[Senate Report 113-274] [From the U.S. Government Publishing Office] 113th Congress } { Report 2d Session } SENATE { 113-274 _____________________________________________________________________ Calendar No. 599 TRANSPORTATION SECURITY ACQUISITION REFORM ACT __________ R E P O R T of the COMMITTEE ON COMMERCE, SCIENCE, AND TRANSPORTATION on S. 1893 [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT] November 17, 2014.--Ordered to be printed ---------- U.S. GOVERNMENT PRINTING OFFICE 49-010 PDF WASHINGTON : 2014 SENATE COMMITTEE ON COMMERCE, SCIENCE, AND TRANSPORTATION one hundred thirteenth congress second session JOHN D. ROCKEFELLER IV, West Virginia, Chairman BARBARA BOXER, California JOHN THUNE, South Dakota BILL NELSON, Florida ROGER F. WICKER, Mississippi MARIA CANTWELL, Washington ROY BLUNT, Missouri MARK PRYOR, Arkansas MARCO RUBIO, Florida CLAIRE McCASKILL, Missouri KELLY AYOTTE, New Hampshire AMY KLOBUCHAR , Minnesota DEAN HELLER, Nevada MARK BEGICH, Alaska DANIEL COATS, Indiana RICHARD BLUMENTHAL, Connecticut TIM SCOTT, South Carolina BRIAN SCHATZ, Hawaii TED CRUZ, Texas ED MARKEY, Massachusetts DEB FISCHER, Nebraska CORY BOOKER, New Jersey RON JOHNSON, Wisconsin JOHN WALSH, Montana Ellen Doneski, Staff Director John Williams, General Counsel David Schwietert, Republican Staff Director Nick Rossi, Republican Deputy Staff Director Rebecca Seidel, Republican General Counsel Calendar No. 599 113th Congress } { Report 2d Session } SENATE { 113-274 ===================================================================== TRANSPORTATION SECURITY ACQUISITION REFORM ACT _______ November 17, 2014.--Ordered to be printed _______ Mr. Rockefeller, from the Committee on Commerce, Science, and Transportation, submitted the following R E P O R T [To accompany S. 1893] The Committee on Commerce, Science, and Transportation, to which was referred the bill (S. 1893) to require the Transportation Security Administration to implement best practices and improve transparency with regard to technology acquisition programs, and for other purposes, having considered the same, reports favorably thereon with an amendment (in the nature of a substitute) and recommends that the bill (as amended) do pass. Purpose of the Bill The bill specifies procedures for the Transportation Security Administration (TSA) to follow when planning, executing, and evaluating acquisitions of security-related technology. Background and Needs Significant problems have plagued the TSA acquisition process for much of the agency's existence. For example, in 2004 TSA began purchasing 207 ``puffer'' passenger-screening portals which were all withdrawn from service due to poor performance.\1\ --------------------------------------------------------------------------- \1\TSA Scraps Airport Screening Program, Associated Press, May 22, 2009, available at http://www.nbcnews,com/id/30875442/ns/travel-news/t/ tsa-scraps-airport-screening-program/. --------------------------------------------------------------------------- More recent examples demonstrate continued TSA acquisition problems. The Government Accountability Office (GAO) reported in January 2012 that TSA did not fully follow Department of Homeland Security (DHS) acquisition policies when acquiring advanced imaging technology (AIT), which resulted in DHS approving nationwide AIT deployment without full knowledge of TSA's revised specifications.\2\ --------------------------------------------------------------------------- \2\U.S. Gov't Accountability Office, GAO-13-469T, DHS and TSA Continue to Face Challenges Developing and Acquiring Screening Technologies (May 8, 2013), available at http://www.gao.gov/assets/660/ 654419.pdf. --------------------------------------------------------------------------- In addition, GAO found that the Acquisition Review Board (ARB) approved TSA for full-scale production without reviewing a changed key performance parameter. Upon GAO's recommendation, DHS developed a road map to address the recommendation, but currently faces challenges implementing it. Additionally, in September 2012, GAO reported that 42 of DHS's major acquisition programs experienced cost growth, schedule slips, or delivered less capability than promised, with 16 of the programs' costs increasing from $19.7 billion in 2008 to $52.2 billion in 2011.\3\ --------------------------------------------------------------------------- \3\U.S. Gov't Accountability Office, GAO-12-1024T, 9/11 Anniversary Observations on TSA's Progress and Challenges in Strengthening Aviation Security (Sept. 11, 2012), available at http://www.gao.gov/assets/650/ 647996.pdf. --------------------------------------------------------------------------- GAO also concluded in January 2013 that TSA began deploying passenger screening canine teams to airport terminals in April 2011 prior to determining the canine teams' operational effectiveness and before assessing where within the airport the canine teams would be most effectively utilized. In March 2014, GAO found that TSA's acquisition program for next-generation AIT systems was nine months behind schedule because of TSA's failures to follow acquisition guidance or best-practices, identify technical challenges, incorporate available information from vendors or national laboratories, and develop a realistic project schedule with achievable milestones.