On Thursday, September 12, 2001, NASA Inspector General Roberta Gross
testified at the Senate Committee on Governmental Affairs hearing on
“How Safe Is Our Critical Infrastructure?” Her testimony was based on
the results of a NASA Office of Inspector General-led, President’s
Council on Integrity and Efficiency (PCIE)/Executive Council on
Integrity and Efficiency (ECIE) initiative to review the Federal
Government’s implementation of Presidential Decision Directive 63 ñ The
Clinton Administration’s Policy on Critical Infrastructure Protection.*
The PCIE/ECIE, a consortium of Federal Offices of Inspector General,
reported the Phase I results of its 4-phase review earlier this year to
the Director, Office of Management and Budget, and the National
Coordinator for Security, Infrastructure Protection and Counter-
terrorism.
Ms Gross testified that many agency infrastructure protection plans
were incomplete; most agencies had not identified their mission-
essential infrastructure assets; and almost none of the agencies had
completed vulnerability assessments of their critical infrastructure
assets or developed risk remediation plans. Key factors impacting the
agencies’ ability to implement PDD 63 were misunderstandings as to the
applicability of PDD 63; imprecise performance measures for measuring
progress in achieving security preparedness; slow progress in
identifying critical infrastructure assets; inadequate coordination of
PDD 63 requirements among federal agencies and a failure to advance
infrastructure protection activities beyond the planning phase. The 21
Offices of Inspector General participating in the Phase I review made
about 100 recommendations to improve their respective agency’s critical
infrastructure protection programs.
The testimony is available on the web at:
http://www.hq.nasa.gov/office/oig/hq/testimony091201.doc
The report of the PCIE/ECIE Phase I review is available at:
http://www.ignet.gov/pande/audit/creport.pdf
For more information on this release, please call Paul Shawcross,
Acting Executive Officer at (202) 358-2580.
*Events such as the bombing of the Murrah Federal Building in Oklahoma
City demonstrated that the Federal government needed to address new
types of threats and vulnerabilities, many of which had not previously
received a high priority. The Executive Branch formed a critical
infrastructure working group, which included representatives from the
defense, intelligence, law enforcement and national security
communities. The working group identified both physical and cyber
threats as growing concerns.