Report: TSA Failed to Inform Congress About Large Security Tech Buys

The Transportation Security Administration failed to properly inform Congress about how it buys security-related technologies despite a mandate to justify acquisitions worth over $30M before awarding a contract. In a report published Thursday, the Government Accountability Office said TSA is required to detail security-related technology acquisitions to Congress under the Transportation Security Acquisition Reform Act

However, the agency has been providing limited information to lawmakers since 2014 and only delivered its first full report in August 2018. 

“TSA has not effectively communicated internally its implementation decisions for what constitutes an SRT under TSARA,” GAO said. 

TSA also failed to issue a guidance on which acquired technologies are considered an SRT, which could impact how the agency applies policies in future acquisitions under TSARA, GAO said.  

To address reporting concerns, GAO recommends that TSA revise its policies to include reporting on tasks, delivery orders and services related to SRT. The agency agreed with the recommendation. In July, TSA provided $1.4B for the acquisition of security technologies and associated services. 

Check Also

NSA

NSA Warns of Cyber Vulnerability in Email Transfer Software

The National Security Agency has identified a vulnerability that Russian cyber actors take advantage of to attack mail transfer networks. Sandworm Team, a Russian military group, has exploited the CVE-2019-10149 vulnerability found in the Exim software that Linux and Unix systems use as a mail transfer agent, NSA said Thursday.