Critical Infrastructure Plans Making Progress, GAO Says
9
2,007
By Stew Magnuson and Grace Jean
When the Government Accountability Office has something good to say about the Department of Homeland Security, it’s news.
A report on the department’s efforts to coordinate 17 national infrastructure protection plans, which are designed to integrate the private sector and government’s security efforts, gave the department generally good marks.
DHS got off on the wrong foot when it missed a congressionally mandated deadline to create the program’s framework. However, sector specific plans were delivered on time by the end of 2006.
The 17 critical infrastructure sectors each has a council with representatives from government and the private sector. They are charged with using risk management principles to prioritize protection activities, identify critical assets, assess the probability of terrorist attacks or other hazards and develop protective measures.
They must submit an annual report each September detailing potential security gaps along with action plans to address the shortfalls.
After examining nine of the sectors, GAO found that they generally met congressional requirements. Eight of the nine, however, did not address incentives the sectors would use to encourage owners to conduct risk assessments. The more mature sectors are generally further along in their plans, the report noted. For example, the drinking water and water treatment sector, which coordinates its efforts with the Environmental Protection Agency, has a 30-year history of protecting its assets and working with the government.
There was also concern among the private sectors that information submitted to DHS’ information clearinghouse, the homeland security information network, would be misused. HSIN is the department’s computer-based counterterrorism communications system designed to connect state, local and federal agencies.
Private sector partners “continue to fear that the information, such as information on security vulnerabilities, could be inadequately protected, used for future legal or regulatory action, or inadvertently released,” GAO said.
Please email your comments to SMagnuson@ndia.org