Further Actions Needed to Coordinate Federal Agencies' Facility Protection Efforts and Promote Key Practices
GAO-05-49: Published: Nov 30, 2004. Publicly Released: Jan 4, 2005.
The war on terrorism has made physical security for federal facilities a governmentwide concern. The Interagency Security Committee (ISC), which is chaired by the Department of Homeland Security (DHS), is tasked with coordinating federal agencies' facility protection efforts, developing protection standards, and overseeing implementation. GAO's objectives were to (1) assess ISC's progress in fulfilling its responsibilities and (2) identify key practices in protecting federal facilities and any related implementation obstacles.
ISC has made progress in coordinating the government's facility protection efforts. In recent years, ISC has taken several actions to develop policies and guidance for facility protection and to share related information. Although its actions to ensure compliance with security standards and oversee implementation have been limited, in July 2004, ISC became responsible for reviewing federal agencies' physical security plans for the administration. ISC, however, lacks an action plan that could be used to provide DHS and other stakeholders with information on, and a rationale for, its resource needs; garner and maintain the support of ISC member agencies, DHS management, Office of Management and Budget, and Congress; identify implementation goals and measures for gauging progress; and propose strategies for addressing various challenges it faces, such as resource constraints. Without an action plan, ISC's strategy and time line for implementing its responsibilities remain unclear. s ISC and agencies have paid greater attention to facility protection in recent years, several key practices have emerged that, collectively, could provide a framework for guiding agencies' efforts. These include allocating resources using risk management; leveraging security technology; coordinating protection efforts and sharing information; measuring program performance and testing security initiatives; realigning real property assets to mission, thereby reducing vulnerabilities; and, implementing strategic human capital management, to ensure that agencies are well equipped to recruit and retain high-performing security professionals. GAO also noted several obstacles to implementation, such as developing quality data for risk management and performance measurement, and ensuring that technology will perform as expected.
Recommendations for Executive Action
Status: Closed - Implemented
Comments: DHS has issued an Interagency Security Committee Action Plan for calendar years 2007-2008 in response to GAO's recommendation.
Recommendation: The Secretary of Homeland Security should direct the Chair of ISC to develop an action plan that identifies resource needs, implementation goals, and time frames for meeting ISC's ongoing and yet-unfulfilled responsibilities. The action plan should also be used to propose strategies for addressing the range of challenges ISC faces. Such an action plan would provide a road map for DHS to use in developing resource priorities and for ISC to use in communicating its planned actions to agencies and other stakeholders, including Congress.
Agency Affected: Department of Homeland Security: Directorate of Information Analysis and Infrastructure Protection
Status: Closed - Implemented
Comments: The Interagency Security Committee (ISC) has established working groups to guide agencies' facility protection efforts. These working groups align with the key practices identified in GAO-05-49 and address key practices including performance measurement, allocation of resources based on risk management, strategic human capital management, and technology. This approach provides a framework for using GAO's key practices to guide agencies' efforts.
Recommendation: The Chair of ISC, with input from ISC member agencies, should consider using our work as a starting point for establishing a framework of key practices that could guide agencies' efforts in the facility protection area. This initiative could subsequently be used by agencies to evaluate their actions, identify lessons learned, and develop strategies for overcoming obstacles.
Agency Affected: Department of Homeland Security: Interagency Security Committee