December 9, 2019 - Issue: Vol. 165, No. 196 — Daily Edition116th Congress (2019 - 2020) - 1st Session
All in House sectionPrev23 of 83Next
COVERT TESTING AND RISK MITIGATION IMPROVEMENT ACT OF 2019; Congressional Record Vol. 165, No. 196
(House of Representatives - December 09, 2019)
Text available as:
Formatting necessary for an accurate reading of this text may be shown by tags (e.g., <DELETED> or <BOLD>) or may be missing from this TXT display. For complete and accurate display of this text, see the PDF.
[Pages H9366-H9367] From the Congressional Record Online through the Government Publishing Office [www.gpo.gov] {time} 1600 COVERT TESTING AND RISK MITIGATION IMPROVEMENT ACT OF 2019 Ms. CLARKE of New York. Mr. Speaker, I move to suspend the rules and pass the bill (H.R. 3469) to direct the Transportation Security Administration to carry out covert testing and risk mitigation improvement of aviation security operations, and for other purposes. The Clerk read the title of the bill. The text of the bill is as follows: H.R. 3469 Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled, SECTION 1. SHORT TITLE. This Act may be cited as the ``Covert Testing and Risk Mitigation Improvement Act of 2019''. SEC. 2. TSA COVERT TESTING AND RISK MITIGATION IMPROVEMENT. (a) In General.--Not later than 180 days after the date of the enactment of this Act and annually thereafter, the Administrator of the Transportation Security Administration shall implement the following: (1) A system for conducting risk-informed headquarters- based covert tests of aviation security operations, including relating to airport passenger and baggage security screening operations, that can yield statistically valid data that can be used to identify and assess the nature and extent of vulnerabilities to such operations that are not mitigated by current security practices. The Administrator shall execute annually not fewer than three risk-informed covert testing projects designed to identify systemic vulnerabilities in the transportation security system, and shall document the assumptions and rationale guiding the selection of such projects. (2) A long-term headquarters-based covert testing program, employing static but risk-informed threat vectors, designed to assess changes in overall screening effectiveness. (b) Mitigation.-- (1) In general.--The Administrator of the Transportation Security Administration shall establish a system to address and mitigate the vulnerabilities identified and assessed pursuant to the testing conducted under subsection (a). (2) Analysis.--Not later than 60 days after the identification of any such vulnerability, the Administrator shall ensure a vulnerability described in paragraph (1) is analyzed to determine root causes. (3) Determination.--Not later than 120 days after the identification of any such vulnerability, the Administrator shall make a determination regarding whether or not to mitigate such vulnerability. The Administrator shall prioritize mitigating vulnerabilities based on their ability to reduce risk. If the Administrator determines-- (A) to not mitigate such vulnerability, the Administrator shall document the reasons for the decision; or (B) to mitigate such vulnerability, the Administrator shall establish and document-- (i) key milestones appropriate for the level of effort required to so mitigate such vulnerability; and (ii) a date by which measures to so mitigate such vulnerability shall be implemented by the Transportation Security Administration. (4) Retesting.--Not later than 180 days after the date on which measures to mitigate a vulnerability are completed by the Transportation Security Administration pursuant to paragraph (3)(B)(ii), the Administrator shall conduct a covert test in accordance with subsection (a) of the aviation security operation with respect to which such vulnerability was identified to assess the effectiveness of such measures to mitigate such vulnerability. (c) Compilation of Lists.-- (1) In general.--Not later than 60 days after completing a covert testing protocol under subsection (a), the Administrator of the Transportation Security Administration shall compile a list (including a classified annex if necessary) of the vulnerabilities identified and assessed pursuant to such testing. Each such list shall contain, at a minimum, the following: (A) A brief description of the nature of each vulnerability so identified and assessed. (B) The date on which each vulnerability was so identified and assessed. (C) Key milestones appropriate for the level of effort required to mitigate each vulnerability, as well as an indication of whether each such milestone has been met. (D) An indication of whether each vulnerability has been mitigated or reduced and, if so, the date on which each such vulnerability was so mitigated or reduced. (E) If a vulnerability has not been fully mitigated, the date by which the Administrator shall so mitigate such vulnerability or a determination that it is not possible to fully mitigate such vulnerability. (F) The results of any subsequent covert testing undertaken to assess whether mitigation efforts have eliminated or reduced each vulnerability. (2) Submission to congress.--The Administrator shall submit to the Committee on Homeland Security of the House of Representatives and the Committee on Commerce, Science, and Transportation of the Senate a comprehensive document tracking the status of the information required under paragraph (1) together with the Transportation Security Administration's annual budget request. (d) GAO Review.