GAO Criticizes Park Service's Risk Management Practices

By Matthew Harwood

The National Park Service does not have a systematic approach to risk management, which could leave the hundreds of millions of people who visit national parks and icons vulnerable to terrorist attack and other criminal activities, according to the Government Accountability Office (GAO).

After 9-11, the Park Service in cooperation with the Office of Law Enforcement and Security, both components of the Department of the Interior, identified five national icons as critical assets. These assets, along with some border parks, have received risk assessments, which have led to new surveillance and monitoring equipment, vehicle-borne bomb protections, and better visitor screening procedures.

Nevertheless, the rest of the park system's icon and national parks have either been ignored or have relied on regional offices to conduct there own ad hoc risk assessments without national guidance.

"The Park Service does not require that other parks undergo risk assessments and therefore there has been no comprehensive servicewide assessment, prioritization, and mitigation of vulnerabilities," Congress' watchdog noted. "Instead, Park Service officials use their discretion to request risk assessments from the Park Service or another entity, and as a result, risk assessments can vary in their scope and methodology from park to park."

Continuous and standardized risk assessments, the GAO explains, are critical to effectively allocating scarce resources to combat credible threats where they arise.

To determine Park Service vulnerabilities, the GAO looked at the security programs of two national icons—the Statue of Liberty in New York City and the Gateway Arch in St. Louis—and three national parks—Gettysburg in Pennsylvania; the African Burial Ground in New York City; and the Grand Canyon in Arizona.

The GAO had other criticisms as well. The Park Service does not provide guidance for parks and icons when they invest in security technology, which could lead to a wasteful trial-and-error approach to technology procurement, the report states. The Park Service also does not provide its icons and parks' officials and officers with an internal and secure way to share information on security best practices and technology, such as a Web portal.

"Thus, while officials at the Gateway Arch said they have collaborated with other federal agencies—such as the Transportation Security Administration (TSA) to form a federal screeners group to share best practices and learn about new technologies—the Park Service is limited in its ability to leverage these lessons learned throughout the organization—an activity that a shared Web portal could enable," the report notes.

Instead, some regional offices have created their own Web sites to communicate necessary information, although they differ widely in form, function, and content.

In response to the GAO, the Park Service said it had recently established a Homeland Security Division within the Park Police "to develop a more comprehensive approach to security." The Park Service also acknowledged formal guidelines for leveraging technology and an internal communications strategy are necessary to improving its security program.

♦ Photo of the Statue of Liberty by NekoFever/Flickr


View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.