This is the accessible text file for GAO report number GAO-04-592T 
entitled 'Aviation Security: Improvement still Needed in Federal 
Aviation Security Efforts' which was released on March 30, 2004.

This text file was formatted by the U.S. General Accounting Office 
(GAO) to be accessible to users with visual impairments, as part of a 
longer term project to improve GAO products' accessibility. Every 
attempt has been made to maintain the structural and data integrity of 
the original printed product. Accessibility features, such as text 
descriptions of tables, consecutively numbered footnotes placed at the 
end of the file, and the text of agency comment letters, are provided 
but may not exactly duplicate the presentation or format of the printed 
version. The portable document format (PDF) file is an exact electronic 
replica of the printed version. We welcome your feedback. Please E-mail 
your comments regarding the contents or accessibility features of this 
document to Webmaster@gao.gov.

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately.

Testimony:

Before the Subcommittee on Aviation, Committee on Commerce, Science and 
Transportation, U.S. Senate:

United States General Accounting Office:

GAO:

For Release on Delivery Expected at 9:30 a.m. EST:

Tuesday, March 30, 2004:

AVIATION SECURITY:

Improvement Still Needed in Federal Aviation Security Efforts:

Statement of Norman J. Rabkin, Managing Director, Homeland Security and 
Justice Issues:

GAO-04-592T:

GAO Highlights:

Highlights of GAO-04-592T, a testimony before the Subcommittee on 
Aviation, Committee on Commerce, Science and Transportation, U.S. 
Senate 

Why GAO Did This Study:

The security of the nationís commercial aviation system has been a 
long-standing concern. Following the events of September 11, 2001, 
Congress enacted numerous aviation security improvements designed to 
strengthen aviation security, including the development of a passenger 
prescreening system and the federalization of airport screeners. 
Despite these changes, challenges continue to face the Department of 
Homeland Security (DHS) and the Transportation Security Administration 
(TSA) efforts to improve aviation security. GAO was asked to summarize 
the results of previous and ongoing aviation security work. These 
include: (1) the development of CAPPS II to assist in identifying high-
risk passengers, (2) the management of passenger and baggage screening 
programs, (3) the operations of the Federal Air Marshal Service, and 
(4) other aviations security related efforts, such as cargo, that 
remain a concern. 

What GAO Found:

Numerous challenges continue to face TSA in its efforts to improve the 
nationís aviation security system. First, key activities in the 
development of CAPPS II have been delayed and TSA has not yet completed 
important system planning activities. TSA is behind schedule in testing 
and developing initial increments of CAPPS II due to delays in 
obtaining needed passenger data for testing from air carriers because 
of privacy concerns and has not established a complete plan identifying 
specific system functionality to be delivered, the schedule for 
delivery, and estimated costs. TSA also has not fully addressed seven 
of eight issues identified by Congress as key elements related to the 
development, operation, and public acceptance of CAPPS II. 
Additionally, three other major challengesóinternational cooperation, 
program mission expansion, and identity theftóneed to be adequately 
addressed to ensure CAPPS IIís successful implementation.

Second, TSA continues to face challenges in hiring, deploying, and 
training its screener workforce. Staffing shortages and TSAís hiring 
process continue to hinder its ability to fully staff screening 
checkpoints without using additional measures, such as mandatory 
overtime. Further, TSA continues to have difficulty deploying and 
leveraging screening equipment and technologies because of competing 
priorities in a tight budget environment. 

Third, the rapid expansion of the Federal Air Marshal Service has 
encountered a number of operational and management problems. To 
accommodate the expansion, the Service revised and abbreviated its 
training curriculum. The Service developed an advanced training course 
for newly hired marshals to provide additional skills but funding 
cutbacks have delayed completion of this training for all air marshals. 
Most recently, budget constraints have not permitted the Service to 
reach its target staffing levels and are delaying efforts to develop 
its field location infrastructure and its automated system to schedule 
air marshal missions. 

Fourth, DHS and TSA face other challenges as they continue to address 
threats to the nationís aviation system. Significant challenges include 
developing measures to counter the growing concerns over portable 
surface-to-air missiles, improving airport perimeter and access 
controls, and addressing security concerns related to air cargo and 
general aviation. 

What GAO Recommends:

In prior reports and testimonies, listed at the end of this statement, 
GAO has made recommendations to improve aviation security and to 
strengthen various security efforts underway. We also have several 
ongoing reviews assessing certain issues addressed in this testimony 
that will be published under separate reports at a later date. 

www.gao.gov/cgi-bin/getrpt?GAO-04-592T.

To view the full product, including the scope and methodology, click on 
the link above. For more information, contact Norman J. Rabkin at 
(202) 512-8777 or rabkinn@gao.gov.

[End of section]

Mr. Chairman and Members of the Subcommittee:

I appreciate the opportunity to participate in today's hearing to 
discuss the security of our nation's aviation system and the numerous 
efforts under way to improve it. Protecting the nation's air 
transportation system is an evolving process that requires continuously 
adjusting protective measures to meet the ever-changing nature of 
terrorist threats. Since the late 1960s and early 1970 when passenger 
screening was first initiated, increasing and improving aviation 
security has been a learning experience. Each incremental increase in 
security was usually the result of some catastrophic event, the most 
recent being the September 11, 2001, attacks. Following that tragic 
event, aviation security efforts have been refocused and reorganized 
through the creation of the Department of Homeland Security (DHS) and 
the Transportation Security Administration (TSA), the strengthening of 
federal leadership and responsibility for aviation security, and the 
funding of billions of dollars each year for programs and initiatives 
to maintain and enhance aviation security. Yet despite this large and 
focused effort, concerns over the security of our aviation system 
remain.

My testimony today focuses on DHS's and TSA's aviation security efforts 
in four areas: (1) the development of the new Computer-Assisted 
Passenger Prescreening System (CAPPS II) to help identify high-risk 
passengers prior to arriving at the airport, (2) the management by TSA 
of its passenger and baggage screening programs, (3) the operation of 
the Federal Air Marshal Service, and (4) other aviation security-
related efforts that remain a concern. This testimony is based on our 
prior and ongoing work and review of recent literature. A listing of 
our prior reports is contained in appendix I.

