This is the accessible text file for GAO report number GAO-12-567T 
entitled 'Critical Infrastructure Protection: DHS Is Taking Action to 
Better Manage Its Chemical Security Program, but It Is Too Early to 
Assess Results' which was released on September 11, 2012. 

This text file was formatted by the U.S. Government Accountability 
Office (GAO) to be accessible to users with visual impairments, as 
part of a longer term project to improve GAO products' accessibility. 
Every attempt has been made to maintain the structural and data 
integrity of the original printed product. Accessibility features, 
such as text descriptions of tables, consecutively numbered footnotes 
placed at the end of the file, and the text of agency comment letters, 
are provided but may not exactly duplicate the presentation or format 
of the printed version. The portable document format (PDF) file is an 
exact electronic replica of the printed version. We welcome your 
feedback. Please E-mail your comments regarding the contents or 
accessibility features of this document to Webmaster@gao.gov. 

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately. 

United States Government Accountability Office: 
GAO: 

Testimony: 

Before the Subcommittee on the Environment and the Economy, Committee 
on Energy and Commerce, House of Representatives: 

For Release on Delivery: 
Expected at 10:00 a.m. EDT: 
Tuesday, September 11, 2012: 

Critical Infrastructure Protection: 

DHS Is Taking Action to Better Manage Its Chemical Security Program, 
but It Is Too Early to Assess Results: 

Statement of Cathleen A. Berrick, Managing Director:
Homeland Security and Justice: 

GAO-12-567T: 

GAO Highlights: 

Highlights of GAO-12-567T, a testimony before the Subcommittee on the 
Environment and the Economy, Committee on Energy and Commerce, House 
of Representatives. 

Why GAO Did This Study: 

The events of September 11, 2001, triggered a national re-examination 
of the security of facilities that use or store hazardous chemicals in 
quantities that, in the event of a terrorist attack, could put large 
numbers of Americans at risk of serious injury or death. As required 
by statute, DHS issued regulations that establish standards for the 
security of high-risk chemical facilities. DHS established the CFATS 
program to assess the risk posed by these facilities and inspect them 
to ensure compliance with DHS standards. ISCD, a division of IP, 
manages the program. A November 2011 internal ISCD memorandum, 
prepared by ISCD senior managers, expressed concerns about the 
management of the program. This statement addresses (1) how the 
memorandum was developed and any challenges identified, (2) what 
actions are being taken in response to any challenges identified, and 
(3) the extent to which ISCD’s proposed solutions require 
collaboration with NPPD or IP. GAO’s comments are based on recently 
completed work analyzing the memorandum and related actions. GAO 
reviewed laws, regulations, DHS’s internal memorandum and action 
plans, and related documents, and interviewed DHS officials. 

What GAO Found: 

The November 2011 memorandum that discussed the management of the 
Chemical Facility Anti-Terrorism Standards (CFATS) program was 
prepared based primarily on the observations of the former Director of 
the Department of Homeland Security’s (DHS) Infrastructure Security 
Compliance Division (ISCD), a division of the Office of Infrastructure 
Protection (IP) within the National Protection and Programs 
Directorate (NPPD). The memorandum was intended to highlight various 
challenges that have hindered ISCD efforts to implement the CFATS 
program. According to the former Director, the challenges facing ISCD 
included not having a fully developed direction and plan for 
implementing the program, hiring staff without establishing need, and 
inconsistent ISCD leadership—factors that the Director believed place 
the CFATS program at risk. These challenges centered on three main 
areas: (1) human capital issues, including problems hiring, training, 
and managing ISCD staff; (2) mission issues, including problems 
reviewing facility plans to mitigate security vulnerabilities; and (3) 
administrative issues, including concerns about NPPD and IP not 
supporting ISCD’s management and administrative functions. 