--Not later than three years after the date of the enactment of this Act, the Comptroller General of the United States shall review and submit to the Administrator of the Transportation Security Administration and the Committee on Homeland Security of the House of Representatives and the Committee on Commerce, Science, and Transportation of the Senate a report on the effectiveness of the Transportation Security Administration's processes for conducting covert testing projects that yield statistically valid data that can be used to assess the nature and extent of vulnerabilities to aviation security operations that are not effectively mitigated by current security operations. The SPEAKER pro tempore. Pursuant to the rule, the gentlewoman from New York (Ms. Clarke) and the gentleman from Louisiana (Mr. Higgins) each will control 20 minutes. The Chair recognizes the gentlewoman from New York. General Leave Ms. CLARKE of New York. Mr. Speaker, I ask unanimous consent that all Members may have 5 legislative days to revise and extend their remarks and to include extraneous material on this measure. The SPEAKER pro tempore. Is there objection to the request of the gentlewoman from New York? There was no objection. [[Page H9367]] Ms. CLARKE of New York. Mr. Speaker, I yield myself such time as I may consume. Mr. Speaker, I rise today in strong support of H.R. 3469, the Covert Testing and Risk Mitigation Improvement Act of 2019. Before I begin, I would like to take a moment to recognize my dear friend and colleague, Chairman Elijah Cummings, who sponsored this legislation. Less than 2 months ago, the House lost a great leader. Chairman Cummings dedicated his life to fighting for justice and democracy for his constituents in his native city of Baltimore and for the American people. Today, the House will honor his legacy in the best way we can: by passing a bill he wrote to ensure that TSA does effective oversight of its airport screening operations that are essential to protecting American lives. Mr. Speaker, the Transportation Security Administration faces serious challenges in identifying and resolving security vulnerabilities in its airport security operations. Specifically, in April 2019, the Government Accountability Office found that TSA was not conducting its covert testing of screening operations in a risk-informed way and that TSA has limited assurance that its tests were targeted at the most likely threats. H.R. 3469 seeks to make major improvements to TSA's covert testing processes by requiring TSA to identify, document, and mitigate security vulnerabilities found through these tests. It requires TSA to develop a risk-informed process for its covert testing program and conduct at least three tests a year to identify vulnerabilities in the transportation security system. Importantly, H.R. 3469 requires TSA to document all vulnerabilities it identifies and how it plans to mitigate them. Finally, it requires GAO to submit a report on the effectiveness of TSA's covert testing program within 3 years of enactment. Simply put, H.R. 3469 seeks to enhance TSA's capacity to identify and mitigate vulnerabilities to the security of our transportation systems. I urge my House colleagues to support this legislation, sponsored by our beloved, departed colleague, to help ensure our transportation security systems are as effective as they can be. Mr. Speaker, I reserve the balance of my time. Mr. HIGGINS of Louisiana. Mr. Speaker, I yield myself such time as I may consume. Mr. Speaker, I rise today in support of H.R. 3469, the Covert Testing and Risk Mitigation Improvement Act of 2019, sponsored by our late colleague, the greatly admired Elijah Cummings. H.R. 3469 responds to identified gaps in the covert testing conducted by the Transportation Security Administration on aviation security concerns. It is critical that our bipartisan congressional oversight be aimed at improving the security of the traveling public and the effectiveness of TSA operations. This legislation not only requires TSA to develop a system for conducting risk-informed covert tests but also holds TSA accountable for retesting and risk mitigation efforts. The traveling public deserves the most effective security, and I support the efforts of H.R. 3469 to improve the public's confidence in aviation security. I urge my colleagues to support this bill and honor the legacy of leadership left by Chairman Cummings. Mr. Speaker, I reserve the balance of my time. Ms. CLARKE of New York. Mr. Speaker, I have no more speakers, and I am prepared to close after the gentleman from Louisiana closes. Mr. Speaker, I reserve the balance of my time. Mr. HIGGINS of Louisiana. Mr. Speaker, I would like to make the congresswoman from New York, my colleague, aware that I have no further speakers, and I am prepared to close. Mr. Speaker, I urge adoption of the bill, and I yield back the balance of my time. Ms. CLARKE of New York. Mr. Speaker, I yield myself such time as I may consume. Mr. Speaker, we all know that the threats to our Nation's transportation security are real. We also know that, as the main Federal agency responsible for the security of our transportation system, TSA has a critical mission for identifying and mitigating such threats. To be effective, TSA must have a risk-informed covert testing regime that allows it to do effective oversight of its security operations. H.R. 3469 would improve TSA's testing programs to ensure they can identify vulnerabilities to the transportation system and properly address them to keep our Nation safe. Mr. Speaker, as such, I urge my colleagues to support this bipartisan legislation, H.R. 3469, and I yield back the balance of my time. The SPEAKER pro tempore. The question is on the motion offered by the gentlewoman from New York (Ms. Clarke) that the House suspend the rules and pass the bill, H.R. 3469. The question was taken; and (two-thirds being in the affirmative) the rules were suspended and the bill was passed. A motion to reconsider was laid on the table. ____________________
All in House sectionPrev23 of 83Next