This is the accessible text file for GAO report number GAO-05-394 entitled 'Maritime Security: New Structures Have Improved Information Sharing, but Security Clearance Processing Requires Further Attention' which was released on May 17, 2005. This text file was formatted by the U.S. Government Accountability Office (GAO) to be accessible to users with visual impairments, as part of a longer term project to improve GAO products' accessibility. Every attempt has been made to maintain the structural and data integrity of the original printed product. Accessibility features, such as text descriptions of tables, consecutively numbered footnotes placed at the end of the file, and the text of agency comment letters, are provided but may not exactly duplicate the presentation or format of the printed version. The portable document format (PDF) file is an exact electronic replica of the printed version. We welcome your feedback. Please E-mail your comments regarding the contents or accessibility features of this document to Webmaster@gao.gov. This is a work of the U.S. government and is not subject to copyright protection in the United States. It may be reproduced and distributed in its entirety without further permission from GAO. Because this work may contain copyrighted images or other material, permission from the copyright holder may be necessary if you wish to reproduce this material separately. Report to Congressional Requesters: United States Government Accountability Office: GAO: April 2005: Maritime Security: New Structures Have Improved Information Sharing, but Security Clearance Processing Requires Further Attention: GAO-05-394: GAO Highlights: Highlights of GAO-05-394, a report to congressional requestors. Why GAO Did This Study: Sharing information with nonfederal officials is an important tool in federal efforts to secure the nation’s ports against a potential terrorist attack. The Coast Guard has lead responsibility in coordinating maritime information sharing efforts. The Coast Guard has established area maritime security committees—forums that involve federal and nonfederal officials who identify and address risks in a port. The Coast Guard and other agencies have sought to further enhance information sharing and port security operations by establishing interagency operational centers—command centers that tie together the efforts of federal and nonfederal participants. GAO was asked to review the efforts to see what impact the committees and interagency operational centers have had on improving information sharing and to identify any barriers that have hindered information sharing. What GAO Found: Area maritime security committees provide a structure that improves information sharing among port security stakeholders. At the four port locations GAO visited, federal and nonfederal stakeholders said that the newly formed committees were an improvement over previous information sharing efforts. The types of information shared included assessments of vulnerabilities at port locations and strategies the Coast Guard intends to use in protecting key infrastructure. The three interagency operational centers established to date allow for even greater information sharing because the centers operate on a 24- hour-a-day basis, and they receive real-time information from data sources such as radars and sensors. The Coast Guard is planning to develop its own centers—called sector command centers—at up to 40 additional port locations to monitor information and to support its operations. The relationship between the interagency operational centers and the planned expansion of sector command centers remains to be determined. The major barrier hindering information sharing has been the lack of federal security clearances for nonfederal members of committees or centers. By February 2005—or 4 months after the Coast Guard developed a list of 359 committee members who needed a security clearance—28 of the 359 members had submitted the necessary paperwork for a security clearance. Coast Guard field officials did not clearly understand that they were responsible for contacting nonfederal officials about the clearance process. To deal with this, in early April 2005, the Coast Guard issued guidance to field offices that clarified their role. In addition, the Coast Guard did not have formal procedures that called for the use of data to monitor application trends. Developing such procedures would aid in identifying deficiencies in the future. As the Coast Guard proceeds with its program, another way to improve the submission of paperwork involves educating nonfederal officials about the clearance process. Interagency Operational Centers Coordinate Harbor Patrols: [See PDF for image] Source: GAO. [End of figure] What GAO Recommends: To help ensure that nonfederal officials receive security clearances in a more timely fashion, GAO recommends that the Coast Guard (1) develop formal procedures to use data as a tool to monitor the security clearance program and (2) raise the awareness of nonfederal officials about the process of applying for a clearance. The Department of Homeland Security and the Coast Guard concurred with our recommendations. www.gao.gov/cgi-bin/getrpt?GAO-05-394. To view the full product, including the scope and methodology, click on the link above. For more information, contact Margaret Wrightson at (415) 904-2200 or wrightsonm@gao.gov. [End of section] Contents: Letter: Results in Brief: Background: Area Maritime Security Committees Have Improved Information Sharing: Interagency Operational Centers Have Also Improved Information Sharing: Lack of Security Clearances Is a Key Barrier to More Effective Information Sharing: Conclusions: Recommendations for Executive Action: Agency Comments and Our Evaluation: Appendix I: Objectives, Scope, and Methodology: Appendix II: Stakeholder Groups Recommended for Membership on Area Maritime Security Committees: Appendix III: Port-Level Information Sharing Is Supported by, and Supports, National-Level Intelligence Infrastructure: Appendix IV: Comments from the Department of Homeland Security: Appendix V: GAO Contacts and Staff Acknowledgments: GAO Contacts: Staff Acknowledgments: Related GAO Products: Tables: Table 1: Representatives That an Area Maritime Security Committee Could Include: Table 2: Department and Agency Intelligence Organizations at the National, Regional, and Field Level That Are Potentially Involved in Maritime Information Sharing: Figures: Figure 1: Ports Facilitate Cargo Container Traffic, an Important Segment of Maritime Commerce: Figure 2: Area Maritime Security Committees Protect a Wide Range of Port Facilities and Adjacent Infrastructure: Figure 3: Coast Guard Patrol Enforces Security Zone at a Port: Figure 4: Flow of Information from National and Regional Coast Guard Sources to Area Maritime Security Committees and Interagency Operational Centers at the Port Level: Figure 5: Flow of Information between National Intelligence and Law Enforcement Agencies and between the National and the Port Level: Abbreviations: DHS: Department of Homeland Security: DOD: Department of Defense: DOJ: Department of Justice: FBI: Federal Bureau of Investigation: MTSA: Maritime Transportation Security Act of 2002: OMB: Office of Management and Budget: United States Government Accountability Office: Washington, DC 20548: April 15, 2005: The Honorable Henry A. Waxman: Ranking Minority Member: Committee on Government Reform: House of Representatives: The Honorable C. A. Dutch Ruppersberger: The Honorable George Miller: House of Representatives: Securing the nation's ports against a potential terrorist attack has become one of the nation's security priorities since the terrorist attacks of September 11, 2001. Factors that make ports vulnerable to a terrorist attack include their location near major urban centers, such as New York and Los Angeles; their inclusion of critical infrastructure such as oil refineries and terminals; and their economic importance for the nation's economy and trade. Although no port-related terrorist attacks have occurred in the United States, internationally terrorists have demonstrated their ability to access and destroy infrastructure, assets, and lives in and around seaports. According to the Coast Guard, a major port closure for 1 month could cost tens of billions of dollars, disrupting trade and the U.S. economy as a whole.[Footnote 1] Given that ports are sprawling enterprises that often cross jurisdictional boundaries, the need to share information among federal, state, and local agencies is central to effective prevention and response. The Homeland Security Act of 2002, which provided the basis for federal efforts against terrorism in the aftermath of the September 11 attacks, underscores the importance of sharing timely, effective, and useful information to enhance the shared partnership among federal, state, and local entities in the fight against terrorism.[Footnote 2] The act recognizes that sharing information with state and local officials can improve the capability of nonfederal officials to deter, prevent, or disrupt a possible terrorist attack. Since the terrorist attacks, the federal government has taken a number of approaches designed to enhance information sharing.[Footnote 3] One of these approaches, called for under the Maritime Transportation Security Act of 2002 (MTSA), was to provide the Coast Guard with authority for creating area maritime security committees at the port level.[Footnote 4] These committees--which were to include representatives from the federal, state, local, and private sectors-- were intended as a way to identify and deal with vulnerabilities in and around ports, as well as to provide a forum for sharing information on issues related to port security. Much of the federally generated information about port security--such as assessments of specific port vulnerabilities or information about potential threats being monitored- -is classified national security information and cannot be released, even to law enforcement personnel, if they have not undergone the necessary federal background checks and received a security clearance. Lacking access to such information, nonfederal officials may be at a disadvantage in their efforts to respond to or combat a terrorist threat. As another approach to improving information sharing and port security operations, various federal agencies, including the Department of Homeland Security (through the U.S. Coast Guard), the Department of the Navy, and the Department of Justice (DOJ), have developed interagency operational centers at certain port locations.[Footnote 5] These centers are command posts that tie together the intelligence and operational efforts of various federal and nonfederal participants. They currently exist in three locations: Charleston, South Carolina; Norfolk, Virginia; and San Diego, California. Congress has expressed interest in knowing more about the applicability of such centers in other locations, and it required the Coast Guard to submit a report by February 2005 that describes, among other things, the number of ports that could benefit from such centers and the associated cost of implementing them. The experience gleaned to date from both of these approaches to improving information sharing represents an opportunity that could help guide future efforts to improve port security. Therefore, we examined the efforts of the Coast Guard and other federal agencies in improving information sharing between and among federal, state, local, and industry stakeholders. This report addresses the following questions: * What impact have area maritime security committees had on information sharing? * What impact have interagency operational centers had on information sharing? * What barriers, if any, have hindered improvements in information sharing among port security stakeholders? To answer these questions, we focused much of our work at the port level. To review the activities of area maritime security committees, we selected four ports for detailed review. These four ports-- Baltimore, Maryland; Charleston, South Carolina; Houston, Texas; and Seattle, Washington--were selected to reflect various coastal regions and a wide range of volume and types of operations. To review the activities of the interagency operational centers, we visited all three centers currently in operation, discussing ways in which the centers operate with both federal and nonfederal participants as well as observing operations at the centers. During our visits, we talked with Coast Guard officials involved in sharing information and we also discussed information sharing issues with numerous nonfederal stakeholders, including private sector officials and officials from port authorities or local law enforcement. We examined in more detail the Coast Guard's procedures for processing security clearances for members of area maritime security committees. We also reviewed legislation and congressional committee reports related to information sharing, reviewed numerous other documents and reports on the issue, and spoke with officials at the Coast Guard and the Federal Bureau of Investigation (FBI) about their approaches to sharing information with nonfederal entities. See appendix I for further explanation of our scope and methodology. Our work, which was conducted between May 2004 and March 2005, was done in accordance with generally accepted government auditing standards. Results in Brief: Area maritime security committees have provided a structure to improve the timeliness, completeness, and usefulness of information sharing between federal and nonfederal stakeholders. At the four port locations we visited, stakeholders said the newly formed committees were an improvement over previous information sharing efforts because the committees established a formal structure for communicating information and established new procedures for sharing information. Stakeholders stated that among other things, the committees have been used as a forum for sharing assessments of vulnerabilities, providing information on illegal or suspicious activities and providing input on portwide security plans--called area maritime security plans--that describe the joint strategies of the Coast Guard and its partner agencies for protecting key infrastructure against terrorist activities. Nonfederal stakeholders, including state officials, local port authority operators, and representatives of private companies, said the information sharing had increased their awareness of security issues around the port and allowed them to identify and address security issues at their facilities. Likewise, Coast Guard officials said the information they received from nonfederal participants had helped in mitigating and reducing risks. While committees at each of the four locations had the same guidance, they varied in such ways as the size of the membership and the types of stakeholders represented. For example, to prevent a duplication of efforts, some of the committees rely on existing information sharing networks, such as trade and industry associations, and have Coast Guard officials participate directly with these groups, while other ports we visited carried out more of the work in the committee forum. We