Testimony by Secretary Michael Chertoff Before the House Select Homeland Security Committee

New Page 1 Testimony Washington, D.C. April 13, 2005

REPRESENTATIVE COX: Welcome. This hearing will come to order. Today the committee will examine the Department of Homeland Security's use of the principle of risk to prioritize America's counterterrorism strategy.

We presently have business on the floor of the House of Representatives; we expect three votes to come up in short order. Because I want to honor the time of the secretary and the time of all the members who are here and who will be here after these votes, we're going to begin the hearing on time. We'll go through opening statements and at least get those accomplished before the bells ring, and then we will immediately resume the hearing after the conclusion of our work on the floor. Our sole witness today is the honorable Michael Chertoff, secretary of the Department of Homeland Security.

Mr. Secretary, we welcome you. This is your first appearance before the Homeland Security Committee, and we look forward on both sides of the aisle to working with you.

Using risk management, which is the subject of your testimony and the focus of our hearing, is important because we have, while significant resources devoted to homeland security, limited resources. We also have an extraordinary breadth of targets with which to concern ourselves in the country, and obviously a limit to our capacity to reach all of them.

Using risk management involves, first, intelligence. We've got to examine and rely upon the information that we put together - terrorist capabilities and intentions. We've got to conduct threat assessments to evaluate the likelihood that a given asset will be subject to a terrorist attack. We've got to conduct vulnerability assessments toentify specific weaknesses in given assets that might be exploited by terrorists. And we've got to assess as well potential consequences, such as economic impact and loss of life, to determine the level of significance of an asset, how much protection that asset should receive in comparison to others.

This kind of risk assessment, both within a particular programmatic area and across Department of Homeland Security responsibilities, is a vital management tool. It's one that's new to the United States since September 11th. As a result of the newness of this challenge, it is not yet possible for the secretary or this Congress to evaluate as well as we would like the degree to which we are appropriately aligning our resources to match our nation's greatest risks.

One example of the work that we have yet to do is the billions of dollars that Congress and the department allocate each year to states and local governments to enhance the terrorism preparedness of first responders. Instead of applying specific risks and allocating funds to address them, the system that we presently use sometimes does nearly the opposite. Congress and the department allocate tens of even hundreds of millions of dollars to each state and to certain local governments across the country without the prerequisite analysis of risk. These authorities, then, occasionally find themselves looking for ways to spend the money.

The abuses such an approach invites have been well publicized, and if not corrected ultimately, will undermine our legitimate efforts to prepare our first responders for acts of terrorism. Unfortunately, the lack of risk-based rigor affects even those DHS grant programs that are not formula driven and that are by intention based on competition among applicants. For example, DHS inspector general recently found that $67 million in port security grants had been spent on projects of, quote, "marginal" homeland security benefit and that awards had been made to private sector projects that, quote, "appeared to be for a purpose other than security against an act of terrorism."

The 9/11 commission rightly recognized the inherent dangers of this type of spending, recommending that, quote: "Homeland security assistance should be based strictly on an assessment of risks and vulnerabilities. Federal homeland security assistance should not remain a program for general revenue sharing." That according to the 9/11 commission.

We on this committee and the select committee that preceded it have advocated that federal efforts to prevent, prepare for and respond to terrorist attacks within the United States should be based on risk. That is why we introduced the original version of the Faster and Smarter Funding for First Responders Act 18 months ago. This bill, which has been reintroduced in the 109th Congress and which Ranking Member Thompson and I have coauthored with the support of every one of this committee's members, would expedite the delivery of federal assistance to those first responders who face the greatest risk of terrorist attack.

But this kind of risk-based approach has to be expanded beyond specific grant programs to encompass all of our federal government activity. Strong leadership and clear congressional direction will be required to instill risk-based prioritization and in the formulation of budget into policy and into our programs throughout the department and across the government, and especially the legacy agencies that prior to 9/11 didn't have to think this way. We cannot have 20th century programs to respond to 21st century threats.

That's why, Mr. Secretary, I noted with great interest the speech last month that you gave in which you emphasized your intention to bring a risk-based philosophy to the management and operations of DHS. And that's why we invited you here today to talk about that very important topic.

Not only is such an approach necessary to enhance our national security, it's also critical to our long-term economic security. Each year 440 million visitors arrive in the United States by land, sea and air; 7 million cargo containers cross through our ports, and 118 million vehicles, including 11 million trucks and 2.5 million railcars cross our borders. A layered risk-based security system is the only one that will ensure that our borders and ports of entry remain open and secure to accommodate the free flow of legitimate goods and travelers. We've got to work to strengthen security in ways that simultaneously improve our security and promote economic growth.

The purpose of today's hearing is to start a dialogue with the new secretary to understand how this committee, the Congress and the Department can work together to instill risk-based prioritization and management throughout DHS programs and operations.

I want to thank the secretary for his testimony today and look forward to continuing this crucial dialogue in the weeks and months ahead. I will now recognize the ranking member, Mr. Thompson, for his opening statement.

REPRESENTATIVE BENNIE G. THOMPSON (D-MS): Thank you, Mr. Chairman. I'm pleased to welcome Secretary Chertoff to this committee. Judge Chertoff, you're well qualified for your position, and I look forward to your service. I hope we'll see you more before this committee. And I know this is your maiden voyage on the Hill; I'm sure you will remember it for a long time to come.

Unfortunately, since 9/11, we've had a lot of things with the department that's gone wrong. And you have an awesome responsibility to help us move the department forward. But I want to talk to you a little bit about the past failures to handle risk analysis by the department. This hearing is focused on using risk analysis to prioritize and manage the department's efforts. But in the one area where the department has experience - it is risk analysis - the development of a database of the nation's critical infrastructure, the department has failed miserably. As my Republican colleague Representative Ernest Istook told USA Today in December, the asset database list is a joke.

