Transportation Security:

Actions Needed to Address Limitations in TSA's Transportation Worker Security Threat Assessments and Growing Workload

GAO-12-60: Published: Dec 8, 2011. Publicly Released: Dec 8, 2011.

Additional Materials:

Contact:

Stephen M. Lord
(202) 512-3000
lords@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

What GAO Found

Nonfederal government entities have varying roles and responsibilities under three TSA transportation worker credentialing programs we reviewed--the Transportation Worker Identification Credential program (TWIC) for maritime workers; the Hazardous Materials Endorsement program (HME) for truckers seeking a commercial drivers license endorsement to carry hazardous materials; and the Aviation Workers program for airport workers. TSA administers the TWIC credentialing process, with no role for maritime port facility operators outside of verifying issued credentials. Under HME, state licensing agencies issue endorsements based on whether TSA reports favorable background checking results. In contrast, under the Aviation Workers program, TSA and airports share responsibility for the vetting process for airport workers, with airports responsible for enrolling applicants, adjudicating criminal history results TSA provides, and issuing, and if necessary, revoking airport badges. Eleven of 17 selected maritime ports--including 4 of the top 10 largest ports--reported implementing additional credentialing requirements to those under TSA regulations, which generally included requirements for applicants to obtain and present local port identification--in addition to a TWIC--to gain unescorted access. At three of these ports, local agencies conducted additional criminal history checks. In addition, 4 of 6 selected state licensing agencies responsible for issuing commercial drivers licenses were conducting additional criminal history checks on HME applicants. Some programs included applicant fees which added to the costs already incurred by applicants in obtaining TSA credentials. However, port officials reported their programs provided additional benefits over TSA's programs. The state and local credentialing programs we reviewed complemented the existing credentialing programs administered by TSA.

TSA faces challenges in ensuring it has the necessary information and appropriate staffing to effectively conduct Security Threat Assessments for applicants to its transportation worker credentialing programs. First, in general, the level of access that TSA credentialing programs receive to Department of Justice (DOJ) Federal Bureau of Investigation (FBI) criminal history records is the level of access accorded for noncriminal justice purposes (e.g., equal to that of a private company doing an employment check on a new applicant, according to TSA) which limits TSA in accessing certain criminal history data related to charges and convictions. While TSA is seeking criminal justice type access to FBI systems, the FBI reports that it is legally unable to provide this access. The FBI and TSA are collaborating on options, but have not identified the extent to which a potential security risk may exist under the current process, and the costs and benefits of pursuing alternatives to provide additional access. Second, TSA officials reported the agency was not reviewing some state-provided criminal history for HME applicants because TSA did not have a mechanism to efficiently capture the data in its case system. Identifying a solution may help TSA better identify HME applicants posing security threats. Third, the TSA Adjudication Center relies on contractors for adjudicating applicant cases, and contractor turnover has affected the agency's ability to meet its growing workload. Developing a workforce staffing plan that considers the costs and benefits of using contractors will help ensure that TSA meets its growing credentialing workload. GAO recommends that (1) TSA and the FBI conduct a joint risk assessment of TSA's access to criminal history records, (2) TSA assess costs and benefits of using state-provided criminal history information, and (3) TSA develop a workforce staffing plan to address its growing Adjudication Center workload. DHS and DOJ concurred with GAO's recommendations.

Why GAO Did This Study

Within the Department of Homeland Security (DHS), the Transportation Security Administration (TSA) manages several credentialing programs, which include background checking (known as Security Threat Assessments) and issuing credentials to transportation workers requiring unescorted access to the nation's transportation facilities. The number of TSA programs and their potential for redundancy with state and local government programs has raised questions about these credentialing programs. In response to a mandate in the Coast Guard Authorization Act of 2010, GAO examined TSA credentialing programs to identify (1) the roles and responsibilities of federal and nonfederal government entities related to TSA's transportation worker credentialing programs and how they compare, and (2) any key challenges TSA faced in ensuring the effectiveness of its credentialing programs. GAO reviewed program documentation, such as program processes, and conducted structured interviews with selected airports, port authorities, and state agencies. GAO selected nonfederal government entities based on volume of passengers, truckers, and cargo.

What GAO Recommends

GAO recommends that (1) TSA and the FBI conduct a joint risk assessment of TSA’s access to criminal history records, (2) TSA assess costs and benefits of using state-provided criminal history information, and (3) TSA develop a workforce staffing plan to address its growing Adjudication Center workload. DHS and DOJ concurred with GAO’s recommendations.

For more information, contact Stephen M.Lord at (202) 512-4379 or lords@gao.gov.

Recommendations for Executive Action

  1. Status: Open

    Comments: The Transportation Security Administration (TSA) reported that it had been working with the Department of Justice (DOJ), the Federal Bureau of Investigation (FBI), and the states for several years to obtain more comprehensive access to criminal history record information (CHRI). As of mid-October 2011, TSA and the FBI had reportedly implemented a pilot program for TSA's use in conducting security threat assessments which would use the FBI Interstate Identification Index (III) to obtain state CHRI along with the FBI's CHRI in an automated fashion from 22 additional states that respond to non-criminal justice requests through III. As the pilot progressed, TSA reported that it would work with the FBI to identify the differences between the standard FBI CHRI non-criminal justice requests and the additional state data. TSA and FBI planned to include these results in the overall assessment of risks regarding TSA's current level of CHRI access for security threat assessments. In October 2012, TSA officials said the TSA and FBI had drafted a Memorandum of Understanding (MOU) to support this technical effort and were targeting fiscal year 2013 for finalizing the MOU. In April 2013, TSA reported that the agency continued to work with the FBI to conduct the recommended risk assessment and to evaluate data based on the FBI Purpose Code I pilot data. TSA reported that, over the past year, TSA and FBI have been coordinating to devise the risk assessment parameters including criteria for sample data access and review. According to TSA, in March 2013, TSA and the FBI convened to jointly review and analyze pilot data selected for the study and initial findings--and the agencies were working to complete and document the risk assessment.

    Recommendation: The Secretary of Homeland Security should direct the TSA Administrator, and the Attorney General of the United States should direct the Director of the FBI, to jointly assess the extent to which a security risk may exist with respect to the level of access to criminal history records information currently received by TSA to complete Security Threat Assessments, identify alternatives to address any risks, and assess the costs and benefits of pursuing each alternative.

    Agency Affected: Department of Homeland Security

  2. Status: Open

    Comments: In March 2012, the Department of Justice's Federal Bureau of Investigation (FBI) concurred with the recommendation and reported pursuing several strategies to provide the Transportation Security Administration (TSA) with access to the most complete criminal history records legally available for non-criminal justice purposes. The FBI reported that it would work in collaboration with the TSA to evaluate the benefits and costs of each initiative and to evaluate the extent that the state-maintained criminal history record information enhanced the security threat assessment process.

    Recommendation: The Secretary of Homeland Security should direct the TSA Administrator, and the Attorney General of the United States should direct the Director of the FBI, to jointly assess the extent to which a security risk may exist with respect to the level of access to criminal history records information currently received by TSA to complete Security Threat Assessments, identify alternatives to address any risks, and assess the costs and benefits of pursuing each alternative.

    Agency Affected: Department of Justice

  3. Status: Closed - Implemented

    Comments: The Department of Homeland Security's Transportation Security Administration (TSA) concurred with the intent of the recommendation, and reported actions underway that would satisfy them. TSA reported that it was no longer necessary to conduct an analysis of the risks and costs and benefits associated with not using some state-provided criminal history information in its security threat assessment process because it had identified a solution for incorporating additional state criminal history information. According to TSA officials and a Federal Bureau of Investigation (FBI) memorandum, using the established Federal FBI Interstate Identification Index (III) system to request and receive data from all states would be the most effective and efficient solution to address the identified risk. In November 2012, TSA reported that the two agencies had collaborated to implement a pilot project to receive additional state level criminal history data via the FBI III system. TSA reported that through this pilot project, it now received criminal history record information (CHRI) data from an additional 24 states that are able to provide responses through the FBI III using Purpose Code I along with 16 National Fingerprint File (NFF) from participant states. Since that initial implementation, the FBI has reportedly been working with other states to sign on for Purpose Code I or convert to NFF to allow access to state level data. TSA and the FBI reported targeting 2014 for completion of its pilot project at which time the FBI would implement its Next Generation Identification Increment 4 solution with the same functionality as the pilot project. In May 2013, TSA reported that it continued to receive state level data through the pilot project and requested GAO close the recommendation. These TSA and FBI actions are consistent with the intent of our recommendation.

    Recommendation: The Secretary of Homeland Secretary should direct the TSA Administrator to conduct an assessment of the risks associated with not utilizing some state-provided criminal history information, as well as an analysis of the costs and benefits of integrating the information into the current adjudication process.

    Agency Affected: Department of Homeland Security

  4. Status: Closed - Implemented

    Comments: In December 2011, to help ensure that the Transportation Security Administration (TSA) is able to meet its growing credentialing workload, we recommended that the Secretary of Homeland Security direct the TSA to develop a workforce staffing plan with timelines articulating how the TSA's Adjudication Center will effectively and efficiently meet its current and emerging workload requirements, and incorporate the results of TSA's study examining the appropriateness and costs and benefits of using contractors. DHS concurred with our recommendation. In response, TSA updated its Adjudication Center staffing plan, most recently in July 2013, to reflect current and estimated workload estimates with timelines showing how the TSA may address growing workload responsibilities--such as for increasing its staffing to meet demands for adjudicating Pre Check program applicants. In addition, in January 2014, TSA approved plans to address the findings of a DHS assessment that concluded that Adjudication Center functions are inherently governmental and that the functions and associated contract positions should be converted from contractor to federal positions. In a January 2014 TSA memorandum, the TSA Deputy Administrator approved a plan to convert 46 contractor positions to 46 federal full time positions under TSA's Office of Law Enforcement/Federal Air Marshall Service during 2014. TSA began its hiring process in April 2014 and officials report plans to complete hiring by September 2014, while phasing out its contract by December 2014. According to the memorandum, this action will have an immediate impact by creating direct oversight, long-term stability, and anticipated cost savings for the government. TSA's actions to address its growing credentialing workload are consistent with our recommendation. We are closing the recommendation as implemented.

    Recommendation: The Secretary of Homeland Secretary should direct the TSA Administrator to develop a workforce staffing plan with timelines articulating how the Transportation Threat Assessment and Credentialing (TTAC) Adjudication Center will effectively and efficiently meet its current and emerging workload requirements, and incorporate the results of TSA's study examining the appropriateness and costs and benefits of using contractors.

    Agency Affected: Department of Homeland Security

 

Explore the full database of GAO's Open Recommendations »

Dec 17, 2014

Nov 6, 2014

Oct 14, 2014

Sep 30, 2014

Sep 24, 2014

Sep 18, 2014

Sep 17, 2014

Sep 10, 2014

Looking for more? Browse all our products here