What is your e-mail address?
My e-mail address is:

Do you have a password?
Forgot your password? Click here
close

Close

GAO: Secure Flight improved IT security

TSA has met most of Congress' requirements for Secure Flight

The Transportation Security Administration took action between January and April to meet Congress’ requirements for information security and privacy controls for its Secure Flight passenger watch list screening system, according to a new report from the Government Accountability Office.

“As of April 2009, TSA had generally achieved nine of the 10 statutory conditions related to the development of the Secure Flight program and had conditionally achieved one condition,” the GAO report posted on the Web today said.

Under Secure Flight, TSA officials are to screen airline passengers against watch lists of suspected terrorists. Since the 2001 terrorist attacks, commercial airlines have handled those duties for domestic flights while Secure Flight has been in development.

Congress last year established 10 conditions for the TSA to meet as it completed development of the program, including conditions for accuracy, redress, oversight, privacy, life-cycle cost estimates and information security. The agency certified in September 2008 that it had met the 10 conditions.

However, GAO's auditors reported this January that the TSA had met only five of the conditions. Requirements for information security and privacy were among the conditions that remained incomplete then.

In a follow-up review this April, GAO said nine of the 10 conditions had been met, including conditions for information security and privacy.

The GAO said the TSA since January has corrected deficiencies in information security. By March 20, the TSA had fixed all 60 high- and moderate-risk information security vulnerabilities associated with the final version of Secure Flight, the report states.

TSA met the requirement related to privacy by March 31, GAO also said.

However, to date the agency has only partially met a requirement to develop appropriate life-cycle cost estimates, expenditure plans, budgets and schedules for Secure Flight, the report states.

In late January 2009, TSA began to operate Secure Flight for a limited number of domestic flights for one airline. Secure Flight will be operating watch-list matching functions for all domestic flights by March 2010 and will begin assuming those duties for international flights at that time, GAO noted.

About the Author

Alice Lipowicz is a staff writer for Federal Computer Week.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

eSeminar

  • Where Cyberwarfare and Cybersecurity Meet

    We invite you to attend the third event in this three-part series on Cybersecurity. 1105 Government Information Group will present a panel of government and cybersecurity experts including Gregory T. Garcia, the nation's first presidentially-appointed Assistant Secretary for CyberSecurity and Communications with the U.S. Department of Homeland Security, 2006-2008; and Jeffrey Carr, cyber strategies consultant and author of Inside Cyber Warfare, in this editorial webcast on Tuesday, April 13 at 11 a.m., where they will discuss the cyberwarfare threat to both industry and government, as well as strategies to consolidate the wider cybersecurity mission. Read more

Federal Computer Week eNewsletters

  • Subscribe to Newsletters Subscribe

    Federal Computer Week's eNewsletters deliver the latest policy and management news to your inbox.

Highlights from the current issue