were not able to determine if certain of these structures or approaches work better than others, largely because the committees are just over a year old. More time will be needed before such assessments can be made. The three interagency operational centers established to date allow for even greater information sharing because the centers operate 24 hours a day and receive real-time operational information from radars, sensors, and cameras, as well as classified data on personnel, vessels, and cargo, according to center participants. In contrast, the area maritime security committees, while they have a broader membership, primarily provide information through meetings, documents, and other means that are often used for long-term planning purposes rather than day-to-day operations. The three existing interagency centers fulfill varying missions and operations, and thus share different types of information. For example, the center in Charleston, South Carolina, focuses on port security alone and is led by DOJ. In contrast, the center in San Diego supports the Coast Guard's missions beyond port security, including drug interdiction, alien migrant interdiction, and search and rescue activities, and is led by the Coast Guard. The Coast Guard is planning to develop its own operational centers--called sector command centers- -at up to 40 additional port locations to monitor maritime information and to support Coast Guard operations. The relationship between the planned expansion of centers by the Coast Guard and the existing interagency operational centers--in particular, how many other agencies will participate in the Coast Guard's centers--remains to be determined. While information sharing has generally improved, a major barrier mentioned most frequently by stakeholders as hindering information sharing has been the lack of federal security clearances among port security stakeholders. The lack of security clearances may limit the ability of state, local, and industry officials, such as those involved in area maritime security committees or interagency operational centers, to deter, prevent, and respond to a potential terrorist attack. By February 2005--or over 4 months after the Coast Guard had developed a list of over 350 nonfederal area maritime security committee participants with a need for a security clearance--28 had submitted the necessary paperwork for the background check. There were two main reasons why the Coast Guard had not processed security clearances more expeditiously. First, local Coast Guard officials said they did not clearly understand their responsibility for communicating with state and local officials about the process for obtaining a security clearance. After receiving a draft of our report, the Coast Guard issued guidelines clarifying the role that local Coast Guard officials play in the program. Second, the Coast Guard had not developed formal procedures for using its database on security clearance applicants to troubleshoot potential problems and take appropriate management action. As the Coast Guard proceeds with its program, nonfederal officials could benefit from more information on the process for obtaining a security clearance. The FBI, which spearheaded a similar effort (but not specific to ports) to expedite security clearances for nonfederal officials, found that nonfederal officials were slow in submitting application forms in part because of the lack of awareness about the security clearance process, and the agency made specific efforts to educate local officials about the application process. Similar educational efforts by the Coast Guard might help clear up any such uncertainties about the application process. Other barriers to greater information sharing identified by committee participants included the size and complexity of ports-- factors that are intrinsic to port operations--but none of these barriers were mentioned as frequently and considered as important as the lack of security clearances. In this report, we recommending that the Secretary of Homeland Security direct the Commandant of the Coast Guard to develop formal procedures so that local Coast Guard and headquarters officials use the Coast Guard's database as a management tool to monitor who has submitted applications for a security clearance and to take appropriate action when application trends point to possible problems. For example, updating the database on a routine basis could identify port areas where progress is slow and indicate that follow-up with local field office officials may be needed. Finally, we are also recommending that the Coast Guard raise the awareness of state, local, and industry officials about the process of applying for security clearances. This effort could involve using brochures and other information that the FBI has used in its program for educating state and local officials about the security clearance process. In commenting on a draft of this report, the Department of Homeland Security, including the Coast Guard, generally agreed with our findings and recommendations. The Department of Homeland Security's written comments are in appendix IV. Background: Ports Are Important and Vulnerable: Ports play an important role in the nation's economy and security. Ports are used to import and export cargo worth hundreds of billions of dollars, generating jobs, both directly and indirectly, for Americans and our trading partners. Ports, which include inland waterways, are used to move bulk agricultural, mineral, petroleum, and paper products. In addition, ports are also used to move cargo containers (as shown in fig. 1)--one of the most important segments of global commerce, accounting for 90 percent of the world's maritime cargo. In 2002, approximately 7 million containers arrived in U.S. seaports, carrying more than 95 percent of the nation's non-North American trade by weight and 75 percent by value. Ports also contribute to the economy through recreational activities such as boating, fishing, and cruises. As an indication of the economic importance of ports, a 2002 simulation of a terrorist attack at a port led to the temporary closure of every seaport in the United States and resulted in an estimated loss of $58 billion in revenue to the U.S. economy, including spoilage, loss of sales, manufacturing slowdowns, and halts in production.[Footnote 6] Ports are also important to national security because they host naval bases and vessels, facilitate the movement of military equipment, and supply troops deployed overseas. Figure 1: Ports Facilitate Cargo Container Traffic, an Important Segment of Maritime Commerce: [See PDF for image] Source: GAO. [End of figure] Since the terrorist attacks of September 11, the nation's 361 seaports have been increasingly viewed as potential targets for future terrorist attacks. Ports are vulnerable because they are sprawling, interwoven with complex transportation networks, close to crowded metropolitan areas, and easily accessible. Ports and their maritime approaches facilitate a unique freedom of movement and flow of goods while allowing people, cargo, and vessels to transit with relative anonymity. Because of their accessibility, ports are vulnerable to a wide variety of types of attacks. Cargo containers--mentioned above as important to maritime commerce--are a potential conduit for terrorists to smuggle weapons of mass destruction or other dangerous materials into the country. Finally, ports contain a number of specific facilities that could be targeted by terrorists, including military vessels and bases, cruise ships, passenger ferries, terminals, dams and locks, factories, office buildings, power plants, refineries, sports complexes, and other critical infrastructure. Multiple Jurisdictions Are Involved in Securing the Nation's Ports: The responsibility for protecting ports from a terrorist attack is a shared responsibility that crosses jurisdictional boundaries, with federal, state, and local organizations involved. For example, at the federal level, the Department of Homeland Security (DHS) has overall homeland security responsibility, and the Coast Guard, an agency of the department, has lead responsibility for maritime security. Other federal departments that may be involved include the Department of Defense (DOD) and DOJ. The Coast Guard and other federal agencies share their security responsibilities with several local stakeholder groups. Some port authorities, operated privately or by the state or local government, have responsibility for protecting certain facilities in and around ports. Port authorities provide protection through designated port police forces, private security companies, and coordination with local law enforcement agencies. Private sector stakeholders play a major role in identifying and addressing the vulnerabilities in and around their facilities, which may include oil refineries, cargo facilities, and other property adjacent to navigable waterways. Information Sharing Is Important to Port Security Activities: Information sharing among federal, state, and local officials is central to port security activities. The Homeland Security Act of 2002 and several congressionally chartered commissions call attention to the importance of sharing information among officials from multiple jurisdictions as a way to prevent or respond to a terrorist attack.[Footnote 7] The act recognizes that the federal government relies on state and local personnel to help protect against terrorist attacks, and these officials need homeland security information to prevent and prepare for such attacks.[Footnote 8] One of the congressionally chartered commissioned reports--the 9/11 Commission Report--placed emphasis on the importance of sharing information among federal and nonfederal entities as a means of deterring a terrorist attack in the future. In January 2005, we designated information sharing for homeland security as a high-risk area because the federal government still faces formidable challenges in gathering, identifying, analyzing, and disseminating key information within and among federal and nonfederal entities.[Footnote 9] Information sharing between federal officials and nonfederal officials can involve information collected by federal intelligence agencies. In order to gain access to classified information, state and local law enforcement officials generally need to apply for and receive approval to have a federal security clearance. Presidential Executive Order 12968, Access to Classified Information, dated August 1995, established federal criteria for granting access to classified information. As implemented by the Coast Guard, the primary criterion for granting access to classified information is an individual's "need to know," which is defined as the determination made by an authorized holder of classified information that a prospective recipient requires access to specific classified information in order to perform or assist in a lawful and authorized governmental function.[Footnote 10] To obtain a security clearance, an applicant must complete a detailed questionnaire that asks for information on all previous employment, residences, and foreign travel and contacts that reach back 7 years. After submitting the questionnaire, the applicant then undergoes a variety of screenings and checks by the Coast Guard Security Center. The Office of Personnel Management conducts background investigations on the applicant. Area Maritime Security Committees Are Established to Facilitate Information Sharing between Port Security Stakeholders: The Maritime Transportation Security Act, passed in the aftermath of the September 11 attacks and with the recognition that ports contain many potential security targets, provided for area maritime security committees to be established by the Coast Guard at ports across the country.[Footnote 11] A primary goal of these committees is to assist the local Captain of the Port--the senior Coast Guard officer who leads the committee--to develop a security plan--called an area maritime security plan--to address the vulnerabilities and risks in that port zone.[Footnote 12] In developing these plans, the committees serve as forums to communicate with stakeholders from federal agencies, state and local governments, law enforcement, and private industries in an effort to gain a comprehensive perspective of security issues at a port location. The committees also serve as a link for communicating threats and disseminating security information to port stakeholders. In all, the Coast Guard ultimately organized 43 area maritime security committees, covering the nation's 361 ports.[Footnote 13] Besides the Coast Guard, federal agencies such as the Customs and Border Protection, FBI, or Maritime Administration may be part of the committee. State, local, and industry members could include officials from port authorities, oil refineries, and local police or fire departments. Appendix II lists the various stakeholder groups that may be eligible. To supplement the statutory and regulatory framework of the committees, the Coast Guard developed specific guidelines on communication and collaboration among committee members.