Review of the Terrorist Screening Center
(Redacted for Public Release)
Audit Report 05-27
Office of the Inspector General
The TSC has made significant progress in consolidating the U.S. governmentís approach to terrorist screening. Most importantly, it has created a database that has been used to integrate terrorist information that previously existed in myriad systems and formats and established an around-the-clock call center to assist in ascertaining the identity of encountered individuals. However, the TSC must build on its initial accomplishments and address the areas of weakness that we have identified, including the efficiency, accuracy, and completeness of its database and the management of its call center activities. TSC managers must also ensure that the organization is adequately planning for future improvements to its operations.
The Director of the TSC informed us that because the TSC is relatively new, it has not yet established a formal procedure to evaluate the organizationís overall effectiveness. Such procedures are important to ensure the TSC is as helpful as possible to assist law enforcement in the identification of potential terrorists. In April 2004, the TSC Director began to informally track the successes of the TSDB, as well as the "holes" in operations and communications identified by TSC staff. As of October 2004, however, the tracking process had not yet been formalized.
As of March 2005, the TSC had no formal strategic plan by which to guide its progress, staffing, organizational structure, and future planning. A strategic plan should provide a road map for an organization to achieve its strategic goals and objectives. This formal document also should provide the strategies and methods for evaluating the performance of an organization. TSC managers have indicated that they are working to develop a strategic plan from the outline that was conceived at the inception of the organization. However, while they appear to understand the importance of creating such a plan, they told us they do not view its creation as a high priority or an essential task at this point in time.
We believe that strategic planning efforts would assist the TSC in addressing the most significant weaknesses that we identified Ė namely, the watch list errors and omissions, deficiencies in the management of the call center, and the immaturity of the agencyís information technology environment and controls. In performing the tasks that are necessary to develop a comprehensive strategic plan, TSC managers should identify the need for personnel, experience, and skill sets necessary to staff, train, and manage the various TSC units in order to fulfill the goals and objectives of the organization. The identification of the knowledge, skills, and abilities that staff members need to perform the necessary functions within the TSC may also lead to the recruitment of different types of employees from different sources. With a strong strategy in place for the various units of the organization, TSC managers should identify the controls necessary to ensure data is protected, procedures are established and followed, and personnel are adequately trained. A well-defined strategic plan would help TSC managers prioritize what must be accomplished.
We obtained and reviewed the TSCís Continuity of Operations Plan (COOP), its Emergency Action Plan, and the Disaster Recovery Plan it created using Federal Emergency Management Agency (FEMA) and Department of Justice guidance. The TSC-developed COOP, dated August 10, 2004, provides guidance and legal authority to TSC employees to facilitate a timely and effective response, relocation, resumption, recovery, and restoration of essential operations in the event of a crisis. According to the COOP, the plan offers a set of "pre-defined and flexible procedures to be used before and after a crisis to reduce ad-hoc reactions, loss of information, duplication of efforts, and prolonged disruption of mission critical services to the intelligence and law enforcement community."
Our review of the COOP indicates that the plan provides a broad, comprehensive framework that identifies key officials and units within the TSC, including roles and responsibilities; defines orders of succession and delegations of authority; delineates essential functions and activities; establishes a methodical plan for the orderly transition of functions including key operations, as well as realistic timeframes and benchmarks; determines both the mission critical data and systems necessary for effective operations; and specifies alternate operating facilities. Based on the COOP, individual departments within the TSC (such as information technology), establish and maintain their own plans, procedures, and records in support of continued operations.
With an effective date of October 25, 2004, the TSCís Emergency Action Plan (EAP) provides specific direction regarding the protection of Communication Security material and other classified material, the evacuation of personnel, and the actions to be taken in various emergency situations. The TSCís Disaster Recovery Plan (DRP), dated August 10, 2004, states that it was derived from both the COOP and the EAP. Further, the COOP and EAP were designed to include all necessary components of a DRP.
Because we did not receive the TSCís COOP, EAP, and DRP until December 2004, after we had concluded our field work, we were unable to verify if the TSC had tested the equipment, trained the employees, and performed exercises in accordance with FEMA guidelines. However, based on our field work, we have significant concerns whether certain logistical and functional obstacles have been addressed.
