This snapshot revealed that most officers feel that their organizations do not have a clear mandate and commitment to HomelandSecurity. While most respondents agree that the policemission has changed after 9/11, it appears that there still is no clearly defined mission and that there is little evidence that police departments have established a specific vision and role for the HomelandSecuritymission. This does not appear to be only a local issue. Across the country, there seems to be a similar range of perceptions of the policing mission and HomelandSecurity. This lack of clarity has then filtered down to state and local police agencies. Leadership commitment to HomelandSecurity is less obvious (than measurable activities such as training and exercise) when examining changes in business practices such as additional policies and procedures to address new challenges. This is unusual for bureaucratic organizations because the development of policies and procedures is typically a classic reactive method to address new issues. Leadership commitment can also be measured by funding priorities for agencies. Officers reported that they did not perceive a change in priorities toward funding HomelandSecurity practices.
Contingency planning is a systematic approach for identifying what can go wrong in a situation. A system owner should try to identify contingency events and be prepared with plans, strategies, and approaches for avoiding, coping with, or even exploiting them. Our audit included a review of contingency plans for seven DHS enterprise mission essential systems, which are widely used by all DHS components. These seven systems are under the control and supervision of either the DHS OCIO or the U.S. Customs and Border Protection (CBP). The enterprise mission essential systems under the direct control of the DHS OCIO are OneNet, DC1, DC2, Redundant Trusted Internet Connection, and Email as a Service. The enterprise mission essential systems under the control of CBP are the CBP NOC and the CBP SOC. We identified areas for improvement in DHS’ contingency planning that may maintain the availability of these seven systems in the event of a disruption.
Because of staffing shortages and commitments to its primary mission areas, US-CERT has not dedicated specific staff to oversee or manage its international relationships on a regular basis. According to US-CERT, if additional staffing resources were made available, they could foster better relationships with international CERTs. This might include participating in more regional events, reviewing and following up on its cyber report distributions, and organizing additional international CERT site visits. In the draft DHS Implementation of the President’s Strategy, the Department acknowledged the need for additional human resources to support international engagements and meet the United States’ cybersecurity and foreign policy objectives.
The Coast Guard’s contract required delivery of the lead FRC within 2 years of contract award. Additionally, the contract stipulates that the Coast Guard exercise an option to purchase a set number of additional FRCs each fiscal year, or the remainder of the contract options will be terminated. The contract allows the Coast Guard to purchase three FRCs under option one for low-rate initial production, and four or six for every option thereafter under full-rate production. This contract structure has limited the Coast Guard’s ability to restrict its FRC low-rate initial production to fewer than three to four FRCs annually until operational test and evaluation is completed and the Coast Guard is certain that the FRC will meet its mission needs.
The Department did not concur with Recommendation #7. TSA stated that access to criminal records is controlled by statute, regulations implemented by the Department of Justice, state laws, and policy. Therefore, TSA's ability to conduct a name-based criminal records check would depend on the reason for the search and type of activity taking place at a Coordination Center. TSA noted that, while expanded access to federal law enforcement data systems is an overall TSA goal, pushing access to federal law enforcement information sources to the Coordination Centers is not the most effective solution. The primary role of the Coordination Centers is to provide local support to TSA daily mission operations while monitoring transportation-related information sources within airports. Coordination Centers work in concert with TSA's
Dispersant application requirements assume 12 hours of daylight in each tier period as a planning standard, not a performance standard. More precisely, tier 1 assumes that daylight begins upon notification and ends at hour 12. For tier 2, planners can estimate daylight to begin at hour 24 and end at hour 36 and for tier 3, daylight begins at hour 48 and ends at hour 60. This is a planning standard, not a performance standard, which presumes that average daylight over a 12-month period is 12 hours. The 12-hour assumption permits practical planning for an oil spill; however seasonal variance should be taken into account during actual response operations. As noted previously in this discussion of comments section, rather than including tables approximating dispersant delivery response times in the regulations, we have decided to reference NOAA’s Dispersant Mission Planner 2 (DMP2). The DMP2 is available from the Internet at the following URL: http://
OIG Analysis: CBP’s comments do not appear to address the recommendation, which will remain open and unresolved until CBP provides specific documentation that details how it plans to achieve the UAS mission availability objective and acquire funding to provide necessary operations, maintenance, and equipment. Recommendation #2: Develop and implement procedures to coordinate and support stakeholders’ mission requests.
