Risk management (21 - 30 of 217 items)
Homeland Security Acquisitions: DHS Should Better Define Oversight Roles and Improve Program Reporting to Congress
GAO-15-292: Published: Mar 12, 2015. Publicly Released: Mar 16, 2015.
The Department of Homeland Security (DHS) has taken steps to improve oversight of major acquisition programs, but it lacks written guidance for a consistent approach to day-to-day oversight. Federal Standards for Internal Control call for organizations to define and document key areas of responsibility in order to effectively plan, direct, and control operations to achieve agency objectives. DHS h...
Aviation Security: TSA Should Take Additional Action to Obtain Stakeholder Input when Modifying the Prohibited Items List
GAO-15-261: Published: Feb 4, 2015. Publicly Released: Mar 6, 2015.
Transportation Security Administration (TSA) officials stated that TSA considers four factors when determining whether to make modifications to the Prohibited Items List (PIL), but the agency did not fully assess risk when considering its recent proposed PIL modifications, as GAO has previously recommended. TSA generally considers the following four factors when determining whether to modify the P...
Federal Facility Cybersecurity: DHS and GSA Should Address Cyber Risk to Building and Access Control Systems
GAO-15-6: Published: Dec 12, 2014. Publicly Released: Jan 12, 2015.
The Department of Homeland Security (DHS) has taken preliminary steps to begin to understand the cyber risk to building and access controls systems in federal facilities. For example, in 2013, components of DHS's National Protection and Programs Directorate (NPPD) conducted a joint assessment of the physical security and cybersecurity of a federal facility. However, significant work remains.Lack o...
Aviation Security: Rapid Growth in Expedited Passenger Screening Highlights Need to Plan Effective Security Assessments
GAO-15-150: Published: Dec 12, 2014. Publicly Released: Dec 12, 2014.
Since the Transportation Security Administration (TSA) implemented its expedited screening program—known as TSA Pre✓TM in 2011, the number of passengers receiving expedited screening grew slowly, and then increased about 300 percent in October 2013 when TSA expanded its use of methods to increase passenger participation, such as conducting automated risk assessments of all passengers. In condu...
Combating Terrorism: Strategy to Counter Iran in the Western Hemisphere Has Gaps That State Department Should Address
GAO-14-834: Published: Sep 29, 2014. Publicly Released: Oct 21, 2014.
The Department of State (State) uses a variety of mechanisms to collaborate with interagency partners and host governments to address activities of Iran in the Western Hemisphere. In developing the strategy, which includes an Intelligence Community Assessment developed by the Office of the Director of National Intelligence (ODNI), State's Bureau of Western Hemisphere Affairs worked with other U.S...
Secure Flight: TSA Could Take Additional Steps to Strengthen Privacy Oversight Mechanisms
GAO-14-647: Published: Sep 9, 2014. Publicly Released: Sep 18, 2014.
The Transportation Security Administration (TSA) has taken steps to implement several of the privacy oversight mechanisms it planned to establish when Secure Flight implementation began in 2009, but additional actions could allow TSA to sustain and strengthen its efforts. Overall, TSA has implemented mechanisms to identify privacy implications associated with program operations and address them as...
Critical Infrastructure Protection: DHS Action Needed to Enhance Integration and Coordination of Vulnerability Assessment Efforts [Reissued on September 17, 2014]
GAO-14-507: Published: Sep 15, 2014. Publicly Released: Sep 15, 2014.
During fiscal years 2011 to 2013, various Department of Homeland Security (DHS) offices and components conducted or required thousands of vulnerability assessments of critical infrastructure (CI), but DHS is not positioned to integrate them in order to identify priorities. Although the Homeland Security Act of 2002 and the National Infrastructure Protection Plan (NIPP) call for DHS to integrate...
Maritime Critical Infrastructure Protection: DHS Needs to Better Address Port Cybersecurity
GAO-14-459: Published: Jun 5, 2014. Publicly Released: Jun 5, 2014.
Actions taken by the Department of Homeland Security (DHS) and two of its component agencies, the U.S. Coast Guard and Federal Emergency Management Agency (FEMA), as well as other federal agencies, to address cybersecurity in the maritime port environment have been limited.While the Coast Guard initiated a number of activities and coordinating strategies to improve physical security in specific po...
Border Security: DHS Needs to Strengthen Its Efforts to Modernize Key Enforcement Systems
GAO-14-342T: Published: Feb 6, 2014. Publicly Released: Feb 6, 2014.
The schedule and cost for the Department of Homeland Security's (DHS) border enforcement system modernization program known as TECS Mod that is managed by Customs and Border Protection's (CBP) continue to change; while the part managed in parallel by Immigration and Customs Enforcement (ICE) is undergoing major revisions to its scope, schedule, and cost after discovering that its initial solution...
Border Security: DHS's Efforts to Modernize Key Enforcement Systems Could be Strengthened
GAO-14-62: Published: Dec 5, 2013. Publicly Released: Jan 6, 2014.
Customs and Border Protection (CBP) has defined the scope for its TECS (not an acronym) modernization (TECS Mod) program, but its schedule and cost continue to change; while Immigration and Customs Enforcement (ICE) is overhauling the scope, schedule, and cost of its program after discovering that its initial solution is not technically viable. CBP's $724 million program intends to modernize the f...