This is the accessible text file for GAO report number GAO-05-930 
entitled 'Aviation Safety: Oversight of Foreign Code-Share Safety 
Program Should Be Strengthened' which was released on September 9, 
2005. 

This text file was formatted by the U.S. Government Accountability 
Office (GAO) to be accessible to users with visual impairments, as part 
of a longer term project to improve GAO products' accessibility. Every 
attempt has been made to maintain the structural and data integrity of 
the original printed product. Accessibility features, such as text 
descriptions of tables, consecutively numbered footnotes placed at the 
end of the file, and the text of agency comment letters, are provided 
but may not exactly duplicate the presentation or format of the printed 
version. The portable document format (PDF) file is an exact electronic 
replica of the printed version. We welcome your feedback. Please E-mail 
your comments regarding the contents or accessibility features of this 
document to Webmaster@gao.gov. 

This is a work of the U.S. government and is not subject to copyright 
protection in the United States. It may be reproduced and distributed 
in its entirety without further permission from GAO. Because this work 
may contain copyrighted images or other material, permission from the 
copyright holder may be necessary if you wish to reproduce this 
material separately. 

Report to the Ranking Democratic Member, Committee on Transportation 
and Infrastructure, House of Representatives: 

August 2005: 

Aviation Safety: 

Oversight of Foreign Code-Share Safety Program Should Be Strengthened: 

GAO-05-930: 

GAO Highlights: 

Highlights of GAO-05-930, a report to the Ranking Democratic Member, 
Committee on Transportation and Infrastructure, House of 
Representatives: 

Why GAO Did This Study: 

U.S. airlines are increasingly relying on code-share partnerships with 
foreign carriers to provide additional sources of revenue. Code-sharing 
is a marketing arrangement in which an airline places its designator 
code on a flight operated by another airline and sells and issues 
tickets for that flight. To determine whether the foreign code-share 
partners of U.S. airlines meet an acceptable level of safety, in 2000, 
the Department of Transportation (DOT) established the Code-Share 
Safety Program, which requires U.S. airlines to conduct safety audits 
of their foreign code-share partners as a condition of code-share 
authorization. 

GAO's objective was to assess the federal government’s efforts to 
provide reasonable assurance of safety and security on foreign code-
share flights. GAO reviewed (1) the extent to which DOT's code-share 
authorization process is designed to consider safety and security, (2) 
the Federal Aviation Administration’s (FAA) management of the Code-
Share Safety Program, and (3) the implementation of the program by 
airlines and the results. 

What GAO Found: 

In considering U.S. airlines’ requests to establish code-share 
arrangements with foreign carriers, DOT’s Office of International 
Aviation reviews, among other things, any safety and security 
objections from FAA and TSA. FAA assesses the safety of foreign civil 
aviation authorities and reviews reports of the safety audits that U.S. 
carriers have conducted of their foreign airline partners. From fiscal 
years 2000 through 2004, DOT (1) authorized U.S. airlines to establish 
or maintain code-share arrangements with foreign carriers 270 times and 
(2) did not suspend any arrangements because of known safety concerns. 
According to FAA, however, U.S. airlines occasionally have decided not 
to pursue code-share arrangements with foreign carriers because they 
expected FAA would object, and FAA sometimes puts its reviews of 
proposed code-share arrangements on hold if the agency has safety 
concerns. FAA and TSA did not object to any of the authorizations 
during that period for safety or security reasons. Although not 
involved in the code-share authorization process, the Department of 
Defense (DOD) reviews the safety of foreign airlines that transport DOD 
personnel. For their separate programs, FAA and DOD are reviewing many 
of the same safety audit reports on foreign carriers. 

The Code-Share Safety Program, which calls for U.S. airlines to conduct 
periodic safety audits of their foreign code-share partners, 
incorporates selected government auditing standards involving 
independence, professional judgment, and competence. However, FAA’s 
reviews of the safety audit reports lacked management controls for 
reviewers’ qualifications, documenting the closure of safety audit 
findings, verifying corrective actions taken in response to findings, 
and documenting reviews. 

Eight U.S. airlines with foreign code-share partners have implemented 
the DOT program by conducting safety audits of their foreign partners. 
According to our review of a random sample of audit reports that FAA 
reviewed from fiscal years 2000 through 2004, the largest numbers of 
safety findings identified were in the categories of (1) flight 
operations and (2) maintenance and engineering. GAO estimates that for 
68 percent of the findings, the documentation was insufficient to 
demonstrate that the findings were closed or were resolved. Airlines 
are beginning to adopt a new safety audit program that requires the 
documentation of findings and corrective actions. 

Aircraft Safety Inspection: 

[See PDF for image] 

[End of figure] 

What GAO Recommends: 

GAO recommends that DOT clarify procedures for airlines to follow in 
documenting corrective actions and improve management controls over 
FAA’s reviews of safety audit reports. DOT agreed to consider the 
recommendations. 

www.gao.gov/cgi-bin/getrpt?GAO-05-930. 

To view the full product, including the scope and methodology, click on 
the link above. For more information, contact Gerald Dillingham at 
(202) 512-2834 or dillinghamg@gao.gov. 

[End of section] 

Contents: 

Letter: 

Results in Brief: 

Background: 

DOT's Office of International Aviation Relies on FAA for Safety 
Assessments and TSA for Security Assessments to Authorize Code-Share 
Arrangements: 

Code-Share Safety Program Incorporates Auditing Standards, but FAA's 
Oversight of the Program Lacks Certain Management Controls: 

U.S. Airlines Are Auditing Foreign Partners' Safety, and Partners Are 
Taking Corrective Action, but Documentation of Corrective Actions Is 
Often Lacking: 

Conclusions: 

Recommendations: 

Agency Comments: 

Appendixes: 

Appendix I: Objectives, Scope, and Methodology: 

Appendix II: U.S. Carriers and Their Foreign Code-Share Partners: 

Appendix III: Comments from DHS: 

Appendix IV: GAO Contacts and Staff Acknowledgments: 

GAO Contacts: 

Staff Acknowledgments: 

Table: 

Table 1: Selected Government Auditing Standards Incorporated in the 
Code-Share Safety Program: 

Figures: 

Figure 1: Percentage of U.S. Carriers' Active Code-Share Partnerships, 
by World Region, as of May 2005: 

Figure 2: Aviation Accident Rates by World Region during 2004: 

Figure 3: Code-Share Authorization Process: 

Figure 4: FAA's Process for Responding to DOT's Office of International 
Aviation: 

Figure 5: Percentage of Findings by Audit Category: 

Abbreviations: 

DHS: Department of Homeland Security: 

DOD: Department of Defense:: 

DOJ: Department of Justice:: 

DOT: Department of Transportation:: 

FAA: Federal Aviation Administration:: 

GSA: General Services Administration:: 

IASA: International Aviation Safety Assessment: 

IATA: International Air Transport Association:: 

ICAO: International Civil Aviation Organization:: 

IOSA: IATA Operational Safety Audit:: 

SARS: Severe Acute Respiratory Syndrome:: 

TSA: Transportation Security Administration: 

Letter August 5, 2005: 

The Honorable James L. Oberstar: 
Ranking Democratic Member:
Committee on Transportation and Infrastructure: 
House of Representatives: 

Dear Mr. Oberstar: 

As the U.S. airline industry strives to improve its financial 
condition, many carriers are increasing their focus on international 
service to provide needed sources of revenue. To help expand their 
global market reach, U.S. airlines have established an increasing 
number of code-share arrangements with foreign airlines, and, as of May 
2005, eight U.S. airlines had established foreign code-share 
partnerships. Code-sharing is a marketing arrangement in which an 
airline places its designator code[Footnote 1] on a flight operated by 
another airline and sells and issues tickets for that flight. U.S. 
carriers must obtain authorization for foreign code-share operations 
from the Department of Transportation (DOT). 

In 2000, DOT's Office of the Secretary and Federal Aviation 
Administration (FAA) established the Code-Share Safety Program to 
ensure that the foreign code-share partners of U.S. airlines meet an 
acceptable level of safety. The program was established in response to 
safety concerns that arose after SwissAir Flight 111 crashed off the 
shores of Nova Scotia in 1998, killing 229 passengers and crewmembers, 
including 53 Americans. At that time, SwissAir was a foreign partner of 
U.S.-based Delta Air Lines. Before the Code-Share Safety Program was 
established, DOT reviewed the potential competitive and economic impact 
of U.S. airlines' code-share arrangements with foreign airlines, but 
regarding safety considerations, relied on the oversight by the home 
country. Now, under the Code-Share Safety Program, U.S. airlines must 
conduct periodic safety audits of their foreign code-share partners as 
a condition of code-share authorization. DOT designed the Code-Share 
Safety Program to rely on U.S. airlines to audit the safety of their 
foreign code-share partners because FAA does not have the authority to 
inspect foreign aircraft that do not enter the United States. The DOT 
program is similar to a safety audit program that the Department of 
Defense (DOD) created in 1999 for foreign carriers that transport DOD 
personnel. 

You asked that we review the measures that the federal government is 
taking to provide reasonable assurance of safety and security when 
passengers travel on flights operated by foreign code-share partners of 
U.S. airlines. To do so, we addressed the following questions: 

* To what extent is DOT's authorization of U.S. airlines' code-share 
arrangements with foreign airlines designed to consider safety and 
security?

* How well has FAA managed the Code-Share Safety Program?

* To what extent have U.S. airlines implemented the Code-Share Safety 
Program, and what have been the results of their efforts?

To determine how safety and security are considered in DOT's 
authorization of U.S. airlines' code-share arrangements with foreign 
airlines,[Footnote 2] we reviewed the process that DOT follows in 
authorizing code-share arrangements, Code-Share Safety Program 
guidelines, applicable aviation safety standards, and related legal 
authorities. Our review covered safety audit reports on foreign 
carriers that FAA reviewed and U.S. airlines' code-share partnerships 
with foreign carriers that DOT has authorized since February 2000, when 
the Code-Share Safety Program was established, through the end of 
fiscal year 2004. We also examined how FAA's assessments of foreign 
civil aviation authorities are used in the code-share approval process. 
During our review of the Code-Share Safety Program, we found that DOD 
had a similar program designed to ensure the safety of foreign airlines 
that transport DOD personnel. Because our objective was to determine 
how the federal government is providing safety oversight of foreign 
airlines, we included DOD in our review. However, because DOD does not 
play a direct role in the authorization of foreign code-share 
arrangements, this report focuses on the DOT Code-Share Safety Program. 
Moreover, because security is a component of assessing airline safety, 
we determined what the Transportation Security Administration (TSA), 
the Department of Homeland Security agency responsible for aviation 
security, has done to provide security information to FAA and DOD for 
their safety reviews of foreign airlines. 

Because the Code-Share Safety Program establishes an audit program, to 
assess how well FAA has managed the program, we reviewed whether the 
program's design conformed with selected standards identified in 
Government Auditing Standards.[Footnote 3] In addition, because we were 
evaluating the management of a government program, we examined how FAA 
applied certain management controls in its reviews of the safety audit 
reports for the Code-Share Safety Program using Standards for Internal 
Control in the Federal Government.[Footnote 4] We discussed with FAA 
officials how they conducted the assessments of foreign civil aviation 
authorities and with TSA officials how they assessed the security of 
certain foreign carriers and airports. 

Finally, to determine the extent to which U.S. airlines have 
implemented the Code-Share Safety Program and the results, we 
interviewed safety officials at the eight U.S. airlines that were 
participating in the Code-Share Safety Program[Footnote 5] and reviewed 
a random sample of reports of safety audits the airlines had conducted 
of their foreign code-share partners. We did not determine whether the 
airlines complied with international aviation safety standards but 
reviewed the safety audit reports to determine what types of findings 
were identified and whether corrective actions were documented. We also 
interviewed officials from the International Air Transport Association 
(IATA), the trade association that represents air carriers worldwide, 
to determine how IATA's recent introduction of a new safety audit 
program for its members may affect the Code-Share Safety Program. We 
conducted our review in Arlington, Virginia; Atlanta; Denver; Eagan, 
Minnesota; Ft. Worth; Houston; Phoenix; Pittsburgh; Seattle; 
Washington, D.C; and Montreal, Canada; from August 2004 through August 
2005 in accordance with generally accepted government auditing 
standards. Appendix I provides additional information on our 
methodology. 

Results in Brief: 

In considering U.S. airlines' requests to establish code-share 
arrangements with foreign carriers, DOT's Office of International 
Aviation reviews, among other things, any safety and security 
objections from FAA and TSA. FAA assesses the safety of foreign civil 
aviation authorities and reviews reports of the safety audits that U.S. 
carriers have conducted of their foreign airline partners. According to 
DOT officials, on 270 occasions from February 2000--when the Code-Share 
Safety Program was established--through the end of fiscal year 2004, 
DOT authorized or reauthorized U.S. airlines to establish or maintain 
code-share arrangements with foreign carriers and did not suspend any 
arrangements because of known safety concerns. However, according to 
FAA, U.S. airlines occasionally have decided not to pursue code-share 
arrangements with foreign carriers because they expected FAA would 
object, and on four occasions during that period, U.S. airlines 
suspended their code-share arrangements with foreign carriers because 
FAA was questioning the capabilities of the civil aviation authorities 
under which the foreign carriers were operating. In addition, FAA 
sometimes puts its reviews of proposed code-share arrangements on hold 
if the agency has safety concerns. Code-share arrangements may be 
periodically reauthorized, based on the terms of the initial 
authorization. To maintain code-share authorization, U.S. airlines are 
to conduct safety audits of their foreign code-share partners every 2 
years. FAA provided DOT's Office of International Aviation with 
memorandums indicating that it did not object to any of the proposed 
arrangements from February 2000 through the end of fiscal year 2004. 
DOT's Office of International Aviation also receives security 
information from TSA, which assesses the security of foreign airlines 
that provide direct service to the United States and its territories 
and certain foreign airports. TSA provided security clearances for all 
proposed code-share arrangements from fiscal years 2000 through 2004 
for which it had information on the foreign carriers. TSA does not 
assess the security of foreign carriers that do not provide direct 
service to the United States and its territories because it lacks that 
authority. Twenty-nine of U.S. airlines' foreign code-share partners, 
or about one-third, do not provide direct service to the United States 
and its territories and therefore have not been assessed for security 
by TSA. DOD does not authorize code-share arrangements, but like FAA, 
it reviews the U.S. airlines' safety audit reports of their foreign 
code-share partners. We found that DOD and FAA are reviewing many of 
the same audit reports and that TSA was not providing its foreign 
airport security assessments to DOD. 

