[House Hearing, 112 Congress]
[From the U.S. Government Publishing Office]





                     THE ATTACKS OF SEPTEMBER 11: 
                          WHERE ARE WE TODAY?

=======================================================================

                                HEARING

                               before the

                     COMMITTEE ON HOMELAND SECURITY

                        HOUSE OF REPRESENTATIVES

                      ONE HUNDRED TWELFTH CONGRESS

                             FIRST SESSION

                               __________

                           SEPTEMBER 8, 2011

                               __________

                           Serial No. 112-42

                               __________

       Printed for the use of the Committee on Homeland Security





      Available via the World Wide Web: http://www.gpo.gov/fdsys/

                               __________



                      U.S. GOVERNMENT PRINTING OFFICE
  72-929 PDF               WASHINGTON : 2012
                                _____
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing 
Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; DC 
area (202) 512-1800 Fax: (202) 512-2104  Mail: Stop SSOP, Washington, DC 
20402-0001





                     COMMITTEE ON HOMELAND SECURITY

                   Peter T. King, New York, Chairman
Lamar Smith, Texas                   Bennie G. Thompson, Mississippi
Daniel E. Lungren, California        Loretta Sanchez, California
Mike Rogers, Alabama                 Sheila Jackson Lee, Texas
Michael T. McCaul, Texas             Henry Cuellar, Texas
Gus M. Bilirakis, Florida            Yvette D. Clarke, New York
Paul C. Broun, Georgia               Laura Richardson, California
Candice S. Miller, Michigan          Danny K. Davis, Illinois
Tim Walberg, Michigan                Brian Higgins, New York
Chip Cravaack, Minnesota             Jackie Speier, California
Joe Walsh, Illinois                  Cedric L. Richmond, Louisiana
Patrick Meehan, Pennsylvania         Hansen Clarke, Michigan
Ben Quayle, Arizona                  William R. Keating, Massachusetts
Scott Rigell, Virginia               Kathleen C. Hochul, New York
Billy Long, Missouri                 Janice Hahn, California
Jeff Duncan, South Carolina
Tom Marino, Pennsylvania
Blake Farenthold, Texas
Mo Brooks, Alabama
            Michael J. Russell, Staff Director/Chief Counsel
               Kerry Ann Watkins, Senior Policy Director
                    Michael S. Twinchek, Chief Clerk
                I. Lanier Avant, Minority Staff Director













                            C O N T E N T S

                              ----------                              
                                                                   Page

                               Statements

The Honorable Peter T. King, a Representative in Congress From 
  the State of New York, and Chairman, Committee on Homeland 
  Security.......................................................     1
The Honorable Bennie G. Thompson, a Representative in Congress 
  From the State of Mississippi, and Ranking Member, Committee on 
  Homeland Security..............................................     3
The Honorable Laura Richardson, a Representative in Congress From 
  the State of California:
  Prepared Statement.............................................     5

                               Witnesses

Hon. Lee Hamilton, Former Vice Chairman, The National Commission 
  on Terrorist Attacks Upon the United States (The 9/11 
  Commission):
  Oral Statement.................................................     6
  Prepared Statement.............................................     8
Hon. Tom Ridge, Former Secretary of Homeland Security:
  Oral Statement.................................................    12
  Prepared Statement.............................................    14
Hon. Eugene L. Dodaro, Comptroller General of the United States:
  Oral Statement.................................................    15
  Prepared Statement.............................................    16

 
                     THE ATTACKS OF SEPTEMBER 11: 
                          WHERE ARE WE TODAY?

                              ----------                              


                      Thursday, September 8, 2011

                     U.S. House of Representatives,
                            Committee on Homeland Security,
                                                    Washington, DC.
    The committee met, pursuant to call, at 10:05 a.m., in Room 
311, Cannon House Office Building, Hon. Peter T. King [Chairman 
of the committee] presiding.
    Present: Representatives King, Smith, Rogers, McCaul, 
Miller, Walberg, Cravaack, Meehan, Quayle, Duncan, Marino, 
Thompson, Sanchez, Jackson Lee, Cuellar, Clarke of New York, 
Richardson, Davis, Higgins, Speier, Richmond, Clarke of 
Michigan, Keating, and Hahn.
    Chairman King. Good morning. The Committee on Homeland 
Security will come to order. The Committee is meeting today to 
hear testimony assessing the status of Homeland Security on the 
occasion of the 10th anniversary of the September 11, 2001, 
terrorist attacks. The Chairman wishes to remind our guests 
today that demonstrations from the audience including the use 
of signs, placards, and T-shirts, as well as verbal outbursts 
are violations of the rules of the House. The Chair wishes to 
thank our guests for their cooperation in maintaining order and 
proper decorum.
    I now recognize myself for an opening statement. I want to 
welcome everyone to the hearing today. Let me especially thank 
our witnesses for being here today. Chairman Lee Hamilton, who 
had a truly outstanding career as a Member of the United States 
Congress as chairman of the Foreign Affairs Committee and 
Intelligence Committee, a person who really personified the 
very best of Congress. Then, of course, served as co-chairman 
of the 9/11 Commission and somehow we are always get him to 
come back. He has amazing stamina and dedication. Lee, it is 
great to see you here again today.
    I understand he is running late with travel today, but also 
Secretary Tom Ridge will be testifying today. Tom Ridge was the 
first Secretary of Homeland Security. Prior to that, he served 
as Governor of the Commonwealth of Pennsylvania, and also 
served 6 terms in the House of Representatives.
    Our third witness this morning is Honorable Eugene Dodaro, 
who is the comptroller general of the United States GAO.
    All of us have personal stories of September 11; no one has 
a monopoly on grief. My own case, I lost 150 constituents and 
friends on that date. You can go to other districts where there 
are as many if not more. I know many of us have spent much of 
the last 10 years working with family members of the 9/11 
victims, but it is important that we not be bogged down just in 
grief, and that we look forward and that was really, I think, 
what our country did starting September 12, 2001. We will never 
forget what happened on September 11. We do all we can for the 
families of those murdered that day, but we also do all that we 
possibly can to make sure that these attacks are never 
replicated.
    There have been any number of measures taken after that 
date; some worked, some worked very well, some not as well as 
we wanted them to, but there was and is work in progress. The 
bottom line is that we have not been successfully attacked in 
this country for 10 years, this goes over 2 administrations, 
Bush administration and the Obama administration. This is one 
issue which is probably as close to being bipartisan as 
possible. Obviously, there are some philosophical differences 
and policy differences that we have. But the fact is certainly 
when I was Chairman before and Ranking Member and Chairman now, 
I believe I always had an excellent working relationship with 
Ranking Member Thompson as we try to find common ground and try 
to minimize the differences between us.
    There have been other actions taken besides the creation of 
the Department of Homeland Security, there is the Director of 
National Intelligence, and, of course, this committee itself 
was set up in response to the attacks of September 11, which 
probably goes to one of the areas where Congress has not done 
what was supposed to be done and what was recommended by the 9/
11 Commission, and that was to consolidate jurisdiction within 
this committee as much as possible. There is still over 80, 90, 
100, whatever number we want to use, subcommittees, committees, 
and commissions that Department of Homeland Security has to 
report to. This is not a turf battle. This is a fact. We are 
sending mixed messages to the Department; we are sending mixed 
signals as far as what Congress wants in the area of Homeland 
Security and this fragmentation to me is just inviting, if not 
disaster, certainly it is preventing law enforcement and 
intelligence agencies from doing the job to the maximum by 
sending so many mixed signals.
    Again, this is an area where Ranking Member Thompson and I 
fully agree. It is an area where Secretary Ridge, Secretary 
Chertoff, and Secretary Napolitano fully agree. Just as I said, 
overall, our policies have been bipartisan both in the Congress 
and the Executive level. Also I would say the failure to 
consolidate jurisdiction has been a bipartisan failure. We in 
this committee, overall, have to do what we can to bring that 
consolidation about.
    Other areas where I have concerns have been in the area of 
grants which I believe have been spread over too many areas 
rather than focus on the areas that need them the most. I give 
Secretary Napolitano credit for condensing that somewhat and 
taking a very meaningful step in the right direction.
    I should add that in view of the excellent work that the 9/
11 Commission did, and we are not trying to draft Lee Hamilton 
back into duty, but Congressman Frank Wolf and I have 
introduced legislation to reconstitute the 9/11 Commission 10 
years after.
    Other areas where I believe we have to move forward, one 
certainly is on spectrum and D-Block. There has to be 
communication specifically allocated to police firefighters, 
first responders. No one wants to go through again what 
happened on September 11 where there was a lack of 
communication, inability to communicate and yet 10 years later, 
we have still not taken the action.
    In another regard, I would like to acknowledge in the 
audience, Chief Dodd of the NYPD; Chief Gillespie, a fire chief 
in the City of North Las Vegas; Chief Johnson of the Western 
Fire Chiefs Association, and Sheriff Fitzgerald from Storey 
County in Iowa who have really been in the forefront of 
fighting for D-Block which I believe is absolutely essential.
    We have made much progress against al-Qaeda over the past 
10 years. We cannot allow ourselves to remain complacent, but 
there is no doubt that al-Qaeda central has been tremendously 
weakened. Their leadership has been devastated, certainly 
beginning with Osama bin Laden, which was a tremendous victory 
for the United States and all those who oppose terrorism.
    At the same time, al-Qaeda has adapted its methods, it has 
morphed, it has metastasized so that we no longer face just an 
al-Qaeda central--which I believe would be very difficult for 
them to ever attack the United States the way they did on 
September 11, but now we have al-Qaeda in the Arabian 
Peninsula, we have al-Qaeda in Iraq, we have al-Shabaab, we 
have al-Qaeda attempting to recruit within our own country, 
which changes the whole nature of the struggle, attempting to 
recruit people under the radar screen. So as we have scored 
successes in one area, the enemy has adapted to it. We have to 
continue to adapt along with it.
    As we approach this weekend of September 11, I think it is 
important for all of us to think back on how horrible that day 
was, and how we told ourselves that day that we would never 
allow that to happen again. My concern is that the further we 
get from September 11, the more the horror of that day fades 
into the recesses of peoples' memories. Maybe it is human 
nature to try to put that behind us, but the further we put it 
behind us, the more we, I believe, invite another attack. 
Whether in Congress as far as the cuts we are making to 
Homeland Security, whether it is the media which somehow, in 
many ways, acts as if the struggle is over, or just the 
American People who, and it is very understandable, want to put 
this in their rearview mirror.
    The fact is the enemy is still there, and the enemy is 
still as dedicated as it was before. It has weakened, but it is 
adapting. So we have to, I believe, stand as one in a 
bipartisan way to do all we can to make sure that 9/11 never 
again repeats itself.
    So with that, I want to thank all the witness for joining 
us here today. I am privileged to yield to the Ranking Member, 
the gentleman from Mississippi, Mr. Thompson.
    Mr. Thompson. Thank you very much, Mr. Chairman. Most of 
what you said I agree with. As you said, we clearly have had a 
wonderful and positive relationship as we have switched chairs 
from time to time.
    I would also like to welcome our newest member on the 
Democratic side, Ms. Janice Hahn of California, to the 
committee. So we now have a full complement, and we look 
forward to the debate.
    Chairman King. We welcome you also, thank you.
    Mr. Thompson. Mr. Chairman, today we meet to hear testimony 
on the Nation's progress in bringing about safety, security, 
and resiliency against terrorism since the attacks of 9/11. But 
before we look back, I want to acknowledge and remember all the 
firefighters, police officers and ordinary people who lost 
their lives that Tuesday morning. Remembering those who died 
must inspire us to make this Nation better and safer.
    Mr. Chairman there is no doubt that the events of September 
11, 2001, brought about fundamental changes to this Nation. The 
events of that morning changed just about everything we know 
about aviation security, information sharing, and disaster 
response and recovery. Over time, this Government has changed 
its policies and practices, the American people have changed 
their expectations. Today, most people regard many new security 
measures as a reasonable price for security. But as we enter 
the second 9/11 decade we must begin to question the price we 
paid.
    Between 2004 and 2010, the Department spent nearly $300 
billion to secure our Nation. Several initiatives have improved 
our security and eliminated many vulnerabilities we once faced. 
Increases in the number of Border Patrol officers, the 
establishment of Secure Flight and US-VISIT, the revitalization 
of FEMA, and new attention to securing chemical and biological 
materials have all improved our security posture. All of these 
things have been good and necessary. But as we reflect on the 
past 10 years, we cannot pretend that progress has been steady 
and unimpeded. Many pointed the growth of Homeland Security 
spending and reliance on outside contractors as the beginning 
of a Homeland Security industrial complex, which may undermine 
our security in the long run.
    I cannot isolate the cause for this incredible increase in 
spending, nor can I deny that Congress' inability to 
consolidate jurisdiction is a contributing factor.
    The splintering of the jurisdiction has fractured every 
aspect of the Department's operation and decreased its ability 
to operate effectively and efficiently. The inability of 
Congress to provide the Department with one strong and steady 
hand has created opportunities for the network of companies and 
consultants who we may call the Beltway bandits.
    I hope the Chairman will work with the leadership to ensure 
that these jurisdictional hurdles are overcome. As the Chairman 
already said in his opening comments, there is enough blame on 
both sides for this jurisdictional morass that we face. This 
committee must pursue strict legislative oversight jurisdiction 
of the Department.
    Mr. Chairman, as we recall 9/11 we must remember the 
terrorist attacks of that day have caused us to fight a new 
kind of war. The war on terrorism has not only been waged in 
Afghanistan and Iraq, but has also been fought on our shores. A 
recent study reports that nearly 200 terrorism cases have been 
brought in U.S. courts since September 11. Nine out of 10 of 
those cases have ended in convictions.
    We should be proud of our success in engaging threats at 
home. But our work in securing the Nation must also assure our 
rights and freedoms. The 9/11 Commission understood this 
necessity and recommended a Privacy and Civil Liberties 
Oversight Board. Today that board is still not functional. I 
hope my colleagues will join me in requesting that appointments 
be made to this board immediately. So as I consider our 
progress since 9/11 I would call it a mixed bag. We made 
strides but still have miles to go before we can rest. I yield 
back.
    Chairman King. Thank you, Ranking Member Thompson. Other 
Members of the committee are reminded that opening statements 
may be submitted for the record.
    [The statement of Hon. Richardson follows:]
              Prepared Statement of Hon. Laura Richardson
                           September 8, 2011
    I would like to thank Chairman King and Ranking Member Thompson for 
holding this hearing today. It has been nearly 10 years since the 
devastating terrorist attacks on our country. While our country is now 
more secure, we must continue to remain vigilant against those who seek 
to do us harm and teach hate. I look forward to hearing from our 
distinguished panel of witnesses on both the successes we have had on 
combating the global war on terror and what still needs to be done to 
prevent another terrorist attack on American soil.
    On Sept. 11, 2001, America and the world were forever changed. 
Nineteen terrorists hijacked four commercial passenger jet airlines and 
intentionally crashed two of them into the World Trade Center and one 
into the Pentagon. The heroic actions of the passengers of United 
Flight 93 prevented an additional catastrophic attack. In total, the 
attacks of 9/11 resulted in a death toll of nearly 3,000 people and 
were the deadliest attacks on American soil since Pearl Harbor.
    September 11, 2001 will forever be burned into our memories. I was 
a member of the Long Beach City Council. The events on that day renewed 
my commitment to serve my country and work to ensure that we do 
everything possible to prevent another terrorist attack.
    One year after these attacks, President Bush and Congress 
established the ``9/11 Commission'' to prepare a complete report 
describing the circumstances that gave rise to the 9/11 attacks and 
recommendations that could be adopted by our Nation's security agencies 
to make sure a tragedy like this never happened again. Today, we are 
going to review the status of the commission's recommendations, and 
determine what still needs to be done.
    The creation of the Department of Homeland Security and this 
committee resulted from the attacks on 9/11. When I came to Congress, I 
was honored to have the opportunity to join the Homeland Security 
Committee.
    Despite the significant steps the Congress and Federal agencies 
have taken to deter and combat terrorist groups from attacking the 
United States, the Bipartisan Policy Center's report shows that there 
is still work to be done. I am particularly concerned about several 
issues raised in the report.
    First, the report shows that there is still a lack of a unified 
command structure among multiple agencies when responding to a 
disaster. We also still have not addressed the interoperability issue 
raised in the initial report. It is simply not acceptable that our 
first responders still do not have the ability to communicate with each 
other across multiple agencies. We must overcome the barriers that have 
developed delaying Nation-wide network dedication to public safety 
during emergencies.
    The 37th Congressional District and the State of California, of 
which I have resided since birth, is no stranger to natural disasters 
ranging from earthquakes to mudslides to wildfires. Southern 
California, my area, is also home to many high-value terrorist targets, 
such as the Port of Long Beach, oil refineries, gas treatment 
facilities, and petrochemical facilities. That is why I am especially 
committed to ensuring that my district and the Nation has the tools and 
resources to keep our people safe.
    In light of the continuing threats that exist, I cannot help but 
point out that the shortsighted cuts to Homeland Security this year are 
negligent and must be addressed. Paying homage to 9/11 and then 
proposing to cut first responders and Homeland Security's ability to 
stop the next attempt is an absence of duty in this 112th Congress.
    I look forward to hearing the testimony from our distinguished 
panel of witnesses, and I hope that we can work in a bipartisan fashion 
in implementing the remaining recommendations from the 9/11 Commission.

    Chairman King. Also, I would, at this time, ask unanimous 
consent to insert into the record the 10th Anniversary Report 
Card, the status of the 9/11 Commission recommendations 
prepared by the Bipartisan Policy Center National Security 
Preparedness Group. Without objection, so ordered.*
---------------------------------------------------------------------------
    * The information has been retained in committee files and is also 
available at http://www.bipartisanpolicy.org/library/report/tenth-
anniversary-report-card-status-911-commission-recommendations.
---------------------------------------------------------------------------
    Now--oh, Secretary Ridge, how are you? Our first witness 
this morning, as I mentioned, is Lee Hamilton, long-time 
distinguished Member of Congress, vice chairman of the 9/11 
Commission, former president of the Woodrow Wilson 
International Center for Scholars. A true gentlemen in every 
sense of the word, and if anyone serves in Congress and served 
this Nation in a bipartisan, patriotic way it was Lee Hamilton. 
Chairman Hamilton.

STATEMENT OF HONORABLE LEE HAMILTON, FORMER VICE CHAIRMAN, THE 
NATIONAL COMMISSION ON TERRORIST ATTACKS UPON THE UNITED STATES 
                     (THE 9/11 COMMISSION)

    Mr. Hamilton. Thank you very much, Mr. Chairman. I ask 
unanimous consent my statement be put in full in the record.
    Chairman King. Without objection.
    Mr. Hamilton. Mr. Chairman, Ranking Member Thompson, 
Members of the committee, thank you very much for the 
opportunity to appear with you today. This committee has 
provided outstanding and enduring support for the 
implementation of the 9/11 Commission recommendations. We are 
most appreciative of the leadership and its members for your 
support. By doing so, you are helping ensure our Nation takes 
the difficult steps necessary to confront the terrorist threat 
and protect the American people.
    Today I am appearing in my capacity as a co-chair of the 
Bipartisan Policy Center's National Security Preparedness 
Group, which is a successor to the 9/11 Commission. Through the 
NSPG, Governor Kean, who could not be here this morning, 
Governor Ridge, and I, together with a bipartisan group of 
National security experts, monitor the implementation of the 9/
11 Commission's recommendations and address emerging National 
security issues. It is a very special pleasure, of course, to 
appear with Governor Tom Ridge as well as the comptroller 
general before you this morning.
    Last week we released a report on the implementation of the 

9/11 Commission's recommendations. The good news is that 
substantial progress has been made in fulfilling many of the 
recommendations. Among these importantly is the transformation 
of the intelligence community in breaking down barriers and 
information sharing. However, the unfulfilled recommendations 
in our report indicate we are not as secure as we could or 
should be. I will cover several of them now and allow Governor 
Ridge to discuss the others.
    First unity of effort. Unity of effort for the many actors 
at a disaster scene is critical because a well-coordinated 
response saves many lives. Our Nation was not fully prepared 
for the size and complexity of the 9/11 attacks, or for that 
matter, Hurricane Katrina. Many metropolitan areas where 
multiple agencies respond to a disaster still have not solved 
the problem of who is in charge. DHS and State and local 
governments have to work together to resolve gaps in 
establishing roles and responsibilities conducting catastrophic 
disaster planning and exercising those plans. A unity of 
command, knowing who is in charge is a no-brainer in terms of 
what must be done to respond to a disaster. It is a source of 
high frustration to me, and I think other members of the 
Commission that we have not yet resolved that problem 
satisfactorily across the Nation, although some communities 
have made considerable progress.
    Second, the civil liberties and Executive power. I spent a 
good day yesterday listening, in good part, to the 
extraordinary capabilities that we have today in Government to 
surveil people and to keep track of what they are doing. I have 
had that briefing before, but I must say every time I have it, 
I am impressed over again. If you have not had the opportunity 
to hear what our capabilities are today and what they will be 5 
years, 10 years from today, I urge you, taking whatever steps 
you can, to get that briefing. We recommended in the 9/11 
Commission that a Privacy and Civil Liberties Board should be 
established to address and monitor privacy and liberty, civil 
liberty concerns across the Government.
    You will not fail to be impressed by the potential of 
Government and individuals now to intrude into the lives of 
ordinary people. Although legislation was enacted to establish 
this board it has been dormant for more than 3 years. To date, 
only two of the board's five members have been nominated by the 
President, a chairman has not been selected, the remaining 
three should be appointed immediately.
    Next, the Director of National Intelligence, the 
establishment of the Director of National Intelligence and the 
National Counterterrorism Center to coordinate the activities 
of the intelligence community, represented major progress in 
intelligence reform. However, there is some ambiguity about the 
DNI's authorities over budget and personnel, and there have 
been four DNIs in 6 years. Further clarity about that role is 
needed and that clarity could come either from additional 
legislation or by action of the President with repeated 
declarations from him that the DNI is the unequivocal leader of 
the intelligence community with regard to budget and personnel 
and other matters.
    Next, standardize secure IDs, 18 of the 19 9/11 hijackers 
obtained 30 State-issued IDs amongst them that enabled them to 
more easily board planes on that dreadful morning of 9/11. 
Therefore, we recommended that the Federal Government sets 
standards for the issuance of sources of identification. In 
2008, DHS issued detailed regulations setting standards for 
driver's license issuance. However, the States' compliance with 
the regulations has been delayed until 2013. That delay in 
compliance creates vulnerabilities and make us less safe. No 
further delay should be authorized, and instead, from my point 
of view, at least, the deadline should by accelerated.
    Next, transportation security. With significant Federal 
funding, TSA has deployed large numbers of enhanced screening 
equipment used in explosives detection. Unfortunately, 
explosives detection technology lacks reliability and lags in 
its capability to automatically identify concealed weapons and 
explosives. DHS must improve the way it sets screening 
technology requirements, works with the private sector to 
develop this equipment, and tests it in the field.
    Finally, with regard to standards for terrorist detention, 
I know this is not within the jurisdiction of this committee, 
but it is an important matter, for too long, our Nation's 
political leadership have delayed resolving the difficult 
problem of reconciling the rule of law with indefinitely 
detaining alleged terrorists, some of whom would no doubt 
attempt to do the Nation grievous harm.
    Congress and the President must enact a law, a 
comprehensive approach for how to handle these detainees that 
is grounded in the principles of fairness, due process, and 
protecting the American people.
    To conclude, while we have done much since the attacks 10 
years ago we are safer than we were that day, all of us, I 
think, agree there is still much more to do. Political 
leadership from both parties at all levels of government should 
renew their focus on completing implementation of the 9/11 
Commission recommendations, thank you.
    [The statement of Mr. Hamilton follows:]
                Prepared Statement of Hon. Lee Hamilton
                           September 8, 2011
    Mr. Chairman, Ranking Member Thompson, and Members of the 
committee: Thank you for the opportunity to appear before you today. 
This committee has been at the center of defending the country from the 
terrorist threat we face. You have provided sustained support for the 
implementation of the 9/11 Commission's recommendations. By doing so, 
you have done a great deal to ensure we are taking the difficult steps 
necessary to confront this determined enemy and protect Americans, our 
allies, and people throughout the world.
    Today, I am appearing in my capacity as a co-chair of the 
Bipartisan Policy Center's National Security Preparedness Group (NSPG), 
a successor to the 9/11 Commission. Drawing on a strong roster of 
National security professionals, the NSPG works as an independent, 
bipartisan group to monitor the implementation of the 
9/11 Commission's recommendations and address emerging National 
security issues. The NSPG has the following members:
    Governor Tom Kean, Former Governor of New Jersey, Chairman of the 
        9/11 Commission, and Co-Chair of the National Security 
        Preparedness Group;
    The Honorable E. Spencer Abraham, Former U.S. Secretary of Energy 
        and U.S. Senator from Michigan, The Abraham Group;
    Peter Bergen, Director, National Securities Program at the New 
        America Foundation;
    Dr. Stephen Flynn, President, Center for National Policy;
    Dr. John Gannon, BAE Systems, former CIA Deputy Director for 
        Intelligence, Chairman of the National Intelligence Council, 
        and U.S. House Homeland Security Staff Director;
    The Honorable Dan Glickman, former Secretary of Agriculture and 
        U.S. Congressman;
    Dr. Bruce Hoffman, Georgetown University terrorism specialist;
    The Honorable Dave McCurdy, Former Congressman from Oklahoma and 
        Chairman of the U.S. House Intelligence Committee, President of 
        the American Gas Association;
    The Honorable Edwin Meese III, Former U.S. Attorney General, Ronald 
        Reagan Distinguished Fellow in Public Policy and Chairman of 
        the Center for Legal and Judicial Studies at the Heritage 
        Foundation;
    The Honorable Tom Ridge, Former Governor of Pennsylvania and U.S. 
        Secretary of Homeland Security, Senior Advisor at Deloitte 
        Global LLP, Ridge Global;
    The Honorable Richard L. Thornburgh, former U.S. Attorney General, 
        Of Counsel at K&L Gates;
    The Honorable Frances Townsend, Former Homeland Security Advisor 
        and Deputy National Security Advisor for Combating Terrorism;
    The Honorable Jim Turner, Former Congressman from Texas and Ranking 
        Member of the U.S. House Homeland Security Committee, Arnold 
        and Porter, LLP.
    Last week, we released a report assessing the 9/11 Commission's 
recommendations, which I will discuss today.
         i. response to 9/11 and the evolving terrorist threat
    On September 11, 2001, violent Islamist extremists hijacked four 
commercial airplanes and turned them into weapons, killing nearly 3,000 
people, and altering our society forever. These attacks exacted a 
devastating toll on so many families. Our Government, the private 
sector, and daily lives have been profoundly transformed in the decade 
since the attacks.
    Indeed, it is difficult to comprehend all the ways that our Nation 
has changed. The most visible reminders of these changes are the 
airport screening protocols and being asked to report suspicious 
activity in public places. Drone strikes that kill terrorist operatives 
are front page news.
    The less notorious changes that have occurred within the Federal 
Government are even more dramatic. We have seen the largest 
reorganization of the intelligence community since 1947. The 
intelligence budget itself has doubled since 2001. The creation of the 
Department of Homeland Security (DHS) was also a massive 
reconfiguration of Government, combining 22 agencies into a new 
department, with a workforce of 230,000 people and an annual budget of 
more than $50 billion. In total, some 263 organizations have been 
established or redesigned.
    The terrorist threat has changed as well. Today, unlike 2001, we 
must be concerned about Americans, such as Anwar al-Awlaki, playing 
prominent roles in al-Qaeda's global network. For example, in 
Minneapolis, Minnesota, Muslim-American youth are being recruited in 
Somali communities to fight for an al-Qaeda affiliate in Somalia.
    We also have seen Americans recruited by Islamist extremists 
through internet forums. Major Nidal Hasan, who killed 13 fellow 
soldiers at Fort Hood in Texas, was radicalized on-line. This self-
radicalization is very difficult, if not impossible, for law 
enforcement to detect.
    Our terrorist adversaries and the tactics and techniques they 
employ are evolving rapidly. We will see new attempts, and likely 
successful attacks. One of our major deficiencies before the 9/11 
attacks was a failure by National security agencies to change at the 
accelerated rate required by a new and different kind of enemy. We must 
not make that mistake again.
    The terrorist threat will be with us far into the future, demanding 
that we be ever vigilant. Changing circumstances require that we 
regularly reassess our priorities and expenditures to determine what is 
needed to defend our country and people.
             ii. unfinished 9/11 commission recommendations
    After a 20-month investigation, in July 2004, the 9/11 Commission 
made 41 recommendations for improving the Nation's security. The vast 
majority of these were endorsed by both Presidential candidates at the 
time and almost every Member of Congress. On the tenth anniversary of 
the attacks, it is appropriate to reflect and take stock of where we 
are in National security reform--and what we have yet to achieve.
    The good news is that substantial progress has been made in 
fulfilling many of the Commission's recommendations. Among these is the 
transformation of the intelligence community and breaking down barriers 
in information sharing.
    Legal, policy, and cultural barriers between agencies created 
serious impediments to information sharing that prevented disruption of 
the 9/11 attacks. Therefore, the 9/11 Commission made a number of 
specific recommendations to improve information sharing across our 
Government. Information sharing within the Federal Government, and 
among Federal, State, and local authorities, and with allies, while not 
perfect, has considerably improved since 9/11. Those changes 
facilitated the successful capture of Osama bin Laden.
    In our report last week, we highlighted nine unfinished 9/11 
Commission recommendations. They demonstrate that we are not as secure 
as we could or should be. We urge immediate action to complete their 
implementation.
    Unity of Effort.--Unity of effort for the many actors at a disaster 
scene is critical because a well-coordinated response can save many 
lives. Our Nation was not fully prepared for the size and complexity of 
the 9/11 attacks or for Hurricane Katrina.
    While training under a uniform command structure has taken place, 
many metropolitan areas where multiple agencies respond to a disaster 
still have not solved the problem of who is in charge. Our concern is 
that the failure to resolve the basic building blocks of establishing 
roles and responsibilities, conducting catastrophic disaster planning, 
and exercising those plans would likely result in confusion at the 
scene of a major disaster.
    Radio Interoperability.--A prerequisite to establishing unity of 
effort is providing first responders the ability to communicate with 
each other directly, on demand, during an emergency. Incompatible and 
inadequate communications led to needless loss of life on 9/11.
    To remedy this failure, the Commission recommended additional 
assignment of radio spectrum to improve radio interoperability for 
first responders. Despite the lives at stake, this recommendation has 
stalled in part because of a political fight over allocating 10 MHz of 
radio spectrum--the D-Block--directly to public safety for a Nation-
wide interoperable network. I want to recognize the leadership that 
Chairman King and Ranking Member Thompson and many Members of this 
committee have shown in supporting a bill that would allocate the D-
Block to public safety.
    Efforts to achieve unity of effort and interoperable emergency 
communications must be dramatically accelerated. Congress needs to 
allocate the radio spectrum by passing legislation, and DHS and State 
and local governments must work together to address gaps in unity of 
effort and interoperability planning.
    Congressional Reform.--Congressional oversight of the Government's 
homeland security and intelligence functions remains as dysfunctional 
as it was when we released our 2004 report. At that time, we said that 
strengthening Congressional oversight may be among the most difficult 
and important recommendations. It still is.
    Congress should immediately consolidate jurisdiction over the 
Department of Homeland Security within the House and Senate homeland 
security committees. This would avoid the duplication of having DHS 
respond to more than 100 Congressional committees and subcommittees 
that have overlapping jurisdiction over the Department. In 2009 and 
2010, DHS provided more than 3,900 briefings and DHS witnesses 
testified more than 285 times. This amounted to many thousands of hours 
of work, often duplicating efforts, and cost taxpayers tens of millions 
of dollars.
    To improve intelligence oversight, the 9/11 Commission recommended 
a joint, bicameral intelligence committee or intelligence committees in 
each body with combined authorizing and appropriating authority. The 
basic issue is that agencies listen to the people who control their 
purse.
    Currently, the House and Senate appropriations committees fund the 
intelligence agencies through their defense subcommittees and the DoD 
budget. At a minimum, separate intelligence subcommittees should be 
established to fund the intelligence community.
    The House Permanent Select Committee on Intelligence announced a 
decision this year to include three Members of the House Appropriations 
Committee to participate in Intelligence Committee hearings and 
briefings. This is a positive step, but there is more to do here.
    Civil Liberties and Executive Power.--We recommended in 2004 that a 
Privacy and Civil Liberties Oversight Board should be established to 
address and monitor privacy and liberty concerns across Government. All 
five democrats and five republicans on the Commission felt strongly 
about this recommendation.
    Since 9/11, the Executive Branch has received expanded authorities 
to collect information and to conduct surveillance. Even if these 
powers are being employed in a careful way respectful of civil 
liberties, the history of the abuse of such powers should give us pause 
and make us commit to ensuring that mechanisms are in place to protect 
our liberty. A robust and visible Board can help reassure Americans 
that security programs are designed and executed with the preservation 
of our core values in mind.
    Although legislation was enacted to establish this Board, it has, 
in fact, been dormant for more than 3 years. To date, only two of the 
Board's five members have been nominated by the President and neither 
has been confirmed by Congress. The remaining three should be appointed 
immediately.
    Director of National Intelligence.--The establishment of the 
Director of National Intelligence and the National Counterterrorism 
Center to coordinate the activities of the intelligence community 
represented major progress in intelligence reform. In the last 6 years, 
the DNI has increased information-sharing, improved coordination among 
agencies, sharpened collection priorities, brought additional expertise 
into the analysis of intelligence, and further integrated the FBI into 
the overall intelligence effort.
    But it still is not clear that the DNI is the driving force for 
intelligence community integration that we had envisioned. There have 
been four DNIs in 6 years. There also is ambiguity about the DNI's 
authorities over budget and personnel. Further clarity about the DNI's 
role is needed. This could be done through legislation or with repeated 
declarations from the President that the DNI is the unequivocal leader 
of the intelligence community.
    Biometric Entry-Exit System.--In 2004, the 9/11 Commission 
recommended that the Federal Government establish a comprehensive 
biometric system to track foreign nationals that enter and leave the 
country. DHS has deployed a system that checks all individuals who 
arrive at U.S. borders, ensures they are who they say they are, and 
helps prevent known terrorists from entering the country.
    But the exit portion of the system has not been completed, so we do 
not know with any certainty who has left the country or remains here on 
an expired visa. Such a capability would have assisted law enforcement 
and intelligence officials in August and September 2001 in conducting a 
search for two of the 9/11 hijackers that were in the United States on 
expired visas.
    Standardized Secure IDs.--Eighteen of the 19 9/11 hijackers 
obtained 30 State-issued IDs amongst them that enabled them to more 
easily board planes on the morning of 9/11. Due to the ease with which 
fraud was used to obtain legitimate IDs that helped the hijackers embed 
and assimilate in the United States for the purpose of carrying out a 
terrorist act, the 9/11 Commission recommended that ``the Federal 
Government set standards for the issuance of birth certificates and 
sources of identification, such as driver's licenses.''
    In 2008, detailed regulations were issued, setting standards and 
benchmarks for driver's license issuance. However, the States' 
compliance with DHS regulations for more secure driver's licenses has 
been delayed to 2013 by DHS. This delay in compliance creates 
vulnerabilities and makes us less safe. No further delay should be 
authorized, and instead the deadline should be accelerated.
    Transportation Security.--With significant Federal funding, TSA has 
deployed large numbers of enhanced screening equipment used in 
passenger checkpoint explosives detection and checked bag screening. 
Unfortunately, explosives detection technology lacks reliability and 
lags in its capability to automatically identify concealed weapons and 
explosives. The next generation whole body scanning machines also are 
not effective at detecting explosives hidden within the body and raise 
privacy and health concerns that DHS has not fully addressed.
    Our conclusion is that despite 10 years of working on the problem, 
the detection system still falls short in critical ways with respect to 
detection. DHS must improve the way it sets screening technology 
requirements, works with the private sector to develop this equipment, 
and tests it in the field.
    Standards for Terrorist Detention.--Within days of his 
inauguration, President Obama signed a series of Executive Orders on 
the treatment of detainees and barring the CIA from using any 
interrogation methods not already authorized in the U.S. Army Field 
Manual. By bringing the United States into compliance with the Geneva 
Conventions and with international and customary law on the treatment 
of prisoners, the Executive Orders have substantially fulfilled our 
recommendation.
    However, for too long, our Nation's political leadership have 
delayed resolving the difficult problem of reconciling the rule of law 
with indefinitely detaining alleged terrorists, some of whom would no 
doubt attempt to do the Nation grievous harm. So Congress and the 
President must decide on a comprehensive approach of how to handle 
these detainees that is grounded in the principles of fairness, respect 
for due process, and protecting the American people.
                            iii. conclusion
    While we have done much since the attacks 10 years ago and are 
safer than we were that day, there is much more to do. Political 
leadership from both parties and at all levels of government should 
renew their focus on completing implementation of the 9/11 Commission 
recommendations.
    Our National security departments require strong leadership and 
attentive management at every level to ensure that all parts are 
working well together. Their dedicated workforces enacted much change 
and should be commended for their achievements in protecting the 
American people. But there is a tendency toward inertia in all 
bureaucracies. Vigorous Congressional oversight is imperative to ensure 
sustained vigilance and continued reforms.

    Chairman King. Thank you Chairman Hamilton.
    Our next witness is an old friend; many people in the 
Congress had the privilege of serving with him. Tom Ridge was a 
Member of the Congress, he went on to become an outstanding 
Governor of Pennsylvania, and he truly was present at the 
creation when President Bush appointed him to be the first 
assistant to the President for Homeland Security and first 
Secretary of the Department of Homeland Security.
    He has a unique perspective on this, obviously having been 
there at the start and being able to monitor the development, 
both at the Department and of the Homeland Security mechanisms 
in this country over the past 10 years. Tom was a college 
graduate and law student who was drafted and served honorably 
in Vietnam, received a bronze star, and again was a truly 
outstanding Member of Congress. Again, like Chairman Hamilton, 
has been dedicated to his country and in this issue in 
particular. Tom Ridge, it is a privilege to have you here today 
and you are recognized.

STATEMENT OF HONORABLE TOM RIDGE, FORMER SECRETARY OF HOMELAND 
                            SECURITY

    Mr. Ridge. Thank you, Chairman King, Ranking Member 
Thompson and Members of the committee. I join my colleagues in 
expressing--thanking my colleagues to express my appreciation 
for the opportunity to appear before you today as reflects upon 
our Nation's security efforts 10 years after the attacks of 
September 11, 2001, frankly, as we consider our priorities for 
the future. I am very pleased to be joined at the witness table 
by someone you recognize, we all recognize as a great patriot, 
Lee Hamilton, and obviously we recognize the service and the 
contribution.
    Chairman King. Secretary Ridge, if would you pull the 
microphone closer. I am having a hard time picking up on your 
voice.
    Mr. Ridge. Recognize the service of GAO comptroller, 
General Gene Dodaro, who each bring, I think, distinguished 
credentials and significant points of view to our conversation 
today. As we look back over the last 10 years, it is abundantly 
clear that America was, is, and will always be an undeniably 
resilient country. In a decade's time, we have strengthened our 
intelligence assets and we have partnered with allies and 
friends. We have captured and killed terrorists and destroyed 
safe havens in Afghanistan and around the globe.
    We stood up a new department, the Department of Homeland 
Security and repositioned as the country embraced and 
emotionally charged, but I think strategically-driven National 
mission. We improved preparedness and response capabilities and 
established layers of security throughout our aviation system. 
We embedded new technologies and security measures throughout 
the public and private sectors. Individual citizens, I believe, 
are more prepared and they are certainly more aware. With 
public and private sector leadership in investment, we are more 
secure, but we remain a target nonetheless.
    Over the course of 10 years, the threat remains strong and 
continues to change. We have thwarted some attacks, but we have 
also been fortunate that a few others have simply failed. What 
makes some uncomfortable we must acknowledge that no matter how 
hard we try, another attack is likely. The onus is on us to 
understand what to do and luck is not a strategy. As we close 
one vulnerability, we should anticipate the terrorists will 
adapt and seek out another, and be ready for that.
    We must view security as an on-going process, not an 
endpoint, a deliberative process. Not a breathless reaction to 
all conceivable threats is required at all times. Terrorists do 
not rest, so neither can we. We wear wristwatches, they have 
time, the number of security measures await our attention. We 
have strengthened information sharing in this country and among 
allies and friends, but we still saw an attempted Christmas day 
bomber come very close to his goals due to information not 
being shared. I, for one, also believe that the failure to 
share information and the failure to act lead to the horrible 
tragedy associated with the deaths of people at Fort Hood.
    We need to create a culture of intelligence sharing where 
everyone feels empowered to hit the send button to share more, 
not less. We have bolstered communication technologies, but an 
inoperable broadband communication system remains undelivered. 
If the tragedy of 9/11 the specific recommendations of the 9/11 
Commission, and the sustained pleas of police, firemen, and 
emergency service personnels cannot generate Federal support 
for such a network, what will it take, ladies and gentlemen, 
what will it take?
    We have instituted an entry system to validate who comes 
into the country, but have not created an exit system that 
ensures the same visitors leave and do not exploit as yet an 
unfinished system. It is likely, therefore, that we have people 
among us who have overstayed their visas. Where are they now? 
What are they doing? Why are they here? Respectfully, I say 
this, the issue of Congressional oversight is a 9/11 
recommendation that also goes unanswered.
    You heard the statistics on numbers of hearings, briefings, 
preparation time, and so forth. What is important is that these 
numbers have increased across the tenure of three Secretaries, 
and continue to cause significant distraction, overlap, and 
bureaucracy, three characteristics that run counterintuitive to 
the urgency and focus required of National security. My hope is 
this issue and other concerns have addressed will receive our 
urgent attention in successful resolution.
    It is easy, I know, to cite all the vulnerabilities we have 
yet to address in the 9/11 recommendations we have yet to meet. 
The needs and wants are limitless, resources are not. So we 
must manage the risk carefully and judiciously. The 
responsibility is great, and it is complex. Ten years later, it 
just doesn't get any easier. The killing of Osama bin Laden 
illustrates this point quite well. The news about bin Laden 
capped a decade of emotion. We all know that the threat would 
remain long after the man was killed.
    Ten years is not a lot of time, it is enough time to know 
that in the next 10 years, the fight will be with us. It will 
go on, but so will we. As a stronger and more secure country, 
as resilient and freedom-loving people we have always been, and 
as a Nation that will always remember those we lost one 
September day. Thank you, Mr. Chairman.
    [The statement of Mr. Ridge follows:]
                  Prepared Statement of Hon. Tom Ridge
                           September 8, 2011
    Thank you, Representative King and Ranking Member Thompson, Members 
of the committee.
    I appreciate the opportunity to join you and your colleagues today 
as we reflect upon our Nation's security efforts 10 years after the 
attacks of September 11, 2001, and as we consider our priorities for 
the future.
    And I'm pleased to be joined today at the witness table by 
Representative Lee Hamilton and GAO Comptroller General Gene Dodaro, 
who each bring distinguished credentials and a significant point of 
view to our conversation today.
    As I look back over the last 10 years, it is abundantly clear that 
America was, is, and always will be an undeniably resilient Nation.
    In a decade's time, we strengthened our intelligence assets and 
partnered with allies and friends. We captured and killed terrorists 
and destroyed safe havens in Afghanistan and around the globe.
    We stood up a new department, Homeland Security, and re-positioned 
as the country embraced an emotionally charged and strategically driven 
National mission.
    We improved preparedness and response capabilities and established 
layers of security throughout our aviation system.
    We embedded new technologies and security measures throughout the 
public and private sectors.
    Individual citizens are more prepared and more aware.
    With public and private sector leadership and investment, we are 
more secure. But we remain a target nonetheless.
    Over the course of 10 years, the threat remains strong and 
continues to change. We have thwarted some attacks, but we have also 
been fortunate that a few others have simply failed. While it makes 
some uncomfortable, we must acknowledge that no matter how hard we try, 
another attack is likely. The onus is on us then--to understand that 
there's more to do--and that luck is not a strategy.
    As we close one vulnerability, we should anticipate that terrorists 
will adapt and seek out another--and be ready for that.
    We must view security as an on-going process, not an endpoint. A 
deliberative process, not a breathless reaction to all conceivable 
threats, is required at all times.
    Terrorists do not rest, so neither can we. We have wrist watches--
they have time. A number of security measures await our attention.
    We have strengthened information-sharing in country and among 
allies and friends, but we still saw an attempted Christmas day bomber 
come very close to his goals due to overt and repeated information not 
being shared. We need to create a culture of intelligence sharing where 
everyone feels empowered to hit the send button, to share more, not 
less.
    We have bolstered communication technologies, but an interoperable 
broadband communications system remains undelivered. If the tragedy of 
9/11, the specific recommendations of the 9/11 Commission and the 
sustained pleas of police, firemen, and emergency service professionals 
cannot generate Federal support for such a network, then what will it 
take?
    We have instituted an entry system to validate who comes into the 
country, but have not created an exit system that ensures these same 
visitors leave and do not exploit an as-yet unfinished system. It is 
likely therefore that we have people among us who have overstayed their 
visas. Where are they now and what are they doing? Where is the sense 
of urgency needed to address this?
    Respectfully, the issue of Congressional oversight is a 9/11 
recommendation that goes unanswered. You have heard the statistics on 
numbers of hearings, briefings, preparation time, and so forth. What is 
important is that these numbers have increased across the tenure of 
three DHS secretaries, and continue to cause significant distraction, 
overlap, and bureaucracy--three characteristics that run 
counterintuitive to the urgency and focus required of National 
security.
    My hope is this issue and other concerns I've addressed will 
receive our urgent attention and successful resolution.
    It is easy, I know, to cite all of the vulnerabilities we have yet 
to address and the 9/11 recommendations we have yet to meet. The needs 
and wants are limitless. Resources are not. So we must manage the risk 
carefully and judiciously. That responsibility is great and complex. 
And 10 years later, it doesn't get any easier.
    The killing of Osama bin Laden illustrates this point well. The 
news about bin Laden capped a decade of emotion, but we all knew that 
the threat would remain long after the man.
    Ten years is not a lot of time, but it is enough time to know that 
in the next 10 years, the fight will still be with us. It will go on. 
But so will we, as a stronger and more secure country, as the resilient 
and freedom-loving people we have always been, and as a Nation that 
will always remember those we lost one September day.

    Chairman King. Thank you, Secretary Ridge.
    Our next witness is, this man's job is to keep everybody 
honest, Comptroller General Gene Dodaro who has a more than 30-
year record of achievement. Served more than 9 years as chief 
operating officer of GAO. With that, I look forward to your 
testimony and its perspective we don't always hear. So I look 
forward to your testimony this morning.

STATEMENT OF HONORABLE EUGENE L. DODARO, COMPTROLLER GENERAL OF 
                       THE UNITED STATES

    Mr. Dodaro. Thank you very much, Mr. Chairman, Ranking 
Member Thompson, Members of the committee, I am very pleased to 
be here today to discuss GAO's work on Homeland Security 
issues. It is a privilege to appear with Chairman Hamilton and 
Governor Ridge this morning.
    Yesterday we issued a summary report of the work that we 
have done over the past decade, looking at the Homeland 
Security issues. We have made over 1,500 recommendations during 
that period of time. We have adopted a constructive approach to 
try to do our part to help in this quest to make our homeland 
more secure. The Department has reacted favorably to many of 
our recommendations and has implemented many, but many, as yet, 
have not been fully implemented.
    The bottom line message of our report was that progress 
indeed has been made since 9/11, but much work remains on gaps 
and weaknesses that the Department needs to address in order to 
reach its full potential.
    On the progress side, I point to several areas, one, secure 
flight, we have a system now to check against terrorist watch 
lists on passenger lists. We have a visa entry biometric 
system, as Governor Ridge mentioned, to track people coming 
into the country. We have a visa security program, where DHS is 
now working with the Department of State officials in the 
process of determining who gets a visa in order to come into 
the country. There is also an automated verification, 
authorization system for visa waiver countries where visas 
aren't needed, that they are checked as they come in. We 
bolstered the resources at ports of entry and equipment and 
infrastructure there and at the borders across the country.
    I am also pleased that there has been greater emphasis in 
cybersecurity in the National infrastructure plan, and that 
FEMA has issued National Response Framework and attended 
documents to ensure emergency preparedness and better clarity 
of rules and responsibilities.
    Now on the work-remaining side, first, I would point to the 
fact that we need to continuously improve the processes and 
technologies for screening at the airports, particularly 
including a plan to bring the equipment for screening check 
baggage up to current levels for detecting explosive devices.
    Second, I would echo the comments of my colleagues and that 
we need an exit system for this country. Overstays remains a 
significant problem, estimates are between 4 and 5 million 
people, and as we all recall, five of the 19 hijackers on 9/11 
had overstayed their visas, so having an exit strategy is 
important.
    I also think there are great opportunities to expand the 
Visa Border Security Program. DHS is not working yet with State 
Department in all critical high-risk issues. This could be done 
by placing additional people overseas, or perhaps remotely 
working within the United States. So that's an important issue 
as well.
    There is also a task to provide more timely and actionable 
threat and alerts on cybersecurity issues to the private sector 
and others and help them dealing with a growing problem of 
cybersecurity and intrusions. There is also a need for FEMA to 
come up with an assessment, metrics and assessment to assess 
the capabilities and the readiness of individual jurisdiction. 
We have framework and guidelines, but we have yet to have any 
objective assessments of readiness and preparedness levels 
across the country.
    Also, there is a need to effectively implement the global 
nuclear detection strategy, and we have made some 
recommendations in this area. There is a need to strengthen our 
efforts to detect biological agents and threats to our country.
    Last, I would point to our report highlighting the need for 
the Department to improve their management systems and 
infrastructure to help support these very important missions. 
The problems that have been occurring in the acquisition area, 
there has been a number of failed acquisition attempts, a lot 
of money is at stake, about 40 percent of the Department's 
budget is on acquisitions and that needs to be improved, along 
with their development and testing of technologies before they 
are deployed. Also, their financial management systems need to 
be strengthened to properly account for the funds that are 
available. They are one of the few departments that are unable 
to pass a clean audit opinion. Going forward in the austere 
budget environment, it is very important that we make the best 
and most efficient use out of the monies and manage wisely.
    This concludes my opening statement, I look forward to 
answering questions. Thank you very much, Mr. Chairman.
    [The statement of Mr. Dodaro follows:]
              Prepared Statement of Hon. Eugene L. Dodaro
                           September 8, 2011
                              gao-11-940t
    Chairman King, Ranking Member Thompson, and Members of the 
committee: I am pleased to be here today to discuss our work on 
progress made by the Department of Homeland Security (DHS) and work 
remaining in implementing its homeland security missions since it began 
operations in March 2003. The Nation is about to pass the 10-year 
anniversary of the September 11, 2001, terrorist attacks. The events of 
that day led to profound changes in Government agendas, policies, and 
structures to confront homeland security threats facing the Nation. 
This milestone provides an opportunity to reflect on the progress DHS 
has made since its establishment and challenges it has faced in 
implementing its missions, as well as to identify issues that will be 
important for the Department to address as it moves forward, based on 
work we have completed on DHS programs and operations in key areas.
    DHS was established with key missions that include preventing 
terrorist attacks from occurring within the United States, reducing 
U.S. vulnerability to terrorism, minimizing resulting damages, and 
helping the Nation recover from any attacks that may occur. DHS is now 
the third-largest Federal department, with more than 200,000 employees 
and an annual budget of more than $50 billion. We have evaluated 
numerous Departmental programs since DHS began its operations, and 
issued more than 1,000 reports and Congressional testimonies in areas 
such as border security and immigration, transportation security, and 
emergency management, among others.
    We have made approximately 1,500 recommendations to DHS designed to 
strengthen its operations, such as to improve performance measurement 
efforts, strengthen management processes, enhance coordination and 
information sharing, and increase the use of risk information in 
planning and resource allocation decisions, as well as to address gaps 
and challenges in its mission operations that have affected DHS's 
implementation efforts. DHS has implemented about half of these 
recommendations, has actions underway to address others, and has taken 
additional steps to strengthen its mission activities.
    However, we reported that the Department has more to do to ensure 
that it conducts its missions efficiently and effectively, while 
simultaneously preparing to address future challenges that face the 
Department and the Nation. Addressing these issues will likely become 
increasingly complex as domestic and world events unfold, and will be 
particularly challenging in light of the current fiscal environment and 
constrained budgets.
    In 2003, we designated the implementation and transformation of DHS 
as high-risk because it represented an enormous undertaking that would 
require time to achieve in an effective and efficient manner.\1\ 
Additionally, the components that merged to form DHS already faced a 
wide array of existing challenges, and any DHS failure to effectively 
carry out its mission could expose the Nation to potentially serious 
consequences. The area has remained on our high-risk list since 
2003.\2\ Our prior work on mergers and organizational transformations, 
undertaken before the creation of DHS, found that successful 
transformations of large organizations, even those faced with less 
strenuous reorganizations than DHS, can take years to achieve.\3\
---------------------------------------------------------------------------
    \1\ GAO, High-Risk Series: An Update, GAO-03-119 (Washington, DC: 
January 2003). In addition to this high-risk area, DHS has 
responsibility for other areas we have designated as high-risk. 
Specifically, in 2005 we designated information sharing for homeland 
security as high-risk, involving a number of Federal departments 
including DHS, and in 2006, we identified the National Flood Insurance 
Program as high-risk. Further, in 2003 we expanded the scope of the 
high-risk area involving Federal information security, which was 
initially designated as high-risk in 1997, to include the protection of 
the Nation's computer-reliant critical infrastructure.
    \2\ GAO, Major Management Challenges and Program Risks: Department 
of Homeland Security, GAO-03-102 (Washington, DC: January 2003).
    \3\ See GAO, Highlights of a GAO Forum: Mergers and 
Transformations: Lessons Learned for a Department of Homeland Security 
and Other Federal Agencies, GAO-03-293SP (Washington, DC: Nov. 14, 
2002), and Results-Oriented Cultures: Implementation Steps to Assist 
Mergers and Organizational Transformations, GAO-03-669 (Washington, DC: 
July 2, 2003).
---------------------------------------------------------------------------
    In 2007, we reported on progress made by DHS in implementing its 
mission and management functions by assessing actions DHS took to 
achieve performance expectations within each function.\4\ We reported 
that DHS made progress in implementing all of its mission and 
management functions since it began operations, but progress among the 
areas varied significantly. For example, we reported that DHS made more 
progress in implementing its mission functions than its management 
functions. We also reported that DHS generally had not established 
quantitative goals and measures for assessing its performance and, as a 
result, we could not assess where along a spectrum of progress DHS 
stood in achieving its missions. Subsequent to the issuance of this 
report, DHS continued to take action to strengthen its operations and 
the management of the Department, including enhancing its performance 
measurement efforts. At the request of this committee, following the 
issuance of our report, we provided DHS with feedback on the 
Department's performance goals and measures as DHS worked to better 
position itself to assess its results. Based on its internal review 
efforts and our feedback, DHS took action to develop and revise its 
performance goals and measures in an effort to strengthen its ability 
to assess its outcomes and progress in key mission areas. For fiscal 
year 2011, DHS identified 85 strategic measures for assessing its 
progress in achieving its Quadrennial Homeland Security Review (QHSR) 
missions and goals.\5\ The Department plans to report on its results in 
meeting established targets for these new measures at the end of the 
fiscal year.
---------------------------------------------------------------------------
    \4\ GAO, Department of Homeland Security: Progress Report on 
Implementation of Mission and Management Functions, GAO-07-454 
(Washington, DC: Aug. 17, 2007). We defined performance expectations as 
a composite of the responsibilities or functions--derived from 
legislation, homeland security Presidential Directives and Executive 
Orders, DHS planning documents, and other sources--that the Department 
was to achieve or satisfy in implementing efforts in its mission and 
management areas. The performance expectations were not intended to 
represent performance goals or measures for the Department.
    \5\ DHS, Quadrennial Homeland Security Review Report: A Strategic 
Framework for a Secure Homeland (Washington, DC: February 2010). The 
Implementing Recommendations of the 9/11 Commission Act required that 
beginning in 2009, and every 4 years thereafter, DHS conduct a 
quadrennial review that provides a comprehensive examination of the 
homeland security strategy of the United States. Pub. L. No. 110-53,  
2401(a), 121 Stat. 266, 543-45 (2007) (codified at 6 U.S.C.  347).
---------------------------------------------------------------------------
    In February 2010, DHS issued its first QHSR report, outlining a 
strategic framework for homeland security to guide the activities of 
the Department and its homeland security partners, including Federal, 
State, local, and Tribal government agencies; the private sector; and 
nongovernmental organizations. The report identified five homeland 
security missions--Preventing Terrorism and Enhancing Security, 
Securing and Managing Our Borders, Enforcing and Administering Our 
Immigration Laws, Safeguarding and Securing Cyberspace, and Ensuring 
Resilience to Disasters--and goals and objectives to be achieved within 
each mission. In addition, in July 2010 DHS issued a report on the 
results of its Bottom-Up Review (BUR), a Department-wide assessment to 
align DHS's programmatic activities, such as investigating drug 
smuggling and inspecting cargo at ports of entry, and its 
organizational structure to the missions and goals identified in the 
QHSR.\6\
---------------------------------------------------------------------------
    \6\ DHS, Bottom-Up Review Report (Washington, DC: July 2010). As a 
result of the BUR, DHS acknowledged that it had complementary 
Department responsibilities and capabilities, which it subsequently 
formalized in a sixth mission published in the fiscal year 2010-2012 
Annual Performance Report--``Providing Essential Support to National 
and Economic Security''--to fully capture the scope of DHS's missions.
---------------------------------------------------------------------------
    My statement is based on a report we issued in September 2011 
assessing DHS's programs and operations.\7\ As requested, the report 
and my statement address the progress made by DHS in implementing its 
homeland security missions since it began operations, remaining work, 
and crosscutting and management issues that have affected DHS's 
implementation efforts.
---------------------------------------------------------------------------
    \7\ GAO, Department of Homeland Security: Progress Made and Work 
Remaining in Implementing Homeland Security Missions 10 Years after 9/
11, GAO-11-881 (Washington, DC: Sept. 7, 2011).
---------------------------------------------------------------------------
    The report is based on our work on DHS since it began operations, 
supplemented with work completed by the DHS Office of Inspector General 
(IG), with an emphasis on work completed since 2008 to reflect recent 
work, and updated information and documentation provided by the 
department in July and August 2011. It is also based on our on-going 
work on some DHS programs for various Congressional committees, as 
noted throughout the report. For this on-going work, as well as updated 
information provided by DHS, we examined program documentation and 
interviewed agency officials, among other things. This statement 
highlights key, recent work at DHS, but does not address all products 
we and DHS IG issued related to the Department, nor does it address all 
of DHS's homeland security-related activities and efforts. To determine 
what progress DHS has made in implementing its mission functions and 
what work, if any, remains, we identified 10 DHS functional areas, 
which we define as categories or areas of DHS's homeland security 
responsibilities. These functional areas are based on those areas we 
identified for DHS in our August 2007 report on DHS's progress in 
implementing its mission and management functions, and our analysis of 
DHS's QHSR and budget documents, such as its Congressional budget 
justifications.\8\ These areas include: (1) Aviation security; (2) 
chemical, biological, radiological, and nuclear (CBRN) threats; (3) 
critical infrastructure protection--physical assets; (4) surface 
transportation security; (5) border security; (6) maritime security; 
(7) immigration enforcement; (8) immigration services; (9); critical 
infrastructure protection--cyber assets; and (10) emergency 
preparedness and response.\9\ To identify sub-areas within these 
functional areas, we identified performance expectations, which we 
define as composites of the responsibilities or functions that the 
Department is to achieve or satisfy based on our analysis of 
requirements, responsibilities, and goals set for the Department by 
Congress, the administration, and DHS itself and its components. In 
particular, we used expectations identified in our August 2007 report 
as a baseline, and updated, or added to, these expectations by 
analyzing requirements and plans set forth in homeland security-related 
laws, Presidential Directives and Executive Orders, National 
strategies, and DHS's and components' strategic plans and documents. We 
then aligned our functional areas to the five QHSR missions based on 
our review of the QHSR and BUR reports and DHS's fiscal year 2012 
budget documents.
---------------------------------------------------------------------------
    \8\ GAO-07-454.
    \9\ We focused these mission areas primarily on DHS's homeland 
security-related functions. We did not consider the Secret Service, 
domestic counterterrorism, or intelligence activities because: (1) We 
and the DHS IG have completed limited work in these areas; (2) there 
are few, if any, requirements identified for the Secret Service's 
mission and for DHS's role in domestic counterterrorism and 
intelligence (the Department of Justice serves as the lead agency for 
most counterterrorism initiatives); and (3) we address DHS actions that 
could be considered part of domestic counterterrorism and intelligence 
in other areas, such as aviation security, critical infrastructure 
protection, and border security.
---------------------------------------------------------------------------
    To identify key areas of progress and work that remains in each 
functional area, as well as crosscutting issues that have affected 
DHS's implementation efforts, we examined our and the DHS IG's past 
reports. We selected key work that we and the DHS IG have completed 
related to the functional areas, sub-areas, and crosscutting issues. We 
examined the methodologies used by the DHS IG in its reports, including 
reviewing the scope, methodological steps, and limitations. We 
determined that the DHS IG reports were sufficiently reliable for the 
purposes of our report to provide examples of, and to supplement our 
work on, DHS's progress and work remaining. We identified crosscutting 
issues based on analysis of our work in each functional mission area to 
determine common themes that have affected DHS's implementation efforts 
across the various mission areas. We conducted this performance audit 
from April 2011 through September 2011, in accordance with generally 
accepted Government auditing standards. Those standards require that we 
plan and perform the audit to obtain sufficient, appropriate evidence 
to provide a reasonable basis for our findings and conclusions based on 
our audit objectives. We believe that the evidence obtained provides a 
reasonable basis for our findings and conclusions based on our audit 
objectives.
    In commenting on our September 2011 report, DHS acknowledged our 
work to assess the progress the Department has made in enhancing the 
Nation's security and the challenges that still exist. The Department 
discussed its views of its accomplishments since 2001, such as the 
creation and management of the Visa Security Program; the establishment 
of fusion centers to serve as focal points for the analysis and sharing 
on threat and vulnerability-related information; and passenger 
screening and prescreening programs, among other things. We recognize 
the Department's progress in these and other areas in the report, as 
well as identify existing challenges that will be important for DHS to 
address moving forward. DHS further noted that the report did not 
address all of DHS's homeland security-related activities and efforts. 
DHS also stated that the report's assessments of progress in each 
homeland security mission area were not comprehensive because we and 
the DHS IG completed varying degrees of work for each area. We reflect 
in the report that it was primarily based on work we completed since 
DHS began operations, supplemented with the work of the DHS IG, with an 
emphasis on work completed since 2008 and updated information provided 
by DHS in July and August 2011. As such, the report identified that our 
work and that of the DHS IG did not cover all of DHS's homeland 
security-related programs and activities, and that the report was not 
intended to do so. Further, we noted in the report that because we and 
the DHS IG have completed varying degrees of work (in terms of the 
amount and scope of reviews completed) for each functional area, and 
because different DHS components and offices provided us with different 
amounts and types of information, the report's assessments of DHS's 
progress in each area reflected the information available for our 
review and analysis and were not necessarily equally comprehensive 
across all 10 areas.
 dhs continues to implement and strengthen its mission functions, but 
            key operational and management challenges remain
    Since DHS began operations in March 2003, it has developed and 
implemented key policies, programs, and activities for implementing its 
homeland security missions and functions that have created and 
strengthened a foundation for achieving its potential as it continues 
to mature. However, the Department's efforts have been hindered by 
challenges faced in leading and coordinating the homeland security 
enterprise; implementing and integrating its management functions for 
results; and strategically managing risk and assessing, and adjusting 
as necessary, its homeland security efforts.\10\ DHS has made progress 
in these three areas, but needs to take additional action, moving 
forward, to help it achieve its full potential.
---------------------------------------------------------------------------
    \10\ DHS defines the homeland security enterprise as the Federal, 
State, local, Tribal, territorial, nongovernmental, and private-sector 
entities, as well as individuals, families, and communities, who share 
a common National interest in the safety and security of the United 
States and its population.
---------------------------------------------------------------------------
DHS Has Made Progress in Implementing its Mission Functions, but 
        Program Weaknesses and Management Issues Have Hindered 
        Implementation Efforts
    DHS has made important progress in implementing and strengthening 
its mission functions over the past 8 years, including implementing key 
homeland security operations and achieving important goals and 
milestones in many areas. The Department's accomplishments include 
developing strategic and operational plans across its range of 
missions; hiring, deploying, and training workforces; establishing new, 
or expanding existing, offices and programs; and developing and issuing 
policies, procedures, and regulations to govern its homeland security 
operations. For example:
   DHS issued the QHSR, which provides a strategic framework 
        for homeland security, and the National Response Framework, 
        which outlines guiding principles for disaster response.
   DHS successfully hired, trained, and deployed workforces, 
        such as a Federal screening workforce which assumed security 
        screening responsibilities at airports Nation-wide, and the 
        Department has about 20,000 agents to patrol U.S. land borders.
   DHS created new programs and offices, or expanded existing 
        ones, to implement key homeland security responsibilities, such 
        as establishing the United States Computer Emergency Readiness 
        Team to, among other things, coordinate the Nation's efforts to 
        prepare for, prevent, and respond to cyber threats to systems 
        and communications networks. DHS also expanded programs for 
        identifying and removing aliens subject to removal from the 
        United States and for preventing unauthorized aliens from 
        entering the country.
   DHS issued policies and procedures addressing, among other 
        things, the screening of passengers at airport checkpoints, 
        inspecting travelers seeking entry into the United States, and 
        assessing immigration benefit applications and processes for 
        detecting possible fraud.
    Establishing these elements and others are important 
accomplishments and have been critical for the Department to position 
and equip itself for fulfilling its homeland security missions and 
functions.
    However, more work remains for DHS to address gaps and weaknesses 
in its current operational and implementation efforts, and to 
strengthen the efficiency and effectiveness of those efforts to achieve 
its full potential. For example, we have reported that many DHS 
programs and investments have experienced cost overruns, schedule 
delays, and performance problems, including, for instance, DHS's 
recently cancelled technology program for securing U.S. borders, known 
as the Secure Border Initiative Network, and some technologies for 
screening passengers at airport checkpoints. Further, with respect to 
the cargo advanced automated radiography system to detect certain 
nuclear materials in vehicles and containers at ports DHS pursued the 
acquisition and deployment of the system without fully understanding 
that it would not fit within existing inspection lanes at ports of 
entry. DHS subsequently canceled the program. DHS also has not yet 
fully implemented its roles and responsibilities for developing and 
implementing key homeland security programs and initiatives. For 
example, DHS has not yet developed a set of target capabilities for 
disaster preparedness or established metrics for assessing those 
capabilities to provide a framework for evaluating preparedness, as 
required by the Post-Katrina Emergency Management Reform Act.\11\ Our 
work has shown that DHS should take additional action to improve the 
efficiency and effectiveness of a number of its programs and activities 
by, for example, improving program management and oversight, and better 
assessing homeland security requirements, needs, costs, and benefits, 
such as those for key acquisition and technology programs. Table 1 
provides examples of key progress and work remaining in DHS's 
functional mission areas, with an emphasis on work we completed since 
2008.
---------------------------------------------------------------------------
    \11\ See 6 U.S.C.  749.

