April 04, 2019

Newly Declassified Report Documents TSA's Failure to Address Security Risks

Oversight Committee Conducting Sustained Oversight to Strengthen Aviation Security


[WASHINGTON, D.C.] — Today, U.S. Senator Tammy Duckworth (D-IL) joined House Committee on Oversight and Reform Chairman Representative Elijah E. Cummings in releasing a newly declassified report from the nonpartisan Government Accountability Office (GAO) that examined covert testing used by the Transportation Security Administration (TSA) to identify aviation security vulnerabilities.

Duckworth issued the following statement on the report:

“Every day, millions of Americans rely on TSA to travel safely across the country. The failures this report reveals about the TSA’s covert testing program are alarming. Identifying vulnerabilities is only a first step. TSA must prioritize quickly implementing necessary mitigation measures and develop a long-term system that will ensure continuous improvement. I will keep working with Chairman Cummings to conduct rigorous oversight of TSA operations to strengthen accountability and improve security in Illinois and throughout the nation.”

Cummings issued the following statement on the report:

“This report is a red blinking warning light—TSA must act to address known security vulnerabilities and finally implement recommendations that have languished for years.  When we received the classified version of this report in December, we immediately made it available to other Members of Congress, held a classified briefing with the Administrator of TSA, and called on GAO to declassify as much of the report as possible.  Today, I am calling on the TSA Administrator to come before Congress as soon as possible to explain how the agency plans to resolve these vulnerabilities.”

GAO found that:

  • Of the “nine security vulnerabilities identified through covert tests” by TSA since 2015, “none had been formally resolved” as of September 2018. 


  • In some cases, it took “TSA officials overseeing the process up to 7 months to assign an office responsible to begin mitigation efforts” after vulnerabilities were identified.


  • TSA “has not established time frames and milestones for this process or established procedures to ensure milestones are met.”


  • TSA is “not using a risk-informed approach” to guide its covert tests, and therefore “TSA has limited assurance that Security Operations is targeting the most likely threats.” 

Today’s GAO report was issued in response to a bipartisan request made over two years ago by Cummings, Duckworth, and other Members of Congress.

When the classified report was provided on December 21, 2018, Cummings and Duckworth called on TSA to immediately address all known vulnerabilities and to conduct a declassification review as soon as possible to inform the American people of the urgent need for reforms at the agency.

Click here to view the full report and recommendations.