The Code-Share Safety Program incorporates selected government auditing 
standards involving auditors' independence, professional judgment, and 
competence. However, FAA's management of the program did not 
incorporate certain controls relating to establishing reviewers' 
qualifications, documenting the closure of safety audit findings, 
verifying corrective actions taken in response to the findings, and 
documenting its reviews. For example, FAA has not established the 
qualifications needed for agency staff who review the safety audit 
reports. In addition, FAA has not provided its reviewers or the 
airlines with definitions of "safety-critical" findings that the 
airlines must resolve immediately or "nonsafety-critical findings" that 
can be resolved after the audit is closed. Some airline officials told 
us they would like FAA to provide a definition of "safety-critical" 
findings that must be resolved immediately. Furthermore, in reviewing 
the safety audit reports, FAA frequently is not documenting its 
reviews. As a result, it cannot be determined which corrective actions 
that FAA verified were implemented by the foreign carriers. FAA's lack 
of documentation about its reviews of the audit reports could impede 
trend analyses and comparisons of findings and prevents determining 
whether FAA reviewed those findings. 

The eight U.S. airlines have implemented the Code-Share Safety Program 
by conducting safety audits of their foreign code-share partners to 
determine whether the partners comply with international aviation 
safety standards. According to our review of a random sample of 149 
audit reports, the largest numbers of safety findings that the U.S. 
airlines identified in auditing their foreign partners during fiscal 
years 2000 through 2004 were in the categories of (1) flight 
operations, which govern the activities of the pilots, including 
training, and (2) maintenance and engineering, which involves the 
oversight of activities to maintain, repair, and overhaul aircraft, 
aircraft engines, and parts. The U.S. airlines followed the program's 
guidelines by submitting written statements from their safety directors 
to FAA affirming that their foreign airline partners had complied with 
international aviation safety standards. However, we estimate that 68 
percent of the audit findings lacked complete documentation that 
corrective action had been taken. Without such documentation, FAA lacks 
evidence that the identified safety issues have been corrected. 
Furthermore, because FAA has not developed a definition of "safety- 
critical" findings, which FAA requires the airlines to resolve 
immediately, we could not identify those findings and, thus, were not 
able to determine if corrective action was documented. Increasingly, 
the airlines are adopting a new international audit program, which 
requires the documentation of identified findings and associated 
corrective actions. FAA accepted this new international audit program 
as a methodology that would meet the Code-Share Safety Program 
guidelines. To the extent that the airlines substitute the new 
international audit program for their previous audit methodologies, 
they may improve their documentation of resolved findings and 
associated corrective actions because this audit program requires such 
documentation. Most U.S. airline officials said they believe the Code- 
Share Safety Program provides reasonable assurance of safety or is 
effective. One airline official, for example, said that the program has 
been effective because some foreign airlines, seeking to become code- 
share partners of U.S. airlines, have restructured programs, rewritten 
manuals, and instituted new management techniques. 

We are making three recommendations to DOT and one to TSA. To improve 
the effectiveness of the program, we are recommending that DOT revise 
the Code-Share Safety Program guidelines to define "safety-critical" 
and "nonsafety-critical" audit findings, so that FAA reviewers and the 
airlines know which types of findings must be corrected immediately and 
which ones can be resolved later. In addition, we are recommending that 
FAA implement controls for reviewers' qualifications, corrective action 
verification, and review documentation. Furthermore, because DOD and 
FAA are reviewing many of the same audit reports, we recommend that FAA 
explore with DOD potential opportunities to reduce duplication of 
efforts. Finally, because security is an important component of 
assessing airline safety, to improve DOD's oversight of foreign 
carriers that transport DOD personnel, we are recommending that TSA 
develop a process for routinely coordinating with DOD regarding 
information on the security of foreign airports. 

In commenting on a draft of this report, overall, DOT generally 
concurred with our findings and agreed to consider our recommendations. 
DHS agreed with our recommendation regarding TSA. DOD and DOT provided 
some technical clarifications, which we incorporated into this report 
as appropriate. In addition, FAA provided general comments on the Code- 
Share Safety Program. 

Background: 

Each year, several million passengers travel on foreign airlines that 
have established code-share arrangements with U.S. air 
carriers.[Footnote 6] Code-sharing is a marketing arrangement in which 
an airline places its designator code on a flight operated by another 
airline and sells and issues tickets for that flight. On foreign code- 
share routes, U.S. airlines and their foreign partners each place their 
respective designator code on flights operated by the other airline. 
Passengers can purchase one ticket from a U.S. airline that can include 
flight segments covered by one or more foreign partner 
airlines.[Footnote 7] Air carriers throughout the world form code-share 
alliances to strengthen or expand their market presence or ability to 
compete. Through code-sharing, U.S. airlines can offer seamless service 
to additional international destinations without incurring the expense 
of establishing their own operations to those locations. Moreover, 
airline officials said that code-share arrangements with foreign 
airlines have become important sources of revenue.[Footnote 8] 
According to FAA, international markets are viewed as more attractive 
growth markets by mainline carriers because of more limited competition 
from low-cost carriers and greater profitability. 

In recent years, U.S. airlines have established an increasing number of 
code-share arrangements with foreign carriers to expand their service 
markets.[Footnote 9] As of May 2005, eight U.S. airlines had 
established 108 arrangements to place their designator codes on 85 
different foreign carriers, up from six U.S. airlines that had 
established 39 arrangements to place their designator codes on 38 
different foreign carriers in fiscal year 2000.[Footnote 10] As shown 
in figure 1, the majority of U.S. airlines' code-share arrangements are 
with European airlines, representing over half, followed by airlines 
from Asia and the Pacific, accounting for nearly a quarter of the 
arrangements. Appendix II lists the U.S. carriers and their foreign 
code-share partners. 

Figure 1: Percentage of U.S. Carriers' Active Code-Share Partnerships, 
by World Region, as of May 2005: 

[See PDF for image] 

Note: Percentages do not total to 100 because of rounding. 

[End of figure] 

In 1998, SwissAir Flight 111, which was a code-share flight with U.S.- 
based Delta Air Lines, crashed off the shores of Nova Scotia, killing 
229 passengers, including 53 Americans. Following that accident, the 
DOT Inspector General reviewed aviation safety under international code-
share agreements and issued a report in 1999 recommending, among other 
things, that DOT develop and implement procedures requiring U.S. 
airlines to conduct safety audits of foreign carriers as a condition of 
authorization of code-share passenger services.[Footnote 11] Also in 
1999, legislation was introduced in the House of Representatives that 
would have statutorily required U.S. airlines to audit the safety of 
their foreign code-share partners.[Footnote 12] Although that 
legislation was not enacted, in 2000, DOT's Office of the Secretary and 
FAA established the Code-Share Safety Program, which included the 
development of guidelines for U.S. carriers to follow in auditing the 
safety of their foreign code-share partners as a condition of DOT's 
authorization of code-share passenger services. 

DOD's safety audit program, called the Commercial Air Transportation 
Quality and Safety Review Program, expanded another program that DOD 
established in 1986 to check the safety of charter aircraft 
transporting its personnel, after an Arrow Air charter airplane 
transporting U.S. military personnel crashed in 1985, killing 256 
passengers and crew. In 1986, Congress passed Public Law 99-661, which 
created a Commercial Airlift Review Board and prohibits DOD from 
contracting with an air carrier unless it meets certain safety 
standards and submits to a technical safety evaluation. A 1999 
memorandum of understanding between DOD and the Air Transport 
Association, a U.S. airline industry association, allows DOD to review 
the safety audits that U.S. airlines have conducted of their foreign 
airline partners. 

DOD is a major customer of airlines that have established code-share 
arrangements through its participation in the General Services 
Administration's (GSA) city-pairs program, under which the government 
negotiates service contracts for all federal government employees, 
including military personnel, to save the government money on air 
travel. The program requires federal employees and military personnel 
to fly with carriers under such contracts when they travel on 
government business. DOD is required to review the safety of all 
airlines that provide scheduled service to its personnel under the GSA 
city-pairs program, which include U.S. airlines' foreign code-share 
partners. DOD's program also has the effect of having the airlines 
comply with DOD requirements if they want to maintain the GSA 
contracts. 

The safety of foreign carriers is also a concern because aviation 
accident rates vary considerably from one region of the world to 
another. According to data compiled by IATA, an international airline 
association, during 2004, the North American region had the lowest 
aviation accident rate (0.29 hull losses[Footnote 13] per million 
flight segments), while the Middle East had the highest (5.32 hull 
losses per million flight segments).[Footnote 14] Africa had the second 
highest rate, followed by South America, the Asia-Pacific region, and 
Europe. These accident rates are shown in figure 2. 

Figure 2: Aviation Accident Rates by World Region during 2004: 

[See PDF for image] 

[End of figure] 

DOT's Office of International Aviation Relies on FAA for Safety 
Assessments and TSA for Security Assessments to Authorize Code-Share 
Arrangements: 

DOT's Office of International Aviation within the Office of the 
Secretary of Transportation authorizes U.S. airlines' code-share 
arrangements with foreign airlines after considering, among other 
things, safety and security information from FAA and TSA. FAA provides 
DOT's Office of International Aviation with a memorandum recording its 
"objection" or "no objection" to the foreign code-share partners of 
U.S. airlines. This memorandum is based on FAA's assessments of foreign 
civil aviation authorities and reviews of safety audits conducted by 
U.S. airlines of foreign carriers. TSA assesses the security of foreign 
airlines that provide service to the United States and its territories 
and certain foreign airports. DOT also considers the competitive and 
antitrust implications of code-share arrangements. For its program, DOD 
reviews many of the same safety audit reports on foreign airlines that 
FAA reviews for the Code-Share Safety Program. 

DOT Considers Information from Several Sources to Authorize Code-Share 
Arrangements: 

To authorize a code-share arrangement between a U.S. and a foreign 
airline, DOT must find that the arrangement is in the public 
interest.[Footnote 15] Under the DOT guidelines, this public interest 
finding includes a determination of the foreign carrier's level of 
safety and the economic impact of the arrangement. Before authorizing a 
code-share arrangement, DOT's Office of International Aviation obtains 
(1) a memorandum of "no objection" from FAA, based on its review of the 
safety audits and other safety information available to FAA; (2) a 
clearance from DOT's Office of Policy on aspects of security involving 
the foreign carrier, including information from TSA; and (3) a 
clearance from DOT's Office of Aviation Analysis and Office of the 
General Counsel concerning the code-share arrangement's competitive 
impact on the airline industry.[Footnote 16] The Office of 
International Aviation also obtains advice from the Department of 
Justice on potential antitrust issues.[Footnote 17] According to DOT 
officials, on 270 occasions, from February 2000 through the end of 
fiscal year 2004, DOT authorized or reauthorized U.S. airlines to 
establish or maintain code-share arrangements with foreign carriers and 
did not suspend any arrangements during that time.[Footnote 18] 
However, FAA officials also said that U.S. airlines have occasionally 
decided not to pursue code-share arrangements with foreign airlines 
because they expected FAA would object. Code-share arrangements may be 
periodically reauthorized based on the terms of the initial 
authorization. Figure 3 shows the DOT code- share authorization 
process. 

Figure 3: Code-Share Authorization Process: 

[See PDF for image] 

[End of figure] 

FAA Response Reflects Assessments of Foreign Civil Aviation Authorities 
and Safety Audit Reviews: 

DOT's Office of International Aviation solicits the views of FAA on the 
safety aspect of its code-share authorization decision because of FAA's 
technical expertise in that area. FAA reviews reports of the safety 
audits that U.S. carriers have conducted on the foreign carriers and 
other safety information available to FAA, including its assessments of 
the capabilities of the relevant foreign civil aviation authorities. 
FAA provided DOT's Office of International Aviation with memorandums of 
"no objection" on all foreign airlines being considered for code-share 
authorization during fiscal years 2000 through 2004. According to FAA 
officials, if FAA has safety concerns, it puts a hold on its review of 
the proposed code-share arrangement, allowing time for the safety 
issues to be resolved; and on four occasions, from February 2000 
through September 2004, U.S. airlines suspended their code-share 
arrangements with foreign carriers because FAA was questioning the 
capabilities of the civil aviation authorities under which the foreign 
carriers were operating. Figure 4 shows FAA's process for providing 
information to DOT's Office of International Aviation on U.S. airlines' 
applications to establish code-share arrangements with foreign 
carriers. 

Figure 4: FAA's Process for Responding to DOT's Office of International 
Aviation: 

[See PDF for image] 

[End of figure] 

Under the Code-Share Safety Program guidelines, DOT authorizes a U.S. 
airline's code-share arrangement with a foreign carrier only if the 
foreign airline is from a country that is compliant with applicable 
international aviation safety standards under FAA's International 
Aviation Safety Assessment (IASA) program.[Footnote 19] Under IASA, FAA 
reviews the capabilities of foreign civil aviation authorities by 
checking their compliance with standards established by the 
International Civil Aviation Organization (ICAO), a United Nations 
aviation organization.[Footnote 20] Under IASA, FAA assigns countries' 
civil aviation authorities either a category 1 rating--meets ICAO 
standards--or a category 2 rating--does not meet ICAO 
standards.[Footnote 21] During the IASA process, FAA personnel, 
typically from various international field offices, conduct on-site 
assessments of civil aviation authorities for compliance with ICAO 
standards in eight areas: (1) primary aviation legislation, (2) 
aviation regulations, (3) organization of the civil aviation authority, 
(4) adequacy of the technical personnel, (5) technical guidance, (6) 
licensing and certification, (7) records of continuing inspection and 
surveillance, and (8) resolution of safety issues. Each country with 
carriers serving, or wishing to serve, the United States in their own 
right or as part of a code-share arrangement with a U.S. airline must 
first have an assessment under the IASA program. 

Although FAA's plan is to reassess the category for each foreign civil 
aviation authority every 2 years, FAA officials said that this activity 
occurred less frequently because of a larger-than-anticipated number of 
reassessments and constraints on the agency's resources. FAA data 
indicate that 67 of the 100 foreign civil aviation authorities in the 
IASA program, or about two-thirds, have not been assessed within the 
last 4 years. According to FAA, some countries were not assessed within 
the last 4 years because available data indicated that their rating 
categorization remained valid. FAA data also show that from January 1, 
2000, through May 1, 2005, FAA assessed or reassessed--because of 
safety oversight concerns--the capabilities of 33 foreign civil 
aviation authorities, 6 of which were assessed more than once.[Footnote 
22] Of the 42 countries' civil aviation authorities under which the 
foreign code-share partners of U.S. airlines are operating, 16 have 
required an IASA assessment or reassessment since 2000 and 26 have not. 