\4\ --------------------------------------------------------------------------- \4\Dept. of Homeland Sec., Office of Inspector General, OIG-13-123, Transportation Security Administration Office of Inspection's Efforts to Enhance Transportation Security (Sept. 24, 2013), available at http://www.oig.dhs.gov/assets/Mgmt/2013/OIG_13-123_Sept13.pdf. --------------------------------------------------------------------------- Similarly, the DHS Inspector General (IG) reported in September 2013 that, while TSA created and followed deployment schedules, TSA did not develop a comprehensive strategy to ensure all of its AIT units were effectively used for screening passengers and deployed to align with the overall goals of the Passenger Screening Program.\5\ Without a documented, approved, comprehensive plan and accurate data on the use of AIT, TSA continued to use walk through metal detectors unable to identify non-metallic objects to screen the majority of passengers, therefore not taking advantage of the AIT's security benefits. Additionally, the DHS IG found that TSA may have used resources inefficiently to purchase and deploy underused AIT units. --------------------------------------------------------------------------- \5\U.S. Gov't Accountability Office, GAO-14-357, Advanced Imaging Technology: TSA Needs Additional Information before Procuring Next- Generation Systems (Mar. 31, 2014), available at http://www.gao.gov/ products/gao-14-357. --------------------------------------------------------------------------- Further, industry stakeholders have criticized TSA for failing to accurately communicate technology needs and long- term investment plans, making it difficult for industry to plan ahead and invest in innovative research and development. TSA's original acquisition strategy focused on acquiring off-the-shelf systems. However, problems arose when such systems were neither sufficiently customized nor easily integrated into existing airport infrastructure. Attempting to address these issues, the Consolidated Appropriations Act of 2008 (Public Law 110--161), repealed TSA's authority to use the Federal Aviation Administration's acquisition management system, making TSA subject to the uniform acquisition process in the Federal Acquisition Regulation. Since then, TSA has improved its acquisition analysis and it has shifted to a risk- based security approach. The agency has also improved its pre- testing to identify problems before procurements are made. The bill would reinforce TSA's improved approach by seeking to codify many of the steps the agency has already taken, and further improve transparency and accountability in technology acquisition planning and spending at the agency. Summary of Provisions S. 1893 would amend title XVI of the Homeland Security Act of 2002 (116 Stat. 2312). It would require TSA to develop, in consultation with certain DHS officials and the aviation industry stakeholder advisory committee, and submit to Congress a strategic 5-year technology investment plan, to be updated every 2 years after its initial submission to Congress, with an accompanying report. The plan would incorporate private sector feedback and input to the extent possible. The bill would direct the TSA Administrator to analyze TSA's acquisition of any security-related technology to determine if it is justified. ``Security-related technology'' would be defined as ``any technology that assists the Administration in the prevention of, or defense against, threats to the United States transportation systems, including threats to people, property, and information.'' The Committee does not intend for this definition to cover the routine purchase of laptop computers, training systems, or other administrative or training technologies that do not have a primary purpose of operationally protecting transportation systems. Prior to any TSA award of a contract for acquisitions exceeding $30 million, the bill would require the TSA Administrator to report to Congress the results of the acquisition analysis and to certify that the security benefits justify the contract cost. The bill would direct the appropriate DHS acquisition official to establish certain performance baseline requirements before any TSA security-related technology acquisition. It would require that official to review and assess each acquisition for meeting the baseline requirements and to report the results to Congress. The bill would require the TSA Administrator, before the procurement of additional quantities of equipment to fulfill a TSA mission need, to utilize, to the extent practicable, any existing units in TSA's inventory to meet that need. The bill would direct the TSA Administrator to report annually to Congress on TSA's performance record for meeting goals for contracting with small and disadvantaged businesses. The TSA Administrator would be required to execute the responsibilities set forth in the Act in a manner consistent with the Federal Acquisition Regulation and the policies and directives of DHS. The bill would direct GAO to assess TSA's implementation of GAO recommendations regarding the acquisition of security- related technology that were made before enactment of the bill. It would further direct GAO to evaluate TSA's progress in implementing the bill and to submit a report to Congress which includes an evaluation of TSA's testing and evaluation activities related to security-related technology. The bill would require TSA to submit a report to Congress on the feasibility of tracking its security-related technology through automated information and data capture technologies. Legislative History S. 1893 was introduced on December 20, 2013, by Senator Ayotte. The bill was referred to the Committee on Commerce, Science, and Transportation. Senators Blunt and Blumenthal are cosponsors. A TSA oversight hearing was held on April 30, 2014. On July 23, 2014, the Committee met in open Executive Session and, by a voice vote, ordered S. 1893 reported favorably with an amendment in the nature of a substitute. A related bill, H.R. 2719, is substantially similar. It was introduced by Representative Richard Hudson on July 18, 2013. On November 21, 2013, H.R. 2719 was reported by the Committee on Homeland Security of the House of Representatives. On motion to suspend the rules, the House of Representatives passed the bill on December 3, 2013. The vote was 416-0. Estimated Costs In accordance with paragraph 11(a) of rule XXVI of the Standing Rules of the Senate and section 403 of the Congressional Budget Act of 1974, the Committee provides the following cost estimate, prepared by the Congressional Budget Office: S. 1893--Transportation Security Acquisition Reform Act Based on information from the Department of Homeland Security (DHS) and the Government Accountability Office (GAO), CBO estimates that implementing S. 1893 would have no significant cost. Enacting S. 1893 would not affect direct spending or revenues; therefore, pay-as-you-go procedures do not apply. S. 1893 would specify procedures for the Transportation Security Administration (TSA) to follow when planning, making, and evaluating acquisitions of security-related technology. The bill would require the agency to develop a multiyear investment plan to be transmitted to the Congress and updated every two years. The bill also would specify analyses and reports that TSA must complete to justify certain investments, evaluate the performance of technology acquired under the bill, and enhance its capacity to monitor and utilize existing inventories of security-related equipment. In addition, S. 1893 would direct GAO to review and report on issues related to TSA's policies for procuring security-related technology. According to DHS, the bill's requirements are largely consistent with existing DHS procurement policies that already apply to TSA. S. 1893 would not affect TSA's underlying mission or responsibilities, and CBO estimates that meeting new procedural requirements specified by the bill would not impose any significant new costs on the agency. We also estimate that any increased costs to GAO to complete reports required under S. 1893 would be negligible. Any such costs would be subject to the availability of appropriated funds. S. 1893 contains no intergovernmental or private-sector mandates as defined in the Unfunded Mandates Reform Act and would not affect the budgets of state, local, or tribal governments. On November 21, 2013, CBO transmitted a cost estimate for H.R. 2719, the Transportation Security Acquisition Reform Act, as ordered reported by the House Committee on Homeland Security on October 29, 2013. The two pieces of legislation are similar, and the CBO cost estimates are the same. The CBO staff contact for this estimate is Megan Carroll. This estimate was approved by Peter H. Fontaine, Assistant Director for Budget Analysis. Regulatory Impact In accordance with paragraph 11(b) of rule XXVI of the Standing Rules of the Senate, the Committee provides the following evaluation of the regulatory impact of the legislation, as reported: number of persons covered Because DHS indicates the bill's requirements are largely consistent with existing procurement policies that already apply to TSA, the number of persons covered should be consistent with the current levels of individuals impacted under the existing acquisition process. economic impact S. 1893 is not expected to have an adverse impact on the Nation's economy. Over time, requiring TSA to conduct a more thorough assessment of its acquisition needs is anticipated to have positive economic impacts by ensuring greater efficiency and eliminating wasteful allocation of resources. privacy The bill will not have any adverse impact on the personal privacy of individuals. paperwork The bill would not increase paperwork requirements for private individuals or businesses. It would impose several requirements on TSA. Under the bill, TSA would be required to:submit to Congress a strategic 5-year technology investment plan to be updated every 2 years after its initial release; prior to any TSA award of a contract for acquisitions exceeding $30 million, report to the appropriate committees of Congress the results of its acquisition analysis and certify that the security benefits justify the contract cost; establish a test and evaluation plan for all new technology acquisitions; submit a report to the appropriate committees of Congress including the results of any assessment that finds that the actual or planned costs of an acquisition exceed the baseline costs by more than 10 percent, the actual or planned schedule for delivery has been delayed by more than 180 days, or there is a failure to meet any performance milestone that directly impacts security effectiveness; submit an annual report to the appropriate committees of Congress that includes TSA's performance record with respect to meeting its published small- business contracting goals during the preceding fiscal year; and submit a report to Congress on the feasibility of tracking security-related