A Bahraini police officer sits in a police car at a new checkpoint near the U.S. Embassy in Manama, Bahrain, in 2013.

A Bahraini police officer sits in a police car at a new checkpoint near the U.S. Embassy in Manama, Bahrain, in 2013. Hasan Jamali/AP

Featured eBooks
Life After Government
Securing the Government Cloud
The Cybersecurity Challenge
State Department Not Consistent in Bolstering Embassy Security

Watchdog finds inadequate risk management.

The State Department’s post-Benghazi efforts to reinforce physical security at overseas facilities suffer from inconsistent tracking of data and inadequate risk management, the Government Accountability Office reported Thursday.

In refurbishing embassies, consulates and warehouses in dangerous regions, the department is failing to document instances in which it grants waivers or exceptions to security standards.

“State's risk management activities do not operate as a continuous process or continually incorporate new information,” auditors wrote in the unclassified version of a classified report to leaders of the House and Senate foreign affairs committees. “State does not use all available information when establishing threat levels at posts, such as when posts find it necessary to implement measures that exceed security standards. State also lacks processes to re-evaluate the risk to interim and temporary facilities that have been in use longer than anticipated.”

In a 68-page report complete with diagrams, GAO reported on 10 site visits at high-threat locations over the past year (plus interviews with staff at six more) that revealed the absence of waiver documentation for embassy or consulate compound facilities that did not meet the requirements for hardened building exteriors, co-locations or setbacks. 

State maintains some 1,600 work facilities, which includes offices and warehouses, at 275 diplomatic posts, some of which were built before security standards implemented in 1991.

“State assesses six types of threats, such as terrorism, and assigns threat levels, which correspond to physical security standards at each overseas post,” auditors wrote. “However, GAO found several inconsistencies in terminology used to categorize properties and within the property inventory database used to track them, raising questions about the reliability of the data.”

Auditors said State’s approach left it unclear what standards apply to some types of facilities. In some cases, the department took eight years to update standards for such security tools as anti-ram perimeters, GAO said. 

GAO made 13 recommendations to improve tracking and harmonization of data to achieve greater accuracy and currency. State officials reading a draft of the report generally agreed.