[Footnote 14] This guidance emphasizes the importance of information in successfully implementing security measures and recognizes that the committee structure allows stakeholders to identify other federal, state, and local agencies that are simultaneously developing security standards for other critical infrastructure, such as bridges and airports. The guidance tasks the committee with developing information sharing procedures for various situations, including relaying instances of suspicious activity to appropriate authorities and communicating to port stakeholders threat information, among other things. Interagency Operational Centers Involve Multiple Participants and Offer Another Means of Improving Information Sharing: Another approach at improving information sharing and port security operations involves interagency operational centers--command centers that bring together the intelligence and operational efforts of various federal and nonfederal participants. These centers provide intelligence information and real-time operational data from sensors, radars, and cameras at one location to federal and nonfederal participants 24 hours a day. The three current centers are in Charleston, South Carolina; Norfolk, Virginia; and San Diego, California. Two of the centers (Norfolk and San Diego) are located in ports that have a substantial number of vessels and facilities operated by the Department of the Navy. The third center (Charleston) is located at a port that moves military equipment in and out of the port, and it is a major container cargo port. The development of interagency operational centers represents an effort to improve awareness of incoming vessels, port facilities, and port operations. In general, these centers are jointly operated by federal and nonfederal law enforcement officials. The centers can have command and control capabilities that can be used to communicate information to vessels, aircraft, and other vehicles and stations involved in port security operations. Port-Level Information Sharing Is Supported by, and Supports, National- Level Intelligence Infrastructure: While area maritime security committees and interagency operational centers are port-level organizations, they are supported by, and provide support to, a national-level intelligence infrastructure. National-level departments and agencies in the intelligence and law enforcement communities may offer information that ultimately could be useful to members of area maritime security committees or interagency operational centers at the port level. These intelligence and law enforcement agencies conduct maritime threat identification and dissemination efforts in support of tactical and operational maritime and port security efforts, but most have missions broader than maritime activities as well. In addition, some agencies also have regional or field offices involved in information gathering and sharing. See appendix III for a description of the departments and agencies or components involved in maritime information sharing at the national and port levels. Area Maritime Security Committees Have Improved Information Sharing: Area maritime security committees have improved information sharing among port security stakeholders, and made improvements in the timeliness, completeness, and usefulness of information. The types of information shared include assessments of vulnerabilities at specific port locations, information about potential threats or suspicious activities, and strategies the Coast Guard intends to use in protecting key infrastructure. These efforts at sharing information generally did not exist prior to the creation of area maritime security committees. At the ports we visited, the collaboration and sharing of information between committee members reflected the different types of stakeholders and variations in the information needs of each port location. While improvements were noted, it is too early to determine if any one port has developed a better structure for information sharing than another, because the committees have only been operating for just over a year. Ports Reviewed Showed Improvements in Timeliness, Completeness, and Usefulness of Shared Information: Area maritime security committees have provided a structure to improve the timeliness, completeness, and usefulness of information sharing. For example, a primary function served by the committees was to develop security plans for port areas--called area maritime security plans. The goal of these plans was to identify vulnerabilities to a terrorist attack in and around a port location and to develop strategies for protecting a wide range of facilities and infrastructure (as shown in fig. 2). In doing so, the committees established new procedures for sharing information by holding meetings on a regular basis, issuing electronic bulletins on suspicious activities around port facilities, and sharing key documents, including vulnerability assessments and the portwide security plan itself, according to committee participants. These activities did not exist prior to the creation of the committees, and they have contributed to the improvements in information sharing. The area maritime security plan provides a framework for communication and coordination among port stakeholders and law enforcement officials, and identifies strategies for reducing vulnerabilities to security threats in and near ports. It is designed to capture the information necessary to coordinate and communicate security procedures at each maritime security level, complement and encompass facility and vessel security plans, and ultimately be integrated into the National Maritime Security Plan. Coast Guard officials and nonfederal stakeholders we contacted agreed that efforts such as these have improved information sharing. Figure 2: Area Maritime Security Committees Protect a Wide Range of Port Facilities and Adjacent Infrastructure: [See PDF for image] Source: GAO. [End of figure] Committee participants we spoke with noted that an essential component that has improved the timeliness of information sharing has been the development of both formal and informal stakeholder networks resulting from the formation of area maritime security committees. As part of the process for developing the plan, the committee identifies critical stakeholders and assembles their contact information, allowing for timely dissemination of relevant information. For example, in the event the Coast Guard learns of a potential and credible threat, the committee would designate who should be contacted, the order in which members should be contacted, and what information the committee provides or receives. Participants in the committees told us that the interactions of committee members have also led to the formation of informal stakeholder networks as committee members encounter other stakeholders with similar concerns and perspectives. The committee also provides a forum for real-time sharing of information between stakeholders through meetings or electronic communications. For example, our discussions with federal and nonfederal officials at the ports of Charleston and Houston indicated that committee members representing private industries were granted access to daily information bulletins that they had not received prior to the formation of area maritime security committees, and these information bulletins have allowed them to stay informed of important Coast Guard decisions. In Houston, the Captain of the Port has used such bulletins to notify and inform local stakeholders of unannounced drills, changes in security levels, and Coast Guard guidance for vessel inspections and voluntary screening. In Charleston, bulletins have been used to share information on closure of waterways, release of new regulations, and methods for preventing a possible terrorist attack. At the ports we visited, committee members noted that their participation has allowed them to disseminate more complete information and receive more useful information in return. Committee members representing the private sector at two of the ports we visited noted an increased willingness to disclose vulnerabilities to federal stakeholders with confidence that the information would be protected. Coast Guard officials noted that access to more complete information regarding vulnerabilities and threats at individual facilities has aided them in mitigating risks. Additionally, having a complete view of vulnerabilities at the port as a whole has been useful in identifying gaps and common security needs. For example, while private sector stakeholders are sharing their written assessments of their vulnerabilities with the Coast Guard, the Coast Guard is, in turn, sharing its strategies for the overall protection of ports against potential terrorist activities. State and local port authority operators and private sector stakeholders commented that the committees have increased their awareness of security issues around the port and that information received from the Coast Guard has been useful in identifying and addressing security concerns at their facilities. Efforts at sharing information prior to the creation of area maritime security committees had not produced such effects. Committees Have Flexibility in Their Structure and in the Way in Which They Share Information: While the committees are required to follow the same guidance regarding their structure, purpose, and processes, each of the committees is allowed the flexibility to assemble and operate in a way that reflects the needs of its port area. Each port is unique in many ways, including the geographic area covered and the type of operations that take place there. These port-specific differences influence the number of members that participate, the types of state and local organizations that members represent, and the way in which information is shared. One aspect of this flexibility is the way in which information is channeled to specific stakeholders. The representation of various stakeholders on a committee can cause differences in the type of information that is shared. While committee members from federal agencies may have access to classified information because they have obtained a security clearance, other members may receive a sanitized version of the information or be restricted from participating in certain committee meetings. To mitigate this situation, some committees have formed subcommittees that deal with classified materials such as intelligence reports or details of military deployments.[Footnote 15] The role stakeholders play in protecting strategic assets or the type of cargo they handle may also affect what types of information they receive as well as what types of information they can share with the committee at large. For example, at one port we visited, the details regarding a shipment of a sensitive material were restricted to committee members that had a direct involvement in the operation. The committees also show marked differences in how their meetings occur, and these differences in turn affect the specific ways in which information is shared. For example, at Baltimore, officials told us that committee meetings are open to the general port community and can draw over 80 participants in addition to the 48 committee members. Coast Guard officials told us that such a large attendance made it difficult to conduct committee business. To include all interested stakeholders in the information network while maintaining a working structure for the committee, the Captain of the Port designated 17 members to an executive committee, while the remaining 31 members served on a general committee. This structure allowed the committee to incorporate a large amount of stakeholder input and to share information with all interested parties while keeping the decision making duties of the committee at a manageable level. In contrast to Baltimore's 48 members, the Puget Sound area maritime security committee consists of 25 members who each share in decision making. The smaller committee allows for greater familiarity amongst members as well as immediate decision making at meetings because stakeholders with decision making authority are all present. At least two of the other committees we reviewed leveraged existing information sharing networks, such as trade and industry associations, by having Coast Guard officials participate in these groups. For example, at Charleston, Coast Guard officials noted that many of the stakeholders included on the area maritime security committee were already members of a local maritime association that had been operating since 1926. Officials from the Coast Guard and other federal agencies are members of the association and use the group's meetings as one way of sharing information with stakeholders. Coast Guard officials noted that while this approach may reduce the role and level of participation in the committee, it avoids duplication of efforts and allows the committee to be part of a broader information sharing network. At the port of Houston, the strong presence of the petrochemical industry also made sharing information easier since an association of petrochemical companies was already in place, according to local petrochemical and Coast Guard officials. Regardless of the structures and communication networks a committee adopted, stakeholders at all four locations we reviewed agreed that the committees fostered improved information sharing. We were not able, however, to determine if any of these structures worked better than others for two reasons. First, the different structures reflected the specific needs of each port location. Second, the committees are still in their early stages of operation and more time will be needed before any comparative assessments can be made. Interagency Operational Centers Have Also Improved Information Sharing: Interagency operational centers--command centers where officials from multiple agencies can receive data 24 hours a day on maritime activities--have further improved information sharing at three locations. According to participants at each of these centers, the improvements come mainly from the 24-hour coverage and greater amount of real-time, operational data, which the centers can use in their role as command posts for coordinating multi-agency efforts. The Coast Guard is developing plans to develop its own centers, called sector command centers, as part of an effort to reorganize and improve its awareness of the maritime domain. Some of these sector command centers may be interagency on either a regular or an ad hoc basis. However, the potential relationship between interagency operational centers and the Coast Guard's new sector command centers remains to be determined, pending a Coast Guard report to Congress. Centers Process and Share Information on Operations: Information sharing at the three existing interagency operational centers (Charleston, Norfolk, and San Diego), represents a step toward further improving information sharing, according to participants at all three centers. They said area maritime security committees have improved information sharing primarily through a planning process that identifies vulnerabilities and mitigation strategies, as well as through development of two-way communication mechanisms to share threat information on an as-needed basis. In contrast, interagency operational centers can provide continuous information about maritime activities and involve various agencies directly in operational decisions using this information. Radar, sensors, and cameras offer representations of vessels and facilities. Other data are available from intelligence sources, including data on vessels, cargo, and crew. For example: * In Charleston, four federal agencies (DOJ, Coast Guard, U.S. Customs and Border Protection, and U.S. Immigration and Customs Enforcement) coordinate in a unified command structure, and each of these agencies feeds information into the center. Eight state or local agencies (such as the county sheriff and the state's law enforcement division) have participants at the center full-time, and eight others participate on an as-needed or part-time basis. Federal and nonfederal officials told us that information sharing has improved, since participants from multiple agencies are colocated with each other and work together to identify potential threats by sharing information. * In San Diego, the center is located in a Coast Guard facility that receives information from radars and sensors operated by the Navy and cameras operated by the local harbor patrol. Local harbor patrol officials are colocated with Coast Guard and Navy personnel. Harbor patrol and Coast Guard staff said the center has leveraged their resources through the use of shared information. * In Norfolk, the center is staffed with Coast Guard and Navy personnel and receives information from cameras and radars. A Coast Guard Field Intelligence Support Team is colocated at the center and shares information related to the large concentration of naval and commercial vessels in and around the port area with Navy and Coast Guard personnel. According to Coast Guard officials, having a central location where two agencies can receive data from multiple sources on a 24-hour-a-day basis has helped improve information sharing. Greater information sharing among participants at these centers has also enhanced operational collaboration, according to participants. Unlike the area maritime security committees, these centers are operational in nature--that is, they have a unified or joint command structure designed to receive information and act on it. In the three centers, representatives from the various agencies work side by side, each having access to databases and other sources of information from their respective agencies. The various information sources can be reviewed together, and the resulting information can be more readily fused together. Officials said such centers help leverage the resources and authorities of the respective agencies. For example, federal and nonfederal participants collaborate in vessel boarding, cargo examination, and other port security responsibilities, such as enforcing security zones (as shown in fig. 3). If the Coast Guard determines that a certain vessel should be inspected on maritime safety grounds and intends to board it, other federal and nonfederal agencies might join in the boarding to assess the vessel or its cargo, crew, or passengers for violations relating to their areas of jurisdiction or responsibility. Figure 3: Coast Guard Patrol Enforces Security Zone at a Port: [See PDF for image] Source: GAO. [End of figure] Variations across Centers Affect Information Sharing: The types of information and the way information is shared varies at the three centers, depending on their purpose and mission, leadership and organization, membership, technology, and resources, according to officials at the centers. The Charleston center has a port security purpose, so its missions are all security related. It is led by DOJ, and its membership includes 4 federal agencies and 16 state and local agencies. The San Diego center has a more general purpose, so it has multiple missions to include, not just port security, but search and rescue, environmental response, drug interdiction, and other law enforcement activities. It is led by the Coast Guard, and its membership includes two federal agencies and one local agency. The Norfolk center has a port security purpose, but its mission focuses primarily on force protection for the Navy. It is led by the Coast Guard, and its membership includes two federal agencies and no state or local agencies. As a result, the Charleston center shares information that focuses on law enforcement and intelligence related to port security among a very broad group of federal, state, and local agency officials. The San Diego center shares information on a broader scope of activities (beyond security) among a smaller group of federal and local agency officials. The Norfolk center shares the most focused information (security information related to force protection) among two federal agencies. While the Norfolk center officials said they were planning to broaden the scope of their purpose, mission, and membership, they had not done so at the time of our visit. The centers also share different information because of their technologies and resources. The San Diego and Norfolk centers have an array of standard and new Coast Guard technology systems and access to Coast Guard and various national databases, while the Charleston center has these as well as additional systems and databases. For example, the Charleston center has access to and shares information on Customs and Border Protection's databases on incoming cargo containers from the National Targeting Center. In addition, Charleston has a pilot project with the Department of Energy to test radiation detection technology, which provides additional information to share. The Charleston center is funded by a special appropriation that allows it to use federal funds to pay for state and local agency salaries. This arrangement boosts the participation of state and local agencies, and thus information sharing beyond the federal government, according to port stakeholders in Charleston. While the San Diego center also has 24-hour participation by the local harbor patrol, that agency pays its own salaries. Other Ad Hoc Arrangements for Interagency Information Sharing: In addition to the three interagency operational centers we visited, our work has identified other interagency arrangements that facilitate information sharing and interagency operations in the maritime environment. One example is a predesignated single-mission task force, which becomes operational when needed. DHS established the Homeland Security Task Force, South-East--a working group consisting of federal and nonfederal agencies with appropriate geographic and jurisdictional responsibilities that have the mission to respond to any mass migration of immigrants affecting southeast Florida. Task force members (both agencies and individuals) are predesignated, and they have a contingency plan (called Vigilant Sentry) that describes each agency's specific coordination and mission responsibilities. The task force meets regularly to monitor potential migration events, update the contingency plan, and otherwise coordinate its activities. When a mass migration event occurs, the task force is activated and becomes a full- time interagency effort to share information and coordinate operations to implement the contingency plan. This task force was activated in February 2004 to implement Operation Able Sentry to interdict a mass migration from Haiti. Another example of an interagency arrangement for information sharing can occur in single-agency operational centers that become interagency to respond to specific events. For example, the Coast Guard has its own command centers for both its District Seven and Sector Miami. While these centers normally focus on a variety of Coast Guard missions and are not normally interagency in structure, they have established protocols with other federal agencies, such as Customs and Border Protection and Immigration and Customs Enforcement, to activate a unified or incident command structure should it be needed. For example, the interagency Operation Able Sentry (discussed above) was directed from the Coast Guard's District Seven command center. Similarly, to respond to a hijacking of a ship, an interagency operation was directed from the Coast Guard's Sector Miami command center. While an interagency operation might be directed from these Coast Guard command centers, it might be led by another agency with greater interests or resources to respond to an event. For example, this was the case with a recent interagency operation to arrange for the security of dignitaries at an international conference in Miami that was led by Immigration and Customs Enforcement. These Coast Guard centers make it possible to host interagency operations because they have extra space and equipment that allow for surge capabilities and virtual connectivity with each partner agency. Officials from the Coast Guard, Customs and Border Protection, and Immigration and Customs Enforcement in Miami all said that these ad hoc interagency arrangements were crucial to sharing information and coordinating operations. Coast Guard Plans to Develop Sector Command Centers at Ports: The Coast Guard is planning to develop its own operational centers-- called sector command centers--at additional ports. These command centers are being developed to provide local port activities with a unified command as the Coast Guard reorganizes its marine safety offices and groups into unified sectors. In addition, the Coast Guard sector command centers are designed to improve awareness of the maritime domain through a variety of technologies. The Coast Guard is planning to have command centers feed information to the Coast Guard's two area offices--one on the Pacific Coast and the other on the Atlantic Coast. Over the long term, the Coast Guard plans to have information from sector command centers and area offices channeled to a center at the national level--allowing the Coast Guard to have a nationwide common operating picture of all navigable waters in the country. A Coast Guard official indicated that this nationwide information will be available to other field office commanders at the same time it is given to area and headquarters officials. To develop this nationwide operating picture, the Coast Guard hopes to install equipment that allows it to receive information from sensors, classified information on maritime matters, and data related to ships and crewmembers as part of its expansion plans. Communication from Coast Guard ships and aircraft, as well as federal and nonfederal systems for monitoring vessel traffic and identifying the positions of large ships, would be among the other types of information that could be integrated into a command center. The Coast Guard plans to develop sector command centers at 10 port locations, with potential expansion to as many as 40 port locations. The Coast Guard is currently conducting site surveys to identify locations where it believes centers should be located. For fiscal year 2006, the Coast Guard is requesting funds that support its plans to improve awareness of the maritime domain by, among other things, continuing to evaluate the potential expansion of sector command centers to other port locations. For example, the Coast Guard's budget request includes $5.7 million to continue developing a nationwide maritime monitoring system, the common operational picture. The common operational picture is primarily a computer software package that fuses data from different sources, such as radar, sensors on aircraft, and existing information systems. The Coast Guard has also requested funding for training personnel in common operational picture deployment at command centers and to modify facilities to implement the picture in command centers. While the total cost of operating command centers is still unknown, the Coast Guard's Five-Year Capital Investment Plan shows that the capital costs of this effort amount to an estimated $400 million, with acquisition of the system estimated to start in fiscal year 2007. Coast Guard Report Pending on Interagency Operational Centers: The relationship between the interagency operational centers and the Coast Guard's sector command centers has not been determined yet. Coast Guard sector command centers can involve multiple agencies, and the Coast Guard has begun using the term "sector command center--joint" for the interagency operational centers in San Diego and Norfolk. Coast Guard officials have told us that their planned sector command centers will be the basis for any interagency operational centers at ports. However, the sector command center we visited, in Sector Miami, was not interagency on a routine basis--the Coast Guard is the single entity operating the center. During our visits to the interagency operational centers, port stakeholders raised the following issues as important factors to consider in any expansion of interagency operational centers: (1) purpose and mission--the centers could serve a variety of overall purposes, as well as support a wide number of specific missions; (2) leadership and organization--the centers could be led by several departments or agencies and be organized a variety of ways; (3) membership--the centers could vary in membership in terms of federal, state, local, or private sector participants and their level of involvement; (4) technology deployed--the centers could deploy a variety of technologies in terms of networks, computers, communications, sensors, and databases; and (5) resource requirements- -the centers could also vary in terms of resource requirements, which agency funds the resources, and how resources are prioritized. In a related step, Congress directed the Coast Guard to report on the existing interagency operational centers, covering such matters as the composition and operational characteristics of existing centers and the number, location, and cost of such new centers as may be required to implement maritime transportation security plans and maritime intelligence activities.[Footnote 16] This report, which Congress called for by February 2005, had not been issued by the time we had completed our work and prepared our report for printing. According to DHS, the report has been written and has been approved by DHS and the Office of Management and Budget (OMB), and is now in the final stages of review at the Coast Guard. Until the report on the centers is issued, it is unclear how the Coast Guard will define the potential relationship between interagency operational centers and its own sector command centers. Lack of Security Clearances Is a Key Barrier to More Effective Information Sharing: The lack of security clearances was most frequently cited as a barrier to more effective information sharing among port stakeholders, such as those involved in area maritime security committees and interagency operational centers. The Coast Guard has initiated a security clearance program for members of area maritime security committees. However, the results of the Coast Guard's efforts have been mixed. For example, only a small percentage of application forms from state, local, and industry officials had actually been submitted by February 2005--over 4 months after the Coast Guard had developed its list of officials. The primary reason given for this was that Coast Guard field office officials did not clearly understand their role in helping nonfederal officials apply for a security clearance. The Coast Guard's program does not have formal procedures for using data to manage the program, but developing such procedures would allow the Coast Guard to identify and deal with possible problems in the future. Finally, as the Coast Guard moves forward with its state, local, and industry security clearance program, the experience of other federal agencies that manage similar programs suggests that the limited awareness of state, local, and industry officials about the process for obtaining a security clearance could also impede the submission of applications for a security clearance. Port Security Stakeholders Cite the Lack of Clearances as a Problem: At the ports we visited, the lack of security clearances was cited as a key barrier to information sharing among participants of area maritime security committees and interagency operational centers we contacted. Port stakeholders involved in the four area maritime security committees consistently stated that the lack of federal security clearances for nonfederal members was an impediment to effective information sharing. Here are several examples: * An official of the Washington State Ferries who participates on the Puget Sound area maritime security committee said that not having a security clearance--and therefore the ability to access classified information--affected his ability to carry out security-related activities.