A review by the Government Accountability Office (GAO) has found that a new computer platform used by Transportation Security Administration (TSA) inspectors has affected their ability to capture data.
Since 2020, over one billion passengers have traveled on flights within the United States. TSA is responsible for securing the nation’s aviation transportation system by ensuring air carriers and airport operators comply with security requirements. TSA conducted about 28,000 inspections in 2021 to identify violations and improve security for domestic airports and passenger air carriers. GAO’s analysis of TSA data found that about nine percent of airport and air carrier inspections resulted in a finding of at least one security violation from fiscal years 2017 through 2021. If TSA identifies a violation, it can take enforcement actions ranging from counseling to civil penalties. The watchdog found that about 80 percent of noncompliance TSA inspectors identified was resolved with counseling during FY 2017 through 2021.
TSA allows airports and air carriers to develop an action plan that invests their own resources to address violations in lieu of a civil penalty. The plans partner TSA with airports and air carriers to identify the root cause of a violation. Most of the airport and air carrier officials GAO spoke with like having action plans as an option. However, GAO said TSA guidance is not clear as to when the plans are appropriate to use, such as for systemic violations.
TSA has recently started efforts to communicate this guidance to airports, air carriers, and inspectors through an industry feedback session on the Action Plan Program and provided this same information to industry. TSA is also working to obtain feedback from inspectors on the Action Plan Program and expects to develop additional written guidance for inspectors. GAO acknowledged that TSA is addressing some issues, but said it has not fully assessed user concerns, such as the need for better communication.
In March 2021, TSA transitioned to a new computer platform that inspectors are to use to record information from their compliance work. From 2003 until March 2021, TSA maintained the system on a legacy data center platform, but beginning in late 2019, it began transitioning it to a cloud-based enterprise platform. TSA IT leadership directed the agency to complete this transition around the spring or summer of 2021. TSA initially expected the data migration to take about 1 year, but as of August 2022, the migration was not complete.
Inspectors at each of the five field offices GAO visited said challenges using this platform have affected their ability to capture compliance data. For example, some of these inspectors said TSA did not adequately consult with or train users when it began transitioning data to the new platform. As a result, inspectors said they cannot edit required key data fields, such as updating points of contact or adding new regulated entities.
TSA plans to transition nine more data systems to its new platform, but has not developed a broad set of lessons learned of staff’s experiences from other systems’ transitions. GAO has recommended that it do so. The Department of Homeland Security said TSA’s IT and Compliance Offices will conduct an assessment to identify and address user concerns as it transitions to the new platform. DHS said the assessment will identify and provide a plan to address user concerns regarding challenges collecting, analyzing, and sharing information in the new platform, and will focus on the best practices associated with the new system delivery, including requirements, prioritization, testing, and training. In addition, TSA’s Enterprise Support Office, with support from several other offices, will develop the lessons learned and share these to help identify potential challenges and to ensure more effective and efficient transitions for any of the other IT systems that TSA plans to transition to the new platform.