IG tells TSA to tighten up transportation ID security
- By Mark Rockwell
- Sep 12, 2016
Photo credit: Sheila Fitzgerald / Shutterstock.com
Background checks on port workers and others with access to secure maritime facilities could be more thorough, and better technology could help, according to a report from the Department of Homeland Security's Office of Inspector General.
The IG said the Transportation Worker Identification Credential program run by the Transportation Security Administration needs better coordination among operational components and some IT improvements to effectively evaluate applicants. The program provides ID cards to dockworkers, truckers, port employees and U.S. merchant mariners who need access to areas where hazardous or dangerous materials are stored.
Applicants' biographical data, photos and fingerprints are checked against four databases for criminal, immigration and terrorism-related offenses.
According to the IG's report, about 40 percent of applications do not trigger matches in any of the databases. TSA's automated information system electronically adjudicates and approves those applications, which can take up to a month.
However, the IG said the remaining 60 percent of applications might match one or more databases and require a manual review by adjudicators in the Security Threat Assessment Operations Adjudication Center. Depending on the complexity of the case, a decision in that review can take 140 days.
According to the IG, TSA's Office of Intelligence and Analysis has not provided sufficient oversight and guidance to ensure that changes to the program have improved its effectiveness or fortified internal control weaknesses.
Specifically, the IG said ineffective fraud detection techniques, inadequate guidance, missing quality controls and insufficient planning for recurrent vetting blunt the reliability of the background check process.
The TWIC Maritime Program Management Office, which oversees the program, tends to focus on customer service rather than the program's effectiveness, according to the IG. In addition, TSA's organizational structure can block some visibility into support offices.
The IG's report recommends that TSA increase cross-component coordination for the process overall and implement technological improvements, including end-to-end control systems, under its Technology Infrastructure Modernization program. That enterprise architecture effort began in 2014 to align TSA's security threat assessment with credentialing activities for people -- such as TWIC applicants -- who require access to transportation facilities, infrastructure, assets, sensitive security information or related security credentials or clearances.
The technology behind the TWIC program has attracted the attention of oversight bodies before. In 2013, a Government Accountability Office report found that card readers used to admit workers to secure facilities did not perform as expected.
Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.
Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.
Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.
Click here for previous articles by Rockwell.
Contact him at firstname.lastname@example.org or follow him on Twitter at @MRockwell4.