What GAO Found
The Department of Defense (DOD) protects the U.S. homeland through two distinct but interrelated missions: (1) homeland defense, which defends against threats such as terrorism, weapons of mass destruction, and cyber incidents; and (2) civil support, which involves supporting other federal agencies in responding to major domestic disasters, emergencies, and special events. DOD has issued and updated several key pieces of doctrine, policy, and strategy for homeland defense and civil support, but it has not updated its primary Strategy for Homeland Defense and Civil Support since it was initially issued in 2005 and does not have a process--similar to that for its joint publications and directives-- to do so. The Joint Staff determined in August 2010 that joint publications on homeland defense needed a complete revision. The joint publication on civil support is also being revised. U.S. Northern Command, the combatant command responsible for homeland defense, is revising these publications to reflect changes in national and department priorities and to incorporate lessons learned from exercises and events such as Hurricane Katrina. Still, such key national and department-level strategies and significant events are not reflected in DOD's strategy, in part because the Office of the Assistant Secretary of Defense for Homeland Defense and Americas' Security Affairs does not have a process for periodically assessing the currency of its homeland defense and civil support strategy and ensuring that needed updates are completed in a timely manner. Reliance on an outdated strategy could hinder DOD's ability to effectively plan for and respond to major disasters and emergencies.
DOD issued some guidance on the dual-status commander construct--through which, during a civil support incident or special event, a single military officer has authority over both National Guard and active-duty military personnel, serving as a link between state and federal forces. Nevertheless, gaps in guidance remain because DOD has not yet developed comprehensive policies and procedures regarding the use and availability of dual-status commanders, including specific criteria and conditions for when and how a state governor and the Secretary of Defense would mutually appoint a commander. As a result, DOD's ability to adequately prepare for and effectively use dual-status commanders for a range of civil support events, including those affecting multiple states, may be hindered.
While a 2010 DOD Directive, a 2007 joint publication, and an agreement with the Department of Homeland Security (DHS) provide some details on how DOD should respond to requests for civil support in the event of a domestic cyber incident, they do not address some aspects of how DOD will provide support during a response. First, DOD has not clarified its roles and responsibilities, and chartering directives for DOD's Offices of the Assistant Secretaries for Global Strategic Affairs and for Homeland Defense and Americas' Security Affairs outline conflicting and overlapping roles and responsibilities. Second, DOD has not ensured that its civil support guidance is aligned with national plans and preparations for domestic cyber incidents. Consequently, it is unclear whether DOD will be adequately prepared to support DHS during a cyber incident. This report makes several recommendations to address gaps in DOD's guidance for homeland defense and civil support, including for DOD to assess and, when needed, update its primary strategy; develop implementation guidance on the dual status commander construct; and align guidance on preparing for and responding to domestic cyber incidents with national-level guidance to include roles and responsibilities.
Why GAO Did This Study
Defending U.S. territory and citizens is the highest priority of DOD, and providing defense support of civil authorities is one of the department's primary missions. DOD is the federal agency with lead responsibility for homeland defense, whereas for civil support missions DOD provides assistance to the lead civilian federal agency, such as DHS, when requested by the agency or directed by the President for major disasters, emergencies, and special events. This report examines the extent to which DOD has issued current guidance, including doctrine, policy, and strategy, for its homeland defense and civil support missions. To do this, GAO analyzed DOD homeland defense and civil support guidance and plans and met with select DOD and National Guard officials.
This report makes several recommendations to address gaps in DOD's guidance for homeland defense and civil support, including for DOD to assess and, when needed, update its primary strategy; develop implementation guidance on the dualstatus commander construct; and align guidance on preparing for and responding to domestic cyber incidents with national-level guidance to include roles and responsibilities.
Recommendations for Executive Action
|Department of Defense||The Secretary of Defense should direct the Under Secretary of Defense for Policy, acting through the Assistant Secretary of Defense for Homeland Defense and Americas' Security Affairs, to develop a process to periodically assess the currency of its Strategy for Homeland Defense and Civil Support and to ensure that updates, when needed, are completed in a timely manner.|
|Department of Defense||The Secretary of Defense should direct the Under Secretary of Defense for Policy, acting through the Assistant Secretary of Defense for Homeland Defense and Americas' Security Affairs and in collaboration with other appropriate stakeholders such as U.S. Northern Command, U.S. Pacific Command, and the National Guard Bureau, to develop implementation guidance on the dual-status commander construct that, at a minimum, includes: (1) more specific criteria for determining when and how to use dual-status commanders, especially for civil support incidents affecting multiple states and territories and (2) a process for determining the appropriate mix of National Guard and active duty federal officers to meet DOD's anticipated needs.|
|Department of Defense||The Secretary of Defense should direct the Under Secretary of Defense for Policy to work with U.S. Strategic Command and its subordinate Cyber Command, DHS, and other relevant stakeholders to update guidance on preparing for and responding to domestic cyber incidents to align with national-level guidance. Such guidance should, at a minimum, include a description of DOD's roles and responsibilities.|