GAO: Trusted shipping program needs work
To ensure the security of its trusted shipper program, Customs and Border Protection should improve the technology it uses to allow certified importers, carriers and brokers to avoid some scrutiny of their cargo, according to a report by government auditors.
Although CBP has made progress with its Customs-Trade Partnership Against Terrorism (C-TPAT), which rewards companies for meeting minimum security requirements, the agency needs to improve its records management system and the instruments it uses to collect information to validate security processes, according to a report the Government Accountability Office released today. The report also states that CBP should establish performance measures for improving supply chain security.
“Until CBP overcomes these collective challenges, CBP will be unable to assure Congress and others that C-TPAT member companies that have been granted reduced scrutiny of their U.S.-bound containerized shipments actually employ adequate security practices,” the report states.
The report was dated April 25, but its public release was restricted until today. Government auditors conducted their assessment from May 2006 to April 2008. GAO previously reported on challenges CBP faced in managing the C-TPAT program in 2003 and 2005. As of the end of 2007, CBP had awarded initial C-TPAT certification to almost 8,000 companies and validated the security of about 79 percent of them. Before companies can join C-TPAT, CBP evaluates their security practices to make sure they meet minimum requirements.
The GAO report states that CBP had strengthened its policies and employed a tiered program for granting benefits to importers, which account for about half of C-TPAT’s membership. The program began in 2001, and the Security and Accountability for Every Port Act of 2006 established the statutory framework for the program.
GAO made five recommendations to the Homeland Security Department and CBP for how they could bolster the program’s security:
* Improve the instruments used for validating companies' security processes.
* Require that validations include the results from audits and inspections.
* Establish a policy for security specialists to follow up with companies after they are asked to make improvements.
* Enhance the program's records management system to include all relevant data fields to track compliance with the SAFE Port Act.
* Use information collected during C-TPAT member-processing activities to develop performance measures.
CBP agreed with GAO’s recommendations.
Ben Bain is a reporter for Federal Computer Week.