全球智库信息集成服务系统

The vetting standards might be appropriate, depending on stakeholder intent

• The security threat assessment (STA) would detect known or suspected terrorists who seek to legally gain persistent access to the maritime environment.
• The federal government and industry might have different objectives in determining risk, with the former focused on national security, the transportation sector, and terrorism and the latter also concerned about profits and worker safety.
• A single vetting standard must apply to the entire population working in the maritime sector, and facility management can adopt additional criteria beyond TWIC vetting standards to satisfy a facility's specific security needs.

Electronic biometric card readers would probably cost industry more than benefit it under the pending rule

• Readers are ultimately costly and mitigate only certain types of threats, forcing facilities to prioritize a source of vulnerability that might not be the most jeopardizing in their specific circumstances.

Electronic biometric card readers can mitigate some kinds of risk

• TWIC is stronger against attacks requiring persistent insider access than against those requiring one-time or no access.
• People more often gain unauthorized access to facilities via other means than by using invalid TWICs.

Further enhancing TWIC requirements would come at significant costs, which are likely to exceed the commensurate benefit

• There are likely more cost-effective methods of reducing the risk that maritime facilities face.
• There might be lower-cost options to bring greater security value from the TWIC program as currently implemented, such as a mobile application to allow facilities to check the Canceled Card List at essentially zero cost.

The Transportation Worker Identification Credential (TWIC®) is one of multiple measures that the Maritime Transportation Security Act (MTSA) introduced to enhance security at U.S. ports. Anyone with unescorted access to a secure area at an MTSA-regulated facility, vessel, or outer continental shelf (OCS) facility must have a TWIC. Congress established TWIC to help prevent transportation security incidents. TWIC's primary function is to establish that the holder has passed a Transportation Security Administration (TSA) security threat assessment (STA); the TWIC card can also serve as identification.

Each secure area at each regulated location must maintain an access control program and verify three things at every access point: identity, presence and validity of the TWIC card, and whether the person has a business purpose at that facility. Currently, facilities are required only to conduct visual verification of the TWIC card, either at each time of entry or at time of enrollment into a facility physical access control system (PACS). A pending regulation, which we call the TWIC-reader rule, would require that any high-risk facility electronically inspect the card and, using biometrics, match it to the holder.

The governing legislation requires that an assessment of TWIC determine the program's value in mitigating the risk of terrorism and crime at ports. The U.S. Department of Homeland Security commissioned the Homeland Security Operational Analysis Center to complete that comprehensive assessment. In this report, the authors establish factors that increase or decrease TWIC's security value and determine what TWIC's value would need to be to offset the costs of establishing further access control requirements for facilities.

• Chapter One

  Introduction

• Chapter Two

  Background on the TWIC Program and Maritime Facilities

• Chapter Three

  Previous GAO and OIG Concerns About the TWIC Program

• Chapter Four

  Security Threats to the Maritime Environment

• Chapter Five

  The Risk-Mitigation Value of the TWIC STA

• Chapter Six

  TWIC Use at Maritime Facilities

• Chapter Seven

  TWIC's Limits in Addressing Risks to Maritime Security

• Chapter Eight

  A Cost-Effectiveness Analysis of the TWIC-Reader Rule Requirements

• Chapter Nine

  Alternative Models and Redundancies

• Chapter Ten

  Conclusion

• Appendix A

  Port and Facility Interviews

• Appendix B

  Permanent and Interim Disqualifying Criminal Offenses for TWIC

• Appendix C

  MSRAM in Relation to the TWIC Program

• Appendix D

  The Status of GAO and OIG Recommendations

• Appendix E

  A Detailed Analysis of TWIC User Fees

• Appendix F

  Rationale for a Break-Even Analysis

• Appendix G

  Detailed Estimation of Costs and Benefits