technology, including software solutions, of TSA through automated information and data capture technologies. The bill would also require the Comptroller General to: submit a report to Congress that contains an assessment of TSA's implementation of recommendations regarding the acquisition of security-related technology that were made by GAO before the date of the enactment of the bill; evaluate TSA's progress in implementing the Act, including any efficiencies, cost savings, or delays that have resulted from such implementation; and submit a report to Congress that includes an evaluation of TSA's testing and evaluation activities related to security-related technology. Congressionally Directed Spending In compliance with paragraph 4(b) of rule XLIV of the Standing Rules of the Senate, the Committee provides that no provisions contained in the bill, as reported, meet the definition of congressionally directed spending items under the rule. Section-by-Section Analysis Section 1. Short title. This section would provide that the legislation may be cited as the ``Transportation Security Acquisition Reform Act''. Section 2. Findings. This section would identify the findings of Congress as follows: TSA has not consistently implemented DHS policies and Government best practices for acquisition and procurement; TSA has only recently developed a multiyear technology investment plan, and has underutilized innovation opportunities within the private sector, including from small businesses; and TSA has faced challenges in meeting key performance requirements for several major acquisitions and procurements, resulting in reduced security effectiveness and wasted expenditures. Section 3. Transportation Security Administration acquisition reform. This section would amend title XVI of the Homeland Security Act of 2002 (116 Stat. 2312). Several key terms would be defined under section 1601 of that title. Section 1611 of that title would require the TSA Administrator to develop, in consultation with DHS officials and the aviation industry stakeholder advisory committee, and submit to Congress a strategic 5-year technology investment plan to be updated every 2 years after its initial release. The plan would incorporate private sector feedback and input to the extent possible, including in situations where acquisitions may lead to the removal of equipment from airports so that TSA and stakeholders may address potential negative impacts of such removal. It would direct the TSA Administrator to analyze TSA's acquisition of any security-related technology to determine if it is justified. Prior to any TSA award of a contract for acquisitions exceeding $30 million, the TSA Administrator would be required to report to the appropriate committees of Congress the results of the analysis and to certify that the security benefits justify the contract cost. Section 1613 of that title would direct the appropriate DHS acquisition official to establish certain performance baseline requirements, including cost estimates and performance milestones, before any TSA security-related technology acquisition. The feasibility of meeting the performance milestones would also be assessed. A test and evaluation plan would be required and established for all new technology acquisitions. The appropriate DHS acquisition official would be required to utilize independent reviewers to verify and validate the performance milestones and cost estimates developed for a security-related technology that has been identified as a high priority need in the most recent 5-year plan. That official would also be required to ensure that the use of independent reviewers does not unduly delay the schedule of any acquisition. Section 1613 of that title would require the TSA Administrator to establish a streamlined process for an interested vendor of a security-related technology to request and receive appropriate access to the baseline requirements and test and evaluation plans that are necessary for the vendor to participate in the acquisitions process for that technology. An appropriate acquisition official of DHS would be required to review and assess each implemented acquisition to determine if the acquisition is meeting the baseline requirements established under the bill. The TSA Administrator would be required to submit a report to the appropriate committees of Congress, including the results of any assessment that finds that: the actual or planned costs of an acquisition exceed the baseline costs by more than 10 percent; the actual or planned schedule for delivery has been delayed by more than 180 days; or there is a failure to meet any performance milestone that directly impacts security effectiveness. The report would be required to include the cause for any excessive costs, delay, or failure; and a plan for corrective action. Before the procurement of additional quantities of equipment to fulfill a mission need, section 1614 of that title would require the TSA Administrator, to the extent practicable, to utilize any existing units in TSA's inventory to meet that need. Section 1615 of that title would require the TSA Administrator to submit to the appropriate committees of Congress an annual report that includes TSA's performance record with respect to meeting its published small-business contracting goals during the preceding fiscal year. Finally, section 1616 of that title would direct the TSA Administrator to execute the responsibilities set forth in the Act in