Defense Infrastructure: The Navy's Use of Risk Management at Naval Stations Mayport and Norfolk
Highlights
What GAO Found
The Navy follows the five basic guiding principles for managing risk at the strategic, environmental, and operational levels before making decisions about the placement and operation of its force structureincluding the placement of nuclear-powered aircraft carriers on the East Coast of the United States. The Navy does not conduct any unique risk assessment for its nuclear-powered aircraft carriers at naval installations; rather, nuclear-powered aircraft carriers are high-value assets that are included in the Navys overall risk management process. At the strategic level, Office of the Secretary of the Navy and Office of the Chief of Naval Operations headquarters staff have identified and analyzed risks, such as emerging threats from hostile nation-states, which could make demands on homeland defense capabilities. Since 2004, according to Navy officials, the Navy has been using its strategic laydown and dispersal methodology in dividing its force structure and assets between the Atlantic and Pacific Fleets. In addition, officials stated that there may be adjustments to the Navys current split of assets between the Atlantic and Pacific Fleets based on direction from the President that is reflected in DODs January 2012 defense strategic guidance, which emphasizes rebalancing defense assets in the Pacific region. Furthermore, naval guidance indicates that the Navy seeks to operate around the world in an environmentally responsible manner, both ashore (installations) and afloat (ships), and work with stakeholders to ensure that it follows environmental laws, regulations, and policies. Since the terrorist attacks of 2000 and 2001, the Navys risk management at the operational level has included conducting threat assessments for areas surrounding naval installations, as well as the installations themselves, and providing increased protection for high-value assets, such as nuclear-powered aircraft carriers. In addition, since the terrorist attacks, the Coast Guard has at times been providing escorts to the Navys high-value assets. The Coast Guard officials also noted that the communication of threat information among stakeholders in the Hampton Roads Regional Threat Working Group in Virginia has been much improved during this period.
The Navy has taken some actions to mitigate risk associated with homeporting nuclear-powered aircraft carriers at two East Coast naval installations. A naval installation and its high-value assetssuch as nuclear-powered aircraft carriersmay be susceptible to the threat of a terrorist attack. The risk of becoming the target of such an attack is affected by vulnerabilities at the installation. As part of its ongoing risk management process to identify and assess vulnerabilities at installations, DOD requires that many of its installations undergo an annual antiterrorism vulnerability assessment. According to security experts who conduct the annual vulnerability assessments, they determine whether the installation is in compliance with DODs 32 antiterrorism standards, such as establishing and implementing an antiterrorism program. During our site visits, we found that vulnerability assessments were performed at Naval Stations Mayport, Florida, and Norfolk, Virginia, on an annual basis. In addition, we found that the two naval stations had developed mitigation action plans and identified different possible courses of action to eliminate or mitigate the vulnerabilities and reduce the risk to the installations. The installation commander is responsible for protecting the installation and its assetsincluding nuclear-powered aircraft carriersand selects the course of action that most effectively mitigates the vulnerability. Finally, as part of their ongoing risk management process, Naval Stations Mayport and Norfolk conduct four integrated training events each year, as directed by Commander, Naval Installations Command guidance. These training exercises focus on enhancing skills in emergency management, fire protection, and force protection conditions.
Why GAO Did This Study
The recent financial crisis, emerging political unrest in nations around the globe, and the impact of significant natural disasters are causing organizations of all types and sizes to place increasing emphasis on robust risk management practices. The 2010 Quadrennial Defense Review Report states that risk management is vital to the Department of Defenses (DOD) success and that although it is difficult, risk management is central to effective DOD decision making. In an uncertain fiscal environment, while facing the threat of terrorism and natural disasters, the Navy must continually manage and assess the threats to and the vulnerabilities of its installations and assets. According to Navy officials, since the terrorist attack on the USS Cole in 2000 and the terrorist attacks of September 11, 2001, DOD has enhanced and updated its antiterrorism/force protection standards and physical security requirements for all DOD assets and installations. The Navy performs risk management at all levels of its headquarters and command structure for all of its operations and assets, including naval installations where nuclear-powered aircraft carriers and other high-value Navy assets are located.
In Senate Report 112-26, accompanying a proposed bill for the National Defense Authorization Act for Fiscal Year 2012 (S. 1253), GAO was directed to conduct an analysis of certain matters related to the Navys plan to establish a second East Coast homeport for a nuclear-powered aircraft carrier, including the risks the plan seeks to address. Our reporting objectives were to determine the extent to which the Navy (1) conducts risk management to identify and assess the risk associated with its force structure and high-value assets, including the risk associated with homeporting nuclear-powered aircraft carriers on the East Coast, and (2) has taken actions to mitigate any identified risks.
Recommendations
We are not making any recommendations in this report. Officials from the Office of the Secretary of Defense, the Department of the Navy, and the Secretary of Homeland Security reviewed a draft of this report and provided technical comments, which we incorporated in the final report as appropriate.
For more information, please contact Brian J. Lepore at (202) 512-4523 or leporeb@gao.gov.