A Government Accountability Office report released Wednesday found that the Transportation Security Administration lacks procedures for properly managing over 2.7 million miles of interstate pipelines for products such as oil and natural gas. GAO noted that TSA’s revised pipeline security guidelines didn't include all practices under the National Institute of Standards and Technology’s cybersecurity framework and that the agency lacks documented procedures for updating such guidelines.
The government watchdog also found that TSA’s risk assessment methodology is outdated and the agency failed to track the status of GAO’s security review recommendations over the past five years. TSA officials noted that staffing limitations prevented the agency from facilitating reviews of its pipeline management system. According to the report, TSA lacks a strategic workforce plan for identifying pipeline security responsibilities.
GAO is conducting reviews of TSA’s new security guidelines updated this month. The latter intends to complete a strategic workforce plan by July and address security review recommendations by November.