TSA falls short in evaluating aviation security programs

Although the Transportation Security Administration has taken steps to improve aviation security, the agency lacks an effective system for measuring the performance of its initiatives at the nation's airports, a General Accounting Office official told lawmakers Wednesday.

"Although TSA has implemented numerous programs and initiatives to enhance aviation security, it has collected limited information on the effectiveness of these programs and initiatives," Cathleen Berrick, GAO's director of homeland security and justice issues, told the Senate Commerce, Science and Transportation Committee. Berrick testified along with Stephen McHale, TSA's deputy administrator.

GAO specifically found that TSA does not have adequate tests to measure the performance of airport screeners in detecting threat objects, Berrick said. A recent incident in which a 20-year-old college student smuggled box cutters and simulated plastic explosives onto two planes shows that aviation security can still be compromised, she noted.

Committee Chairman Sen. John McCain, R-Ariz., said he is concerned about TSA's performance measurement efforts. He told McHale to be upfront with Congress about challenges the agency is facing.

"We don't want to be surprised," McCain said. "If there are problems and issues, we want to be informed."

Congress has required TSA to establish acceptable levels of performance for aviation security and to develop an annual performance report that documents the effectiveness of its initiatives. GAO found that TSA has issued the required report, but has focused on progress in meeting deadlines rather than on the effectiveness of programs and initiatives.

Berrick said TSA needs to measure the effectiveness of aviation security initiatives that have already been implemented, particularly in the area of passenger screening, and implement a risk management approach to prioritize its efforts, assess threats and focus the agency's resources.

McHale acknowledged vulnerabilities still exist in aviation security, but said airports are more secure today than before the terrorist attacks of Sept. 11.

He said TSA is working with GAO to improve how it measures its programs, especially the performance of screeners. For example, he said TSA is expediting the replacement of conventional X-ray machines with the Threat Image Projection System, which superimposes images of threat objects on monitors during screening operations and records whether screeners identify the objects. He added that TSA is also increasing the number of covert tests of screeners. Berrick said a September GAO study found that only 1 percent of TSA's nearly 50,000 screeners have been subjected to such tests.

McHale also said TSA is initiating a "full end-to-end systems engineering study" of the nation's aviation security system.

Although TSA lacks adequate ways to measure the effectiveness of programs, the agency has initiated efforts to develop and implement goals and performance measures, Berrick said. TSA is developing a five-year strategic plan, which GAO officials hope will address existing problems. TSA expects to complete the plan by February 2004.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.