal Years 2004 through 2007: [See PDF for image] Source: GAO analysis of TSA budget execution reports for fiscal years 2004 to 2007. Note: Figures for fiscal years 2004 to 2007 are those reported by DHS in monthly budget execution reports for TSA. We used the September 30th budget execution reports for our analysis of TSA funding for fiscal years 2004 through 2006. For fiscal year 2007, we used the October 31 report. According to the reports, figures presented include all rescissions and supplemental funding for the fiscal years. [A] Fiscal years 2004 and 2005 include approximately $330 million in research and development funding for aviation security. For fiscal years 2006 and 2007, research and development funding was consolidated within the DHS S&T; therefore, this funding, as reflected in TSA's budget documentation, is not included as part of TSA's appropriations for these two fiscal years. [B] Fiscal years 2006 and 2007 include approximately $680 million and $710 million, respectively, in funding for Federal Air Marshals, which was transferred back to TSA from U.S. Immigration and Customs Enforcement in October 2005. Federal Air Marshals funding is included within totals for related aviation security PPAs for fiscal years 2006 and 2007. [C] Funding for aviation security-related programs, projects, and activities, as reported by TSA, which were not included in budget documentation subtotals for aviation security funding. [End of figure] Of the approximately $5.7 billion requested for aviation security in the President's fiscal year 2008 budget request, almost $4.4 billion, or about 77 percent, is for passenger and checked baggage screening. This includes approximately $4 billion to support passenger and checked baggage screening operations, such as TSO salaries and training, and $176 million for the procurement and $259 million for the installation of checked baggage explosive detection systems. Additional information on the President's budget request for fiscal year 2008 as it relates to airline passenger prescreening, airline passenger and checked baggage screening, and air cargo security is provided later in this statement. TSA and CBP Are Working to Strengthen Domestic and International Passenger Prescreening, but Management and Technical Challenges Remain: TSA and CBP have separate efforts under way to strengthen domestic and international passenger prescreening, respectively. However, these programs are in development and face management and technical challenges. Further, while TSA and CBP have been developing their respective identity-matching programs separately, the two agencies are now taking steps to align their prescreening programs to minimize duplication and provide a single set of requirements for air carrier participation. However, key policy and technical decisions have not yet been made to clarify how these two programs will be aligned. TSA Has Reported Addressing Challenges That Have Hindered Secure Flight's Implementation, but It Is Not Yet Known Whether These Efforts Will Address Past Problems: For over 4 years, TSA has faced significant challenges in developing and implementing its advanced passenger prescreening program, now known as Secure Flight, and has not yet taken the identity-matching function over from air carriers as mandated by Congress. According to TSA, the Secure Flight program--which is to perform the functions associated with determining whether passengers on domestic flights are on the No Fly and Selectee Lists--is intended to (1) decrease the chance of compromising watch list data by centralizing its use within the federal government; (2) provide earlier identification of potential threats, allowing for the expedited notification of law enforcement and other organizations responsible for threat management; (3) provide a fair, equitable, and consistent matching process across all air carriers; and (4) offer consistent application of an expedited and integrated redress process for passengers misidentified as a threat. However, during the past 3 years, we reported on multiple occasions that the Secure Flight program (and its predecessor, CAPPS II) had not met key milestones or finalized its goals, objectives, and requirements. Further, in February 2006, we reported that, taken as a whole, the development of Secure Flight had not been effectively managed and the program was at risk of failure. We found that TSA had not conducted critical activities in accordance with best practices for large-scale information technology programs, and had not followed its own systems development life cycle guidance in managing the program's development. Former program officials stated that TSA had instead used a rapid development method that was intended to enable it to develop the program more quickly. However, as a result of this approach, the development process had been ad hoc, with project activities conducted out of sequence. For example, program officials declared the design phase complete before requirements needed to guide the design of Secure Flight had been detailed. In addition, TSA had not maintained up-to-date program schedules or developed cost estimates for the program. In March 2005, we recommended that TSA take numerous steps to strengthen the program's development, such as finalizing system requirements and developing detailed test plans to help ensure that all Secure Flight system functionality is properly tested and evaluated. We also recommended that TSA develop a plan for establishing connectivity among the air carriers and other stakeholders to help ensure the secure, effective, and timely transmission of data for use in Secure Flight operations.[Footnote 25] In early 2006, acknowledging the challenges it faced with the program, TSA suspended the development of Secure Flight and initiated a reassessment, or rebaselining, of the program, to be completed before moving forward. In January 2007, TSA announced that it had completed its rebaselining efforts, which included reassessing program goals and capabilities, and developing a new schedule and cost estimates--actions that we recommended in March 2005.[Footnote 26] The Assistant Secretary of Homeland Security for TSA stated that TSA had made significant progress in upgrading the design and development of the Secure Flight program, and that program documentation had been revised to reflect TSA's plans for reliably delivering Secure Flight capabilities. In December 2006, the DHS Investment Review Board--a group of DHS senior executives charged with reviewing certain programs at key phases of development to help ensure they meet mission needs at expected levels of costs and risks--completed its review of Secure Flight and approved the program to proceed into capability development and demonstration phases. According to the Investment Review Board, this approval was based on rescoping Secure Flight using a new business model better focused on mission; putting a new team in place with appropriate technical and management skills; and improving its management approach to privacy, security, and quality assurance. However, the board also noted that this important screening capability was needed sooner than its planned mid-2009 implementation time frame, and requested that TSA determine the feasibility of accelerating the program schedule to deliver initial capability by mid-2008. As we have reported, earlier attempts to accelerate the Secure Flight program have led to developmental problems and program delays. Accordingly, as TSA moves forward, it will need to employ a range of program management disciplines, which we previously found missing, to control program cost, schedule, performance, and privacy risks. As part of our ongoing work assessing the Secure Flight program, we will be reviewing DHS's and TSA's efforts to develop and implement the program, including progress made during its rebaselining efforts.[Footnote 27] Regarding TSA's communications with air carriers about Secure Flight system requirements, we reported in March 2005 that air carriers had expressed concerns regarding the uncertainty of Secure Flight system and data requirements, and the impact that these requirements may have on the airline industry and traveling public. Further, based on preliminary results for our ongoing work, officials from 9 of the 15 air carriers we interviewed from February 2006 to January 2007,[Footnote 28] reported that they were enhancing their respective identity-matching systems or planned to do so. While these efforts may improve the accuracy of each air carrier's individual identity-matching system, the improvements will only apply to their respective systems and could further exacerbate differences that currently exist among the air carriers' various identity-matching systems. These differences may result in varying levels of effectiveness in the matching of passenger information against the No Fly and Selectee Lists, which was a key factor that led to the government's effort to take over the identity- matching function through Secure Flight. Also, officials from 7 of 15 air carriers stated that TSA had not communicated with them about Secure Flight requirements within the past 6 months while the program was being rebaselined. TSA officials stated that in October 2006 they had resumed discussions with air carriers regarding Secure Flight requirements, and as of January 2007, had discussed plans for Secure Flight with officials from 8 air carriers and the Air Transport Association. TSA officials stated that they also plan to take into account current air carrier capabilities and programs as they proceed with Secure Flight development, and to update guidance previously provided to air carriers to reflect the current concept of operations for the rebaselined Secure Flight program. In February 2006, we also reported that TSA was in the early stages of coordinating with TSC and CBP on broader issues of integration and interoperability related to other people-screening programs used by the government to combat terrorism. However, TSA needed to provide these stakeholders with detailed information about its concept of operations for Secure Flight to enable them to plan for and provide the support necessary for the program. For example, a TSC official stated that without specific information on Secure Flight requirements, TSC could not make decisions about needed resources, such as personnel needed to operate its call center that would be used to help resolve potential matches against the No Fly and Selectee Lists. In January 2007, TSC officials stated that while they had been participating in meetings with Secure Flight officials, they had not yet received the specific operational and technical information needed to plan for supporting Secure Flight operations. During Secure Flight rebaselining efforts, TSA officials also stated that they were coordinating with CBP to more closely align their respective identity-matching programs. However, this collaboration is ongoing and key policy and technical decisions regarding how the programs will be coordinated have not been announced. We discuss TSA and CBP's coordination of their domestic and international prescreening programs later in this statement. We have also previously reported that TSA, as part of its requirements development process, had not clearly identified the privacy impacts of the envisioned system or the full actions it planned to take to mitigate them. Specifically, because TSA had not made final determinations about its requirements for passenger data, and Secure Flight's system development documentation did not fully address how passenger privacy protections were to be met, it was not possible to assess potential system impacts on individual privacy protections at that time. We have also previously reported that TSA violated provisions of the Privacy Act[Footnote 29] by not fully disclosing its use of personal information during systems testing.[Footnote 30] In March 2005, we recommended that TSA specify how Secure Flight will protect personal privacy.[Footnote 31] TSA officials stated that they are aware of, and plan to address, the potential for Secure Flight to adversely affect passenger privacy protections, and the need to provide a redress process whereby aviation passengers adversely affected by the identity matching process may express their concerns, seek correction of any inaccurate data, and request other actions to reduce or eliminate future inconveniences. Concurrent with its rebaselining efforts, TSA reported that it has developed a Secure Flight privacy program that is rooted in the Fair Information Practices--a set of internationally recognized privacy principles that underlie the Privacy Act. TSA officials further stated that the rebaselined Secure Flight program will result in a more transparent and privacy-enhanced program by addressing concerns identified by us and others in the following areas: program oversight, program scope, data collection activities, redress requirements, relationships with other TSA credentialing programs, and technical requirements. TSA officials also stated that they have embedded privacy contractor experts in the program teams to address privacy issues as they arise. In addition, in January 2007, officials from Secure Flight and TSA's Office of Transportation Security Redress stated that Secure Flight will use the TSA redress process that is currently available for individuals affected by the air carrier identity-matching processes, but the details of how this process will be integrated with other Secure Flight requirements have not yet been completed. We will continue to assess TSA's efforts to manage system privacy protections and establish a redress process for resolving misidentified passengers as part of our ongoing review of the program. We believe that TSA's efforts to reassess Secure Flight's development and progress was an appropriate step given the problems that faced the program in early 2006. However, since TSA only recently announced that it has completed its rebaselining efforts, and just recently provided more details of its rebaselined program, it is too early to determine the extent to which TSA has addressed the long-standing issues that have affected the program. According to DHS's budget execution reports, TSA received about $126 million for fiscal years 2004 through 2006-- including funds spent on the CAPPS II predecessor program--and $15 million for fiscal year 2007 for Secure Flight. For fiscal year 2008, the President's budget request includes $53 million for TSA to continue this program. According to the TSA's budget justification, the increase of $38 million is requested to provide for the development and the authority to operate the Secure Flight system. Additionally, the funding request would provide for procuring hardware, starting operations and training, and developing a network interface between Secure Flight and CBP. We will continue to monitor Secure Flight's development as part of our ongoing review of the program. DHS