Federal Facilities: Improved Oversight Needed for Security Recommendations
| Report Type |
Reports and Testimonies |
| Report Date |
May 8, 2023 |
| Release Date |
May 8, 2023 |
| Report No. |
GAO-23-105649 |
Summary:
What GAO Found
The Federal Protective Service (FPS) conducts security assessments and recommends countermeasures—such as security cameras—to address vulnerabilities at federal facilities. FPS maintains a database with information on its assessments and on agencies' decisions to approve or reject these recommendations. As GAO reported in 2022, FPS data indicate that agencies did not respond to over half of FPS's recommendations in fiscal years 2017 through 2021 (GAO-22-106177).
In the discussion groups GAO held with facilities' representatives, participants cited several reasons why agencies might not act on FPS recommendations. Reasons included the cost or feasibility of implementing recommended countermeasures.
Security Cameras as an Example of a Facility Countermeasure
The Interagency Security Committee (ISC), established by Executive Order 12977, is required to oversee the implementation of appropriate countermeasures in certain federal facilities, among other responsibilities. The Department of Homeland Security (DHS) chairs this organization, which is comprised of 66 federal agencies The ISC requires non-military executive branch agencies to self-report some information on the degree to which they comply with ISC's federal security standards. For example, these agencies report on the extent to which they documented their acceptance of risk for countermeasures they did not implement. However, GAO found that ISC's oversight does not verify that these agencies have:
implemented FPS-recommended countermeasures, or
documented the acceptance of risk for those countermeasures they do not implement at their facilities.
Without an oversight mechanism to verify if these federal facilities are implementing the appropriate countermeasures or accepting the risk of not doing so, the federal government lacks reasonable assurance that such facilities are secure.
Why GAO Did This Study
FPS protects over 9,000 federal facilities with over 1.4 million employees and visitors. As part of its services, FPS conducts facility security assessments and recommends countermeasures to help address vulnerabilities at federal facilities. FPS conducts these assessments based on ISC security standards. Agencies are responsible for acting on these countermeasures.
GAO was asked to review the implementation of countermeasures recommended by FPS. This report (1) identifies information that FPS maintains on its assessments and recommendations, (2) identifies factors that affect agencies' decisions to act on these recommendations, and (3) examines how ISC assesses compliance with its security standards and countermeasures.
GAO reviewed FPS guidance on the information collected from its assessments, and how that information is entered into its database. In addition, GAO held discussion groups with officials representing 27 selected facilities where FPS conducted security assessments between 2017 and 2021, as well as FPS and ISC officials. GAO also reviewed ISC documentation and guidance.
« Return to search Government Accountability Office reports