IASA results, along with the safety audits that U.S. airlines conduct 
of their foreign code-share partners, are FAA's principle measures of 
the level of safety of the foreign carriers. According to the 
guidelines, the level of oversight and regulation that an airline 
receives from its regulatory authority is an important factor in 
assessing its safety. For this reason, DOT authorizes U.S. airlines' 
code-share arrangements only with foreign airlines that are from IASA 
category 1 countries. As of May 2005, FAA had assigned IASA category 1 
ratings to 71 countries' civil aviation authorities and IASA category 2 
ratings to 28; 94 other countries had not yet been categorized, 
generally because no carriers from those countries had applied to 
provide direct service to the United States. 

DOT's Office of International Aviation will not authorize a code-share 
application, and FAA will not review the safety audit report if flights 
that are intended to carry a U.S. carrier's designator code would be 
operated by a foreign carrier from a country with an IASA category 2 
rating. If a U.S. airline is seeking to establish a code-share 
arrangement with a foreign carrier that is from a country that does not 
have an IASA rating, FAA normally conducts the assessment before DOT's 
Office of International Aviation considers the application. When FAA 
lowers a country's IASA rating from category 1 to category 2, DOT's 
Office of International Aviation contacts any U.S. airline that has a 
code-share partnership with an airline from that country to advise the 
U.S. airline of the lowered IASA rating so that the U.S. carrier can 
promptly remove its code from any passenger flights operated by that 
airline, according to agency officials. While DOT indicated that it 
could, at its option, order the removal of U.S. airlines' designator 
codes under these circumstances, in practice, DOT has not needed to 
pursue that option because, when the airlines have learned about an 
IASA category change affecting their service, they have removed their 
operating codes from the foreign carrier. On four occasions since 2000, 
U.S. airlines have suspended their code-share arrangements with foreign 
airlines because FAA was questioning the capabilities of the civil 
aviation authorities under which the foreign airlines were 
operating.[Footnote 23] The program guidelines allow DOT to consider, 
on a case-by-case basis, continuing to authorize a U.S. airline's code- 
share arrangement with a foreign carrier that is from a country with an 
IASA rating that has been lowered from category 1 to category 2. 
According to FAA, this case-by-case language was included to enable 
DOT's Office of International Aviation to accord U.S. airlines a 
limited degree of flexibility needed to effectuate an orderly shutdown 
of their code-share services. However, DOT officials told us that they 
will not authorize the continuation of a code-share arrangement beyond 
the needs of such an orderly shutdown. 

FAA Reviews U.S. Airlines' Methodologies for Auditing Their Foreign 
Code-Share Partners: 

FAA will not review a U.S. airline's safety audit report on a foreign 
carrier until FAA has reviewed and accepted the airline's audit 
methodology. According to the program guidelines, the U.S. airlines' 
safety audit methodologies should incorporate ICAO standards on 
personnel licensing, aircraft operations, aircraft airworthiness, and 
security.[Footnote 24] The guidelines also describe how the U.S. 
airlines should conduct their safety audits, including what 
qualifications the auditors should possess, how the system for 
reporting and correcting findings should be devised, what audit results 
are satisfactory, how a safety monitoring system should be established, 
and how frequently audits should be conducted. At the same time, FAA 
officials said they provide the airlines with some flexibility in 
designing their audit programs, as long as the programs address all of 
the relevant ICAO standards. FAA reviewed and accepted an audit program 
for each of the eight U.S. airlines to participate in the Code-Share 
Safety Program. In designing their audit methodologies, some U.S. 
airlines include other standards and best practices, such as ones 
developed by DOD, in addition to the ICAO standards and recommended 
practices in the DOT program guidelines. Moreover, to audit the safety 
of their foreign code-share partners, six U.S. airlines have begun 
using standards from a new international safety audit program developed 
by IATA called the IATA Operational Safety Audit (IOSA), which 
incorporates the ICAO standards, plus many additional industry best 
practices. IOSA was developed by IATA to improve global airline safety 
and promote audit efficiency by reducing redundant audits. In 2004, FAA 
accepted the IOSA program as a methodology that would meet the Code- 
Share Safety Program guidelines. 

Under the Code-Share Safety Program guidelines, after the U.S. airlines 
have completed the audits and the foreign airlines have taken all 
corrective actions, the U.S. airlines' safety directors (or similar 
officials) should provide written statements to FAA, known as 
compliance statements, affirming that the audits were conducted in 
accordance with the guidelines and that the foreign carriers meet the 
applicable ICAO standards. According to an FAA official, U.S. airlines 
filed compliance statements for all of the audit reports that FAA 
reviewed on foreign carriers.[Footnote 25] The guidelines also indicate 
that to maintain their continued code-share authorizations, U.S. 
airlines should audit the safety of their foreign code-share partners 
and submit compliance statements to FAA every 2 years. We found that, 
for 12 out of 256 audit reports that FAA reviewed from February 2000 
through the end of fiscal year 2004, FAA granted the U.S. airlines 
extensions of time to submit compliance statements because delays had 
resulted from the outbreak of Severe Acute Respiratory Syndrome (SARS), 
the U.S. airline planned to cancel the code-share arrangement, or the 
foreign carrier needed more time to implement corrective actions. FAA 
generally granted the extensions for between 1 and 3 months, during 
which time the code-share arrangements continued. 

TSA Clearances Reflect Security Assessments of Foreign Airlines That 
Provide Direct Service to the United States, Its Territories, and 
Certain Foreign Airports: 

Since 2000, DOT's Office of Intelligence and Security and Office of 
Policy[Footnote 26] have provided security clearances to DOT's Office 
of International Aviation for all U.S. airlines' proposed code-share 
arrangements with foreign airlines. DOT's Office of Policy receives 
security information on certain foreign carriers and foreign airports 
from TSA,[Footnote 27] which assesses the security of foreign airlines 
that provide direct service to the United States and its territories, 
as well as to certain foreign airports. TSA provided security 
clearances for all proposed code-share arrangements, from fiscal years 
2000 through 2004, for which it had information on the foreign 
carriers. Because it lacks the authority,[Footnote 28] TSA does not 
assess the security of other foreign carriers that do not provide 
direct service to the United States and its territories. Twenty-nine, 
or about one-third, of the 85 foreign code-share partners of U.S. 
airlines do not provide service to the United States and its 
territories and therefore have not been assessed for security by TSA. 

DOT has also authorized U.S. airlines' code-share arrangements with 
foreign airlines that serve many foreign airports that TSA has not 
assessed for security. As a result, passengers traveling on foreign 
code-share partners of U.S. airlines may be traveling to certain 
foreign airports that could have security risks. TSA has the authority 
to assess the security of a foreign airport (1) served by U.S. 
airlines, (2) from which a foreign carrier serves the United States and 
its territories, or (3) that "poses a high risk of introducing danger 
to international air travel." Also, TSA can assess "other foreign 
airports the Secretary of Homeland Security considers appropriate." TSA 
has assessed the security of the foreign airports from which domestic 
and foreign airlines provide direct service to the United States and 
its territories. However, in addition to the foreign airports that 
provide direct service to the United States and its territories, the 
foreign code-share partners of U.S. airlines serve other foreign 
airports. TSA officials indicated they have begun to assess the 
security of other foreign airports. DOT has not always had 
comprehensive data on which foreign airports are being served by the 
foreign code-share partners, so we were unable to determine how many 
foreign airports have not undergone TSA security assessments.[Footnote 
29] For one U.S. airline for which we had complete foreign code-share 
route information,[Footnote 30] we determined that the foreign partners 
served 128 foreign airports that did not provide direct service to the 
United States and its territories, and some of these 128 had yet to 
undergo TSA security assessments. 

In assessing the security of foreign airports,[Footnote 31] TSA rates 
them in categories and assesses airports in those categories as 
appropriate. DOT's Office of International Aviation, which receives 
TSA's security ratings through DOT's Office of Policy, authorizes code- 
share arrangements for U.S. airlines with foreign carriers that serve 
foreign airports. According to DOT security officials, it is not a 
problem to authorize code-share arrangements with foreign airlines 
regardless of category because all airports must meet ICAO security 
standards[Footnote 32] and are assessed appropriately.[Footnote 33] 
Moreover, officials from TSA and DOT noted that both U.S. and foreign 
airlines can be required to implement additional security measures at 
those airports. For example, the TSA officials described an instance in 
which a bombing in a Middle Eastern country resulted in the 
implementation of additional security measures at an airport in that 
country. TSA officials said that because that airport met ICAO security 
standards, TSA had to rely on increased security measures voluntarily 
implemented by the carriers to help mitigate the threat in that area. 

DOD Provides Additional Safety Oversight of Foreign Airlines: 

While not involved in DOT's code-share authorization process, DOD 
reviews the safety of certain foreign airlines, thereby providing an 
additional layer of federal oversight. The DOD Commercial Air 
Transportation Quality and Safety Review Program is focused on ensuring 
that the airlines DOD contracts with--to transport DOD personnel--meet 
applicable safety standards. DOD requires U.S. airlines to audit the 
safety of their foreign code-share partners every 2 years, on the basis 
of ICAO standards, and monitor the safety of their foreign partners 
between safety audits. In addition, DOD considers FAA's IASA ratings of 
foreign civil aviation authorities in determining whether to allow 
foreign carriers to fly on GSA city-pair routes. 

DOD requires that foreign airlines be assessed on the basis of 
standards that DOD developed called Quality and Safety Requirements, 
which are focused on system safety processes.[Footnote 34] According to 
a DOD official, these DOD standards include safety processes that are 
not ICAO requirements, which form the basis of the DOT program. A DOD 
official said, for example, that DOD requires airlines to have a safety 
audit program that analyzes and assesses trends of safety information, 
including feedback from crew members, for the purpose of enhancing 
safety, which is not an ICAO standard. Although DOT can suspend code- 
share authorizations for safety reasons, DOD can cancel, at any time, 
contracts with airlines that transport DOD personnel if it determines 
that they are not sufficiently safe. Between audits, DOD takes certain 
steps to monitor the safety of foreign carriers that FAA does not take, 
such as conducting semi-annual evaluations that include requiring 
foreign carriers that DOD contracts with to complete questionnaires 
about their safety. DOD does not consider TSA's security assessments of 
foreign airports in its review. DOD officials said that they were 
unaware of TSA's foreign airport assessments and would like TSA to 
provide the information for DOD to consider as part of its reviews. 

We found that DOD and FAA review many of the same safety audit reports 
on foreign airlines. During fiscal years 2001 through 2004,[Footnote 
35] DOD and FAA reviewed 203 of the same reports of safety audits that 
U.S. airlines had conducted of their foreign code-share partners. In 
reviewing these same reports, DOD and FAA reached the same conclusions 
about the safety of the foreign carriers involved. Because DOD and FAA 
are reviewing many of the same audit reports, the DOT and DOD safety 
programs are duplicating some efforts. In its 1999 report, the DOT 
Inspector General recommended that, in establishing a safety program on 
foreign code-share partners of U.S. airlines, FAA and DOT's Office of 
the Secretary work closely with DOD to maximize the use of limited 
resources, avoid duplication, and establish protocols for exchanging 
information about the carriers' safety assessments. A DOD official said 
that he communicates frequently with FAA Code-Share Safety Program 
officials, and that DOD has a full-time liaison in FAA's Flight 
Standards Service, who meets weekly with FAA officials.[Footnote 36] 
However, FAA officials said that although DOD requests IASA reports on 
certain countries, FAA does not routinely communicate with DOD on its 
safety audit reviews of foreign carriers, and no set criteria spell out 
the circumstances under which FAA and DOD should communicate 
information on the safety of U.S. airlines' foreign code-share 
partners. 

When we discussed the possibility of reducing duplicative safety 
reviews with FAA and DOD officials, an FAA official said he did not 
consider their reviews to be duplicative because FAA and DOD have 
different objectives. The FAA official said that FAA is reviewing the 
reports from the perspective of a regulator, focusing on the carriers' 
compliance with ICAO standards. Furthermore, the FAA official 
questioned whether FAA or DOD could assume each others' 
responsibilities and report to different departments. A DOD official 
also said the potential for duplication should be considered from the 
perspective of DOD's and FAA's different objectives in conducting their 
reviews. The DOD official said that DOD's objective is to ensure that 
its requirements for transporting DOD personnel are being met. Another 
DOD official said that FAA and DOD are not duplicating their efforts 
because neither agency has the expertise to conduct its reviews from 
the other agency's perspective. 

Code-Share Safety Program Incorporates Auditing Standards, but FAA's 
Oversight of the Program Lacks Certain Management Controls: 

The Code-Share Safety Program incorporates selected government auditing 
standards involving independence, professional judgment, and 
competence. According to FAA officials, FAA and DOT's Office of the 
Secretary worked with the airline industry to recommend that the Code- 
Share Safety Program guidelines incorporate these standards. Government 
auditing standards provide an overall framework for ensuring that 
auditors be independent and exercise judgment, competence, and quality 
control and assurance in planning, conducting, and reporting on their 
work.[Footnote 37] However, FAA's management of the program did not 
incorporate certain internal controls,[Footnote 38] which the Office of 
Management and Budget requires federal managers to use in assessing the 
effectiveness and efficiency of operations.[Footnote 39] These controls 
are related to establishing reviewers' qualifications, documenting the 
closure of safety audit findings, verifying corrective actions taken in 
response to the findings, and documenting reviews. 