Intends to Align Domestic and International Prescreening Programs, but Key Policy and Technical Decisions Have Not Yet Been Made: As originally envisioned, once Secure Flight became operational, TSA would be operating a domestic passenger prescreening system, while CBP would be operating an international passenger prescreening system. However, air carriers raised concerns regarding having to support different data requirements for two separate government prescreening programs. Further, we reported that both programs could result in potentially different results for passengers flying on domestic and international flights, results that could cause additional costs to air carriers, and confusion and inconvenience to passengers. For example, if the programs are not aligned, air carriers might have to implement different information connections, communications, and programming for each prescreening program, resulting in added costs and inefficiencies. Also, if the two separate programs use different passenger data elements or identity-matching technologies, air carriers may receive conflicting notifications to handle a passenger differently for an international than for a domestic flight. Passengers may also be inconvenienced since a passenger may be delayed on one leg of a multileg trip, which includes both a domestic and an international flight segment, and possibly miss a flight. The air carrier community has asked CBP and TSA to coordinate their efforts to ensure that the programs are compatible and are developed as a single approach to avoid the need for air carriers to implement two separate screening systems to meet CBP and TSA requirements. In a joint letter to the Secretary of DHS dated October 27, 2005, the Air Transport Association of America and the Association of European Airlines urged DHS to coordinate international and domestic airline passenger prescreening programs so that air carriers are not unduly burdened by the costs and inefficiencies posed by working with two different prescreening programs. The letter also stated that the Air Transport Association of America and the Association of European Airlines believed that there had been a lack of coordination between CBP and TSA in aligning their respective passenger prescreening programs. Air carrier industry groups reiterated this concern in comments they provided in response to CBP's proposed rule for conducting passenger prescreening on international flights. We have also previously reported that since both agencies are developing and implementing passenger prescreening programs, CBP and TSA could mutually benefit from the sharing of technical testing results and the coordination of other developmental efforts.[Footnote 32] Coordination and planning in the development of these two programs would also enhance program integration and interoperability, potentially limit redundancies, and increase program effectiveness. We have recently recommended that DHS take additional steps and make key policy and technical decisions that are necessary to more fully coordinate these programs.[Footnote 33] Recognizing these concerns, DHS has directed TSA and CBP to coordinate their prescreening activities so that they provide "One DHS Solution" to the commercial aviation industry consistent with applicable authorities and statutes. CBP and TSA officials stated that they are taking steps to coordinate their prescreening efforts, including meeting routinely with DHS's Office of Screening Coordination and with aviation and travel industry stakeholders to develop joint data requirements, processes, and methods for disseminating information to other government and law enforcement organizations in the event of a positive identity match against the No Fly and Selectee Lists. DHS officials told us that they envision a joint approach that will allow for standardization between the two programs to the extent possible, reduce unnecessary programming by aircraft operators, and provide consistent treatment for passengers across all aircraft operators. However, despite this coordination, key policy and technical decisions have not yet been made regarding how these programs will be aligned, including determining how differences in the data used to conduct identity matching and the identity matching techniques used will be resolved. Further, it is unclear how the different implementation schedules for the two programs--CBP has already issued a proposed rule to implement a new passenger prescreening program for passengers on international flights, while TSA's schedule shows that Secure Flight will not begin operations until 2009--will affect coordination efforts. Given DHS's commitment to align the two prescreening programs, and the security and efficiency benefits of doing so, it will be important for CBP and TSA to take the steps necessary to successfully coordinate these programs. Until international and domestic prescreening efforts are more fully aligned, the extent to which potential problems of duplication and conflicting results in international and domestic passenger prescreening will be addressed remains unclear. TSA Has Taken Steps to Enhance Security at Passenger Screening Checkpoints and Checked Baggage Screening Stations, but Continues to Face Challenges: TSA has taken steps to strengthen the three key elements of the passenger and checked baggage screening systems--people (TSOs), screening procedures, and technology--but continues to face management, planning, and funding challenges. For example, TSA developed a Staffing Allocation Model to determine TSO staffing levels at airports that reflect current operating conditions, and provided TSOs with additional training intended to enhance the detection of threat objects, particularly improvised explosives. TSA also proposed modifications to passenger checkpoint screening procedures based on risk (threat and vulnerability information), among other factors, but could do more evaluation of proposed procedures before they are implemented to ensure they achieve their intended results. Additionally, TSA is exploring new technologies to enhance the detection of explosives and other threats, but continues to face management and funding challenges. For example, in May 2006, TSA reported that under current investment levels, the installation of optimal checked baggage screening systems would not be completed until approximately 2024. TSA, in collaboration with key stakeholders, has identified several funding and financing strategies for installing optimal checked baggage screening systems, such as continued appropriations for the procurement and installation of EDS machines. TSA Has Efforts Under Way to Strengthen the Management and Performance of Its TSO Workforce: TSA has implemented several efforts intended to strengthen the management and performance of its TSO workforce, which TSA has identified as its most important asset in accomplishing its mission. We reported in February 2004 that staffing shortages and TSA's hiring process had hindered the ability of some Federal Security Directors (FSD)--the ranking authority responsible for leading and coordinating security activities at airports--to provide sufficient resources to staff screening checkpoints and oversee screening operations at their checkpoints without using additional measures such as overtime.[Footnote 34] Since that time, TSA has developed a Staffing Allocation Model to determine TSO staffing levels at airports. In determining staffing allocations, the model takes into account the workload demands unique to each airport based on an estimate of each airport's peak passenger volume. This input is then processed against certain TSA assumptions about screening passengers and checked baggage- -including expected processing rates, required staffing for passenger lanes and baggage equipment based on standard operating procedures, and historical equipment alarm rates. In August 2005, TSA determined that the staffing model contained complete and accurate information on each airport from which to estimate staffing needs, and the agency used the model to identify TSO allocations for each airport. At that time, the staffing model identified a total TSO full-time equivalent allocation need of 42,303--a level within the congressionally mandated limit of 45,000 full-time equivalent TSOs. According to TSA, when TSA runs the model, it does so without imposing a limitation on the maximum number of full-time equivalent TSOs, either the 45,000 congressional limit or any budgetary limits that affect the number of TSOs that can be hired. In addition to the levels identified by the staffing model, TSA sets aside TSO full-time equivalents for needs outside of those considered by the staffing model in the annual allocation run for airports. For example, in order to handle short-term extraordinary needs at airports, TSA established a National Screening Force of 615 TSOs who can be sent to airports to augment local TSO staff during periods of unusually high passenger volume, such as the Super Bowl. Additionally, certain airports may, during the course of the year, experience significant changes to their screening operations, such as the arrival of a new airline or opening of a new terminal. TSA established a reserve of 329 TSO full-time equivalents during fiscal year 2006 that can be used to augment the existing force. The President's fiscal year 2008 budget request includes $35 million for operational expenses for a National Deployment Office--an office that would be responsible for deploying the National Screening Force and other TSOs to those airports experiencing significant staffing shortfalls. According to TSA, TSA's approach to allocating TSOs has allowed the agency to stay within the 43,000 full-time equivalent TSO budgetary limit for fiscal year 2006--a staffing level that TSA's Assistant Secretary stated is sufficient to provide passenger and checked baggage screening services.[Footnote 35] According to the President's fiscal year 2008 budget request, the $2.6 billion requested for the federal TSO workforce represents an increase of about $131 million over fiscal year 2007 for cost of living adjustments and a travel document checker initiative. Under this initiative, about 1,330 full-time equivalent TSOs would be placed at the 40 highest risk category X and I airports to conduct document checking for passengers approaching the passenger screening checkpoint.[Footnote 36] According to the budget request, the $2.6 billion is to fund the personnel, compensation, and benefits of approximately 43,688 full-time equivalent TSOs and about 1,045 full- time equivalent Screening Managers. Table 1 shows the total TSO and Screening Manager full-time equivalents and the funding levels for fiscal years 2004 through 2007, as reported by TSA. Table 1: Passenger and Checked Baggage TSO and Screening Manager Full- time Equivalents and Actual Spending for TSO Personnel, Compensation, & Benefits, by Fiscal Year: Total TSOs and Screening Managers at airports nationwide; FY 2004: 45,252; FY 2005: 45,690; FY 2006: 42,187; FY 2007[A]: 43,779. Actual spending (dollars in thousands); FY 2004: $2,191,551; FY 2005: 2,291,572; FY 2006: 2,251,503; FY 2007[A]: 2,418,329. Source: TSA: [A] Fiscal year 2007 figures are projected. [End of table] FSDs we interviewed in 2006[Footnote 37] as part of our ongoing review of TSA's staffing model generally reported that the model is a more accurate predictor of staffing needs than TSA's prior staffing model, which took into account fewer factors that affect screening operations.[Footnote 38] However, FSDs identified that some assumptions used in the fiscal year 2006 staffing model did not reflect actual operating conditions. For example, FSDs noted that the staffing model's assumption of a 20 percent part-time workforce--measured in terms of full-time equivalents--had been difficult to achieve, particularly at larger (category X and I) airports, because of, among other things, economic conditions leading to competition for part-time workers, remote airport locations coupled with a lack of mass transit, TSO base pay that has not changed since fiscal year 2002, and part-time workers' desire to convert to full-time status. TSA data show that for fiscal years 2005 and 2006, the nation's category X airports had a TSO workforce composed of about 8 percent part-time equivalents, and the part-time TSO attrition rate nationwide remains considerably higher than the rate for full-time personnel (approximately 46 percent versus 16 percent for full-time TSOs for fiscal year 2006). FSDs also expressed concern that the model did not specifically account for the recurrent training requirement for TSOs of 3 hours per week averaged over a fiscal year quarter. Further, FSDs identified that the model for fiscal year 2006 did not account for time away from screening to perform operational support duties. FSDs we interviewed stated that because they are not authorized to hire a sufficient number of mission support staff, TSOs are being routinely used to perform certain operational support functions, such as payroll processing, scheduling, distribution and maintenance of uniforms, data entry, and workman's compensation processing. Similarly, in September 2006, the Department of Homeland Security's Office of Inspector General reported that TSA had not determined the precise number of FSD administrative positions it needed and was using TSOs to perform administrative work. In response to FSDs' input and the various mechanisms TSA has implemented to monitor the sufficiency of the model's allocation outputs, TSA made changes to some assumptions in the model for fiscal year 2007. Our preliminary observations indicate that these revisions should help address the concerns identified by FSDs. For example, TSA recognized that some airports cannot likely achieve a 20 percent part- time full-time equivalent level and others (most likely smaller airports) may operate more effectively with other levels of part-time TSO staff. As a result, for fiscal year 2007, TSA modified this assumption to include a variable part-time goal based on each airport's historic part-time to full-time TSO ratio. TSA also included an allowance in the fiscal 2007 Staffing Allocation Model for training to provide additional assurance that TSOs complete the required training on detecting improvised explosive devices--which TSA has identified as the most significant threat to commercial aviation. Additionally, TSA included an allowance for operational support duties in the 2007 Staffing Allocation Model to account for the current need for TSOs to perform these duties. Factors outside of the staffing model's determination of overall TSO staffing levels also affect FSDs' ability to effectively deploy their TSO workforce. Specifically, FSDs we interviewed as part of our ongoing review of TSA's staffing model cited difficulties in recruiting and retaining sufficient TSOs (both full-time and part-time) to reach their full allocations as determined by the model; staffing checkpoints appropriately given that some TSOs are unavailable due to absenteeism and injuries; and managing around physical infrastructure limitations at some airports, such as lack of room for additional lanes or baggage check areas despite demand levels that would justify such added capacity. TSA has made progress in addressing these challenges through a variety of human capital initiatives. For example, to allow FSDs to more efficiently address staffing needs, TSA has shifted responsibility for hiring TSOs from TSA headquarters to FSDs at individual airports and, according to TSA officials, provided contractor support to assist in this effort. TSA data show that since local hiring began in March 2006, TSA has increased the number of new hire TSOs from approximately 180 per pay period in February 2006 to nearly 450 each pay period under the local hiring initiative. In addition to having an adequate number of TSOs, effective screening involves TSOs being properly trained to do their job. Since we first reported on TSO training in September 2003,[Footnote 39] TSA has taken a number of actions designed to strengthen training available to the TSO workforce beyond the basic training requirement. For example, TSA has expanded training available to the TSO workforce, such as introducing an Online Learning Center that makes self-guided courses available over TSA's intranet and the Internet, and enhanced training on explosives detection. This training included both classroom and hands-on experience, and focused particularly on identifying X-ray images of improvised explosives device component parts, not just a completely assembled bomb. According to TSA, as of February 6, 2007, about 98 percent of the 48,236 TSOs on board had received classroom, checkpoint, or computer-based improvised explosive device recognition training. TSA has also developed new training curriculums to support new screening approaches. For example, TSA recently developed a training curriculum for TSOs in behavior observation and analysis at the checkpoint to identify passengers exhibiting behaviors indicative of stress, fear, or deception. The President's fiscal year 2008 budget request includes $89.7 million to fully implement TSO training programs and related TSO workforce development programs. TSA has also made progress in addressing challenges that made it difficult for TSOs to access training. We reported in May 2005 that insufficient TSO staffing and a lack of high-speed Internet/intranet connectivity to access the Online Learning Center made it difficult for all TSOs at many airports to receive required training, and had limited TSO access to TSA training tools.[Footnote 40] We stated that without addressing the challenges to delivering ongoing training, including installing high-speed connectivity at airport training facilities, TSA may have difficulty maintaining a screening workforce that possesses the critical skills needed to perform at a desired level. As previously discussed, our preliminary observations from our ongoing review of TSA's staffing model indicate that TSA has taken steps to address the TSO staffing challenges, including providing an allowance for TSO training in the Staffing Allocation Model for fiscal year 2007. However, it is too soon to determine whether TSA's efforts will address TSA's ability to provide required training while maintaining adequate coverage for screening operations. TSA established its Online Learning Center to provide passenger and baggage TSOs with online, high-speed access to training courses. However, effective use of the Online Learning Center requires high-speed Internet/intranet access, which TSA has not been able to provide to all airports. We reported that as of October 2004, about 45 percent of the TSO workforce did not have high- speed Internet/intranet access to the Online Learning Center. Given the importance of the Online Learning Center in both delivering training and serving as the means by which the completion of TSO training is documented, we recommended that TSA develop a plan that prioritizes and schedules the deployment of high-speed Internet/intranet connectivity to all TSA's airport training facilities to help facilitate the delivery of TSO training and the documentation of training completion. Since that time, TSA has made progress in deploying high-speed connectivity to airports. According to the President's fiscal year 2008 budget request, 95 percent of the nation's airports now have high-speed connectivity. According to the budget request, TSA expects to meet the goal of all airports having high-speed connectivity during fiscal year 2007. TSA Has Taken Steps to Strengthen Passenger and Checked Baggage Screening Procedures, but Could Improve Its Evaluation and Monitoring of the Procedures: In addition to TSA's efforts to train and deploy a federal TSO workforce, steps have also been taken to strengthen passenger and checked baggage screening procedures to enhance detection capabilities. However, TSA could improve its evaluation and oversight of these procedures. With regard to passenger checkpoint screening procedures, between April and December 2005, proposed modifications were made in various ways and for a variety of reasons, and a majority of the proposed modifications--48 of 92--were ultimately implemented at airports. As part of our ongoing review of TSA's process for determining whether and how screening procedures should be modified, we found that TSA officials proposed standard operating procedure (SOP) modifications based on risk information (threat and vulnerability information), daily experiences of staff working at airports, and complaints and concerns raised by the traveling public.[Footnote 41] In addition to these factors, our preliminary observations indicate that consistent with its mission, TSA senior leadership made efforts to balance the impact that proposed SOP modifications would have on security, efficiency, and customer service when deciding whether proposed SOP modifications should be implemented. For example, in August 2006, TSA sought to increase security by banning liquids and gels from being carried onboard aircraft in response to the alleged terrorist plot to detonate liquid explosives onboard multiple aircraft en route from the United Kingdom to the United States. In September 2006, after obtaining more information about the alleged terrorist plot--to include information from the United Kingdom and U.S. intelligence communities, discussions with explosives experts, and testing of explosives--TSA officials decided to lift the total ban on liquids and gels to allow passengers to carry small amounts of liquids and gels onboard aircraft. TSA officials also lifted the total ban because banning liquids and gels as carry-on items was shown to affect both efficiency and customer service. Specifically, following the implementation of the total ban in August 2006, the number of bags checked per passenger increased by approximately 27 percent--thus placing a strain on the efficiency of the checked-baggage screening system. In addition, TSA recognized that passengers have legitimate needs that may require them to carry some liquids and gels onboard aircraft. Moreover, in an effort to harmonize its liquid screening procedures with other countries, in November 2006, TSA revised its procedures to allow 3.4 fluid ounces of liquids, gels, and aerosols onboard aircraft, which is equivalent to 100 milliliters--the amount permitted by the 27 countries in the European Union, as well as Australia, Norway, Switzerland, and Iceland. According to TSA, this means that approximately half of the world's travelers will be governed by similar measures with regard to this area of security. In some cases, TSA first tested proposed modifications to screening procedures at selected airports to help determine whether the changes would achieve their intended purpose, such as to enhance detection of prohibited items or free up TSO resources to perform screening activities focused on threats considered to pose a high risk, such as explosives. TSA's efforts to collect quantitative data through testing proposed procedures prior to deciding whether to implement or reject them is consistent with our past work that has shown the importance of data collection and analyses to support agency decision making. However, as part of our ongoing work, we identified that TSA's data collection and analyses could be improved to help TSA determine whether proposed procedures that are operationally tested would achieve their intended purpose. Specifically, we found that for the tests of proposed screening procedures TSA conducted during the period April 2005 through December 2005, including the removal of small scissors and small tools from the prohibited items list,[Footnote 42] although TSA collected some data on the efficiency of and customer response to the procedures at selected airports, the agency generally did not collect the type of data or conduct the necessary analysis that would yield information on whether proposed procedures would achieve their intended purpose.[Footnote 43] We will report on the results of our analysis of TSA's efforts to test proposed modifications to screening procedures later this year. Once proposed SOP changes have been implemented, it is important that TSA have a mechanism in place to ensure that TSOs are complying with established procedures. As part of our ongoing review of TSA's process for revising passenger screening procedures, we identified that TSA monitors TSO compliance with passenger checkpoint screening SOPs through its performance accountability and standards system and through local and national covert testing.[Footnote 44] According to TSA officials, the performance accountability and standards system was developed in response to a 2003 report by us that recommended that TSA establish a performance management system that makes meaningful distinctions in employee performance,[Footnote 45] and in response to input from TSA airport staff on how to improve passenger and checked baggage screening measures. This system will be used by TSA to assess agency personnel at all levels on various competencies, including, among other things, technical proficiency. The technical proficiency component of the performance accountability and standards system will be used to measure TSO compliance with passenger checkpoint screening procedures. In addition to implementing the performance accountability and standards system, TSA conducts local and national covert tests to evaluate, in part, the extent to which TSOs' noncompliance with the SOPs affects their ability to detect simulated threat items hidden in accessible property or concealed on a person. Our preliminary observations indicate that TSA airport officials have experienced resource challenges in implementing these compliance monitoring methods. TSA headquarters officials stated that they are taking steps to address these challenges. For example, officials said that they have automated many of the data entry functions of the performance accountability and standards system to relieve the field of the burden of manually entering this information into the online system. TSA has also taken steps to strengthen checked baggage screening through reducing the need to use alternative screening procedures. In addition to screening with standard procedures using EDS and ETD, which TSA had determined to provide the most effective detection of explosives, TSA also allows alternative screening procedures to be used when volumes of baggage awaiting screening pose security vulnerabilities or when TSA officials determine that there is a security risk associated with large concentrations of passengers in an area. These alternative screening procedures include the use of EDS and ETD machines in nonstandard ways,[Footnote 46] and also include three procedures that do not use EDS or ETD--screening with explosives detection canines, physical bag searches, and matching baggage to passenger manifests to confirm that the passenger and his or her baggage are on the same plane. TSA's use of alternative screening procedures has involved trade-offs in security effectiveness.[Footnote 47] However, the extent of the security trade-offs is not fully known because TSA has not tested the effectiveness of alternative screening procedures in an operational environment. In our July 2006 report on TSA's use of alternative screening procedures, we recommended that TSA conduct local testing of alternative screening procedures to determine whether checked baggage TSOs can detect simulated improvised explosives when using these procedures.[Footnote 48] Since then, TSA has conducted covert testing of alternative screening procedures at some airports. TSA is pursuing several mitigating actions to reduce the need to use alternative screening procedures. These actions include deploying more efficient checked baggage screening systems, strengthening its coordination with groups such as tour operators to better plan for increases in baggage screening needs, deploying "optimization teams" to airports that were frequently using alternative screening procedures to determine why the procedures were being used so often and to suggest remedies, and deploying additional EDS machines. However, although TSA has taken steps to reduce the need to use alternative screening procedures at airports, TSA's oversight of FSDs' use of alternative screening procedures could be strengthened. For example, in July 2006, we reported that FSDs and their staff did not always accurately report the occurrences when a particular alternative baggage screening procedure was used, impeding TSA's ability to reliably determine how often and for how long the alternative screening procedures were used. In addition, FSDs and their staff did not always report the use of alternative screening procedures as required. TSA officials stated that they were working with FSDs to correct these reporting problems and had issued guidance clarifying requirements for reporting alternative screening procedures. Additionally, while TSA is working to minimize the need to use alternative screening procedures at airports, TSA has not created performance measures or targets related to the use of these procedures. By creating a performance measure for the use of alternative screening procedures as part of the checked baggage screening index or as a stand- alone measure, TSA could gauge whether it is making progress towards minimizing the need to use these procedures at airports and have more complete information on how well the overall checked baggage screening system is performing. Furthermore, performance targets for the use of alternative screening procedures would provide an indicator of how much risk TSA is willing to accept in using these procedures, and TSA's monitoring of this indicator would identify when it has exceeded the level of risk that it has determined acceptable. We recommended that TSA develop performance measures and performance targets for the use of alternative screening procedures. Additionally, in September 2006, Congress directed TSA to take a variety of actions- -most of which we recommended in our July 2006 report--to monitor and assess the use of alternative screening procedures, including (1) develop performance measures and performance targets for the use of alternative screening procedures; (2) track the use of alternative screening procedures at airports; (3) assess the effectiveness of these measures; (4) conduct covert testing at airports that use alternative screening procedures; (5) develop a plan to stop alternative screening procedures at airports as soon as practicable; and (6) report to the Senate and House Committees on Appropriations, the Senate Committee on Commerce, Science, and Transportation, and the House Committee on Homeland Security by January 23, 2007, on implementation of these requirements.