ISCD has begun to take various actions intended to address the issues 
identified in the ISCD memorandum and has developed a 94-item action 
plan to track its progress. According to ISCD managers, the plan 
appears to be a catalyst for addressing some of the long-standing 
issues the memorandum identified. As of June 2012, ISCD reported that 
40 percent (38 of 94) of the items in the plan had been completed. 
These include directing ISCD managers to meet with staff to involve 
them in addressing challenges, clarifying priorities, and changing ISCD’
s culture; and developing a proposal to establish a quality control 
function over compliance activities. The remaining 60 percent (56 of 
94) that were in progress include those requiring longer-term efforts—
i.e., streamlining the process for reviewing facility security plans 
and developing facility inspection processes; those requiring 
completion of other items in the plan; or those awaiting action by 
others, such as approvals by ISCD leadership. ISCD appears to be 
heading in the right direction, but it is too early to tell if 
corrective actions are having their desired effect because ISCD is in 
the early stages of implementing them and has not yet established 
performance measures to assess results. 

According to ISCD officials, almost half of the action items included 
in the June 2012 action plan require ISCD collaboration with or action 
by NPPD and IP. The ISCD memorandum stated that IP and NPPD did not 
provide the support needed to manage the CFATS program when the 
program was first under development. ISCD, IP, and NPPD officials 
confirmed that IP and NPPD are now providing needed support and stated 
that the action plan prompted them to work together to address the 
various human capital and administrative issues identified. 

What GAO Recommends: 

In a July 2012 report, GAO recommended that ISCD explore opportunities 
to develop measures, where practical, to determine where actual 
performance deviates from expected results. ISCD concurred and has 
taken action to address the recommendation. 

View [hyperlink, http://www.gao.gov/products/GAO-12-567T]. For more 
information, contact Cathleen A. Berrick, (202) 512-8777, 
BerrickC@gao.gov. 

[End of section] 

Chairman Shimkus, Ranking Member Green, and Members of the 
Subcommittee: 

I am pleased to be here today to discuss the Department of Homeland 
Security's (DHS) efforts to address the various challenges in 
implementing and managing the Chemical Facility Anti-Terrorism 
Standards (CFATS) program. My statement today summarizes the testimony 
we delivered on July 26, 2012 before the House Committee on 
Appropriations, Subcommittee on Homeland Security.[Footnote 1] The 
events of September 11, 2001, triggered a national re-examination of 
the security of facilities that use or store hazardous chemicals in 
quantities that, in the event of a terrorist attack, could put large 
numbers of Americans at risk of serious injury or death. Chemicals 
held at these facilities can be used to cause harm to surrounding 
populations during terrorist attacks; can be stolen and used as 
chemical weapons or as precursors (the ingredients for making chemical 
weapons); or stolen and used to build an improvised explosive device. 
To mitigate this risk, the DHS appropriations act for fiscal year 2007 
[Footnote 2] required DHS to issue regulations to establish risk-based 
performance standards for securing high-risk chemical facilities, 
among other things.[Footnote 3] DHS established the CFATS program to 
assess the risk, if any, posed by chemical facilities; place high-risk 
facilities in one of four risk-based tiers; require high-risk 
facilities to develop security plans; review these plans; and inspect 
the facilities to ensure compliance with the regulatory requirements. 
DHS's National Protection and Programs Directorate (NPPD) is 
responsible for the CFATS program. Within NPPD, the Infrastructure 
Security Compliance Division (ISCD), a division of the Office of 
Infrastructure Protection (IP), manages the program. 

A November 2011, internal ISCD memorandum, prepared by ISCD's former 
Director in consultation with the former Deputy Director[Footnote 4] 
and designated by DHS as "for official use only" (FOUO), expressed 
concerns about the management of the CFATS program. The ISCD 
memorandum, which was leaked to the media in December 2011, cited an 
array of challenges that, according to these officials, hindered 
ISCD's ability to implement and manage the CFATS program.[Footnote 5] 
My statement today discusses: (1) how the memorandum was developed and 
what challenges were identified; (2) what actions are being taken to 
address the challenges identified; and (3) the extent to which ISCD's 
planned actions and proposed solutions require action to be taken by 
or in collaboration with NPPD or IP. 

This statement is based on work we recently completed for this 
subcommittee on the ISCD memorandum and related actions. To conduct 
this work, we reviewed applicable laws and regulations, as well as 
NPPD, IP, and ISCD policies and procedures for administering the CFATS 
program, analyzed the ISCD memorandum prepared by the former ISCD 
Director in consultation with the former Deputy Director, compared it 
with the proposed action plan ISCD officials prepared to address the 
challenges identified, and compared subsequent action plans to monitor 
ISCD's progress.[Footnote 6] Our results are based on the ISCD's 
action plan as of June 2012 so these results reflect the status of 
ISCD's progress up to that point in time. The details of our scope and 
methodology can be found in our July 2012 statement. In August 2012, 
ISCD provided us with an updated action plan which we used to document 
the additional action items completed between June 2012 and August 
2012. We did not verify the status of these action items. 

We conducted this performance audit from February 2012 to July 2012 in 
accordance with generally accepted government auditing standards. 
Those standards require that we plan and perform the audit to obtain 
sufficient, appropriate evidence to provide a reasonable basis for our 
findings and conclusions based on our audit objectives. We believe 
that the evidence obtained provides a reasonable basis for our 
analysis based on our audit objectives. 

Background: 

Section 550 of the DHS appropriations act for fiscal year 2007 
[Footnote 7] requires DHS to issue regulations establishing risk-based 
performance standards[Footnote 8] for the security of facilities that 
the Secretary determines to present high levels of security risk, 
among other things. The CFATS rule was published in April 2007 
[Footnote 9] and Appendix A to the rule, published in November 2007, 
listed 322 chemicals of interest and the screening threshold 
quantities for each.[Footnote 10] ISCD has direct responsibility for 
implementing DHS's CFATS rule, including assessing potential risks and 
identifying high-risk chemical facilities, promoting effective 
security planning, and ensuring that final high-risk facilities meet 
the applicable risk-based performance standards though site security 
plans approved by DHS. ISCD is managed by a Director and a Deputy 
Director and operates five branches that are, among other things, 
responsible for information technology operations, policy and 
planning, and providing compliance and technical support. From fiscal 
years 2007 through 2012, DHS dedicated about $442 million to the CFATS 
program. During fiscal year 2012, ISCD was authorized 242 full-time-
equivalent positions. For fiscal year 2013, DHS's budget request for 
the CFATS program was $75 million and 242 positions. 

Senior ISCD Leaders Developed the ISCD Memorandum to Highlight Various 
Challenges Hindering CFATS Implementation: 

ISCD's Memorandum Based Largely on Observations of Senior ISCD 
Managers: 

Our review of the ISCD memorandum and discussions with ISCD officials 
showed that the memorandum was developed during the latter part of 
2011 and was developed primarily based on discussions with ISCD staff 
and the observations of the ISCD former Director in consultation with 
the former Deputy Director. In November 2011, the former Director and 
Deputy Director provided the Under Secretary with the ISCD memorandum 
entitled "Challenges Facing ISCD, and the Path Forward." These 
officials stated that the memorandum was developed to inform 
leadership about the status of ISCD, the challenges it was facing, and 
the proposed solutions identified to date. In transmitting a copy of 
the memorandum to congressional stakeholders following the leak in 
December 2011, the NPPD Under Secretary discussed caveats about the 
memorandum, including that it had not undergone the normal review 
process by DHS's Executive Secretariat and contained opinions and 
conclusions that did not reflect the position of DHS. 

The former ISCD Director stated that the memo was intended to begin a 
dialog about the program and challenges it faced. The former Director 
confirmed that she developed the memorandum by (1) surveying division 
staff to obtain their opinions on program strengths, challenges, and 
recommendations for improvement; (2) observing CFATS program 
operations, including the security plan review process; and (3) 
analyzing an internal DHS report on CFATS operations,[Footnote 11] 
which, according to the former Director served as a basis for 
identifying some administrative challenges and corrective action. The 
senior ISCD and NPPD officials we contacted said that they generally 
agreed with the material that they saw, but noted that they believed 
the memorandum was missing context and balance. For example, one NPPD 
official stated that the tone of the memorandum was too negative and 
the problems it discussed were not supported by sound evaluation. 
However, the official expressed the view that the CFATS program is now 
on the right track. 

ISCD Management Was Concerned That Challenges Place the CFATS Program 
at Risk: 

The ISCD memorandum discussed numerous challenges that, according to 
the former Director, pose a risk to the program. The former Director 
pointed out that, among other things, ISCD had not approved any site 
security plans or carried out any compliance inspections on regulated 
facilities. The former Director attributed this to various management 
challenges, including a lack of planning, poor internal controls, and 
a workforce whose skills were inadequate to fulfill the program's 
mission, and highlighted several challenges that have had an impact on 
the progress of the program. In addition, the memorandum provided a 
detailed discussion of the issues or problems facing ISCD, grouped 
into three categories: (1) human capital management, such as poor 
staffing decisions; (2) mission issues, such as the lack of an 
established inspection process; and (3) administrative issues, such as 
a lack of infrastructure and support, both within ISCD and on the part 
of NPPD and IP. 

ISCD Has Begun to Take Various Actions Intended to Address Challenges 
Identified: 

ISCD's Action Plan Included Time Frames and Appears to be Helping 
Address Some Legacy Issues: 

ISCD is using an action plan to track its progress addressing the 
challenges identified in the memorandum, and, according to senior 
division officials, the plan may be helping them address some legacy 
issues that staff were attempting to deal with before the memorandum 
was developed. The January 2012 version of the proposed action plan 
listed 91 actions to be taken categorized by issue--human capital 
management issues, mission issues, or administrative issues--that, 
according to the former ISCD Director, were developed to be consistent 
with the ISCD memorandum. However, the January 2012 version of the 
action plan did not provide information on when the action was started 
or to be finished. Eleven of the 12 ISCD managers (other than the 
former Director and Deputy Director) assigned to work as the 
coordinators of the individual action items told us that even though 
they were not given the opportunity to view the final version of the 
ISCD memorandum, the former Director provided them the sections of the 
action plan for which they were responsible to help them develop and 
implement any corrective actions. They said that they agreed that 
actions being taken in the plan were needed to resolve challenges 
facing ISCD. Our discussions with these officials also showed that 
about 39 percent (37 of 94) of the items in the March and June 2012 
action plans addressed some legacy issues that were previously 
identified and, according to these officials, corrective actions were 
already underway for all 37 of these items. 

ISCD's June 2012 Plan Update Showed 38 Action Items Completed: 

Our analysis of the June 2012 version of the ISCD action plan showed 
that 40 percent of the items in the plan (38 of 94) had been 
completed. The remaining 60 percent (56 of 94) were in progress. Of 
the 38 completed items, we determined that 32 were associated with 
human capital management and administrative issues, including those 
involving culture and human resources, contracting, and documentation. 
The remaining 6 of 38 action items categorized by ISCD as completed 
were associated with mission issues. Figure 1 shows the status of 
action items by each of the three categories as of June 2012. 

Figure 1: Status of ISCD Action Plan by Category, as of June 2012: 

[Refer to PDF for image: 3 pie-charts] 

Human capital issue challenges: 
Number of action items complete: 17 (53%); 
Number of action items in progress: 13 (43%). 

Mission issue challenges: 
Number of action items complete: 6 (27%); 
Number of action items in progress: 16 (73%). 

Administrative issue challenges: 
Number of action items complete: 15 (36%); 
Number of action items in progress: 27 (64%). 

Source: GAO analysis of ISCD data. 

[End of figure] 

For the remaining 56 items that were in progress as of June 2012, 40 
involved human capital management and administrative issues. According 
to ISCD officials, these 40 issues generally involved longer-term 
efforts--such as organizational realignment--or those that require 
approval or additional action on the part of IP or NPPD. Sixteen of 56 
remaining actions items in progress covered mission issues that will 
likely also require long-term efforts to address. 

As of August 2012, ISCD reported that it had completed another 21 
action items, of which 8 were to address mission-related issues. We 
did not verify ISCD's efforts to complete actions since June 2012. 
However, we have recently begun a follow-up review of CFATS at the 
request of this and other committees, which will focus on DHS's 
efforts to address mission-related issues. We expect to report the 
results of these efforts early in 2013. 

Almost Half of ISCD's Action Item Completion Dates Had Been Extended 
since April 2012: 

Our analysis of the April and June versions of the plan shows that the 
division had extended the estimated completion dates for nearly half 
of the action items. Estimated completion dates for 52 percent (48 of 
93 items)[Footnote 12] either did not change (37 items) or the date 
displayed in the June 2012 plan was earlier than the date in the April 
2012 version of the plan (11 items). Conversely, 48 percent (45 of 93) 
of the items in the June 2012 version of the plan had estimated 
completion dates that had been extended beyond the date in the April 
2012 plan. Figure 2 shows the extent to which action plan items were 
completed earlier than planned, did not change, or were extended, from 
April 2012 through June 2012, for the human capital management, 
mission, and administrative issues identified in the plan. 

Figure 2: Change in CFATS Action Plans Estimated Completion Dates from 
April 2012 to June 2012: 

[Refer to PDF for image: stacked horizontal bar graph] 

Number of action items[A]: 

Issue: Human capital management; 
Completed early: 3; 
No change: 12; 
Extended 1 to 30 days: 9; 
Extended 31 to 60 days: 10; 
Extended 61 to 90 days: 3; 
Extended over 90 days: 2; 
Total: 39. 

Issue: mission; 
Completed early: 4; 
No change: 8; 
Extended 1 to 30 days: 2; 
Extended 31 to 60 days: 2; 
Extended 61 to 90 days: 1; 
Extended over 90 days: 4; 
Total: 21. 

Issue: Administrative; 
Completed early: 4; 
No change: 17; 
Extended 1 to 30 days: 4; 
Extended 31 to 60 days: 2; 
Extended 61 to 90 days: 2; 
Extended over 90 days: 4; 
Total: 33. 

Source: GAO analysis of ISCD data. 

[A] ISCD data showed that 93 of 94 action items were consistent 
between the April 2012 and June 2012 action plans, therefore, 
computation of the estimated completion dates was based on 93 total 
items. One action item in the April 2012 plan dealing with strategies 
for managing ISCD funding levels was removed from the June 2012 plan 
because after the analysis was prepared and submitted to NPPD, the 
decision was made to delete the item from the plan. The funding action 
item was replaced in the June 2012 with an action item to conduct a 
peer review of the facility tiering process and formula. For purposes 
of this analysis, we used the 93 action items that were consistent 
between the April and June 2012 action plans. 

[End of figure] 

ISCD officials told us that estimated completion dates had been 
extended for various reasons. For example, one reason for moving these 
dates was that the work required to address some items was not fully 
defined when the plan was first developed and as the requirements were 
better defined, the estimated completion dates were revised and 
updated. In addition, ISCD officials also stated that timelines had 
been adversely affected for some action items because staff had been 
reassigned to work on higher priority responsibilities, such as 
reducing the backlog of security plans under review. 

Action Plan Performance Measures Could Help Gauge Progress: 

ISCD, through its action plan, appears to be heading in the right 
direction towards addressing the challenges identified, but it is too 
early to tell if the action plan is having the desired effect because 
(1) the division had only recently completed some action items and 
continues to work on completing more than half of the others, some of 
which entail long-term changes, and (2) ISCD had not yet developed an 
approach for measuring the results of its efforts. ISCD officials told 
us that they had not yet begun to plan or develop any measures, 
metrics, or other documentation focused on measuring the impact of the 
action plan on overall CFATS implementation because they plan to wait 
until corrective action on all items has been completed before they 
can determine the impact of the plan on the CFATS program. For the 
near term, ISCD officials stated that they plan to assess at a high 
level the impact of the action plan on CFATS program implementation by 
comparing ISCD's performance rates and metrics pre-action plan 
implementation and post-action plan implementation.[Footnote 13] 
However, because ISCD will not be completing some action items until 
2014, it will be difficult for ISCD officials to obtain a complete 
understanding of the impact of the plan on the program using this 
comparison only. 

In our July 2012 statement, we recommended that ISCD look for 
opportunities, where practical, to measure results of their efforts to 
implement particular action items, and where performance measures can 
be developed, periodically monitor these measures and indicators to 
identify where corrective actions, if any, are needed. The agency 
concurred with our recommendation and developed a new action item 
(number 95) intended to develop metrics for measuring, where 
practical, results of efforts to implement action plan items, 
including processes for periodic monitoring and indicators for 
corrective actions. This action item is in progress. 

ISCD Officials Stated That Almost Half of the Action Items Required 
Collaboration with or Action by NPPD or IP: 

According to ISCD officials, almost half of the action items included 
in the June 2012 action plan either require ISCD to collaborate with 
NPPD and IP or require NPPD and IP to take action to address the 
challenges identified in the ISCD memorandum. NPPD, IP, and ISCD 
officials have been working together to identify solutions to the 
challenges the memorandum identified and to close pertinent action 
items. According to division officials, 46 of the 94 action items 
included in the June 2012 action plan required action either by NPPD 
and IP or collaboration with NPPD and IP. This includes collaborating 
with NPPD officials representing the NPPD human capital, facilities, 
and employee and labor relations offices, among others, and with IP's 
Directorate of Management Office.[Footnote 14] As of June 2012, 13 of 
the 46 items that require action by or collaboration with NPPD or IP 
were complete; 33 of 46 were in progress. As of August 2012, ISCD 
reported that it had completed 8 more of these action items, such that 
21 of the 46 were complete and 25 were in progress. We did not verify 
ISCD's efforts to close these additional action items. 

Chairman Shimkus, Ranking Member Green, and members of the 
subcommittee, this completes my prepared statement. I would be happy 
to respond to any questions you may have at this time. 

GAO Contact and Staff Acknowledgments: 

For information about this statement please contact Cathleen A. 
Berrick, Managing Director, Homeland Security and Justice, at (202) 
512-8777 or BerrickC@gao.gov. Contact points for our Offices of 
Congressional Relations and Public Affairs may be found on the last 
page of this statement. Other individuals making key contributions 
include Stephen L. Caldwell, Director; John F. Mortin, Assistant 
Director; Ellen Wolfe, Analyst-in-Charge; Charles Bausell; Jose 
Cardenas; Andrew M. Curry; Michele Fejfar; Tracey King; Marvin McGill; 
Mona E. Nichols-Blake; and Jessica Orr. 

[End of section] 

Footnotes: 

[1] GAO, Critical Infrastructure Protection: DHS Is Taking Action to 
Better Manage Its Chemical Security Program, but It Is too Early to 
Assess Results, [hyperlink, http://www.gao.gov/products/GAO-12-515T] 
(Washington, D.C.: July 2012). 

[2] Pub. L. No. 109-295, § 550, 120 Stat. 1355, 1388 (2006). 

[3] According to DHS, a high-risk chemical facility is one that, in 
the discretion of the Secretary of Homeland Security, presents a high 
risk of significant adverse consequences for human life or health, 
national security, or critical economic assets if subjected to a 
terrorist attack, compromise, infiltration, or exploitation. 6 C.F.R. 
§ 27.105. 

[4] The ISCD director who prepared the internal memorandum is no 
longer in that position, and the deputy director who assisted with the 
internal memorandum is now the director. 

[5] According to DHS officials, the ISCD memorandum was never intended 
to be publicly released. 

[6] We initially reviewed an ISCD action plan developed in January 
2012. ISCD periodically updated the plan to monitor progress on the 
action items and we reviewed 8 versions of the action plan up to and 
including one developed in June 2012. 

[7] Pub. L. No. 109-295, § 550, 120 Stat. 1355, 1388 (2006). 

[8] The CFATS rule establishes 18 risk-based performance standards 
that identify the areas for which a facility's security posture are to 
be examined, such as perimeter security, access control, and cyber 
security. To meet these standards, facilities are free to choose 
whatever security programs or processes they deem appropriate so long 
as DHS determines that the facilities achieve the requisite level of 
performance in each applicable standard. 

[9] 72 Fed. Reg. 17,688 (Apr. 9, 2007) (codified at 6 C.F.R. pt. 27). 

[10] 72 Fed. Reg. 65,396 (Nov. 20, 2007). According to DHS, CFATS not 
only covers facilities that manufacture chemicals but also covers 
facilities that store or use certain chemicals as part of their daily 
operations. This can include food-manufacturing facilities that use 
chemicals of interest in the manufacturing process, farms that use 
certain quantities of ammonium nitrate or urea fertilizers, or 
universities that use chemicals to do experiments. 

[11] DHS Office of Compliance and Security, National Protection and 
Programs Directorate, Infrastructure Security Compliance Division 
(ISCD) Program Inspection, April-September, 2011. 

[12] ISCD data showed that 93 of 94 action items were consistent 
between the April 2012 and June 2012 action plans; therefore, 
computation of the estimated completion dates was based on 93 total 
items. One action item in the April 2012 plan dealing with strategies 
for managing ISCD funding levels was removed from the June 2012 plan 
because after the analysis was prepared and submitted to NPPD, the 
decision was made to delete the item from the plan. The funding action 
item was replaced in the June 2012 action plan with an action item to 
conduct a peer review of the facility tiering process and formula. For 
purposes of this analysis, we used the 93 action items (instead of 94 
action items) that were consistent between the April and June 2012 
action plans. 

[13] According to ISCD officials, ISCD uses a performance measure to 
track the performance of the CFATS program overall, but as of June 
2012 did not have performance measures in place to track the progress 
of the action plan, or particular action items. 

[14] The IP Directorate of Management Office is responsible for 
providing IP divisions with program management support such as 
training and facilities management. 

[End of section] 

GAO’s Mission: 

The Government Accountability Office, the audit, evaluation, and 
investigative arm of Congress, exists to support Congress in meeting 
its constitutional responsibilities and to help improve the 
performance and accountability of the federal government for the 
American people. GAO examines the use of public funds; evaluates 
federal programs and policies; and provides analyses, recommendations, 
and other assistance to help Congress make informed oversight, policy, 
and funding decisions. GAO’s commitment to good government is 
reflected in its core values of accountability, integrity, and 
reliability. 

Obtaining Copies of GAO Reports and Testimony: 

The fastest and easiest way to obtain copies of GAO documents at no 
cost is through GAO’s website [hyperlink, http://www.gao.gov]. Each 
weekday afternoon, GAO posts on its website newly released reports, 
testimony, and correspondence. To have GAO e-mail you a list of newly 
posted products, go to [hyperlink, http://www.gao.gov] and select 
“E-mail Updates.” 

Order by Phone: 

The price of each GAO publication reflects GAO’s actual cost of 
production and distribution and depends on the number of pages in the 
publication and whether the publication is printed in color or black 
and white. Pricing and ordering information is posted on GAO’s 
website, [hyperlink, http://www.gao.gov/ordering.htm]. 

Place orders by calling (202) 512-6000, toll free (866) 801-7077, or 
TDD (202) 512-2537. 

Orders may be paid for using American Express, Discover Card, 
MasterCard, Visa, check, or money order. Call for additional 
information. 

Connect with GAO: 

Connect with GAO on facebook, flickr, twitter, and YouTube.
Subscribe to our RSS Feeds or E mail Updates. Listen to our Podcasts.
Visit GAO on the web at [hyperlink, http://www.gao.gov]. 

To Report Fraud, Waste, and Abuse in Federal Programs: 

Contact: 
Website: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]; 
E-mail: fraudnet@gao.gov; 
Automated answering system: (800) 424-5454 or (202) 512-7470. 

[End of document] 

Congressional Relations: 

Katherine Siggerud, Managing Director, siggerudk@gao.gov, (202) 512-4400
U.S. Government Accountability Office, 441 G Street NW, Room 7125
Washington, DC 20548. 

Public Affairs: 
Chuck Young, Managing Director, youngc1@gao.gov, (202) 512-4800
U.S. Government Accountability Office, 441 G Street NW, Room 7149 
Washington, DC 20548.