Appendix I GAO Recommendations on Combating (Continued From Previous Page) GAO recommendations Status of recommendations We recommend that the Attorney General direct the FBI Director to Partially implemented. The Department of Justice and the FBI sponsor a national-level risk assessment that uses national intelligence estimates and inputs from the intelligence community and others to help form the basis for and prioritize programs developed to combat terrorism. Because threats are dynamic, the Director should determine when the completed national-level risk assessment should be updated. agreed to our recommendation. According to the FBI, it is currently working on a comprehensive national-level assessment of the terrorist threat to the U.S. homeland. The FBI said that this will include an evaluation of the chemical and biological weapons most likely to be used by terrorists and a comprehensive analysis of the risks that terrorist would use WMD. The FBI estimates the assessment will be completed in November 2002. Combating Terrorism: Chemical and Biological Medical Supplies Are GAO recommendations We recommend that the Department of Health and Human Services' (HHS) Office of Emergency Preparedness (OEP) and Centers for Disease Control and Prevention (CDC), the Department of Veterans Affairs (VA), and U.S. Marine Corps Chemical Biological Incident Response Force (CBIRF) establish sufficient systems of internal control over chemical and biological pharmaceutical and medical supplies by (1) conducting risk assessments, (2) arranging for periodic, independent inventories of stockpiles, (3) implementing a tracking system that retains complete documentation for all supplies ordered, received, and destroyed, and (4) rotating stock property. Status of recommendations Partially implemented. Three of the recommendations have been implemented. However, only VA has implemented a tracking system to manage the OEP inventory. CDC is using an interm inventory tracking system. CBIRF has upgraded its database program to track medical supplies, and is working toward placing its medical supply operations under a prime vendor contract. To improve the effectiveness and increase the impact of the vulnerability assessments and the vulnerability assessment reports, we recommend that the Secretary of Defense direct the Chairman of the Joint Chiefs of Staff to improve the vulnerability assessment reports provided to installations. Although the Joint Staff is planning to take some action to improve the value of these reports, we believe the vulnerability assessment reports should recommend specific actions to overcome identified vulnerabilities. To ensure that antiterrorism/force protection managers have the knowledge and skills needed to develop and implement effective antiterrorism/force protection programs, we recommend that the Secretary of Defense direct the Assistant Secretary of Defense for Special Operations and Low-Intensity Conflict to expeditiously implement the Joint Staff's draft antiterrorism/force protection manager training standard and formulate a timetable for the services to develop and implement a new course that meets the revised standards. Additionally, the Assistant Secretary of Defense for Special Operations and Low-intensity Conflict should review the course content to ensure that the course has consistency of emphasis across the services. Status of recommendations Not implemented. DOD believes that the changes in process at the time of our report addressed our recommendations. DOD is still in the process of implementing these actions. Partially implemented. DOD revised its training standards for antiterrorism/force protection managers, but the Army has not implemented the new training standards. Appendix 1 GAO Recommendations on Combating (Continued From Previous Page) GAO recommendations We recommend that the Joint Chiefs of Staff should develop an antiterrorism/force protection best practices or lessons learned program that would share recommendations for both physical and process-oriented improvements. The program would assist installations in addressing common problems-particularly those installations that do not receive Joint Staff Integrated Vulnerability Assessment reports or others who have found vulnerabilities through their own assessments. To provide Congress with the most complete information on the risks that U.S. Forces overseas are facing from terrorism, we recommended that the Secretary of Defense direct the services to include in their next consolidated combating terrorism budget submission information on the number and types of antiterrorism/ force protection projects that have not been addressed by the budget request and the estimated costs to complete these projects. Information on the backlog of projects should be presented by geographic command. Status of recommendations Partially implemented. The Joint Chiefs of Staff have undertaken a number of lessons learned programs, but not all of the programs that would address this recommendation are operational. Not implemented. DOD did not concur with this recommendation. DOD believes that there is no need to provide the additional information to Congress. Combating Terrorism: Federal Response Teams Provide Varied Capabilities; Opportunities Remain to Improve Coordination (GAO-01-14, Nov. 30, 2000). Recommendations, p. 27. GAO recommendations To guide resource investments for combating terrorism, we recommend that the Attorney General modify the Attorney General's Five-Year Interagency Counterterrorism and Technology Crime Plan to cite desired outcomes that could be used to develop budget requirements for agencies and their respective response teams. This process should be coordinated as an interagency effort. We recommend that the Director, FEMA, take steps to require that the WMD Interagency Steering Group develop realistic scenarios involving chemical, biological, radiological, and nuclear agents and weapons with experts in the scientific and intelligence communities. We recommend that the Director, FEMA, sponsor periodic nationallevel consequence management field exercises involving federal, state, and local governments. Such exercises should be conducted together with national-level crisis management field exercises. Status of recommendations Partially implemented. The Department of Justice asserted that the Five-Year Plan included desired outcomes. We disagreed with the department and believed what it cited as outcomes are outputsagency activities rather than results the federal government is trying to achieve. The National Strategy for Homeland Security, issued in July 2002, supercedes the Attorney General's Five-Year Plan as the interagency plan for combating terrorism domestically. This strategy does not include measurable outcomes, but calls for their development. FEMA agreed with the recommendation. GAO is working with FEMA to determine the status of implementation. In June 2002, the President proposed that a new Department of Homeland Security take the lead for developing and conducting federal exercises to combat terrorism. FEMA agreed with the recommendation. GAO is working with FEMA to determine the status of implementation. In June 2002, the President proposed that a new Department of Homeland Security take the lead for developing and conducting federal exercises to combat terrorism. Appendix i GAO Recommendations on Combating Terrorism and Homeland Security Combating Terrorism: Accountability Over Medical Supplies Needs GAO recommendations Status of recommendations We recommended that the Secretary of HHS require the Director of CDC Partially implemented. CDC has implemented two of our to • execute written agreements as soon as possible with all CDC's partners covering the storage, management, stock rotation, and transporting of medical supplies designated for treatment of biological or chemical terrorism victims; ⚫ issue written guidance on security to private warehouses that store stockpiles; and ⚫ to the extent practical, install proper fencing prior to placing inventories at storage locations. recommendations and partially implemented one. Specifically, it has not finalized agreements with private transport companies to transport stockpiles in the event of a terrorist attack. It is currently using contracts between the lederal government and the transport companies. We recommend that the Secretary of HHS require the Director of OEP to Implemented. OEP has implemented all eight of our ⚫finalize, approve, and issue an inventory requirements list; recommendations. • improve physical security at its central location to comply with Drug Enforcement Agency regulations, or move the supplies as soon as possible to a location that meets these requirements; ⚫ issue a written policy on the frequency of inventory counts and acceptable discrepancy rates; ⚫ finalize and implement approved national and local operating plans addressing VA's responsibilities for the procurement, storage, management, and deployment of OEP's stockpiles, • train VA personnel and conduct periodic quality reviews to ensure that national and local operating plans are followed; and • immediately contact Food and Drug Administration or the To ensure that medical supplies on hand reflect those identified as being Implemented. CBIRF has implemented all of our Appendix I GAO Recommendations on Combating Critical Infrastructure Protection: Significant Challenges in Developing National Capabilities (GAO-01-323, Apr. 25, 2001). Recommendations, pp. 57, 68, and 85. GAO recommendations We recommend that the Assistant to the President for National Security Affairs, in coordination with pertinent executive agencies, • establish a capability for strategic analysis of computer-based threats, including developing a related methodology, acquiring staff expertise, and obtaining infrastructure data: • develop a comprehensive governmentwide data-collection and analysis framework and ensure that national watch and warning operations for computer-based attacks are supported by sufficient staff and resources; and • clearly define the role of the National Infrastructure Protection Center (NIPC) in relation to other government and private-sector entities, including lines of authority among NIPC and NSC, Justice, the FBI, and other entities; NIPC's integration into the national warning system; and protocols that articulate how and under what circumstances NIPC would be placed in a support function to either DOD or the intelligence community. We recommend that the Attorney General task the FBI Director to require the NIPC Director to develop a comprehensive written plan for establishing analysis and warning capabilities that integrates existing planning elements and includes • milestones and performance measures; • approaches (or strategies) and the various resources needed to achieve the goals and objectives; Status of recommendations Partially implemented. According to the NIPC director, NIPC has Partially implemented. The NIPC Director recently stated that NIPC • a description of the relationship between the long-term goals and needed to reach the specific goals and objectives for the Analysis objectives and the annual performance goals; and ⚫ a description of how program evaluations could be used to establish or revise strategic goals, along with a schedule for future program evaluations. and Warning Section. According to NIPC officials, the NIPC continues to work on making its goals more measurable, better reflect performance, and better linked to future revisions to strategic goals. |