In summary, we found that:

* Key activities in the development of CAPPS II have been delayed and 
TSA has not completed important system planning activities. TSA is 
behind schedule in testing and developing the system's initial 
increments due to delays in obtaining passenger data needed for testing 
from air carriers because of privacy concerns, and it has not 
established an overall plan identifying specific system functionality 
that will be delivered, the schedule for delivery, and estimated costs. 
TSA also has not completely addressed seven of the eight issues 
identified by the Congress as key areas of interest related to the 
development, operation, and public acceptance of CAPPS II. 
Additionally, there are three major challenges--international 
cooperation, program mission expansion, and identity theft--that could 
prevent the successful implementation of CAPPS II if not adequately 
resolved by TSA.

* TSA continues to face challenges in hiring, deploying, and training 
its screener workforce even though it met the mandate to establish a 
federal screener workforce by November 2002. Staffing shortages and 
TSA's hiring process continue to hinder its ability to fully staff 
screening checkpoints without using additional measures, such as 
mandatory overtime. Additionally, TSA has taken steps to enhance its 
screener training programs, but staffing shortages and lack of high-
speed connectivity at many airport training facilities have made it 
difficult for screeners to fully utilize these programs. Further, TSA 
continues to face challenges in deploying and leveraging screening 
equipment and technologies because of competing priorities in a tight 
budget environment.

* The rapid expansion of the Federal Air Marshal Service has 
encountered a number of operational and management problems. In order 
to deploy its expanded workforce by July 1, 2002, the Service developed 
an advanced training course to provide additional training for newly 
hired air marshals, but funding cutbacks have delayed expected 
completion of this training by all air marshals until mid-2004. More 
recently, because of budget constraints, Service officials said that 
the number of air marshals has not reached target levels and may be 
declining, equipment and facilities for field locations cannot be 
obtained, and the development of systems to schedule and manage air 
marshal missions have been delayed.

* DHS and TSA face a number of other challenges as they continue to 
address threats to the nation's aviation system. Significant challenges 
include developing measures to counter the growing concerns over 
portable shoulder-launched surface-to-air missiles, improving airport 
perimeter and access controls, and addressing broad security concerns 
related to air cargo and general aviation. We have work in progress 
that is examining these issues.

Background:

The security of the U.S. commercial aviation system has been a long-
standing concern. Over the years, numerous initiatives have been 
implemented to strengthen aviation security. However, as we and others 
have documented in numerous reports and studies, weaknesses continue to 
exist. It was due in part to these weaknesses that terrorists were able 
to hijack four commercial aircraft on September 11, 2001, with tragic 
results. Concerns continue to exist regarding the security of the 
aviation system, as evidenced by the cancellations of several, mostly 
transatlantic flights to and from the United States in response to 
intelligence information regarding specific threats to those flights.

With hundreds of commercial airports, thousands of commercial aircraft, 
tens of thousands of daily flights, and millions of passengers using 
the system daily, providing security to the nation's commercial 
aviation system is a daunting task. In an effort to strengthen the 
security of commercial aviation, the President signed into law the 
Aviation and Transportation Security Act (ATSA) on November 19, 
2001.[Footnote 1] ATSA created TSA and mandated actions designed to 
strengthen aviation security, including the federalization of passenger 
and baggage screening at over 440 commercial airports in the United 
States by November 19, 2002, and the screening of all checked baggage 
using explosive detection systems. On March 1, 2003, pursuant to the 
Homeland Security Act of 2002,[Footnote 2] TSA was transferred from the 
Department of Transportation to the newly created Department of 
Homeland Security.

Virtually all aviation security responsibilities now reside within DHS, 
and most of these are with TSA, including conducting passenger and 
baggage screening, and overseeing security measures for airports, 
commercial aircraft, air cargo, and general aviation. Only the Federal 
Air Marshal Service, which was recently moved from TSA to DHS's Bureau 
of Immigration and Customs Enforcement, is not within the 
responsibilities of TSA. Taken together, these programs are intended to 
form a layered system that maximizes the security of passengers, 
aircraft, and other elements of the aviation infrastructure.

Significant Challenges Face Implementation Of Computer-Assisted 
Passenger Prescreening System:

One effort under way to strengthen aviation security is TSA's 
development of a Computer-Assisted Passenger Prescreening System, known 
as CAPPS II, to replace the current prescreening system now in use. 
CAPPS II will evaluate each passenger's level of risk before they reach 
the check-in counter at the airport by accessing commercial and 
government databases to authenticate the passenger's identity and 
generate a risk score. The risk scores will be used to determine if 
passengers need additional security measures or, if warranted, be 
denied boarding and/or detained by law enforcement.

However, as we recently reported, TSA faces numerous challenges that 
could affect CAPPS II's successful development and 
implementation.[Footnote 3] Key activities in the development of CAPPS 
II are behind schedule and TSA has not developed critical system plans; 
numerous developmental, operational, and privacy issues of concern to 
the Congress remain unresolved by TSA; and other significant challenges 
exist that could affect the successful implementation of CAPPS II. As a 
result, the potential for CAPPS II to improve aviation security remains 
questionable until TSA addresses the numerous concerns raised and 
challenges facing the program.

Program Delays and Critical Plans Incomplete:

Key activities in the development of CAPPS II have been delayed and TSA 
has not yet completed critical system planning activities. TSA is 
developing CAPPS II in nine increments, with each increment providing 
increased functionality. As each increment reached completion, TSA 
planned to conduct tests that would ensure the system meets the 
objectives of that increment before proceeding to the next increment. 
The development of CAPPS II began in March 2003 with increments 1 and 2 
being completed in August and October 2003, respectively. However, TSA 
has not completely tested these initial two increments because it was 
unable to obtain the necessary passenger data for testing from air 
carriers. Air carriers have been reluctant to provide passenger data 
due to privacy concerns. As a result, TSA deferred completing these 
tests until increment 3.

Completion of increment 3, however, has been delayed. Due to the 
continued inability to secure passenger data for testing, TSA delayed 
the completion of increment 3 from October 2003 until the end of March 
2004. Moreover, the functionality that this increment was expected to 
achieve has been reduced. Increment 3 was originally intended to 
provide a functioning system that could handle live passenger data from 
one air carrier in a test environment to demonstrate that the system 
can satisfy operational and functional requirements. However, TSA 
officials reported that they recently modified increment 3 to instead 
provide a functional application of the system in a simulated test 
environment that is not actively connected to an airline reservation 
system, and they are uncertain when testing that was deferred from 
increments 1 and 2 to increment 3 will be completed. As a result, all 
succeeding increments of CAPPS II have been delayed.

Further, TSA has not yet developed critical elements associated with 
sound project planning, including a plan for what specific 
functionality will be delivered, by when, and at what cost throughout 
the development of the system. For example, although TSA established 
plans for the initial increments of the system, it lacks a 
comprehensive plan identifying the specific functions that will be 
delivered during the remaining increments; such as, which government 
and commercial databases will be incorporated, the date when these 
functions will be delivered, and an estimated cost of the functions. In 
addition, TSA officials are uncertain when CAPPS II will achieve 
initial operating capability--the point at which the system will be 
ready to operate with one airline. Project officials also said that 
because of testing delays, they are unable to plan for future 
increments with any certainty. Until project officials develop a plan 
that includes scheduled milestones and cost estimates for key 
deliverables, CAPPS II is at increased risk of not providing the 
promised functionality, not being fielded when planned, and being 
fielded at an increased cost.

Issues Identified by Congress Remain Unresolved:

TSA has not fully addressed seven of eight issues identified by the 
Congress as key areas of interest related to the development and 
implementation of CAPPS II. At this time, only one issue--the 
establishment of an internal oversight board to review the development 
of major systems that includes CAPPS II--has been addressed. DHS and 
TSA are taking steps to address the remaining seven issues; however, 
they have not yet:

* determined and verified the accuracy of the databases to be used by 
CAPPS II,

* stress tested and demonstrated the accuracy and effectiveness of all 
search tools to be used by CAPPS II,

* developed sufficient operational safeguards to reduce the 
opportunities for abuse,

* established substantial security measures to protect CAPPS II from 
unauthorized access by hackers and other intruders,

* adopted policies to establish effective oversight of the use and 
operation of the system,

* identified and addressed all privacy concerns, and:

* developed and documented a process under which passengers impacted by 
CAPPS II can appeal decisions and correct erroneous data.

Although TSA is in various stages of progress to address each of these 
issues, TSA has not established milestones for some and delayed others 
without estimating a new completion date. For example, TSA planned to 
conduct stress and system tests by August 2003; however, stress testing 
was delayed several times due to TSA's inability to obtain the 
passenger data needed to test the system. Completion of stress testing 
was moved to March 31, 2004, but this testing has been postponed again 
and currently no estimate exists for when these tests will be 
conducted. Although TSA program officials contend that their ongoing 
efforts will ultimately address each issue, program officials were 
unable to identify a time frame for when all remaining issues will be 
fully addressed.

Other Challenges Could Affect Successful Implementation of CAPPS II:

CAPPS II faces three other challenges that, if not adequately resolved, 
pose major risks to its successful development, implementation, and 
operation. First, for CAPPS II to operate fully and effectively, it 
needs data not only on U.S. citizens but also on foreign nationals on 
all international flights coming to, or departing from, the United 
States as well as all domestic flights. However, obtaining 
international cooperation for access to these data remains a 
substantial challenge. The European Union, in particular, has objected 
to its citizens' data being used by CAPPS II, whether a citizen of a 
European Union country flies on a U.S. carrier or an air carrier under 
another country's flag, because it may violate the civil liberties and 
privacy rights of its citizens. According to a December 2003 report 
from the Commission of European Communities, the European Union will 
not be in a position to agree to the use of its citizens' passenger 
data for CAPPS II until internal U.S. processes have been completed and 
it is clear that the U.S. Congress's privacy concerns have been 
resolved. Discussions with the European Union on this issue are 
ongoing.

Second, the original purpose of CAPPS II may be expanded and this 
expansion may in turn affect program objectives and public acceptance 
of the system. The primary objective of CAPPS II was to protect the 
commercial aviation system from the risk of foreign terrorism by 
screening for high-risk or potentially high-risk passengers. However, 
TSA has said that the system would seek to identify domestic terrorists 
as well as foreign terrorists and that the system could be expanded to 
identify persons who are subject to outstanding federal or state arrest 
warrants for violent crimes and those individuals who are in the United 
States illegally or who have overstayed their visas. DHS officials 
contend that such changes are not an expansion of the system's mission 
because they believe these additional objectives will improve aviation 
security and are consistent with CAPPS II's mission. However, concerns 
exist that expanding CAPPS II's mission could also lead to an erosion 
of public confidence in the system, increase the costs of passenger 
screening and the number of passengers erroneously identified as 
needing additional security attention, and put TSA at risk of diverting 
attention from the program's fundamental purpose.

Third, the successful operation of CAPPS II depends on the system's 
ability to effectively identify passengers who assume the identity of 
another individual. TSA officials said that CAPPS II should detect 
situations in which a passenger submits fictitious information such as 
a false address. These instances would likely be detected since the 
data being provided would either not be validated or would be 
inconsistent with information in the databases used by CAPPS II. 
However, the officials acknowledge that some identity theft is 
difficult to spot, particularly if the identity theft is unreported or 
if collusion, where someone permits his or her identity to be assumed 
by another person, is involved. TSA officials said that there should 
not be an expectation that CAPPS II will be 100 percent accurate in 
identifying all cases of identity theft, and that although not 
foolproof, CAPPS II represents an improvement in identity 
authentication over the current system.

Efforts to Improve Screening Face Challenges:

One of the critical layers of our nation's aviation security system is 
passenger and baggage screening. All passengers on commercial airliners 
must pass through airport screening checkpoints and have their carry on 
and checked baggage screened. TSA manages the screening operations and 
uses electronic searches, manual searches, and other measures to 
determine if threat objects, including explosives, are in the 
possession of the passengers or in their baggage. Following the events 
of September 11, 2001, airline passenger and baggage screening became a 
federal responsibility and is now carried out by TSA employees or, in 
the case of five airports, by private screening companies under the 
direction of TSA.[Footnote 4]

Our recent work on screening has found that numerous challenges impede 
TSA's progress in improving screening.[Footnote 5] Four key areas of 
concern include TSA's efforts to (1) hire and deploy passenger and 
baggage screeners, (2) train the screening workforce, (3) measure 
screener performance in detecting threat objects, and (4) leverage and 
deploy screening equipment and technologies.

Concerns Remain Regarding Hiring and Deploying the Screener Workforce:

TSA accomplished a significant goal by hiring and deploying more than 
55,000 screeners by November 19, 2002. However, its initial staffing 
efforts created imbalances in the screener workforce. While some 
airports had too many screeners, others had too few. To address these 
imbalances, as well as congressional concerns regarding overall 
screener-staffing levels, TSA began attempting to right-size its 
screener workforce. Specifically, TSA established a goal to reduce its 
screener workforce by 3,000 screeners by June 1, 2003, and an 
additional 3,000 screeners by September 30, 2003. These reductions were 
achieved through attrition, voluntary transfers from full to part-time, 
and involuntary transfers to part-time or terminations based on 
screeners' scores on competency-based examinations.

However, TSA continues to struggle to achieve the right number of 
screeners at airport passenger and baggage checkpoints and has not yet 
achieved a stable screener workforce. To accomplish its security 
mission, TSA needs a sufficient number of screeners trained and 
certified in TSA security procedures and technologies. Currently, TSA's 
screener staffing level is below a congressionally imposed staffing cap 
of 45,000 full-time equivalents.[Footnote 6] According to TSA 
officials, TSA has experienced an average annual attrition rate of 14 
percent for screeners, with some of the larger airports reportedly 
experiencing annual attrition rates ranging from 15 to 36 percent. TSA 
has also experienced difficulties in hiring new staff. TSA's hiring 
process is designed to ensure that its hiring practices are 
standardized and consistent throughout all airports. However, this 
process has hindered the ability of some Federal Security Directors 
(FSD)[Footnote 7] to adequately staff passenger and baggage screening 
checkpoints. In addition, TSA has also experienced challenges in 
attracting needed part-time screeners. As a result, FSDs at some of the 
larger airports we visited had to frequently require mandatory 
overtime, particularly during the holiday season, to accomplish 
screening functions.

To help right-size and stabilize its screener workforce, TSA hired a 
consultant in September 2003 to conduct a study of screener staffing 
levels at the nation's commercial airports. Specifically, the 
consultant was tasked with, among other things, evaluating TSA's 
current staffing methodology and systems to establish a baseline, 
developing a comprehensive modeling approach that accounts for the 
considerable variability that occurs among airports,[Footnote 8] 
integrating modeling parameters into TSA's screener scheduling system, 
and delivering user friendly simulation software that will determine 
optimum screener staffing levels for each of the more than 440 
commercial airports with federal screeners. TSA expects the 
consultant's study to be completed in April 2004.

TSA is also trying to compensate for screener shortages and to enable 
operational flexibility to respond to changes in risk and threat. In 
October 2003, TSA established a National Screening Force to provide 
screening support to all airports in times of emergency, seasonal 
demands, or under other special circumstances that require a greater 
number of screeners than regularly available to FSDs. The National 
Screening Force currently consists of over 700 full-time passenger and 
baggage screeners, of which about 10 percent are screening supervisors. 
TSA officials said that they determine where to deploy members of the 
National Screening Force based on priorities. For example, the highest 
priority is given to those airports that need additional screeners in 
order to be able to screen 100 percent of checked baggage using 
Explosive Detection Systems (EDS) and Explosive Trace Detection (ETD) 
systems. TSA is also currently drafting standard operating procedures 
for the National Screening Force. We have ongoing work that will 
examine TSA's use of the National Screening Force and other staffing 
issues.

Screener Training Programs Enhanced, but Access to Programs Is 
Sometimes Limited:

TSA has taken steps to enhance its training programs for screeners. 
However, staffing shortages and lack of high-speed connectivity at 
airport training facilities have made it difficult for screeners to 
fully utilize these programs. Specifically, TSA recently revamped its 
screener training program to include three main components: (1) 
training all screeners in the skills necessary for both passenger and 
baggage screening (replaces basic screener training); (2) recurrent 
(skills refresher) screener training; and (3) technical screener 
training/certification for EDS. In addition to strengthening its basic 
and recurrent training programs, TSA is enhancing and standardizing 
remedial training for screeners who fail testing conducted by TSA's 
Office of Internal Affairs and Program Review. TSA has also established 
leadership and technical training programs for screening supervisors.

Despite these efforts, however, some FSDs said that ensuring screeners 
received required training continued to be a challenge. For example, 
FSDs at 5 of the largest airports said that due to staffing shortages, 
they were unable to let screeners take training because it would impact 
FSDs' ability to provide adequate screener coverage. Consequently, 
screeners received an average of only 3 hours of recurrent training per 
month, far less than the required 3 hours per week.[Footnote 9] In an 
attempt to ensure screeners receive required training, several FSDs 
provided training through overtime, or established training relief 
teams with the sole purpose of staffing screening checkpoints while 
screeners participated in training.

TSA Continues to Strengthen its Efforts to Measure Screener Performance 
in Detecting Threat Objects:

TSA has undertaken several initiatives to measure the performance of 
passenger screeners in detecting threat objects. However, TSA has 
collected limited data related to the performance of baggage screeners. 
In July 2003, TSA completed a study of the performance of its passenger 
screening system, which identified numerous performance deficiencies, 
such as inadequate staffing and poor supervision of screeners. These 
deficiencies were in turn caused by a lack of skills and knowledge, low 
motivation, ineffective work environment, and wrong or missing 
incentives. In response to this study, in October 2003 TSA developed a 
short-term action plan that identified key actions TSA plans to take to 
strengthen the performance of passenger screeners. These actions built 
on several initiatives that TSA already had underway, including 
enhancing training for screeners and supervisors, completing 
installation of the Threat Image Projection system,[Footnote 10] and 
conducting annual recertifications of screeners. TSA is also increasing 
covert testing of passenger and baggage screeners in which TSA 
undercover agents attempt to pass threat objects through screening 
checkpoints to identify systematic problems affecting the performance 
of screeners.

While TSA is making progress in each of these areas, it has collected 
limited data on the performance of its baggage screening operations. 
Officials said that they have collected limited performance data 
related to baggage screeners due to their initial focus on passenger 
screener performance, but plan to collect additional performance data 
in the future.

TSA Faces Challenges in Its Efforts to Deploy and Leverage Screening 
Equipment and Technologies:

TSA has made progress in its checked baggage screening operations, but 
continues to face operational and funding challenges in screening all 
checked baggage using explosive detection systems, as mandated by ATSA. 
Although TSA has deployed EDS and ETD equipment to all airports, TSA 
has not been able to fully utilize this equipment to screen 100 percent 
of checked baggage for explosives by the congressionally mandated 
deadline of December 31, 2003, due to screener and equipment shortages 
and equipment being out of service for maintenance and/or repairs. When 
TSA cannot screen 100 percent of checked baggage using EDS and ETD, TSA 
continues to use alternative means, including K-9 teams, manual bag 
searches, and positive passenger bag match. TSA has ongoing initiatives 
to increase the efficiency of screening checked baggage using EDS, 
including the development and construction of in-line baggage screening 
systems at larger airports--which streamlines the screening processes.

TSA is also conducting research and development activities to 
strengthen passenger and baggage screening. These efforts are designed 
to improve detection capability, performance, and efficiency for 
current technologies, and to develop the next generation of EDS 
equipment. However, progress on this research was delayed in fiscal 
year 2003 when TSA used $61 million of its $110 million research and 
development funds for other programs that TSA viewed as higher 
priorities. As a result, TSA had to delay several key research and 
development projects, including developing a device to detect weapons, 
liquid explosives, and flammables in containers found in carry-on 
baggage or passengers' effects, and further development and testing of 
a walk-through chemical trace detection portal for detecting explosives 
on passengers.

Expansion of The Federal Air Marshal Service has experienced problems:

Although measures are taken to keep dangerous individuals and items off 
aircraft, the possibility still exists that terrorists and dangerous 
objects can still get on board aircraft. Consequently, a number of 
other layers of security are in place to enhance the security of 
commercial aircraft while in transit. One such layer is the Federal Air 
Marshal Service, which places specially trained and armed teams of 
civil aviation security specialists on board aircraft to protect 
passengers, crew, and aircraft from terrorist activities on both 
domestic and international flights.

Following the September 11, 2001, terrorist attacks, the Service 
rapidly expanded. The organization grew from about 50 air marshals to 
1,000s,[Footnote 11] as the Deputy Secretary of the Department of 
Transportation--the Service's then parent agency--established a goal of 
hiring, training, and deploying the new air marshals by July 2002. The 
Service's budget grew commensurately, from $4.4 million in fiscal year 
2001 to $545 million in fiscal year 2003. The rapid expansion led to a 
number of operational and management control issues for the Service. 
These included reviewing nearly 200,000 applications for federal air 
marshal positions, initiating thousands of background investigations 
for top-secret clearances, training the new workforce, and scheduling 
the air marshals for flight duty.

These operational and management control issues have caused a number of 
problems. As we discussed in a November 2003 report,[Footnote 12] to 
deploy the requisite number of air marshals by July 2002, the Service 
revised and abbreviated its training program. It modified the air 
marshal training program from 14 weeks to about 5 weeks for candidates 
without prior law enforcement experience and to about 1 week for 
candidates with such experience. The training curriculum no longer 
included airplane cockpit familiarization, visits to airlines, and some 
of the instruction on the Service's policies and procedures. Moreover, 
air marshal candidates no longer had to pass an advanced marksmanship 
test to qualify for employment, although the candidates still had to 
pass a basic test. To provide the newly hired air marshals with the 
additional skills, the Service developed an advanced training course 
that the air marshals were required to complete by January 2004. 
However, cutbacks in funds have delayed the expected completion of this 
training by all air marshals until mid-2004.

Ongoing work that examines the funding of the Service indicates that 
problems may be continuing. Specifically, the number of air marshals 
has not reached established target levels and may be declining. The 
budget for the Service in fiscal year 2003--the year it was expected to 
achieve its target staffing level--was reduced by the department from 
$545 million to $450 million as part of a $763 million reprogramming by 
TSA to cover a number of funding shortfalls. As a result, the Service 
had to forgo the hiring of additional air marshals, further delay 
training, and reduce efforts to develop and equip much of its field 
operations infrastructure. The limitations on the funding for the 
Service, and on its ability to increase the number of air marshals to 
target levels, has resulted in the number of air marshals being less at 
the end of fiscal year 2003 than anticipated. Officials from the 
Service have said that if budget trends continue, they expect that at 
the end fiscal year 2004 they will have fewer air marshals than they 
had at any point since mid-2002. Additionally, Service officials said 
that they do not have sufficient funding to develop the facilities 
needed to provide its field locations with key equipment and 
specialized space necessary for training and for providing updates on 
tactics and intelligence and to update the Service's automated mission 
scheduling system to enable it to schedule and manage all air marshal 
missions.

Concerns Exist in Other Aviation Security Areas:

In addition to the concerns with the CAPPS II program, passenger and 
baggage screening, and the expansion of the Federal Air Marshal 
Service, TSA and DHS face a number of other programmatic and management 
concerns in strengthening aviation security. The concerns include 
developing measures to counter the Man-Portable Anti-aircraft Defense 
Systems (MANPADS) threat against commercial aircraft, implementing 
commercial airport perimeter and access controls, developing effective 
measures for ensuring the security of air cargo, and strengthening 
general aviation security. We have ongoing work that is examining DHS's 
and TSA's efforts in all of these areas.

MANPADS:

The threat of terrorists using MANPADS--shoulder-launched surface-to-
air missiles--against commercial aviation has increased in recent 
years, as many thousands of these missiles have been produced and are 
in national arsenals and black markets throughout the world. In late 
2002, terrorists fired surface-to-air missiles at an airliner departing 
from an airport in Kenya, marking the first time they had been used to 
attack commercial aircraft in a non-combat zone. Following the attack, 
the White House convened a task force to develop a strategy to reduce 
the MANPADS threat against commercial aircraft, and the Congress 
directed DHS to submit a plan to develop and demonstrate a counter-
MANPADS device for commercial aircraft. In January 2004, DHS initiated 
a 2-year program to migrate existing military counter-MANPADS systems 
to the civil aviation environment and minimize the total lifecycle cost 
of such systems.

DHS faces significant challenges in adapting current military counter-
MANPADS systems to commercial aircraft. These challenges include 
establishing system requirements, maturing the counter-MANPADS 
technology and design, and setting reliable cost estimates. For 
example, DHS has to account for a wide variety of aircraft types in 
designing and integrating the system. Further, the current generation 
of missile warning systems have high false alarm rates and high 
maintenance costs. In a January 2004 report,[Footnote 13] we noted the 
benefits of following the knowledge-based approach used by leading 
developers in industry and government to reduce program risks and 
increase the likelihood of success and recommended that the department 
adopt this approach to develop a counter-MANPADS system for commercial 
aviation. DHS concurred with our recommendation and said that it will 
be using knowledge-based evaluations throughout the program.

We are continuing to examine U.S. efforts to control the international 
proliferation of MANPADS and DHS's efforts to develop technical 
countermeasures to minimize the threat of a MANPADS attack. We expect 
to issue a report discussing these issues by late April 2004.

Perimeter and Access Controls:

Prior to September 2001, work performed by us and others highlighted 
the vulnerabilities in controls for limiting access to secure airport 
areas. In one report, we noted that our special agents were able to use 
fictitious law enforcement badges and credentials to gain access to 
secure areas, bypass security checkpoints, and walk unescorted to 
aircraft departure gates.[Footnote 14] The agents, who had been issued 
tickets and boarding passes, could have carried weapons, explosives, or 
other dangerous objects onto aircraft. Concerns over the adequacy of 
the vetting process for airport workers who have unescorted access to 
secure airport areas have also arisen, in part, as a result of federal 
agency airport security sweeps that uncovered hundreds of instances in 
which airport workers lied about their criminal history, or immigration 
status, or provided false or inaccurate Social Security numbers on 
their application for security clearances to obtain employment.

ATSA contains provisions to improve perimeter access security at the 
nation's airports and strengthen background checks for employees 
working in secure airport areas and TSA has made some progress in this 
area. For example, TSA issued several security directives to strengthen 
airport perimeter security by limiting the number of airport access 
points, and they require random screening of individuals, vehicles, and 
property before entry at the remaining perimeter access points. 
Further, TSA made criminal history checks mandatory for employees with 
access to secure or sterile airport areas. To date, TSA has conducted 
approximately 1 million of these checks. TSA plans to review security 
technologies in the areas of biometrics access control identification 
systems (i.e., fingerprints or iris scans), anti-piggybacking 
technologies (to prevent more than one employee from entering a secure 
area at a time), and video monitoring systems for perimeter security. 
Further, TSA plans to solicit commercial airport participation in a 
pilot airport security program and is currently reviewing information 
from interested airports. TSA plans to select 20 airports for the 
program.

Although progress has been made, challenges remain with perimeter 
security and access controls. Specifically, ATSA contains numerous 
requirements for strengthening perimeter security and access controls, 
some of which contained deadlines that TSA is working to meet. A number 
of technologies could be used to secure and monitor airport perimeters, 
including barriers, motion sensors, and closed-circuit television. 
Airport representatives have cautioned that as security enhancements 
are made to airport perimeters, it will be important for TSA to 
coordinate with the Federal Aviation Administration and the airport 
operators to ensure that any enhancements do not pose safety risks for 
aircraft. To further examine these threats and challenges, we have 
ongoing work assessing TSA's progress in meeting ATSA provisions 
related to improving perimeter security, access controls, and 
background checks for airport employees and other individuals with 
access to secure areas of the airport, as well as the nature and extent 
of the threat from shoulder-fired missiles. We expect to report on the 
results of this work by May 2004.

Air Cargo Security:

As we and the Department of Transportation's Inspector General have 
reported, vulnerabilities exist in ensuring the security of cargo 
carried aboard commercial passenger and all-cargo aircraft. The Federal 
Aviation Administration has reported that an estimated 12.5 million 
tons of cargo are transported each year--9.7 million tons on all-cargo 
planes and 2.8 million tons on passenger planes. Potential security 
risks are associated with the transport of air cargo--including the 
introduction of undetected explosive and incendiary devices in cargo 
placed aboard aircraft. To reduce these risks, ATSA requires that all 
cargo carried aboard commercial passenger aircraft be screened and that 
TSA have a system in place as soon as practicable to screen, inspect, 
or otherwise ensure the security of cargo on all-cargo aircraft. 
However, according to a September 2003 report by the Congressional 
Research Service, less than 5 percent of cargo placed on passenger 
airplanes is physically screened.[Footnote 15] TSA's primary approach 
to ensuring air cargo security and safety is to ensure compliance with 
the "known shipper" program--which allows shippers that have 
established business histories with air carriers or freight forwarders 
to ship cargo on planes. However, we and the Department of 
Transportation's Inspector General have identified weaknesses in the 
known shipper program and in TSA's procedures for approving freight 
forwarders, such as possible tampering with freight at various handoff 
points before it is loaded into an aircraft.

Since September 2001, TSA has taken a number of actions to enhance 
cargo security, such as implementing a database of known shippers in 
October 2002. The database is the first phase in developing a cargo 
profiling system. However, in December 2002, we reported that 
additional operational and technological measures, such as checking the 
identity of individuals making cargo deliveries, had the potential to 
improve air cargo security in the near term.[Footnote 16] We further 
reported that TSA lacks a comprehensive plan with long-term goals and 
performance targets for cargo security, time frames for completing 
security improvements, and risk-based criteria for prioritizing actions 
to achieve those goals. Accordingly, we recommended that TSA develop a 
comprehensive plan for air cargo security that incorporates a risk 
management approach, includes a list of security priorities, and sets 
deadlines for completing actions. TSA agreed with this recommendation 
and, in November 2003, issued its Air Cargo Strategic Plan. TSA also 
introduced a random inspection process for air cargo and outlined steps 
to strengthen the known shipper program. We will shortly begin a 
comprehensive review of air cargo security procedures, including these 
recent actions taken by TSA.

General Aviation Security:

Not only are commercial aircraft a concern, but general aviation 
aircraft can be a security concern. TSA has taken limited action to 
improve general aviation security, leaving general aviation far more 
open and potentially vulnerable than commercial aviation. General 
aviation is vulnerable because general aviation pilots and passengers 
are not screened before takeoff and the contents of general aviation 
planes are not screened at any point. General aviation includes more 
than 200,000 privately owned airplanes, which are located in every 
state at more than 19,000 airports.[Footnote 17] In the last 5 years, 
about 70 aircraft have been stolen from general aviation airports, 
indicating a potential weakness that could be exploited by terrorists. 
This vulnerability was demonstrated in January 2002, when a teenage 
flight student stole and crashed a single-engine airplane into a Tampa, 
Florida, skyscraper. Moreover, general aviation aircraft could be used 
in other types of terrorist acts. It was reported that the September 
11th hijackers researched the use of crop dusters to spread biological 
or chemical agents.

We reported in September 2003 that TSA chartered a working group on 
general aviation within the existing Aviation Security Advisory 
Committee.[Footnote 18] The working group consists of industry 
stakeholders and is designed to identify and recommend actions to close 
potential security gaps in general aviation. On October 1, 2003, the 
working group issued a report that included a number of recommendations 
for general aviation airport operators' voluntary use in evaluating 
airports' security requirements. These recommendations are both broad 
in scope and generic in their application, with the intent that every 
general aviation airport and landing facility operators may use them to 
evaluate that facility's physical security, procedures, 
infrastructure, and resources. TSA will use these recommendations as a 
baseline to develop a set of federally endorsed guidelines for 
enhancing airport security at general aviation facilities throughout 
the nation. TSA is taking some additional action to strengthen security 
at general aviation airports, including developing a risk-based self-
assessment tool for general aviation airports to use in identifying 
security concerns. We have ongoing work that is examining general 
aviation security in further detail; we expect to report on this work 
in the fall of 2004.

Mr. Chairman, this concludes my statement. I would be pleased to answer 
any questions that you or other members of the Subcommittee may have at 
this time.

Contact Information:

For further information on this testimony, please contact Norman J. 
Rabkin at (202) 512-8777. Individuals making key contributions to this 
testimony include J. Michael Bollinger, Adam Hoffman, and John R. 
Schulze.

[End of section]

Appendix I: Related GAO Products:

Aviation Security: Challenges Delay Implementation of Computer-
Assisted Passenger Prescreening System. GAO-04-504T. Washington, D.C.: 
March 17, 2004.

Aviation Security: Computer-Assisted Passenger Prescreening System 
Faces Significant Implementation Challenges. GAO-04-385. Washington, 
D.C.: February 13, 2004.

Aviation Security: Challenges Exist in Stabilizing and Enhancing 
Passenger and Baggage Screening Operations. GAO-04-440T. Washington, 
D.C.: February 12, 2004.

Aviation Security: Efforts to Measure Effectiveness and Strengthen 
Security Programs. GAO-04-285T. Washington, D.C.: November 20, 2003.

Aviation Security: Federal Air Marshal Service Is Addressing Challenges 
of Its Expanded Mission and Workforce, but Additional Actions 
Needed. GAO-04-242. Washington, D.C.: November 19, 2003.

Aviation Security: Efforts to Measure Effectiveness and Address 
Challenges. GAO-04-232T. Washington, D.C.: November 5, 2003.

Airport Passenger Screening: Preliminary Observations on Progress Made 
and Challenges Remaining. GAO-03-1173. Washington, D.C.: September 24, 
2003.

Aviation Security: Progress since September 11, 2001, and the 
Challenges Ahead. GAO-03-1150T. Washington, D.C.: September 9, 2003.

Transportation Security: Federal Action Needed to Help Address Security 
Challenges. GAO-03-843. Washington, D.C.: June 30, 2003.

Transportation Security: Post-September 11th Initiatives and Long-Term 
Challenges. GAO-03-616T. Washington, D.C.: April 1, 2003.

Aviation Security: Measures Needed to Improve Security of Pilot 
Certification Process. GAO-03-248NI. Washington, D.C.: February 3, 
2003. (NOT FOR PUBLIC DISSEMINATION).

Aviation Security: Vulnerabilities and Potential Improvements for the 
Air Cargo System. GAO-03-286NI. Washington, D.C.: December 20, 2002. 
(NOT FOR PUBLIC DISSEMINATION).

Aviation Security: Vulnerabilities and Potential Improvements for the 
Air Cargo System. GAO-03-344. Washington, D.C.: December 20, 2002.

Aviation Security: Vulnerability of Commercial Aviation to Attacks by 
Terrorists Using Dangerous Goods. GAO-03-30C. Washington, D.C.: 
December 3, 2002.

Aviation Security: Registered Traveler Program Policy and 
Implementation Issues. GAO-03-253. Washington, D.C.: November 22, 2002.

Aviation Security: Transportation Security Administration Faces 
Immediate and Long-Term Challenges. GAO-02-971T. Washington, D.C.: July 
25, 2002.

Aviation Security: Information Concerning the Arming of Commercial 
Pilots. GAO-02-822R. Washington, D.C.: June 28, 2002.

Aviation Security: Deployment and Capabilities of Explosive Detection 
Equipment. GAO-02-713C. Washington, D.C.: June 20, 2002. (CLASSIFIED).

Aviation Security: Information on Vulnerabilities in the Nation's Air 
Transportation System. GAO-01-1164T. Washington, D.C.: September 26, 
2001. (NOT FOR PUBLIC DISSEMINATION).

Aviation Security: Information on the Nation's Air Transportation 
System Vulnerabilities. GAO-01-1174T. Washington, D.C.: September 26, 
2001. (NOT FOR PUBLIC DISSEMINATION).

Aviation Security: Vulnerabilities in, and Alternatives for, Preboard 
Screening Security Operations. GAO-01-1171T. Washington, D.C.: 
September 25, 2001.

Aviation Security: Weaknesses in Airport Security and Options for 
Assigning Screening Responsibilities. GAO-01-1165T. Washington, D.C.: 
September 21, 2001.

Aviation Security: Terrorist Acts Demonstrate Urgent Need to Improve 
Security at the Nation's Airports. GAO-01-1162T. Washington, D.C.: 
September 20, 2001.

Aviation Security: Terrorist Acts Illustrate Severe Weaknesses in 
Aviation Security. GAO-01-1166T. Washington, D.C.: September 20, 2001.

Responses of Federal Agencies and Airports We Surveyed about Access 
Security Improvements. GAO-01-1069R. Washington, D.C.: August 31, 2001.

Responses of Federal Agencies and Airports We Surveyed about Access 
Security Improvements. GAO-01-1068R. Washington, D.C.: August 31, 2001. 
(RESTRICTED).

FAA Computer Security: Recommendations to Address Continuing 
Weaknesses. GAO-01-171. Washington, D.C.: December 6, 2000.

Aviation Security: Additional Controls Needed to Address Weaknesses in 
Carriage of Weapons Regulations. GAO/RCED-00-181. Washington, D.C.: 
September 29, 2000.

FAA Computer Security: Actions Needed to Address Critical Weaknesses 
That Jeopardize Aviation Operations. GAO/T-AIMD-00-330. Washington, 
D.C.: September 27, 2000.

FAA Computer Security: Concerns Remain Due to Personnel and Other 
Continuing Weaknesses. GAO/AIMD-00-252. Washington, D.C.: August 16, 
2000.

Aviation Security: Long-Standing Problems Impair Airport Screeners' 
Performance. GAO/RCED-00-75. Washington, D.C.: June 28, 2000.

Aviation Security: Screeners Continue to Have Serious Problems 
Detecting Dangerous Objects. GAO/RCED-00-159. Washington, D.C.: June 
22, 2000. (NOT FOR PUBLIC DISSEMINATION).

Security: Breaches at Federal Agencies and Airports. GAO-OSI-00-10. 
Washington, D.C.: May 25, 2000.

FOOTNOTES

[1] Pub. L. No. 107-71, 115 Stat. 597 (2001).

[2] Pub. L. No. 107-296, 116 Stat. 2135.

[3] U.S. General Accounting Office, Aviation Security: Computer-
Assisted Passenger Prescreening System Faces Significant 
Implementation Challenges, GAO-04-385 (Washington, D.C.: Feb. 12, 
2004).

[4] Consistent with the provisions of ATSA, TSA implemented a pilot 
program using contract screeners at five commercial airports. The 
purpose of the 2-year pilot program is to determine the feasibility of 
using private screening companies rather than federal screeners.

[5] U.S. General Accounting Office, Aviation Security: Challenges Exist 
is Stabilizing and Enhancing Passenger and Baggage Screening 
Operations, GAO-04-440T (Washington, D.C.: Feb. 12, 2004).

[6] One full-time equivalent is equal to one work year or 2,080 non-
overtime hours. 

[7] FSDs are responsible for overseeing security at each of the 
nation's commercial airports.

[8] TSA officials said that it required the contractor to validate the 
staffing model using statistical samples of all staff and equipment 
operations at all category X airports and as many category I, II, III, 
and IV airports as necessary.

[9] TSA requires passenger and baggage screeners to participate in 3 
hours of recurrent training per week, averaged over each quarter. One 
hour is required to be devoted to X-ray image interpretation, and the 
other 2 hours on screening techniques or reviews of standard operating 
procedures.

[10] The Threat Image Projection system places images of threat objects 
on X-ray screens during actual screening operations and records whether 
screeners identify the objects.

[11] The number of air marshals is classified.

[12] U.S. General Accounting Office, Aviation Security: Federal Air 
Marshal Service Is Addressing Challenges of Its Expanded Mission and 
Workforce, but Additional Actions Needed, GAO-04-242 (Washington, D.C.: 
Nov. 19, 2003).

[13] U.S. General Accounting Office, The Department of Homeland 
Security Needs to Fully Adopt a Knowledge-based Approach to Its 
Counter-MANPADS Development Program, GAO-04-341R (Washington, D.C.: 
Jan. 30, 2004).

[14] U.S. General Accounting Office, Security: Breaches at Federal 
Agencies and Airports, GAO\T-OSI-00-10 (Washington, D.C.: May 25, 
2000).

[15] Congressional Research Service, Air Cargo Security, Sept. 11, 
2003.

[16] U.S. General Accounting Office, Aviation Security: Vulnerabilities 
and Potential Improvements for the Air Cargo System, GAO-03-344 
(Washington, D.C.: Dec. 20, 2002).

[17] Of the 19,000 general aviation airports, 5,400 are publicly owned. 
TSA is currently focusing its efforts on these publicly owned airports. 


[18] U.S. General Accounting Office, Aviation Security: Progress since 
September 11th, and the Challenges Ahead, GAO-03-1150T (Washington, 
D.C.: Sept. 9, 2003).