[Footnote 17] He noted that the local U.S. Attorney reported to a local newspaper in the summer of 2004 that suspicious activities had been reported on the state ferry system. The Washington State Ferries official indicated that he or his staff was the source for some of the data but that federal officials would not provide him with more details on the activities because he did not have a security clearance. A Coast Guard field intelligence official corroborated this by stating that the Captain of the Port was unable to share classified information from the U.S. Attorney's office that indicated a pattern of incidents involving the ferries. Although Coast Guard officials said they wanted to share this information, ferry officials' lack of a federal security clearance precluded them from doing so. Both Coast Guard and ferry officials indicated that more complete information would aid local security officers in identifying or deterring illegal activities. * A senior Maryland state official involved in making budget decisions on improving security around facilities in the port of Baltimore indicated that having a security clearance would aid his ability to make decisions on how the state could more effectively spend its resources on homeland security. He said information on what transportation sectors are probable targets would be a valuable input on where the state should prioritize its spending decisions. * A senior Coast Guard official in Houston told us that granting security clearances to selected members of the area maritime security committee would make it easier for nonfederal officials to make decisions on how to respond to specific threats. A local Coast Guard intelligence official cited an example in which classified information could not be shared with port stakeholders. The official told us that there were delays in sharing the information until the originator of the information supplied a sanitized version. Similar to the concerns expressed by area maritime security committee members, participants we contacted at the three interagency operational centers cited the lack of security clearances as a barrier to information sharing. At the center in San Diego, the chief of the local harbor patrol noted that the lack of security clearances was an issue for patrol staff who are involved in the center. Subsequent to raising this issue, DHS sponsored security clearances for 18 harbor patrol officials. At the center in Charleston, participants in the interagency operational center cited the lack of security clearances as a potential barrier to information sharing. The Department of Justice addressed this potential barrier by granting security clearances to nonfederal officials involved in the center. Finally, Coast Guard officials indicated that when nonfederal officials begin working at the interagency operational center in Norfolk, granting security clearances to nonfederal participants will be critical to their success in sharing information. According to the Coast Guard and state and local officials we contacted, the shared partnership between the federal government and state and local entities may fall short of its potential to fight terrorism because of the lack of security clearances. If state and local officials lack security clearances, the information they possess may be incomplete. According to Coast Guard and nonfederal officials, the inability to share classified information may limit their ability to deter, prevent, and respond to a potential terrorist attack. While security clearances for nonfederal officials who participate in interagency operational centers are sponsored by DOJ and DHS, the Coast Guard sponsors security clearances for members of area maritime security committees. For the purposes of our review, we examined in more detail the Coast Guard's efforts to address the lack of security clearances among members of area maritime security committees. Coast Guard Has Taken Steps to Grant Additional Clearances to State, Local, and Industry Officials, but Efforts to Date Have Been Mixed: As part of its effort to improve information sharing at ports, the Coast Guard initiated a program in July 2004 to sponsor security clearances for members of area maritime security committees, but nonfederal officials have been slow in submitting their applications for a security clearance. By October 2004, the Coast Guard had identified 359 nonfederal committee members who had a need to know and should receive a security clearance, but as of February 2005, only 28 officials, or about 8 percent, had submitted the application forms for a security clearance. Twenty-four of these officials have been granted an interim clearance, which allows access to classified material while the final clearance is being processed. We interviewed local Coast Guard officials at the four ports we visited to gain a better understanding of the role of the Coast Guard in guiding state and local officials through the process. Our work shows that there were two areas that affected the Coast Guard's efforts: (1) local Coast Guard officials did not clearly understand their role in the security clearance program and (2) the Coast Guard did not use available data to track the status of security clearances for state and local officials. Coast Guard Field Office Officials Said They Did Not Clearly Understand Their Role in the Security Clearance Program: Coast Guard field office officials said they did not clearly understand their role in helping nonfederal officials apply for a security clearance. In July 2004, Coast Guard headquarters sent guidance to Coast Guard field offices requesting them to proceed with submissions of personnel security investigation packages and to submit the additional names of state and local officials who had a need for a security clearance. However, this guidance evidently was unclear to field office officials. For example, by January 2005--3 months after they submitted names to headquarters--Coast Guard officials at three of the ports we visited were still awaiting further guidance from headquarters on how to proceed.[Footnote 18] These officials said they thought that headquarters was processing security clearances for nonfederal officials, and they were waiting for notification from headquarters that security clearances had been granted. Our discussions with a Coast Guard field office official at the fourth port location suggest that additional guidance about the process for the state, local, and industry security clearance program could be beneficial. For example, according to this official, membership on area maritime security committees changes over time, and it would be helpful to have guidance on the process for obtaining additional security clearances or dropping clearances for officials who no longer participate on the committees or who no longer have a need to know classified information. This official noted that the process differed depending on whether a committee participant is considered to be a military or civilian official. In early February 2005, we expressed our concerns about the security clearance program to Coast Guard officials. On the basis, in part, of our discussions, Coast Guard headquarters took action and drafted guidance informing its field office officials that they were responsible for contacting nonfederal officials and for providing them with application forms for obtaining a security clearance, according to Coast Guard officials. Additionally, to further clarify the role of field office officials, the Coast Guard's draft guidance included information on various procedures for obtaining a security clearance. After receiving a draft of this report, the Coast Guard finalized this guidance and sent it to field office officials in early April 2005. Our review of the guidance shows that it clarifies the role of field office officials in administering the security clearance process at the local level and that it provides more detailed procedures on how to check the status of applications that have been submitted for a security clearance. In addition to writing draft guidance on the program, the Coast Guard recently demonstrated that the security clearance program has produced some positive results. For example, in late 2004, the Coast Guard determined the need to share the results of a security study on ferries, portions of which were classified, with some members of an area maritime security committee. Working with Coast Guard field office officials, Coast Guard headquarters and the Coast Guard Security Center were able to process and grant about a dozen security clearances to state, local, and industry officials. As a result, the Coast Guard was able to share classified information with state, local, and industry officials that it believed would help them in carrying out their port security responsibilities. Data Could Be More Effectively Used as a Tool to Manage the Security Clearance Program: A key component of a good management system is to have relevant, reliable, and timely information available to assess performance over time and to correct deficiencies as they occur. The Coast Guard has two databases that contain information on the status of security clearances for state, local, and industry officials. The first database is a commercial off-the-shelf system that contains information on the status of all applications that have been submitted to the Coast Guard Security Center, such as whether a security clearance has been issued or whether personnel security investigations have been conducted. In February 2004, the Coast Guard began testing the database for use by field staff, and while headquarters has still not granted field staff access to the database, it plans to do so in the future. The second database--an internally developed spreadsheet on the 359 area maritime committee participants--summarizes information on the status of the security clearance program, such as whether they have submitted their application forms and whether they have received their clearances. Although the Coast Guard has databases that could be used to manage the state, local, and industry security clearance program, thus far, it has not developed formal procedures for using the data as a management tool to follow up on possible problems at the national or local level to verify the status of clearances. In regard to the database used by the Security Center, a Coast Guard official told us that the database was not designed to monitor application trends, but instead is used to provide information on individual applicants. The Coast Guard's internally developed spreadsheet on committee participants who have been deemed candidates for a security clearance, however, does offer information on application trends, and could be used to monitor progress that has been made at the national or local level. For example, updating the database on a routine basis could identify port areas where progress is slow and indicate that follow-up with local field office officials may be needed. In a similar security clearance program, the experience of the FBI shows the utility of data as a tool for managing the program. For example, FBI officials indicated that its databases have served as management tools for tracking state, local, and industry security applications and for monitoring application trends and percentages. The Coast Guard has yet to develop formal procedures for using its data on committee participants as a tool to assess potential problems and to take appropriate action, if necessary. Doing so would likely aid its efforts to manage the state, local, and industry security clearance program at both the local and the national levels. While the Coast Guard's databases on security clearances shows promise as a tool for monitoring the state, local, and industry security clearance program, the database also has limitations in that it cannot be used to determine how many nonfederal officials have a federal security clearance sponsored by other federal agencies. For example, a Coast Guard official stated that this information is difficult to obtain because the Coast Guard does not have easy access to databases of other agencies. In September 2004, we testified that existing impediments to managing the security clearance process include the lack of a governmentwide database of clearance information, which hinders efforts to provide timely, high-quality clearance determinations.[Footnote 19] As a way to deal with this problem, a local Coast Guard official sent a survey to port security stakeholders to determine how many stakeholders had security clearances sponsored by other federal agencies. Raising the Awareness of State, Local, and Industry Officials Might Improve the Processing of Application Forms: Our prior reviews of DOD and FBI efforts to manage a large number of security clearances for service members, government employees, and industry personnel have demonstrated long-standing backlogs and delays. In addition, our FBI work showed that it is important to address training and education to successfully carry out an effective security clearance program.[Footnote 20] Our reviews also showed that the use of internal controls to ensure that security clearances are granted in compliance with existing rules and regulations will become increasingly important. The experience of the FBI in managing its security clearance program shows that educating nonfederal officials about the security clearance program resulted in improvements in the processing of applications for a security clearance. The FBI grants security clearances to state and local law enforcement officials who may require access to classified national security information to help prevent or respond to terrorist attacks. After September 11, an increasing number of state and local officials began requesting security clearances to obtain terrorism- related information that might affect their jurisdictions. However, when the FBI received a low percentage of application forms for security clearances from nonfederal officials, the agency consulted with state and local officials to collect their views and recommendations regarding information sharing and improving the security clearance process, and the FBI identified unfamiliarity with the requirements for processing security clearance applications as one of the main impediments to timely processing of applications. For example, some state and local officials said that they did not have adequate guidance for filling out and submitting the appropriate application forms. In response, the FBI widely distributed step-by-step guidance to state and local law enforcement officials through informational brochures (available on a FBI Web site) and meetings with state and local officials, among other efforts. Some law enforcement officials we interviewed stated that the FBI's guidance and consultation with law enforcement professional organizations helped improve state and local officials' understanding of the security clearance application process.