It must be the summer rerun season.
Tuesday’s congressional hearing, where yet another report critical of the Federal Protective Service was released, was so deja vu.
The Government Accountability Office report is a new one about an old story — the low grades the FPS gets on overseeing its private guard force and assessing risks to federal facilities.
This is the 10th report in the past five years. The GAO has made 32 recommendations and only five have been implemented, although the FPS is working on 20 others.
The GAO’s latest report, to the House Homeland Security infrastructure protection subcommittee, reads a lot like the previous studies: “FPS does not have a comprehensive and reliable system to oversee its approximately 12,500 contract guards.”
The FPS spent $35 million and four years — twice as long and $14 million more than planned — on a system to help the agency oversee its risk assessment program and guard force, which, by the way is 10 times larger than its federal employee staff. But the program was junked last month, “without yielding any demonstrable outcomes,” said Rep. Yvette D. Clarke (D-N.Y.).
An interim system has been deployed, but the GAO says that “FPS officials acknowledged that this method is not a comprehensive system for guard oversight. Consequently, it is now more difficult for FPS to verify that guards on post are trained and certified and that inspectors are conducting guard post inspections as required.”
That’s not very comforting for the 1.4 million employees and visitors who daily use the 9,000 buildings that the FPS protects.
“Clearly, we need a better process,” FPS Director L. Eric Patterson told the hearing. “Right now it’s a . . . pen-and-paper process for us.”
Providing oversight and training of the contract guards is “a critical responsibility of FPS,” said subcommittee Chairman Dan Lungren (R-Calif.). Yet the agency essentially shifts that responsibility to guard companies and collects training and certification data from them. But “it appears that FPS does not independently verify that information,” the GAO said. In one of its many previous FPS reports, in this case from April 2010, the GAO said the reliance on self-reporting by guard companies may have contributed to the alleged falsification of documents by a contractor.
Patterson was praised at the hearing for trying to improve training. He said he hired a senior-level person to oversee training full time and is working with the National Association of Security Companies to proliferate training for all the guards.
“It’s a huge task,” he said, because the guards are in all 50 states and training requirements differ.
Making sure he gets the training and certification of guards right isn’t Patterson’s only headache. The hearing also focused on his agency’s disappointing efforts at determining how much risk federal facilities face.
The FPS is not assessing risks at federal buildings “in a manner consistent with standards,” said the GAO, adding that there is “a backlog of federal facilities that have not been assessed for several years.” But just how serious the backlog is can’t be determined because the agency’s data is so bad.
“FPS does not have the ability today to look at the portfolio of government properties that it protects — some 9,000 GSA buildings — and to determine, at various levels, which of those facilities require the most resources,” Mark L. Goldstein, director of the GAO’s physical infrastructure issues, told the panel. “They protect everyone, everything essentially . . . at each level in the same way, regardless of where it is . . . and what its function is.”
Multiple federal agencies, according to the report, “conduct their own risk assessments, in part because they have not been satisfied with FPS’s past assessments.”
Patterson didn’t directly dispute the GAO findings, but he did put the best spin he could on a situation that doesn’t look good. The FPS collects lots of data, he said, on how vulnerable facilities are to threats from a number of areas, including natural disasters, criminal activities and terrorism.
“I have also developed a very robust activity within FPS that looks at the threat picture every day,” he said. “[W]e have what we believe to be a fairly robust scenario, if you will, of bringing vulnerability, threat and consequences together — not necessarily in a single document, but in a process, in a plan.”
In response, Goldstein was diplomatic, praising what progress the FPS has made, while making it clear that progress is not enough. He said the FPS cannot estimate the consequences of actions against government facilities, a major hole in its planning. Evaluating the consequence of a potential event is critical because it combines threat and vulnerability information.
“[Y]ou can’t have a robust program without consequence information,” Goldstein said, “because what you’re doing is essentially telling people that you’ve set the dinner table without telling them what the food is going to be.”
The FPS, Goldstein added, does not provide agencies “the kind of information they need to make robust decisions about which countermeasures they’re going to adopt and which they aren’t, which have more priority than others.”
Certainly, just being in a federal building does not place employees and visitors in danger. But the GAO has repeatedly made it clear that any risk would be lower if the FPS could just get its act together.
Previous columns by Joe Davidson are available at wapo.st/JoeDavidson.