Passenger Rail Security:

Consistent Incident Reporting and Analysis Needed to Achieve Program Objectives

GAO-13-20: Published: Dec 19, 2012. Publicly Released: Dec 19, 2012.

Additional Materials:

Contact:

Jennifer Grover
(202) 512-3000
LordS@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

What GAO Found

The Transportation Security Administration (TSA) has inconsistently overseen and enforced its rail security incident reporting requirement because it does not have guidance and its oversight mechanisms are limited, leading to considerable variation in the types and number of incidents reported. Though some variation is expected in the number and type of incidents reported because of differences in rail agency size, location, and ridership, local TSA inspection officials have provided rail agencies with inconsistent interpretations of the reporting requirement. For example, local TSA officials instructed one rail agency to report all incidents related to individuals struck by trains. However, local TSA officials responsible for another rail agency said these incidents would not need to be reported as they are most often suicides with no nexus to terrorism. Providing guidance to local TSA inspection officials and rail agencies on the types of incidents that are to be reported could improve consistency across different TSA field offices. GAO also found inconsistency in TSA compliance inspections and enforcement actions because TSA has not utilized limited headquarters-level mechanisms as intended for ensuring consistency in these activities. TSA's rail security inspection policies do not specify inspection frequency but call for performing a "reasonable number" of inspections. However, 3 of the 19 rail agencies GAO contacted were not inspected from January 2011 through June 2012, including a large metropolitan rail agency, although local officials said it was unlikely that no incidents had occurred at that agency. Without inspections, TSA's assurance that rail agencies are reporting security incidents, as required, is reduced. In addition, TSA took enforcement action against an agency for not reporting an incident involving a knife, but did not take action against another agency for not reporting similar incidents, though the agency had been inspected. Enhancing headquarters-level mechanisms for overseeing inspection and enforcement actions in the field could help ensure more consistency in these activities and improve TSA's ability to use the information for trend analysis.

TSA has not conducted trend analysis of rail security information, and weaknesses in TSA's rail security incident data management system, including data entry errors, inhibit TSA's ability to search and extract information. Data entry errors occur in part because the guidance provided to officials responsible for entering incident information does not define the available data field options. Without the ability to identify information from the data, such as the number of incidents reported by incident type, TSA faces challenges determining if patterns or trends exist. Additional guidance for officials who enter the incident information could help to reduce data entry errors and improve users' ability to search and extract information from the system, ultimately improving TSA's ability to analyze the incident information. These weaknesses notwithstanding, TSA has made limited use of the incident information it has collected, in part because it does not have a systematic process for conducting trend analysis. TSA's purpose for collecting the rail security incident information was to allow TSA to "connect the dots" by conducting trend analysis. TSA has used the rail security incident information for situational awareness, but has conducted limited analysis of the information, missing an opportunity to identify any security trends or patterns in the incident information, or to develop recommended security measures to address any identified issues.

Why GAO Did This Study

Terrorist attacks on foreign passenger rail systems, which include rail transit and intercity rail, have underscored the importance of collecting and analyzing security incident information to identify potential vulnerabilities. Within the federal government, TSA is the primary agency responsible for overseeing and enhancing passenger rail security, and has several programs to fulfill this responsibility. In 2008, TSA issued a regulation requiring U.S. passenger rail agencies to report all potential threats and significant security concerns to TSA, among other things. GAO was asked to assess the extent to which (1) TSA has overseen and enforced this reporting requirement and (2) TSA has analyzed passenger rail security incident information to identify security trends. GAO reviewed TSA policy documents, guidance, and incident data from January 2011 through June 2012, and interviewed federal officials and security officials from 19 passenger rail agencies. GAO selected these agencies, in part, because of their ridership volume. The results of these interviews are not generalizable but provide insights.

What GAO Found

GAO recommends, among other things, that TSA (1) develop guidance on the types of incidents that should be reported, (2) enhance existing oversight mechanisms for compliance inspections and enforcement actions, (3) develop guidance to reduce errors from data entry problems, and (4) establish a process for regularly conducting trend analysis of incident data. TSA concurred and is taking actions in response.

 

For more information, contact Stephen M. Lord, (202)-512-4379, lords@gao.gov.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: In September 2013, TSA disseminated written guidance to local TSA inspection officials and rail agencies that provides clarification about the requirements of the rail security incident reporting process. This guidance includes examples and descriptions of the types of incidents that should be reported under the regulatory criteria, as well as details about the type of information that should be included in the incident report provided to the Transportation Security Operations Center. This guidance will help ensure that the rail security incident reporting process is consistently implemented and enforced. Therefore, this recommendation is closed as implemented.

    Recommendation: To help ensure that the rail security incident reporting process is consistently implemented and enforced, the Administrator of TSA should develop and disseminate written guidance for local TSA inspection officials and rail agencies that clarifies the types of incidents that should be reported to the TSA's Transportation Security Operations Center (TSOC).

    Agency Affected: Department of Homeland Security: Transportation Security Administration

  2. Status: Closed - Implemented

    Comments: As of August 2013, TSA has enhanced the utilization of the Surface Regional Security Inspectors (RSI) by providing them with the ability to review both passenger and freight rail inspections in the Performance and Results Information System (PARIS) before the inspections are finalized and enforcement action is taken. TSA established an RSI-dashboard report that provides weekly, monthly, and quarterly information about the number inspections that have been reviewed, accepted, and rejected. TSA also developed a mechanism for tracking the recommendations RSIs make to local TSA inspection officials regarding changes to local compliance inspections, as well as any actions that are taken in response. This mechanism allows the RSIs to provide management oversight of passenger and freight rail regulatory inspections and enforcement actions, which helps ensure that these regulations are consistently implemented and enforced. Therefore, this recommendation is closed as implemented.

    Recommendation: To help ensure that the rail security incident reporting process is consistently implemented and enforced, the Administrator of TSA should enhance and utilize existing oversight mechanisms at the headquarters level, as intended, to provide management oversight of local compliance inspections and enforcement actions.

    Agency Affected: Department of Homeland Security: Transportation Security Administration

  3. Status: Closed - Implemented

    Comments: In March 2013, TSA established a process for updating TSA's incident management system, WebEOC, when previously unreported incidents are discovered through compliance activities. To carry out this process, the agency created an Office of Security Operations Surface Detailee position. This position is responsible for ensuring that rail security incidents recorded in the compliance database, PARIS, are also captured in the WebEOC database. This action will improve the accuracy and completeness of the incident data in WebEOC. Therefore, this recommendation is closed as implemented.

    Recommendation: To help fulfill TSA's stated purpose for collecting rail security incident information and improve the accuracy and completeness of the incident data in TSA's incident management system, WebEOC, the Administrator of TSA should establish a process for updating the database when incidents that had not previously been reported are discovered through compliance activities.

    Agency Affected: Department of Homeland Security: Transportation Security Administration

  4. Status: Open

    Comments: As of August 2013, TSA officials reported that they have taken actions to develop additional guidance for Transportation Security Operations Center (TSOC) officials to help reduce the number of data entry errors in TSA's incident management system, WebEOC. This includes an updated Surface Guide, as well as the addition of definitions that can be directly accessed from the WebEOC system while data is being entered. However, the documentation TSA provided in support of these actions does not address problems in the data entry process for key data fields related to categorization of incident characteristics. We will continue to monitor TSA's progress in implementing this recommendation.

    Recommendation: To help fulfill TSA's stated purpose for collecting rail security incident information and improve the accuracy and completeness of the incident data in TSA's incident management system, WebEOC, the Administrator of TSA should develop guidance for TSOC officials that includes definitions of data entry options to reduce errors resulting from data entry problems.

    Agency Affected: Department of Homeland Security: Transportation Security Administration

  5. Status: Open

    Comments: As of August 2013, TSA officials reported that they had developed a new capability for identifying trends in the rail security incident data, known as the Surface Compliance Trend Analysis Network (SCAN). According to TSA officials, SCAN consists of a Surface Transportation Security Inspector (TSI) located at the Transportation Security Operations Center (TSOC), as well as enhanced IT capabilities. The TSI, part of TSA's Office of Security Operations (OSO), is responsible, in part, for analyzing the incident data that is reported to TSOC, and coordinating with the Office for Security Policy and Industry Engagement and the Office of Intelligence and Analysis to conduct further investigations into potential trends. However, the documentation TSA provided related to SCAN is limited to the establishment of an OSO position at the TSOC and the steps that official is expected to take if unreported incident information is discovered during compliance activities. The documentation does not include details regarding a systematic process for regularly conducting trend analysis of the rail security incident data. We will continue to monitor TSA's progress in implementing this recommendation.

    Recommendation: To help fulfill TSA's stated purpose for collecting rail security incident information and improve the accuracy and completeness of the incident data in TSA's incident management system, WebEOC, the Administrator of TSA should establish a systematic process for regularly conducting trend analysis of the rail security incident data, in an effort to identify potential security trends that could help the agency anticipate or prevent an attack against passenger rail and develop recommended security measures.

    Agency Affected: Department of Homeland Security: Transportation Security Administration

 

Explore the full database of GAO's Open Recommendations »

Oct 9, 2014

Sep 26, 2014

Sep 25, 2014

Sep 23, 2014

Sep 12, 2014

Jul 31, 2014

Jul 23, 2014

Jun 25, 2014

Jun 24, 2014

Looking for more? Browse all our products here