[Footnote 21] Once the Coast Guard begins notifying more state, local, and industry officials about the process for obtaining a security clearance, raising the awareness of nonfederal officials about the program could improve the processing of application forms. An official at the field office that had actually contacted state and local officials about the security clearance program indicated that field office officials did not have basic information about the security clearance program. Among other things, he mentioned that informational brochures and Web sites could be given to nonfederal officials as a way to improve their awareness of the security clearance process. Attending to the potential lack of awareness by nonfederal officials about the security clearance program is important because the number of nonfederal officials who submit application forms for a security clearance may be much larger than the several hundred state, local, and industry officials who participate on area maritime security committees. For example, DHS will sponsor an estimated 5,000 security clearances for state, local, and industry officials and the Coast Guard Security Center will process these clearances, according to Coast Guard officials. Additionally, the Coast Guard plans to grant clearances to about 200 other nonfederal officials who are involved in supporting other Coast Guard operations, such as sector command centers. In addition, as the Coast Guard's security clearance program evolves, participants on area maritime security committees or in sector command centers may change over time, thus highlighting the importance of having ways to raise the awareness of nonfederal officials about the security clearance process. Other Barriers Intrinsic to Port Operations May Also Impede Information Sharing: Port security stakeholders cited other barriers to effective information sharing intrinsic to ports we visited, but none of these barriers were mentioned as frequently as the lack of security clearances. At the four ports we visited, characteristics intrinsic to the port, such as their size and complexity were stated as barriers to effective information sharing. In Houston, for example, multiple stakeholders, such as port authorities, numerous jurisdictions, and a diverse set of users, were presented as challenges in information sharing efforts. The length of the Houston Ship Channel (50 miles), with numerous public and private entities using the channel, also complicates information sharing efforts. To deal with the size and complexity of this port area, Coast Guard officials said they have worked with associations representing the commercial fishing industry, petrochemical companies, and state and local law enforcement as a means to share information about port security with as many users of the port and the Houston Ship Channel as possible. For example, the local Coast Guard officials said they held informational meetings with recreational boating associations and with area maritime security committee participants to inform boaters and other stakeholders of "safety zones"--areas where recreational use of the waterway is prohibited--in the Houston Ship Channel. Another barrier mentioned at another port location was the "cultural" barrier between various members of the area maritime security committees. For example, officials at this port location stated that an informal network has created insiders and outsiders drawing particular distinctions between law enforcement and non-law enforcement officials. Conclusions: Effective information sharing among members of area maritime security committees and participants in interagency operational centers can enhance the partnership between federal and nonfederal officials, and it can improve the leveraging of resources across jurisdictional boundaries for deterring, preventing, or responding to a possible terrorist attack at the nation's ports. The Coast Guard has recognized the importance of granting security clearances to nonfederal officials as a means to improve information sharing, but progress in moving these officials through the application process has been slow. In the future, the Coast Guard may need to grant additional security clearances to state, local, or industry participants who join area maritime security committees or sector command centers to support counterterrorism programs. In this way, as the Coast Guard's state, local, and industry security clearance program matures, the importance of effectively managing the security clearance program will become even more important. Increased management attention and guidance about the process would strengthen the program for security clearances, and it would reduce the risk that nonfederal officials may have incomplete information as they carry out their law enforcement activities. Recommendations for Executive Action: To help ensure that nonfederal officials receive needed security clearances as quickly as possible, both now and in the future, we recommend that the Secretary of Homeland Security direct the Commandant of the Coast Guard to take the following two actions. * Develop formal procedures so that local and headquarters officials use the Coast Guard's internal databases of state, local, and industry security clearances for area maritime committee members as a management tool to monitor who has submitted applications for a security clearance and to take appropriate action when application trends point to possible problems. For example, updating the database on a routine basis could identify port areas where progress is slow and indicate that follow-up with local field office officials may be needed. * Raise the awareness of state, local, and industry officials about the process of applying for security clearances. This effort could involve using brochures, Web sites, or other information that the FBI has used in its program for educating state and local officials about the security clearance process. Agency Comments and Our Evaluation: We provided a draft of this report to DHS, DOJ, and DOD for comment. DHS, including the Coast Guard, generally agreed with our findings and recommendations. Specifically, DHS noted that our recommendations should enhance the Coast Guard's efforts to promote information sharing among port security stakeholders. DHS also indicated that changes associated with processing security clearances should overcome identified impediments. DOJ and DOD declined to provide comments. Our draft report included a recommendation that the Coast Guard clarify the role of field office officials in communicating with state, local, and industry officials about the process for obtaining a security clearance. After receiving our draft report, the Coast Guard issued a memo to field office officials that clarified their role in the security clearance program. The Coast Guard's memo also provided more detailed guidance on the process for sponsoring additional state, local, or industry officials for a security clearance. As a result of the Coast Guard's action, we have dropped this recommendation from our final report. In regard to interagency operational centers, DHS also noted that the Coast Guard report required by Congress on existing interagency operational centers has been approved by DHS and OMB and is now in the final stages of review at the Coast Guard. In addition to commenting on our findings and recommendations, DHS provided technical comments on the report under separate cover and we revised the draft report where appropriate. Written comments from DHS are reprinted in appendix IV. As agreed with your office, unless you publicly announce its contents earlier, we plan no further distribution of this report until 30 days after its issue date. At that time, we will provide copies of this report to appropriate departments and interested congressional committees. We will also make copies available to others upon request. This report will also be available at no charge on the GAO Web site at http://www.gao.gov. If you or your staff have any question about this report, please contact me at (415) 904-2200 or at wrightsonm@gao.gov or Stephen L. Caldwell, Assistant Director, at (202) 512-9610 or at caldwells@gao.gov. Key contributors to this report are listed in appendix V. Signed by: Margaret T. Wrightson: Director, Homeland Security and Justice Issues: [End of section] Appendix I: Objectives, Scope, and Methodology: Each of our objectives involved information sharing between federal agencies and nonfederal stakeholders. Specifically, * What impact have area maritime security committees had on information sharing? * What impact have interagency operational centers had on information sharing? * What barriers, if any, have hindered improvements in information sharing among port security stakeholders? We carried out part of our work at Coast Guard headquarters or in consultation with headquarters officials. We spoke with Coast Guard officials to obtain information on how information is shared within the maritime security community and reviewed pertinent legislation, guidance, rules, and other relevant documents related to the sharing of maritime security information with nonfederal stakeholders. For example, we reviewed pertinent statutes, such as the Maritime Transportation Security Act and the Homeland Security Act. We also reviewed selected maritime security plans, Coast Guard regulations implementing the Maritime Transportation Security Act, and various reports from congressionally chartered commissions related to information sharing. To address our first objective, we conducted structured interviews with officials from federal agencies and representatives from state and local governments, law enforcement agencies, maritime industry associations, and private sector entities who were stakeholders in port security issues. Many of these officials were members of area maritime security committees. These interviews were largely conducted during site visits to four specific maritime port areas. We selected these ports to provide a diverse sample of security environments and perspectives, basing our selections on such matters as geographic location, varying levels of strategic importance, and unique local characteristics. The four port areas and some of our reasons for choosing them are as follows: * Baltimore, Maryland: a Mid-Atlantic port that is managed by a state agency and services a variety of cargo, including bulk and container cargo, and cruise passengers; * Charleston, South Carolina: a South Atlantic port that is state owned and operated, with three separate facilities and military facilities and installations; * Houston, Texas: a Gulf coast port that is governed by an appointed commission and consists of a 25-mile-long complex of diversified public and private facilities, including the nation's largest petrochemical complex; and: * Seattle/Tacoma, Washington: a Pacific coast port area that is operated by municipal corporations, represents the third largest container cargo port in the country, and services the country's largest state-operated passenger ferry system. During each of our visits to these four ports, we met with the identified port stakeholders, Coast Guard marine safety offices, and Captains of the Port. In our meetings with Captains of the Port and marine safety offices, we discussed the creation of and composition of the area maritime security committee at their port and the effectiveness of the committee in facilitating information sharing. We also discussed and collected documents related to policies and procedures pertaining to sharing information with nonfederal stakeholders. We collected documentary evidence in the form of information bulletins that are used to disseminate information to stakeholders. When we met with the nonfederal stakeholders at the ports, we discussed specific security concerns at their facilities or in their jurisdictions and how they were being addressed. We also discussed their involvement and experiences with the local area maritime security committee, of which most were members, and how they receive and share information with federal agencies, particularly the Coast Guard. With both groups, we discussed any perceived barriers to information sharing and ideas and plans to resolve these issues. This information was used in conducting a comparative analysis of the port areas and allowed us to distinguish differences between the locations while identifying common issues. In addressing the second objective, we conducted site visits at the three interagency operational centers located in Charleston, South Carolina; Norfolk, Virginia; and San Diego, California. Related to this, we visited the Homeland Security Task Force South-East and command centers for the Coast Guard district and sector in Miami, Florida because these centers also aim to facilitate information sharing and joint operations related to maritime security. At each location, we conducted structured interviews with officials from the agencies participating in the centers. These interviews allowed us to obtain information regarding the history of the centers and how their missions and structures are changing. Specifically, we discussed how their presence affects information sharing among federal stakeholders as well as with nonfederal stakeholders. We also discussed challenges facing the centers as they become more formalized. During the visits, documents that describe the centers as well as examples of the products they distribute were collected. Observations made at the facilities allowed us to provide context to the testimonial evidence we collected. We also viewed demonstrations of the emerging technologies as well as differences in the physical attributes of each center. The testimonial evidence, aided by our observations, was synthesized and analyzed, allowing us to perform a comparative analysis, identifying differences and commonalities in information sharing among the centers. To address the third objective, we followed up with officials at Coast Guard headquarters and obtained guidance and data regarding the current effort to administer security clearances at the secret level to selected nonfederal stakeholders at each port. In subsequent phone interviews with the officials of marine safety offices at the ports we visited, we discussed problems encountered in the communication and implementation of this effort and steps that are being taken to resolve these problems. In addition, we reviewed Coast Guard documents related to information sharing, such as data on the number of nonfederal officials who had received security clearances, guidance from Coast Guard headquarters to field offices, and other pertinent instructions. In regard to this database, we checked the reliability of the database for the four ports we visited and found that the database was generally accurate. We found that 24 of the 27 entries were correct. In addition, we reviewed prior GAO reports that dealt with information sharing issues. Finally, we interviewed 64 federal and nonfederal stakeholders at the four ports we visited and asked them whether there were any barriers to information sharing. The results of our interviews cannot be projected to all participants on the area maritime security committees. Our review was conducted from May 2004 to March 2005 in accordance with generally accepted government auditing standards. [End of section] Appendix II: Stakeholder Groups Recommended for Membership on Area Maritime Security Committees: This appendix provides information on the Coast Guard's guidance for developing the local membership and organization of the area maritime security committee. The Coast Guard's guidance directs the Captain of the Port to take into account all aspects of each port area and its adjacent waterways and coastal areas. The committees should be composed of federal, state, and local agencies; law enforcement and security agencies; and port stakeholders. Representatives