Code-Share Safety Program Incorporates Selected Government Auditing 
Standards: 

The Code-Share Safety Program guidelines recommend that the airlines 
incorporate certain government auditing standards in their safety audit 
reviews. FAA has reviewed the methodologies that the U.S. airlines 
follow in auditing the safety of their foreign code-share partners, 
which incorporate these auditing standards. Ensuring independence is 
critical, for example, because the U.S. airlines generally audit the 
safety of their foreign code-share partners themselves. Although we did 
not assess the airlines' compliance with the independence standard, 
U.S. airline officials told us that they ensure independence by 
separating their safety and marketing departments organizationally to 
prevent any possible influence from the marketing staff on the safety 
audit results. In addition, safety officials at the U.S. airlines 
participating in the Code-Share Safety Program indicated that other 
airline departments do not have any input into their safety audit 
results. Moreover, some airline safety officials said they were not 
aware of the specific financial arrangements involved in their 
airlines' code-share partnerships. The program guidelines allow the 
U.S. airlines to employ personnel or hire outside experts as 
consultants (contractors) to conduct the safety audits. FAA officials 
said they are not concerned about allowing the U.S. airlines to use 
their own employees to conduct the safety audits because of the 
importance to the airlines of conducting sound safety audits to limit 
the liability associated with establishing code-share arrangements with 
foreign airlines. Table 1 lists the program guidelines that incorporate 
the auditing standards. 

Table 1: Selected Government Auditing Standards Incorporated in the 
Code-Share Safety Program: 

Auditing standard: Independence: The audit organization and auditor 
should be free from personal, external, and organizational impairments 
to independence; 
Program guidelines: The guidelines indicate that the U.S. airlines' 
safety auditors should have organizational independence to perform the 
audits and be free to objectively report to the airlines' senior 
management; The guidelines indicate that U.S. airline safety directors 
(or similar officials) should submit compliance statements to FAA 
affirming that their foreign code-share partners meet international 
aviation safety standards; The guidelines indicate that the safety 
auditors should have no financial interest in or family affiliation 
with the foreign code-share partner airlines. 

Auditing standard: Professional judgment: Professional judgment should 
be used in planning and performing audits and in reporting the results, 
including exercising reasonable diligence to maintain the highest 
degree of integrity, objectivity, and independence; 
Program guidelines: The guidelines indicate that the safety audit 
report's content should be independent, objective, fair and 
constructive, free of vagueness or ambiguity, and supported by 
competent and relevant audit evidence. 

Auditing standard: Competence: Auditors should have the knowledge, 
skills, and experience necessary for their work, and these elements 
should be addressed in the hiring process and through continuous 
development; 
Program guidelines: The guidelines indicate that the safety auditors 
should have the qualifications needed to conduct the safety audits and 
analyze the findings, including relevant training, experience in 
conducting safety audits, and knowledge of international aviation 
safety standards. 

Source: Government Auditing Standards and Code-Share Safety Program 
guidelines. 

[End of table]

FAA's Reviews of the Safety Audit Reports Lacked Certain Management 
Controls: 

We found that FAA's reviews of the safety audit reports lacked certain 
management controls--including establishing reviewers' qualifications, 
verifying corrective actions, and documenting the reviews--but did 
employ some management controls for monitoring and measuring 
performance. Management controls are the continuous processes and 
sanctions that federal agencies are required to use to provide 
reasonable assurance that their goals, objectives, and missions are 
being met. These controls should be an integral part of an agency's 
operations and include a continuous commitment to identifying and 
analyzing risks associated with achieving the agency's objectives, 
establishing program goals and evaluating outcomes, and creating and 
maintaining related records. 

Effective management controls require that personnel possess and 
maintain a level of competence that allows them to accomplish their 
assigned duties. In addition, management must identify the knowledge 
and skills needed for various jobs, provide needed training, and obtain 
a workforce that has the skills that match those necessary to achieve 
organizational goals. However, we found that FAA has not established 
competence criteria and qualifications for the personnel who review the 
airlines' safety audit reports. As a result, the FAA staff who are 
reviewing the audit reports have different backgrounds and training, 
which may lead to differing interpretations of the standards. The FAA 
headquarters official who has reviewed a large number of the safety 
audit reports has aviation experience as a military pilot and is 
trained as an ISO 9000 auditor[Footnote 40] but is not trained as an 
FAA inspector and was hired in an administrative capacity. Two other 
FAA headquarters staff who review the audit reports have been trained 
as aviation safety inspectors. Furthermore, five FAA field inspectors 
who are conducting many of the reviews[Footnote 41] have not had 
training in IOSA, which six U.S. airlines in the Code-Share Safety 
Program are now using as standards to audit the safety of their foreign 
code-share partners. As a result of inspectors not having this 
training, this could impede FAA's review of the safety audits based on 
those standards. Moreover, the Code-Share Safety Program manager was 
transferred to a new position in February 2005, leaving the position 
vacant since that time. As of June 2005, FAA had not authorized this 
position to be filled and has denied a request for another full-time 
staff position dedicated to the program. Since the program manager's 
departure, other staff in FAA's International Programs and Policy 
Office, which administers the Code-Share Safety Program, have reviewed 
the safety audit reports in addition to performing their regular 
duties. FAA program officials said that since the program manager was 
transferred to another position, U.S. airlines must wait 3 to 4 weeks 
for FAA to review their safety audits of foreign carriers, compared 
with waiting 1 day to 2 weeks before his transfer, and that U.S. 
airlines now must bring all of their safety audit reports to FAA in 
Washington, D.C., for review--a change that could hinder FAA's review 
of documentation, such as safety monitoring systems, that may be 
located at the airlines' facilities.[Footnote 42] An FAA management 
official said that because FAA's Flight Standards Service,[Footnote 43] 
of which the Code-Share Safety Program is a part, imposed a hiring 
freeze in January 2005 for budgetary reasons, only critical positions 
are being replaced. The official said that because the vacant position 
for the Code-Share Safety Program was not considered to be critical, it 
was not filled. 

Effective management controls also require the establishment of 
policies and procedures to verify that corrective actions have been 
taken in response to identified problems. According to FAA and airline 
officials, FAA staff review each audit report for about 2 to 4 hours, 
identifying any areas that need further clarification or resolution. 
Although FAA staff review the reports of all audits that U.S. airlines 
have conducted of their foreign code-share partners, normally they only 
spot check whether findings that were identified during the audit were 
resolved. According to an FAA safety official, FAA relies on the U.S. 
airlines' compliance statements, signed by the airlines' safety 
directors, which affirm that the audits were conducted in accordance 
with the guidelines and that the foreign carriers met the applicable 
ICAO standards, as proof that all findings have been resolved. However, 
FAA's reliance on the compliance statements may not provide an 
effective management control to ensure that corrective actions have 
been taken in response to audit findings. For example, we found that 
FAA provided a memorandum of no objection to DOT's Office of 
International Aviation about a foreign code-share partner that, 
according to an official from its U.S. partner, had not implemented all 
of the corrective actions needed to resolve the findings. The safety 
audit identified dozens of findings, many of which were also found in a 
second audit 2 years later and, according to the airline, subsequently 
corrected. Furthermore, because FAA has not provided its reviewers or 
the airlines with a standard definition of "safety-critical" findings 
that must be corrected before the audit can be closed, it is unknown 
whether these open findings were safety critical. Moreover, the 
reasonableness of leaving open dozens of safety audit findings is 
questionable, as is FAA's reliance on the airlines' compliance 
statements as proof that all corrective actions have been made. 
Although the U.S. carrier temporarily suspended the code-share 
arrangement with this foreign carrier, FAA officials said the 
suspension occurred because of FAA's concern about the safety oversight 
of that foreign airline's civil aviation authority, not because of the 
number of audit findings or their lack of closure. 

FAA uses compliance statements, which are based on the safety audit 
results, as reasonable assurance that the foreign airlines meet ICAO 
safety standards. However, FAA's reliance on compliance statements may 
not provide such assurance because FAA has accepted compliance 
statements as proof that the carriers met ICAO safety standards, even 
in situations when it questioned the audit results. For example, FAA 
provided memorandums of no objection to DOT's Office of International 
Aviation that were based on safety audits conducted by one airline 
contractor over a 4-year period, many of which did not identify any 
findings,[Footnote 44] even though an FAA official told us that he had 
discussed with the airline FAA's concern about the number of audits 
that did not identify any findings.[Footnote 45]

According to the Code-Share Safety Program guidelines, U.S. airlines 
should not submit compliance statements to FAA until all corrective 
actions have been completed; the statements should not be predicated on 
future actions that are planned to be completed. However, FAA officials 
said that they allow "nonsafety-critical" findings identified during 
the audit, such as deficiencies in personnel training and omissions in 
manuals, to be addressed later. Because FAA has not provided the 
airlines with a standard definition of "safety-critical" findings that 
must be corrected before the audit can be closed, airlines could 
interpret the term inconsistently in documenting and resolving 
corrective actions. An FAA official indicated that developing a 
definition of safety critical would be difficult and time consuming. An 
aviation safety expert we consulted said that a definition of safety 
critical would require considerable study and criteria development 
because situations can be critical to safety in many ways. He added 
that a well-trained and experienced aviation safety inspector could 
identify a safety-critical situation. However, this same expert 
suggested that, as a quality assurance measure, FAA select several 
audits each year and check the underlying documentation in depth. 
Similarly, the DOT Inspector General recommended in 1999 that FAA 
conduct comprehensive audits of a sample of safety audits to confirm 
that carriers have applied agreed-upon standards and procedures in 
conducting the audits.[Footnote 46] However, even if FAA were to 
conduct such comprehensive audits, without a definition of safety- 
critical findings, the agency would still lack assurance that safety- 
critical findings were identified and resolved. 

FAA indicated that from August 2003 through July 2004,[Footnote 47] 18 
of the 50 audit reports on foreign airlines it reviewed were returned 
to U.S. carriers for further action and 4 were placed on hold pending 
the outcome of IASA reviews; the other 31 foreign carriers received 
memorandums of no objection. Furthermore, FAA officials said that, 
according to anecdotal information from some U.S. carriers, too many 
safety concerns were identified during some safety audits for the 
carriers to proceed with applications for code-share authorization. 
However, FAA officials said they do not know how many times the safety 
audits have prevented airlines that pose safety concerns from becoming 
code-share partners with U.S. airlines. 

In addition, effective management controls require that documentation 
be created and maintained to provide evidence of executing approvals, 
authorizations, verifications, and performance reviews. FAA devised a 
checklist for agency staff to complete while reviewing safety audit 
reports to check for compliance with the program guidelines, record 
information about findings, or report irregularities. FAA officials 
said that the checklist was developed to establish and maintain 
consistency in reviewing the audit reports. However, we found that the 
checklist did not consistently document what actions FAA took when 
reviewing the airlines' audit reports, which findings it reviewed, and 
which corrective actions it verified were implemented. For example, in 
some cases, the checklist provided information about the closure of 
findings, but in other cases, no information was recorded about 
closure. FAA officials said that portions of the checklist may be left 
blank until the FAA reviewer has completed discussions with the airline 
and answered all of the concerns to his or her satisfaction, at which 
time the FAA reviewer will note that no irregularities were found. 
Officials said that in such cases, the checklist would not capture this 
process. However, not completing this information could hinder future 
reviews of the same airline by impeding comparisons between audits. 
Furthermore, because FAA often lacked documentation that it had 
verified the closure of findings, we were unable to determine how 
frequently FAA may have provided memorandums of no objection on foreign 
carriers that had not implemented all corrective actions in response to 
the findings, as occurred in the example discussed earlier. 

Effective management controls also include monitoring to assess the 
quality of performance over time. Management controls generally should 
be designed to ensure ongoing monitoring during normal operations and 
include regular management and supervisory activities, comparisons, 
reconciliations, and other actions people take in performing their 
duties. FAA officials said that the manager of the International 
Programs and Policy Division, which is responsible for administering 
the Code-Share Safety Program and is part of FAA's Flight Standards 
Service, is briefed by the Code-Share Safety Program staff on the 
results of their safety audit reviews before a recommendation is made 
to the Director of Flight Standards to sign the memorandums of no 
objection that are sent to DOT's Office of International Aviation. This 
procedure allows the International Programs and Policy Division manager 
to monitor the results and the decision-making processes involved. In 
addition to reviewing the audit reports, FAA monitors the safety of 
foreign carriers through other sources of information. FAA officials 
said they also review any accident and incident information from 
aviation safety databases, company financial histories, ICAO reports on 
the countries' civil aviation authorities,[Footnote 48] media reports, 
ramp inspection results,[Footnote 49] and information from FAA 
international field offices about their inspections of foreign aircraft 
when these aircraft enter the United States.[Footnote 50]

According to the Code-Share Safety Program guidelines, the U.S. 
airlines participating in the program should have a process to monitor 
the safety of their foreign code-share partners on an ongoing basis, 
and FAA should review this monitoring process. FAA officials said they 
have reviewed the monitoring systems at seven of the eight U.S. 
airlines participating in the program.[Footnote 51] However, FAA had 
not documented its reviews of the monitoring systems, so we were unable 
to verify that activity. Furthermore, safety officials at three of the 
eight U.S. airlines said FAA had not reviewed their monitoring 
systems.[Footnote 52] Without an FAA review, deficiencies in these 
monitoring systems might not be identified. 

FAA does not maintain information on the types and frequencies of audit 
findings to provide a means of comparing the findings from initial and 
recurrent audits of the same airline, or perform trend analysis that 
could help identify problems across airlines or fleets. Trend analyses 
would be useful for monitoring, on an ongoing basis, the effectiveness 
of FAA's internal quality control system. FAA officials said the 
checklists are not used for tracking or trend analysis and that FAA 
does not formally examine either the safety problems occurring most 
often or the geographic areas where problems are occurring most 
frequently. However, the officials said that the FAA program manager 
does want to have a general idea of the types of problems being found, 
and the checklist provides this information informally. According to 
one FAA official, the purpose of the checklist is to ensure that the 
DOT guidelines are met, rather than to create a database of findings. 
In our view, not maintaining such documentation could impede analyses 
of trends and comparisons of findings, as well as limit opportunities 
for assessing risks and prevents determining whether FAA reviewed those 
findings. 

Establishing performance measures is another component of effective 
management controls. The Government Performance and Results Act of 1993 
requires agencies to, among other things, set strategic and annual 
performance goals, and measure and report on performance toward these 
goals. Management controls play a significant role in helping managers 
achieve those goals. FAA has established certain performance goals for 
the Code-Share Safety Program, including reviewing at least 40 safety 
audit reports during fiscal year 2004. FAA exceeded this goal by 
completing 57 reviews. In addition, FAA set a performance goal of 
meeting with major U.S. air carriers to request feedback on the Code- 
Share Safety Program. FAA met this goal in 2004. 

U.S. Airlines Are Auditing Foreign Partners' Safety, and Partners Are 
Taking Corrective Action, but Documentation of Corrective Actions Is 
Often Lacking: 

The eight U.S. airlines participating in the Code-Share Safety Program 
have conducted the safety audits of their foreign code-share partners 
and have monitored the safety of their code-share partners between 
audits, as specified under the guidelines. Through those audits, the 
U.S. airlines have identified numerous safety issues associated with 
their foreign partners' operations. After completing the audits, the 
U.S. airlines have submitted written statements to FAA affirming their 
foreign code-share partners' compliance with ICAO standards, as 
specified under the guidelines. However, the U.S. airlines have not 
always documented the implementation of actions taken in response to 
the findings. Many airlines are now moving to adopt the international 
safety audit program, IOSA, which contains procedures that would help 
to ensure that corrective actions implemented in response to audit 
findings are documented. Most U.S. airline officials said they believe 
the Code-Share Safety Program provides reasonable assurance of safety 
or is effective, but some officials also suggested various changes in 
its administration. 

U.S. Airlines' Safety Audits Primarily Identified Findings in Foreign 
Partners' Flight Operations and Maintenance and Engineering: 

The U.S. airlines participating in the Code-Share Safety Program have 
been assessing the safety of their foreign code-share partners at least 
every 2 years, as the guidelines specify.[Footnote 53] We estimate, 
based on the results of our sample of 149 randomly selected safety 
audit reports, that there are 2,047 findings among the audits that the 
eight U.S. airlines conducted of foreign carriers, which FAA reviewed 
from February 2000 through September 2004.[Footnote 54] The program 
guidelines define a finding as an instance in which "the performance of 
the standard does not meet the established criteria" under ICAO 
standards. We estimate that 75 percent of the audits of foreign 
carriers that the eight U.S. airlines conducted of foreign carriers and 
that FAA reviewed from February 2000 through September 2004 contained 
at least one finding. Airline officials told us that most findings 
related to a lack of documentation. Documentation is important to 
ensure the implementation of management controls, which should appear, 
for example, in management directives and operating manuals. However, 
we found that many of the safety audit findings were broader in scope 
than a lack of documentation and extended to a lack of underlying 
policies and procedures. We further estimate that findings related to 
deficiencies in policies and procedures accounted for 23 
percent[Footnote 55] of all findings. 

The audits reviewed the carriers' compliance in eight major categories 
(organization, flight operations, flight dispatch, maintenance and 
engineering, cabin operations, cargo and dangerous goods, ground 
handling, and security).[Footnote 56] As shown in figure 5, the 
findings spanned all eight categories, but the largest numbers were in 
two categories: (1) flight operations, which govern the activities of 
the pilots, including training, and (2) maintenance and engineering, 
which involves the oversight of activities to maintain, repair, and 
overhaul aircraft, aircraft engines, and parts. In the flight 
operations category, the findings included a lack of drug and alcohol 
testing policies and a lack of documentation on flight time and rest 
requirements for flight personnel. In the maintenance and engineering 
category, one common type of finding related to the maintenance and 
calibration of tools and supplies, which could affect safety. 

Figure 5: Percentage of Findings by Audit Category: 

[See PDF for image] 

Note: Percentages do not total to 100 because of rounding. 

[End of figure] 

Airlines Submitted Compliance Statements to FAA but Did Not Always 
Document the Closure of Findings: 

After U.S. airlines completed their audits, their safety directors 
submitted statements to FAA affirming their foreign code-share 
partners' compliance with ICAO standards. FAA officials said they rely 
on these compliance statements as the primary evidence that the foreign 
code-share partners of U.S. airlines have resolved all safety-critical 
findings. However, on the basis of our review of a sample of the audit 
reports, we estimate that, for 68 percent of the identified 
findings,[Footnote 57] the documentation was insufficient to 
demonstrate that the findings had been closed or were resolved. 
Specifically, the documentation either failed to indicate at least one 
of the following three elements:[Footnote 58] (1) what corrective 
action was taken, (2) who accepted the corrective action, and (3) when 
the corrective action was accepted or the documentation was 
insufficient to determine whether the findings were closed. An 
estimated 28 percent[Footnote 59] of the audit reports that contained 
findings had at least one finding that lacked all three elements 
documenting corrective actions.[Footnote 60] The Code-Share Safety 
Program guidelines do not indicate that U.S. airlines should have 
documentation available for FAA's review to provide evidence of what 
corrective action was taken, who accepted the action, and when the 
action occurred in response to the findings identified in audits of 
their foreign code-share partners.[Footnote 61]

We asked the eight U.S. airlines participating in the Code-Share Safety 
Program what types of systems they were using to track any findings 
that were not resolved when the safety audit was complete. We found 
that three of the U.S. airlines were using computer systems to track 
the closure of such open findings; three other airlines had computer 
systems that could track the closure of findings, but their foreign 
partners had no open findings; and two airlines indicated that they did 
not have systems to track open findings because their foreign partners 
did not have any open findings. At one U.S. airline that was using a 
computer system to track open findings, officials said that a computer 
malfunction resulted in the loss of 6 months of data.[Footnote 62] An 
official from this airline said that before 2004, the airline 
coordinated closure of any findings directly with the contractor. When 
asked to produce this information, the airline did not have finding 
closure documentation available for audits conducted before 2004. This 
contractor said that although his firm was asked a few times by the 
U.S. carrier to check on the closure of audit findings by its foreign 
partner, the U.S. airline was responsible for tracking the closure of 
findings. 

Airlines also lacked documentation on the closure of findings in part 
because an unknown number of findings were closed on-site during the 
audits and not documented. The FAA program manager said he discouraged 
closing out findings on-site without documentation during the audits 
because it does not leave an audit trail about what findings were 
identified. Documentation provides a record of the execution of 
management controls which, in this situation, relate to the 
implementation of corrective actions. 

We estimate that 25 percent of the audits were closed with no findings 
identified. According to an FAA official, audits that identify no 
findings are questionable because the airlines must comply with so many 
requirements under either ICAO or IOSA standards. One U.S. airline used 
a contractor to conduct 31 of the audits of foreign airlines in our 
sample from 1999 through 2003, over half of which identified no 
findings.[Footnote 63] As described earlier, an FAA official told us 
that he had discussed with the airline FAA's concern about the number 
of audits conducted by the contractor that did not identify any 
findings. The FAA official also said that he helped the airline revise 
its approach to conducting the audits as a part of its internal 
evaluation program. The contractor told us that it is common for the 
safety audits not to identify findings because the airlines have 
prepared for the audit, and the audit findings are sometimes resolved 
on the spot. The contractor also said that his firm often recommended 
best practices that the foreign carriers could implement, but these 
recommendations did not relate to violations of ICAO standards and, 
thus, were not considered to be findings. Furthermore, this contractor 
said that a representative from the U.S. airline, who accompanied the 
contractor's auditors on the audits, kept the U.S. airline informed. 

U.S. Airlines Also Monitor the Safety of Their Foreign Partners between 
Audits: 

The eight U.S. airlines participating in the Code-Share Safety Program 
have processes to monitor the safety of their foreign code-share 
partners on an ongoing basis, including their accident and incident 
rates, financial condition, equipment age, labor issues, and other 
issues, as called for in the program guidelines. Safety officials from 
the eight U.S. airlines said that, to their knowledge, no fatal 
accidents had occurred on their foreign code-share routes since the 
Code-Share Safety Program began in 2000. We observed the systems and 
information sources that each U.S. airline used for monitoring. Airline 
officials showed us, for example, safety questionnaires that they sent 
to their code-share partners between formal safety audits, news 
subscription services, and aviation safety Web sites. Some airline 
officials also said they occasionally made on-site visits to monitor 
their partners' safety. The airlines also indicated that they monitor 
any accident and incident data for their code-share partners. According 
to a safety official at one U.S. airline, a carrier's past accident and 
incident record does not conclusively prove that a safety problem 
exists, but it can be an indicator of other deficiencies, such as gaps 
in training. Some officials from airlines that are part of global 
alliances also said that they share safety information about their 
mutual foreign code-share partners. Four U.S. airlines had created 
computer databases to maintain this monitoring information while the 
other four maintained paper files. 

Use of International Safety Audit Program May Address Some Weaknesses 
in the U.S. Safety Audit Program: 

As U.S. airlines and their foreign code-share partners begin to use 
IOSA--a new safety audit program developed by IATA--some of the 
weaknesses that we observed in the Code-Share Safety Program may be 
addressed, and U.S. airlines may receive other benefits. Increased use 
of IOSAs may help to ensure that audit findings are resolved and 
corrective actions implemented. IOSA requires that findings that are 
identified during the audit be documented, excluding those that are 
corrected immediately on-site during an audit.[Footnote 64] In 
addition, IOSA requires documentation of closure for findings, 
including the three elements we identified--(1) a description of the 
corrective actions taken, (2) who accepted the corrective actions, and 
(3) when the corrective action was accepted--as well as the reasoning 
used by the auditing organization to clear the findings. As noted, 
documentation of one or more of these elements was missing, or it could 
not be determined if elements were missing for an estimated 68 percent 
of the audit findings. 

Six of the eight U.S. airlines use IOSA standards to audit the safety 
of their foreign code-share partners, one may do so in the future, and 
one does not plan to use the standards to audit the safety of its 
foreign code-share partner.[Footnote 65] Moreover, according to some 
airline officials, U.S. airlines have a financial incentive to 
encourage their foreign code-share partners to undergo IOSAs because 
the auditing costs[Footnote 66] are shifted from the U.S. airline to 
its foreign partner. However, not all U.S. airlines plan to require 
IOSAs of their foreign code-share partners.[Footnote 67] For example, 
officials from one U.S. airline said that IOSAs may be too expensive 
for some small foreign carriers. Similarly, officials at another U.S. 
airline said that IOSAs are applicable to airlines with large fleets 
and major processes but may not be practical for smaller airlines. 
Officials at a third U.S. airline said they preferred to continue 
conducting the safety audits themselves, rather than using an auditing 
organization selected by IATA, because they wanted the assurance of 
examining their partners' operations in person, rather than relying on 
an external organization. 

Finally, increased use of IOSAs may help standardize aviation safety 
auditing and streamline FAA's review of audit reports. Under the IOSA 
program, the airlines can obtain the audit results of their mutual code-
share partners. Of the eight U.S. airlines with foreign code-share 
partners, six share 18 of the same foreign code-share partners. FAA 
recently allowed U.S. airlines to submit for review audit reports that 
other U.S. airlines had conducted on a shared foreign code-share 
partner.[Footnote 68] Some U.S. airlines, as members of global airline 
alliances, plan to share their audit reports of foreign partners and 
reduce duplicative audits.[Footnote 69] The IOSA program should make it 
easier for airlines that are not in such alliances to share audit 
reports.[Footnote 70] Increased sharing of the reports could reduce the 
number of safety audits that the U.S. airlines would need to conduct of 
their foreign partners and could thus reduce the number of reports that 
FAA would need to review. 

Most U.S. Airline Officials Believe the Code-Share Safety Program 
Provides a Reasonable Assurance of Safety: 

Officials at most U.S. airlines participating in the Code-Share Safety 
Program told us they believe that the program provides reasonable 
assurance of safety concerning their foreign code-share partners or is 
effective. One airline official described the program as an "ingenious 
technique" that has had the effect of raising aviation safety standards 
worldwide by ensuring that safety issues will be resolved. This airline 
official said that some foreign airlines, seeking to become code-share 
partners of U.S. airlines, have restructured programs, rewritten 
manuals, and instituted new management techniques--evidence, he said, 
of the program's effectiveness. Another U.S. airline official said 
that, without the Code-Share Safety Program, U.S. airlines might not 
conduct safety audits of their foreign code-share partners. An official 
at another U.S. airline said the Code-Share Safety Program is a means 
to ensure that a carrier meets minimum ICAO-based international 
aviation safety standards and that the IOSA program creates a baseline 
of auditing standards to be followed worldwide. However, the official 
said that a safety audit, whether conducted by an auditing organization 
selected by IOSA or a U.S. airline, is only a snapshot of the carrier 
for the period in which the audit is conducted. The airline official 
said that the carrier's actions before the audit or after the audit may 
differ and cannot be adequately evaluated until additional safety 
information is collected from the carrier between safety audits or 
until the next safety audit. 

An official at another U.S. airline participating in the Code-Share 
Safety Program said that although a safety audit provides a very good 
assessment of an airline's compliance with aviation safety standards, 
it does not guarantee the safety of the carrier's operations. This 
official added that even if a safety audit were conducted on a carrier 
monthly, it would not guarantee that the carrier would never have an 
accident. Furthermore, an official at another U.S. airline said that 
the Code-Share Safety Program is not necessarily required to provide 
reasonable assurance of safety concerning the foreign code-share 
partners of U.S. airlines and that the airline does not necessarily 
believe that formal, FAA-approved safety audits are the only way to 
gain such assurance. This airline official said that U.S. airlines 
should not be required to conduct safety audits of foreign airlines 
that are operating out of countries that FAA rated as IASA category 1 
and that U.S. airlines should be able to choose whether to conduct 
safety audits in countries that FAA has rated as IASA category 2 or has 
not rated. This airline official added that while the U.S. airline may 
continue to audit its partners on its own, it does not believe that FAA 
should oversee this process. However, an FAA IASA program official told 
us that the IASA program focuses on the capabilities of the foreign 
civil aviation authorities and does not ensure the safety of any 
carriers operating in IASA category 1 countries. This FAA official also 
said that inconsistencies in aviation safety oversight can exist 
throughout the world, even in countries with "higher" standards, and 
that some countries exceed ICAO standards, while others do not. 

A safety official at one U.S. airline said he believed that the Code- 
Share Safety Program guidelines should be made regulations. Although 
officials from DOT's Office of International Aviation and FAA said that 
making the program regulatory is not needed because it is working well, 
this airline safety official said that making the program regulatory 
would allow requirements to be applied more evenly to all airlines 
participating in the program. This airline official added that DOT is 
requiring the guidelines to be followed and therefore they are 
regulations in practice. A safety official at another U.S. airline 
questioned why DOT requires "guidelines" to be followed. He said that 
if DOT wants "rigid compliance" with the guidelines, it should make the 
program regulatory. A safety official at a third U.S. airline said the 
program's requirements should be standardized, noting that, for 
example, FAA was inconsistent about its requirements for reviewing 
auditors' qualifications. An aviation safety expert we consulted also 
said that the program should be made regulatory, observing that both 
the Code-Share Safety Program and IASA suffer from a "lack of 
regulatory teeth" and that making them regulatory would provide clarity 
to the DOT requirements, which he said are "mere policies." At the same 
time, this expert said that although the program is not regulatory, the 
Code-Share Safety Program guidelines clearly lay out what is expected 
of the airlines and set the standards that must be met. He added that 
under the guidelines, U.S. airlines are held accountable for the safety 
of their foreign code-share partners. 