    TABLE 1.--EXAMPLES OF KEY PROGRESS AND WORK REMAINING IN DHS'S EFFORTS TO IMPLEMENT ITS HOMELAND SECURITY
                                MISSIONS ON WHICH WE AND THE DHS IG HAVE REPORTED
----------------------------------------------------------------------------------------------------------------
             QHSR Mission                    Functional Area         Summary of Key Progress and Work Remaining
----------------------------------------------------------------------------------------------------------------
Mission 1: Preventing Terrorism and     Aviation security........  Key progress.--DHS enhanced aviation security
 Enhancing Security.                                                in key areas related to passenger
                                                                    prescreening, passenger checkpoint
                                                                    screening, checked baggage screening, and
                                                                    air cargo security. For example, DHS
                                                                    developed and implemented Secure Flight as a
                                                                    passenger prescreening program to match
                                                                    airline passenger information against
                                                                    terrorist watch list records. DHS also
                                                                    deployed technology to screen passengers and
                                                                    checked baggage at airports. For example, in
                                                                    response to the December 25, 2009, attempted
                                                                    attack on Northwest flight 253, DHS revised
                                                                    the advanced imaging technology procurement
                                                                    and deployment strategy, increasing the
                                                                    planned deployment of advanced imaging
                                                                    technology from 878 to between 1,350 and
                                                                    1,800 units.(1) Further, DHS is screening
                                                                    passengers using staff trained in behavior
                                                                    detection principles and deployed about
                                                                    3,000 Behavior Detection Officers to 161
                                                                    airports as part of its Screening of
                                                                    Passengers by Observation Techniques
                                                                    program. Moreover, DHS reported, as of
                                                                    August 2010, that it had established a
                                                                    system to screen 100 percent of domestic air
                                                                    cargo (cargo transported within and outbound
                                                                    from the United States) transported on
                                                                    passenger aircraft by, among other things,
                                                                    creating a voluntary program to facilitate
                                                                    screening throughout the air cargo supply
                                                                    chain and taking steps to test technologies
                                                                    for screening air cargo.
                                                                   What remains to be done.--DHS should take
                                                                    additional action to strengthen its aviation
                                                                    security efforts. For example, a risk-based
                                                                    strategy and a cost-benefit analysis of
                                                                    airport checkpoint technologies would
                                                                    improve passenger checkpoint screening.
                                                                    TSA's strategic plan to guide research,
                                                                    development, and deployment of passenger
                                                                    checkpoint screening technologies was not
                                                                    risk-based and did not reflect some of the
                                                                    key risk management principles, such as
                                                                    conducting a risk assessment based on the
                                                                    three elements of risk--threat,
                                                                    vulnerability, and consequence--and did not
                                                                    include a cost-benefit analysis and
                                                                    performance measures. Further, in March
                                                                    2010, we reported that it was unclear
                                                                    whether the advanced imaging technology
                                                                    would have detected the weapon used in the
                                                                    December 25, 2009 attempted terrorist attack
                                                                    based on the preliminary testing information
                                                                    we received. DHS also had not validated the
                                                                    science supporting its Screening of
                                                                    Passengers by Observation Techniques
                                                                    program, or determined if behavior detection
                                                                    techniques could be successfully used across
                                                                    the aviation system to detect threats before
                                                                    deploying the program. DHS completed a
                                                                    program validation study in April 2011 which
                                                                    found that the program was more effective
                                                                    than random screening, but that more work
                                                                    was needed to determine whether the science
                                                                    could be used for counterterrorism purposes
                                                                    in the aviation environment. Moreover, DHS
                                                                    does not yet have a plan and schedule for
                                                                    deploying checked baggage screening
                                                                    technologies to meet recently enhanced
                                                                    explosive detection requirements. In
                                                                    addition, DHS does not yet have a mechanism
                                                                    to verify the accuracy of domestic and
                                                                    inbound air cargo screening data to help
                                                                    ensure that screening is being conducted at
                                                                    reported levels, and DHS does not yet have
                                                                    approved technology to screen cargo once it
                                                                    is loaded onto a pallet or container--both
                                                                    of which are common means of transporting
                                                                    air cargo on passenger aircraft, thus
                                                                    requiring that screening occur before
                                                                    incorporation into pallets and containers.
                                        CBRN threats.............  Key progress.--DHS made progress in assessing
                                                                    risks posed by CBRN threats, developing CBRN
                                                                    detection capabilities, and planning for
                                                                    nuclear detection. For example, DHS develops
                                                                    risk assessments of CBRN threats and has
                                                                    issued seven classified CBRN risk
                                                                    assessments since 2006. DHS also assessed
                                                                    the threat posed by specific CBRN agents in
                                                                    order to determine which of those agents
                                                                    pose a material threat to the United States,
                                                                    known as material threat assessments. With
                                                                    regard to CBRN detection capabilities, DHS
                                                                    implemented the BioWatch program in more
                                                                    than 30 metropolitan areas to detect
                                                                    specific airborne biological threat agents.
                                                                    Further, DHS established the National
                                                                    Biosurveillance Integration Center to
                                                                    enhance the Federal Government's capability
                                                                    to identify and track biological events of
                                                                    National concern. In addition, DHS
                                                                    coordinated the development of a strategic
                                                                    plan for the global nuclear detection
                                                                    architecture--a multidepartment effort to
                                                                    protect against terrorist attacks using
                                                                    nuclear and radiological materials through
                                                                    coordinated activities--and has deployed
                                                                    radiation detection equipment.
                                                                   What remains to be done.--More work remains
                                                                    for DHS to strengthen its CBRN assessment,
                                                                    detection, and mitigation capabilities. For
                                                                    example, DHS should better coordinate with
                                                                    the Department of Health and Human Services
                                                                    in conducting CBRN risk assessments by
                                                                    developing written policies and procedures
                                                                    governing development of the assessments.
                                                                    Moreover, the National Biosurveillance
                                                                    Integration Center lacks resources necessary
                                                                    for operations, such as data and personnel
                                                                    from its partner agencies. Additionally,
                                                                    work remains for DHS in its implementation
                                                                    of the global nuclear detection
                                                                    architecture. Specifically, the strategic
                                                                    plan for the architecture did not include
                                                                    some key components, such as funding needed
                                                                    to achieve the strategic plan's objectives,
                                                                    or monitoring mechanisms for determining
                                                                    programmatic progress and identifying needed
                                                                    improvements. DHS officials told us that
                                                                    they will address these missing elements in
                                                                    an implementation plan, which they plan to
                                                                    issue by the end of 2011.
                                        Critical infrastructure    Key progress.--DHS expanded its efforts to
                                         protection--physical       conduct risk assessment and planning,
                                         assets.                    provide for protection and resiliency, and
                                                                    implement partnerships and coordination
                                                                    mechanisms for physical critical assets. For
                                                                    example, DHS updated the National
                                                                    Infrastructure Protection Plan to include an
                                                                    emphasis on resiliency (the capacity to
                                                                    resist, absorb, or successfully adapt,
                                                                    respond to, or recover from disasters), and
                                                                    enhanced discussion about DHS risk
                                                                    management. Moreover, DHS components with
                                                                    responsibility for critical infrastructure
                                                                    sectors, such as transportation security,
                                                                    have begun to use risk-based assessments in
                                                                    their critical infrastructure-related
                                                                    planning and protection efforts. Further,
                                                                    DHS has various voluntary programs in place
                                                                    to conduct vulnerability assessments and
                                                                    security surveys at and across facilities
                                                                    from the 18 critical infrastructure sectors,
                                                                    and uses these assessments to develop and
                                                                    disseminate information on steps asset
                                                                    owners and operators can take to protect
                                                                    their facilities. In addition, DHS
                                                                    coordinated with critical infrastructure
                                                                    stakeholders, including other Federal
                                                                    regulatory authorities to identify overlaps
                                                                    and gaps in critical infrastructure security
                                                                    activities.
                                                                   What remains to be done.--Additional actions
                                                                    are needed for DHS to strengthen its
                                                                    critical infrastructure protection programs
                                                                    and efforts. For example, DHS has not fully
                                                                    implemented an approach to measure its
                                                                    effectiveness in working with critical asset
                                                                    owners and operators in their efforts to
                                                                    adopt measures to mitigate resiliency gaps
                                                                    identified during various vulnerability
                                                                    assessments. Moreover, DHS components have
                                                                    faced difficulties in incorporating risk-
                                                                    based assessments in critical infrastructure
                                                                    planning and protection efforts, such as in
                                                                    planning for security in surface
                                                                    transportation modes like highway
                                                                    infrastructure. Further, DHS should
                                                                    determine the feasibility of developing an
                                                                    approach to disseminating information on
                                                                    resiliency practices to its critical
                                                                    infrastructure partners to better position
                                                                    itself to help asset owners and operators
                                                                    consider and adopt resiliency strategies,
                                                                    and provide them with information on
                                                                    potential security investments.
                                        Surface transportation     Key progress.--DHS expanded its efforts in
                                         security.                  key surface transportation security areas,
                                                                    such as risk assessments and strategic
                                                                    planning; the surface transportation
                                                                    inspector workforce; and information
                                                                    sharing. For example, DHS conducted risk
                                                                    assessments of surface transportation modes
                                                                    and developed a transportation sector
                                                                    security risk assessment that assessed risk
                                                                    within and across the various modes.
                                                                    Further, DHS more than doubled its surface
                                                                    transportation inspector workforce and, as
                                                                    of July 2011, reported that its surface
                                                                    inspectors had conducted over 1,300 site
                                                                    visits to mass transit and passenger rail
                                                                    stations to complete station profiles, among
                                                                    other things. Moreover, DHS allocates
                                                                    transit grant funding based on risk
                                                                    assessments and has taken steps to measure
                                                                    performance of its Transit Security Grant
                                                                    Program, which provides funds to owners and
                                                                    operators of mass transit and passenger rail
                                                                    systems. In addition, DHS expanded its
                                                                    sharing of surface transportation security
                                                                    information by establishing information
                                                                    networks.
                                                                   What remains to be done.--DHS should take
                                                                    further action to strengthen its surface
                                                                    transportation security programs and
                                                                    operations. For example, DHS's efforts to
                                                                    improve elements of risk assessments of
                                                                    surface transportation modes are in the
                                                                    early stages of implementation. Moreover,
                                                                    DHS noted limitations in its transportation
                                                                    sector security risk assessment--such as the
                                                                    exclusion of threats from ``lone wolf''
                                                                    operators--that could limit its usefulness
                                                                    in guiding investment decisions across the
                                                                    transportation sector as a whole. Further,
                                                                    DHS has not yet completed a long-term
                                                                    workforce plan that identifies future needs
                                                                    for its surface transportation inspector
                                                                    workforce. It also has not yet issued
                                                                    regulations for a training program for mass
                                                                    transit, rail, and bus employees, as
                                                                    required by the Implementing Recommendations
                                                                    of the 9/11 Commission Act of 2007.(2)
                                                                    Additionally, DHS's information-sharing
                                                                    efforts would benefit from improved
                                                                    streamlining, coordination, and assessment
                                                                    of the effectiveness of information-sharing
                                                                    mechanisms.
Mission 2: Securing and Managing Our    Border security..........  Key progress.--DHS expanded its efforts in
 Borders.                                                           key border security areas, such as
                                                                    inspection of travelers and cargo at ports
                                                                    of entry, security of the border between
                                                                    ports of entry, visa adjudication security,
                                                                    and collaboration with stakeholders.
                                                                    Specifically, DHS has undertaken efforts to
                                                                    keep terrorists and other dangerous people
                                                                    from entering the country. For example, DHS
                                                                    implemented the U.S. Visitor and Immigrant
                                                                    Status Indicator Technology (US-VISIT)
                                                                    program to verify the identities of foreign
                                                                    visitors entering and exiting the United
                                                                    States by storing and processing biometric
                                                                    and biographic information. DHS established
                                                                    plans for, and had begun to interact with
                                                                    and involve stakeholders in, developing an
                                                                    exit capability. DHS deployed technologies
                                                                    and other infrastructure to secure the
                                                                    border between ports of entry, including
                                                                    more than 600 miles of tactical
                                                                    infrastructure, such as fencing, along the
                                                                    border. DHS also deployed the Visa Security
                                                                    Program, in which DHS personnel review visa
                                                                    applications to help prevent individuals who
                                                                    pose a threat from entering the United
                                                                    States, to 19 posts in 15 countries, and
                                                                    developed a 5-year expansion plan for the
                                                                    program. In addition, DHS improved
                                                                    collaboration with Federal, State, local,
                                                                    Tribal, and international partners on
                                                                    Northern border security efforts through,
                                                                    among other things, the establishment of
                                                                    interagency forums.
                                                                   What remains to be done.--More work remains
                                                                    for DHS to strengthen its border security
                                                                    programs and operations. For example,
                                                                    although it has developed a plan, DHS has
                                                                    not yet adopted an integrated approach to
                                                                    scheduling, executing, and tracking the work
                                                                    needed to be accomplished to deliver a
                                                                    comprehensive biometric exit solution as
                                                                    part of the US-VISIT program. Further, DHS
                                                                    experienced schedule delays and performance
                                                                    problems with its information technology
                                                                    program for securing the border between
                                                                    ports of entry--the Secure Border Initiative
                                                                    Network--which led to its cancellation.
                                                                    Because of the program's decreased scope,
                                                                    uncertain timing, unclear costs, and limited
                                                                    life cycle management, it was unclear
                                                                    whether DHS's pursuit of the program was
                                                                    cost-effective. DHS is transitioning to a
                                                                    new approach for border technology, which we
                                                                    are assessing. With regard to the Visa
                                                                    Security Program, DHS did not fully follow
                                                                    or update its 5-year expansion plan. For
                                                                    instance, it did not establish 9 posts
                                                                    identified for expansion in 2009 and 2010,
                                                                    and had not taken steps to address visa risk
                                                                    at posts that did not have a Visa Security
                                                                    Program presence. Additionally, DHS should
                                                                    strengthen its oversight of interagency
                                                                    forums operating along the Northern border.
                                        Maritime security........  Key progress.--DHS expanded its efforts in
                                                                    key maritime security areas, such as port
                                                                    facility and vessel security, maritime
                                                                    security domain awareness and information
                                                                    sharing, and international supply chain
                                                                    security. For example, DHS strengthened risk
                                                                    management through the development of a risk
                                                                    assessment model, and addressed risks to
                                                                    port facilities through annual inspections
                                                                    in which DHS identified and corrected
                                                                    deficiencies, such as facilities failing to
                                                                    follow security plans for access control.
                                                                    Further, DHS took action to address risks
                                                                    posed by foreign seafarers entering U.S.
                                                                    seaports by, for example, conducting advance-
                                                                    screening before the arrival of vessels at
                                                                    U.S. ports, inspections, and enforcement
                                                                    operations. DHS developed the Transportation
                                                                    Worker Identification Credential program to
                                                                    manage the access of unescorted maritime
                                                                    workers to secure areas of regulated
                                                                    maritime facilities. DHS also implemented
                                                                    measures to help secure passenger vessels
                                                                    including cruise ships, ferries, and energy
                                                                    commodity vessels such as tankers, such as
                                                                    assessing risks to these types of vessels.
                                                                    Moreover, for tracking vessels at sea, the
                                                                    Coast Guard uses a long-range identification
                                                                    and tracking system, and a commercially
                                                                    provided long-range automatic identification
                                                                    system. For tracking vessels in U.S. coastal
                                                                    areas, inland waterways, and ports, the
                                                                    Coast Guard operates a land-based automatic
                                                                    identification system, and also either
                                                                    operates, or has access to, radar and
                                                                    cameras in some ports. DHS also developed a
                                                                    layered security strategy for cargo
                                                                    container security, including deploying
                                                                    screening technologies and partnering with
                                                                    foreign governments.
                                                                   What remains to be done.--DHS should take
                                                                    additional action to strengthen its maritime
                                                                    security efforts. For example, because of a
                                                                    lack of technology capability, DHS did not
                                                                    electronically verify identity and
                                                                    immigration status of foreign seafarers, as
                                                                    part of its on-board admissibility
                                                                    inspections of cargo vessels, thus limiting
                                                                    the assurance that fraud could be identified
                                                                    among documents presented by them. In
                                                                    addition, the Transportation Worker
                                                                    Identification Credential program's controls
                                                                    were not designed to provide reasonable
                                                                    assurance that only qualified applicants
                                                                    acquire credentials. For example, during
                                                                    covert tests of the Transportation Worker
                                                                    Identification Credential at several
                                                                    selected ports, our investigators were
                                                                    successful in accessing ports using
                                                                    counterfeit credentials and authentic
                                                                    credentials acquired through fraudulent
                                                                    means. Moreover, DHS has not assessed the
                                                                    costs and benefits of requiring cruise lines
                                                                    to provide passenger reservation data for
                                                                    screening, which could help improve
                                                                    identification and targeting of potential
                                                                    terrorists. Further, the vessel tracking
                                                                    systems used in U.S. coastal areas, inland
                                                                    waterways, and ports had more difficulty
                                                                    tracking smaller and noncommercial vessels
                                                                    because these vessels were not generally
                                                                    required to carry automatic identification
                                                                    system equipment, and because of the
                                                                    technical limitations of radar and cameras.
                                                                    In addition, DHS has made limited progress
                                                                    in scanning containers at the initial ports
                                                                    participating in the Secure Freight
                                                                    Initiative, a program at selected ports with
                                                                    the intent of scanning 100 percent of U.S.-
                                                                    bound container cargo for nuclear and
                                                                    radiological materials overseas, leaving the
                                                                    feasibility of 100 percent scanning largely
                                                                    unproven. CBP has not yet developed a plan
                                                                    for full implementation of a statutory
                                                                    requirement that 100 percent of U.S.-bound
                                                                    container cargo be scanned by 2012.(3)
Mission 3: Enforcing and Administering  Immigration enforcement..  Key progress.--DHS expanded its immigration
 Our Immigration Laws.                                              and customs enforcement programs and
                                                                    activities in key areas such as overstay
                                                                    enforcement, compliance with workplace
                                                                    immigration laws, alien smuggling, and
                                                                    firearms trafficking. For example, DHS
                                                                    increased its resources for investigating
                                                                    overstays (unauthorized immigrants who
                                                                    entered the United States legally on a
                                                                    temporary basis then overstayed their
                                                                    authorized periods of admission) and alien
                                                                    smuggling operations, and deployed border
                                                                    enforcement task forces to investigate
                                                                    illicit smuggling of people and goods,
                                                                    including firearms. In addition, DHS took
                                                                    action to improve the E-Verify program,
                                                                    which provides employers a voluntary tool
                                                                    for verifying an employee's authorization to
                                                                    work in the United States, by, for example,
                                                                    increasing the program's accuracy by
                                                                    expanding the number of databases it can
                                                                    query. Further, DHS expanded its programs
                                                                    and activities to identify and remove
                                                                    criminal aliens in Federal, State, and local
                                                                    custody who are eligible for removal from
                                                                    the United States by, for example, entering
                                                                    into agreements with State and local law
                                                                    enforcement agencies to train officers to
                                                                    assist in identifying those individuals who
                                                                    are in the United States illegally.
                                                                   What remains to be done.--Key weaknesses
                                                                    remain in DHS's immigration and customs
                                                                    enforcement efforts. For example, DHS took
                                                                    action to address a small portion of the
                                                                    estimated overstay population in the United
                                                                    States, and lacks measures for assessing its
                                                                    progress in addressing overstays. In
                                                                    particular, DHS field offices had closed
                                                                    about 34,700 overstay investigations
                                                                    assigned to them from fiscal year 2004
                                                                    through 2010, as of October 2010; these
                                                                    cases resulted in approximately 8,100
                                                                    arrests, relative to a total estimated
                                                                    overstay population of 4 million to 5.5
                                                                    million.(4) Additionally, we reported that
                                                                    since fiscal year 2006, U.S. Immigration and
                                                                    Customs Enforcement within DHS allocated
                                                                    about 3 percent of its investigative work
                                                                    hours to overstay investigations. Moreover,
                                                                    DHS should better leverage opportunities to
                                                                    strengthen its alien smuggling enforcement
                                                                    efforts by assessing the possible use of
                                                                    various investigative techniques, such as
                                                                    those to follow cash transactions flowing
                                                                    through money transmitters that serve as the
                                                                    primary method of payment to those
                                                                    individuals responsible for smuggling
                                                                    aliens. Further, weaknesses with the E-
                                                                    Verify program, including challenges in
                                                                    accurately estimating E-Verify costs, put
                                                                    DHS at an increased risk of not making
                                                                    informed investment decisions.
                                        Immigration services.....  Key progress.--DHS improved the quality and
                                                                    efficiency of the immigration benefit
                                                                    administration process, and expanded its
                                                                    efforts to detect and deter immigration
                                                                    fraud. For example, DHS initiated efforts to
                                                                    modernize its immigration benefit
                                                                    administration infrastructure; improve the
                                                                    efficiency and timeliness of its application
                                                                    intake process; and ensure quality in its
                                                                    benefit adjudication processes. Further, DHS
                                                                    designed training programs and quality
                                                                    reviews to help ensure the integrity of
                                                                    asylum adjudications. Moreover, in 2004 DHS
                                                                    established the Office of Fraud Detection
                                                                    and National Security, now a directorate, to
                                                                    lead immigration fraud detection and
                                                                    deterrence efforts, and this directorate has
                                                                    since developed and implemented strategies
                                                                    for this purpose.
                                                                   What remains to be done.--More work remains
                                                                    in DHS's efforts to improve its
                                                                    administration of immigration benefits. For
                                                                    example, DHS's program for transforming its
                                                                    immigration benefit processing
                                                                    infrastructure and business practices from
                                                                    paper-based to digital systems missed its
                                                                    planned milestones by more than 2 years, and
                                                                    has been hampered by management challenges,
                                                                    such as insufficient planning and not
                                                                    adhering to DHS acquisition guidance before
                                                                    selecting a contractor to assist with
                                                                    implementation of the transformation
                                                                    program. Additionally, while the Fraud
                                                                    Detection and National Security Directorate
                                                                    put in place strategies for detecting and
                                                                    deterring immigration fraud, DHS should take
                                                                    additional action to address vulnerabilities
                                                                    identified in its assessments intended to
                                                                    determine the extent and nature of fraud in
                                                                    certain applications. Further, despite
                                                                    mechanisms DHS had designed to help asylum
                                                                    officers assess the authenticity of asylum
                                                                    claims, such as identity and security checks
                                                                    and fraud prevention teams, asylum officers
                                                                    we surveyed cited challenges in identifying
                                                                    fraud as a key factor affecting their
                                                                    adjudications. For example, 73 percent of
                                                                    asylum officer survey respondents reported
                                                                    it was moderately or very difficult to
                                                                    identify document fraud.
Mission 4: Safeguarding and Securing    Critical infrastructure    Key progress.--DHS expanded its efforts to
 Cyberspace.                             protection--cyber assets.  conduct cybersecurity risk assessments and
                                                                    planning, provide for the protection and
                                                                    resilience of cyber assets, and implement
                                                                    cybersecurity partnerships and coordination
                                                                    mechanisms. For example, DHS developed the
                                                                    first National Cyber Incident Response Plan
                                                                    in September 2010 to coordinate the response
                                                                    of multiple Federal agencies, State and
                                                                    local governments, and hundreds of private
                                                                    firms, to incidents at all levels. DHS also
                                                                    took steps to secure external network
                                                                    connections in use by the Federal Government
                                                                    by establishing the National Cybersecurity
                                                                    Protection System, operationally known as
                                                                    Einstein, to analyze computer network
                                                                    traffic information to and from agencies. In
                                                                    2008, DHS developed Einstein 2, which
                                                                    incorporated network intrusion detection
                                                                    technology into the capabilities of the
                                                                    initial version of the system. Additionally,
                                                                    the Department made progress in enhancing
                                                                    its cyber analysis and incident warning
                                                                    capabilities through the establishment of
                                                                    the U.S. Computer Emergency Readiness Team,
                                                                    which, among other things, coordinates the
                                                                    Nation's efforts to prepare for, prevent,
                                                                    and respond to cyber threats to systems and
                                                                    communications networks. Moreover, since
                                                                    conducting a major cyber attack exercise,
                                                                    called Cyber Storm, DHS demonstrated
                                                                    progress in addressing lessons it had
                                                                    learned from this exercise to strengthen
                                                                    public and private incident response
                                                                    capabilities.
                                                                   What remains to be done.--Key challenges
                                                                    remain in DHS's cybersecurity efforts. For
                                                                    example, to expand its protection and
                                                                    resiliency efforts, DHS needs to lead a
                                                                    concerted effort to consolidate and better
                                                                    secure internet connections at Federal
                                                                    agencies. Further, DHS faced challenges
                                                                    regarding deploying Einstein 2, including
                                                                    understanding the extent to which its
                                                                    objective was being met because the
                                                                    Department lacked performance measures that
                                                                    addressed whether agencies report whether
                                                                    the alerts represent actual incidents. DHS
                                                                    also faces challenges in fully establishing
                                                                    a comprehensive National cyber analysis and
                                                                    warning capability. For example, the U.S.
                                                                    Computer Emergency Readiness Team did not
                                                                    fully address 15 key attributes of cyber
                                                                    analysis and warning capabilities. These
                                                                    attributes are related to: (1) Monitoring
                                                                    network activity to detect anomalies, (2)
                                                                    analyzing information and investigating
                                                                    anomalies to determine whether they are
                                                                    threats, (3) warning appropriate officials
                                                                    with timely and actionable threat and
                                                                    mitigation information, and (4) responding
                                                                    to the threat. For example, the U.S.
                                                                    Computer Emergency Readiness Team provided
                                                                    warnings by developing and distributing a
                                                                    wide array of notifications; however, these
                                                                    notifications were not consistently
                                                                    actionable or timely. Additionally,
                                                                    expectations of private sector stakeholders
                                                                    are not being met by their Federal partners
                                                                    in areas related to sharing information
                                                                    about cyber-based threats to critical
                                                                    infrastructure.
Mission 5: Ensuring Resilience to       Emergency preparedness     Key progress.--DHS expanded its efforts to
 Disasters.                              and response.              improve National emergency preparedness and
                                                                    response planning; improved its emergency
                                                                    assistance services; and enhanced emergency
                                                                    communications. For example, DHS developed
                                                                    various plans for disaster preparedness and
                                                                    response. In particular, in 2004 DHS issued
                                                                    the National Response Plan and subsequently
                                                                    made revisions to it, culminating in the
                                                                    issuance of the National Response Framework
                                                                    in January 2008, which outlines the guiding
                                                                    principles and major roles and
                                                                    responsibilities of Government,
                                                                    nongovernmental organizations, and private
                                                                    sector entities for response to disasters of
                                                                    all sizes and causes. Further, DHS issued
                                                                    the National Preparedness Guidelines that
                                                                    describe a National framework for
                                                                    capabilities-based preparedness, and a
                                                                    Target Capabilities List, designed to
                                                                    provide a National-level generic model of
                                                                    capabilities defining all-hazards
                                                                    preparedness. DHS also assisted local
                                                                    communities with developing long-term
                                                                    disaster recovery plans as part of its post-
                                                                    disaster assistance. For example, DHS
                                                                    assisted Iowa City's recovery from major
                                                                    floods in 2008 by, among other things,
                                                                    identifying possible Federal funding sources
                                                                    for specific projects in the city's recovery
                                                                    plan, and advising the city on how to
                                                                    prepare effective project proposals. DHS is
                                                                    also finalizing a National Disaster Recovery
                                                                    Framework, intended to provide a model to
                                                                    identify and address challenges that arise
                                                                    during the disaster recovery process.
                                                                    Moreover, DHS issued the National Emergency
                                                                    Communications Plan--the first strategic
                                                                    document for improving emergency
                                                                    communications Nation-wide.
                                                                   What remains to be done.--More work remains
                                                                    in DHS's efforts to assess capabilities for
                                                                    all-hazards preparedness and provide long-
                                                                    term disaster recovery assistance. For
                                                                    example, DHS has not yet developed National
                                                                    preparedness capability requirements based
                                                                    on established metrics to provide a
                                                                    framework for assessing preparedness.
                                                                    Further, the data DHS collected to measure
                                                                    National preparedness were limited by
                                                                    reliability and measurement issues related
                                                                    to the lack of standardization. Until a
                                                                    framework for assessing preparedness is in
                                                                    place, DHS will not have a basis on which to
                                                                    operationalize and implement its conceptual
                                                                    approach for assessing local, State, and
                                                                    Federal preparedness capabilities against
                                                                    capability requirements and identify
                                                                    capability gaps for prioritizing investments
                                                                    in National preparedness. Moreover, with
                                                                    regard to long-term disaster recovery
                                                                    assistance, DHS's criteria for when to
                                                                    provide the assistance were vague, and, in
                                                                    some cases, DHS provided assistance before
                                                                    State and local governments had the capacity
                                                                    to work effectively with DHS. Additionally,
                                                                    DHS should improve the efficacy of the grant
                                                                    application and review process by mitigating
                                                                    duplication or redundancy within the various
                                                                    preparedness grant programs. Until DHS
                                                                    evaluates grant applications across grant
                                                                    programs, DHS cannot ascertain whether or to
                                                                    what extent multiple funding requests are
                                                                    being submitted for similar purposes.
----------------------------------------------------------------------------------------------------------------
Source: GAO analysis based on the areas included in our September 2011 report.
(1) Advanced imaging technology units produce an image of a passenger's body that DHS personnel use to look for
  anomalies, such as explosives or other prohibited items.
(2) The Implementing Recommendations of the 9/11 Commission Act requires TSA to issue regulations for a training
  program to prepare mass transit, rail, and over-the-road bus employees for potential security threats and
  conditions. 6 U.S.C.  1137, 1167, 1184.
(3) See Pub. L. No. 110-53,  1701(a), 121 Stat. 266, 489-490 (2007) (amending 6 U.S.C.  982(b)).
(4) According to our April 2011 report, the most recent estimates from the Pew Hispanic Center approximated
  that, in 2006, out of an unauthorized resident alien population of 11.5 million to 12 million in the United
  States, about 4 million to 5.5 million were overstays. Pew Hispanic Center, Modes of Entry for the
  Unauthorized Migrant Population (Washington, DC: May 22, 2006).

    Impacting the Department's ability to efficiently and effectively 
satisfy its missions are: (1) The need to integrate and strengthen its 
management functions; (2) the need for increased utilization of 
performance assessments; (3) the need for an enhanced use of risk 
information to inform planning, programming, and investment decision-
making; (4) limitations in effective sharing and use of terrorism-
related information; (5) partnerships that are not sustained or fully 
leveraged; and (6) limitations in developing and deploying technologies 
to meet mission needs. DHS made progress in addressing these areas, but 
more work is needed, going forward, to further mitigate these 
challenges and their impact on DHS's mission implementation.
    For instance, DHS strengthened its performance measures in recent 
years and linked its measures to the QHSR's missions and goals. 
However, DHS and its components have not yet developed measures for 
assessing the effectiveness of key homeland security programs, such as 
programs for securing the border and preparing the Nation for emergency 
incidents. For example, with regard to checkpoints DHS operates on U.S. 
roads to screen vehicles for unauthorized aliens and contraband, DHS 
established three performance measures to report the results of 
checkpoint operations. However, the measures did not indicate if 
checkpoints were operating efficiently and effectively and data 
reporting and collection challenges hindered the use of results to 
inform Congress and the public on checkpoint performance. Moreover, DHS 
has not yet established performance measures to assess the 
effectiveness of its programs for investigating alien smuggling 
operations and foreign nationals who overstay their authorized periods 
of admission to the United States, making it difficult for these 
agencies to determine progress made in these areas and evaluate 
possible improvements.
    Further, DHS and its component agencies developed strategies and 
tools for conducting risk assessments. For example, DHS has conducted 
risk assessments of various surface transportation modes, such as 
freight rail, passenger rail, and pipelines. However, the Department 
needs to strengthen its use of risk information to inform its planning 
and investment decision-making. For example, DHS could better use risk 
information to plan and prioritize security measures and investments 
within and across its mission areas, as the Department cannot secure 
the Nation against every conceivable threat.
    In addition, DHS took action to develop and deploy new technologies 
to help meet its homeland security missions. However, in a number of 
instances DHS pursued acquisitions without ensuring that the 
technologies met defined requirements, conducting and documenting 
appropriate testing and evaluation, and performing cost-benefit 
analyses, resulting in important technology programs not meeting 
performance expectations. For example, in 2006, we recommended that 
DHS's decision to deploy next-generation radiation-detection equipment, 
or advanced spectroscopic portals, used to detect smuggled nuclear or 
radiological materials, be based on an analysis of both the benefits 
and costs and a determination of whether any additional detection 
capability provided by the portals was worth their additional cost. DHS 
subsequently issued a cost-benefit analysis, but we reported that this 
analysis did not provide a sound analytical basis for DHS's decision to 
deploy the portals. In June 2009, we also reported that an updated 
cost-benefit analysis might show that DHS's plan to replace existing 
equipment with advanced spectroscopic portals was not justified, 
particularly given the marginal improvement in detection of certain 
nuclear materials required of advanced spectroscopic portals and the 
potential to improve the current-generation portal monitors' 
sensitivity to nuclear materials, most likely at a lower cost. In July 
2011, DHS announced that it would end the advanced spectroscopic portal 
project as originally conceived given the challenges the program faced.
    As we have previously reported, while it is important that DHS 
continue to work to strengthen each of its functional areas, it is 
equally important that these areas be addressed from a comprehensive, 
Department-wide perspective to help mitigate longstanding issues that 
have impacted the Department's progress.
Key Themes Have Impacted DHS's Progress in Implementing Its Mission 
        Functions
    Our work at DHS has identified several key themes--leading and 
coordinating the homeland security enterprise, implementing and 
integrating management functions for results, and strategically 
managing risks and assessing homeland security efforts--that have 
impacted the Department's progress since it began operations. These 
themes provide insights that can inform DHS's efforts, moving forward, 
as it works to implement its missions within a dynamic and evolving 
homeland security environment. DHS made progress and has had successes 
in all of these areas, but our work found that these themes have been 
at the foundation of DHS's implementation challenges, and need to be 
addressed from a Department-wide perspective to position DHS for the 
future and enable it to satisfy the expectations set for it by the 
Congress, the administration, and the country.
    Leading and coordinating the homeland security enterprise.--While 
DHS is one of a number of entities with a role in securing the 
homeland, it has significant leadership and coordination 
responsibilities for managing efforts across the homeland security 
enterprise. To satisfy these responsibilities, it is critically 
important that DHS develop, maintain, and leverage effective 
partnerships with its stakeholders, while at the same time addressing 
DHS-specific responsibilities in satisfying its missions. Before DHS 
began operations, we reported that the quality and continuity of the 
new Department's leadership would be critical to building and 
sustaining the long-term effectiveness of DHS and achieving homeland 
security goals and objectives. We further reported that to secure the 
Nation, DHS must form effective and sustained partnerships between 
components and also with a range of other entities, including Federal 
agencies, State and local governments, the private and nonprofit 
sectors, and international partners.
    DHS has made important strides in providing leadership and 
coordinating efforts. For example, it has improved coordination and 
clarified roles with State and local governments for emergency 
management. DHS also strengthened its partnerships and collaboration 
with foreign governments to coordinate and standardize security 
practices for aviation security. However, DHS needs to take additional 
action to forge effective partnerships and strengthen the sharing and 
utilization of information, which has affected its ability to 
effectively satisfy its missions. For example, we reported that the 
expectations of private sector stakeholders have not been met by DHS 
and its Federal partners in areas related to sharing information about 
cyber-based threats to critical infrastructure. Without improvements in 
meeting private and public sector expectations for sharing cyber threat 
information, private-public partnerships will remain less than optimal, 
and there is a risk that owners of critical infrastructure will not 
have the information and mechanisms needed to thwart sophisticated 
cyber attacks that could have catastrophic effects on our Nation's 
cyber-reliant critical infrastructure. Moreover, we reported that DHS 
needs to continue to streamline its mechanisms for sharing information 
with public transit agencies to reduce the volume of similar 
information these agencies receive from DHS, making it easier for them 
to discern relevant information and take appropriate actions to enhance 
security.
    In 2005, we designated information sharing for homeland security as 
high-risk because the Federal Government faced serious challenges in 
analyzing information and sharing it among partners in a timely, 
accurate, and useful way. Gaps in sharing, such as agencies' failure to 
link information about the individual who attempted to conduct the 
December 25, 2009, airline bombing, prevented the individual from being 
included on the Federal Government's consolidated terrorist watch list, 
a tool used by DHS to screen for persons who pose a security risk. The 
Federal Government and DHS have made progress, but more work remains 
for DHS to streamline its information sharing mechanisms and better 
meet partners' needs. Moving forward, it will be important that DHS 
continue to enhance its focus and efforts to strengthen and leverage 
the broader homeland security enterprise, and build off the important 
progress that it has made thus far. In addressing ever-changing and 
complex threats, and with the vast array of partners with which DHS 
must coordinate, continued leadership and stewardship will be critical 
in achieving this end.
    Implementing and integrating management functions for results.--
Following its establishment, the Department focused its efforts 
primarily on implementing its various missions to meet pressing 
homeland security needs and threats, and less on creating and 
integrating a fully and effectively functioning department from 22 
disparate agencies. This initial focus on mission implementation was 
understandable given the critical homeland security needs facing the 
Nation after the Department's establishment, and the enormous challenge 
posed by creating, integrating, and transforming a Department as large 
and complex as DHS. As the Department matured, it has put into place 
management policies and processes and made a range of other 
enhancements to its management functions--acquisition, information 
technology, financial, and human capital management. However, DHS has 
not always effectively executed or integrated these functions. In 2003, 
we designated the transformation and integration of DHS as high-risk 
because DHS had to transform 22 agencies into one Department, and 
failure to effectively address DHS's management and mission risks could 
have serious consequences for U.S. National and economic security. 
Eight years later, DHS remains on our high-risk list. DHS has 
demonstrated strong leadership commitment to addressing its management 
challenges and has begun to implement a strategy to do so. Further, DHS 
developed various management policies, directives, and governance 
structures, such as acquisition and information technology management 
policies and controls, to provide enhanced guidance on investment 
decision-making. DHS also reduced its financial management material 
weaknesses in internal control over financial reporting and developed 
strategies to strengthen human capital management, such as its 
Workforce Strategy for Fiscal Years 2011-2016.
    However, DHS needs to continue to demonstrate sustainable progress 
in addressing its challenges, as these issues have contributed to 
schedule delays, cost increases, and performance problems in major 
programs aimed at delivering important mission capabilities. For 
example, in September 2010, we reported that the Science and Technology 
Directorate's master plans for conducting operational testing of 
container security technologies did not reflect all of the operational 
scenarios that U.S. Customs and Border Protection was considering for 
implementation. In addition, when it developed the US-VISIT program, 
DHS did not sufficiently define what capabilities and benefits would be 
delivered, by when, and at what cost, and the Department has not yet 
determined how to deploy a biometric exit capability under the program. 
Moreover, DHS does not yet have enough skilled personnel to carry out 
activities in various areas, such as acquisition management; and has 
not yet implemented an integrated financial management system, 
impacting its ability to have ready access to reliable, useful, and 
timely information for informed decision making. Moving forward, 
addressing these management challenges will be critical for DHS's 
success, as will be the integration of these functions across the 
Department to achieve efficiencies and effectiveness.
    Strategically managing risks and assessing homeland security 
efforts.--Forming a new department while working to implement 
statutorily mandated and Department-initiated programs and responding 
to evolving threats, was, and is, a significant challenge facing DHS. 
Key threats, such as attempted attacks against the aviation sector, 
have impacted and altered DHS's approaches and investments, such as 
changes DHS made to its processes and technology investments for 
screening passengers and baggage at airports. It is understandable that 
these threats had to be addressed immediately as they arose. However, 
limited strategic and program planning by DHS and limited assessment to 
inform approaches and investment decisions have contributed to programs 
not meeting strategic needs or not doing so in an efficient manner. For 
example, as we reported in July 2011, the Coast Guard's planned 
acquisitions through its Deepwater Program, which began before DHS's 
creation and includes efforts to build or modernize ships and aircraft 
and supporting capabilities that are critical to meeting the Coast 
Guard's core missions in the future, is unachievable due to cost 
growth, schedule delays, and affordability issues. In addition, because 
FEMA has not yet developed a set of target disaster preparedness 
capabilities and a systematic means of assessing those capabilities, as 
required by the Post-Katrina Emergency Management Reform Act and 
Presidential Policy Directive 8, it cannot effectively evaluate and 
identify key capability gaps and target limited resources to fill those 
gaps.
    Further, DHS has made important progress in analyzing risk across 
sectors, but it has more work to do in using this information to inform 
planning and resource allocation decisions. Risk management has been 
widely supported by Congress and DHS as a management approach for 
homeland security, enhancing the Department's ability to make informed 
decisions and prioritize resource investments. Since DHS does not have 
unlimited resources and cannot protect the Nation from every 
conceivable threat, it must make risk-informed decisions regarding its 
homeland security approaches and strategies. Moreover, we have reported 
on the need for enhanced performance assessment, that is, evaluating 
existing programs and operations to determine whether they are 
operating as intended or are in need of change, across DHS's missions. 
Information on the performance of programs is critical for helping the 
Department, Congress, and other stakeholders more systematically assess 
strengths and weaknesses and inform decision-making. In recent years, 
DHS has placed an increased emphasis on strengthening its mechanisms 
for assessing the performance and effectiveness of its homeland 
security programs. For example, DHS established new performance 
measures, and modified existing ones, to better assess many of its 
programs and efforts.
    However, our work has found that DHS continues to miss 
opportunities to optimize performance across its missions because of a 
lack of reliable performance information or assessment of existing 
information; evaluation among feasible alternatives; and, as 
appropriate, adjustment of programs or operations that are not meeting 
mission needs. For example, DHS's program for research, development, 
and deployment of passenger checkpoint screening technologies lacked a 
risk-based plan and performance measures to assess the extent to which 
checkpoint screening technologies were achieving the program's security 
goals, and thereby reducing or mitigating the risk of terrorist 
attacks. As a result, DHS had limited assurance that its strategy 
targeted the most critical risks and that it was investing in the most 
cost-effective new technologies or other protective measures. As the 
Department further matures and seeks to optimize its operations, DHS 
will need to look beyond immediate requirements; assess programs' 
sustainability across the long term, particularly in light of 
constrained budgets; and evaluate tradeoffs within and among programs 
across the homeland security enterprise. Doing so should better equip 
DHS to adapt and respond to new threats in a sustainable manner as it 
works to address existing ones.
                        concluding observations
    Given DHS's role and leadership responsibilities in securing the 
homeland, it is critical that the Department's programs and activities 
are operating as efficiently and effectively as possible, are 
sustainable, and continue to mature, evolve, and adapt to address 
pressing security needs. DHS has made significant progress throughout 
its missions since its creation, but more work is needed to further 
transform the Department into a more integrated and effective 
organization. DHS has also made important progress in strengthening 
partnerships with stakeholders, improving its management processes and 
sharing of information, and enhancing its risk management and 
performance measurement efforts. These accomplishments are especially 
noteworthy given that the Department has had to work to transform 
itself into a fully functioning cabinet department while implementing 
its missions--a difficult undertaking for any organization and one that 
can take years to achieve even under less daunting circumstances.
    Impacting the Department's efforts have been a variety of factors 
and events, such as attempted terrorist attacks and natural disasters, 
as well as new responsibilities and authorities provided by Congress 
and the administration. These events collectively have forced DHS to 
continually reassess its priorities and reallocate resources as needed, 
and have impacted its continued integration and transformation. Given 
the nature of DHS's mission, the need to remain nimble and adaptable to 
respond to evolving threats, as well as to work to anticipate new ones, 
will not change and may become even more complex and challenging as 
domestic and world events unfold, particularly in light of reduced 
budgets and constrained resources. To better position itself to address 
these challenges, our work has shown that DHS should place an increased 
emphasis and take additional action in supporting and leveraging the 
homeland security enterprise, managing its operations to achieve needed 
results, and strategically planning for the future while assessing and 
adjusting, as needed, what exists today. Addressing these issues will 
be critically important for the Department to strengthen its homeland 
security programs and operations. Eight years after its establishment 
and 10 years after the September 11, 2001, terrorist attacks, DHS has 
indeed made significant strides in protecting the Nation, but has yet 
to reach its full potential.
    Chairman King, Ranking Member Thompson, and Members of the 
committee, this concludes my prepared statement. I would be pleased to 
respond to any questions you may have at this time.