a manner consistent with, and not duplicative of, the Federal Acquisition Regulation and the policies and directives of DHS. Section 4. Government Accountability Office reports. Section 4 of the bill would direct GAO to submit a report to Congress that contains an assessment of TSA's implementation of recommendations regarding the acquisition of security- related technology that were made by GAO before the date of the enactment of the bill. It would further direct GAO to evaluate TSA's progress in implementing the bill, including any efficiencies, cost savings, or delays that have resulted from such implementation. Section 5. Report on feasibility of inventory tracking. Section 5 of the bill would require the TSA Administrator to submit a report to Congress on the feasibility of tracking security-related technology, including software solutions, of TSA through automated information and data capture technologies. Section 6. Government Accountability Office review of TSA's test and evaluation process. Section 6 of the bill would direct the Comptroller General to submit a report to Congress that includes an evaluation of TSA's testing and evaluation activities related to security- related technology. The report would be required to include information on the extent to which the execution of such testing and evaluation activities is aligned with TSA's annual budget request, acquisition needs, planned procurements, and acquisitions for technology programs and projects. The Comptroller General also would be required to report on security-related technology that has been tested, evaluated, and certified for use by TSA, but was not procured, including the reasons the procurement did not occur. Finally, the report would be required to include recommendations to improve the efficiency and efficacy of such testing and evaluation activities and to better align such testing and evaluation with the acquisitions process. Section 7. No additional authorization of appropriations. Section 7 of the bill would provide that the Act is to be carried out using amounts otherwise available for such purpose. No additional funds would be authorized to be appropriated. Changes in Existing Law In compliance with paragraph 12 of rule XXVI of the Standing Rules of the Senate, changes in existing law made by the bill, as reported, are shown as follows (existing law proposed to be omitted is enclosed in black brackets, new material is printed in italic, existing law in which no change is proposed is shown in roman): HOMELAND SECURITY ACT OF 2002 [6 U.S.C. 101 et seq.] [TITLE XVI--CORRECTIONS TO EXISTING LAW RELATING TO AIRLINE TRANSPORTATION SECURITY] [SEC. 1601. RETENTION OF SECURITY SENSITIVE INFORMATION AUTHORITY AT DEPARTMENT OF TRANSPORTATION [(a) Section 40119 of title 49, United States Code, is amended-- [(1) in subsection (a)-- [(A) by inserting ``and the Administrator of the Federal Aviation Administration each'' after ``for Security''; and [(B) by striking ``criminal violence and aircraft piracy'' and inserting ``criminal violence, aircraft piracy, and terrorism and to ensure security''; and [(2) in subsection (b)(1)-- [(A) by striking ``, the Under Secretary'' and inserting ``and the establishment of a Department of Homeland Security, the Secretary of Transportation''; [(B) by striking ``carrying out'' and all that follows through ``if the Under Secretary'' and inserting ``ensuring security under this title if the Secretary of Transportation''; and [(C) in subparagraph (C) by striking ``the safety of passengers in transportation'' and inserting ``transportation safety''. [(b) Section 114 of title 49, United States Code, is amended by adding at the end the following: [``(s) Nondisclosure of Security Activities.-- [``(1) In general.--Notwithstanding section 552 of title 5, the Under Secretary shall prescribe regulations prohibiting the disclosure of information obtained or developed in carrying out security under authority of the Aviation and Transportation Security Act (Public Law 107-71) or under chapter 449 of this title if the Under Secretary decides that disclosing the information would-- [``(A) be an unwarranted invasion of personal privacy; [``(B) reveal a trade secret or privileged or confidential commercial or financial information; or [``(C) be detrimental to the security of transportation. [``(2) Availability of information to congress.-- Paragraph (1) does not authorize information to be withheld from a committee of Congress authorized to have the information. [``(3) Limitation on transferability of duties.-- Except as otherwise provided by law, the Under Secretary may not transfer a duty or power under this subsection to another department, agency, or instrumentality of the United States.''.] [SEC. 1602. INCREASE IN CIVIL PENALTIES [Section 46301(a) of title 49, United States Code, is amended by adding at the end the following: [``(8) Aviation security violations.--Notwithstanding paragraphs (1) and (2) of this subsection, the maximum civil penalty for violating chapter 449 or another requirement under this title administered by the Under Secretary of Transportation for Security shall be $10,000; except that the maximum civil penalty shall be $25,000 in the case of a person operating an aircraft for the transportation of passengers or property for compensation (except an individual serving as an airman).''.] [SEC. 1603. ALLOWING UNITED STATES CITIZENS AND UNITED STATES NATIONALS AS SCREENERS [Section 44935(e)(2)(A)(ii) of title 49, United States Code, is amended by striking ``citizen of the United States'' and inserting ``citizen of the United States or a national of the United States, as defined in section 1101(a)(22) of the Immigration and Nationality Act (8 U.S.C. 1101(a)(22))''.]\1\ --------------------------------------------------------------------------- \1\The amendment to title XVI would not affect any amendment made by that title as in effect before the date of enactment of the Transportation Security Acquisition Reform Act. --------------------------------------------------------------------------- TITLE XVI--TRANSPORTATION SECURITY Subtitle A--General Provisions SEC. 1601. DEFINITIONS. In this title: (1) Administration.--The term ``Administration'' means the Transportation Security Administration. (2) Administrator.--The term ``Administrator'' means the Administrator of the Transportation Security Administration. (3) Plan.--The term ``Plan'' means the strategic 5- year technology investment plan developed by the Administrator under section 1611. (4) Security-related technology.--The term ``security-related technology'' means any technology that assists the Administration in the prevention of, or defense against, threats to United States transportation systems, including threats to people, property, and information. Subtitle B--Transportation Security Administration Acquisition Improvements SEC. 1611. 5-YEAR TECHNOLOGY INVESTMENT PLAN. (a) In General.--The Administrator shall-- (1) not later than 180 days after the date of the enactment of the Transportation Security Acquisition Reform Act, develop and submit to Congress a strategic 5-year technology investment plan, that may include a classified addendum to report sensitive transportation security risks, technology vulnerabilities, or other sensitive security information; and (2) to the extent possible, publish the Plan in an unclassified format in the public domain. (b) Consultation.--The Administrator shall develop the Plan in consultation with-- (1) the Under Secretary for Management; (2) the Under Secretary for Science and Technology; (3) the Chief Information Officer; and (4) the aviation industry stakeholder advisory committee established by the Administrator. (c) Approval.--The Administrator may not publish the Plan under subsection (a)(2) until it has been approved by the Secretary. (d) Contents of Plan.--The Plan shall include-- (1) an analysis of transportation security risks and the associated capability gaps that would be best addressed by security-related technology, including consideration of the most recent Quadrennial Homeland Security Review under section 707; (2) a set of security-related technology acquisition needs that-- (A) is prioritized based on risk and associated capability gaps identified under paragraph (1); and (B) includes planned technology programs and projects with defined objectives, goals, timelines, and measures; (3) an analysis of current and forecast trends in domestic and international passenger travel; (4) an identification of currently deployed security- related technologies that are at or near the end of their lifecycles; (5) an identification of test, evaluation, modeling, and simulation capabilities, including target methodologies, rationales, and timelines necessary to support the acquisition of the security-related technologies expected to meet the needs under paragraph (2); (6) an identification of opportunities for public- private partnerships, small and disadvantaged company participation, intragovernment collaboration, university centers of excellence, and national laboratory technology transfer; (7) an identification of the Administration's acquisition workforce needs that will be required for the management of planned security-related technology acquisitions, including consideration of leveraging acquisition expertise of other Federal agencies; (8) an identification of the security resources, including information security resources, that will be required to protect security-related technology from physical or cyber theft, diversion, sabotage, or attack; (9) an identification of initiatives to streamline the Administration's acquisition process and provide greater predictability and clarity to small, medium, and large businesses, including the timeline for testing and evaluation; (10) an assessment of the impact to commercial aviation passengers; (11) a strategy for consulting airport management, airline representatives, and Federal security directors whenever an acquisition will lead to the removal of equipment at airports, and how the strategy for consulting with such officials of the relevant airports will address potential negative impacts on commercial passengers or airport operations; and (12) in consultation with the National Institutes of Standards and Technology, an identification of security-related technology interface standards, in existence or if implemented, that could promote more interoperable passenger, baggage, and cargo screening systems. (e) Leveraging the Private Sector.--To the extent possible, and in a manner that is consistent with fair and equitable practices, the Plan shall-- (1) leverage emerging technology trends and research and development investment trends within the public and private sectors; (2) incorporate private sector input, including from the aviation industry stakeholder advisory committee established by the Administrator, through requests for information, industry days, and other innovative means consistent with the Federal Acquisition Regulation; and (3) in consultation with the Under Secretary for Science and Technology, identify technologies in existence or in development that, with or without adaptation, are expected to be suitable to meeting mission needs. (f) Disclosure.--The Administrator shall include with the Plan a list of nongovernment persons that contributed to the writing of the Plan. (g) Update and Report.--Beginning 2 years after the date the Plan is submitted to Congress under subsection (a), and biennially thereafter, the Administrator shall submit to Congress-- (1) an update of the Plan; and (2) a report on the extent to which each security- related technology acquired by the Administration since the last issuance or update of the Plan is consistent with the planned technology programs and projects identified under subsection (d)(2) for that security- related technology. SEC. 1612. ACQUISITION JUSTIFICATION AND REPORTS. (a) Acquisition Justification.--Before the Administration implements any security-related technology acquisition, the Administrator, in accordance with the Department's policies and directives, shall determine whether the acquisition is justified by conducting an analysis that includes-- (1) an identification of the scenarios and level of risk to transportation security from those scenarios that would be addressed by the security-related technology acquisition; (2) an assessment of how the proposed acquisition aligns to the Plan; (3) a comparison of the total expected lifecycle cost against the total expected quantitative and qualitative benefits to transportation security; (4) an analysis of alternative security solutions, including policy or procedure solutions, to determine if the proposed security-related technology acquisition is the most effective and cost-efficient solution based on cost-benefit considerations; (5) an assessment of the potential privacy and civil liberties implications of the proposed acquisition that includes, to the extent practicable, consultation with organizations that advocate for the protection of privacy and civil liberties; (6) a determination that the proposed acquisition is consistent with fair information practice principles issued by the Privacy Officer of the Department; (7) confirmation that there are no significant risks to human health or safety posed by the proposed acquisition; and (8) an estimate of the benefits to commercial aviation passengers. (b) Reports and Certification to Congress.-- (1) In general.--Not later than the end of the 30-day period preceding the award by the Administration of a contract for any security-related technology acquisition exceeding $30,000,000, the Administrator shall submit to the Committee on Commerce, Science, and Transportation of the Senate and the Committee on Homeland Security of the House of Representatives-- (A) the results of the comprehensive acquisition justification under subsection (a); and (B) a certification by the Administrator that the benefits to transportation security justify the contract cost. (2) Extension due to imminent terrorist threat.--If there is a known or suspected imminent threat to transportation security, the Administrator-- (A) may reduce the 30-day period under paragraph (1) to 5 days to rapidly respond to the threat; and (B) shall immediately notify the Committee on Commerce, Science, and Transportation of the Senate and the Committee on Homeland Security of the House of Representatives of the known or suspected imminent threat. SEC. 1613. ACQUISITION BASELINE ESTABLISHMENT AND REPORTS. (a) Baseline Requirements.-- (1) In general.--Before the Administration implements any security-related technology acquisition, the appropriate acquisition official of the Department shall establish and document a set of formal baseline requirements. (2) Contents.--The baseline requirements under paragraph (1) shall-- (A) include the estimated costs (including lifecycle costs), schedule, and performance milestones for the planned duration of the acquisition; (B) identify the acquisition risks and a plan for mitigating these risks; and (C) assess the personnel necessary to manage the acquisition process, manage the ongoing program, and support training and other operations as necessary. (3) Feasibility.--In establishing the performance milestones under paragraph (2)(A), the appropriate acquisition official of the Department, to the extent possible and in consultation with the Under Secretary for Science and Technology, shall ensure that achieving these milestones is technologically feasible. (4) Test and evaluation plan.--The Administrator, in consultation with the Under Secretary for Science and Technology, shall develop a test and evaluation plan that describes-- (A) the activities that are expected to be required to assess acquired technologies against the performance milestones established under paragraph (2)(A); (B) the necessary and cost-effective combination of laboratory testing, field testing, modeling, simulation, and supporting analysis to ensure that such technologies meet the Administration's mission needs; (C) an efficient planning schedule to ensure that test and evaluation activities are completed without undue delay; and (D) if commercial aviation passengers are expected to interact with the security-related technology, methods that could be used to measure passenger acceptance of and familiarization with the security-related technology. (5) Verification and validation.--The appropriate acquisition official of the Department-- (A) subject to subparagraph (B), shall utilize independent reviewers to verify and validate the performance milestones and cost estimates developed under paragraph (2) for a security-related technology that pursuant to section 1611(d)(2) has been identified as a high priority need in the most recent Plan; and (B) shall ensure that the use of independent reviewers does not unduly delay the schedule of any acquisition. (6) Streamlining access for interested vendors.--The Administrator shall establish a streamlined process for an interested vendor of a security-related technology to request and receive appropriate access to the baseline requirements and test and evaluation plans that are necessary for the vendor to participate in the acquisitions process for that technology. (b) Review of Baseline Requirements and Deviation; Report to Congress.-- (1) Review.-- (A) In general.--The appropriate acquisition official of the Department shall review and assess each implemented acquisition to determine if the acquisition is meeting the baseline requirements established under subsection (a). (B) Test and evaluation assessment.--The review shall include an assessment of whether-- (i) the planned testing and evaluation activities have been completed; and (ii) the results of that testing and evaluation demonstrate that the performance milestones are technologically feasible. (2) Report.--Not later than 30 days after making a finding described in clause (i), (ii), or (iii) of subparagraph (A), the Administrator shall submit a report to the Committee on Commerce, Science, and Transportation of the Senate and the Committee on Homeland Security of the House of Representatives that includes-- (A) the results of any assessment that finds that-- (i) the actual or planned costs exceed the baseline costs by more than 10 percent; (ii) the actual or planned schedule for delivery has been delayed by more than 180 days; or (iii) there is a failure to meet any performance milestone that directly impacts security effectiveness; (B) the cause for that excessive costs, delay, or failure; and (C) a plan for corrective action. SEC. 1614. INVENTORY UTILIZATION. (a) In General.--Before the procurement of additional quantities of equipment to fulfill a mission need, the Administrator, to the extent practicable, shall utilize any existing units in the Administration's inventory to meet that need. (b) Tracking of Inventory.-- (1) In general.--The Administrator shall establish a process for tracking-- (A) the location of security-related equipment in the inventory under subsection (a); (B) the utilization status of security- related technology in the inventory under subsection (a); and (C) the quantity of security-related equipment in the inventory under subsection (a). (2) Internal controls.--The Administrator shall implement internal controls to ensure up-to-date accurate data on security-related technology owned, deployed, and in use. (c) Logistics Management.-- (1) In general.--The Administrator shall establish logistics principles for managing inventory in an effective and efficient manner. (2) Limitation on just-in-time logistics.--The Administrator may not use just-in-time logistics if doing so-- (A) would inhibit necessary planning for large-scale delivery of equipment to airports or other facilities; or (B) would unduly diminish surge capacity for response to a terrorist threat. SEC. 1615. SMALL BUSINESS CONTRACTING GOALS. Not later than 90 days after the date of enactment of the Transportation Security Acquisition Reform Act, and annually thereafter, the Administrator shall submit a report to the Committee on Commerce, Science, and Transportation of the Senate and the Committee on Homeland Security of the House of Representatives that includes-- (1) the Administration's performance record with respect to meeting its published small-business contracting goals during the preceding fiscal year; (2) if the goals described in paragraph (1) were not met or the Administration's performance was below the published small-business contracting goals of the Department-- (A) a list of challenges, including deviations from the Administration's subcontracting plans, and factors that contributed to the level of performance during the preceding fiscal year; (B) an action plan, with benchmarks, for addressing each of the challenges identified in subparagraph (A), which-- (i) was prepared after consultation with the Secretary of Defense and the heads of Federal departments and agencies that achieved their published goals for prime contracting with small and minority owned businesses, including small and disadvantaged businesses, in prior fiscal years; and (ii) identifies policies and procedures that could be incorporated by the Administration in furtherance of achieving the Administration's published goal for such contracting; and (3) a status report on the implementation of the action plan that was developed in the preceding fiscal year in accordance with paragraph (2)(B), if such a plan was required. SEC. 1616. CONSISTENCY WITH THE FEDERAL ACQUISITION REGULATION AND DEPARTMENTAL POLICIES AND DIRECTIVES. The Administrator shall execute the responsibilities set forth in this subtitle in a manner consistent with, and not duplicative of, the Federal Acquisition Regulation and the Department's policies and directives.