In connection with this audit of the TSC, as required by generally accepted government auditing standards, we reviewed management processes and records to obtain reasonable assurance about the organization’s compliance with laws and regulations that, if not complied with, in our judgment, could have a material effect on TSC operations. Compliance with laws and regulations applicable to the management of the TSC is the responsibility of the TSC’s management.
Our audit included examining, on a test basis, evidence about laws and regulations related to the maintenance and sharing of information on suspected or known terrorists. The specific laws and regulations we reviewed included the relevant portions of:
Intelligence Authorization Act, Public Law 108-177;
Homeland Security Presidential Directive 6; and
Homeland Security Presidential Directive 11.
Our tests of the consolidated terrorist watchlist identified weaknesses related to the accuracy and completeness of the data which is discussed fully in Findings I, II, and III. The requirements for an accurate and complete watchlist are contained in HSPD 6.
With respect to areas that were not tested, nothing came to our attention that caused us to believe that the TSC management was not in compliance with the laws and regulations cited above.