[Footnote 49] According to TSA officials, the agency is continuing to monitor and track the use of alternative screening procedures, which has allowed it to identify areas for improvement nationwide and address local issues to minimize the need for alternative screening procedures. TSA is Exploring New Technologies to Enhance Detection of Explosives and Other Threats, but Faces Management and Funding Challenges in Fielding Technologies to Airports: TSA is supporting the development and deployment of technologies to strengthen commercial aviation security but faces management and funding challenges. For example, TSA and DHS's S&T are exploring new passenger checkpoint screening technologies to enhance the detection of explosives and other threats. However, limited progress has been made in fielding explosives detection technology at passenger screening checkpoints, in part due to challenges DHS S&T and TSA face in coordinating research and development efforts. In addition, TSA has begun to systematically plan for the optimal deployment of checked baggage screening systems, but resources have not been made available to fund the installation of in-line EDS machines on a large-scale basis. Passenger Checkpoint Screening Technologies: To enhance passenger checkpoint screening, TSA is currently working with DHS S&T's Transportation Security Laboratory to develop new passenger checkpoint screening technologies.[Footnote 50] TSA designated about $80.5 million in fiscal year 2007 to acquire and deploy emerging screening technologies, and has requested $81.6 million for similar purposes in fiscal year 2008. Our preliminary work has found that of the various research and development projects funded by TSA and DHS S&T, six checkpoint screening projects are currently in the applied research or advanced development phases.[Footnote 51] Projects in the applied research phase include liquid bottle screening devices, explosives trace portals that will reduce the size of the current explosives trace portals at checkpoints, and shoe scanners. Three other projects in the advanced development phase include whole body imagers, cast and prosthesis scanners, and checkpoint explosives detection systems. TSA plans to place whole body imagers and checkpoint explosives detection systems at certain airport locations to collect initial operational data, and plans to continue to conduct similar tests of the cast and prosthesis scanners during fiscal year 2007. Table 2 provides a description and status of the passenger checkpoint screening technologies TSA and DHS S&T are currently researching and developing. Table 2: Description of Passenger Checkpoint Screening Technologies in the Research and Development Phase, as of January 2007: Technology: Liquid bottle screening devices; Description: Screens for liquid explosives; Status: In the applied research phase. DHS S&T is currently testing various devices. Technology: Explosives trace portals II; Description: Detects trace amounts of explosives on persons (will reduce the size of the current explosives trace portals at checkpoints); Status: In the applied research phase. Technology: Shoe scanners; Description: Scans passengers shoes with explosives detection capability; Status: In the applied research phase. Private industry developed this device to be used in combination with other technologies to screen registered travelers. Vendors requested that TSA assess this technology for effectiveness. Technology: Whole body imagers; Description: Provides two-dimensional, full-body images of all items on a passenger's body, including plastic explosives and concealed metallic, non-metallic, and ceramic or plastic objects; Status: In the advanced development phase. TSA plans to place some units at collect initial operational data during operational tests using the whole body imager at one U.S. airport in early 2007. Technology: Cast and prosthesis scanners; Description: Provides a 2- dimensional image of the area beneath a cast or inside a prosthetic device; Status: In the advanced development phase. TSA placed this equipment at an airport in September 2006 and collected operational data. TSA is considering deploying this technology in 2007. Technology: Checkpoint explosives detection systems; Description: Creates a three dimensional image of bags to detect explosives and other nonmetallic items; Status: In the advanced development phase. TSA plans to place this equipment at airports and collect operational data in fiscal year 2007. Source: TSA. [End of table] Despite TSA's efforts to develop passenger checkpoint screening technologies, preliminary results from our ongoing work suggests that limited progress has been made in fielding explosives detection technology at checkpoints. For example, TSA's fiscal year 2007 budget justification requested $80.5 million in budget authority to acquire and deploy screening technologies emerging from research and development programs, including the acquisition of 92 additional explosives trace portal machines and funds to operate and service approximately 434 portals. TSA had anticipated that the portals would be in operation throughout the country during fiscal year 2007. However, due to performance and maintenance issues, TSA halted the acquisition and deployment of the portals in June 2006, and the acquisition of additional portals is contingent on resolution of these issues. As a result, TSA has fielded less than 25 percent of the 434 portals it projected it would deploy by fiscal year 2007. In addition to the portals, TSA has fallen behind in its projected acquisition of other emerging screening technologies. For example, the acquisition of 91 Whole Body Imagers has been delayed in part because TSA needed to develop a means to protect the privacy of passengers screened by this technology. For fiscal year 2008, TSA has requested an additional $81.6 million to evaluate, acquire, and install emerging technologies. We will continue to assess DHS S&T and TSA's deployment of checkpoint screening technologies during our on-going review. While TSA and DHS have taken steps to coordinate the research, development, and deployment of checkpoint technologies, our ongoing work has identified that challenges remain. For example, TSA and DHS S&T officials stated that they encountered difficulties in coordinating research and development efforts due to reorganizations of TSA and S&T. A senior TSA official also stated that while TSA and the DHS S&T have executed a memorandum of understanding to establish the services that the Transportation Security Laboratory is to provide to TSA, coordination with S&T remains a challenge because the organizations have not fully implemented the terms of the memorandum of understanding. In addition to challenges in coordinating with each other, our preliminary observations suggest that TSA and DHS S&T also face challenges in coordinating with external stakeholders. Specifically, while TSA and DHS S&T have taken steps to coordinate efforts with external stakeholders, some airport managers we interviewed in October 2006 stated that TSA did not adequately communicate with them about when new technologies were to be deployed in their airports. TSA officials stated that they do not have a master schedule that establishes milestones for conducting operational tests and evaluations of emerging technologies or for deploying these technologies. Lack of such a schedule could limit TSA's ability to coordinate operational tests and deployments with stakeholders. Additionally, TSA does not yet have a strategic plan to guide its efforts to acquire and deploy screening technologies. As part of our ongoing work, we will assess further TSA's efforts to develop an overall strategic approach to guide the deployment of checkpoint technologies. A lack of a strategic plan or approach could limit TSA's ability to deploy emerging technologies at those airport locations deemed at highest risk. TSA officials stated that the agency is in the process of developing a strategic plan for the checkpoint that is scheduled to be completed in early 2007. TSA officials stated that the completion of the plan was delayed due to competing priorities, including ensuring the screening of checked baggage using explosives detection systems and responding to new and emerging threats, such as homemade explosives. TSA officials also said that reorganizations at TSA and DHS S&T have contributed to the delay. It is important that TSA continue to invest in and develop technologies for detecting explosives, as demonstrated by the alleged August 2006 terrorist plot to detonate liquid explosives on board multiple commercial aircraft bound for the United States from the United Kingdom. The President's fiscal year 2007 budget request notes that emerging checkpoint technology will enhance the detection of prohibited items, especially firearms and explosives, on passengers. We are currently evaluating DHS's and TSA's progress in planning for, managing, and deploying research and development programs in support of airport checkpoint screening operations and will report on the results of our work later this year. Checked Baggage Screening Technologies: At checked baggage screening stations, TSA has been effective in deploying EDS machines and ETD machines. However, initial deployment of EDS machines in a stand-alone mode--usually in airport lobbies--and ETD machines resulted in operational inefficiencies and security risks as compared with using EDS machines integrated in-line with airport baggage conveyor systems. As we reported in March 2005,[Footnote 52] to initially deploy EDS and ETD equipment to screen 100 percent of checked baggage for explosives, TSA implemented interim airport lobby solutions rather than in-line EDS baggage screening systems.[Footnote 53] TSA officials stated that they used EDS machines in stand-alone mode and ETD machines as an interim solution in order to meet the congressional deadline for screening all checked baggage for explosives. Officials stated that they employed these interim solutions because of the significant costs required to install in-line systems and the need to reconfigure many airports' baggage conveyor systems to accommodate the equipment. TSA's use of stand-alone EDS and ETD machines has required a greater number of TSOs and resulted in screening fewer bags for explosives each hour. Additionally, because in-line EDS checked baggage screening systems can significantly reduce the need for TSOs to handle baggage, installing them may also reduce the number of TSO on-the-job injuries. Moreover, screening with in-line EDS systems could also result in security benefits by reducing congestion in airport lobbies and reducing the need for TSA to use alternative screening procedures.[Footnote 54] In March 2005, we reported that at nine airports where TSA had agreed to help fund the installation of in-line EDS systems, TSA estimated that screening with in-line EDS machines could save the federal government about $1.3 billion over 7 years. In February 2006, TSA reported that a savings of approximately $4.7 billion could be realized over a period of 20 years by installing optimal checked baggage screening systems, including in-line EDS machines, at the airports with the highest checked baggage volumes. However, TSA also reported in February 2006 that many of the initial in-line EDS systems had not achieved the degree of anticipated savings initially estimated. TSA has since determined that recent improvements to the design of the in-line EDS systems and EDS screening technology now offer the opportunity for higher-performance and lower-cost screening systems. In June 2006, TSA issued guidance to airports to provide options, ideas, and suggestions for airports to choose from when considering security requirements in the planning and design of new or renovated airport facilities.[Footnote 55] This guidance also provides recommendations for airports in constructing in-line systems. TSA has begun to systematically plan for the optimal deployment of checked baggage screening systems, but resources have not been made available to fund the installation of in-line EDS machines on a large- scale basis. In March 2005, we reported that while TSA had made progress in deploying EDS and ETD machines, it had not conducted a systematic, prospective analysis of the optimal deployment of these machines to achieve long-term savings and enhanced efficiencies and security. We recommended that TSA systematically evaluate baggage screening needs at airports. In February 2006, TSA released its strategic planning framework for checked baggage screening aimed at increasing security through deploying more EDS machines, lowering program life-cycle costs, minimizing impacts to TSA and airport and airline operations, and providing a flexible security infrastructure. According to TSA, the framework will be used to establish a comprehensive strategic plan for TSA's checked baggage screening program. As part of this planning effort, TSA identified, among other things, the top 25 airports that should first receive federal funding for projects related to the installation of in-line EDS systems, and the optimal checked baggage screening solutions for the 250 airports with the highest checked baggage volumes.[Footnote 56] DHS's budget execution reports for TSA for fiscal year 2007 show that TSA received $524.4 million for the purchase, installation, maintenance, and operations integration of EDS and ETD machines. The President's fiscal year 2008 budget request includes $692 million for these activities--an increase of $167.6 million over the previous year's appropriations. Most (about 72 percent) of this increase is for installation of EDS and ETD machines.[Footnote 57] In February 2006, TSA officials reported that if some of the top 25 airports do not receive in-line checked baggage screening systems, they will require additional screening equipment to be placed in airport lobbies and additional TSO staffing in order to remain in compliance with the mandate for screening all checked baggage using explosive detection systems. Additionally, in May 2006, TSA reported that under current investment levels, the installation of optimal checked baggage screening systems would not be completed until approximately 2024. According to TSA, as of September 30, 2006, 36 airports had operational in-line systems--18 airports had airport-wide systems, while the remaining 18 airports had systems at a particular terminal or terminals. Over the next 2 years, TSA expects full and partial in-line systems to become operational at 25 additional airports. This level of effort, according to TSA, balances resources with other risks to transportation security. In March 2005, we reported that TSA and airport operators were relying on several sources of funding to construct in-line checked baggage screening systems. One source of funding airport operators initially used was the Federal Aviation Administration's Airport Improvement Program, which traditionally funds grants to maintain safe and efficient airports. With Airport Improvement Program funds no longer available after fiscal year 2003 for this purpose, airports turned to other sources of federal funding to construct in-line systems.[Footnote 58] The fiscal year 2003 Consolidated Appropriations Resolution approved the use of letter of intent agreements as a vehicle to leverage federal government and industry funding to support facility modification costs for installing in-line EDS baggage screening systems.[Footnote 59] TSA also uses other transaction agreements as an administrative vehicle to directly fund, with no long-term commitments, airport operators for smaller in-line airport modification projects.[Footnote 60] Under these agreements, as implemented by TSA, the airport operator provides a portion of the funding required for the modification. To fund the procurement and installation of explosive detection systems in-line, TSA uses annual appropriations and the $250 million mandatory appropriation of the Aviation Security Capital Fund.[Footnote 61] For example, in fiscal years 2005, 2006, and 2007, TSA received appropriations of $175 million, $180 million, and $141.4 million, respectively, for the procurement of explosive detection systems. It received appropriations of $45 million in fiscal years 2005 and 2006, and $138 million in fiscal year 2007 for the installation of explosive detection systems, in addition to the $250 million made available through the capital fund.[Footnote 62] Congress also authorized an additional appropriation of $400 million per year through fiscal year 2007 for airport security improvement projects, including the installation of in-line EDS systems. However, appropriations have not been made under this authorization.[Footnote 63] Figure 5 shows TSA obligated funding levels for EDS installation and integration. Figure 5: TSA Obligated Funding Levels for EDS Installation and Integration: [See PDF for image] Source: Aviation Security Advisory Committee analysis of TSA data. [A] This is an estimate as of August 2006. [End of figure] TSA is collaborating with key stakeholders to identify funding and financing strategies for installing optimal checked baggage screening systems. In August 2006, the Aviation Security Advisory Committee baggage screening investment study working group, of which TSA is a member, released a study outlining an investment strategy for funding TSA's checked baggage screening program.[Footnote 64] According to TSA, this study, which has been provided to the Office of Management and Budget for review, is the final component of TSA's strategic plan for checked baggage screening. The investment study recommended four investment options, including (1) tax credit bonds,[Footnote 65] (2) continued appropriations for the procurement and installation of EDS machines, (3) combined line items for the purchase and installation of EDS machines in order to provide TSA increased flexibility in directing the funding where it is most needed, and (4) enhanced eligibility for the Passenger Facility Charge (PFC).[Footnote 66] The working group estimated that under its recommended approach, the present value cost of the checked baggage screening program is $23.3 billion over the next 20 years. Of these costs, the aviation industry is projected to bear $3.6 billion and the federal government is projected to bear $19.7 billion. According to the working group, the net effect of investing in optimal systems would be to reduce overall life-cycle costs by $1.2 billion relative to the current rate of investment, primarily through TSO staff cost savings and avoidance of increased TSO staff costs in the future. In addition, in its August 2006 study, the working group identified that in order to achieve these cost savings, a formal cost management process is needed given evolving technology and design practices, the various parties involved in design and operation, and the amount of capital investment to be made over the next several years. The working group identified a variety of actions that should be taken by Congress, TSA, and the aviation industry, including implementing a structured process for ongoing government and industry collaboration and increasing program management resources to provide for more substantial TSA involvement throughout the planning, design, and construction process. (App. I includes a complete list of the specific actions the working group identified for Congress, TSA, and the aviation industry.) Federal Action Is Needed to Strengthen Air Cargo Security: In October 2005, we reported that TSA had taken a number of actions intended to strengthen domestic air cargo security, but, as we reported, factors existed that may have limited their effectiveness. Since our report was released, TSA has issued an air cargo security rule that revised some of the requirements air carriers are required to follow to ensure air cargo security, and has drafted new and revised security programs for domestic and foreign passenger and all-cargo carriers that contain more specific security requirements. However, more work remains to ensure that TSA has a comprehensive strategy to secure air cargo that fully incorporates risk management principles. TSA Has Taken Steps to Incorporate Risk Management Principles into Its Decision Making to Secure Domestic Air Cargo, but Most Efforts Are in the Early Stages: TSA has taken steps towards applying a risk-based management approach to addressing domestic air cargo security, including conducting threat assessments. However, opportunities exist to strengthen these efforts. Applying a risk management framework to decision making is one tool to help provide assurance that programs designed to combat terrorism are properly prioritized and focused. TSA has underscored the importance of implementing a risk-based approach that protects against known threats, but that is also sufficiently flexible to direct resources to mitigate new and emerging threats. According to TSA, the ideal risk model would be one that could be used throughout the transportation sector and applicable to different threat scenarios. As part of TSA's risk-based approach, TSA issued an Air Cargo Strategic Plan in November 2003 that focused on securing the domestic air cargo supply chain.[Footnote 67] TSA coordinated with air cargo industry stakeholders representing passenger and all-cargo carriers to develop this plan. TSA officials stated that they are revising their existing domestic air cargo strategic plan, but as of February 5, 2007, agency officials had not set a timeframe for when TSA will complete this revision. TSA's Air Cargo Strategic Plan describes, among other things, an approach for screening or reviewing information on all domestic air cargo shipments to determine their level of relative risk, ensuring that 100 percent of cargo identified as posing an elevated risk is physically inspected, and pursuing technological solutions to physically inspect air cargo. TSA officials anticipate that the agency's system for targeting domestic air cargo, referred to as Freight Assessment, will minimize the reliance on the random physical inspections currently conducted by air carriers. According to agency plans, air carriers would receive targeting information from TSA on specific cargo items identified as posing an elevated risk. Upon notification by TSA's Freight Assessment System, air carrier personnel would be responsible for conducting the inspection of cargo identified as elevated risk. In October 2005, we reported that although TSA had identified data elements that could be used in its Freight Assessment System, the agency had not yet ensured that these data are complete, accurate, and current. We recommended that TSA take steps to do so; however, as of February 2007, TSA has not yet addressed this recommendation. Further, while TSA planned to phase in implementation and deployment of the targeting system for cargo transported on passenger carriers during calendar years 2006 and 2007, as of February 2007, TSA's system for targeting domestic cargo is still under development. In addition to developing a strategic plan, a risk management framework in the homeland security context should include risk assessments, which typically involve three key elements--threats, vulnerabilities, and criticality or consequence. Information from these three assessments provides input for setting priorities, evaluating alternatives, allocating resources, and monitoring security initiatives. In September 2005, TSA's Office of Intelligence (formerly known as the Transportation Security Intelligence Service) completed an overall threat assessment for air cargo, which identified general and specific threats to domestic air cargo.[Footnote 68] However, we reported that TSA had not conducted a vulnerability assessment to identify the range of security weaknesses that could be exploited by terrorists.[Footnote 69] TSA plans to conduct this assessment of domestic air cargo vulnerabilities--as we recommended--and expects it to be completed in late 2007. TSA Has Implemented Measures Intended to Strengthen Domestic Air Cargo Security, but More Work Remains: In October 2005, we reported that TSA had taken a number of actions intended to strengthen domestic air cargo security, but that factors existed that may limit the effectiveness of these actions. For example, we reported that TSA had established a centralized Known Shipper database to streamline the process by which shippers (individuals and businesses) are made known to carriers with whom they conduct business.[Footnote 70] However, at that time, the information in this database on the universe of shippers was incomplete, because participation in this database was voluntary. Moreover, we identified problems with the reliability of the information in the database. TSA estimated that the agency's centralized database contained information on about 400,000 known shippers, or less than one-third of the total population of known shippers, which is estimated to be about 1.5 million. In May 2006, TSA issued an air cargo security rule that included a number of provisions aimed at enhancing the security of air cargo.[Footnote 71] For example, TSA made participation in the Known Shipper database mandatory, requiring air carriers and indirect air carriers to submit information on their known shippers to TSA's Known Shipper database. However, the May 2006 security rule did not modify TSA's current process for validating known shippers, which remains the responsibility of indirect air carriers and air carriers. Accordingly, passenger, all cargo, and indirect air carriers will continue to be responsible for determining the integrity of the shipper, which may allow for potential conflicts of interest because air carriers who conduct business with shippers will also continue to have the authority to validate these same shipping customers. In October 2005, we also reported that TSA had established requirements for air carriers to randomly inspect air cargo, but had exempted some cargo from inspection, potentially creating security weaknesses.[Footnote 72] We recommended that TSA examine the rationale for existing air cargo inspection exemptions, determine whether such exemptions leave the air cargo system unacceptably vulnerable to terrorist attack, and make any needed adjustments to the exemptions. TSA established a working group to examine the rationale for existing air cargo inspection exemptions, and in October 2006, issued a security directive and emergency amendment to domestic and foreign passenger air carriers operating within and from the United States that limited the inspection exemptions. According to TSA officials, the agency is still considering revisions to the inspection exemptions for cargo being transported into the United States. In October 2005, we also reported that TSA conducted compliance inspections of air carriers to ensure that they were complying with existing air cargo security requirements. These compliance inspections ranged from a comprehensive review of the implementation of all air cargo security requirements by an air carrier or indirect air carrier to a review of just one or several security requirements.[Footnote 73] However, TSA had not developed measures to assess the adequacy of air carrier compliance with air cargo security requirements, or assessed the results of its compliance inspections to target higher-risk air carriers or indirect air carriers for future reviews. More recently, TSA reported that the agency has increased the number of inspectors dedicated to conducting air cargo inspections, and has begun analyzing the results of the compliance inspections to help focus their inspections on those entities that have the highest rates of noncompliance. For fiscal year 2008, the President's budget includes a request of about $56 million for TSA's air cargo security program, which includes funding for, among other things, 300 air cargo security inspectors, TSA-certified canines for air cargo related activities, and the development and deployment of a Freight Assessment System to target elevated-risk cargo. In addition to taking steps to strengthen inspections of air cargo, TSA is working to enhance air cargo screening technologies. Specifically, TSA, together with DHS's S&T, is currently developing and pilot testing a number of technologies to assess their applicability to inspecting and securing air cargo. These efforts include: * an air cargo explosives detection pilot program implemented at three airports, testing the use of explosive detection systems, explosive trace detectors, standard X-ray machines, canine teams, technologies that can locate a stowaway through detection of a heartbeat or increased carbon dioxide levels in cargo, and manual inspections of air cargo;[Footnote 74] * an EDS pilot program, which is testing the use of computer-aided tomography to measure the densities of objects in order to identify potential explosives in air cargo;[Footnote 75] * an air cargo security seals pilot, which is exploring the viability of potential security countermeasures, such as tamper-evident security seals, for use with certain classifications of exempt cargo; * the use of hardened unit-loading devices, which are containers made of blast-resistant materials that could withstand an explosion onboard the aircraft; and: * the use of pulsed fast neutron analysis, which allows for the identification of the material signatures of contraband, explosives, and other threat objects. According to TSA officials, the agency will determine whether it will require the use of any of these technologies once it has completed its assessments and analyzed the results. However, TSA has not established a timeframe for completing these assessments. According to TSA officials, the federal government and the air cargo industry face several challenges that must be overcome to effectively implement any of these technologies to inspect or secure air cargo. These challenges include factors such as the nature, type, and size of the cargo; environmental and climatic conditions; inspection throughput rates; staffing and training issues for individuals who inspect air cargo; the location of air cargo facilities (centralized versus decentralized); cost and availability; and employee health and safety concerns. To effectively inspect domestic air cargo that TSA deems to pose an elevated risk, the agency will need to make decisions regarding which technologies will be used to inspect such cargo. According to TSA officials, there is no single technology capable of efficiently and effectively inspecting all types of air cargo for the full range of potential terrorist threats, including explosives and weapons of mass destruction. We will soon report on the second phase of our review of air cargo security, which focuses on DHS's efforts to secure air cargo that is transported into the United States from abroad, referred to as inbound air cargo. This report will address (1) the actions TSA and CBP have taken to secure inbound air cargo, and how, if at all these efforts could be strengthened; and (2) the practices the air cargo industry and select foreign governments have adopted that could be used to enhance TSA's efforts to strengthen inbound air cargo security, and the extent to which TSA and CBP have worked with foreign governments to enhance their air cargo security efforts. Concluding Observations: DHS and TSA have undertaken numerous initiatives to strengthen the security of the nation's aviation system, and should be commended for these efforts. Meeting the congressional mandates to screen airline passengers and checked baggage alone was a tremendous challenge. Since that time, TSA has turned its attention to strengthening passenger prescreening, more efficiently allocating and deploying TSOs, strengthening screening procedures, developing and deploying more effective and efficient screening technologies, and improving domestic air cargo security, among other efforts. TSA has made progress in all of these areas, but opportunities exist to further strengthen their efforts, in particular in the areas of risk-based decision making, program planning and monitoring, and stakeholder collaboration. Our work has shown--in homeland security and in other areas--that a comprehensive risk management approach can help inform decision makers in the allocation of finite resources to the areas of greatest need. We are encouraged that risk management has been a cornerstone of DHS and TSA policy, and that TSA has implemented risk-based decision making into a number of its efforts. Despite this commitment, however, TSA will continue to face difficult decisions and trade-offs--particularly as threats to commercial aviation evolve--regarding acceptable levels of risk and the need to balance security with efficiency and customer service. We recognize that doing so will not be easy. In implementing a risk-based approach, DHS and TSA must also address the challenges we identified in our work related to program planning, risk assessments, and implementation and monitoring of aviation security programs. Without rigorous planning and prioritization, and knowledge of the effectiveness of aviation security programs, DHS and TSA cannot be sure that they are focusing their finite resources on the areas of greatest need. Risk-based decision making will be particularly important as TSA begins to place more focus on the security of non-aviation modes of transportation, including passenger rail, and resource decisions and related trade-offs will have to be made not only within aviation, but across all transportation modes. TSA must also continue its work to strengthen partnerships with other federal agencies, state and local governments, the private sector, and international partners to improve the security of the commercial aviation system. Securing all aspects of commercial aviation is shared a responsibility among these parties. Accordingly, it is important that all stakeholders be involved, as appropriate, in coordinating security- related priorities and activities, and reviewing and sharing best practices and developing common security frameworks. Such efforts are particularly important with international partners due to our interdependence with foreign nations in securing the aviation system-- as evidenced by the recent alleged terrorist plot to detonate liquid explosives onboard multiple aircraft departing the United Kingdom for the United States. TSA has strengthened its coordination efforts with domestic and international partners, which has aided its security efforts and helped to avoid duplication of effort. Existing risk-based decision making, program planning and monitoring, and coordination efforts will need to continue and be strengthened as TSA works to address continuing challenges and threats facing commercial aviation. Mr. Chairman, this concludes my statement. I would be pleased to answer any questions that you or other members of the committee may have at this time. Contact Information: For further information on this testimony, please contact Cathleen A. Berrick, (202) 512-3404 or berrickc@gao.gov. Contact points for our Offices of Congressional Relations and Public Affairs may be found on the last page of this statement. In addition to the contact named above, Mike Bollinger, Kristy Brown, Carissa Bryant, Tony Cheesebrough, Kevin Copping, Christine Fossett, Samantha Goodman, John Hansen, Mike Harmond, Dawn Hoff, Suzanne Heimbach, Adam Hoffman, Anne Laffoon, Thomas Lombardi, Steve Morris, Katrina Moss, Mona Nichols-Blake, Leslie Sarapu, Brian Sklar, Edith Sohna, Maria Strudwick, Meg Ullengren, and Candice Wright made contributions to this testimony. [End of section] Appendix I: Key Actions for Congress, TSA, and the Aviation Industry, as Recommended by the Baggage Screening Investment Study Working Group: In August 2006, the Aviation Security Advisory Committee baggage screening investment study working group, of which TSA is a member, released a study outlining an investment strategy for the funding of TSA's checked baggage screening program.[Footnote 76] The working group's investment study identified five key actions that should be taken by Congress, TSA, and the aviation industry, respectively, with regard to funding these systems. Table 3 provides a summary of the key actions identified by the working group. Table 3: Summary of key actions for Congress, TSA, and the aviation industry, as recommended by the baggage screening investment study working group: Congress: Authorize a voluntary tax credit bond program of $3 billion for fiscal years 2008 through 2011, which airports could access to fund the infrastructure necessary for automated EDS baggage screening systems; TSA: Finalize and publish the draft baggage screening investment study guidelines developed by the baggage screening investment study technical team. Include a detailed explanation of the upgraded design review and approval process in the baggage screening investment study guidelines. Update the baggage screening investment study guidelines at least yearly to reflect ongoing lessons learned; Aviation industry: Use upcoming industry conferences to communicate the key findings and recommendations of the baggage screening investment study. Congress: Permit use of tax credit bonds for refunding by airports or airlines that have or will self-fund their in-line screening systems through the tax credit bond authorization period (with the airport facilitating conduit financing on behalf of airlines as needed, as tax credit bonds require the issuer to be a public entity); TSA: Issue detailed funding guidance to the aviation industry explaining the alternatives available for funding baggage screening systems and communicate the process and business rules to access facility modification grants for airports and airlines not wishing or not able to use the tax credit bond program; Aviation industry: For those airports and airlines that have already developed designs for in-line systems but not yet initiated construction, prepare refined designs consistent with the baggage screening investment study guidelines. Congress: Continue or increase the existing rate of annual appropriations for purchase and installation of EDS equipment ($435 million per year, escalating annually). TSA would be responsible for prioritizing the use of these funds, which could include provision of (a) equipment to airports that use the voluntary tax credit bond program, (b) grants and equipment to airports and airlines that do not use the voluntary tax credit bond program, (c) grants to airports and airlines requiring reimbursement for self-funded optimal screening systems that do not use the tax credit bond program, (d) ongoing support for expansion of optimal screening systems to accommodate future traffic growth, and (e) life-cycle replacement and refurbishment of previously installed equipment; TSA: Provide Congress with requested information regarding an estimated deployment timeline on an airport-by-airport basis; Aviation industry: Create integrated local design teams for individual design efforts to facilitate stakeholder coordination at the local level. Congress: Eliminate any restrictions associated with combining purchase and installation funds to provide TSA with increased flexibility to manage the impact of the voluntary tax credit bond program; TSA: Work with DHS and equipment manufacturers to actively manage the timely development and deployment of new screening technologies critical to the costs and performance assumptions in the baggage screening investment study; Aviation industry: Develop contracts with baggage handling systems designers, suppliers, and other associated contractors that require compliance with the baggage screening investment study guidelines and the performance standards specified therein. Congress: Enhance passenger facility charge program flexibility to include (a) tax credit bond sinking fund payments and (b) modification or construction of exclusive-use outbound baggage systems to accommodate EDS screening systems; TSA: Establish an integrated national deployment team composed of representatives from TSA, airport, airline, and key industry trade associations to actively and collaboratively manage the cost and quality of automated EDS baggage screening systems at a national level; Aviation industry: Actively participate in the integrated national deployment team, including providing dedicated representatives to work with TSA during the initial deployment of optimal screening systems to all categories X, I, II, and III airports. Source: Aviation Security Advisory Committee: [End of table] [End of section] Related GAO Products: Airline Passenger Prescreening: Transportation Security Administration's Office of Intelligence: Responses to Post Hearing Questions on Secure Flight. GAO-06-1051R. Washington D.C.: August 4, 2006. Aviation Security: Management Challenges Remain for the Transportation Security Administration's Secure Flight Program. GAO-06-864T. Washington D.C.: June 14, 2006. Aviation Security: Significant Management Challenges May Adversely Affect Implementation of the Transportation Security Administration's Secure Flight Program. GAO-06-374T. Washington, D.C.: Feb. 9, 2006. Aviation Security: Transportation Security Administration Did Not Fully Disclose Uses of Personal Information During Secure Flight Program Testing in Initial Privacy Notes, but Has Recently Taken Steps to More Fully Inform the Public. GAO-05-864R. Washington, D.C.: July 22, 2005. Aviation Security: Secure Flight Development and Testing Under Way, but Risks Should Be Managed as System Is Further Developed. GAO-05-356. Washington, D.C.: March 28, 2005. Aviation Security: Measures for Testing the Effect of Using Commercial Data for the Secure Flight Program. GAO-05-324. Washington, D.C.: Feb. 23, 2005. Aviation Security: Challenges Delay Implementation of Computer- Assisted Passenger Prescreening System. GAO-04-504T. Washington, D.C.: March 17, 2004. Aviation Security: Computer-Assisted Passenger Prescreening System Faces Significant Implementation Challenges. GAO-04-385. Washington, D.C.: Feb. 13, 2004. Airline Passenger Checkpoint and Checked Baggage Screening: Aviation Security: TSA Oversight of Checked Baggage Screening Procedures Could Be Strengthened. GAO-06-869. Washington, D.C.: July 28, 2006. Aviation Security: TSA Has Strengthened Efforts to Plan for the Optimal Deployment of Checked Baggage Screening Systems but Funding Uncertainties Remain. GAO-06-875T. Washington, D.C.: June 29, 2006. Aviation Security: Enhancements Made in Passenger and Checked Baggage Screening, but Challenges Remain. GAO-06-371T. Washington, D.C.: April 4, 2006. Aviation Security: Transportation Security Administration Has Made Progress in Managing a Federal Security Workforce and Ensuring Security at U.S. Airports, but Challenges Remain. GAO-06-597T. Washington, D.C.: April 4, 2006. Aviation Security: Better Planning Needed to Optimize Deployment of Checked Baggage Screening Systems. GAO-05-896T. Washington, D.C.: July 13, 2005. Aviation Security: Screener Training and Performance Measurement Strengthened, but More Work Remains. GAO-05-457. Washington, D.C.: May 2, 2005. Aviation Security: Systematic Planning Needed to Optimize the Deployment of Checked Baggage Screening Systems. GAO-05-365. Washington, D.C.: March 15, 2005. Aviation Security: Challenges Exist in Stabilizing and Enhancing Passenger and Baggage Screening Operations. GAO-04-440T. Washington, D.C.: Feb. 12, 2004. Airport Passenger Screening: Preliminary Observations on Progress Made and Challenges Remaining. GAO-03-1173. Washington, D.C.: Sept. 24, 2003. Air Cargo: Aviation Security: Federal Action Needed to Strengthen Domestic Air Cargo Security. GAO-06-76. Washington, D.C.: Oct. 17, 2005. Aviation Safety: Undeclared Air Shipments of Dangerous Goods and DOT's Enforcement Approach. GAO-03-22. Washington, D.C.: Jan. 10, 2003. Aviation Security: Vulnerabilities and Potential Improvements for the Air Cargo System. GAO-03-344. Washington, D.C.: Dec. 20, 2002. In-Flight Security: Aviation Security: Further Study of Safety and Effectiveness and Better Management Controls Needed If Air Carriers Resume Interest in Deploying Less-than-Lethal Weapons. GAO-06-475. Washington, D.C.: May 26, 2006. Aviation Security: Federal Air Marshal Service Could Benefit from Improved Planning and Controls, GAO-06-203. Washington, D.C.: Nov. 28, 2005. Aviation Security: Flight and Cabin Crew Member Security Training Strengthened, but Better Planning and Internal Controls Needed. GAO-05- 781. Washington, D.C.: Sept. 6, 2005. Aviation Security: Federal Air Marshal Service Is Addressing Challenges of Its Expanded Mission and Workforce, but Additional Actions Needed. GAO-04-242. Washington, D.C.: Nov. 19, 2003. Aviation Security: Information Concerning the Arming of Commercial Pilots. GAO-02-822R. Washington, D.C.: June 28, 2002. Perimeter Security, Access Controls, and General Aviation: Homeland Security: Agency Resources Address Violations of Restricted Airspace, but Management Improvements Are Needed. GAO-05-928T. Washington, D.C.: July 21, 2005. General Aviation Security: Increased Federal Oversight Is Needed, but Continued Partnership with the Private Sector Is Critical to Long-Term Success. GAO-05-144. Washington, D.C.: Nov. 10, 2004. Aviation Security: Further Steps Needed to Strengthen the Security of Commercial Airport Perimeters and Access Controls. GAO-04-728. Washington, D.C.: June 4, 2004. Aviation Security: Challenges in Using Biometric Technologies. GAO-04- 785T. Washington, D.C.: May 19, 2004. Nonproliferation: Further Improvements Needed in U.S. Efforts to Counter Threats from Man-Portable Air Defense Systems. GAO-04-519. Washington, D.C.: May 13, 2004. Aviation Security: Factors Could Limit the Effectiveness of the Transportation Security Administration's Efforts to Secure Aerial Advertising Operations. GAO-04-499R. Washington, D.C.: March 5, 2004. The Department of Homeland Security Needs to Fully Adopt a Knowledge- based Approach to Its Counter-MANPADS Development Program. GAO-04-341R. Washington, D.C.: Jan. 30, 2004. Other Aviation Security: Homeland Security: Progress Has Been Made to Address the Vulnerabilities Exposed by 9/11, but Continued Federal Action Is Needed to Further Mitigate Security Risks. GAO-07-375. Washington, D.C.: Jan. 24, 2007. Terrorist Watch List Screening: Efforts to Help Reduce Adverse Effects on the Public. GAO-06-1031. Washington, D.C.: Sept. 29, 2006. Transportation Security Administration: More Clarity on the Authority of Federal Security Directors Is Needed. GAO-05-935. Washington, D.C.: Sept. 23, 2005. Aviation Security: Improvement Still Needed in Federal Aviation Security Efforts. GAO-04-592T. Washington, D.C.: March 30, 2004. Aviation Security: Efforts to Measure Effectiveness and Strengthen Security Programs. GAO-04-285T. Washington, D.C.: Nov. 20, 2003. Aviation Security: Efforts to Measure Effectiveness and Address Challenges. GAO-04-232T. Washington, D.C.: Nov. 5, 2003. Aviation Security: Progress Since September 11, 2001, and the Challenges Ahead. GAO-03-1150T. Washington, D.C.: Sept. 9, 2003. Airport Finance: Past Funding Levels May Not Be Sufficient to Cover Airports' Planned Capital Development. GAO-03-497T. Washington, D.C.: Feb. 25, 2003. Airport Finance: Using Airport Grant Funds for Security Projects Has Affected Some Development Projects. GAO-03-27. Washington, D.C.: Oct. 15, 2002. Commercial Aviation: Financial Condition and Industry Responses Affect Competition. GAO-03-171T. Washington, D.C.: Oct. 2, 2002. Aviation Security: Transportation Security Administration Faces Immediate and Long-Term Challenges. GAO-02-971T. Washington, D.C.: July 25, 2002. Aviation Security: Vulnerabilities in, and Alternatives for, Preboard Screening Security Operations. GAO-01-1171T. Washington, D.C.: Sept. 25, 2001. Aviation Security: Weaknesses in Airport Security and Options for Assigning Screening Responsibilities. GAO-01-1165T. Washington, D.C.: Sept. 21, 2001. Aviation Security: Terrorist Acts Demonstrate Urgent Need to Improve Security at the Nation's Airports. GAO-01-1162T. Washington, D.C.: Sept. 20, 2001. Aviation Security: Terrorist Acts Illustrate Severe Weaknesses in Aviation Security. GAO-01-1166T. Washington, D.C.: Sept. 20, 2001. Note: GAO Products that are not available to the public because they are considered Security Sensitive Information, Law Enforcement Sensitive, or National Security Secret are not included in this list of related products. [End of section] FOOTNOTES [1] TSA also requires that both U.S. and foreign air carriers utilize the No Fly and Selectee Lists to prescreen passengers prior to conducting operations to, from, or within the United States, in accordance with TSA security directives. [2] Indirect air carriers are entities that consolidate air cargo from multiple shippers and deliver it to air carriers to be transported. [3] See Pub. L. No. 107-71, 115 Stat. 597 (2001). [4] Other federal entities involved in securing or safeguarding air cargo include the Department of Homeland Security-U.S. Customs and Border Protection, the United States Postal Service, the Department of Commerce, the Department of Transportation, and the Department of the Treasury. [5] See Pub. L. No. 108-458, § 4012(a)(1)-(2), 118 Stat. 3638, 3714-19 (codified at 49 U.S.C. §§ 44903(j)(2)(C), 44909(a)(6)). [6] Currently, TSA requires that both U.S. and foreign air carriers utilize the No Fly and Selectee lists to prescreen passengers prior to conducting operations to, from, or within the United States, in accordance with TSA security directives. [7] GAO, Aviation Security: Significant Management Challenges May Adversely Affect Implementation of the Transportation Security Administration's Secure Flight Program, GAO-06-374T (Washington, D.C.: Feb. 9, 2006). GAO, Aviation Security: Secure Flight Development and Testing Under Way, but Risks Should Be Managed as System Is Further Developed, GAO-05-356 (Washington, D.C.: Mar. 28, 2005). [8] Following the events of September 11, and in accordance with ATSA, TSA began an effort in March 2003 to develop a new computer-assisted passenger prescreening system known as CAPPS II. See 49 U.S.C. § 44903(j)(2)(A). Because of a variety of delays and challenges, in August 2004, DHS cancelled the development of CAPPS II. In its place, TSA announced that it would develop a new prescreening program called Secure Flight. [9] Although the air carriers currently conduct the watch list matching and CAPPS prescreening functions, these processes are required and overseen by TSA. [10] In addition to name matching prescreening activities, CBP also prescreens travelers by evaluating the authenticity and completeness of passengers' passports and other travel documents as part of its travel document review procedures. CBP also attempts to identify high-risk travelers on international flights through its Automated Targeting System--Passenger (ATS-P). Under this risk assessment program, CBP conducts a risk-targeting process by evaluating passenger information (for both passengers departing from and for the United States) against risk assessment rules and algorithms within the ATS-P. The ATS-P compares passenger information against data from numerous national intelligence and law enforcement databases to identify those travelers who are likely to present a higher risk, so that CBP can interdict and further screen these travelers. [11] As passengers are not required to present a passport to board domestic flights, the name matching process for domestic flights primarily uses only PNR data, not APIS data. [12] See 19 C.F.R. §§ 122.49a, 122.75a (establishing the electronic manifest transmission requirements for passengers onboard commercial aircraft arriving in or departing from the United States). [13] 71 Fed. Reg. 40,035 (July 14, 2006). A notice of proposed rulemaking provides notice to interested or affected parties of an agency's anticipated regulatory action and an opportunity for such parties to comment on this action before implementation. [14] TSA also allows airports to apply to opt-out of federal screening and to use private screeners under contract with TSA. See 49 U.S.C. § 44920. Six airports currently have screening operations conducted by private screening contractors under TSA's Screening Partnership Program. [15] Sterile areas are located within the terminal where passengers are provided access to boarding aircraft. Access to these areas is controlled by TSOs (or by non-federal screeners at airports participating in the Screener Partnership Program) at checkpoints where they conduct physical screening of individuals and their carry-on baggage for weapons and explosives. [16] TSOs must deny passage beyond the screening location to any individual or property that has not been screened or inspected in accordance with passenger screening standard operating procedures. If an individual refuses to permit inspection of any item, that item must not be allowed into the sterile area or onboard an aircraft. [17] At some airports, some passengers may also be screened by walking through an explosives trace portal--a machine that detects trace amounts of explosives on persons. [18] Explosive detection systems use computer-aided tomography X-rays to examine objects inside baggage and identify the characteristic signatures of threat explosives. This equipment operates in an automated mode. [19] Explosive trace detection works by detecting vapors and residues of explosives. Human operators collect samples by rubbing bags with swabs, which are chemically analyzed to identify any traces of explosive materials. [20] Positive passenger bag match requires that passengers be on the same aircraft as their checked baggage. According to TSA officials, this procedure is rarely used. [21] As of January 2007, TSA security programs include (1) Aircraft Operators Standard Security Program, which applies to domestic passenger air carriers; (2) Indirect Air Carrier Standard Security Program, which applies to domestic indirect air carriers; (3) Domestic Security Integration Program, a voluntary program that applies to domestic all-cargo carriers; (4) the Twelve-Five Program, which applies to certain operators of aircraft weighing more than 12,500 pounds in scheduled or charter service that carry passengers, cargo, or both; (5) Model Security Program, which applies to foreign passenger air carriers; and (6) All-Cargo International Security Procedures, which applies to each foreign air carrier engaged in the transportation of cargo to, from, within, or overflying the United States in all-cargo aircraft with a maximum certified takeoff weight of more than 12,500 pounds. TSA drafted new security programs for foreign and domestic all- cargo carriers with operations to, from, and within the United States. TSA expects to finalize these programs in early 2007. [22] The International Civil Aviation Organization defines a regulated agent as an agent, freight forwarder, or any other entity that conducts business with an aircraft operator and provides security controls that are accepted or required by the appropriate government authority with respect to cargo or mail. [23] DHS's budget execution reports are monthly statements that reflect the Department's financial activity. [24] In our analysis of DHS's budget execution reports and the President's fiscal year 2008 budget request for TSA, we included funding specifically designated for aviation security and funding for other programs, projects, and activities related to aviation security, to the extent they were identifiable. In addition, these aviation security totals do not reflect funding for activities that may support TSA's aviation security programs and projects, such as intelligence and administration, because TSA's documentation does not identify the proportion of funding dedicated to support aviation security. Also, during this time period, a number of aviation security related activities were transferred in or out of TSA's jurisdiction, which impact TSA funding levels for the affected fiscal years. [25] GAO-05-356. [26] GAO-05-356. [27] The Department of Homeland Security Appropriations Act, 2007, mandates that GAO review and confirm, upon the department's certification, that the Secure Flight Program meets the 10 conditions listed in section 522(a) of Public Law 108-334. See Pub. L. No. 109- 295, § 514, 120 Stat 1355, 1379 (2006). See also Pub. L. No. 108-334, § 522, 118 Stat. 1298, 1319-20 (2004). We are also conducting our ongoing review in response to requests from the United States Senate: the Committee on Commerce, Science, and Transportation, and its Subcommittee on Aviation; Committee on Appropriations, Subcommittee on Homeland Security; Committee on Homeland Security and Governmental Affairs; Committee on Judiciary; also the House of Representatives: Committee on Transportation and Infrastructure, Committee on Homeland Security; and the Chairman of the Committee on Government Reform. [28] We have ongoing work that includes collecting information about the identity-matching systems currently used by air carriers to match information for passengers on domestic flights against information on the No Fly and Selectee Lists derived from the TSDB. Air carriers will continue to conduct this name matching until Secure Flight becomes fully operational. Our interviews with officials from the 15 air carriers is part of this ongoing review of the air carriers' domestic identity matching efforts. In that we did not use probability sampling methods to select these 15 air carriers, information provided by officials from these air carriers cannot be generalized to other air carriers. [29] Privacy Act of 1974, Pub. L. No. 93-579, 88 Stat. 1896 (codified as amended at 5 U.S.C. § 552a). [30] GAO, Aviation Security: Transportation Security Administration Did Not Fully Disclose Uses of Personal Information During Secure Flight Program Testing in Initial Privacy Notes, but Has Recently Taken Steps to More Fully Inform the Public, GAO-05-864R (Washington, D.C.: July 22, 2005). [31] GAO-05-356. [32] GAO-06-374T and GAO-05-356. [33] GAO, Aviation Security: Efforts to Strengthen International Passenger Prescreening are Under Way, But Planning and Implementation Issues Remain, GAO-07-55SU (Washington, D.C.: November 2006). This report contains information considered to be Security Sensitive Information. [34] GAO, Aviation Security: Challenges Exist in Stabilizing and Enhancing Passenger and Baggage Screening Operations, GAO-04-440T (Washington, D.C.: Feb. 12, 2004). [35] As part of TSA's Screening Partnership Program, six airports used private contract screeners in lieu of federal TSOs during fiscal year 2006. Despite the fact that these airports do not use federal screeners, TSA still used the Staffing Allocation Model to determine the full-time equivalent screening staff at each of these airports for fiscal year 2006. These staffing levels, as determined by the model, were to serve as a