If the department has not been able to handle risk analysis in the past, then what confidence can we have that it will be able to do it in the future? And I'm sure your leadership will help us in that respect. If the department really wants to prioritize and manage based on risk, then what must be some uniform definition of risk? For example, I live in Mississippi. Most of my district is along the river, and I have a nuclear power plant. Are we planning for risk based on that analysis, or are we using the same standards?

Other issues, Mr. Secretary - We talked about missed deadlines. You're aware that over 100 congressional mandated deadlines have already been missed by the department. We have to do better. There's no question about it. Now that we have pretty much the jurisdiction as a committee, we're looking for your leadership to meet those deadlines, and we'll talk about those a little later.

There are some other issues associated with the department. The whole issue of minority participation from the staffing level is absolutely important; from the issue of Hispanic and other minorities serving institutions, participating in programs in the department, is absolutely essential. At this point under the Centers of Excellence Program, for example, there's no minority or Hispanic-serving institutions participating. We have to do better. From the standpoint of small, disadvantaged and minority business opportunities within the department, I challenge you to make the department responsible and adhere to those edicts. Again, Mr. Secretary, we welcome you here. I look forward to your testimony. And welcome aboard.

REPRESENTATIVE COX: I thank the gentleman. Let me remind all members that you are entitled to opening remarks for the record. And due to our time constraints, I've asked the ranking member whether members should go to the floor in response to the bells or whether we want to risk getting the secretary halfway through his opening statement. I think we should go to temporary recess while we vote on the floor.

There are seven minutes remaining in this vote. That will give members time to make it, and we will return immediately and commence with your opening statement. Thank you, Mr. Secretary. We are in temporary recess. (Sounds gavel.)


REPRESENTATIVE COX: Committee on Homeland Security will again come to order. Secretary Chertoff, again, welcome. Thank you for indulging us during our floor votes. Your complete written testimony will be included in the record and you're now recognized for such time as you may consume to provide an oral summary of that testimony.

SECRETARY CHERTOFF: Thank you, Mr. Chairman. As, as you pointed out, this is my first outing for this committee. I look forward to a long and productive relationship. Mr. Chairman, ranking member Thompson, I think what I'm going to do is simply summarize the main points of my statement in the interest of time.

The Department of Homeland Security was created a little bit over two years ago and it was created to do more than simply erect a big tent under which a lot of different organizations would be collected. It was created to put together a dynamic organization that wouldentify a set of missions in furtherance of homeland security, that would execute those missions in a integrated and comprehensive manner and that would take a reasonable and sensible philosophy to dealing with the matter of homeland security.

And two years into the department, coming on as the new secretary, I have the opportunity to engage in what we call a second stage review of where we are headed, where we've come and what course corrections if any we need to make. And I, we undertake this process of the second stage review with a very keen appreciation for the fine work done by my predecessor, Governor Ridge and, and his deputies, Gordon England and Jim Lloyd. They put this together in the first instance. They launched the first stage and that's gotten us on the mission but we have to again ask ourselves what adjustments we need to make.

And I think broadly speaking, they fall in three categories. First of all, we need to make sure that all of our activities are not focused on the process of the component that is performing the function but on the mission that we are trying to achieve. We need to be outcome oriented. And the best example I can give to people about what I mean by this is if I have a problem in my, in my house, my appliances aren't working and I call an electrician, I call the plumber, I call the contractor, and they work for a day and they come to me and they say well, we've all done exactly what we're supposed to do; we followed all of our protocols, but the stuff still doesn't work. I don't consider that a job well done. I consider a job well done to be when the appliances work. And that's called being outcome or mission oriented. We want the thing to work the way it's supposed to work, and we don't care about how many of the processes are checked off along the way.

So the second stage review is designed to take a look at our missions, evaluate how far we've come, how far we need to go, and then talk about how we accomplish the rest of our objectives, without regard to the existing structures, but with regard to what it is we need to get accomplished.

Now the second piece of what I want to briefly mention is how we organize ourselves to carry out missions. And this obviously is going to be a function of our study of the mission and where we are and where we need to be. But I can tell you at this point again in general terms, it seems to me there are three aspects in which we need to be operating as a coordinated, comprehensive department.

First of all, intelligence. Intelligence is the driver of everything we do. And we need to operate under a common picture of the threats we're facing. There are two dimensions for that. First of all, we are collectors of intelligence, meaning that we have a lot of different organizations that interact with the outside world and collect information. We need to make sure that we are capturing all of that, we are pulling it together and we are fusing it at the top of our organization. And so some of what we're going to be looking at in this review is how to make that happen and to improve our collection, capture, infusing of intelligence.

The second piece of intelligence is operating within a larger intelligence community, as contributors, as disseminators, and as customers. Obviously we have a new DNI coming on. That's going to create an opportunity for us to work with the community as a whole, to make sure we are contributing the way we should be contributing, that we have the access that we need to have to do our job, and that we are in a position to disseminate what needs to be getting to our federal, state and local partners.

We need to also have a comprehensive approach to policy. Again, we have policy in a lot of different components, there are very smart people there, but we need to have a vision that looks beyond the components through the department. And so elevating and standing up a policy organization that is capable of strategic planning and dealing with policy issues is a second matter we are paying close attention to. And finally, the issue of operations. We have proud organizations that are part of the Department of Homeland Security that have very strong senses of their own missions. But the purpose of the department was to create an organization that could operate jointly, and therefore we need to make sure we have an operational element, an operations coordinator that, that is able to, to coordinate across the board so that when we take an item of intelligence and we try to translate that into action, we do it in terms of prevention, we do it in terms of p