Recognizing that there is no generally accepted definitive definition of homelandsecurity, it is important to understand that the current and varied definitions come from various sources. The first is from a historical perspective, as primarily detailed in the following text. The second is also from a historical perspective, but related more to the evolution of governmental usage of the term as found in documents such as presidential directives and commission reports. A third source, and closely related to the second, is found in federal strategic documents attempting to wrestle with the definition, but in a post 9-11 environment. A fourth source comes not from abstract strategy but instead from a focus on the mission and goals of homelandsecurity in this same post-9-11 world. Finally, we can return to Bellavita’s analysis, in which he argues that the definition has actually developed in eight different areas and has not yet reached a shared definition, although some of the definitions do share certain elements. It is to these four perspectives that we now turn.
Personnel using social media to support mission operations told us that there was a need for additional policies or procedures that address the various challenges and questions relating to the use of social media. Component level procedures for employees who want to create new social media accounts for official purposes, or who are using social media for surveillance and interaction with individuals online, had not been developed. This has led to confusion as to what legal, privacy, and information security boundaries exist when using social media to perform operational tasks. For example, one program office used social media sites to monitor the activities of benefit applicants to help detect fraud. However, it was determined that the office did not have the proper authority to use social media for undercover work, and the use of social media was halted within the component.
The state distributed almost 19,000 individual personal protective equipment (PPE) complements to emergency medical services (EMS) and law enforcement agencies (LEA) statewide. The PPE included breathing masks, chemical suits, gloves, boots, and related accessories. PPE was distributed to some local agencies that did not need or want the equipment. We visited 43 EMS, fire, and LEA agencies and noted several different levels of effective use of the PPE. Some agencies claimed they were waiting to obtain training. One agency supervisor indicated he and his staff did not even know how to assemble the PPE components. At the police departments for the cities of Kansas City and St. Louis, as well as other locations, PPE remained unopened and stored in its original boxes. Furthermore, SEMA did not adequately monitor the distribution of the PPE and does not have accurate records of the various agencies that received equipment.
About the Editors
Simon Hakim is a professor of economics and the director of the Center for Com- petitive Government at Temple University. He earned M.A. and Ph.D. degrees in Regional Science from the University of Pennsylvania. He also earned an M.Sc. degree in City and Regional Planning from the Technion, Israel Institute of Tech- nology and a B.A. degree in Economics at Hebrew University in Jerusalem. His special areas of research and teaching are privatization, public policy, private/public police and homelandsecurity. Dr. Hakim published fifty-eight scientific articles in leading economic, criminal justice, security and public policy journals. He wrote over forty professional articles and edited fourteen books. He wrote with Professor Blackstone a major book on the security industry.
of firefighters, police, paramedics, and the National Guard. A standing Emergency Management Assistance Compact allows Governors to request additional National Guard support from other States. Federal assistance can only be made available after a Governor declares a State disaster or emergency and submits a request for assistance to the President. This process is mandated by the Stafford Act and is designed to respect the sovereignty of States as stipulated in the Tenth Amendment to the Constitution. Once the President approves a Governor’s request, FEMA is given responsibility for coordinating the Federal response and delivering ESF support to the States. Various Federal agencies are assigned primary and supporting roles in delivering ESF capabilities. As a support agency for all ESFs, the Department of Defense stands ready to lend Defense Support of Civil Authorities when requested. Under exceptional circumstances, the President may pre-position Federal support in advance of an expected disaster, as was the case with Hurricane Sandy in 2012. Otherwise, the Department of HomelandSecurity will deploy a Federal Coordinating Officer to advise the State Coordinating Officer in preparing and submitting individual Requests for Assistance. Deployed Federal assets establish a base of operations and conduct missions as assigned by the Incident Commander. State and Local officials retain control over all response and recovery operations. Of course, Federal assistance doesn’t come free. In accordance with the Stafford Act, State and Local governments are committed to reimbursing the Federal government up to 25%, and possibly more of the total costs. This provision makes States understandably judicious in what Federal assistance they request. FEMA continues to elicit State and Local cooperation through the HomelandSecurity Grant Program. In order to guide State and Local investments towards building Core Capabilities that will decrease their dependence on Federal assistance, all HSGP participants are required to annually update a Threat and Hazard Identification and Risk Assessment. HSGP, NIMS, and NRF are generally considered successful programs, and largely credited for improving the nation’s overall readiness to respond to disasters, both natural and manmade. (White, Bynum, & Supinski, 2016)
Relationship with the State of New Jersey: Currently, FEMA maintains an effective working relationship with State officials; however, one of the challenges will be to maintain this relationship throughout the disaster recovery process. Given the amount of damage the State experienced, the recovery period for Sandy will be longer than any of the State’s previous disasters. FEMA personnel who worked at the start of the disaster will go home, as new individuals arrive to replace them. State personnel will also rotate in and out of the Joint Field Office. Such staff changes can affect the relationship between FEMA and the State over time because individuals differ in how they interact with others. Several long-time FEMA personnel said that New Jersey was among the most responsive and cooperative States that they had ever worked with during the response phase of a disaster. One FEMA official attributed this positive relationship to the fact that New Jersey’s Office of Emergency Management is located within New Jersey’s State Police, and is staffed with police officers. In that official’s opinion, because the New Jersey Office of Emergency Management has a hierarchal structure, principles such as discipline, integrity, and a cooperative spirit fit well with FEMA’s structured approach to disaster response.
During the project approval process, one of FEMA’s roles is to conduct insurance reviews to determine if the grant applicant previously received assistance for the damaged facility. To review historical assistance
information, it is often necessary to query three databases that span several decades. The earliest is the Automated Disaster Assistance Management System (ADAMS), followed by the National Emergency Management Information System (NEMIS) and the Emergency Management Mission Integrated Environment (EMMIE 6 ). The systems do not reliably indicate whether FEMA provided assistance to repair or replace a specific facility in a prior disaster. Moreover, FEMA does not have a tool to
The mobility provided by laptop computers with built-in wireless Internet features has increased the productivity of the Federal workforce. However, the popularity of laptops across the Federal Government has also increased the risk of theft and unauthorized disclosure of sensitive data. To assist the component in accomplishing its mission, USCG personnel use both desktop and laptop computers to perform their assigned duties. As of November 2012, more than 15,000 laptops were reported in USCG’s inventory. These laptops are used by USCG personnel while they are on temporary duty at a different location, teleworking, on travel, or on vessels.
C. Information Sharing Guidelines
1. Information Sharing Classifications:
a. UNCLASSIFIED: Dissemination has no restrictions.
b. FOR OFFICIAL USE ONLY (FOUO): Dissemination is restricted to those who have law enforcement or public safety responsibilities with regard to homelandsecurity, or to individuals who have a need to know/right to know based on the execution of their official duties in order to protect the public. This includes critical infrastructure partners whose position or role gives them a need to know/right to know.
In furtherance of the Acts mission, an Under Secretary for Science and Technology (Dr. Charles E. McQueary has been identified as the initial Under Secretary) shall be appointed to direct, fund, conduct and coordinate national research, development and procurement efforts in support of homelandsecurity, including measures seeking to (a) prevent the importation of terrorist weapons and material and (b) detect, prevent, protect against, and respond to terrorist attacks, by:
The amendment, sponsored by Nunn, Lugar, and Pete V. Domenici, R-N.M., proposed to authorize $235 million to counter terrorism, including $61 million for research on devices to detect and prevent the spread of “weapons of mass destruction.” The Defense and Energy departments would be authorized, under some circum- stances, to respond to a domestic terrorist attack that employed nuclear, chemical, or biological weapons and to spend up to $80 million to help local police, fire, and emergency medical service agencies prepare for such an attack. The amendment also included $94 million to expand the scope of the Nunn-Lugar program to include activities such as disposing of spent nuclear fuel from Rus- sian warships and rebuilding some nuclear power plants so they could not produce radioactive material for use in weapons produc- tion. (Congressional Quarterly, 1997, p. 8-8.)
the system that allow it to effectively and efficiently perform its assigned mission over time. The support characteristics of the system include both supportability aspects of the design and the support elements necessary for system operation. (2) Comparison between the outputs obtained and the set goals for outputs of a process. (3) A quantitative measure characterizing a physical or functional attribute relating to the execution of an operation or function. Performance attributes include quantity (how many or how much), quality (how well), coverage (how much area, how far), timeliness (how responsive, how frequent), and readiness (availability, mission/operational readiness). Performance is an attribute for all systems, people, products, and processes including those for development, production, verification, deployment, operations, support, training, and disposal. Thus, supportability parameters, manufacturing process variability, reliability, and so forth, are all performance measures.
they were not consulted. Industry officials are unsure of the reason but mentioned that ISCD changed contractors prior to SSP development.
According to industry officials, the SSP tool does not require facilities to provide all information necessary for ISCD to complete the SSP review process. The SSP tool is primarily a list of yes or no questions with some short answer questions. The tool also includes a number of text boxes that provide facilities with the option to include additional information. It is not a security plan and is of limited use to facilities. Many industry officials described filling out the SSP tool as time and resource intensive. Yes or no questions do not always allow facilities to account for unique site characteristics, such as a natural security barrier. For example, a facility may have fencing on three sides but a cliff on the fourth. ISCD officials assumed that industry would use the optional text boxes to expand upon its answers in the SSP to describe security measures. This assumption