    Chairman King. Thank you, Comptroller General Dodaro.
    My first question, I guess, would be to Secretary Ridge and 
Chairman Hamilton. I am on this committee, and also the 
Intelligence Committee, and I still haven't figured out what 
the role of Director of National Intelligence is. I don't mean 
that in a sarcastic way; under two administrations, there seems 
to be no defined role, and if anything, the position seems to 
be weakening. Chairman Hamilton, you mentioned that it may take 
action by a President to firm up his responsibilities. I would 
say the fact that we have had two heavyweights as head of the 
CIA, Leon Panetta and General Petraeus, I don't see much 
likelihood that you are going to see this President or any 
President in the immediate future, cutting back on the powers 
of the CIA and giving more to the DNI. So as a practical 
matter, where do we stand with the DNI, do you think?
    Mr. Hamilton. I think it is very important to understand 
where we were before 9/11. At that time, you had the so-called 
leader of the intelligence community, the Director of the CIA, 
who didn't have power over the budget and most of the personnel 
in the intelligence community. So all of the CIA Directors 
focused on the CIA and not the other 14 or 15 elements of the 
intelligence community.
    Our principle recommendation in the 9/11 Commission report 
was that you had to get away from stovepiping information from 
conducting an agency on the basis of need-to-know and conduct 
the agency on the basis of responsibility to share, because we 
lost lives because we did not connect the dots and we did not 
share information.
    We recommended that you needed someone overseeing the 
entire intelligence community with considerable power with 
respect to personnel and budget. You passed a law saying that 
the director of national intelligence had that power, but in 
the same law, there was wordage that kind of weakened the power 
so that you made it somewhat ambiguous.
    So the Directors 4 and 6 years had a tough time in that 
job. I think the Directors have performed very well and they 
have been very able people. It is a tough spot, even with the 
statutory power because you are dealing with very big players 
in any administration, Secretary of Defense, CIA Director. So 
regardless of the statutory powers you may have, you have to 
exercise that power with a great deal of diplomacy and 
discretion in order to make it work effectively. Personalities 
are very, very important. I think the DNI has done tremendously 
good work in forcing, if I my use the word, of the sharing of 
information. No better example of that than what Tom Ridge 
referred to, removal of Osama bin Laden, when we had a 
marvelous example of sharing of information, coordination, 
integration of military civilians components of our Government.
    So I think, Mr. Chairman, the DNI is a work in progress. I 
think he or several of them have made very significant progress 
over a period of time. We are not there yet, you do not have 
the seamless sharing of information that you would like to 
have, but it seems to me a lot of progress has been made.
    My personal preference would be to see a law enacted making 
it unambiguously clear that this man is in charge because 
somebody has to knock heads, to be blunt about it, within the 
intelligence community to get them to coordinate and integrate 
their activities. I think almost the same thing could be 
accomplished if the President made very, very clear repeatedly 
of his support for the DNI. I think President Bush and 
President Obama have both done that, but not as forcefully and 
repeatedly as I think the job requires.
    So a work in progress, a lot of progress made, still a lot 
to do in improving intelligence sharing in the Government.
    Chairman King. Secretary Ridge, do you have anything to add 
to that?
    Mr. Ridge. Just one comment, I appreciate Lee Hamilton's 
perspective on that and I share it. The role of the DNI, if you 
look at it loosely, might be to coordinate activity. Well, this 
is a tough town to coordinate activity between agencies that 
have a mindset that are led by very strong personalities. So to 
the extent that we could clarify with great specificity the 
role of the DNI, is it strictly oversight? Does he have 
budgetary control? It is one thing to control in this town, or 
at least to have the opportunity to coordinate activity, but I 
think it would be well stated if you really want to get 
someone's attention, you control the purse strings.
    So I think the men who have served us as DNI have done a 
remarkable job. I think it is a very difficult task, given the 
institutional mindset of all the agencies over which he has 
that has that oversight responsibility and coordination 
responsibility. I dare say obviously I was not privy to some of 
the conversations that the DNIs have had with respect to 
intelligence community leaders, but it is pretty difficult for 
them, and I think as Congressman Lee Hamilton has pointed out, 
perhaps further clarification with greater specificity as to 
who is in charge might be helpful.
    Chairman King. My time is running over. I would like to ask 
one very important question to Chairman Hamilton and Secretary 
Ridge, this is an issue that the Ranking Member and I fully 
agree on: Can you just emphasize, if you would, the importance 
of radio interoperability and allocation spectrum, Lee or Tom?
    Mr. Hamilton. Look, this is another no-brainer. The people 
of responsibility at the scene of a disaster must have the 
ability to communicate with one another, not just verbally, but 
exchanging all kinds of data and information that can be 
helpful to the first responder. This is a source of enormous 
frustration to me--why we can't solve this problem 10 years 
after the fact.
    I know there are two bills pending in the Congress. You can 
argue it round, you can argue it flat, I don't really want to 
get into that this morning. I think it is less important which 
of these approaches is taken than it is to get it done. We 
cannot permit delay of this, we lost lives at 9/11, we lost 
lives at Katrina, because we were not able to get good 
communication.
    One thing you know when you study these disaster events is 
that communications under the best of circumstances are going 
to fail. It is a chaotic situation, but going into the event, 
you want to have the best communications you can, so my plea to 
you is get this thing resolved. I think it is an urgent 
question. Shame on us, shame on us if we have not solved that 
problem when the next disaster strikes.
    Chairman King. Secretary Ridge.
    Mr. Ridge. Once again, I find myself joined at the hip with 
Lee Hamilton, to put it simply, ladies and gentlemen, the 
technology exists, where is the political will to get it done? 
By the way, there are competing measures before the House and 
Senate, but I will tell you this: Policemen and firemen, 
emergency responders want you to make a choice, all they want 
is a system. The opportunity to get voice and data and video 
over the broadband, not just in response to a terrorist attack, 
but a natural disaster or horrible accident or incident. I 
mean, what it will do for this country, although it is an 
investment based upon the reality and the horror and the 
tragedy associated with 9/11 would dramatically improve public 
safety across the board. To repeat again, it is not a matter of 
the technology that exists, I guess it is somebody's charge to 
pull together the political will in order to execute on the 
commitment and the recommendation of the 9/11 Commission.
    Mr. Hamilton. I want to commend the Chairman and the 
Ranking Member for the bill they have introduced here; that is 
excellent leadership.
    Chairman King. Thank you. I thank the Ranking Member for 
his indulgence and the Ranking Member is recognized for as much 
time as he wants.
    Mr. Thompson. Thank you very much, Mr. Chairman. For Mr. 
Hamilton, jurisdiction is the heart and soul of a committee's 
ability to get things done. As you know, that's an issue we 
tried when Democrats were in charge, we tried when Republicans 
are in charge to get the jurisdiction of the committee 
consolidated. Your testimony, as well as Secretary Ridge's, 
have both indicated that it is, again, another one of those no-
brainers for us not to get done. Can you just for the umpteenth 
time repeat how important consolidated jurisdiction is.
    Mr. Hamilton. Well, I think both the Chairman and you, Mr. 
Thompson, have articulated it very well in your opening 
statements. I don't know how many committees and subcommittees 
are now involved, I think close to 100 in oversight in both 
Houses in oversight of the DHS. Governor Ridge, Secretary Ridge 
can speak to that better than I, but it is an enormous burden 
to put on a Secretary to come running up here all the time, as 
important as that is on occasion, and to answer all the 
questions in the reports so that the fragmented jurisdiction 
becomes a real hindrance to the effective performance of the 
Department of DHS, and they have enough problems without an 
additional one here.
    Now, I served, I think, on every Congressional reform 
effort we had in this Congress during my years in the Congress, 
and I think our results were less than spectacular, but I know 
something about how difficult it is to change jurisdictions. I 
think what has to be done here is for Members of Congress, and 
particularly the leadership of the Congress, to recognize that 
in setting up these jurisdictions, they are not just moving 
boxes around to placate members of their caucus; they are 
dealing with the lives of the American people. The 
jurisdiction, an integrated jurisdiction of oversight 
committees is essential to the effective performance of the 
Homeland Security Department.
    Mr. Thompson. Mr. Secretary, do you want to take a shot at 
it?
    Mr. Ridge. Thank you, Congressman. I can remember very 
proudly and happily the 12 years that I served in the Congress 
of the United States. I must say sitting down at this level, I 
think I probably enjoy asking questions more than answering 
them, but that is another story, I am certainly enjoying this 
conversation we are having today.
    But I remember time and time again, with colleagues on both 
sides of the aisle, walking over to get a vote and we would be 
scampering from a committee or subcommittee, and we would all 
lament, ugh, we are so overscheduled, we don't get a chance to 
spend an hour or two in committee, because there is so much 
jurisdiction that has been shared, and there aren't too many 
people that stay focused on one or two committees, because the 
diversity of assignments is really a burden, even on the 
Members of Congress.
    I believe that the Department still is evolving, still 
trying to integrate the business line formalities associated 
with procurement reform and budget reform and finance and HR 
and IT, and you still have the responsibility to develop and 
execute on policies, your partnership, the partnership of the 
Congress of the United States, the strategic partnership that 
is absolutely essential to the success of the Department in 
enhancing security of the United States is enhanced if you can 
compress the number of committees and subcommittees so that 
there is a certain level of broad-based expertise among a 
smaller group of Members, of House and Senate Members, to help 
oversee the continued evolution of the Department.
    Again, that responsibility falls on leadership, and we are 
hopeful that one of these days we create that true strategic 
relationship in partnership by integrating some of these 
committees so that there is not as much oversight. I can 
recall, in my own experience, we had a conducting war in 
Afghanistan and Iraq, and I appeared before the House and the 
Senate more often than Secretary Rumsfeld did. That is not just 
yours truly, that is the Under Secretary and the Deputy 
Secretaries.
    By the way, everybody takes their responsibility to appear 
before you seriously. There are briefing books, there are 
boards that we sit in front of our colleagues and ask questions 
that we might anticipate from you, and obviously there are 
questions from the record. You would be a much stronger 
strategic partner if you would consolidate the jurisdiction. I 
think the DHS, regardless of administration and who is in 
charge would benefit from it and certainly appreciate it.
    Mr. Thompson. Thank you very much.
    Mr. Dodaro, there is a question about resilience in 
spending. You have looked at what the Department is doing well, 
and what they need to improve on, but there are some people who 
say we have invested several hundred billion dollars in DHS, 
can we look at that investment and say that there is a level of 
security that we can reach that won't guarantee that nothing 
bad will happen, but we need to also prepare the public for 
when something bad happens, how we come back as a Nation, 
whether it is a county, city, or State. Have you looked at that 
issue from an investment of dollars standpoint and see whether 
we should be also preparing for something to happen?
    Mr. Dodaro. Yeah, we basically looked at the concept of 
resiliency and the fact that it needed to be built better into 
the planning efforts of the Department along with the response 
plan. We focused a lot on the initial recovery from an event, 
or excuse me--I got it backwards. The initial response, but the 
recovery efforts have been ones that take longer, and still go 
on over a period of time. So we have looked at it conceptually.
    We haven't, I don't believe, looked at it in terms of how 
many dollars are going to that area versus the other areas. 
What we have looked at, though, is a lot of the investments 
that have been made over the years. I do think the Department 
greatly needs to expand its capabilities to make those 
investments more wisely and prudently.
    We made many recommendations, they developed better plans 
but they have to implement those plans in order to make sure 
that whatever investments they are making, whether through 
initial response or recovery or resiliency are going to provide 
a good return on the investment for the American People. I 
think they have had some major problems right now on their IT 
portfolio; there are 46 projects over $3 billion that are in 
need of serious management attention by their own accounts on 
the board. So this is a broad-based problem, Congressman, it is 
not one just focused on resiliency versus----
    Mr. Thompson. The point I am trying to get at is: Do we 
continue to throw good money after situations? Or is there a 
point where we have to, from a policy standpoint, prepare this 
country to be able to come back after an occurrence, 
notwithstanding doing the best job you can.
    I think the resiliency aspect of the Department is 
something we need to put front and center, because every 
situation that occurs historically, we throw millions and 
sometimes billions of dollars after it. In the Christmas day 
bombing instance, we bought machines for airports that people 
already said will not detect other items that we already know 
that will be coming through airports. So is that good money 
after--that is what I am trying----
    Mr. Dodaro. Basically, I agree there is a need to make more 
prudent investments. We have said many times in our reports 
that the technologies need to be tested in operating 
environments before they are deployed, and we made many 
recommendations to make sure that they strengthen their ability 
to do that. There is the initial reaction that people want to 
do something quickly. You know, we have suggested they need to 
put better processes in place to make sure whatever they do 
when they make those investments, they actually work in 
practice, and so I agree completely with you. I know we made 
many recommendations. I think the Department's trying to 
improve their acquisition processes and their investment 
policies. We are going to stay focused on that issue to help 
make sure that they do.
    We have the managing transforming implementing the 
Department of Homeland Security on our high-risk list that we 
keep for the Congress. One of the main reasons it is on the 
high-risk list is because of management practices that support 
these provisions haven't been implemented using best practices.
    Mr. Thompson. Thank you. Thank you, Mr. Chairman.
    Chairman King. I thank the Ranking Member, and I now 
recognize the gentlelady from Michigan, Ms. Miller, for 5 
minutes.
    Mrs. Miller. Thank you very much, Mr. Chairman. I 
appreciate all the witnesses coming today and your service to 
the Nation. Just a quick observation before I ask my question, 
and I will pick up on something Secretary Ridge said when you 
mention about the underwear bomber, the Christmas bomber in 
lack of sharing information. You know, this particular incident 
has sort of fallen off the National radar screen, but I tell 
you, it sure hasn't for us that are in the Detroit area, 
because it is crazy watching this guy go through the Federal 
court system. He is now representing himself. Of course, we had 
to give him his Miranda rights, we sent him to University of 
Michigan, the best burn place in the entire Nation. Here is a 
guy who, in my mind, should have been tried as an enemy 
combatant in GITMO or a military tribunal, and it makes me 
nuts.
    I know you are a Vietnam veteran, my husband as well. I am 
pretty sure when you were in Vietnam and you were looking at 
the enemy, you didn't think about giving them the Miranda 
rights or what have you, and letting them go through the 
Federal court system. We are facing a different kind of enemy. 
Every time I look at the poster in the back showing the Twin 
Towers, I think about the cockroaches, these murderers, these 
terrorists that are after us now.
    That particular day, that guy saw the battlefield in an 
asymmetrical term, and the battlefield in his mind that day was 
on seat 19-A on that Northwest flight. I think it is outrageous 
that this administration does not treat these terrorists as 
enemy combatants; that is what they are. We need to have a very 
clear view of the enemy that we are facing if we are going to 
be successful, I believe, in securing our borders and securing 
our homeland.
    I would like to ask a question about the visa issue that 
both the Secretary and Mr. Dodaro mentioned as well. I am the 
chair of the Border Subcommittee, Border and Maritime. My 
Ranking Member, Mr. Cuellar and I are going to have a hearing 
next week actually focusing on this entire visa situation, 
which is of great consternation, as pointed out in the 9/11 
Commission recommendation. Continues to be obviously something 
of great consternation. It has been advanced that about half of 
all the illegal aliens that are in our country actually did not 
come here across the border, they actually are here because 
they overstayed their visas. As was mentioned, four of the nine 
terrorists on 9/11 were here on expired visas. The Department 
of Homeland Security right now has a backlog that they are 
vetting, 757,000 expired visas that they are trying to vet 
right now that have been overstayed.
    I know you mentioned about the entrance vehicles that we 
have for visa, but the exit strategy the exit program that we 
have is sorely lacking. There has been a lot of talk about the 
expense of whether it is biometrics or whether it is iris scan, 
whatever we would do for that. Perhaps you could flesh out--I 
haven't read all of your 1,500 recommendations yet, I will try 
to do that. But in regards to the visa, is there anything you 
could tell us pre our hearing?
    Mr. Dodaro. Yes, first I mentioned the visa security 
program, this is where DHS is working with State Department in 
the initial screening before the visas are given. Right now, 
there is only, I think, about--they are not fully deployed in 
all high-risk areas. I can provide the statistics for the 
record, but our basic point there is that having DHS work more 
with the State Department can enhance that initial screening 
process, and that is particularly important because of this 
overstay issue and it will take us a while to deal with that 
issue. So we think DHS can either be deployed more to work with 
the State Department, but also can work with remotely here to 
work with them, to screen them and communicate electronically.
    The main point there is that all high-risk countries should 
be covered and can be covered. Right now they are not covered. 
Also, on the visa waiver countries, the electronic notification 
system, that is working fairly well and about 98 percent of the 
people are authorized using the electric system, but 2 percent 
are not, and that is over 600,000 people. So those are trying 
to--we made a recommendation to the Department that they figure 
out why they were allowed to enter even though the electronic 
notification did not work properly in that area. Then there is 
the exit system and strategy. There have been a number of 
pilots and tests, but they haven't provided satisfactory 
answers. That is one of the things I wanted us to do more work 
on to see if we can help identify some means to do this. It is 
a huge issue, but it is very important. Until we have all three 
of those initial--screening in countries that are not in a 
visa--that are required to have a visa that are not in a visa 
waiver, those that in visa waiver, and have an exit system, you 
won't have a complete system of protection.
    Mr. Hamilton. Can I just add in response? A biometric 
system is required today by law, it is in the law. The DHS will 
tell you that it costs too much to implement. Well, if that is 
the case, then they should come back to the Congress and give 
us a plan as to how they are going to deal with it and ask you 
for the money. But like anything that is complex, the thing to 
do here under the present circumstances is to phase it in, and 
that might take a period of a few years. You can start with the 
vast majority of travelers who go by air, and you can have a 
biometric exit system today incorporated into our current 
airline operations without much difficulty, very similar to the 
way that you get a seat upgrade in a reservation situation. You 
can do it with one fingerprint per passenger.
    So what I am saying is that it is a tough problem, it is 
not easy, it is expensive. But the law is the law and it is 
vitally important to the security of the country that we have a 
biometric exit system. If you can't do it all at once, which 
you probably cannot, at the very least we ought to phase it in.
    The next stop, the Canadian border, you are right up there 
with the Canadian border, you could make that land border entry 
to Canada an exit of the United States and new technology could 
play a role into making exit a reality there at a reasonable 
cost. I want to see us move ahead on this.
    Mrs. Miller. Thank you very much.
    Chairman King. The gentlelady from California, Ms. Sanchez, 
is recognized for 5 minutes.
    Ms. Sanchez. Thank you, Mr. Chairman. Again, gentlemen, 
thank you for your service to our country and for being before 
us today. I wanted to comment a little bit on the whole issue 
of jurisdiction, because you all have no problem with us up 
here wanting to solidify the jurisdiction of this committee. It 
is very frustrating on our part to put so much time and effort 
into understanding the issues that the Department is dealing 
with, to doing our oversight to it, to trying and to going 
along and drafting legislation and to trying to pass it, 
passing it up committee in many cases, and then having it 
stymied because it has got to have another jurisdiction, it has 
got to go to another committee, and they never take it up or 
they--they really never take it up. So when you look at the 
actual legislation that comes out of this committee it has been 
very little in the 5 or 6 or 7 years we have been around now 
because we are stymied by those jurisdictional issues. So 
anything you can do to continue to sort of push the Congress to 
get it all in one place, or at least in less than the 88 
subcommittees, committees both on the Senate and this side, 
that I last counted that have some piece of jurisdiction would 
be important for us here to be able to actually follow through 
on a lot of the work that we do.
    I am also very concerned with the US-VISIT program. Before 
Mr. Cuellar I was the chairman of, when the Democrats 
controlled, the chairman, of the Maritime Border Committee, and 
that was a very big issue for us. In fact when Secretary 
Napolitano was before our committee this year I asked her 
specifically about the exit part of the US-VISIT program, and 
she said basically that the Department was not going to 
continue to work on that exit piece and instead would prefer to 
put monies into ICE and that there was really no way that--the 
Department has stopped working on the back end of that. So in a 
minute if you could give a comment to that, whether you think 
that is wise or whether we should continue, as my good friend 
Mr. Hamilton said, to at least begin to implement it in the 
airport situation.
    I also want to ask you about the TWIC program, if any of 
you are familiar with it. That is a transportation worker 
identification card. In particular maybe to our Secretary over 
there. Because we have had so many problems in putting this 
together. It is a biometric card, it is a card that is supposed 
to be read by a reader, there are no readers yet. It is just--
and it is a big, big problem in particular for people who--for 
workers who have to go every day and who have to take time 
away.
    Do you think a mail-in system to renew, we are almost 
coming on the fifth year of the renewal of this TWIC card for 
many of our workers and they are going to be facing some of the 
very same problems they faced 5 years ago when we started into 
this program of how do I get it, where do I go, do I have to 
drive 2 hours to go to a station to pick it up? As you know, 
right now it is just a flash card rather than a reader card.
    So if you could comment to that. The last thing is the 
issue of the continuity of the Congress, in particular as it 
relates to the House of Representatives. We really have done 
nothing to ensure--and as you know, in the House of 
Representatives if something should happen to a majority of us 
there would need to be special elections in order to put 
someone forward and be able to constitute the House back. That 
might be a laborious process. If you could comment at all to 
whether the Congress should or this House should really be 
concerned about doing something about the continuity of the 
Congress. Any of you who would like to.
    Mr. Dodaro. I will start. On the TWIC card, and I would be 
happy to submit our report on this card for the record, we find 
a lot of control problems with the card in terms of how DHS 
enrolls people to use the card, the fact that they don't 
require updates as to whether people still need the card or 
not. We actually had undercover investigators gain access to 
ports with fake TWIC cards and false documents. So there is a 
lot of control problems in order to make it work effectively 
under the current program. We have made a number of 
recommendations. I will submit that report for the record.
    With regard to trying to address the overstay issue with 
ICE resources, basically that would be helpful, but that is 
really not going to address the problem in our opinion. ICE 
basically has about 1,000 cases a year where they identify 
overstays. That is compared with estimates of 4 to 5 million 
people in the country. So I think the exit system is very 
important. It needs to be implemented, whether it is in phases 
or not. The volume is too big. It is always more difficult to 
find people after they are here than to make sure you know when 
they are leaving.
    So those are my comments on those two issues.
    Mr. Hamilton. On the continuity of Congress question, I 
have not looked into that in great detail, but obviously you 
ought to--we ought to be very sympathetic to that. The airplane 
that came down in Pennsylvania we think was headed for the 
Capitol building. Had it struck at the right time and the right 
place you could have had a high number of casualties among 
Members of Congress. So I think it is a serious matter. It is a 
few years back probably not so serious, but becoming more 
serious. The technology that is becoming increasingly available 
to the terrorists, including anthrax, and we saw the effort to 
acquire castor beans for the production of this ricin, a very 
toxic poison. Those kinds of things could strike on Capitol 
Hill very quickly. So I am quite sympathetic to efforts, and I 
don't know the detail of them on the continuity of the 
Congress.
    On the committee jurisdiction question, I have wrestled 
with that one. It seems to me that if it is going to be done it 
has to be done at the beginning of a session, because that is 
when you consider the structure of the Congress, and it has to 
be done by a bipartisan agreement among the leadership. It 
could not possibly be done by the leadership of a single party. 
The perspective that has to be taken is that this is a National 
security matter, lives of Americans are at stake on the basis 
of the quality of oversight of the Congress, and this is not a 
matter of placating members of your party caucus, this is a 
National security matter.
    Now, we all know that the leadership wrestles with an awful 
lot of problems, and they tend to solve those problems, my 
experience would be, on the basis of their caucus, a leader's 
report to the caucus and follow the will of the caucus. I have 
suggested to the Executive Branch that they--and incidentally 
the Executive Branch is enormously frustrated by this, really 
frustrated. Director of Intelligence, DHS, and Tom has--
Governor Ridge has expressed that very well. I suggested the 
other day to some of the Executive Branch people that maybe 
what should be done is to put together kind of a super 
committee, if you would, of past National security people who 
have great stature, Republican and Democrat, and go to the 
leadership prior to the beginning of a new Congress and just 
try to explain to them how important this matter is, that this 
is really critical for the National security of the United 
States. All of them would say that, I have had no doubt about 
it, because I have talked to all of them. Try to get the 
leadership to see this problem in terms of a National security 
problem rather than helping particular Members retain 
jurisdiction of the DHS. It is a very tough problem, and I am 
very open to other suggestions on it, but maybe this is worth a 
crack. Bipartisan leadership action will be necessary to get it 
done.
    Chairman King. Thank you. The next person in line to ask 
questions is Congressman Walberg, but Congressman Marino has 
been called back to his district on an emergency and 
Congressman Walberg has agreed to let Mr. Marino go. The 
gentleman is recognized for 5 minutes.
    Mr. Marino. Thank you so much. I appreciate it. Mr. Dodaro, 
being a former prosecutor, a district attorney, a U.S. 
attorney, I know the importance of trying to be able to 
communicate with agencies, whether it is a terrorist attack, 
whether it is an automobile accident or a drug raid. I am all 
for coming up with a system and implementing it whereby if we 
needed to someone in Pennsylvania could be talking to someone 
in Florida via some type of direct communication.
    Have you ever calculated or estimated what the cost of 
something like that would be, because I know in my area of 
northeastern and north central Pennsylvania the mountains cause 
a great many problems, so we are probably talking about 
satellite. Do you have any idea what that would cost us?
    Mr. Dodaro. As a Pennsylvanian native myself I understand 
the mountains.
    Mr. Marino. I am a graduate of Lycoming.
    Mr. Dodaro. All right. Very good. I don't believe we have. 
I know we have done a lot of work looking at the development of 
standards to ensure that the interoperable communications could 
take place. I will go back and I will check with my team, and 
if we have anything on that I will give it to you. But I can't 
think of anything off the top of my head where we have done the 
calculation that you are requesting. It would be an interesting 
exercise.
    Mr. Marino. This is one area where I am leaning in the 
direction of it would pay for itself 10 times over. But thank 
you, I appreciate that.
    Mr. Hamilton. The CBO has made estimates on this and it is 
expensive, there isn't any doubt about it. To put a D-Block 
network construction in place the estimates run between $11 
billion and $24 billion that I have seen. Now, you are going to 
have to do all you can of course to control costs. The auction 
of some of the spectrum can be used. I know that is a very 
complicated matter, difficult matter. But like all tough 
decisions in Government it is a matter of priorities here. The 
capacity of the first responders to talk to one another is so 
important it seems to me the costs have to be worked out. It is 
a very high priority. We lose hundreds of lives because of 
this.
    Mr. Marino. I have experienced that myself.
    Mr. Ridge. Congressman, if I might, being familiar a little 
bit with Pennsylvania myself, I dare say it would be a long 
time I suspect before we have the kind of technology that will 
reach into every community in every State, I suspect, as good 
as the wireless is and as good as the technology and the 
dramatic improvements within the private sector on a regular 
basis to expand the reach. But I don't think we ought to make 
the perfect the enemy of the good. I think it is also--it is 
like the mindset you bring to homeland security, you manage the 
risk. What do you do to reduce the risk in this instance, you 
say to yourself. You say to yourselves: What do we do to bring 
the maximum best communication capability with existing 
technology to as many people, communities, and States as we 
can? It already exists. I think you probably, with the existing 
infrastructure and technology we have, you probably cover 90, 
95 percent of America. I think we ought to move as quickly as 
possible.
    Mr. Marino. Congressman Hamilton and Governor Ridge, this 
final question. There has been some talk among colleagues, 
among people out in the field, that do you think at this point 
there should be at least a discussion as to combining 
Department of Homeland Security as a department with another 
department? Would there be any efficiency in that? For example, 
Defense.
    Mr. Hamilton. Creating a new department of Government is 
arduous work. Once you have created it the work is just 
beginning in a sense. I was around here when we created the 
Department of Energy back in 1976, and sometimes I wonder 
whether we have got an integrated department there even today. 
DHS has had very good leadership. Tom Ridge, a good example of 
that.
    Mr. Marino. That wasn't my intent at all. I just want to 
make that clear.
    Mr. Hamilton. No, no. But getting, what was it, 22 agencies 
or something like that, that were brought together, it has now 
got a budget of $50 billion, or whatever the figure is. And if 
you suddenly move to a new reorganization I would be quite 
skeptical of that at this time. I think the focus at this point 
should be on getting the DHS to work and to work much better. 
Because when you reorganize a major department of government in 
the Federal Government you have really got a formidable task on 
your hand.
    Mr. Marino. Governor, I have 8 seconds.
    Mr. Ridge. Well, I recall the days where we were actually 
trying to identify the units of Government that we would pull 
together to aggregate them to create the Department of Homeland 
Security, and there was much discussion as to other entities 
that would be pulled in or not. I believe that the Congress, 
and working with the Executive Branch at that time, assimilated 
the right number in the right groups. The Congress and think 
tanks have been looking for a border-centric agency long before 
9/11. All those reports, like a lot of others, just kind of 
gathered dust. So I think we need to remind ourselves that they 
weren't new individuals, that most of these were men and women 
working in existing agencies. That assimilation process 
continues, No. 1.
    We also need to remind ourselves that in addition to 
Homeland Security, whether you are Customs and Border 
Protection, FEMA, the Secret Service, Immigration and Customs 
Enforcement, Coast Guard, they all have traditional missions as 
well, and on top of those missions we layered on additional 
responsibilities with Homeland Security. So I think if you want 
to integrate anything to make homeland security more effective 
and more efficient, you integrate Congressional jurisdiction 
because it is a National security issue. You don't need to 
integrate it with anything else, you just really need to 
integrate committee oversight so Congress can truly become the 
strategic partner that DHS needs.
    Mr. Marino. Gentlemen, thank you. Chairman, thank you. I am 
sorry, what Congressperson gave me their time?
    Chairman King. Mr. Walberg.
    Mr. Marino. Thank you, sir.
    Chairman King. The gentlelady from Texas, Ms. Jackson Lee, 
is recognized for 5 minutes.
    Ms. Jackson Lee. Mr. Chairman, thank you very much. I 
believe it is appropriate during these days prior to the tenth 
anniversary that conjures emotions amongst many of us is to 
really cite the patriotism of the three witnesses and the value 
that they have given to the necessity of securing the homeland. 
I pay tribute to each of you in your own responsibilities and 
ways that you have led, and thank you so very much for that 
service. I want to acknowledge as well our Chairman and Ranking 
Member because they are accurate that we have worked together. 
The one thing that we have not done on this committee is 
challenge Members' patriotism. We have disagreed on policy, but 
we have not challenged the patriotism. I consider each of the 
Members and myself a lover of this Nation and a patriot. I am 
so grateful that even though we critique studies that the 9/11 
Commission will find its place in history along with Secretary 
Ridge, who had to feel your way after the aftermath of 9/11, 
but the 9/11 Commission report, Congressman Hamilton, will be a 
book that we will continue to learn from. I think it is 
important and would like to join the legislation of Mr. Wolf 
and Mr. King of reinitiating I think the 9/11 Commission, if I 
am correct. I think that is important.
    I believe that it will be important for us to make two 
commitments. One, 10 years later we should have the ability to 
communicate amongst the first responders and of course anyone 
that is addressing a natural disaster or a man-made disaster. 
The second commitment is the combination of jurisdiction. The, 
if you will, combining, so that we have an efficiency of scale. 
I would like to put it at the level of saving lives.
    The last point, as I approach a question, is to thank our 
first responders, but to add to that our rescuers, because 
there are those who came unlabeled at the World Tower. In 
Pennsylvania obviously there was devastation and lack of the 
possibility of anyone who would survive, but no one knew that 
in the Towers and there were a lot of those who were discovered 
and found. Let me thank all of those individuals. If I might 
say, I had hoped that maybe in these next hours the New York 
celebration will find a way to add our first responders and add 
those who may not have been able to find space. Get a big PA 
system and just put them all up in Manhattan and I think they 
would all be happy.
    The reason why I lay that groundwork is because I don't 
think there is a more important task than what we have before 
us. I wanted to probe, Mr. Hamilton, the comment that you made 
about the inability to detect explosives and the comment in our 
memorandum that says that aviation in airports still remain 
vulnerable. Can you expand on your point about the inability to 
detect explosives and my belief that this is still, aviation in 
airports is still one of the more attractive targets for 
terrorists?
    Mr. Hamilton. I think a lot of effort has been made in the 
area of technology to develop a device that can detect 
immediately various kinds of explosives that may be hidden on 
your body or in your body. This is a problem that precedes 9/
11. This too has been a great concern that over the years, and 
having spent a lot of money and having a lot of I guess very 
able scientists looking into it, we have not succeeded yet.
    The GAO I think has issued a report on this, and I am sure 
the Comptroller General may want to comment. But I think we 
have to accelerate this effort as best we can and get our act 
together because this is a huge vulnerability in our air 
traffic system today. The Detroit incident has already been 
referred to here, but I think DHS really has to bear down on 
this. Governor Ridge, Secretary Ridge may be able to comment on 
it as well, to develop the technology to the point that we can 
make the detection of all kinds of explosives. All of us 
recognize the vulnerability.
    Ms. Jackson Lee. Let me thank you for your service and add 
these questions, if I might, Mr. Chairman, to let Secretary 
Ridge and----
    Chairman King. The time of the gentlelady has expired, so 
unless Mr. Ridge wants to answer the questions.
    Ms. Jackson Lee. Well, if I can put these questions on the 
record.
    Chairman King. On the record, sure.
    Ms. Jackson Lee. Since other Members went over, let me just 
ask this question that falls under----
    Chairman King. Well, no one asked a question beyond the 5 
minutes.
    Ms. Jackson Lee. Well, it falls under my committee.
    Chairman King. Well, the gentlelady can ask questions. They 
won't be answered. They can be answered in writing.
    Ms. Jackson Lee. If you would comment in the course of 
answering the one about exposure of the value of a passenger 
fee for security and not privatizing TSA.
    Chairman King. I would ask if the answer would be given in 
writing to that question. The gentleman from Michigan, Mr. 
Walberg, is recognized for 5 minutes.
    Mr. Walberg. Thank you, Mr. Chairman. I thank the panelists 
for being here today and for your service. Being a new Member 
on the Cybersecurity Subcommittee, it has been an eye-opener 
for me beyond just my normal thought that the light switch 
works when I turn it on and off and the computer screen comes 
on and I have the necessary protections on my computer that I 
can purchase for various things. But as I have got into this 
committee it has been amazing to think of what has to be done 
in an age when a small cell of terrorists can spend very little 
money to purchase resources that can break into and in fact can 
destroy infrastructure very quickly. Thinking of CMS Energy in 
my district and Detroit Edison and going through some of the 
processes that they do, amazing processes that deal with these 
cyber attacks that come in on a regular basis, and then hearing 
talk about from our own Government level of the need to have a 
public-private partnership in dealing with these concerns for 
our energy infrastructure, our computer communications 
infrastructure.
    I guess my question would go along this line, specifically 
to Governor Ridge and Congressman Hamilton. What is the best 
way to address this threat to our critical infrastructure from 
those that don't even need to set a foot in our land, and also 
what can be done to improve this partnership, this public-
private partnership that everybody talks about but at this 
point in time, at least to my understanding, doesn't seem to be 
implemented to a great degree yet and is always seemingly 
performing below expectations? Any solutions to this that you 
could address, Governor Ridge and Congressman Hamilton?
    Mr. Ridge. Well, first of all, I think the administration 
has clearly begun the decision with a piece of legislation that 
has invited a great deal of scrutiny and some criticism that as 
I have been participating in a couple of public forums it is 
pretty clear that at least initially they understand that it is 
something that they actually need to engage the private sector 
in in the discussion, as I said, standards and the like. But I 
think you have got a long way to go. I mean, take a look at the 
cyber infrastructure just in the Executive Branch or even 
within the White House. I think you have the CTO, a CIO, and 
the cyber czar, so who is really in charge of overseeing it 
all. Then you have the disparate elements. The different 
agencies have their own cyber responsibilities and commitments.
    The second challenge I think we have in the digital world 
is attribution, we are getting better at, but then 
accountability. What is our strategy once we identify a 
perpetrator, how do we hold them accountable? That is worthy of 
a separate and independent discussion.
    Then finally, and I have enormous regard for the men and 
women who serve their Government in unelected capacities, and 
we attract lawyers and scientists and cyber experts. But make 
no mistake about it, the great capacity of knowledge and 
information on this issue lies outside of Government. If there 
was ever an issue where Republicans and Democrats, both of whom 
talk frequently about public-private sector collaboration, if 
there was ever an issue where you might want to think of some 
of your standards and the regulations around attracting and 
inviting and creating a public, a true public-private 
partnership where you bring in a series of experts to work 
within the departments and then collaborate system-wide, this 
would be the issue. This is the issue that I think lends itself 
to the kind of holistic, deep collaboration between all the 
expertise you have in the private sector along with a well-
intentioned expert, experts within the Federal Government, but 
just don't have the reach.
    One final comment. When I tried to attract just an advisory 
board, nonpaying, to assist the Secretary of Homeland Security 
to deal with several issues, the requirements for the public 
sector and the kind of information they have to share with the 
Congress or regulators discouraged a lot of well-intentioned 
people to participate in the advisory board. I understand there 
is screening. But I do think on this issue and some other 
issues we have to get beyond the mindset that people with the 
expertise in the private sector somehow would seek to simply 
feather their own nest if we invited them in to work in a 
collaborative fashion with the public sector, with the Congress 
of the United States. I really think on this issue perhaps more 
than any, but at some point in time we have got to start 
trusting Americans to help America. When you create regulatory 
barriers and impediments to well-intentioned people who wanted 
to give me executives, to loan executives to participate on a 
day-to-day basis, I think we really frustrate the value of a 
true public-private sector collaboration. This is one that I 
think really needs to be done and needs to be done now.
    Mr. Walberg. Thank you.
    Mr. Hamilton. I appreciate the question. I think we are 
beginning in the Nation to seriously address it, but we are 
only beginning to. You are quite right to point out the 
vulnerability. We are exceedingly vulnerable to a cyber attack 
in this country, both in Government and in the private sector, 
because the private sector controls an awful lot of the 
infrastructure.
    Second, when you have an attack it is very difficult to 
know where it comes from and it is very hard to hold someone or 
some entity, some State, responsible. Not impossible, but not 
always easily done. Having said that, one of the things I think 
we need to do is to make very clear that an--a warning really--
an attack on this country's infrastructure by cyber attack we 
will take exceedingly serious and we will respond, we will 
respond in the most appropriate way possible. We can't predict 
exactly how that would be. But if we can identify the 
perpetrator then we will go after them. We will go after them 
with whatever means are necessary to wipe them out. We cannot 
tolerate this kind of an attack.
    Now, the next point is organization. Here I am a little 
fuzzy, to be blunt about it. But I think the Government, I hope 
the Government is beginning to get its organizational structure 
in mind to deal with cyber attacks. The line of responsibility 
between NSA and DHS is not all that clear to me, but I think it 
is moving, although not as fast as I would like to see. The 
technology expertise on this within the Government, so far as I 
know, rests largely with the NSA, and they are developing both 
offensive and defensive means of dealing with a cyber attack, 
and that needs to be encouraged.
    I do think, and you make the point very well I think in 
your question, that we have to strengthen DHS's ability to work 
with the private sector. My judgment at this point on my 
experience is the private sector is quite uneven here. There 
are many people in the private sector who are very plugged in 
on this and know the vulnerabilities and are taking steps to 
deal with it and are consulting with Government, but there are 
also many areas of the private sector, tending to be not the 
huge companies, that are not so plugged in. So I think there 
has to be a lot more communication, as Governor Ridge has 
suggested, between the private sector and the Government to 
sharpen our defenses.
    Mr. Walberg. Thank you. Thank you, Mr. Chairman.
    Chairman King. The gentleman from Texas, Mr. Cuellar, is 
recognized for 5 minutes.
    Mr. Cuellar. Thank you very much. Mr. Chairman, I want to 
thank you and the Ranking Member for having this meeting and 
the work that both of you have done to improve homeland 
security. Certainly I want to thank the witnesses, also 
Chairman Hamilton, Secretary Ridge, and of course the 
Comptroller. Thank you for all the work that GAO has done, all 
three of you, all the valuable information and resources you 
provided for homeland security.
    Let me ask you this question. It has to do with aviation. 
In the wake of 9/11 we made sweeping changes to our Nation's 
aviation security system, including strengthening security 
measures related to flight schools. I know, as all three of you 
mentioned, a lot of progress, but there is still a lot more 
work to do. However, as recently as 2 weeks ago we had a 
situation down close to my district in south Texas. Several 
Mexican nationals were discovered receiving flight training in 
south Texas without the proper visas. As you recall, the 9/11 
involved aviation flight schools and visas also. Those are the 
three major--well, three major factors that were involved. In 
this case, while there is no indication of terrorist intent on 
this particular case, we know that the aircraft remains a 
highly attractive target for terrorists. It is troubling that 
even 10 years after the 9/11 we still have foreign nationals 
taking flight training in the United States without the 
requisite vetting or oversight. In fact just a few days ago the 
FBI and the Homeland Security issued a Nation-wide warning 
about al-Qaeda threats to small training--I mean, to small 
aircraft just a few days ago.
    Let me just give you briefly the facts the way I understand 
them. You had a pilot from Mexico that was accused of bussing a 
trio of boats in Fort Mansfield. That is how this got started. 
He was bussing some of the boaters out there. This person was 
taking flight lessons. He was one of several Mexican foreign 
nationals who traveled to the valley to get the pilot's 
license. Homeland Security went up there after the fact and 
deported three of them. Because I think the problem was that 
instead of using a proper M-1 student visa, because they were 
getting training, they were actually operating under a 
nonimmigrant B-1/B-2 visitor visa. So instead of using a 
student visa they were using tourist visas to get that 
training. Eventually FAA was asked and they said, look, Praat, 
which is a Mexican-based company that comes over to the United 
States to do the training, was leasing the aircraft to the 
pilots to train. Again, FAA's rule is basically the pilot is 
ultimately responsible for the use of the aircraft itself.
    So the issue that I have is after 9/11 when you had 
aircrafts, you had flight school training, you had visa issues, 
here we are 10 years later, what does this incident suggest 
about our progress on the broader issues of aviation security, 
visa security, 10 years after 9/11? Secretary, since you were 
there with my friend President Bush, Governor Bush, do you want 
to go ahead and get started on that? Then the other gentlemen, 
if you can answer that.
    Mr. Ridge. The details are first made known to me today by 
your explanation on it. Thank you for that. My first reaction 
suggests that it points, the incident points to the lack of a 
broader infrastructure associated with not the question of 
getting access to the airports and flying lessons, but the 
broader infrastructure that seems still to be woefully 
inadequate with regard to the issuance of visas and the 
identification relative to the individuals who get the visas, 
their nationality and the reason they have been extended the 
visa. It just seems it would be problematic to me, and I don't 
know how this came to the attention of the Department of 
Homeland Security, but if there was a biometric card associated 
with this, that these were here lawfully but still on a visa, 
that I could check that they were here on a tourist visa, I am 
just not sure that as a proprietor I would have been inclined, 
one, to give them flying lessons, at least not until after I 
checked with Homeland Security to give us some more background 
information. So I think it speaks to a broader challenge that 
we have. I know this is not the place to deal with it all, but 
the broader challenge of immigration reform, and frankly the 
21st Century infrastructure to identify and then monitor the 
activities of those who we grant the privilege of crossing our 
borders as guests on a visa.
    Mr. Cuellar. Secretary, this is only one flight school. 
Imagine what is happening or could be happening across the 
Nation. You are right.
    Mr. Dodaro. Congressman, we did work in 2004 and 2005 
looking at the flight schools and TSA's oversight over the 
flight schools and found that there was need for improvement in 
that area and made some recommendations. We will be starting 
work soon following up on TSA's oversight over the flight 
schools.
    The other comment I would have is as it relates to general 
aviation, we have a lot of aviation on commercial airports, 
there aren't the same level of regulations and requirements for 
general aviation. We have just issued a report on that. I would 
be happy to provide it for the record highlighting some issues 
there.
    With regard to the visas I would just reiterate my previous 
points that there is a need for the exit approach. Whether or 
not in this particular case these individuals actually were 
overstaying their visa or not I am not familiar, as Governor 
Ridge mentioned, with the details. But that system still needs 
to be strict.
    Chairman King. Chairman Hamilton.
    Mr. Hamilton. Well, I just simply observe everybody. Every 
one of you have flown on private aircraft in general aviation, 
and you have all been impressed with how convenient it is as 
compared to the commercial airports and how easy it is. I have 
thought a hundred times as I have done that, boy, oh, boy, this 
is a vulnerability for us. I am glad to see now that the 
authorities are beginning to look into the small aircraft 
problem, because it is a hugely potential problem for us. I 
can't add to what the others have said.
    Mr. Cuellar. Thank you. Thank you, Mr. Chairman.
    Chairman King. Mr. Cuellar. The Chairman now recognizes the 
gentleman from Pennsylvania, the Chairman of the 
Counterterrorism Subcommittee, Mr. Meehan.
    Mr. Meehan. Thank you, Mr. Chairman. Thank you for this 
very distinguished panel for your, not just your presentation 
here today, but your, I would actually say at the zenith of 
your career, your commitment to these issues. Each of you has 
taken on a remarkable role in this. I appreciate the fact that 
you have looked back and taken the time to analyze what hasn't 
been done on the recommendations you had previously made. So I 
want to focus a question with respect to that.
    Mr. Hamilton, I have had the opportunity to go back and 
revisit a site in which a terrorist incident was averted. It 
related to the situation in which there was a cartridge that 
was attempted to be detonated on an air carrier plane, a UPS 
plane. In the after-action review I got a chance to participate 
in, it was a case study of the point that you made about the 
lack of somebody really being in control at that facility at 
that period of time. From the perspective of the people who are 
trying to participate in helping, they are getting different 
demands from different agencies at the same time about the same 
information. How do we get it right in that critical moment 
when, as you have stated, decisions are being made that can be 
life or death choices? What do we need to do to get better at 
that at the point of incident?
    Mr. Hamilton. You are speaking about the first responders 
and the unity of effort at the site?
    Mr. Meehan. Yes. Incident command, I think. You identified 
this in your report, which is why I am going back to that 
point.
    Mr. Hamilton. It is critically important. I don't want to 
suggest that nothing has been done, because I think a lot of 
some pilot programs have been run, some attention has been 
given to it, but I don't think it is a resolved question. 
Politically it is difficult to resolve. If you have a disaster 
at a site of any consequence, you almost certainly have a 
number of contending authorities. You have a governor, you have 
a mayor, you have a port authority, you have county officials, 
you have the President and Federal officials. Politicians don't 
like to address these kinds of problems ahead of time because 
they are difficult to deal with, who is in charge. But our 
whole effort was to encourage that decision to be made in every 
metropolitan area, if not the country.
    At the time of Katrina the Governor of Louisiana was very 
heavily criticized, and I don't know a lot of the details of 
that, but she had four helicopters at her command. She needed 
150. So I have come to the conclusion that if you have a major 
disaster in an area of multiple jurisdictions the Federal 
Government has to step in. The reason they have to is because 
they are the only one that has the wherewithal, the resources, 
to respond. You need water, you need housing, you need food, 
you need--hundreds of decisions have to be made fairly quickly 
about the response.
    So I think we just have to keep encouraging local, State, 
and Federal officials to plan and to exercise their plans. It 
is not enough to have a plan. It is important to have a plan, 
but it is not enough. You have got to--like the military does, 
they constantly have maneuvers and exercises, you have got to 
have exercises in a given community, it seems to me, to get 
through this problem.
    So those are some random thoughts on a very, very difficult 
problem.
    Mr. Meehan. Thank you. I do want to see that we follow up 
on that.
    Governor Ridge, this has to be sort of a remarkable moment 
that we are sitting here now 10 years later and you served in 
the Congress, you were Governor of a major State, but you were 
on the ground floor in the beginning of the creation of one of 
our most critical agencies responding to this issue. I think 
more significantly you were there every day sitting with the 
President as we were making decisions in real time. As you look 
back now 10 years later, what is it that still keeps you up at 
night about what we can be doing or doing better, or is there 
an observation you are making now say, boy, if we could do this 
now this is the way that I would do it?
    Mr. Ridge. Someone asked me in the first couple of months, 
actually while I was in the White House, before we even created 
the Department of Homeland Security, if I slept at night. I 
said I don't sleep much, but I sleep well. They were kind of 
astonished by the answer. The answer was that obviously the 
duties of the day required vigilance throughout the day and 
evening. But I knew that there were literally thousands if not 
hundreds of thousands of Americans working in the Government at 
all levels of Government and the private sector that were 
working together to make America more secure. I still feel that 
way today.
    At the heart of combating--but there are two matters that I 
think we need to really embrace as we look at the next 10 
years. First, it is a risk that we have to admit to ourselves 
that we can only manage, we cannot eliminate. The political 
world, the world of the private sector, the public sector, we 
can't guarantee ultimate safety, and we have to accept that. I 
think Chairman Thompson, or Ranking Member Thompson asked about 
resiliency. We have proven we are resistant. We are coming into 
a time of limited resources, reduced resources. Let's be smart, 
let's be judicious, let's target them, let's not fight the last 
war, but let's understand that we can only manage the risk. I 
think John Pistole in TSA is starting to move in that direction 
with its experimental program with people who frequently fly, 
they are dealing with background checks, we may deal with them 
differently so that the remaining TSA employees can focus on 
people they don't know and the baggage that belongs to people 
they don't know. But we have got to development a mindset I 
think politically around the country and I think we have. We 
shouldn't be breathless about the risk. It is manageable and we 
need to manage it very, very effectively. I still can't believe 
after 10 years, we talked a little bit about the infrastructure 
and the no broadband communications, but I still can't believe 
that incidents like the Detroit incident and Fort Hood would 
occur when people within Government, within the Federal 
Government, had information I think that was substantial enough 
to act.
    I mean, there is a lot of criticism because we weren't 
adequately prepared for Katrina. You have to be in this day and 
age with the new norm of terrorism, you have to be a little 
less cautious, you have to act. When we had, as I understand it 
from public information, that the FBI was aware that Hasan was 
emailing to a radical cleric in Yemen and this individual was 
an active duty soldier, who and when they talked to the 
Department of Defense I will never know, but we talk about 
that. We use a euphemism to connect the dots. Every once in a 
while there is a dot, a big one, and I like the euphemism. It 
just flashes off an on, you got to act. The same thing with the 
father coming in to talk to the State Department I believe 
who--I mean, we ask for human intelligence. A father comes in 
to tell the State Department that he believes his son has been 
radicalized, and oh, by the way, I think my son is in Yemen. 
Now, you put those pieces together in a post-9/11 world with 
what we know about al-Qaeda on the Arabian Peninsula, and 
somebody has got to yank his visa to come into the United 
States until you sort it out.
    So I think this information sharing is the heart of 
everything we do is still probably the most difficult and 
challenging, and by the way, as my colleague and friend Lee 
Hamilton said, the most difficult and complex characteristic or 
quality of combating terrorism. But you would think after 10 
years we would be a little less cautious. I am not saying we 
are being politically correct, but there is some things that 
require action and we need to get into that mindset.
    Mr. Hamilton. May I suggest you visit your fusion center? 
We have 72 fusion centers around the country. Maybe you have 
already done it. They are of mixed, varied capacities. But they 
do bring together the right people in an area, State, local, 
and Federal. It is in that center I think where you can see 
what has been done, what has not been done in a given area. I 
visited the fusion center in my State of Indiana, I have done 
it in a couple of other areas. I think they represent probably 
the best help for giving you the kind of response you want on 
unity of effort in any given crisis.
    Chairman King. The gentlelady from New York, my colleague, 
Ms. Clarke--I am sorry, Mr. Clarke from Michigan.
    Mr. Clarke from Michigan. Thank you, Mr. Chairman. My 
question to the entire panel is how can the Department of 
Homeland Security best judge an urban area's risk of an attack 
based on the assessments that it uses now? I represent 
metropolitan Detroit. We have a large international airport 
hub. That airport was the destination of the plane that the 
Christmas day bomber attempted to blow up. So there is a strong 
likelihood that our region could be the target of another 
attack.
    Now, in addition to the likelihood of an attack, the 
Department also needs to look at the consequences of an attack. 
Metropolitan Detroit, I will use that as an example, we have a 
large population center, we have a border that is water, that 
is also the busiest international border crossing in terms of 
trade in North America, we also have a large regional drinking 
water system. My concern is that many metro Detroiters are at 
risk of being poisoned if a terrorist decides to dump a bunch 
of biological agents in that drinking water system.
    So essentially it is this. The GAO report mentioned 
concerns about how the Department assessed risk. Any of you 
three gentlemen have any comments on how we can improve the 
accuracy of the risk of threat of attack to certain urban areas 
like metropolitan Detroit? Ten years later my people I 
represent, they are still at risk of an attack. I want to 
protect them the best I can.
    Mr. Hamilton. Look, there is no way we can give you 
certitude because we don't know the mind of the terrorist. But 
they have given us some two--two big hints. One is they are 
going to do as much damage to us as they can. The second is 
that they want to hit symbolic targets. So every community has 
to sit down and analyze what in this community is most 
vulnerable and they have to prioritize those vulnerabilities. 
You know your community better than the DHS Secretary or the 
President or anybody else. It is the local community that has 
to make the analysis of what are the targets in my community 
that are most likely to be hit given the standards that the 
terrorists have repeatedly given to us. They want to do as much 
damage. So you protect wherever people gather in large numbers, 
that is obvious. You protect iconic symbols and so forth. But 
it is a question of establishing priorities within the 
community.
    So the leaders of Indianapolis, Indiana, or Detroit, 
Michigan have to come together and say, okay, we have got the 
following facilities, and there may be 100, there may be 200 of 
them that need protection. You have got to prioritize them, you 
can't do it all. That is a tough decision to prioritize, but it 
has to be made in order to reduce the risk. There is no 100 
percent guarantee that you have got it figured out right, but 
that is the way you have to do it.
    Mr. Dodaro. I would say that in that framework that Mr. 
Hamilton just outlined DHS does do a lot of risk assessments by 
different sectors, water sector, transportation sector, et 
cetera. Our comments though have been that the information in 
these threat assessments and risk assessments should be shared 
more and used more in decision-making purposes.
    So I think that is the issue. Governor Ridge kind of 
mentioned too acting on certain threat information or certain 
information. So I think the real challenge is how do we use the 
information that is now being collected more, both at a 
National level and at a regional and a metropolitan level? That 
is something we will be continuing to take a look at.
    Mr. Ridge. I don't know, Congressman, if you are referring 
to the methodology associated with urban area grants for 
homeland security. I can recall----
    Mr. Clarke of Michigan. Yes. Definitely including that.
    Mr. Ridge. I thought that is what you were referring to. I 
think that process clearly has evolved I think in a very 
positive way over the past 8 years. I can recall since we were 
there after Congress directed that the Department create a 
model, an assessment model for that very purpose that we went 
through a couple of iterations that were challenging and the 
like, but at the end of the day, and I have no idea the 
evolution since I left, but at the end of the day a significant 
portion of that calculation was based upon threat information 
gleaned over the periods, over the previous years, not just 
from the FBI but the broader intelligence community. I can 
recall getting a, let me call it a call of disappointment, from 
a Member of Congress that the city that they happened to 
represent was no longer viewed as a potential target and 
therefore wasn't eligible that year for the funding that it had 
received the year before.
    So it continues to be one of the big challenges of Homeland 
Security. Generally it is probably one of the only departments 
where you have probably more political interest in engagement 
than any place else and you try to--you don't want to make 
those political decisions, but it is subject to political 
influence and you want to avoid that at all cost. I think at 
this instance relying on threat assessments from the 
intelligence community is probably the most effective way to 
channel those dollars.
    Chairman King. The gentleman from South Carolina is 
recognized for 5 minutes.
    Mr. Duncan. Thank you, Mr. Chairman. I want to personally 
thank you for rehanging the pictures that are surrounding the 
room here to remind us of the tragic events that happened 10 
years ago this weekend. I want to thank each of the gentlemen 
on the panel today for your service to our country in your very 
own capacities.
    I want to take an opportunity, because I am near the end, 
most the groovy questions have been asked. Just to thank the 
firemen that are in the room today and the police officers, and 
Capitol Hill police officers. They are here defending us in 
what you do every day. Firemen and police officers and military 
personnel all around this great land for what they do to keep 
me and my family and our constituents safe. So thank you guys 
for your work on the 9/11 Commission report. I have got a copy 
of it with me, and I want to talk about that in just a minute.
    But I noticed, I have talked about this numerous times in 
this committee, the 9/11 Commission report has identified a 
number of threats to the country and you use the terms to 
identify those threats such as Jihad 126 times; Muslim 
Brotherhood, 5 times; religious, 65; Hamas, Hezbollah, al-
Qaeda, Khalif, Sharia, enemy, violent extremism, numerous times 
in the 9/11 Commission report. But if we look at the FBI 
counterterrorism lexicon of 2008, they use the word Jihad zero 
times, Islamism zero times, Muslim Brotherhood zero times, 
Hamas, Hezbollah, al-Qaeda, zero times.
    The National intelligence strategy of 2009 uses those same 
terms zero times. The lessons from Fort Hood uses those terms 
zero times. I think it is important that we understand and can 
identify the threats of this country and discuss it openly 
without fear of using those terms, if that's a real threat to 
this country. So what I would like since you guys developed 
that report and you use those terms that many times, Mr. 
Secretary, I will let you start. Why do you see that we are not 
talking about on enemy or threats to this country in those 
terms anymore?
    Mr. Ridge. Well, I am not going to--first of all I respect 
and truly understand the question. I think----
    Mr. Walberg [presiding]. The mic please, Governor.
    Mr. Ridge. I appreciate the thoughtfulness of the question. 
I do think the more appropriate communicant in response would 
be the Attorney General. Having said that, I think there is a, 
depending on the mind-set that you want to bring to the work to 
combat terrorism it continues to be a discussion whether they 
should be treated and viewed as criminals, as I think the 
administration generally does and the Attorney General 
generally does, and I think that is reflected in probably the 
language that they use.
    I don't agree with it. I did enough criminal defense work 
and prosecution work to appreciate the fact that most criminals 
that I ever either prosecuted or defended chose not to--
preferred not to be caught and certainly didn't want to 
surrender their lives in the furtherance of their criminal 
endeavor. So I do think that language probably reflects a mind-
set that is more appropriate to how the Attorney General 
believes this country should deal with the terrorists once we 
apprehend them.
    I don't think there is any question in the Attorney 
General's mind that the fundamental problem is with those who 
within the Muslim community who have taken a traditional 
religion and wrapped themselves around a perverted and 
distorted version of it to justify the killing of innocents, 
but I think the language reflects his preference as the 
Attorney General of the country to treat them more as 
criminals. I don't share that point of view.
    Mr. Duncan. Mr. Hamilton.
    Mr. Hamilton. Well, I believe the greatest current 
terrorist threat to the United States is from Islamist 
extremists. Whether or not they are part of the core al-Qaeda, 
or one of their affiliates, or ideologically affiliated, they 
represent the greatest threat. We have also had the addition of 
homegrown threats. Likewise, I think, Islamic extremists. I 
think it is very important that you make a distinction between 
the Islamists terrorists, the extremists and benign Islamists. 
I think the country has done that very well.
    I still remember as I thought was an excellent example of 
what we should do. I remember President Bush soon after 9/11, 
it was a matter of days, I think, he went to a mosque and made 
that point. Think it was it was exactly the right thing to do, 
because he was drawing a distinction between the extremists and 
the good, if you would, Islamists. So I think we have to 
actively and aggressively counter the range of the ideologies 
that are violent advocates and do what we can to remove them.
    I am not here to speak for others with regard to 
terminology. We said in the Commission Report, we had two 
enemies, one, al-Qaeda, and two, Islamic extremists. We thought 
quite a bit about what terminology to use. I am comfortable 
with the terminology we set out in that report.
    Mr. Duncan. Thank you. My time's up.
    Mr. Walberg. Thank the gentleman. Recognize now the 
gentleman now from Massachusetts, Mr. Keating.
    Mr. Keating. Thank you, Mr. Chairman, and thank all the 
panel members for their service. You know, about less than 10 
months ago as a District Attorney I was investigating a death 
of a young man, 16-year old young man whose mutilated body 
showed up in the Town of Milton, Massachusetts. Our 
investigation took us to North Carolina, where this young man 
had hid himself in the wheel well of a 737 commercial airliner, 
and he had dropped out of the plane as the landing gear went 
down as he was approaching Boston.
    Now, much has been said about transportation security this 
morning, and certainly about the screening checkpoints and the 
need to look at explosives there. The TSA has said that every 
commercial airport in the United States receives a security 
assessment every year, including an evaluation of perimeter 
security and access controls. However, in 2009, the GAO when 
they were reviewing this, said 87 percent of the Nation's 
commercial airports had not conducted any consequence 
assessments or those perimeter checks.
    With so much attention on the gate and on the checkpoints 
there, it seems to me we are wide open on perimeter security. 
In this major airport, North Carolina, there had been, since 
this occurred, repeated breaches on perimeter security that we 
are aware of there. I can't imagine that airport alone.
    How would you assess our ability to dealing with perimeter 
security around our airports? They could have easily--if he put 
his own body in that wheel well, he could have easily placed 
explosives there if he was a person--it was a tragedy of the 
young man and this family, but what if this person had a 
different intent? What if they were able to put explosives in 
there? It seems we are focused so much on that, and it is 
important at the gate. What about what is going on as we look 
out from that gate and the perimeters. I think that is a 
serious problem, and can you address how seriously that has 
been? GAO has commented, but I don't see much actions, frankly.
    Mr. Dodaro. Our recommendations have been more that TSA 
needs to do a joint vulnerability assessment with the FBI on 
the perimeter security issues, but that this hasn't been done 
in a lot of cases, and we made recommendations along those 
lines. The other issue is the screening of workers who have 
access to the facilities on a regular basis. We believe that 
that issue needs to be addressed as well. I will be happy to 
provide our specifics for the record.
    Mr. Keating. Any other analysts comment on that?
    Mr. Hamilton. I am very pleased to hear your remarks. My 
general impression would be that you are right, perimeter 
security is still a great vulnerability, so I would be 
supportive of efforts to make more inspections and bulk up our 
efforts at perimeter security.
    You know, there is so many areas of vulnerability and we 
have concentrated a lot on the ones that we think are the 
greatest risk, but others keeping popping up, and you have put 
your finger on an important one.
    Mr. Ridge. I think aviation, to the best of my knowledge, 
is a target area, I suspect that still comes up on reports that 
the intelligence community has as a potential target. I think 
the--should never said we have eliminated it, but the notion 
that someone or a group could hijack a plane and take a 
commercial airliner and turn it into a missile, I think that 
threat has been managed quite well. But I think we would be 
kidding ourselves if we didn't think that aircraft generally as 
a target remains a vulnerability and remains a continuing 
interest, a target of interest for those would bring us harm.
    Mr. Keating. Thank you. What is more frightening is we went 
back and looked at the videotape and even knowing it, he had 
done it, they still couldn't see him do it afterwards.
    A quick question, maybe a yes or a no, since my time is 
limited. Secretary Napolitano, just a few months ago, told this 
committee that since 9/11, she considers the current period the 
most dangerous since 9/11 that we are in now, and she think it 
is at its most heightened state, would you agree?
    Mr. Ridge. Well, certainly the Secretary has access to more 
intelligence information than I do at the present time, but I 
think there is a new dimension that complicates her world and 
the challenges associated with this country and that is the 
homegrown terrorists. In the past 18 months, we have seen the 
arrest and involvement of 70 or 80 citizens or naturalized 
citizens are here with visas, so I think the world is a little 
more complicated for her and for this country.
    Mr. Hamilton. I am not aware of any immediate specific 
warnings, but of course, we found in the trove of information 
we got from Osama bin Laden's raid, their interest in doing 
something on the anniversary of 9/11.
    So I understand that our security officials have ratcheted 
up the security levels quite a bit for the next few days, that 
seems to me to be entirely appropriate because the intent here 
has been expressed, it has been expressed in the information we 
got from Osama bin Laden's hideout.
    Chairman King [presiding]. The gentleman from Arizona, Mr. 
Quayle, is recognized for 5 minutes.
    Mr. Quayle. Thank you, Mr. Chairman. Thank you for holding 
this hearing and thanks to the witnesses for being here.
    Governor Ridge and Congressman Hamilton, my question is 
about what your thoughts are and the threats with our Southern 
border. With the drag cartels, the continuous battles between 
Sinaloa and the Gulf cartel and the Zetas and the level of 
violence that continues to escalate along our Southern borders 
and the sophistication of the weaponry continues to advance.
    I was down earlier this spring at a port of entry in 
Douglas, Arizona, and one of the things we saw in video was the 
night before was one of the drug cartel agencies was took a 
stolen or made-up police vehicle and drove right by the port of 
entry, about a 100 yards from our border, entered into a 
restaurant, unloaded about 300 rounds of ammunition killing a 
number of people and wounding scores of people.
    I just want to ask you, what do you think the level of 
threat to our homeland based on the level of violent activity 
being pursued by the drag cartels in Mexico, and how that 
affects our threat assessment from that area?
    Mr. Ridge. Well, first of all, I think the past 2 years and 
the attendant public awareness of the narco threat that our 
borders clearly demonstrate that areas of lawlessness adjacent 
to our Southern border that we all should be concerned about. 
But it is just a manifestation of a threat that has existed for 
decades, and we still haven't gotten our arms around it is that 
is the importation of drugs. I mean, we talk about weapons of 
mass destruction. Well, long before 9/11, this country was 
dealing with a weapon of mass destruction and it was called 
``drugs,'' that had been coming into this country from multiple 
sources around the world. We still haven't gotten our arms 
around that.
    So my sense is, again, not privy to the kind of information 
frankly that I didn't enjoy knowing but I was glad I was part 
of the group that knew it and could potentially act upon it, is 
that there is still a greater need for us to develop trusted 
relationships with our counterparts in Mexico. There is 
probably a greater need within that arena of trust for 
information sharing, and frankly, we don't have--and I say this 
with great respect to friends and colleagues of mine with whom 
I worked in Mexico, we still don't have that decades-long, 
mature, trusted relationship with all the agencies of 
government down there, particularly within the law enforcement 
community generally.
    So it is a real complicated--it is an enormous challenge to 
this country. I think we are up to the challenge, but it is 
going to take us a long time to deal just with the violence, 
let alone inescapable conclusion. It is just simply a 
manifestation of the greater problem, that is the importation 
of drugs. Someone who appreciates a supply but wouldn't be 
coming in if there wasn't a demand, so it is a little more 
complicated than arresting the supply.
    Mr. Quayle. Congressman Hamilton.
    Mr. Hamilton. I am not sure I can add much, and I know your 
experience would be more immediate than mine. I am a long way 
away from the border. But I have been impressed over the period 
of years how difficult this has been for this country to deal 
with. I think we have increased the number of border guards 
every few years around here for a good many years. I am sure 
that has been helpful. I know they do a lot of good work. I 
know we have built a fence, I don't know what the miles are, 
but an extended fence, which I think has had some impact, you 
would know that better than I.
    We put into place a lot of new technology with mixed 
results, I think. I think all of those things have to be 
continued and strengthened to deal with the problem. I think 
the threat is very, very significant to the country. We have 
probably not focused enough on it, those of us who have dealt 
with Homeland Security. That is about all I can say.
    I obviously agree with what Governor Ridge said. There are 
a lot of problems in this world that we can't solve by 
ourselves. I don't think we can solve this problem by 
ourselves. I think we are going need a lot of cooperation with 
the Mexican government as well.
    Mr. Quayle. Thank you very much. Thank you, Mr. Chairman, I 
yield back.
    Chairman King. I thank the gentleman. I now recognize for 
the first round of questions a Member of the committee, the 
gentlelady from California, Ms. Hahn, recognized for 5 minutes.
    Ms. Hahn. Thank you very much, Chairman, and Ranking Member 
Thompson, for welcoming me to this committee. I look forward to 
representing my constituents in the 36th Congressional district 
on this committee.
    You know, I remember very well on September 11 as we all 
do, where we were, what our first thoughts were. I had just 
been elected to the city council of Los Angeles, and my council 
district includes the Port of Los Angeles and I represent over 
100,000 people that just physically, you know, sit right next 
to the Port of Los Angeles. While the September 11 attacks were 
aviation-related, my first thought was the vulnerability of the 
Port of Los Angeles.
    Ten years later, I am now representing those same 
constituents in Congress. I am still concerned about the Port 
of Los Angeles. Between the ports of Los Angeles and Long 
Beach, we account for about 44 percent of the trade that comes 
into this country. We have about 5,000 men and women who 
actually work on those docks on a daily basis. I think it is 
our seaports that are still probably the most vulnerable 
entryway into this country.
    While you talk about how we have evolved in granting these 
Homeland Security grants to more represent threat, 
vulnerability and consequence, and Honorable Hamilton, as you 
say, they have given us a roadmap, the target will be something 
that does great damage and is symbolic. I think an attack on 
America's ports in Long Beach and Los Angeles could create a 
significant impact to our National economy and our global 
economy.
    So I have spent 10 years on the city council working with 
my predecessor, Jane Harman, in improving the security of both 
L.A. International Airport and the Port of Los Angeles, but I 
would like to know from the panel what you think we in Congress 
should be doing, can do to improve the security at our ports?
    Mr. Hamilton. My judgment would be that we have not focused 
enough on the ports. I think the enormous vulnerability would 
be an inadequate inspection of cargo probably would be a major 
problem. I am not up to date on what has been done on that.
    I do recall being disappointed again at the state of our 
technology with regard to detection. You have these massive 
amounts of materials coming into the country in ships and our 
ability to identify dangerous materials, I think, is lacking, 
at least that is my understanding at this point. So I think you 
play an important role by bringing up the question of the 
vulnerability of the ports.
    Mr. Ridge. I might add, all those it is a time of concern 
about the fiscal situation in this country in dealing with the 
deficit and the debt, I must admit that early on, being very 
much someone who believes that during my tenure and subsequent 
to my tenure, that the United States Coast Guard is one of the 
most overstressed, multi-tasked, under-appreciated institutions 
of this Federal Government. I think they are grossly, grossly 
inadequately funded for the multiple tasks they bring in their 
primary responsibility to this country.
    These men and women for years--no, for decades literally 
get pretty much what is left over when it is divided among the 
rest of the agencies. They have multiple tasks and they never--
they just don't--I dare say, the generals and admirals in the 
other branches of the service would be up here en masse if they 
received as little funding on strategic needs that the Coast 
Guard does.
    For whatever reason, there is this mindset that we can do. 
If you want to do one thing to improve maritime security in 
this country, you go back and take a look at the Coast Guard's 
budget and bring in not just the incumbent commandant, but the 
three or four that have preceded him. I can recall flying in a 
helicopter, overseeing the G8 exercise at one time, and the 
pilot asked me if I wanted to grab the control.
    So as an infantry soldier, I was really reluctant but I 
will pretend like I am flying like the TV commercial. I said to 
the pilot, is this one of those helicopters that has a failure 
rate, an engine failure rate, that the FAA would have grounded 
had it been flying commercially? He said, yes, it is. One of 
the passengers in the back seat said: Can we change the 
conversation?
    I remember going, as Secretary, to appeal--you opened the 
door for me and I have to take advantage of it, I rarely do 
budget secretary's appeal--budget decisions to the highest 
level. Well, I took the Coast Guard's budget number from--up to 
the appeal board, and I brought in a piece of steel, a metal 
plate on one of their 20- or 30-year old ships that had been 
bent because of the use, because it is a multi-tasked vehicle, 
ship.
    So if you want to do something really significant to 
improve maritime security, I think you go back and give the 
Coast Guard the money they need to do their job more 
effectively.
    Mr. Dodaro. I would say, Congressman, we have done a lot of 
work on maritime security looking at the process, looking at 
vessels, people, and cargo issues. We find some progress being 
made in these areas, but it is very difficult to determine yet 
what the degree of progress and readiness really is at the 
ports.
    You have also, have mentioned already the Transportation 
Worker Identification Card and the problems associated with 
that. That has a lot of problems and needs to be addressed. 
Also, the key issue regarding technology and how different 
technologies could be used to help scan cargo and containers. 
We have done work, which I will provide to the committee, 
looking at the emerging technologies to really address that. 
The volume of activity really has to entail some technological 
solution.
    Ms. Hahn. Thank you very much, my time is up. I will say, 
until we are screening 100 percent of our cargo, I think we 
have got a problem.
    Chairman King. I will say to the gentlelady on that, there 
is a bipartisan concern on this committee. I would suggest 
actually meeting with the Secretary if she takes this issue 
very seriously. As a practical matter, the 100 percent is going 
to be difficult, but they are improving it, and they are trying 
do it on threat-basised analysis, but we actually passed back 
in 2006, I know it has been continued since, legislation 
sponsored by your predecessor and also by Mr. Lungren.
    Again, in a bipartisan way, we are concerned and we realize 
the vulnerability. I remember just when there was a strike 
against the Port of Long Beach, the billions of dollars that 
were lost just in a brief period of time. Imagine what that 
would be if there was a dirty bomb attack. So we share your 
concern. Thank you.
    The gentlelady from California, Ms. Richardson, is 
recognized for 5 minutes.
    Ms. Richardson. Thank you, Mr. Chairman. First of all, I 
would like to talk about the cuts that the House of 
Representatives supported and actually many colleagues here. I 
don't know if you gentleman are aware, but actually of the 
appropriations bill we--not we, I didn't actually support 
this--$2.7 billion was removed, about 6 percent less than what 
was originally requested by the administration. Specifically, 
within Customs and Border Protection, $89 million was cut, 1 
percent less than requested; Transportation Security 
Administration, $292 million, 4 percent less; Coast Guard, 
something that you were just talking about, $37 million was 
cut, 0.4 less than requested; and then within FEMA, the most 
dramatically cut $1.4 billion, which was 21 percent less than 
requested.
    What would you say the Members of the Congress and the 
Senate who, despite your efforts in your reports, seem to not 
value these services to the level that you say that we need to 
have them, what would your response be?
    Mr. Hamilton. You were suggesting a number of cuts that 
have been made on Homeland Security in general?
    Ms. Richardson. That is correct. My question, was 
specifically, what advice would you give to Members of Congress 
who actually supported those cuts and what would you urge us to 
do?
    Mr. Hamilton. Look, I am no expert on the budget of 
Homeland Security Department. But having said that, I would 
look with great skepticism on any cuts in this area because you 
are dealing with Homeland Security. You are dealing with the 
protection of the lives of the American People. So budgeting is 
always a question of priorities, and I know how difficult it is 
to make judgments with regard to priorities, but I am very 
skeptical and probably would oppose cuts on Homeland Security.
    Ms. Richardson. Okay. Mr. Dodaro, I am going to pause and 
ask you my second question because I think that is about all 
the time that I will have. You know, I was really surprised 
with the exchange with the previous Member, because I am sure 
the Ranking Member will recall that we have asked the current 
Secretary twice what is her intentions of implementing 100 
percent scanning of cargo. Actually, the response hasn't been 
supportive. In fact, the response has been really there is 
absolutely no intention, what I have gotten from those 
hearings, to actually implement 100 percent screening of cargo.
    In fact, what the Secretary has said for the record, the 
Secretary has said is that they are exploring other means, 
which you, sir, reference in your report, for example, doing 
screening by paper and looking at continual shippers and things 
that might be of concern, and really getting away from the 
agreement, if, in fact, they are going to be able to do 
screening.
    So first of all, I thought we needed to clarify for the 
record what the current Secretary has said and what so far her 
intentions are.
    So, sir, I would like to ask you in regards to your report 
on page 114, you talk about this whole issue and my question to 
you would be you said, you know, the Secretary, the 
administration are preparing this report, it doesn't look like 
they are really going to follow through on what the commission 
asked of 100 percent inspection. Could you expand more on where 
you plan on going further in your evaluation?
    Mr. Dodaro. Basically, what we have recommended, as I 
recall, is that the Department do a feasibility study on the 
100 percent requirements. As part of that study to look at 
different alternatives. So, that is our recommendation on that. 
Now we are taking about cargo to be screened outside the United 
States before it arrives, because there is other different 
types of cargo to screen once it arrives on our ports. But as 
it relates to that type of cargo screening, we have recommended 
a feasibility study. There are a lot of practical problems that 
we identified in our work about reaching 100 percent 
requirements. But there needs to be a study and alternatives 
developed.
    Ms. Richardson. I have 30 seconds left. Mr. Hamilton and 
Mr. Ridge, what do you think of the Secretary, not only this 
current Secretary, but the previous Secretary's non-commitment 
to meet your requests in your recommendation of 100 percent 
inspection of cargo?
    Mr. Ridge. Well, I think, again, I can't speak to them, I 
truly believe that it is in--literally speaking, it is probably 
physically impossible to do, if you really think about the 
volume of the cargo in this country, within each one of those 
containers, there are containers within containers and the 
like. Having said that, I do--I am familiar with some 
technology of detection that will enable, I think, if it proves 
to be successful, enable us to become--get much, much closer to 
reaching that goal.
    Again, it is managing the risk and are there venues and are 
there ports of call around the world through which cargo might 
go that we would want to do, make our best efforts to inspect 
all 100 percent? I dare say, yes. Again, it is managing the 
risk, I am still one who believes as difficult as it may be, 
empirically, to get to 100 percent, we encourage the research 
and development in detection technology, we can get very close 
to it.
    Mr. Hamilton. I do not recall that the 9/11 Commission 
recommended 100 percent screening for the reasons of the 
difficulty achieving it. But we certainly supported the idea 
that Secretary Ridge has indicated, and that is risk 
management.
    I think in dealing with the bulk of cargo that comes into 
this country on a daily basis is a practical matter. You 
obviously want to improve the technology to the highest degree 
that you can achieve. But even after you do that, you are going 
to go have to make judgments about cargo coming from different 
ports of the world and that involves a risk management 
decision.
    Chairman King. The gentlelady's time has expired. The 
gentleman from New York, Mr. Higgins, is recognized for 5 
minutes.
    Mr. Higgins. Thank you, Mr. Chairman. I want to get back to 
the purpose of hearing, which was the progress we have made in 
the past 10 years and the security gaps that still exist and 
the management and operational improvements that still are 
needed.
    Last December, The Washington Post reported that the top 
secret world of counterterrorism has become so large, so 
unwieldly, so secretive, that no one knows how much money it 
costs, how many people it employs, how many programs exist 
within it, or exactly how many agencies do this work.
    A new book out by Dana Priest called Top Secret America, 
The Rise of New American Security State, characterizes this as 
the terrorism industrial complex. We have 800,000 people who 
now hold top security clearances.
    We have 51 Federal organizations and military organizations 
that are involved in tracking the flow of money inside and out 
of terrorist organizations; we have 2,000 private companies; 
and 1,200 organizations and intelligence agencies that are 
involved in counterterrorism.
    It seems as though this hearing and the information that 
has been presented by both the panel and ancillary information 
is very disconcerting. What the American people should have 
expected in the aftermath of 9/11 is a bureaucratic response 
that is lean, muscular, transparent, and effective. It seems as 
though what we have is a bureaucratic response that is bloated, 
immobile, ineffective, and not doing the very things that the 
9/11 Commission said was most important. That was to remove the 
barriers that existed between Federal law enforcement agencies 
toward the goal of sharing good information, because that was 
most effective in thwarting preempting terrorist activity.
    Lawrence Wright's book, The Looming Tower, recounts--there 
is a passage in there that an FBI agent got physically sick 
because after he realized what had occurred, he said that the 
intelligence existed to stop that very incident on 9/11.
    So, you know, the American people have been misled. I think 
what we did in the aftermath of 9/11 was said, we got attacked, 
we don't know specifically who it is, here is a bunch of money, 
go out and do something about it. We created a bureaucracy that 
is not meeting its moral and operational objective.
    So I just ask all of you, who have committed yourselves, to 
try and improve this situation to comment on the information 
that has been presented here.
    Mr. Hamilton. Well, I think you raise a question that 
probably would not have been raised a few years ago. You are, 
of course, right when you indicate the figures that show 
enormous expansion of Homeland Security activities, and we have 
not much focused on the matter of cost effectiveness. Up until 
this time, until fairly recently, every--the security people 
win every argument, because they come in and say if you don't 
do this, your vulnerability is going to be much greater. In the 
aftermath of 9/11, we tended not to worry too much about cost. 
Therefore, you get an $80 billion budget for the intelligence 
community.
    I chaired the Intelligence Committee back a good many years 
ago when the budgets were, I think, in the range of $10 
billion. I am not precise about that but roughly. So we have 
had an explosion of cost here without any doubt about it. The 
question of cost effectiveness needs to be brought much more 
into the debate than it has been thus far.
    Having said that, may I go back to the point of oversight? 
This is why you need a Congressional intelligence oversight 
which is focused, in my view, should be in an Appropriation 
Subcommittee on Intelligence, and on--and as well as having 
effective oversight of Homeland Security.
    In effect, you have a very fractured oversight of Homeland 
Security and, in effect, you have an inadequate oversight of 
the intelligence budget and in both areas, you have had an 
explosion of cost. One of the reasons oversight is necessary is 
to keep your eye on exploding costs.
    So I do not think Members of Congress can say you are 
innocent on this, you folks haven't done the job with regard to 
oversight. That is part of the answer, not the entire answer. 
But I like to see questions of your kind coming forward because 
I think we need some push-back on the explosive growth that we 
have had in these areas. That is a fairly typical response by 
the American Government, I guess, to increase things very 
rapidly in Homeland Security.
    Mr. Higgins. Reclaiming the time that I don't have. Mr. 
Chairman, can I just make a final point? This is my concern, 
this is my concern, we had a hearing in this committee a couple 
of months ago on Hezbollah. Hezbollah committed to violent 
Jihad. They act as a proxy for Iran, Syria, and Venezuela. The 
information that was presented to this committee indicated that 
Hezbollah had a presence in North America, including five 
cities in the United States, and four cities in Canada, so as 
to have close proximity to the United States.
    One of the cities in Canada was Toronto, 90 minutes from my 
hometown of Buffalo, New York. We have Niagara Falls which is a 
huge tourist attraction. We have the Niagara Power Project, 
which produces the cheapest, cleanest electricity in all of New 
York State. We have The Peace Bridge, the busiest Northern 
border crossing for passenger vehicles. My concern is that we 
are so preoccupied with this bureaucracy and so immersed in it, 
that we are not agile. We can't adjust to changes in the 
ground. That the terrorist threat today is very different from 
the one that existed 10 years ago. At the younger, it is more 
aggressive, it is more vicious, and it is technologically 
savvy. So we are preoccupied with this false sense of security 
that we built up within this bureaucracy. The terrorists are 
way ahead of us because they are smaller, they are mobile and 
they are able to move and that is a major concern that every 
American, regardless of whether you live in western New York or 
throughout this Nation, should be very, very concerned about.
    Chairman King. I would ask if the witnesses have responses, 
do it in writing.
    Mr. Higgins. Thank you.
    Chairman King. I recognize the gentleman from Louisiana for 
5 minutes.
    Mr. Richmond. Thank you, Mr. Chairman. Thank you, Ranking 
Member. Thank you for the witnesses today.
    In evaluating where we are today compared to where we were, 
I would like to shift away from preventing the attack and talk 
a little bit about a response to a terrorist attack. Just 
grading 9/11 in terms of resources provided, in terms of 
unified command in terms of money appropriated, how would you 
grade the U.S. Government's response after the attacks of 9/11 
to the city of New York and to the other places that were 
affected? If you just had to rank in terms of poor, fair, good, 
or excellent, how would you characterize it?
    Mr. Hamilton. At the time of 9/11?
    Mr. Richmond. Yes.
    Mr. Hamilton. It was very poor, very poor.
    Mr. Richmond. The resources provided on the ground in New 
York?
    Mr. Hamilton. There was a great deal of confusion within 
our Government, we weren't prepared at many levels to deal with 
it, both in terms of the emergency response, and in terms of 
the defense of the country. Multiple mistakes were made from 
the ticket taker in Logan Airport in Boston to the President of 
the United States. Nine-eleven, we said, look, we were not 
charged with responsibility of accountability and didn't we did 
not get into it, but we said there was a systemic failure. That 
failure was literally scores, hundreds, maybe thousands of 
people in the country, it was a very poor response, it was a 
major failure of Government. We failed to protect our people.
    Mr. Richmond. Governor Ridge.
    Mr. Ridge. I think there is evidence to suggest that for 
years and years, at least within a small group of men and women 
within the intelligence community, it was greater and greater 
sensitivity to a potential attack, the nature of which we were 
still quite unaware, but the rise of these Jihadists was known 
to a few. I think the decisions made probably not just when 
President Bush became President or decisions that were not 
made, but even prior to previous administrations set us up so 
that clearly we weren't as prepared as we would like to think 
as Americans we would be for such a catastrophic event. Again, 
I am not--I know the 9/11 Commission didn't look into that. I 
thought that--I know individually that people at FEMA and 
everybody associated with the recovery efforts did everything 
they could, but this was a--I am not sure anyone's imagination 
was so expansive as they thought about preparing even for a 
potential terrorist attack that they could envision commercial 
airplanes being turned into missiles or that the Twin Towers 
would fall.
    So while we certainly proved ourselves--we became more 
aware of our vulnerabilities, we are not more vulnerable 
because of it. Even on our best days, I don't think whether you 
are Republican or Democrat in the President Bush administration 
or President Clinton administration you could have ever seen 
even those within the intelligence community thinking about the 
Jihadists and extremists and a terrorist attack it being at 
that level. We need to understand there is a blame game we 
often play, but I don't think anybody anticipated an attack at 
that level.
    Mr. Richmond. I represent New Orleans, Louisiana, which in 
the aftermath of Katrina the Government response was very, very 
poor in terms of getting resources there quickly unified 
command and all of those things. My question now would be if, 
in fact, position of the House, we have a pay-for for disaster 
response, how is that going to affect our response to the next 
big disaster or terrorist attack? If it means us coming in and 
cutting our agreeing on cuts in order to provide funding, how 
would that hamper the response to a future terrorist attack?
    Mr. Ridge. If I might, Mr. Chairman, I will take a little 
extra time. I think it is a really pivotal question here. 
Katrina--as you look back and reflect on Katrina, I think there 
were a lot of lessons learned, and there probably more 
painfully aware than most Members of Congress since this 
affects your constituents in the city and the people for whom 
you are responsible. There we saw, I think, the failure of the 
local and the State and the Federal Government to coordinate 
its activity and to err on the side of preparation. You don't 
need to be a meteorologist to see that a Cat 4 or 5 heading to 
a city that needs a pump to keep it above--14 feet above--below 
sea level anyhow. So, I think there was plenty of blame to go 
around. I am not here to revisit that.
    Since that time I believe that, frankly, I think right now 
FEMA has got one of the strongest and best administrators we 
have ever had in this country, Craig Fugate. We worked with him 
when he was running the operation down in Florida. The year 
before Katrina he had four hurricanes bouncing around ad he 
took care of every one them. Collectively they weren't 
Katrinas.
    So I think the lessons learned were painful, but I do think 
they are far, far better prepared than they have ever been 
before to deal with a major disaster.
    One final comment. Never in the history of the country have 
we worried about budget around emergency appropriations for 
natural disasters and frankly, in my view, we shouldn't be 
worried about it now. I realize you have fiscal problems as a 
real challenge, but we are all in it as a country. When Mother 
Nature devastates a community we may need emergency 
appropriations. We just ought to deal with it and deal with the 
fiscal issue later on.
    Mr. Hamilton. One of the ways to look at this is the 
progress that has been made. If you look at the response of 9/
11, very poor; response of Katrina, as you said, very poor; 
response to the oil spill, better; response to Irene, better. 
We are learning the progress, they may not be as rapid as we 
would like but we are getting better to responding to 
disasters, even though there are some gaps.
    Mr. Richmond. Thank you to the witnesses. Thank you Mr. 
Chairman.
    Chairman King. The time of the gentleman has expired. Now 
my second chance at getting Ms. Clarke for 5 minutes, my friend 
from New York.
    Ms. Clarke of New York. Thank you very much, Chairman. I 
thank the Ranking Member as well and I thank our panelists. On 
the eve of the 10th anniversary of 9/11 terrorist attacks on 
our Nation, the possibility of another attack still casts an 
ominous shadow over the United States. I believe that we are 
definitely safer; however, safety is a relative term in an 
effort involving threat environment against our Nation and her 
people.
    These changes may, in the transportation industry, and in 
the intelligence community, have definitely prevented another 
successful attack for this moment. Even with the death of Osama 
bin Laden, we must continue our vigilance and the build-out of 
a robust defense as well strengthen our capacity to be 
resilient.
    On behalf of the people of the 11th Congressional district 
New York, I would like to express to those who lost a family 
member, a loved one or friend on September 11, 2001, terrorist 
attacks, that their loss will never be forgotten.
    As a Member of this committee, and a New Yorker, I would 
like to emphasize the importance of fully implementing the 
recommendations of the 9/11 Commission. We must partner with 
local, State, and private sector partners to keep our Nation 
safe.
    After witnessing first-hand the inability of first 
responders to communicate on September 11, 2001, and the 
excessive loss of life as a result, I fully support efforts 
that would give first responders specific portion of the 
spectrum known as D-Block for a resilient state-of-the-art 
communications network. Our first responders definitely need to 
be able to communicate with one another in times of crisis. So 
my question is what are your thoughts on a set-aside of the 
dedication of the D-Block spectrum for first responders?
    Mr. Hamilton. Well, I favor it and I am pleased to know 
that the Chairman and Ranking Member here and a good many 
Members of the committee favor it.
    I think it is the most expeditious and surest way to get 
reliability of the communication. Now once you set aside the D-
Block, you are not through. There is a lot of more work that 
has to be done. But it is essential, I believe, to make it 
possible for the first responders to talk with one another. The 
best way to do that is to set aside a portion of the radio 
spectrum, the so-called D-Block, directly allocate that to the 
first responders. I favor that. I think it's very important.
    Mr. Ridge. I would hope the balance of the Congress would 
take the lead from the Chairman and Ranking Member of this 
committee and get about the business of dedicating the D-Block 
that, let the private sector begin embedding the technology 
that we need. There may be political differences, but I think 
the first responders community is just generally saying work it 
out, we need the technology and we need it now. So I hope 
Congress follows your lead, Congresswoman.
    Ms. Clarke of New York. Thank you. My next question is 
about how we deal with enhanced security, while at the same 
time, preserving our very cherished civil liberties. 
Representative Hamilton, would you expand on the ideas you 
mentioned in your testimony regarding the privacy and Civil 
Liberties Oversight Board.
    Mr. Hamilton. Well, I am impressed with the capacity of 
Government to intrude on the lives of people. I mentioned 
earlier in the hearing today that I had a briefing on this 
yesterday and it is just absolutely incredible what these 
sophisticated devices can do with regard to intruding on your 
privacy and civil liberties.
    Now, even if you take the position that under present 
circumstances, the civil liberties and privacy are being 
reasonably protected, I simply didn't know enough about that, 
but for sake of argument, say they are being reasonably 
protected, the history of abuse of Government power is enough 
to give us pause here. To try to set in force, in place, some 
kind of counterpressure, if you would, to the people who want 
more and more intrusive measures. I think all the members of 
the Commission felt that you needed a robust civil liberties 
board to push back and to try to protect our liberties and our 
core values and our privacy.
    I am very disappointed that we have not put such a board in 
place. I don't think the job of the board is easy, I think will 
be very, very difficult. But you need some counterpressure, 
some pushback to the security agencies which press for more and 
more power, more and more ability to intrude into the lives of 
Americans.
    Now, I have to say that most of us think that the powers 
that have been expanded are probably appropriate, in many cases 
at least. But at the very least, you need a rigorous oversight 
of that in order to protect our core values. So I think it is 
terribly important that that board be created. I haven't fully 
understood why it hadn't been created, but it has not, and 
let's get about the business of getting it in functioning 
order.
    Mr. Ridge. I might just add very briefly I certainly want 
to associate myself with my colleagues' remarks. But when 
Congress passed the enabling legislation creating the 
Department of Homeland Security in its wisdom, and frankly 
foresight, it anticipated the challenges associated with a 
department that may be using information. They certainly wanted 
to use it in an appropriate way to protect America, but the 
Congress mandated, I think was the first privacy officer 
mandated by Congress in any of our cabinet agencies. I think 
that mindset, the appreciation, liberty and privacy is very 
much a part of how the Congress thought about that any agency 
that I think my colleague has pointed out, you take that 
concept and enshrine it in broader oversight community, over 
the intelligence community generally.
    Ms. Clarke of New York. Did you want to share anything?
    Mr. Dodaro. Yes, setting aside the board recommendation, I 
think that has already been commented on. We looked at how the 
privacy officers and agencies have implemented their 
responsibilities. DHS is doing more in this area to do as 
privacy assessments. Our recommendations have been that they 
need to be embedded in all the decisions that are made when new 
systems are put in place that collect information that this 
concern needs to be addressed up front. We think that will help 
further solidify the balance between security and civil 
liberties protections.
    Ms. Clarke of New York. I thank you, Mr. Chairman.
    Chairman King. The time of the gentlelady has expired. I 
thank the gentlelady and I yield to the gentleman from 
Illinois, Mr. Davis, for 5 minutes. We are coming up against 
votes, but we have more than enough time for your question.
    Mr. Davis. Thank you very much, Mr. Chairman. Let me thank 
you and the Ranking Member for holding this hearing. I also 
want to thank our witnesses for their expertise in this arena 
and also for the tremendous services that they have all 
provided to the country and continue to do so.
    I think all of us can reflect on September 11, 2001. I 
happen to have been in Tel Aviv, Israel, at the moment. Of 
course, we were there for a week because we couldn't leave. So, 
I have had the opportunity to reflect upon the tremendous 
impact, not only to our country and our way of life, but what 
has happened internationally around the world.
    I am also reminded, and I am pleased that the last few 
minutes we have had some discussion of budgets, of priorities, 
of the economy and its impact. I am always reminded of 
something Frederick Douglass said when we talk about what we 
need and what we want. He often said you can't have the rain 
without the thunder and the lightning, meaning that priorities 
are very important, and you have to determine what you are 
willing to give in order to get what it is that you are trying 
to get.
    We have now had almost a decade of spending money in the 
Homeland Security arena. My colleagues have mentioned cuts and 
cutbacks. I guess my question, as I have listened, would be: 
What have we really learned since 9/11 about what spending 
works and what does not work? What seemed to work best? How do 
we adequately prepare or make the best use of the resources 
that we are willing to spend? What areas have we been most 
successful in, which ones we have been perhaps least successful 
in? How do we prepare to the best of our ability for the 
future? If each of you would just respond to that question, I 
would thank you very much.
    Mr. Hamilton. Well, it is a very, very broad question. You 
can look at our response in terms of the cup being half-full 
and the cup being half-empty. We have really made a very great 
deal of progress, I think, at all levels. When you get on an 
airplane today you are safer than when you got on it prior to 
9/11. I think that the sharing of information in the 
intelligence community is much, much better than it used to be. 
In all aspects of preventing attack, we have made some 
progress. We spent the morning talking about areas where we 
think more progress needs to be made, that would be in your 
category, I think, where we have been less successful, in terms 
of unity of effort, whose in charge at the site, the 
communication problem and many other areas that have come up 
today.
    So I think you have to think of Homeland Security in terms 
of a work in progress, a lot of progress having been made, but 
it takes constant effort to make the American people as secure 
as they ought to be and could be. That is why oversight is 
terribly important. So that is a quick, quick summary. I think 
we are safer today than they were, but we are not as safe as we 
could be and that would be my summary of where we are after 10 
years.
    Mr. Davis. Thank you very much.
    Mr. Ridge. I thought your question highlights an issue that 
we addressed during the course of this hearing, and that is the 
need for a much smaller group in the Congress of the United 
States to take a far more holistic approach towards its 
oversight over still this relatively new agency to set in a 
very thoughtful and judicious way, the kinds of priorities that 
you need, because there are plenty of wants that you need to 
address that the priority should be the needs first, and you 
have highlighted that.
    I think in a couple of areas we have decided we have erred 
when we thought more was better. That article that one of your 
colleagues referred to about the explosion of the 
infrastructure around the counterterrorism was a perfect 
example where we thought if we employed now thousands and 
thousands of more analysts and private sector contractors we 
would be safer, but in spite of all of that, we had Fort Hood 
and a few other instances that we were lucky that things didn't 
happen.
    So I think we have learned that perhaps more judicious 
identification of priorities, and candidly and respectively 
with more aggressive oversight on the part of the Congress of 
the United States, which, again, is very difficult to do when 
it is dispersed throughout the entire Legislative Branch.
    So I think it is a very appropriate question. I am not in a 
position to assess basic outcomes. In balance, I think the 
Congress has identified and funded some of the most immediate 
needs. I do think there have been dollars that have not been 
expended very appropriately. I think Congress, along the way, 
lost sight of the admonition that was involved in the enabling 
legislation, that is, take commercial off-the-shelf technology 
and apply it. I think we are still in search for the perfect 
technology. I don't think we are going to find it at the 
border, I don't think we are going to find it at the airport. I 
think we might want to be able to be a little bit more 
judicious in encouraging and review kind of the procurement and 
the testing process about these technologies within the 
Department. But I think as someone who is privileged, and I 
have served and worked in--served in Congress and worked with 
my colleagues during those first couple of years. I think they 
did a remarkable job. Remember, there was no architecture, 
there was no plan. No one was prepared for that attack, the 
nature of attack, and frankly what this country endured after 
where, as I have said before and I say again, we went from 
unprecedented grief to unprecedented guard. We found solidarity 
at the outset, we made some mistakes along the way, but as my 
colleague, Lee Hamilton, has said, and one of the reasons we 
are safer in our country is because of the work he and Tom Kean 
and the 9/11 Commission accomplished. We made a great deal of 
progress. Let's not be reckless about the threat. America can 
manage this threat. Let's just be smart about how we go about 
dealing with it in the future.
    To that end, would just love to see there being a broader 
role for a smaller group of Congressmen in the House and the 
Senate to help to continue to build on the success and enhance 
the maturity and the effectiveness of the Department. But your 
question was very well stated. I am sorry I gave you a long-
winded response to it.
    Mr. Davis. Thank you very much.
    Mr. Dodaro. I would say, Congressman, the other panelists 
have talked more broadly about this, and I agree that we have 
spent a lot on addressing the aviation area and maritime 
security. The chemical, biological, and nuclear area and cyber 
area really needs more attention going forward as the threats 
evolve. As it relates to resource investments narrowly, I think 
what we have learned is that you can't rush deployment of 
untested technologies. That has not worked effectively. There 
are the airport so-called puffer machines, the SBInet virtual 
fence, the advanced spectroscopic radiation monitors all have 
failed because they haven't had adequate testing. Also, on the 
secure flight area was on a success side. I think they took 
their time. Congress enumerated specific areas that needed to 
be met. GAO had a monitoring role, including the protection of 
civil liberties and privacy in that system. I think that was a 
good effort on that side.
    So I think going forward there really needs to be risk-
based approaches to investment decisions. Funds are not 
unlimited. There also has to be careful application of good 
management practices in testing and deploying technologies.
    Mr. Davis. Thank you. Mr. Chairman, I want to thank you and 
the Ranking Member for your leadership, as well as the 
witnesses. I personally feel much safer now than I did then.
    Chairman King. Thank you, Mr. Davis. Let me thank the 
witnesses. The Ranking Member and I were discussing, you know, 
listening to your testimony. The depth of knowledge you have 
about such a complex issue and how unfortunate it is that too 
often a political debate, especially on the issue of homeland 
security, there are so many cheap sound bites that are out 
there. They take the most complex issue--too many people in 
politics today in both parties take the most complex issue and 
try to reduce it to a 10-second sound bite. While there are 
specific answers which we are looking for or definite actions 
that should be taken, I think the three of you have 
demonstrated today, none of this is easy, all of this is 
complex, and there are many people who are well-intentioned 
trying to do the right thing. Actually no one has done more 
than the three of you.
    So I want to thank you for your service, especially thank 
you for your testimony today. I will yield to the Ranking 
Member for any final remarks he has.
    Mr. Thompson. Thank you, Mr. Chairman. I would like to 
support your comments. We have a lot of people who come before 
this committee who consider themselves experts, but I have not 
had integrated depth of knowledge presented here this morning 
by the three of you on a very complex subject. That depth goes 
beyond just the high point. I think it is a tribute to what you 
do every day. I want to personally, just as the Chairman said, 
thank you for your service and thank you for hopefully getting 
this committee where we need to be as the Committee on Homeland 
Security. Your leadership in getting us there and this 
testimony will go a long ways toward accomplishing that. I 
thank you.
    Chairman King. I thank the Ranking Member. In conclusion, I 
would just say, as Chairman Hamilton and Secretary Ridge well 
known for their experience, Members of the committee may have 
some additional questions, and we will ask you to respond to 
those in writing. The hearing record will be held open for 10 
days. Without objection, the committee stands adjourned.
    [Whereupon, at 1:10 p.m., the committee was adjourned.]