for each aspect of the port and those charged with its regulation or enforcement should be encouraged to participate. Table 1 provides a list of representatives that an area maritime security committee could include. Table 1: Representatives That an Area Maritime Security Committee Could Include: Federal agencies: U.S. Coast Guard (USCG); Department of Defense (DOD); Nuclear Regulatory Commission (NRC); U.S. Department of Agriculture (USDA); Environmental Protection Agency (EPA); Occupational Safety and Health Agency (OSHA); Federal Bureau of Investigation (FBI); Emergency Preparedness and Response (EPR); Customs and Border Protection (CBP); Immigration and Customs Enforcement (ICE); Transportation Security Administration (TSA); Army Corps of Engineers (ACOE); U.S. Transportation Command (TRANSCOM); Military Sealift Command (MSC); Military Traffic Management Command (MTMC); Animal and Plant Health Inspection Service (APHIS); Maritime Administration (MARAD); Research and Special Programs Administration (RSPA); Federal Railway Administration (FRA); Federal Highway Administration (FHWA); Federal Transit Administration (FTA); Other government representatives, where appropriate. State and local agencies: National Guard; Marine police; Port authority police and security forces; Fire departments; Civil defense; City government officials; Transportation agencies; Fish and wildlife marine units; Health agencies; Occupational safety agencies; Terminal/facility security forces; Pilot associations; Other state, local, and city government representatives; State department of natural or environmental resources; marine units; Other environmental agencies; Regional development agencies/metropolitan planning organizations. Industry-related agencies: Facility owners/operators; Terminal owners/operators; Trade organizations; Recreational boating organizations (yacht clubs, rowing clubs); Railroad companies; Trucking companies; Shipyards; Tow-boat operators; Marine exchanges; Industry organizations; Organized labor; Commercial fishing industry; Waterborne vendors and service providers (harbor tugs, launch services, line handlers, small ferry operators, water taxis); Other facilities within the port having waterside access, e.g., refineries, chemical plants, power plants. Source: Coast Guard. [End of table] Area maritime security committees are not limited to the agencies and organizations on this list. As each port has specific needs and issues, the membership of committees can vary greatly from port to port. [End of section] Appendix III: Port-Level Information Sharing Is Supported by, and Supports, National-Level Intelligence Infrastructure: This appendix provides information on the departments and agencies/components involved in maritime information sharing, at both the national level and the regional or field level. Table 2 lists departments and agencies/components (including the Coast Guard) that potentially play a role in disseminating maritime threat information to, and receiving information from, area maritime security committees and interagency operational centers. Table 2: Department and Agency Intelligence Organizations at the National, Regional, and Field Level That Are Potentially Involved in Maritime Information Sharing: Department of Homeland Security: Agency/component: U.S. Coast Guard (USCG); National-level intelligence organizations: The Coast Guard Intelligence Coordination Center (ICC), working in conjunction with the Navy's Office of Naval Intelligence (ONI) at the National Maritime Intelligence Center (NMIC), tracks the movement of vessels, cargoes, and crews while providing intelligence analysis and warning information; Regional or field-level intelligence organizations: Two Coast Guard Maritime Intelligence Fusion Centers (MIFCs), located on each coast, receive intelligence from, and provide intelligence to, ICC. MIFCs also provide actionable intelligence to Coast Guard commanders at the district and port levels, and share that analysis with interagency partners. At the port level, Captains of the Ports (COTPs) head area maritime security committees that include federal and nonfederal stakeholders and help facilitate information sharing. Field Intelligence Support Teams (FISTs), also located at the port level, are composed of intelligence specialists who collect, analyze, and disseminate critical maritime threat information. FISTs can be colocated at interagency operational centers or Coast Guard district or sector command centers. Agency/component: U.S. Customs and Border Protection (CBP); National-level intelligence organizations: The CBP Office of Intelligence collects, develops, analyzes, and disseminates intelligence in support of tactical and operational maritime security mission requirements and prepares strategic analysis for key decision makers. Analytical reports are prepared for DHS to disseminate to appropriate agency components and other federal agencies. CBP's National Targeting Center (NTC) conducts "sweep" operations of information on air, sea, and land passengers, conveyances, and cargo. The center does 24-hour tactical targeting that coordinates CBP's field operations response to terrorist threats and national security concerns, develops raw intelligence into actionable targets, and works as a liaison between other CBP offices and other federal agencies such as the Coast Guard; Regional or field-level intelligence organizations: CBP Advanced Targeting Units (ATUs), at the port level, screen incoming cargo that poses a possible threat to the national security of the United States. Agency/component: U.S. Immigration and Customs Enforcement (ICE); National-level intelligence organizations: ICE Office of Intelligence evaluates, disseminates, and coordinates classified intelligence community and law enforcement reporting. A central component of the ICE information-sharing effort is ICE Intelligence Watch, which evaluates all tactical intelligence of terrorist threats to the homeland and provides additional analytical support through crosschecks of all agency and intelligence community databases; Regional or field-level intelligence organizations: ICE has six Field Intelligence Units (FIUs) that provide geographic and regional intelligence analysis and supervise Intelligence Collection and Analysis Teams (ICATs) that are also active in the field. In the maritime domain, ICE maintains Watchtower, which is a field maritime intelligence operation that provides detailed information on incoming vessels resulting from targeted inspections of vessels and cargo. Over 20 Watchtower specialists, located at 17 seaports nationwide, produce Field Intelligence Reports (FIRs) covering all domestic seaports. Watchtower specialists meet and work with state and local law enforcement, Coast Guard, CBP, and DOJ officials. Among other things, these specialists provide information on ships (e.g., container cargo ships, tankers, and bulk carriers) that may require an enforcement action, such as a boarding or interview of the vessel master. Agency/component: Transportation Security Administration (TSA); National-level intelligence organizations: As part of its mission to protect the nation's transportation system, TSA is tasked to develop a maritime information system in accordance with requirements of the Maritime Transportation Security Act of 2002. As such, DHS is exploring the most appropriate means of fulfilling this legislative requirement. The TSA Transportation Security Intelligence Service (TSIS) disseminates intelligence and law enforcement information about threats to transportation security and serves as a liaison for transportation security to the intelligence community. In this capacity, TSIS helps to coordinate domestic and international transportation security activities with DHS and other government agencies; Regional or field-level intelligence organizations: No domestic presence at the regional or field levels specifically related to maritime security. Agency/component: Information Analysis and Infrastructure Protection (IAIP); National-level intelligence organizations: The mission of IAIP is to identify and assess current and future threats to the homeland, map those threats against known vulnerabilities, develop protective measures, issue timely warnings, and take preventive and protective action. This threat information includes, but is not limited to, the maritime environment. As part of this mission, IAIP is to provide information to federal, state, local, tribal government, law enforcement, and private sector officials as appropriate, both classified and unclassified, and also conducts a daily Information Analysis Morning Executive Brief, whereby DHS components share and coordinate threat information; Regional or field-level intelligence organizations: No domestic presence at the regional or field levels specifically related to maritime security. Department of Justice: Agency/component: U.S. Attorneys' Offices; National-level intelligence organizations: Executive Office for U.S. Attorneys (EOUSA) provides for close liaison between DOJ in Washington, D.C., and the 94 U.S. Attorneys' offices located throughout the nation, as well as direction, oversight, and support; Regional or field-level intelligence organizations: DOJ, through U.S Attorney Anti-Terrorism Advisory Councils (ATACs), has established state and regional task forces and coordination centers that may include a maritime component or nexus, such as the Maryland Coordination and Analysis Center (MCAC). Agency/component: Federal Bureau of Investigation (FBI); National-level intelligence organizations: Counterterrorism Division (CTD) is colocated with the National Counterterrorism Center, but remains under the direction of FBI. CTD conducts analysis, evidence exploitation, and the preparation and dissemination of finished intelligence products and briefing materials related to counterterrorism; National Joint Terrorism Task Force (NJTTF) includes representatives from the Departments of Homeland Security, Defense, Justice, Treasury, Transportation, Commerce, Energy, State, and Interior; and collects terrorism information and intelligence and funnels it to Joint Terrorism Task Forces (JTTFs); Regional or field-level intelligence organizations: Joint Terrorism Task Forces are multi-agency investigative teams composed of federal, state and local agencies that work jointly with other nonmember agencies to investigate terrorism matters. JTTFs are designated conduits of information from federal to state and local officials (and the private sector) and are located in 66 field offices across the country; In addition, the FBI Maritime Liaison Agent (MLA) Program is intended to enhance the security of the U.S. maritime environment by training special agents and Joint Terrorism Task Force officers serving at various port area on subjects pertaining to preventing terrorism at our nation's seaports. Designated MLAs throughout the nation are required to increase interaction between law enforcement and the private sector, state and local port authorities, and other federal agencies with maritime responsibilities. Department of Defense: Agency/component: Department of the Navy; National-level intelligence organizations: The Office of Naval Intelligence (ONI) provides national-level maritime intelligence on merchant and non-merchant ship activity to determine possible terrorist threats abroad and at home. ONI is colocated with the Coast Guard ICC at NMIC; Naval Criminal Investigative Service (NCIS) is the primary law enforcement and counterintelligence arm of the Navy. The NCIS Multiple Threat Alert Center (MTAC) tracts worldwide threats against navy facilities and vessels; Regional or field-level intelligence organizations: ONI has no domestic presence at the regional or field levels specifically related to domestic maritime security; NCIS has regional agents who work closely with federal, state, and local agencies to counter terrorism and protect navy facilities and vessels, as well as shipping military equipment. Other Intelligence Community: Agency/component: Central Intelligence Agency (CIA); National-level intelligence organizations: CIA's Counterterrorism Center (CTC), colocated at the National Counterterrorism Center, assists CIA in coordinating the counterterrorist efforts of the intelligence community by implementing a counterterrorist operations program to collect intelligence on international terrorist groups, producing analyses of the groups and states responsible for international terrorism and coordinating the counterterrorist activities of the intelligence community. CTC has dedicated analysts to the threat against U.S. seaports and maritime assets; Regional or field-level intelligence organizations: No domestic presence at the regional or field levels specifically related to maritime security. Agency/component: National Counterterrorism Center (NCTC); National-level intelligence organizations: NCTC is responsible for analyzing and integrating foreign and domestic intelligence acquired from all U.S. government departments and agencies pertaining to terrorism. The center will identify, coordinate, and prioritize the counterterrorism intelligence requirements of the nation's intelligence agencies; Regional or field-level intelligence organizations: No domestic presence at the regional or field levels specifically related to maritime security. Source: GAO. [End of table] The Coast Guard, as the lead in domestic maritime security, plays a central role in maritime threat information sharing and has a robust presence at the national, regional, and port levels. In this capacity, it conducts intelligence activities in support of all its missions, maritime homeland security, and national security objectives, including information collection, analysis, and dissemination of intelligence information. Figure 4 illustrates how Coast Guard national and regional maritime information is channeled to and from representatives of a local area maritime security committee (AMSC) or interagency operational center. Figure 4: Flow of Information from National and Regional Coast Guard Sources to Area Maritime Security Committees and Interagency Operational Centers at the Port Level: [See PDF for image] [End of figure] Beyond the Coast Guard, other agencies can also play a major role in channeling maritime security information to the port level. As shown in table 2, some of these agencies have broader responsibilities for intelligence across all domains. For example, DOJ has a number of organizations involved in terrorist threat information sharing, such as the National Joint Terrorism Task Force, which act as a liaison and conduit for "all domain" (e.g., maritime and nonmaritime) information from FBI headquarters to Joint Terrorism Task Forces operating in the field. The FBI also has designated Maritime Liaison Agents at the port level who interact with state, local, and private sector officials and other federal agencies, to enhance security at the nation's seaports. In addition, U.S. Attorneys' Offices of DOJ set up Anti-terrorism Advisory Councils that sponsor state-or regional-level task forces or coordination centers that may include a maritime security component. Figure 5 graphically illustrates (1) how maritime and nonmaritime