First, the FBI CT Watch serves as the back-up facility for the TSC but does not have access to the consolidated terrorist information database. Second, while we have been told that the TSC regularly backs up the database information onto removable media and stores the data off-site to allow for the recovery of information, none of the TSC officials we asked knew where this storage site was located. Third, we are unaware of any off-site systems that are equipped to run the TSDB software and connect to the end-user databases for data export should the TSC main facility be crippled or destroyed. Finally, according to TSC managers, [SENSITIVE INFORMATION REDACTED].
Given the security concerns we identified during our audit (such as the entry of classified information into the unclassified Encounter Management database), officials at the TSC have discussed the desire to move the Encounter Management database to a classified network. This would allow call screeners to enter classified information detailing the events of an encounter into the Encounter Management database. While call screeners would need to continue to ensure information entered is not classified at a level higher than that of the network used, this move would most likely allow for information in the CT Watch Log to be included in the language of the encounter detail. This would provide the TSC with the stronger security controls that are needed because of the high turnover of TSC detailees and the weak training program that leaves data entry vulnerable.
Officials at the TSC have also discussed the possibility of moving the TSDB to a network capable of recording material on a Law Enforcement Sensitive, Confidential, Secret, Top Secret, or other level, and transferring only appropriate material to other agencies at the applicable level of classification. For example, state and local law enforcement officials who query the NCIC database now only receive information classified as Law Enforcement Sensitive, since state and local police officers do not carry the appropriate clearances for information classified at higher levels. A classified TSC network would also allow, for example, the TSC to include in its database information of a higher classification level provided by NCTC to better identify subjects during the screening process. This information would remain on the higher classification level of the database and would not be disseminated to the majority of the TSDB users, such as local law enforcement.
Considering the problems we identified in the TSCís handling of classified information, we believe that the TSC should proceed cautiously with regard to the classification level of the network housing the TSDB and its plans to change the classification level of the TSDB as a whole. The creators of the TSC, through the September 2003 Memorandum of Understanding, clearly designated that the consolidated watch list was to be a sensitive, but unclassified subset of the available terrorist information. In addition, the MOU highlighted the importance of sharing information with all appropriate users.
Since the completion of our field work, at least two developments have occurred that will impact the operations of the TSC. Although we were unable to perform detailed audit work in each of the areas, the TSC has asserted that it is developing procedures to address these two matters, which are discussed below.
On August 27, 2004, the President signed Homeland Security Presidential Directive-11 (HSPD-11) entitled, "Comprehensive Terrorist-Related Screening Procedures." The new HSPD 11 supplements HSPD 6 and calls for greater participation from a variety of federal agencies in the development of "Öcomprehensive, coordinated, systematic terrorist-related screening procedures and capabilitiesÖ." The new directive calls for many enhancements to the current screening process, including but not limited to the elimination of any duplicative terrorist screening systems and the enhancement of information flow between the various screening programs.
One of the recommendations of the National Commission on Terrorist Attacks upon the United States (9/11 Commission) stated that the federal government should assume responsibility for checking airline passengersí names against expanded "no-fly" and "automatic selectee" lists. Presently, this function is performed by individual airlines. In response to the 9/11 Commissionís recommendations, the DHS proposed to expand its airline screening program to include both international and domestic flights. Currently, only international flights are regularly pre screened. As a result, the DHS is developing a next-generation system of domestic airline passenger pre-screening called "Secure Flight." This new system will compare passenger name record information against the information contained in the TSDB.
In partnership with other agencies, the TSC is working to expand its capacity to accommodate the anticipated workload associated with inquiries related to the approximately 1.7 million passengers who travel on domestic flights each day. The TSC anticipates needing significant additional resources to carry out this new responsibility. The TSCís FY 2006 budget includes a request for a $75 million increase for the TSCís efforts related to implementing the DHSís Secure Flight program. Congress has asked and we intend to conduct an audit of the TSCís plans for Secure Flight.
The TSC has continued to improve to its consolidated database, outreach performance, and overall development. However, prioritizing efforts to develop a formalized strategic planning document is an important step for the TSC to identify areas in need of stronger controls, enhance staffing qualifications and placement, and plan for the necessary systems and procedures that will enable the TSC to attain its goals and objectives. TSC officials also have begun preparing for disaster recovery and emergency situations, but enhancements are necessary to ensure that the TSC is prepared for these undertakings should they ever need to be set in motion. In addition, as a newly established organization, the TSC has the opportunity to enhance its performance by measuring its effectiveness as a centralized screening and coordinating center for managing terrorism-related encounters. By doing this, the TSC will more efficiently identify the successes of the organization while understanding where the weaknesses lie and the importance of resolving such matters.
We recommend that the TSC: