2154 Rayburn House Office Building
Good morning Chairman Chaffetz, Ranking Member Cummings, and distinguished members of the Committee. Thank you for the opportunity to appear before you today to discuss Transportation Security Administration’s (TSA) efforts in securing our nation’s transportation systems.
TSA is a high-performing counterterrorism organization, applying a multi-layered, intelligence-driven, risk-based approach to securing aviation, mass transit, rail, highway, and pipeline. TSA could not accomplish this essential mission without a workforce trained, equipped and committed to the safety and security of this Nation. Every TSA employee remains steadfast in the face of a threat that has not diminished more than a decade following the terrorist attacks on September 11, 2001. In fact, over the years, the adversary has become more inventive and persistent, while at the same time growing and spreading to other countries and regions. We continue to face a real and persistent threat from adversaries adept in the design, construction and concealment of explosives. As such, TSA is evolving our approach to transportation security and to mitigate risks we all face when traveling from, within and to the United States.
In pursuit of TSA’s mission, in FY 2014, Transportation Security Officers screened approximately 650 million passengers and more than 2 billion carry-on and checked bags, preventing approximately 105,000 dangerous prohibited items, including 2,300 firearms, from being carried onto planes. TSA also screened a daily average of 6 million air passengers against the U.S. Government’s Terrorist Screening Database.
Additionally, Federal Air Marshals flew thousands of flights, domestically and internationally, providing in-flight security for high risk routes; Visible Intermodal Prevention and Response teams conducted almost 17,000 operations; Transportation Security Inspectors completed over 1,054 airport inspections, 17,894 aircraft operator inspections, and 2,959 foreign air carrier inspections to ensure compliance with rules and regulations; and TSA’s vetting systems recurrently vetted 14.8 million transportation worker records each day against the Terrorist Screening Database.
Risk-Based Security (RBS)
TSA uses multi-layered, intelligence-driven, and risk-based initiatives to enhance security. These risk-based initiatives direct resources focused on high-risk and unknown travelers and commerce, while at the same time facilitating the movement of legitimate travelers and trade. RBS methods have proven more efficient in moving people through the checkpoint than standard screening lanes, requiring fewer screeners and fewer lanes than traditional screening operations to provide the most effective security in the most efficient manner. As a result, TSA continues to gain efficiencies through RBS initiatives, with savings of approximately $350 million over the past two years at airports.
In December 2013, TSA launched our TSA Pre✓® application program, which is the cornerstone of our expedited screening efforts. TSA Pre✓® is one of the Department of Homeland Security’s expedited screening enrollment programs, and was one of the first initiatives in TSA’s shift toward a risk-based and intelligence-driven approach to security. Through this program, U.S. citizens and lawful permanent residents can apply directly to participate in TSA Pre✓® and undergo a background check in order to become eligible for a period of 5 years. Passengers may qualify for the program either directly through the TSA’s Pre?® application program, or through the U.S Customs and Border Protection’s (CBP) Trusted Traveler Programs (Global Entry, SENTRI, and NEXUS).
TSA has worked closely with U.S. and foreign airlines to expand the number of airlines participating in TSA Pre✓®, and has extended eligibility for TSA Pre✓® to U.S. Armed Forces personnel, Department of Defense personnel, and U.S. Coast Guard civilian employees. More than 60,000 DOD employees benefit from TSA Pre✓® each week, and that number continues to steadily increase. TSA continues to expand the prescreening process by increasing the number of known, lower-risk travelers eligible for expedited screening. Today, over 1 million applicants are enrolled in the program.
This year, TSA will continue to focus on increasing participation in TSA Pre✓® with the goal of providing expedited screening to a majority of the traveling public. We plan to accomplish this by identifying and enrolling more low-risk populations, expanding participation to additional U.S. and foreign airlines, exploring potential opportunities to leverage private sector capabilities and expertise in the TSA Pre✓® application process, and offering additional opportunities for enrollment in TSA Pre✓®.
Access Control and Employee Screening
Each day, TSA facilitates and secures the travel of nearly 2 million air passengers at 441 airports nationwide. Controlling access to sterile (post-security screening checkpoint) airport areas is a critical part of airport operations. While the sterile area hosts passengers and air crews waiting for flights, it is also the workplace for vendors, mechanics, ground crew, and others employed by the airlines and the airports. Access control is a shared responsibility among many partners, and every airport and airline has a security plan of which access control is an important and necessary element. Airport authorities and the airlines are responsible for developing and executing security plans; TSA is responsible for approving security plans and inspecting for compliance.
TSA’s inspections include credentialing, perimeter security and testing of access control systems and processes at airports. Every commercial airport receives an annual security inspection to include an assessment of perimeter and access controls. TSA analyzes the results of these inspections and assessments to develop mitigation strategies to enhance airport security.
Transportation Security Officers and Inspectors are also deployed on a random and unpredictable basis to screen airport and airline workers as they enter for work within the secure and sterile areas. The screening protocols vary by time, location, and method to enhance unpredictability. This includes ID verifications, and searches of individuals and/or their property, using various technologies and methods in order to detect and deter the introduction of prohibited items. Additionally, airport operators are required to conduct random inspections of employees entering sterile areas, to include ID verification and checks for prohibited items. If employees fail to follow proper procedures in accessing secure areas, they may be restricted from future access, disciplined by their employer, or subject to criminal charges and civil penalties.
TSA has wide ranging authority to pursue inspections of airport security plans. Each airport operator is required to allow TSA, at any time or place, to make any inspections or tests, to determine compliance of an airport operator, aircraft operator, foreign air carrier, indirect air carrier, or other airport tenants with TSA’s regulations, security programs, security directives, and other policies. Inspections and audits are conducted by our Compliance Division and, in situations of possible non-compliance, investigations are undertaken by Transportation Security Inspectors. Enforcement Investigation Reports that yield evidence of non-compliance are jointly overseen by the airport’s Federal Security Director and by the Office of Security Operation’s Compliance Division.
Vetting and Badging Process
In addition to our regulatory role, TSA also conducts security background checks for airport and airline employees through the Secure Identification Display Area (SIDA) badging process. Airport workers are vetted before they are granted unescorted access to the secure area of the airport. TSA performs a Security Threat Assessment (STA) on those who require access to the secure/sterile area of the airport or unescorted access to cargo. When individuals apply for employment with the airport or airline, they submit information which is passed through one of several vendors to TSA for adjudication. This includes a check against the Terrorist Screening Database (TSDB). In partnership with the FBI and CBP, the individual also undergoes a Criminal History Background Check and immigration status check. Once TSA has completed the check, the information is provided to the individual’s prospective employer with access either granted or denied based on the results of the STA. TSA also continuously checks all SIDA holders against the TSDB for any changes in status.
With TSA’s Risk Based Security model, similar to what we do with travelers in TSA Pre✓®or Known Crew Member, airport workers are vetted before they are granted unescorted access to the secure area of the airport. With the STA, TSA focuses on a variety of threats to aviation security, which is particularly important given the sensitive areas where many of these individuals work. We also remain cognizant of the importance of balancing security with commerce and, and have designed a system of inspections, and random checks as a risk-based approach to access control.
Aviation Security Advisory Committee (ASAC) Report
While the measures TSA has in place for background checks, security programs, and compliance inspections provide a good baseline for access control security, the December incident of an alleged gun smuggling ring at ATL illustrated a need to consider options to close the potential vulnerability of a terrorist utilizing insider threat methods. The ASAC was the ideal consultation approach to access control vulnerabilities as their membership of industry, law enforcement, and other key stakeholders brought a broad range of perspectives to the problem of insider threat and access control. I am pleased to note that the recommendations in their 90 day review are comprehensive, thoughtful, and will help TSA achieve meaningful reforms in partnership with our aviation stakeholders. Additionally, these recommendations use a risk-based approach, allowing resources to be used in the most efficient way for the most effective security. The ASAC identified five areas where TSA and industry can take action to address potential vulnerabilities. These areas are:
- Security Screening and Inspection
- Vetting of Employees and Security Threat Assessments
- Internal Controls and Auditing of Airport-Issued Credentials
- Risk-Based Security for Higher Risk Populations and Intelligence
- Security Awareness and Vigilance
TSA appreciates the ASAC’s timely and thoughtful review, and looks forward to working with them and our industry partners to explore implementation of these recommendations.
As a result of ASAC’s review, on April 20, 2015 Secretary of Homeland Security Jeh Johnson announced a number of additional steps TSA will take to address the potential insider threat vulnerability at U.S. airports. First, until TSA establishes a system for real time recurrent criminal history background checks for all aviation workers, we will require airports and airlines to conduct fingerprint-based Criminal History Records Checks every two years for all employee SIDA badge holders. We will reinforce existing requirements that all airport and airline employees traveling as passengers are screened by TSA prior to travel. We will direct and work with airports to reduce the number of access points to secured areas to an operational minimum. Additionally, TSA will require airports to increase aviation employee screening, to include additional randomization screening throughout the workday. Finally, we will work with our stakeholder partners to emphasize and leverage the Department of Homeland Security’s “If You See Something, Say Something™” initiative to improve situational awareness and encourage detection and reporting of threat activity.
These enhancements to access control nationwide will greatly improve our effectiveness by reducing vulnerabilities and maintaining our risk-based approach to aviation security. Over the coming months, TSA will examine additional recommendations to implement in the future to continue strengthening our nation’s airports. I appreciate the ASAC’s timely and thoughtful review, and look forward to working with them and our industry partners.
Of note, the ASAC held the consensus opinion that while physical screening of employees is one means of deterring terrorist activity, 100 percent physical employee screening is not the only, or necessarily the best, solution. Requiring 100 percent physical employee screening would divert limited resources from other critical security functions. Such physical screening, moreover, would require infrastructure improvements, workforce expansion and airport reconfiguration. This would constitute an ineffective use of resources with limited security value. An ASAC working group concluded that “the provision of so-called ‘100 percent measures’ as a layer of airport security does not appreciably increase the overall level of system-wide protection, nor does it lower over-all risk.” It concluded that a random and unpredictable screening strategy would be the most cost-effective solution.
TSA plays an important role in partnership with airports and airlines in securing access to our Nation’s airports, and is committed to fielding responsive, risk-based solutions that can enhance our current security posture. I want to thank the subcommittee for your interest in TSA’s efforts to improve aviation and airport security nationwide. Thank you for the opportunity to testify today, I look forward to your questions.