information and intelligence is shared among agencies at the national level and (2) organizational conduits through which information is shared with the port level. The left side of the figure shows DOJ channels for information discussed above. On the right side, the figure also shows the flow of information through Coast Guard channels, as already shown in figure 4. Figure 5: Flow of Information between National Intelligence and Law Enforcement Agencies and between the National and the Port Level: [See PDF for image] [End of figure] [End of section] Appendix IV: Comments from the Department of Homeland Security: U.S. Department of Homeland Security: Washington, DC 20528: April 5, 2005: Ms. Margaret T. Wrightson: Director, Homeland Security and Justice Issues: U.S. Government Accountability Office: 441 G Street, NW: Washington, DC 20548: Dear Ms. Wrightson: RE: Draft Report GAO-05-394, New Structures Have Improved Information Sharing, but Security Clearance Processing Requires Further Attention (GAO Job Code 440283): The Department of Homeland Security (DHS), including the Coast Guard, appreciates the opportunity to comment on the Government Accountability Office's draft report. We generally agree with the findings and recommendations made. The report notes that Coast Guard has lead responsibility in coordinating maritime information sharing efforts to secure the nation's ports against potential terrorist attack. Coast Guard established area maritime security committees and, working with other agencies including other DHS components, has further enhanced information sharing and port security operations by establishing interagency operational centers. Both the area maritime security committee structure and the interagency operational centers have resulted in greater information sharing among interested federal, state, and local governments, and the private sector. Recommendations intended to improve information sharing among nonfederal officials should enhance Coast Guard's on-going efforts promoting information sharing among port security stakeholders. Changes associated with processing security clearances should overcome identified impediments to otherwise successful attempts to strengthen port security through the involvement of various stakeholders. As mentioned in the draft, Coast Guard officials are taking steps to provide guidance to field office personnel to improve information sharing. GAO also acknowledges the role of other DHS components in promoting information sharing. For example, Customs and Border Protection (CBP) officials may be members of area maritime security committees thereby lending their expertise in an effort to promote security. In addition, the interagency operational center in Charleston, South Carolina includes the Department of Justice as well as DHS' CBP, Immigration and Customs Enforcement (ICE), and Coast Guard. The report notes that representatives from the various agencies and DHS' components work side by side, each having access to databases and other sources of information from their respective agencies. For example, the Charleston center has access to both Coast Guard technology systems and various national databases in addition to CBP's databases on incoming cargo containers. Coast Guard, other DHS components, other federal agencies, state and local governments, and the private sector are sharing information. More can be done, but progress has been made. We also appreciate the recognition of the DHS Homeland Security Task Force, South-East. This interagency arrangement is in addition to the interagency operational centers and consists of federal and nonfederal agencies that have the mission to respond to mass migration of immigrants affecting the south eastern United States. This task force was activated in 2004 to interdict a mass migration from Haiti. The report discusses another example of an interagency arrangement for information. sharing wherein single-agency operational centers can become interagency. As mentioned, Coast Guard has its own command centers that normally focus on a variety of Coast Guard missions and that are not normally interagency in structure. However, Coast Guard has established protocols with DHS components, CBP and ICE, to activate a unified or incident command structure should one be needed to respond to specific events. These types of interagency arrangements often include various DHS components and are crucial to sharing information and coordinating operations. Since the release of the draft report, the Coast Guard report required by Congress relating to existing interagency operational centers has been approved by DHS and the Office of Management and Budget. The report is now in the final stages of review at Coast Guard. We are providing technical comments to your office under separate cover. Sincerely, Signed by: Steven Pecinovsky: Director: Departmental GAO/OIG Liaison Office: [End of section] Appendix V: GAO Contacts and Staff Acknowledgments: GAO Contacts: Margaret T. Wrightson (415) 904-2200; Stephen L. Caldwell (202) 512-9610: Staff Acknowledgments: In addition to those named above, David Alexander, Neil Asaba, Juliana Bahus, Christine Davis, Kevin Heinz, Emily Pickrell, Albert Schmidt, Amy Sheller, Stan Stenersen, and April Thompson made key contributions to this report. [End of section] Related GAO Products: Coast Guard: Observations on Agency Priorities in Fiscal Year 2006 Budget Request. GAO-05-364T. Washington, D.C.: March 17, 2005. Homeland Security: Process for Reporting Lessons Learned from Seaport Exercises Needs Further Attention. GAO-05-170. Washington, D.C.: January 14, 2005. Port Security: Better Planning Needed to Develop and Operate Maritime Worker Identification Card Program. GAO-05-106. Washington, D.C.: December 10, 2004. Maritime Security: Better Planning Needed to Help Ensure an Effective Port Security Assessment Program. GAO-04-1062. Washington, D.C.: September 30, 2004. Maritime Security: Partnering Could Reduce Federal Costs and Facilitate Implementation of Automatic Vessel Identification System. GAO-04-868. Washington, D.C.: July 23, 2004. Maritime Security: Substantial Work Remains to Translate New Planning Requirements into Effective Port Security. GAO-04-838. Washington, D.C.: June 30, 2004. Coast Guard: Key Management and Budget Challenges for Fiscal Year 2005 and Beyond. GAO-04-636T. Washington, D.C.: April 7, 2004. Homeland Security: Summary of Challenges Faced in Targeting Oceangoing Cargo Containers for Inspection. GAO-04-557T. Washington, D.C.: March 31, 2004. Coast Guard Programs: Relationship between Resources Used and Results Achieved Needs to Be Clearer. GAO-04-432. Washington, D.C.: March 22, 2004. Homeland Security: Preliminary Observations on Efforts to Target Security Inspections of Cargo Containers. GAO-04-325T. Washington, D.C.: December 16, 2003. Posthearing Questions Related to Aviation and Port Security. GAO-04- 315R. Washington, D.C.: December 12, 2003. Maritime Security: Progress Made in Implementing Maritime Transportation Security Act, but Concerns Remain. GAO-03-1155T. Washington, D.C.: September 9, 2003. Homeland Security: Efforts to Improve Information Sharing Need to Be Strengthened. GAO-03-760. Washington D.C.: August 27, 2003. Container Security: Expansion of Key Customs Programs Will Require Greater Attention to Critical Success Factors. GAO-03-770. Washington, D.C.: July 25, 2003. Homeland Security: Challenges Facing the Department of Homeland Security in Balancing its Border Security and Trade Facilitation Missions. GAO-03-902T. Washington, D.C.: June 16, 2003. Coast Guard: Challenges during the Transition to the Department of Homeland Security. GAO-03-594T. Washington, D.C.: April 1, 2003. Transportation Security: Post-September 11th Initiatives and Long-Term Challenges. GAO-03-616T. Washington, D.C.: April 1, 2003. Coast Guard: Comprehensive Blueprint Needed to Balance and Monitor Resource Use and Measure Performance for All Missions. GAO-03-544T. Washington, D.C.: March 12, 2003. Homeland Security: Challenges Facing the Coast Guard as It Transitions to the New Department. GAO-03-467T. Washington, D.C.: February 12, 2003. Coast Guard: Strategy Needed for Setting and Monitoring Levels of Effort for All Missions. GAO-03-155. Washington, D.C.: November 12, 2002. Port Security: Nation Faces Formidable Challenges in Making New Initiatives Successful. GAO-02-993T. Washington, D.C.: August 5, 2002. Combating Terrorism: Preliminary Observations on Weaknesses in Force Protection for DOD Deployments through Domestic Seaports. GAO-02- 955TNI. Washington, D.C.: July 23, 2002. FOOTNOTES [1] See U.S. Department of Homeland Security, U.S. Coast Guard Fiscal Year 2004 Report (Washington D.C.: February 2004). [2] P.L. 107-296, § 891-892 (Nov. 25, 2002). [3] Homeland security information sharing is the two-way exchange of information, including intelligence, critical infrastructure, and law enforcement information, among federal, state, and local governments and the private sector to establish timely, effective, and useful communications to detect, prevent, and mitigate potential terrorist attacks. [4] The Maritime Transportation Security Act of 2002, P.L.107-295, contains many of the homeland security requirements related specifically to port security. The area maritime security committees are authorized by section 102 of MTSA, as codified at 46 U.S.C. § 70112(a)(2) and implemented at 33 C.F.R. Part 103. [5] We use the term interagency operational centers to refer to centers where multiple federal (and in some cases, state and local) agencies are involved in monitoring maritime security and planning related operations. [6] The consulting firm Booz Allen Hamilton and the Conference Board sponsored the simulation in 2002. In the simulation, representatives from government and industry participated in a scenario involving the discovery and subsequent detonation of radioactive bombs hidden in cargo containers. [7] These congressionally chartered commissions include the 9/11 Commission (the National Commission on Terrorist Attacks upon the United States), the Gilmore Commission (the Advisory Panel to Assess Domestic Response Capabilities for Terrorism Involving Weapons of Mass Destruction), the Bremer Commission (the National Commission on Terrorism), and the Hart-Rudman Commission (the U.S. Commission on National Security/21st Century). [8] P.L. 107-296, § 891 (Nov. 25, 2002). [9] GAO, High-Risk Series: An Update, GAO-05-207 (Washington D.C.: January 2005). [10] Executive Order 12968, Access to Classified Information, Section 1.1(h). [11] See 46 U.S.C. § 70112(a)(2). Prior to MTSA, some port locations had harbor safety committees that had representatives from federal, state, and local organizations. In addition, port security committees had been organized and still exist at ports where substantial out-load and in-load of military equipment occurs. [12] See 33 C.F.R. § 103.500. [13] Because some ports are located close to one another, some committees cover several ports. For example, the Puget Sound area maritime security committee includes the ports of Seattle, Tacoma, Bremerton, Port Angeles, and Everett. [14] Navigation and Vessel Inspection Circular 9-02, Change 1, Sept. 2002. [15] The area maritime security committee for the port of Charleston has a separate intelligence subcommittee made up of members that have security clearances. [16] See The Coast Guard and Maritime Transportation Act of 2004, P.L. 108-293, § 807 (August 9, 2004). While the statute uses the term "joint operational centers," we are using the term "interagency operational centers" to denote centers where multiple agencies participate. According to Coast Guard officials, the term "joint" refers to command centers where the Coast Guard and Navy are involved in carrying out the responsibilities of the center. [17] Washington State Ferries is the largest state-operated ferry system in the country. [18] At the fourth location, the local Coast Guard official initiated contact with nonfederal officials on his own, and he asked for additional information from headquarters. At this location, the field office is working with nonfederal officials to submit their application forms or to verify that they already have a security clearance. [19] GAO, Intelligence Reform: Human Capital Considerations Critical to 9/11 Commission's Proposed Reforms, GAO-04-1084T (Washington, D.C.: September 14, 2004). [20] GAO, DOD Personnel Clearances: Preliminary Observations Related to Backlogs and Delays in Determining Security Clearance Eligibility for Industry Personnel, GAO-04-202T (Washington, D.C.: May 6, 2004); Aviation Security: Federal Air Marshal Service Is Addressing Challenges of Its Expanded Mission and Workforce, but Additional Actions Needed, GAO-04-242 (Washington, D.C.: Nov. 19, 2003); and Security Clearances: FBI Has Enhanced Its Process for State and Local Law Enforcement Officials, GAO-04-596 (Washington, D.C.: Apr. 30, 2004). [21] GAO-04-596, p.24. GAO's Mission: The Government Accountability Office, the investigative arm of Congress, exists to support Congress in meeting its constitutional responsibilities and to help improve the performance and accountability of the federal government for the American people. GAO examines the use of public funds; evaluates federal programs and policies; and provides analyses, recommendations, and other assistance to help Congress make informed oversight, policy, and funding decisions. GAO's commitment to good government is reflected in its core values of accountability, integrity, and reliability. Obtaining Copies of GAO Reports and Testimony: The fastest and easiest way to obtain copies of GAO documents at no cost is through the Internet. GAO's Web site ( www.gao.gov ) contains abstracts and full-text files of current reports and testimony and an expanding archive of older products. The Web site features a search engine to help you locate documents using key words and phrases. You can print these documents in their entirety, including charts and other graphics. Each day, GAO issues a list of newly released reports, testimony, and correspondence. GAO posts this list, known as "Today's Reports," on its Web site daily. The list contains links to the full-text document files. To have GAO e-mail this list to you every afternoon, go to www.gao.gov and select "Subscribe to e-mail alerts" under the "Order GAO Products" heading. Order by Mail or Phone: The first copy of each printed report is free. Additional copies are $2 each. A check or money order should be made out to the Superintendent of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or more copies mailed to a single address are discounted 25 percent. Orders should be sent to: U.S. Government Accountability Office 441 G Street NW, Room LM Washington, D.C. 20548: To order by Phone: Voice: (202) 512-6000: TDD: (202) 512-2537: Fax: (202) 512-6061: To Report Fraud, Waste, and Abuse in Federal Programs: Contact: Web site: www.gao.gov/fraudnet/fraudnet.htm E-mail: fraudnet@gao.gov Automated answering system: (800) 424-5454 or (202) 512-7470: Public Affairs: Jeff Nelligan, managing director, NelliganJ@gao.gov (202) 512-4800 U.S. Government Accountability Office, 441 G Street NW, Room 7149 Washington, D.C. 20548: