Skip to Highlights
Highlights

International flights bound for the United States continue to be targets of terrorist activity, as demonstrated by the October 2010 discovery of explosive devices in air cargo packages bound for the United States from Yemen. The Transportation Security Administration (TSA) is responsible for securing the nation's civil aviation system, which includes ensuring the security of U.S.-bound flights. As requested, GAO evaluated (1) the steps TSA has taken to enhance its foreign airport assessment program since 2007, and any remaining program challenges; (2) TSA's assessment results, including how TSA uses the results to guide future efforts; and (3) what opportunities, if any, exist to enhance the program. To conduct this work, GAO reviewed foreign airport assessment procedures and results, interviewed TSA and foreign aviation security officials, and observed TSA conduct a foreign airport assessment. While these interviews and observations are not generalizable, they provided insights on TSA's program. This is the public version of a sensitive report GAO issued in September, 2011. Information that TSA deemed sensitive has been omitted.

Skip to Recommendations

Recommendations

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Homeland Security 1. To help further enhance TSA's foreign airport assessment program, the Secretary of Homeland Security should direct the Assistant Secretary for the Transportation Security Administration to develop a mechanism to evaluate the results of completed assessment activities to determine any trends and target future activities and resources. This evaluation could include frequency of noncompliance issues, regional variations, and perspectives on the security posture of individual airports over time.
Closed - Implemented
In response to our recommendation that the Transportation Security Administration (TSA) develop a mechanism to evaluate the results of completed foreign airport assessment activities to determine any trends and better target activities and resources, TSA created an analytical tool that compares the most current airport vulnerability findings by region (Asia Pacific, Western Hemisphere, and Africa and the Middle East), including evaluating the frequency of noncompliance issues identified by TSA inspectors. For example, TSA?s analytical tool provides results on all foreign airport assessments TSA has completed since 2007, and allows TSA to evaluate and compare individual airports assessment results over time to identify any trends. It also provides break outs on the number of airport assessments TSA has completed within each geographic region, and provides an average vulnerability rating for each airport within each region allowing TSA to evaluate which regions are generally more or less vulnerable than others in terms of airport security. The tool also provides information on which specific airport security standards are most frequently found to have deficiencies by TSA inspectors, including breakouts by region allowing TSA to evaluate and compare which standards are more and less frequently found to be deficient within each region. We are therefore closing this recommendation as implemented.
Department of Homeland Security 2. To help further enhance TSA's foreign airport assessment program, the Secretary of Homeland Security should direct the Assistant Secretary for the Transportation Security Administration to establish criteria and guidance to assist TSA decision makers when determining the vulnerability rating of individual foreign airports.
Closed - Implemented
In response to our recommendation that the Transportation Security Administration (TSA) develop criteria and guidance to better assist TSA officials in determining vulnerability ratings of individual foreign airports, TSA established new vulnerability rating criteria and guidance in January 2013. More specifically, TSA assigns each airport an overall vulnerability score of 1-5. These scores, or categories, are numerical representations of compliance or noncompliance with the security standards the agency assesses each foreign airport against. Prior to January 2013, Category 1 = Fully Compliant; Category 2 = Capability Exists with Minor Episodes of Noncompliance; Category 3 = Capability Exists, Compliance is Generally Noted, Shortfalls Remain; Category 4 = Capability Exists, Serious Lack of Implementation Observed; and Category 5 = Egregious Noncompliance. However, we reported in 2012 that TSA had not developed any specific criteria, definitions, or implementing guidelines to ensure managers and other program management officials applied these categories consistently across airports. For example, TSA did not define how to assess whether an airport should receive a vulnerability rating of 3--"capability exists, compliance is generally noted, shortfalls remain," versus a vulnerability rating of 2--"capability exists with minor episodes of noncompliance." However, TSA's January 2013 category definitions provide more specific criteria and guidance to better assist TSA managers and other program management officials in applying the 5 categories more consistently across airports. For example, TSA's new criteria and guidance is as follows: 1 = Fully Compliant; 2 = Have documented procedures; however, the implementation of procedures is inconsistent (Isolated occurrence(s)); 3 = (A) Have documented procedures; however, inconsistencies remain or (B) Have no documented procedures, but measures are implemented; 4 = Have documented procedures; however, the procedures are not implemented; and 5 = No documented procedures and no implementation. TSA's updated guidance provides more specific criteria to help managers and other program management officials apply the categories more consistently across airports. We are therefore closing this recommendation as implemented.
Department of Homeland Security 3. To help further enhance TSA's foreign airport assessment program, the Secretary of Homeland Security should direct the Assistant Secretary for the Transportation Security Administration to consider the feasibility of conducting more targeted assessments and systematically compiling information on aviation security best practices.
Closed - Implemented
In response to our recommendation that the Transportation Security Administration (TSA) consider the feasibility of conducting more targeted assessments and systematically compiling information on aviation security best practices, TSA has taken several actions. Specifically, TSA developed the Pre-Visit Questionnaire (PVQ), which host foreign airport officials fill out prior to TSA's visit. Specifically, the PVQ is sent to the host government about two months prior to the assessment in order to provide host government officials time to complete and return the questionnaire. This information enables each TSA foreign airport assessment team to tailor the on-site assessment at each airport to the information provided in the PVQ, and focus TSA's assessment efforts on specific areas of concern as indicated in the PVQ responses, and as TSA inspectors identified during prior assessments. TSA pilot tested the PVQ during 2012 and 2013 prior to the issuance of its final version on April 3, 2013. In addition, TSA has also developed a "Special Focus Assessment" regime, which emphasizes focusing on the most critical foreign airport security standards. These focused assessments are in use at locations where personal security is of significant concern (e.g., Mexico, Iraq) or where a full-scope assessment is not necessary (e.g., proposed new last point of departure airports). In addition, TSA's Global Risk Analysis and Decision Support (GRADS) System includes a mechanism for capturing best practices observed and documented by assessment teams during their periodic visits. Specifically, the GRADS system is utilized to capture various data points during the airport assessment. The data can then be analyzed in order to develop trends and best practices.

Full Report