Finally, officials at two airlines said that they would like FAA to 
provide a definition of safety critical or to define when an audit is 
considered to be closed so that it would be clear which findings must 
be resolved before closing an audit and submitting a compliance 
statement. As noted, FAA officials said that they allow nonsafety- 
critical findings identified during the audits to be addressed after 
the code-share arrangement is authorized. 

Conclusions: 

The safety of foreign code-share partners of U.S. airlines is important 
because several million people fly on those foreign carriers using 
tickets purchased from U.S. airlines each year. Under the Code-Share 
Safety Program, the U.S. airlines are auditing the safety of their 
foreign code-share partners and identifying safety concerns, which the 
foreign carriers are addressing. However, FAA's reviews of the safety 
audit reports lack management controls for establishing reviewers' 
qualifications, verifying corrective actions, and documenting the 
reviews. FAA, for example, has not established the qualifications 
needed to review safety audit reports, and FAA field inspectors, who 
are reviewing many of the safety audit reports, have not been trained 
in the IOSA program--potentially impeding FAA's review of audits that 
were conducted using those standards. In addition, the program 
guidelines do not provide clear direction to the U.S. airlines and FAA 
reviewers on which concerns are critical to safety and must be 
addressed before DOT's Office of International Aviation will authorize 
or reauthorize a code-share arrangement. Without a definition of safety-
critical concerns and complete documentation of the closure of 
findings, FAA lacks clear criteria for responding to requests from 
DOT's Office of International Aviation about the safety of foreign 
carriers and lacks assurance that safety-critical concerns have been 
addressed. Furthermore, FAA is not using effective management controls 
when it fails to document its reviews of the airlines' safety audit 
reports. Without complete documentation, a determination cannot be made 
of what actions FAA took when reviewing the reports, which findings it 
reviewed, and which corrective actions it verified were implemented. 
Because documentation on FAA's verification of the closure of findings 
was often lacking, we were unable to determine how frequently FAA may 
have failed to object to the authorization of code-share arrangements 
with foreign carriers that had not implemented all corrective actions 
in response to the findings. FAA also has not implemented a DOT 
Inspector General's recommendation that it conduct a comprehensive 
examination of a sample of audit reports to verify the underlying 
documentation. Furthermore, FAA's not collecting and tracking safety 
audit findings is an obstacle to conducting trend analysis or spotting 
anomalies. 

The airlines' increasing adoption of the IOSA program as a worldwide 
safety auditing standard is likely to change how FAA conducts its 
safety reviews of foreign code-share partners of U.S. airlines. 
Moreover, IOSA requires that actions to correct all findings, except 
those that are corrected during an audit, be documented--a requirement 
that is lacking in FAA's program. However, the adoption of the IOSA 
program is likely to be gradual, given that, as of June 2005, 66 of 
IATA's 265 members had completed the program. 

Finally, although DOD and FAA officials said they have different 
program objectives, the two federal agencies are nevertheless 
duplicating efforts by reviewing many of the same audit reports. In 
addition, DOD is not receiving the foreign airport security assessment 
information from TSA that DOT is receiving. TSA's information would 
provide DOD with more complete data for its safety reviews. 

Recommendations: 

To improve the safety oversight of foreign code-share operations, we 
recommend that the Secretary of Transportation direct the FAA 
Administrator to implement the following three recommendations: 

1. Revise the Code-Share Safety Program guidelines to improve the 
effectiveness of the program and the clarity of the procedures that the 
airlines should follow in documenting and closing out safety audit 
findings. Because the audit guidelines indicate that the airlines 
should not submit compliance statements until all corrective actions 
have been completed, but FAA is allowing the airlines to resolve 
"nonsafety-critical" findings later, FAA should consider either 
following that guideline or defining "safety-critical" audit findings, 
so that the airlines and FAA reviewers know which types of findings 
must be corrected before submitting the compliance statements. 

2. Develop mechanisms to enhance FAA's management controls over its 
reviews of the safety audit reports. In developing the mechanisms, FAA 
should consider standardizing the qualifications and training needed 
for agency staff to review the airlines' safety audit reports; 
identifying ways to document its reviews of the airlines' safety audit 
reports; increasing the scrutiny of audit reports that have an 
unusually high or low number of findings, periodically selecting a 
sample of safety audits to conduct a comprehensive review of the 
underlying documentation collected; and collecting and analyzing 
information on the audit findings for the foreign code-share partners 
of U.S. airlines so that the data can be more easily quantified and 
analyzed to spot possible trends and anomalies, should FAA decide such 
analyses are needed. 

3. Finally, explore with DOD potential opportunities to reduce 
duplication of efforts in reviewing the same safety audit reports. 

Because security is an important component of assessing airline safety, 
to improve DOD's oversight of foreign carriers that transport DOD 
personnel, we also recommend that the Secretary of Homeland Security 
direct the Assistant Secretary of Homeland Security for TSA to develop 
a process of routinely coordinating with DOD regarding information on 
the security of foreign airports for DOD to consider in reviewing the 
safety of foreign airlines. Such a process could be documented in a 
memorandum of understanding or other written procedures to ensure such 
coordination. 

Agency Comments: 

We provided drafts of this report to the Department of Homeland 
Security, (DHS), DOD, and DOT. DHS provided written comments, agreeing 
with our recommendation regarding TSA. DHS's comments are reprinted in 
appendix III. DOD provided no comments on our findings or 
recommendations. DOD and DOT provided some technical clarifications, 
which we incorporated into this report as appropriate. We received 
comments from DOT officials, including FAA's Deputy Associate 
Administrator for Aviation Safety. FAA generally agreed with the report 
and agreed to consider our recommendations. In addition, FAA provided 
comments on the Code-Share Safety Program, emphasizing that it is a 
collaborative effort between DOT's Office of the Secretary, FAA, and 
the air carriers. FAA officials also said that the program established 
guidelines for approving international code-share operations, with the 
intent of encouraging the highest possible levels of safety for 
international code-share operations. According to FAA, the program 
outlines the necessary steps that U.S. air carriers must follow in 
seeking approval from DOT to conduct code-share operations with foreign 
air carriers. The officials added that the Code-Share Safety Program 
charges U.S. air carriers with the primary responsibility for ensuring 
that their foreign code-share partners comply with applicable 
international aviation standards. 

As agreed with your office, unless you announce the contents of this 
report earlier, we plan no further distribution until 30 days from the 
date of this letter. At that time, we will send copies of this report 
to interested congressional committees; the Secretary of 
Transportation; the Administrator of FAA; the Secretary of Defense; the 
Secretary of Homeland Security; and the Assistant Secretary of Homeland 
Security for the Transportation Security Administration. Copies will 
also be available to others upon request and at no cost on GAO's Web 
site at [Hyperlink, http://www.gao.gov]. 

If you or your staff have any questions about this report, please call 
me at (202) 512-2834 or [Hyperlink, dillinghamg@gao.gov]. Contact 
points for our Offices of Congressional Relations and Public Affairs 
may be found on the last page of this report. GAO staff who made major 
contributions to this report are listed in appendix IV. 

Sincerely yours,

Signed by: 

Gerald L. Dillingham, Ph.D. 
Director, Physical Infrastructure Issues: 

[End of section]

Appendixes: 

Appendix I: Objectives, Scope, and Methodology: 

Our objective was to review the measures that the federal government is 
taking to provide reasonable assurance of safety and security when 
passengers travel on flights operated by the foreign code-share 
partners of U.S. airlines. To accomplish this, we reviewed (1) the 
extent to which the Department of Transportation's (DOT) authorization 
of U.S. airlines' code-share arrangements with foreign airlines is 
designed to consider safety and security, (2) how well FAA has managed 
the Code-Share Safety Program, and (3) the extent to which U.S. 
airlines have implemented the Code-Share Safety Program, and the 
results of their efforts. 

To determine how safety and security are considered in DOT's 
authorization of U.S. airlines' code-share arrangements with foreign 
airlines, we interviewed officials at DOT's Office of International 
Aviation, Federal Aviation Administration (FAA), Transportation 
Security Administration (TSA), and the Department of Justice (DOJ) and 
reviewed the Code-Share Safety Program guidelines and related program 
documentation, applicable international aviation safety standards, and 
relevant legal authorities. Our review covered the U.S. airlines' code- 
share partnerships with foreign carriers that DOT authorized from 
February 2000, when the Code-Share Safety Program began, through fiscal 
year 2004.[Footnote 71] At DOT, we interviewed the officials who decide 
whether to authorize such partnerships about the authorization process, 
their sources of information, and how often they authorize the 
partnerships. To gain a better understanding of the authorization 
process and the information considered, we also reviewed a sample of 
code-share applications that U.S. airlines had filed to establish code- 
share partnerships with foreign carriers. Our sample consisted of one 
randomly selected application filed by each of the eight U.S. airlines 
participating in the Code-Share Safety Program. 

We also interviewed DOT security officials about how they provide 
security clearances for foreign carriers and how often they have 
provided those clearances for code-share authorization. Because TSA was 
the source of aviation security information for DOT, we interviewed TSA 
officials about how they assess the security of foreign airlines and 
airports. We also reviewed data from TSA about the results and 
frequency of its security assessments of foreign airports and related 
legal authorities. Based on our understanding of the data through 
interviews with TSA officials, we determined that the data were 
sufficiently reliable for our purposes. In addition, we interviewed DOT 
officials who review the competitive aspects of the code-share 
arrangements about how they conduct their reviews and how often they 
have provided those clearances for code-share authorization. Because 
these DOT officials received advice from DOJ on potential antitrust 
issues involving the code-share partnerships, we also interviewed DOJ 
officials who provided that advice about their process and sources of 
information. 

At FAA, we interviewed officials about how they assess the capabilities 
of foreign civil aviation authorities through the International 
Aviation Safety Assessment (IASA) program and how those assessments 
relate to the Code-Share Safety Program. We also analyzed data on the 
results and frequency of IASA reviews since the Code-Share Safety 
Program was initiated. Based on our understanding of the data through 
interviews with FAA officials, we determined that the data were 
sufficiently reliable for our purposes. We reviewed documentation that 
FAA staff had prepared when they reviewed the airlines' safety audit 
reports to determine how they documented their reviews. We also 
discussed with FAA officials how often FAA provided memorandums of no 
objection to DOT's Office of International Aviation to support U.S. 
airlines' applications for code-share arrangements with foreign 
carriers. 

Because the Code-Share Safety Program was designed to assess foreign 
airlines' compliance with aviation safety standards established by 
International Civil Aviation Organization (ICAO), we interviewed ICAO 
officials about the standards, related international aviation safety 
issues, and the ICAO Universal Safety Oversight Audit Program, which 
assesses the capabilities of countries' civil aviation authorities. In 
addition, because many airlines are planning to use a new international 
safety audit program--the International Air Transport Association's 
(IATA) Operational Safety Assessment (IOSA) program--to assess the 
safety of their foreign partners, we interviewed IATA officials about 
how the program was developed, how airlines plan to implement it, and 
how it could affect the Code-Share Safety Program. For background 
information on how aviation safety varies internationally, we obtained 
data from IATA on aviation accident rates for different world regions. 
We did not review the reliability of IATA's aviation accident data 
because we used this information only for background purposes. We also 
interviewed officials from the Air Transport Association--a U.S. 
airline association--about its involvement in establishing the DOD 
safety audit program and its views on the Code-Share Safety Program and 
FAA's IASA program. Finally, because we found during our review that 
DOD had also established a program for reviewing the safety of foreign 
carriers, we interviewed DOD officials about the design and 
implementation of its program. In addition, we obtained information 
about the safety audit reports that DOD had reviewed from fiscal year 
2001 through fiscal year 2004 and the results, which we compared with 
the results of those that FAA reviewed. We also discussed with FAA and 
DOD officials the extent to which they have coordinated their efforts. 

To determine how well FAA has managed the Code-Share Safety Program, we 
evaluated whether DOT's Office of the Secretary and FAA incorporated 
selected government auditing standards in the program's design and 
whether FAA effectively used management controls in reviewing the 
safety audit reports. Because the Code-Share Safety Program establishes 
an audit program, we reviewed whether the program's design, as 
reflected in the program guidelines, conforms to certain standards 
identified in Government Auditing Standards.[Footnote 72] We reviewed 
selected general standards[Footnote 73] that are contained in 
Government Auditing Standards (independence, professional judgment, and 
competence) to assess the program's design. Although we examined the 
audit methodologies that the U.S. airlines had developed and submitted 
to FAA for review, we did not review them for conformance with 
government auditing standards because FAA had already conducted this 
review as a condition of accepting the U.S. airlines' participation in 
the program. In addition, because we were evaluating the management of 
a government program, we examined FAA's application of management 
controls, which is synonymous with the term "internal controls," in its 
reviews of the safety audit reports using Standards for Internal 
Control in the Federal Government.[Footnote 74] We selected the 
management controls that were applicable to FAA's review of the audit 
reports for establishing reviewers' qualifications, verifying 
corrective actions, documenting the reviews, and monitoring and 
measuring performance. We also reviewed the recommendations contained 
in a 1999 DOT Office of the Inspector General report on aviation safety 
under international code-share agreements to determine whether and to 
what extent the report's recommendations--about how a code-share safety 
audit program should be designed--were implemented. 

To determine the extent to which U.S. airlines have implemented the 
Code-Share Safety Program and the results, we interviewed officials at 
the eight U.S. airlines that were participating in the program about 
how they were assessing the safety of their foreign partners and 
reviewed a sample of the reports. We drew a stratified random 
probability sample of 153 reports of audits conducted by U.S. airlines 
of their foreign code-share partners. This sample was drawn from a 
population of documentation maintained by FAA for the 242 audit reports 
that the agency had reviewed from February 2000 through September 2004. 
Of these 153 sampled audits, 2 were out of scope because the airlines 
withdrew them from consideration and 2 were in scope, but we did not 
complete our reviews of these reports. We ultimately collected 
information for 149 in-scope audits. With this probability sample, each 
audit report in the study population had a positive probability of 
being selected, and that probability could be computed for any audit. 
We stratified the population into nine groups on the basis of the U.S. 
airline conducting the audit, and further, for some of those airlines, 
whether the foreign airlines being audited were code-share partners 
with more than one U.S. airline or whether FAA's records of its reviews 
of the audit reports contained comments about the findings. Each 
sampled audit was subsequently weighted in the analysis to 
statistically account for all of the audits in the study population, 
including those that were not selected. During our audit work, three 
airlines provided information about a total of 14 additional audit 
reports that, according to the airlines, FAA had reviewed. These 14 
audits were not included in the population from which we drew our 
sample because FAA's files did not contain information about them. 
Estimates generated in this report pertain only to the 242 audit 
reports that, according to FAA's files, the agency reviewed. 