limit on the number of private screeners that the private screening contractors could employ. According to TSA, the 1,702 total full-time equivalent staffing allocation at these airports does not count against TSA's nationwide ceiling of 45,000 full-time equivalents for TSO staff. In addition, according to the President's fiscal year 2008 budget request for TSA, TSA is accepting two additional airports--Key West and Marathon Florida--with a combined total of 30 full-time equivalent TSOs, into the Screening Partnership Program. [36] According to the President's fiscal year 2008 budget request, under previous passenger checkpoint screening procedures (prior to August 10, 2006), airport contract employees conducted all document checking for passengers approaching the checkpoint. TSA has determined that a security gap exists in verifying the documentation of the traveling public, and is seeking to close this gap to better meet its security responsibilities through more rigorous document checking procedures than those being done by private industry. [37] We visited 14 airports as part of this ongoing review. We did not use probability sampling methods to select the airports at which the FSDs were located; therefore, information provided by these FSDs cannot be generalized to other airports. [38] The Intelligence Reform and Terrorism Prevention Act of 2004, enacted in December 2004, required TSA to, among other things, develop and submit to the Senate Committee on Commerce, Science, and Transportation, and the House of Representatives Committee on Transportation and Infrastructure, standards for determining the aviation security staffing for all airports at which TSA provides or oversees screening services by March 2005. These standards are to provide the necessary levels of aviation security and ensure that the average aviation security related delay experienced by passengers is minimized. The Intelligence Reform and Terrorism Prevention Act also mandated that we conduct an analysis of TSA's staffing standards. Pub. L. No. 108-458, § 4023, 118 Stat. 3638, 3723-24 (2004). [39] GAO, Airport Passenger Screening: Preliminary Observations on Progress Made and Challenges Remaining, GAO-03-1173 (Washington, D.C.: Sept. 24, 2003). [40] GAO, Aviation Security: Screener Training and Performance Measurement Strengthened but More Work Remains, GAO-05-457 (Washington, D.C.: May 2, 2005). [41] We will report on the results of this work later this year. [42] In December 2005, TSA revised the prohibited and permitted items list by removing (1) metal scissors with pointed tips and a blade 4 inches or less in length as measured from the fulcrum and (2) tools-- such as pliers, screwdrivers, and wrenches--7 inches or less in length (excluding crowbars, drills, hammers, and saws) from the list. Pursuant to the change, passengers are able to bring these items onboard commercial aircraft on domestic flights and international flights departing the United States. See 70 Fed. Reg. 79,930 (Dec. 8, 2005). In addition to assessing the December 2005 prohibited items list change as part of our ongoing review of TSA's process for modifying passenger checkpoint screening procedures, we recently initiated a mandated review of the public safety impacts and risks, if any, of TSA's decision to allow small and tools onboard aircraft, and will report on the results of this work later this year. [43] TSA conducted tests of several proposed procedures that officials believed would have a significant impact on how TSOs perform daily screening functions, TSO training, and customer acceptance. [44] Covert testing involves TSA headquarters officials (national testing) or TSA field staff and other federal employees (local testing) attempting to carry simulated threat objects through the checkpoint without the objects being detected by TSOs. The results of the local covert tests are sensitive security information and the results of national covert tests are classified, and therefore are not included in this testimony. [45] GAO, Transportation Security Administration: Actions and Plans to Build a Results Oriented Culture, GAO-03-190 (Washington, D.C.: January 2003). [46] The nonstandard ways that the machines are used is sensitive security information. [47] Certain information we obtained and analyzed regarding explosives detection technologies and their effectiveness in TSA's checked baggage screening operations is classified or is considered by TSA to be sensitive security information. Accordingly, the results of our review of this information have been removed from this testimony. [48] GAO, Aviation Security: TSA Oversight of Checked Baggage Screening Procedures Could Be Strengthened, GAO-06-869 (Washington, D.C.: Jul. 28, 2006). [49] See H.R. Conf. Rep. No. 109-699, at 113 (2006) (accompanying H.R. 5441, enacted into law as the Department of Homeland Security Appropriations Act, 2007, Pub. L. No.109-295, 120 Stat. 1362 (2006)). [50] DHS's S&T is responsible for research and development of checkpoint technologies related to aviation security, managing the activities conducted at the Transportation Security Laboratory, and coordinating these efforts with TSA. TSA's Passenger Screening Program is responsible for evaluating and deploying systems to detect explosives and weapons concealed on persons or in carry-on items, while strengthening access control, improving screener performance, and reducing staffing requirements. [51] Research and development projects generally fall within the following phases: (1) basic research includes all scientific efforts and experimentation directed to increase knowledge and understanding in the fields of science related to long-term national needs; (2) applied research includes efforts directed toward solving specific problems with a focus on developing and evaluating the feasibility of proposed solutions; (3) advanced development includes efforts directed toward the development of hardware for field experiments; and (4) operational testing includes evaluation of technologies in a realistic operating environment to assess the performance or cost reduction potential of advanced technology. [52] GAO-05-365. [53] TSA was required to provide for the screening of all checked baggage for explosives using explosive detection systems by December 31, 2003. See 49 U.S.C. § 44901(d). [54] TSA has projected that the number of originating domestic and international passengers will rise by about 127 million passengers over current levels by 2010. If TSA's current estimate of an average of 0.76 checked bags per passenger were to remain constant through 2010, TSA would be screening about 96 million more bags than it now screens. This could increase airports' need to rely on alternative screening procedures in the future in the absence of additional or more efficient checked baggage screening systems. [55] TSA, Recommended Security Guidelines for Airport Planning, Design and Construction, Revised June 15, 2006. [56] According to TSA, these 250 airports process 99 percent of all checked baggage transported. [57] The President's fiscal year 2008 budget request acknowledges that it does not take into account amounts from the Aviation Security Capital Fund because the Fund was only authorized through fiscal year 2007. As such, although the amount requested for installation reflects an increase of $121 million from the amount specifically appropriated in fiscal year 2007, it also reflects an overall decrease of $129 million in total funding from fiscal year 2007 absent the $250 million previously available from the Fund. [58] The Consolidated Appropriations Act, 2004, prohibited the use of Airport Improvement Program funds for activities related to the installation of in-line explosive detection systems. See Pub. L. No. 108-199, 118 Stat. 3, 283. The Consolidated Appropriations Act, 2005, and the Department of Transportation Appropriations Act, 2006, continued this prohibition. See Pub. L. No. 108-447, 118 Stat. 2809, 3203 (2004); Pub. L. No. 109-115, 119 Stat. 2396, 2400-01 (2005). [59] Consolidated Appropriations Resolution, 2003, Pub. L. No. 108-7, § 367, 117 Stat. 423-24. The letter of intent agreements entered into between TSA and the airport authorities, though not a binding commitment of federal funding, represent TSA's intent to reimburse the airport authority for costs incurred in executing the security improvement project--in future years and up to the agreed upon amount- -contingent upon the receipt and availability of sufficient appropriations to fulfill the agreement. [60] Other transaction agreements are administrative vehicles used by TSA to directly fund airport operators for smaller airport modification projects without undertaking a long-term commitment. These transactions take many forms and are generally not required to comply with federal laws and regulations that apply to contracts, grants, or cooperative agreements; and enable the federal government and others entering into these agreements to freely negotiate provisions that are mutually agreeable. [61] The Aviation Security Capital Fund provides TSA with a mandatory appropriation of $250 million for each of fiscal years 2004 through 2007 in support of airport improvement projects related to the installation of explosive detection systems. See 49 U.S.C. § 44923. A provision of the DHS Appropriations Act, 2004, precluded the use of passenger security fees to establish the capital fund in fiscal year 2004, but the capital fund has been made available to TSA in each of fiscal years 2005 through 2007. Congress must reauthorize the capital fund for it to continue beyond fiscal year 2007. [62] Of the $250 million available through the Aviation Security Capital Fund, $125 million is designated as priority funding to fulfill letters of intent, with the remaining $125 million available for allocation in accordance with a formula based on the size of the airport and risks to aviation security. See 49 U.S.C. § 44923(h). [63] Funds appropriated pursuant to this authorization must follow the same 50 percent split as mandated under the Aviation Security Capital Fund. See 49 U.S.C. § 44923(i). [64] Aviation Security Advisory Committee Working Group Report, Baggage Screening Investment Study Prepared for the Aviation Security Advisory Committee, August 9, 2006. [65] Tax credit bonds are bonds where bondholders receive credit against their federal income tax liabilities instead of cash interest. [66] The Passenger Facility Charge Program allows the collection of PFC fees up to $4.50 for every enplaned passenger at commercial airports controlled by public agencies. Airports use these fees to fund FAA- approved projects that enhance safety, security, or capacity; reduce noise; or increase air carrier competition. [67] U.S. Department of Homeland Security, TSA's Air Cargo Strategic Plan, November 2003. [68] TSA's Office of Intelligence (formerly know as the Transportation Security Intelligence Service) does not independently gather intelligence information but rather produces threat assessments using available intelligence from sources such as DHS's Directorate of Information Analysis, the Federal Bureau of Investigation, and the Central Intelligence Agency. The details of TSA's threat assessment are classified. [69] At the departmental level, DHS does not have any efforts under way specifically aimed at assessing the vulnerabilities of inbound air cargo. However, agency officials stated that the Office of Infrastructure Protection, an office within DHS charged with coordinating national critical infrastructure protection efforts, is coordinating with TSA on conducting risk assessments associated with U.S. airports. [70] A known shipper is an individual or business with an established history of shipping cargo on passenger carriers. [71] 71 Fed. Reg. 30,478 (May 26, 2006). [72] GAO, Aviation Security: Federal Action Needed to Strengthen Domestic Air Cargo Security, GAO-06-76 (Washington, D.C.: October 2005). [73] TSA compliance inspections are fundamentally different from air carriers' inspections of air cargo. TSA inspections are designed to ensure air carrier compliance with air cargo security requirements, while air carrier inspections focus on ensuring that air cargo does not contain an improvised explosive device or human stowaway. [74] The Conference Report accompanying the Department of Homeland Security Appropriations Act, 2006, Pub L. No. 109-90, directed $30 million to the Science and Technology Directorate to conduct three cargo screening pilot programs testing different concepts of operation. See H.R. Conf. Rep. No. 109-241, at 53 (2005). [75] Computer-aided tomography is a method of producing a three- dimensional image of the internal structures of an object from a large series of two-dimensional X-ray images taken around a single axis of rotation. [76] Aviation Security Advisory Committee, Working Group Report, Baggage Screening Investment Study Prepared for the Aviation Security Advisory Committee, August 9, 2006. GAO's Mission: The Government Accountability Office, the audit, evaluation and investigative arm of Congress, exists to support Congress in meeting its constitutional responsibilities and to help improve the performance and accountability of the federal government for the American people. GAO examines the use of public funds; evaluates federal programs and policies; and provides analyses, recommendations, and other assistance to help Congress make informed oversight, policy, and funding decisions. GAO's commitment to good government is reflected in its core values of accountability, integrity, and reliability. Obtaining Copies of GAO Reports and Testimony: The fastest and easiest way to obtain copies of GAO documents at no cost is through GAO's Web site (www.gao.gov). Each weekday, GAO posts newly released reports, testimony, and correspondence on its Web site. To have GAO e-mail you a list of newly posted products every afternoon, go to www.gao.gov and select "Subscribe to Updates." Order by Mail or Phone: The first copy of each printed report is free. Additional copies are $2 each. A check or money order should be made out to the Superintendent of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or more copies mailed to a single address are discounted 25 percent. Orders should be sent to: U.S. Government Accountability Office 441 G Street NW, Room LM Washington, D.C. 20548: To order by Phone: Voice: (202) 512-6000 TDD: (202) 512-2537 Fax: (202) 512-6061: To Report Fraud, Waste, and Abuse in Federal Programs: Contact: Web site: www.gao.gov/fraudnet/fraudnet.htm E-mail: fraudnet@gao.gov Automated answering system: (800) 424-5454 or (202) 512-7470: Congressional Relations: Gloria Jarmon, Managing Director, JarmonG@gao.gov (202) 512-4400 U.S. Government Accountability Office, 441 G Street NW, Room 7125 Washington, D.C. 20548: Public Affairs: Paul Anderson, Managing Director, AndersonP1@gao.gov (202) 512-4800 U.S. Government Accountability Office, 441 G Street NW, Room 7149 Washington, D.C. 20548: