Aviation Security:

TSA Could Strengthen Its Insider Threat Program by Developing a Strategic Plan and Performance Goals

GAO-20-275: Published: Feb 10, 2020. Publicly Released: Feb 10, 2020.

Additional Materials:

Contact:

Triana McNeil
(202) 512-8777
McNeilT@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

TSA estimates there are about 1.8 million aviation workers at U.S. airports. In some cases, workers have used access privileges to commit crimes, including stealing an aircraft and smuggling guns.

TSA efforts to reduce potential insider threats from aviation workers include requiring employee background checks and randomized worker screenings. Responsibility for these efforts is spread across multiple offices within TSA, airport operators, and air carriers.

The agency does not have a strategic plan to guide its Insider Threat Program. We recommended that it develop one that spells out strategic goals and identify ways to measure its progress.

Access Control Technologies at an Access Point to a Secured Area of an Airport

A door with a sign on it that says Secured Area

A door with a sign on it that says Secured Area

Additional Materials:

Contact:

Triana McNeil
(202) 512-8777
McNeilT@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

What GAO Found

The Transportation Security Administration (TSA), airport operators, and air carriers mitigate insider threats through a variety of efforts. TSA's Insider Threat Program comprises multiple TSA offices with ongoing insider threat mitigation activities, including long-standing requirements addressing access controls and background checks, and compliance inspections. TSA also initiated activities more recently, such as implementing TSA-led, randomized worker screenings in 2018. Airport and air carrier officials implement security measures in accordance with TSA-approved programs and may implement additional measures to further mitigate threats. For example, many airport operators reported using sophisticated access control technologies (e.g. fingerprint readers). Additionally, some air carriers reported conducting more rigorous background checks prior to issuing identification credentials to employees.

Examples of Methods to Mitigate Insider Threats at U.S. Airports

HL_5 bc - 103178

TSA‘s Insider Threat Program is not guided by a strategic plan with strategic goals and objectives nor does it have performance goals.

  • TSA does not have an updated strategic plan that reflects the Program's current status. TSA officials said that the plan was not updated due to turnover of key senior leadership. As of January 2020, TSA officials said they were developing a roadmap that could serve as a new strategic plan for the Program. However, officials had not finalized the contents and were uncertain when it would be completed and implemented. Developing and implementing a strategic plan will help guide TSA's ongoing efforts and coordinate TSA's agency-wide approach.
  • TSA has not defined performance goals with targets and timeframes to assess progress achieving the Program's mission. Without a strategic plan and performance goals, it is difficult for TSA to determine if its approach is working and progress is being made toward deterring, detecting, and mitigating insider threats to the aviation sector.

Why GAO Did This Study

Aviation workers using their access privileges to exploit vulnerabilities and potentially cause harm at the nation's airports is known as an “insider threat.” TSA, airport operators, and air carriers share the responsibility to mitigate all insider threats at airports. In October 2019, TSA estimated there are about 1.8 million aviation workers at the nation's airports.

GAO was asked to review TSA's and aviation stakeholders' efforts to mitigate insider threats at airports. This report (1) discusses the efforts that TSA, airport operators, and air carriers have taken to help mitigate insider threats at airports and (2) evaluates the extent to which TSA's Insider Threat Program is guided by a strategic plan and has performance goals.

GAO reviewed TSA guidance; analyzed TSA data from a questionnaire sent to a representative sample of airport operators; and obtained information from TSA officials, officials from selected larger U.S.-based air carriers, and a nongeneralizable sample of seven airport operators, selected, in part, based on the number of aircraft take-offs and landings.

What GAO Recommends

GAO recommends that TSA develop and implement a strategic plan that has strategic goals and objectives, and develop performance goals to assess progress achieving objectives in the strategic plan. TSA agreed with GAO's recommendations.

For more information, contact Triana McNeil at (202) 512-8777 or McNeilT@gao.gov.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: In February 2020, we reported on the extent to which the Transportation Security Administration (TSA) had a strategic plan in place to guide its Insider Threat Program. During the course of our review, we found that TSA never fully implemented the 2014-2016 strategic plan for its Insider Threat Program, and further, TSA did not renew or revise the plan after 2016 due to the departure of the key sponsoring senior leader. We recommended that TSA develop a strategic plan for its Insider Threat Program. On May 14, 2020, TSA published the TSA Insider Threat Roadmap 2020 that establishes its strategic vision to deter, detect, and mitigate insider threats in the transportation sector. The roadmap describes strategic priorities and goals to help refine and improve its efforts to mitigate insider risks. The roadmap also describes specific objectives to help achieve these priorities. The roadmap should provide TSA with an integrated vision to guide its Insider Threat Program, and the specific goals and objectives in the roadmap should help TSA further develop and mature its insider threat program and mitigate insider risks.

    Recommendation: The TSA Administrator should develop and implement a strategic planfor its Insider Threat Program that includes strategic goals andobjectives. (Recommendation 1)

    Agency Affected: Department of Homeland Security: Transportation Security Administration

  2. Status: Open

    Comments: In May 2020, TSA published its strategic framework, the TSA Insider Threat Roadmap, for mitigating insider threats in the transportation sector. The Roadmap contains three overarching strategic priorities and specific objectives for each of these priorities to refine and continue to improve its efforts to detect, deter, and mitigate insider threats. TSA described that its next steps will be to develop implementation plans for each of these priorities and objectives, including detailed plans of actions with timelines and performance measures to assess its progress achieving the Roadmap's priorities and objectives. We will continue to monitor TSA's efforts to implement our recommendation.

    Recommendation: The TSA Administrator should develop performance goals for its Insider Threat Program that assess progress achieving the strategic objectives in the insider threat strategic plan. (Recommendation 2)

    Agency Affected: Department of Homeland Security: Transportation Security Administration

 

Explore the full database of GAO's Open Recommendations »

Oct 20, 2020

Sep 30, 2020

Sep 29, 2020

Sep 24, 2020

Sep 10, 2020

Aug 19, 2020

Looking for more? Browse all our products here