Because we followed a probability procedure based on random selections, 
our sample is only one of a large number of samples that we might have 
drawn. Since each sample could have provided different estimates, we 
express our confidence in the precision of our particular sample's 
results in 95-percent confidence intervals. These are intervals that 
would contain the actual population values for 95 percent of the 
samples we could have drawn. As a result, we are 95-percent confident 
that each of the confidence intervals in this report will contain the 
true values in the study population. All percentage estimates from the 
sample of audits have sampling margins of error of plus or minus 10 
percentage points or less unless otherwise noted. All numerical 
estimates other than percentages have margins of error of plus or minus 
10 percent of the value of those estimates or less unless otherwise 
noted. 

We did not determine whether the airlines complied with international 
aviation safety standards. However, we performed a content analysis of 
the audit reports in our sample to determine what types of safety 
findings were identified regarding the foreign carriers. We recorded 
the findings and grouped them into eight categories: (1) organization, 
(2) flight operations, (3) flight dispatch, (4) maintenance and 
engineering, (5) cabin operations, (6) cargo and dangerous goods, (7) 
ground handling, and (8) security--because the reports were generally 
organized into those categories. We then further divided those eight 
categories into at least six issue subcategories. Two coders 
independently categorized each finding, and any coding disagreements 
were resolved between the coders or by a third reviewer. 

During our review of the audit reports, we also attempted to determine 
whether corrective actions taken in response to the findings were 
documented. To accomplish this, we looked for evidence of (1) what 
corrective action was taken, (2) who accepted the corrective action, 
and (3) when the corrective action was accepted. We considered these 
three elements to be sufficient evidence of documentation after 
observing how some airlines had documented the closure of findings and 
by reviewing Government Auditing Standards, which indicate that 
auditors should examine whether recommendations from previous audits 
have been implemented, and from Standards for Internal Control in the 
Federal Government, which require management to determine whether 
proper actions have been taken in response to findings and audit 
recommendations. 

In addition to reviewing the audit reports at the airlines, we 
interviewed safety officials (typically the safety directors) at all 
eight U.S. airlines participating in the Code-Share Safety Program 
about how they assess the safety of their foreign code-share partners, 
including how they plan, carry out, and close the audits, as well as 
monitor the safety of their foreign partners between audits.[Footnote 
75] We also observed the monitoring systems that they had implemented, 
as the program guidelines require, and sources of information that they 
used to monitor the safety of their foreign code-share partners. In 
addition, we asked the U.S. airline safety officials about their 
program-related interactions with FAA and DOT's Office of International 
Aviation, whether and how they believe the program could be improved, 
and what they thought about the implications of the airlines' increased 
adoption of IOSA by as an international aviation safety audit program. 
We also obtained the views of an aviation safety expert about the Code- 
Share Safety Program. We selected this expert because of his experience 
in aviation safety, which included helping to design FAA's IASA 
program. Because some airlines had used contractors to conduct safety 
audits of their foreign code-share partners, we interviewed one 
contractor who said that he had conducted or helped to conduct safety 
audits for five of the eight U.S. airlines in the Code-Share Safety 
Program about how his firm conducted the audits and the qualifications 
of his staff. 

Finally, for background information on the extent to which passengers 
are traveling on foreign code-share partners of U.S. airlines, we asked 
the eight U.S. airlines to provide such data from 2000 through 
2004[Footnote 76] using the same methodology, which was based on the 
number of tickets that the U.S. airlines sold for travel on their 
foreign code-share partners. For example, if a U.S. airline sold a 
single ticket for travel that included one or more foreign code-share 
partner flight segments, this ticket was counted once. If a U.S. 
airline sold separate tickets for travel that included more than one 
foreign code-share partner flight segment, each flight segment was 
counted as a separate ticket. Some airlines could not provide data for 
all 4 years, but all eight U.S. airlines were able to provide data for 
2004, which we reported. We did not independently verify this 
information provided by the airlines because it was used only for 
background purposes. 

[End of section]

Appendix II: U.S. Carriers and Their Foreign Code-Share Partners: 

U.S. carrier: Alaska (1 partner); 
Foreign code-share partner: Helijet. 

U.S. carrier: America West (1 partner); 
Foreign code-share partner: Royal Jordanian Airlines. 

U.S. carrier: American (24 partners); 
Foreign code-share partner: Aer Lingus; Aero Caribe; Air Pacific; BA 
CitiExpress; British Airways; Cathay Pacific; China Eastern; EVA 
Airways; Finnair; Gulf Air; Iberia; JAL; JALways; JetConnect Limited; 
LACSA; LAN Chile; Lan Express; Mexicana Airlines; Qantas; SN Brussels; 
Swiss International Air Lines; TACA; TAM - Linhas Aereas; Turkish 
Airlines. 

U.S. carrier: Contintental (18 partners); 
Foreign code-share partner: AeroLitoral; Aeromexico; Air Europa; Air 
France; Alitalia; Brit Air; COPA; CSA Czech; Emirates; EVA Airways; 
flybe.British European; KLM Cityhopper; KLM Exel Airlines; KLM Royal 
Dutch Airlines; Korean Airlines; Maersk Air; TAP Air Portugal; Virgin 
Atlantic. 

U.S. carrier: Delta (21 partners); 
Foreign code-share partner: AeroLitoral; Aeromexico; Air France; Air 
Jamaica; Alitalia Express; Alitalia Team; Avianca; Brit Air; China 
Airlines; China Southern; CityJet; CSA Czech; El Al; Emirates; 
flybe.British European; KLM Royal Dutch Airlines; Korean Airlines; 
Malev Hungarian Airlines; Regional; Royal Air Maroc; South African 
Airways. 

U.S. carrier: Northwest (11 partners); 
Foreign code-share partner: Aeromexico; Air Alps; Air France; Alitalia; 
CSA Czech; KLM Cityhopper; KLM Exel; KLM Royal Dutch Airlines; Korean 
Airlines; Malev Express; Malev Hungarian Airlines. 

U.S. carrier: United (23 partners); 
Foreign code-share partner: AC Jazz; Air Canada; Air China; Air 
Dolomiti; Air Japan; Air New Zealand; Air Nippon; All Nippon Airways 
(ANA); Asiana; Austrian; British Midland (BMI); LOT Polish; Lufthansa; 
Lufthansa Cityline; Nakanihon Airlines; PrivatAir (Switzerland); 
PrivatAir (Germany); SAS; Thai Airways; The Fair, Inc; Tyrolean; Varig; 
Virgin Blue. 

U.S. carrier: US Airways (9 partners); 
Foreign code-share partner: AeBal (Aerolineas de Baleares); Air 
Dolomiti; BahamasAir; British Midland (BMI); Eurowings; Lufthansa; 
Lufthansa CityLine; Spanair; Winward Island Airways. 

Source: FAA. 

Note: Data as of May 2005. 

[End of table]

[End of section]

Appendix III: Comments from DHS: 

U.S. Department of Homeland Security: 
Washington, DC 20528: 

July 14, 2005: 

Dr. Gerald L. Dillingham:
Director, Physical Infrastructure Issues: 
U.S. Government Accountability Office: 
441 G Street, NW:
Washington, DC 20548: 

Dear Dr. Dillingham: 

RE: Draft Report GAO-05-930, Aviation Safety: Oversight of Foreign Code-
Share Safety Program Should be Strengthened (GAO Job Code 540108): 

The Department of Homeland Security (DHS) appreciates the opportunity 
to review and comment on the Government Accountability Office's draft 
report as it relates to the Transportation Security Administration 
(TSA). 

The draft report includes three recommendations to the Department of 
Transportation and one to DHS' Transportation Security Administration. 
We agree with your proposed revised recommendation: 

"that the Secretary of Homeland Security direct the Assistant Secretary 
of Homeland Security for TSA to develop a process of routinely 
coordinating with DOD regarding information on the security of foreign 
airports for DOD to consider in reviewing the safety of foreign 
airlines. Such a process could be documented in a memorandum of 
understanding or other written procedures to ensure such coordination." 

Sincerely,

Signed by: 

Steven Pecinovsky: 
Director: 
Departmental GAO/OIG Liaison Office: 

[End of section]

Appendix IV: GAO Contacts and Staff Acknowledgments: 

GAO Contacts: 

Gerald Dillingham (202) 512-2834 
Teresa Spisak (202) 512-2834: 

Staff Acknowledgments: 

In addition to the above individuals, Elizabeth Eisenstadt, Jessica A. 
Evans, Brandon Haller, Bob Homan, David Hooper, Casey Keplinger, 
Elizabeth A. Marchak, Sara Ann Moessbauer, Mark Ramage, and Sidney 
Schwartz made key contributions to this report. 

(540108): 

FOOTNOTES

[1] Designator codes are two-letter codes assigned by the International 
Air Transport Association, the international airline association, to 
the world's airlines. 

[2] This report pertains only to U.S. airlines' code-share arrangements 
with foreign airlines for scheduled air service and not for charter or 
cargo air service. 

[3] GAO, Government Auditing Standards, GAO-03-673G (Washington, D.C.: 
June 2003). 

[4] GAO, Standards for Internal Control in the Federal Government, GAO/
AIMD-00-21.3.1 (Washington, D.C.: November 1999) and GAO, Internal 
Control Management and Evaluation Tool, GAO-01-1008G (Washington, D.C.: 
August 2001). 

[5] Those airlines are Alaska Airlines, America West Airlines, American 
Airlines, Continental Airlines, Delta Air Lines, Northwest Airlines, 
United Airlines, and US Airways. 

[6] According to information provided by the eight U.S. airlines 
participating in the Code-Share Safety Program, about 6.5 million 
tickets were purchased from them in 2004 for travel on flights operated 
by their foreign code-share partners. (See app. I for more information 
on how this information was compiled.) 

[7] U.S. and foreign airlines have established three main types of code-
share arrangements: (1) the U.S. airline places its designator code on 
the foreign carrier's flight, (2) the foreign airline places its 
designator code on the U.S. carrier's flight, and (3) the U.S. and the 
foreign airline each place their designator code on the other's 
flights. 

[8] U.S. airline officials said that their reimbursement agreements 
with foreign carriers were based on route mileage, fare class, and 
selling commissions. 

[9] Some U.S. airlines code-share with foreign airlines on selected 
routes only, while others code-share with foreign airlines on all of 
their routes. 

[10] DOT provided information on the number of U.S. airlines that had 
placed their designator codes on foreign carriers' flights in fiscal 
year 2000 but indicated that the information was compiled informally 
and was not official. 

[11] DOT Office of the Inspector General, Aviation Safety Under 
International Code-Share Agreements, Report No. AV-1999-138 
(Washington, D.C.: Sept. 30, 1999). 

[12] Aviation Codeshare Safety Act, H.R. 2024, 106TH Congress (1999), 
introduced by Representative James Oberstar. 

[13] According to Aviation Safety Network, a database devoted to 
aviation accident and safety information and used by FAA in monitoring 
accident histories, a hull loss occurs when airplane damage is beyond 
economic repair and may include events in which (1) the airplane is 
missing, (2) the search for the wreckage has been terminated without 
success, or (3) the airplane is substantially damaged and inaccessible. 
IATA's data on hull losses are for western-built jet aircraft. The 2004 
world aggregate aviation accident rate compiled by IATA was 0.78 hull 
losses per million flight segments. 

[14] IATA's regional boundaries for this information are not 
necessarily geographic. For example, Mexico is included in the South 
American region. 

[15] DOT is required to consider the public interest in authorizing 
code-share arrangements under 49 U.S.C. 41309. Although the law does 
not provide a specific definition of public interest in this regard, 
leaving the determination to the discretion of the Secretary of 
Transportation, the determination is guided by the public interest 
standards of 49 U.S.C. 40101 as well as by the department's precedents 
in this area. 

[16] According to DOT's Office of Aviation Analysis, since 2000, it has 
cleared the competitive aspects of all U.S. airlines' code-share 
arrangements with foreign airlines. Before providing a clearance, this 
office reviews code-share applications for the degree of competition 
involved, the terms of the financial agreements between the U.S. 
airlines and their foreign partners, and the competitive impact on the 
carriers involved and the region affected. 

[17] According to the Justice Department's Antitrust Division, since 
2000, it has not advised DOT against approving any U.S. airlines' 
unimmunized code-share arrangements with foreign carriers because of 
antitrust concerns (unimmunized code-share arrangements are those for 
which the Department of Justice has not provided immunity from 
antitrust actions). 

[18] According to a DOT official, in some cases, the same code-share 
partners requested and received multiple approvals during this period 
(adding routings, for example), so the total number of authorizations 
granted by the Office of International Aviation exceeds the total 
number of safety audit reports that FAA reviewed. 

[19] FAA's authority to conduct the IASA program is facilitated through 
the requirements of 14 C.F.R. part 129.11 (a), which require in part 
that operations within the United States be in compliance with 
International Civil Aviation Organization (ICAO) annex 6 part 1 
(aircraft operations). 

[20] The 1944 Chicago Convention on aviation safety led to the 
establishment of ICAO, the United Nations organization that develops 
standards and recommended practices for aviation safety and security, 
and outlined the rights and responsibilities of civil aviation 
authorities. ICAO's 18 annexes delineate internationally agreed-upon 
standards that signatories to the Convention (i.e., civil aviation 
authorities) must meet. Annex 1 (personnel licensing), annex 6 
(aircraft operations), and annex 8 (aircraft airworthiness) serve as 
primary sources of international aviation safety standards. 

[21] The IASA program and the Code-Share Safety Program use the same 
ICAO standards (annexes 1, 6, and 8) as evaluation criteria. 

[22] Five of the six countries were ones that FAA had first given an 
IASA category 2 rating and later upgraded to category 1. 

[23] In three cases, the U.S. airlines suspended their code-share 
arrangements before FAA had lowered the respective IASA ratings from 
category 1 to category 2. In another case, a U.S. airline temporarily 
suspended its code-share arrangement with a foreign airline after FAA 
questioned the capabilities of that airline's civil aviation authority, 
but FAA did not lower that country's IASA rating. After FAA resolved 
its questions, the U.S. airline resumed its code-share arrangement with 
that foreign carrier. 

[24] The Chicago Convention provides that signatories to the Convention 
(countries), and thus the airlines under their oversight, must meet all 
the ICAO annexes containing international aviation safety standards. 
Including the United States, 188 countries are signatories to the 
Convention. 

[25] We reviewed FAA's files and did not find compliance statements 
that U.S. airlines had filed for 25 of the 256 safety audit reports 
that FAA reviewed from February 2000 through September 2004. 

[26] DOT's Office of Policy now includes security policy staff, 
formerly housed within DOT's Office of Intelligence and Security, which 
provided the security clearance information for foreign airlines. 

[27] Before fiscal year 2002, when TSA was created and began conducting 
the security assessments, FAA's Office of Civil Aviation Security was 
responsible for conducting them. 

[28] TSA has authority under 49 U.S.C. 44906 to regulate security 
aspects of foreign air carriers that provide service to the United 
States. TSA indicated that it does not have any special regulatory 
authority or requirements for the code-share partners of U.S. airlines. 
TSA requires foreign carriers in their operations to and from airports 
in the United States to adhere to security measures that are similar to 
those TSA requires of the U.S. carriers serving the same airports. 

[29] In some cases, DOT's documentation on foreign code-share routes 
refers to "destinations" or "points" within a foreign country without 
specifying which ones. 

[30] We chose this U.S. airline because it has established code-share 
arrangements with one of its foreign partners for nearly all its 
flights. 

[31] Under 49 U.S.C. 44907, TSA is required to assess the effectiveness 
of the security measures maintained at foreign airports from which a 
foreign carrier serves the United States. 

[32] ICAO's annex 17 covers security standards. 

[33] TSA also indicated that regardless of category, airlines from ICAO 
signatory countries meet ICAO security standards and are assessed as 
appropriate. 

[34] DOD looks at system safety as a means of reducing risk through 
early identification, analysis, elimination, and control of hazards. 

[35] DOD had data on the reports that it reviewed from fiscal years 
2001 through 2004, so we were unable to compare which reports FAA and 
DOD reviewed during fiscal year 2000. 

[36] In a 2002 report on FAA and DOD responses to aviation safety 
concerns, we found that FAA and DOD had gaps in their formal 
communication process, which caused delays in bringing critical safety 
information to the attention of key officials. GAO, Aviation Safety: 
FAA and DOD Response to Similar Safety Concerns, GAO-02-77 (Washington, 
D.C.: Jan. 22, 2002). In that report, we recommended that FAA and DOD 
develop a memorandum of agreement for exchanging aviation safety- 
related information and research. In January 2004, FAA and DOD signed a 
memorandum of agreement for exchanging aviation safety-related 
information and research. 

[37] GAO, Government Auditing Standards, GAO-03-673G (Washington, D.C.: 
June 2003). 

[38] GAO, Standards for Internal Control in the Federal Government, 
GAO/AIMD-00-21.3.1 (Washington, D.C.: November 1999) and GAO, Internal 
Control Management and Evaluation Tool, GAO-01-1008G (Washington, D.C.: 
August 2001). 

[39] Office of Management and Budget, OMB Circular A-123, Management's 
Responsibility for Internal Control, (Washington, D.C.: 1995). 

[40] ISO 9000 is a certification process developed by the International 
Organization for Standardization, which develops standards for 
business, government, and technology based on quality management 
principles. An FAA official said that the agency uses the ISO 9000 
standards for the Code-Share Safety Program for data collection and 
retention, continuous improvement efforts, customer satisfaction, and 
performance measurement. This official said that, for example, the ISO 
9000 standards are used to ensure consistency in how code-share 
applications are processed, that the needed information is collected 
and provided to management to review the applications, and that 
performance goals are achieved. 

[41] Although FAA program staff based in Washington, D.C., review the 
majority of the audit reports, FAA field safety inspectors review some 
of them, because staffing is limited for this program. FAA provided 
information indicating that one full-time-equivalent (FTE) position was 
dedicated for the Code-Share Safety Program during fiscal years 2000, 
2002, 2003, and 2004, and two FTEs were dedicated during fiscal year 
2001. In addition, FAA indicated that five inspectors helped conduct 
safety audit reviews during those years on a part-time basis. FAA 
estimated that the time these five inspectors spent reviewing audit 
reports represented about 4 percent of an FTE's time per year. FAA also 
indicated that about 2.3 FTEs were used on the IASA program per year 
during fiscal years 2000 through 2004, including the time spent by 
field office staff. 

[42] FAA officials said that before the Code-Share Safety Program 
manager was transferred to a new position, U.S. airlines brought the 
safety audit reports of their foreign code-share partners to FAA in 
Washington, D.C., for review 90 percent of the time. 

[43] FAA's Flight Standards Service is part of the Office of Aviation 
Safety. 

[44] We found that over half of the contractor's audit reports had no 
findings. By comparison, we estimate that 25 percent of all audits were 
closed with no findings. 

[45] The airline stopped using this contractor in 2003, after which the 
airline conducted the safety audits itself. The airline indicated that 
its decision to begin conducting the audits using its own resources was 
based on the opportunity to lower costs while expanding its auditing 
checklists to include elements from the IOSA program. In addition, the 
airline indicated that using its resources provided an improved 
opportunity to communicate with its counterparts at the code-share 
airline and exchange recommended safety practices. An official from the 
airline said that the airline shared FAA's concern about the relatively 
low number of findings contained in the contractor's audit reports, but 
explained that the airline had no basis for comparison since it was not 
conducting the audits itself. The official said that now that the 
airline has conducted several safety audits itself, there have been 
only a few instances when findings impacting the safety of flight have 
been discovered. In addition, the official said that many times 
findings are identified and resolved before the audit team concludes 
the audit and that most of the recent findings involve lack of 
documentation for established practices. 

[46] DOT Office of the Inspector General, Aviation Safety Under 
International Code-Share Agreements, Report No. AV-1999-138 
(Washington, D.C.: Sept. 30, 1999). 

[47] FAA did not maintain data on the number of audit reports that it 
reviewed and placed on hold for other years. 

[48] ICAO's Universal Safety Oversight Audit Program regularly audits 
countries that have signed the Chicago Convention of 1944, called ICAO 
Contracting States, to determine the status of the states' 
implementation of safety oversight and relevant ICAO standards and 
recommended practices, associated procedures, guidance material, and 
safety-related practices. 

[49] FAA conducts annual ramp inspections of foreign carriers entering 
the United States or monthly inspections (called the special emphasis 
list) when the results of inspections are repeatedly poor or the 
airline's country of operation is placed in IASA category 2. 

[50] Under 14 C.F.R. 129, FAA may inspect foreign airlines when they 
enter the United States, but FAA does not inspect foreign aircraft 
outside the United States. The Chicago Convention limits FAA and other 
civil aviation authorities to regulating or auditing foreign airlines 
within their own country's airspace. 

[51] An FAA official said that FAA had not observed the eighth U.S. 
airline's monitoring system because it was a new participant in the 
Code-Share Safety Program. 

[52] An official at another U.S. airline said that FAA had observed its 
system to track open safety audit findings but not its entire 
monitoring system. 

[53] As discussed earlier, for 12 of the 256 audit reports that FAA 
reviewed from February 2000 through September 2004, FAA granted the 
U.S. airlines extensions of time to submit compliance statements. In 
some cases, U.S. airlines conducted safety audits of their foreign 
partners more frequently than every 2 years. 

[54] We are 95 percent confident that the actual number of findings 
lies between 1,450 and 2,643. All percentage estimates from the sample 
of audits have sampling margins of error of plus or minus 10 percentage 
points or less unless otherwise noted. All numerical estimates other 
than percentages have margins of error of plus or minus 10 percent of 
the value of those estimates unless otherwise noted. See appendix I for 
additional information on our sampling methodology. 

[55] The 95 percent confidence interval surrounding this estimate 
ranges from 15 to 36 percent. 

[56] Most of the audit reports that we reviewed were organized into 
these eight categories. 

[57] These findings were not categorized as being either safety 
critical or nonsafety critical. Furthermore, because FAA had not 
developed a definition of safety-critical findings, which FAA requires 
airlines to resolve immediately, we could not determine how many safety-
critical findings lacked complete documentation of corrective action. 

[58] We identified these three elements as sufficient evidence that the 
finding was resolved. 

[59] The 95 percent confidence interval surrounding this estimate 
ranges from 16 percent to 44 percent. 

[60] An estimated 64 percent of the audit reports that contained 
findings had at least one finding that lacked at least one element 
documenting corrective actions. 

[61] The program guidelines indicate that the U.S. carriers should 
ensure that their foreign partners have processes in place that 
identify "types of problems that may occur from common or special 
circumstances" and that corrective action takes into account, among 
other things, "the existence of documentation of the changes made to 
analyze the effectiveness of the corrective action." 

[62] An official from this airline said that although the electronic 
data were lost, the airline still had the paper documentation of the 
information that was contained in the computer system. This official 
also said that the airline had implemented a new tracking system, which 
he said was an improvement over the previous system. 

[63] From 2000 to 2004, six of the eight U.S. airlines used contractors 
to audit the safety of their foreign code-share partners, although 
three used them for only one audit. U.S. airline officials said they 
sometimes used contractors because of convenience (e.g., when 
contractors were located near the foreign airlines' operations). 

[64] According to IATA, when an airline being audited implements 
immediate corrective action while the audit team is still on site, the 
audit team is permitted to exclude the recording of a finding only if 
it is able to verify full implementation of comprehensive and permanent 
corrective action. 

[65] One U.S. airline was using an auditing organization accredited by 
IATA, which is an independent business unit of that U.S. airline. 

[66] An IATA official said the average cost of conducting a safety 
audit of a foreign airline was between $50,000 and $70,000. 

[67] IATA originally set a goal of having all 265 of its members 
undergo IOSAs by January 2006, but it later revised that to having 140 
airlines undergo IOSAs by the end of 2005. As of June 2005, 88 IOSA 
audits had been completed worldwide, including 66 IATA members. In May 
2005, IATA's Board of Governors decided in principle that all IATA 
members will have to undergo IOSA. 

[68] FAA requires that the audit be conducted using an FAA-accepted 
methodology and that the airline that is relying on the audit report 
submit a compliance statement to FAA. 

[69] Five of the eight U.S. airlines participating in the Code-Share 
Safety Program belong to global airline alliances with other U.S. 
airlines in the program. Continental, Delta, and Northwest belong to 
the Sky Team Alliance, and United Airlines and US Airways belong to the 
Star Alliance. 

[70] According to IATA, any interested party, such as an airline or 
regulator, may make a request through IATA to view the audit report of 
an airline that is on the IOSA registry, which lists the airlines that 
have undergone IOSA. After a requester "qualification and verification 
process," which includes the signing of a nondisclosure agreement and 
specific approval for release by the audited airline, the report is 
made available to the requesting party. The use of IOSA audit data by 
regulatory authorities was encouraged in November 2004, according to 
IATA. 

[71] Our review pertained only to U.S. airlines' code-share 
arrangements with foreign carriers for scheduled air service, and not 
for charter or cargo air service. 

[72] GAO, Government Auditing Standards, GAO-03-673G (Washington, D.C.: 
June 2003). 

[73] We did not include the quality control and assurance general 
standard because it mainly relates to the process of peer review. 

[74] GAO, Standards for Internal Control in the Federal Government, 
GAO/AIMD-00-21.3.1 (Washington, D.C.: November 1999) and GAO, Internal 
Control Management and Evaluation Tool, GAO-01-1008G (Washington, D.C.: 
August 2001). 

[75] An independent business unit of one of the eight U.S. airlines 
participating in the Code-Share Safety Program is an auditing 
organization selected by IATA to conduct IOSAs. We had also interviewed 
staff from that organization about how the audits were conducted and 
their qualifications. 

[76] Annual data are in calendar years unless noted otherwise. 

GAO's Mission: 

The Government Accountability Office, the investigative arm of 
Congress, exists to support Congress in meeting its constitutional 
responsibilities and to help improve the performance and accountability 
of the federal government for the American people. GAO examines the use 
of public funds; evaluates federal programs and policies; and provides 
analyses, recommendations, and other assistance to help Congress make 
informed oversight, policy, and funding decisions. GAO's commitment to 
good government is reflected in its core values of accountability, 
integrity, and reliability. 

Obtaining Copies of GAO Reports and Testimony: 

The fastest and easiest way to obtain copies of GAO documents at no 
cost is through the Internet. GAO's Web site ( www.gao.gov ) contains 
abstracts and full-text files of current reports and testimony and an 
expanding archive of older products. The Web site features a search 
engine to help you locate documents using key words and phrases. You 
can print these documents in their entirety, including charts and other 
graphics. 

Each day, GAO issues a list of newly released reports, testimony, and 
correspondence. GAO posts this list, known as "Today's Reports," on its 
Web site daily. The list contains links to the full-text document 
files. To have GAO e-mail this list to you every afternoon, go to 
www.gao.gov and select "Subscribe to e-mail alerts" under the "Order 
GAO Products" heading. 

Order by Mail or Phone: 

The first copy of each printed report is free. Additional copies are $2 
each. A check or money order should be made out to the Superintendent 
of Documents. GAO also accepts VISA and Mastercard. Orders for 100 or 
more copies mailed to a single address are discounted 25 percent. 
Orders should be sent to: 

U.S. Government Accountability Office

441 G Street NW, Room LM

Washington, D.C. 20548: 

To order by Phone: 

Voice: (202) 512-6000: 

TDD: (202) 512-2537: 

Fax: (202) 512-6061: 

To Report Fraud, Waste, and Abuse in Federal Programs: 

Contact: 

Web site: www.gao.gov/fraudnet/fraudnet.htm

E-mail: fraudnet@gao.gov

Automated answering system: (800) 424-5454 or (202) 512-7470: 

Public Affairs: 

Jeff Nelligan, managing director,

NelliganJ@gao.gov

(202) 512-4800

U.S. Government Accountability Office,

441 G Street NW, Room 7149

Washington, D.C. 20548: