Transportation Security Information Sharing: Stakeholders Generally Satisfied but TSA Could Improve Analysis, Awareness, and Accountability
Highlights
The U.S. transportation system, comprised of aviation, freight rail, highway, maritime, mass transit and passenger rail, and pipelines, moves billions of passengers and millions of tons of goods each year. Disrupted terrorist attacks involving rail and air cargo in 2010 demonstrate the importance of effective information sharing with transportation security stakeholders. The Transportation Security Administration (TSA) is the lead agency responsible for communicating security-related information with all modes. In response to the Implementing Recommendations of the 9/11 Commission Act of 2007, GAO assessed 1) the satisfaction of transportation stakeholders with the quality of TSA's transportation security information products, 2) satisfaction with mechanisms used to disseminate them, and 3) the extent to which TSA's roles and responsibilities are clearly defined. GAO surveyed 335 aviation, rail, and highway stakeholders (with an 82 percent response rate); reviewed agency planning documents; and interviewed industry associations, transportation stakeholders, and Department of Homeland Security officials. An electronic supplement to this report--GAO-12-67SP--provides survey results.
Recommendations
Recommendations for Executive Action
Agency Affected | Recommendation | Status |
---|---|---|
Department of Homeland Security | To help strengthen information sharing with transportation stakeholders and ensure that stakeholders receive security-related information in a timely manner, the Secretary of Homeland Security should direct the Assistant Secretary for the Transportation Security Administration, to the extent possible, to address the need expressed by stakeholders by providing more actionable analysis in TSA's transportation security-related information products. |
In 2013, TSA began publishing a quarterly, multi-modal threat assessment to provide all transportation modes a more up-to-date assessment than the agency's prior assessments of individual modes. According to TSA officials, this assessment is a concise look at the threat to all the modes and is published at both the secret and unclassified levels. As of March 2014, TSA officials stated that the agency's products report trends, tactics, techniques, and procedures to help transportation security owners and operators implement more effective countermeasures. TSA has also integrated intelligence analysis and risk assessment capabilities into its threat analysis, which, according to TSA officials, improved the agency's ability to analyze and share data with its stakeholders. TSA officials also stated that they have added material to their products, such as suspicious activities, current trends and patterns, and indicators and warnings related to each mode, to help stakeholders update and validate their current countermeasures and polices. In April 2014, GAO reviewed examples of TSA transportation security-related information products and found that they included the actionable analysis as described by TSA officials. This recommendation is closed as implemented.
|
Department of Homeland Security | To help strengthen information sharing with transportation stakeholders and ensure that stakeholders receive security-related information in a timely manner, the Secretary of Homeland Security should direct the Assistant Secretary for the Transportation Security Administration, in coordination with other DHS components, to conduct targeted outreach efforts to aviation, rail, and highway stakeholders to increase the number of transportation stakeholders who are receiving security-related information products and are made aware of security information available through the HSIN-CS portal. |
In 2011, we conducted a survey of transportation stakeholders' satisfaction with the Transportation Security Administration's (TSA) information-sharing efforts and found that almost 60 percent (158 of 266) of stakeholders we surveyed had never heard of the Homeland Security Information Sharing Network Critical Sectors portal (HSIN-CS)--a primary mechanism for sharing security-related information with critical sectors, including transportation stakeholders. As a result, we recommended that the Assistant Secretary for the Transportation Security Administration, in coordination with other DHS components, conduct targeted outreach efforts to aviation, rail, and highway stakeholders to increase the number of transportation stakeholders who are receiving security-related information products and are made aware of security information available through the HSIN-CS portal. In March 2015, TSA provided evidence that the number of times stakeholders viewed information on HSIN-CS tripled from 2012 to 2014. Further, in June 2015, TSA provided additional evidence of its actions to conduct targeted outreach to these stakeholders. Specifically, TSA officials sent separate emails to aviation, rail, and highway stakeholders listing products TSA had posted on HSIN along with information on how to register for a HSIN account if stakeholders did not already have one. These efforts are consistent with our recommendation.
|
Department of Homeland Security | To help strengthen information sharing with transportation stakeholders and ensure that stakeholders receive security-related information in a timely manner, the Secretary of Homeland Security should direct the Assistant Secretary for the Transportation Security Administration to coordinate with other DHS components to improve the ability to readily locate information in TSA security-related information products on HSIN-CS. |
In response to this recommendation, in June 2012, TSA told us it had developed a project plan to enhance information sharing by working with the DHS, TSA, and HSIN user communities to address HSIN portal design and protocols to improve the timeliness and accessibility of information. As of March 2014, TSA had coordinated with DHS in the transition to the Homeland Security Information Network Release 3 (HSIN R3), which was launched in September 2013. As noted in a July 2013 DHS Inspector General Report, the ability to improve the search and retrieval of content using standardized content tagging terms was one of six capability gaps that HSIN R3 was designed to address. TSA also has a full-time Information Sharing Analyst who works with DHS on HSIN R3 compliance. In addition, HSIN and TSA officials stated that they have collaboratively sought to expand reporting capability on stakeholder metrics and to make HSIN more user-friendly. TSA officials stated that HSIN R3 has improved capabilities for retrieving information. This recommendation is closed as implemented.
|
Department of Homeland Security | To help strengthen information sharing with transportation stakeholders and ensure that stakeholders receive security-related information in a timely manner, the Secretary of Homeland Security should direct the Assistant Secretary for the Transportation Security Administration to establish outcome-oriented performance measures to help assess the results of efforts to provide useful and timely transportation security information through the HSIN-CS portal. |
We found that TSA lacked outcome-oriented performance measure to assess the effectiveness of its outreach and security-related product dissemination to transportation stakeholders through HSIN. As a result, we recommended that TSA establish such measures to help assess the results of its efforts to provide useful and timely transportation security information through HSIN. In March 2015, TSA approved the establishment of two performance measures related to its information-sharing efforts, including products disseminated through HSIN. These measures will assess whether customers report satisfaction with TSA's products, and whether customers report that they found the information valuable. These measures are consistent with our recommendation.
|
Department of Homeland Security | To help strengthen information sharing with transportation stakeholders and ensure that stakeholders receive security-related information in a timely manner, the Secretary of Homeland Security should direct the Assistant Secretary for the Transportation Security Administration to clearly define and document the specific information-sharing programs, activities, roles, and responsibilities for each TSA division and provide this information to the appropriate stakeholder groups. |
In response to this recommendation, in January 2016 TSA published an updated Transportation Security Information Sharing Environment (TSISE) that details TSA's information sharing program, including the offices involved, dissemination channels, and products. Further, the TSISE documents the roles and responsibilities of offices within TSA that create, receive, or disseminate transportation security information. The TSISE also provides information on the specific information-sharing programs and activities of each office. TSA posted the TSISE to HSIN, which makes it accessible to transportation stakeholders. Including these components in the TSISE and sharing the TSISE with stakeholders is consistent with our recommendation.
|