DHS Authorization Act

Department of Homeland Security Authorization Act or the DHS Authorization Act

DIVISION A--HOMELAND SECURITY

TITLE I--DEPARTMENT OF HOMELAND SECURITY HEADQUARTERS

Department of Homeland Security Authorization Act for Fiscal Years 2018 and 2019

Subtitle A--Headquarters Operations

(Sec. 1101) This bill amends the Homeland Security Act of 2002 (HSA) to define "homeland security enterprise" as any relevant governmental or nongovernmental entity involved in homeland security, including a federal, state, or local government official, private sector representative, academic, or other policy expert.

(Sec. 1102) The Department of Homeland Security (DHS) shall coordinate through the Office of Partnership and Engagement (established by this bill) with specified entities, including by entering into agreements with governments of other countries and international nongovernmental organizations to achieve DHS missions.

The bill establishes in DHS a Headquarters, which shall include:

• the Office of the Secretary;
• the Office of the Deputy Secretary;
• the Executive Secretary;
• the Management Directorate, including the Office of the Chief Financial Officer;
• the Office of Strategy, Policy, and Plans;
• the Office of the General Counsel;
• the Office of the Chief Privacy Officer;
• the Office for Civil Rights and Civil Liberties;
• the Office of Operations Coordination;
• the Office of Intelligence and Analysis;
• the Office of Legislative Affairs;
• the Office of Public Affairs;
• the Office of the Inspector General;
• the Office of the Citizenship and Immigration Services Ombudsman; and
• the Office of Partnership and Engagement.

DHS, acting through its appropriate Headquarters' official, shall:

• establish an overall strategy to successfully further its mission;
• establish initiatives that improve DHS-wide operational performance;
• establish mechanisms to ensure that DHS components comply with department policies and fully implement DHS strategies and initiatives;
• establish annual operational and management objectives to evaluate the performance of DHS;
• ensure that DHS successfully meets operational and management performance objectives by conducting oversight of component agencies;
• ensure that the strategies, priorities, investments, and workforce of DHS components align with DHS objectives;
• establish and implement policies related to DHS ethics and compliance standards;
• establish and implement policies which preserve individual liberty, fairness, and equality under the law;
• manage and encourage shared services across DHS components; and
• lead and coordinate interaction with Congress and other external organizations.

(Sec. 1103) The position of Director of Shared Services of DHS and the Office of Counternarcotics Enforcement are abolished.

(Sec. 1104) DHS shall appoint a Chief Privacy Officer, whose duties shall include developing guidance to assist DHS components in developing privacy policies and practices and serving as the Chief Freedom of Information Officer of DHS to manage and process requests under the Freedom of Information Act (FOIA) and develop guidance on procedures for meeting FOIA requests.

(Sec. 1105) The Chief Financial Officer of DHS shall:

• oversee DHS budget formulation and execution;
• lead and provide guidance on performance-based budgeting practices for DHS;
• lead cost-estimating practices for DHS, including the development of policies on cost estimating and approval of life cycle cost estimates;
• coordinate with the Office of Strategy, Policy, and Plans to ensure that the development of the budget for DHS is compatible with its long-term strategic plans, priorities, and policies;
• develop financial management policy for DHS and oversee the implementation of such policy;
• provide guidance for and over financial system modernization efforts throughout DHS;
• lead the efforts of DHS related to financial oversight, including identifying ways to streamline and standardize business processes;
• oversee the costs of acquisition programs and related activities to ensure that actual and planned costs are in accordance with budget estimates and are affordable, or can be adequately funded, over the life cycle of such programs and activities;
• fully implement a common accounting structure for all DHS offices and components by FY2020; and
• track, approve, oversee, and make public information on expenditures by DHS components for conferences.

(Sec. 1106) The Chief Information Officer of DHS shall serve as the lead technical authority for information technology programs of DHS and its components.

In coordination with the Chief Financial Officer, the Chief Information Officer shall develop an information technology strategic plan every five years and report to Congress on the extent to which:

• the DHS budget aligns with priorities specified in the information technology strategic plan,
• the information technology strategic plan informs the DHS budget process,
• information technology priorities were or were not funded and the reasons for not funding all priorities in a given fiscal year,
• DHS has identified and addressed skills gaps needed to implement the information technology strategic plan, and
• unnecessary duplicate information technology has been eliminated.

Not later than 180 days after this bill's enactment and every two years thereafter until 2022, the Chief Information Officer shall:

• conduct a DHS-wide inventory of all existing software licenses, including utilized and unutilized licenses;
• assess the needs of DHS and its components for software licenses for the subsequent two fiscal years;
• examine how DHS can achieve the greatest possible economies of scale and cost savings in the procurement of software licenses;
• determine how the use of shared cloud-computing services will impact the needs for software licenses for the subsequent two fiscal years;
• establish plans and estimated costs for eliminating unutilized software licenses for the subsequent two fiscal years; and
• submit a copy of each inventory conducted to Congress.

If the Chief Information Officer determines through the inventory that the number of software licenses held by DHS and its components exceed the needs of the department, DHS shall establish a plan for reducing the number of such software licenses to meet its needs.

No additional resources may be obligated for the procurement of new software licenses for DHS until such time as its need exceeds the number of its used and unused licenses. The Chief Information Officer may, however, authorize the purchase of additional licenses and amend the number of needed licenses as necessary.

Not later than FY2019, the Government Accountability Office (GAO) shall review the extent to which the DHS Chief Information Officer has fulfilled all requirements relating to information technology and licenses.

Not later than one year after this bill's enactment, the Chief Information Officer shall complete the first required information technology strategic plan.

(Sec. 1107) In each quadrennial homeland security review conducted after December 31, 2017, DHS shall collaborate with the Homeland Security Advisory Committee in conducting a review and use a risk assessment when evaluating threats to the homeland.

DHS must report to Congress on such review and retain pertinent documentation regarding such review, including: (1) records regarding consultation with specified agencies, officials, representatives from advisory committees, and other relevant entities; and (2) information regarding the required risk assessment.

Not later than 90 days after the submission of each report, DHS shall provide to the congressional homeland security committees information on the degree to which the findings and recommendations developed in the quadrennial homeland security review covered by the report were integrated into the acquisition strategy and expenditure plans for DHS.

(Sec. 1108) The Office of Strategy, Policy, and Plans shall include:

• the Office of International Affairs;
• the Office of Cyber, Infrastructure, and Resilience Policy;
• the Office of Strategy, Planning, Analysis, and Risk;
• the Office of Threat Prevention and Security Policy; and
• the Office of Border, Immigration, and Trade Policy.

The Office of International Affairs shall be led by an Assistant Secretary for International Affairs appointed by the DHS Secretary. The Assistant Secretary shall have specified duties, including coordinating international activities within DHS and providing guidance on the deployment of assets, including personnel, outside the United States and the training of such personnel.

The Office of International Affairs within the Office of the Secretary of Homeland Security is abolished.

The bill establishes a Homeland Security Advisory Council to provide advice and recommendations on homeland security-related matters, including advice with respect to the preparation of the Quadrennial Homeland Security Review.

DHS must review its components that are responsible for international affairs to identify and eliminate areas of unnecessary duplication and submit to the congressional homeland security committees an action plan to address areas of duplication and opportunities for cost savings and revenue enhancement.

(Sec. 1109) The bill establishes in DHS an Office of External Affairs, headed by a Principal Assistant Secretary for External Affairs. The office shall include the following components:

• the Office of Legislative Affairs,
• the Office of Public Affairs, and
• the Office of Partnership and Engagement.

The Assistant Secretary for Partnership and Engagement shall be appointed by the DHS Secretary and shall:

• lead DHS efforts to incorporate external feedback from stakeholders into policy and strategic planning efforts in consultation with the Office for Civil Rights and Civil Liberties;
• conduct certain terrorism prevention activities;
• advise the Secretary on the effects of the policies, regulations, processes, and actions of DHS on the private sector and create and foster strategic communications with the private sector to enhance the primary DHS mission to protect the homeland;
• coordinate DHS activities relating to state and local governments; and
• provide state and local governments with regular information, research, and technical support to assist local efforts to secure the homeland.

The functions authorized to be performed by the Office for State and Local Law Enforcement of DHS are transferred to the Office of Partnership and Engagement.

The Office for State and Local Government Coordination of DHS is abolished. Its functions are transferred to the Office of Partnership and Engagement.

The position of Special Assistant to the Secretary is abolished. The functions of the Special Assistant are transferred to the Office of Partnership and Engagement.

(Sec. 1110) The bill establishes in DHS a Chief Procurement Officer who shall serve as a senior business advisor to DHS officials on procurement-related matters and report directly to the Under Secretary for Management. The Chief Procurement Officer's duties shall include issuing procurement policies and ensuring compliance with those policies.

(Sec. 1111) The bill establishes in DHS a Chief Security Officer, who shall report directly to the Under Secretary for Management.

The Chief Security Officer shall:

• develop and implement the security policies, programs, and standards of DHS;
• identify training and provide education to DHS personnel on security-related matters; and
• provide support to DHS components on security-related matters.

(Sec. 1112) The heads of offices and components of DHS must promptly advise the DHS Inspector General of all allegations of misconduct with respect to which the Inspector General has investigative authority under the Inspector General Act of 1978.

(Sec. 1113) The bill establishes in DHS an Office for Civil Rights and Civil Liberties.

Under the direction of the Officer for Civil Rights and Civil Liberties, the office shall support the officer in:

• integrating civil rights and civil liberties into DHS activities;
• investigating complaints and information indicating possible abuses of civil rights or civil liberties, unless the DHS Inspector General determines that any such complaint or information should be investigated by the Inspector General;
• carrying out DHS's equal employment opportunity and diversity policies and programs, including complaint management and adjudication; and
• communicating with individuals and communities whose civil rights and civil liberties may be affected by DHS activities.

(Sec. 1114) The Homeland Security Rotation Program is modified to: (1) foster greater departmental integration and unity of effort; (2) help enhance the knowledge, skills, and abilities of participating personnel with respect to DHS programs, policies, and activities; and (3) improve morale and retention throughout DHS.

DHS must disseminate information about the availability of the program and provide criteria for the selection, retention, and performance evaluations of employees participating in the program.

DHS shall establish an Intelligence Rotational Assignment Program as part of the program. The Chief Human Capital Officer, in conjunction with the Chief Intelligence Officer, shall administer the Intelligence Rotational Assignment Program.

The Intelligence Rotational Assignment Program shall be open to employees serving in existing analyst positions within DHS's Intelligence Enterprise and other appropriate DHS employees.

DHS shall provide to Congress information on status of the program within 120 days after the enactment of this bill.

(Sec. 1115) This section requires, not later than 60 days after the submission of the President's budget, DHS to submit to the congressional homeland security committees a Future Years Homeland Security Program that covers the fiscal year for which the budget is submitted and the four succeeding fiscal years.

On and after February 1, 2018, each Future Years Homeland Security Program shall project acquisition estimates for the fiscal year for which the budget is submitted and the four succeeding fiscal years and estimated annual deployment schedules for all physical asset major acquisitions.

(Sec. 1116) Not later than 270 days after the enactment of this bill, DHS shall submit to Congress a field efficiencies plan that: (1) examines the facilities and administrative and logistics functions of DHS components located within designated geographic areas, and (2) provides specific recommendations and an associated cost-benefit analysis for the consolidation of the facilities and administrative and logistics functions of DHS components within each such area.

The field efficiencies plan shall include an accounting of DHS leases, an evaluation of specific DHS facilities that may be closed or consolidated, and implementation plan, and an accounting of any consolidation of the real estate footprint of DHS.

(Sec. 1117) For each fiscal year until FY2023, DHS shall provide to Congress, together with its annual budget request, information on: (1) any circumstance during the year covered by the report in which DHS exercised the authority to reprogram or transfer funds to address unforeseen costs, including costs associated with operational surges; and (2) any circumstance in which any limitation on the transfer or reprogramming of funds affected the ability of DHS to address such unforeseen costs.

(Sec. 1118) DHS must submit a report to the congressional homeland security committees that includes:

• a detailed accounting of the management and administrative expenditures and activities of each DHS component that identifies potential cost savings, avoidances, and efficiencies for those expenditures and activities;
• an examination of major physical assets of DHS;
• a review of the size, experience level, and geographic distribution of the operational personnel of DHS; and
• recommendations for adjustments in the management and administration of DHS that would reduce deficiencies in DHS capabilities, reduce costs, and enhance efficiencies.

(Sec. 1119) DHS must assess the organization and management of its research and development activities and develop and submit to Congress within six months of enactment of this bill a proposed organizational structure for the efficient and effective management of such activities.

DHS shall: (1) assess the organization and management of its chemical, biological, radiological, nuclear, and explosives activities, including the activities of the Office of Health Affairs, the Domestic Nuclear Detection Office, and the Office for Bombing Prevention; and (2) by six months after this bill's enactment, develop and submit a proposed organizational structure to ensure enhanced coordination, effectiveness, and efficiency by providing strengthened chemical, biological, radiological, nuclear, and explosives capabilities in support of homeland security.

The GAO must submit a review of the organizational justifications.

(Sec. 1120) The Under Secretary for Strategy, Policy, and Plans must include feedback from organizations representing the needs of children when reviewing and incorporating external stakeholder feedback into DHS policy.

Subtitle B--Human Resources and Other Matters

(Sec. 1131) This section sets forth additional duties of the DHS Chief Human Capital Officer, including maintaining an catalogue of available employee development opportunities and ensuring that employee discipline and adverse action programs comply with applicable law and due process requirements.

(Sec. 1132) DHS shall establish an employee engagement steering committee to address issues relating to employee engagement, morale, and communications.

The Chief Human Capital Officer shall issue a DHS-wide employee engagement action plan and submit such plan to the congressional homeland security committees.

(Sec. 1133) DHS may establish an annual employee award program to recognize DHS employees for significant contributions to the achievement of DHS goals and missions.

(Sec. 1134) The GAO must utilize DHS reports to investigate whether the application of discipline and adverse actions by DHS is administered in an equitable and consistent manner.

After such investigation, the DHS Under Secretary for Management shall implement a plan to correct any relevant deficiencies identified by the GAO.

(Sec. 1135) DHS must provide guidance to its components and offices on the implementation of executive orders affecting DHS operations.

(Sec. 1136) DHS must continue to prioritize providing assistance, on a voluntary basis, to state and local election officials to protect election infrastructure.

TITLE II--DEPARTMENT OF HOMELAND SECURITY ACQUISITION ACCOUNTABILITY AND EFFICIENCY

Subtitle A--Acquisition Authorities

(Sec. 1211) The Under Secretary for Management of DHS shall be responsible for acquisition management and shall have the following functions and responsibilities:

• advising the Secretary on acquisition management activities;
• leading the acquisition oversight body of DHS, the Acquisition Review Board, and exercising the acquisition decision authority to approve, pause, modify (including the rescission of approvals of program milestones), or cancel major acquisition programs, unless the Under Secretary delegates such authority to a Component Acquisition Executive;
• establishing policies for acquisition that implement an approach that takes into account risks of failure to achieve cost, schedule, or performance parameters;
• ensuring that each major acquisition program has a DHS-approved acquisition program baseline;
• ensuring that the heads of components and component acquisition executives comply with federal law, the Federal Acquisition Regulation, and DHS acquisition management directives;
• providing additional scrutiny and oversight for an acquisition that is not a major acquisition;
• ensuring that grants and financial assistance are provided only to individuals and organizations that are not suspended or debarred;
• distributing guidance throughout DHS to ensure that contractors involved in acquisitions, particularly contractors that access its information systems and technologies, adhere to relevant DHS policies related to physical and information security;
• overseeing the Component Acquisition Executive organizational structure to ensure component acquisition executives have sufficient capabilities and comply with DHS acquisition policies; and
• ensuring acquisition decision memoranda adequately document decisions.

The Under Secretary may delegate acquisition decision authority for acquisition programs with a specified life cycle cost estimate.

The Under Secretary and the Under Secretary for Science and Technology shall cooperate in matters related to the coordination of acquisitions across DHS so that investments of the Directorate of Science and Technology are able to support current and future requirements of DHS components.

The bill sets forth the duties of the Under Secretary for Science and Technology with respect to major acquisition programs.

(Sec. 1212) The Office of Program Analysis and Evaluation shall oversee the costs of acquisition programs and related activities to ensure that actual and planned costs are in accordance with budget estimates and are affordable, or can be adequately funded, over the life cycle of such programs and activities.

(Sec. 1213) This section sets forth additional acquisition responsibilities of the DHS Chief Information Officer.

(Sec. 1214) This section establishes the Program Accountability and Risk Management Office in the DHS Management Directorate. The purpose of the office is to: (1) provide consistent accountability, standardization, and transparency of major acquisition programs of DHS; and (2) serve as the central oversight function for all DHS acquisition programs.

The office shall be led by an Executive Director, who shall report directly to the Under Secretary for Management, and shall monitor the performance of DHS acquisition programs.

Each head of a DHS component shall comply with federal law, the Federal Acquisition Regulation, and DHS acquisition management directives established by the Under Secretary. For each major acquisition program, component heads shall:

• define baseline requirements and document changes to such requirements;
• establish a complete life cycle cost estimate;
• verify each life cycle cost estimate against independent cost estimates, and reconcile any differences;
• complete a cost-benefit analysis with supporting documentation;
• develop and maintain a schedule that is consistent with scheduling best practices; and
• ensure that all acquisition program information is complete, accurate, timely, and valid.

For each major acquisition program, the Executive Director responsible for the preparation of the Comprehensive Acquisition Status Report shall require certain acquisition documentation to be submitted by DHS components or offices. DHS may waive such requirement under certain conditions.

(Sec. 1215) The Under Secretary for Management may:

• designate an individual within DHS to manage acquisition innovation efforts;
• test emerging acquisition best practices to carrying out acquisitions, consistent with the Federal Acquisition Regulation and DHS acquisition management directives;
• develop and distribute best practices and lessons learned regarding acquisition innovation;
• establish metrics to measure the effectiveness of acquisition innovation efforts; and
• determine impacts of acquisition innovation efforts on the private sector.

By 90 days after DHS submits its annual budget justification for each of FY2019-FY2023, it shall provide information to the congressional homeland security committees on:

• emerging acquisition best practices;
• efforts to distribute best practices and lessons;
• utilization by components throughout DHS of best practices distributed by the Under Secretary of Management;
• performance as measured by the metrics established;
• outcomes of efforts to distribute best practices and lessons learned within DHS;
• any impacts of the utilization of innovative acquisition mechanisms by DHS on the private sector, including small businesses;
  
• criteria used to identify specific acquisition programs or activities to be included in acquisition innovation efforts and the outcomes of such programs or activities; and
• recommendations to enhance acquisition innovation in DHS.

Subtitle B--Acquisition Program Management Discipline

(Sec. 1221) DHS shall establish an Acquisition Review Board to: (1) strengthen accountability and uniformity within the DHS acquisition review process, (2) review major acquisition programs (programs estimated to require a total expenditure of at least $300 million over their life cycle costs), and (3) review the use of best practices.

The board shall convene at DHS's discretion and whenever: (1) a major acquisition program requires authorization to proceed from one acquisition decision event to another, is in breach of its approved requirements, or requires additional review; or (2) a non-major acquisition program requires review.

If the person exercising acquisition decision authority over a major acquisition program approves such program to proceed into the planning phase before such program has a DHS-approved acquisition program baseline, DHS shall: (1) create and approve a baseline report regarding such approval; (2) notify Congress within seven days after an acquisition decision memorandum is signed; and (3) within 60 days after such signing, report on the rationale for such decision and a plan of action to require an acquisition program baseline for such program.

DHS shall report annually to the congressional homeland security committees through FY2022 on the board's activities, including information on:

• any acquisition decision memoranda for each meeting of the board,
• results of systematic reviews,
• results of acquisition document reviews, and
• activities to ensure that practices are adopted and implemented throughout DHS.

(Sec. 1222) The DHS Deputy Secretary shall establish DHS-wide policies to integrate all phases of the investment life cycle and help DHS identify, validate, and prioritize common component requirements for major acquisition programs. The policies shall also include strategic alternatives for developing and facilitating a DHS component-driven requirements process that includes oversight of a development test and evaluation capability; identification of priority gaps and overlaps in DHS capability needs; and provision of feasible technical alternatives, including innovative commercially available alternatives, to meet capability needs.

The Deputy Secretary shall consult with the Under Secretary for Management, Component Acquisition Executives, and any other DHS officials, including the Under Secretary for Science and Technology, with specific knowledge of DHS or component acquisition capabilities to prevent unnecessary duplication of requirements.

The bill sets forth additional responsibilities of the Deputy Secretary with respect to major investments and acquisition programs.

(Sec. 1223) DHS may establish a leadership council to ensure coordination and improve programs and activities of DHS. The council shall: (1) serve as coordinating forums; (2) advise the Secretary and Deputy Secretary on DHS strategy, operations, and guidance; and (3) consider and report on such other matters as the Secretary or Deputy Secretary may direct.

(Sec. 1224) The GAO shall conduct a review of the effectiveness of the Acquisition Review Board and the requirements established to reduce unnecessary duplication in acquisition programs.

(Sec. 1225) DHS must report to Congress on waivers issued to allow agencies to engage in business with a contractor in the Excluded Party List System maintained by the General Services Administration and provide a justification for such waivers.

(Sec. 1226) The DHS Inspector General shall: (1) conduct audits regarding grant and procurement awards to identify instances in which a contract or grant was improperly awarded; and (2) review the suspension and debarment program throughout DHS.

Subtitle C--Acquisition Program Management Accountability and Transparency

(Sec. 1231) If a breach occurs in a major acquisition program, the program manager for such program shall notify the Component Acquisition Executive for such program, the head of the component concerned, the Executive Director of the Program Accountability and Risk Management Division, the Under Secretary for Management, and the Deputy Secretary not later than 30 days after such breach is identified.

If a breach occurs in a major acquisition program and such breach results in a cost overrun greater than 15%, a schedule delay greater than 180 days, or a failure to meet any of the performance thresholds, the Component Acquisition Executive for such program shall notify the Secretary and the Inspector General of DHS not later than five business days after the Component Acquisition Executive for such program, the head of the component concerned, the Executive Director of the Program Accountability and Risk Management Division, the Under Secretary for Management, and the Deputy Secretary are notified of the breach.

The program manager for a major acquisition program shall submit a remediation plan and root cause analysis for a breach.

The Under Secretary for Management shall review the remediation plan. The Under Secretary may approve such plan or provide an alternative proposed corrective action within 30 days of the submission of such plan.

The Under Secretary shall submit to the congressional homeland security committees: (1) a copy of the remediation plan and the root cause analysis, and (2) a statement describing the corrective action or actions that have occurred for the major acquisition program at issue.

If a likely cost overrun is greater than 20% or a likely delay is greater than 12 months from the costs and schedule specified in the acquisition program baseline for a major acquisition program, the Under Secretary for Management shall include in the notification a written certification, with supporting explanations.

(Sec. 1232) DHS must submit to congressional committees and the GAO a multiyear acquisition strategy to guide the overall direction of DHS acquisitions.

The GAO shall review the strategy to analyze its effectiveness.

(Sec. 1233) At the same time as the President's budget is submitted for a fiscal year, the Under Secretary for Management shall submit to the congressional homeland security committees an annual comprehensive acquisition status report. The report shall include:

• specified information required under the Consolidated Appropriations Act, 2012;
• a listing of programs that have been cancelled, modified, paused, or referred to the Under Secretary for Management or Deputy Secretary for additional oversight or action by the board, DHS Office of Inspector General, or the GAO; and
• a listing of established Executive Steering Committees.

The report shall include specified information for major acquisition programs.

The Under Secretary for Management shall prepare a quarterly program accountability report to meet the mandate of DHS to perform program health assessments and improve program execution and governance.

Not later than 60 days after the enactment of this bill, component heads of DHS shall identify to the Under Secretary for Management all level 3 acquisition programs of each respective component. Not later than 30 days after receipt of such information, the Under Secretary shall certify in writing to the congressional homeland security committees whether such component heads have properly identified such programs. The Under Secretary shall establish a process with a repeatable methodology to continually identify level 3 acquisition programs.

Not later than 180 days after the enactment of this bill, component heads of DHS shall submit to the Under Secretary their respective policies and relevant guidance for level 3 acquisition programs of each respective component. Not later than 90 days after receipt of such policies and guidance, the Under Secretary shall certify to the congressional homeland security committees that each component's respective policies and guidance adhere to DHS-wide acquisition policies.

TITLE III--INTELLIGENCE AND INFORMATION SHARING

Subtitle A--Department of Homeland Security Intelligence Enterprise

(Sec. 1301) This title requires the DHS Chief Intelligence Officer, in coordination with other DHS intelligence components, to develop and disseminate DHS-wide guidance for the processing, analysis, production, and dissemination of homeland security information and terrorism information.

(Sec. 1302) DHS shall assist the Chief Intelligence Officer by providing experienced staff with appropriate expertise.

(Sec. 1303) DHS must conduct assessments of the terrorist threat to the homeland for each of the next five fiscal years.

(Sec. 1304) DHS shall develop a framework to integrate existing DHS datasets and systems for access by authorized personnel.

(Sec. 1305) DHS shall establish an Insider Threat Program to provide training and education for DHS personnel to identify, prevent, mitigate and respond to insider threat risks. An insider threat is defined as the threat that a person who has access to classified national security information will use that access, wittingly or unwittingly, to do harm to the security of the United States.

(Sec. 1306) DHS shall develop and disseminate a threat assessment regarding the actual and potential threat posed by individuals using virtual currency to carry out activities in furtherance of an act of terrorism.

(Sec. 1307) DHS must establish a board to coordinate and integrate departmental intelligence, activities, and policy related to the counterterrorism mission and functions of DHS. The board shall advise DHS about the issuance of terrorism alerts.

(Sec. 1308) DHS shall conduct a threat assessment on whether human smuggling organizations and transnational gangs are exploiting vulnerabilities in border security screening programs to gain access to the United States and threaten the United States or border security.

(Sec. 1309) DHS must review all sensitivity level designations of national security positions and ensure the designation of the sensitivity level of such positions is conducted in a manner consistent with federal guidelines.

Subtitle B--Stakeholder Information Sharing

(Sec. 1311) DHS's State, Local, and Regional Fusion Center is renamed the Department of Homeland Security Fusion Center Partnership Initiative. A fusion center is a collaborative effort of two or more federal, state, local, or tribal government agencies that combine resources to detect, prevent, and respond to criminal or terrorist activity.

(Sec. 1312) The GAO shall conduct an assessment of DHS personnel assigned to fusion centers and whether deploying additional personnel would enhance DHS's mission.

(Sec. 1313) DHS shall submit a report on top secret clearance processes.

(Sec. 1314) DHS shall conduct an assessment of information systems used to share homeland security information between DHS and fusion centers.

(Sec. 1315) DHS must maintain an inventory of DHS facilities certified to house classified infrastructure or systems at the secret level and above.

(Sec. 1316) DHS shall share with fusion centers release information of individuals from a federal correctional facility who may pose a terrorist threat.

(Sec. 1317) DHS shall report on the activities of the Office for State and Local Law Enforcement, including efforts to coordinate and share information about agency programs, to state, local, and tribal law enforcement agencies.

(Sec. 1318) The Office of State and Local Law Enforcement shall produce an annual catalog that summarizes opportunities available to state, local, and tribal law enforcement agencies from DHS.

TITLE IV--MARITIME SECURITY

(Sec. 1401) This section revises the reporting date for updates of the strategic plan to enhance the security of the international supply chain.

(Sec.1402) This section updates reporting requirements for the Container Security Initiative.

(Sec. 1403) This section requires the Area Maritime Security Advisory Committee to facilitate the sharing of information relating to cybersecurity risks and incidents for any U.S. port area.

(Sec. 1404) This section revises inspection intervals for DHS facilities.

(Sec. 1405) This section requires DHS to submit to Congress a maritime operations coordination plan and updates for such plans.

(Sec. 1406) The GAO must submit to Congress a report that describes and assesses the state of the Coast Guard's Deployable Specialized Forces.

(Sec. 1407) DHS must conduct a cost-benefit analysis for co-locating aviation and maritime operational assets of the Office of Air and Marine Operations at other DHS facilities.

(Sec. 1408) The section repeals provisions authorizing interagency operational centers for port security and the program for evaluating and certifying secure systems of international intermodal transportation.

(Sec. 1409) DHS must submit to the congressional homeland security committees an assessment of resources for increasing DHS's maritime security capabilities.

TITLE V--TRANSPORTATION SECURITY ADMINISTRATION

Subtitle A--Administration

(Sec. 1501) This title amends the HSA to codify the transfer of the Transportation Security Administration (TSA) from the Department of Transportation (DOT) to DHS.

The Administrator of the TSA is included among the DHS officers to be appointed by the President. The Administrator shall be appointed as the head of the TSA for a five-year term at a Level IV position in the Executive Schedule.

(Sec. 1502) The title codifies provisions providing for the establishment in the TSA of the following:

• a Deputy Administrator;
• an Office of Public Affairs;
• an Office of Civil Rights and Liberties, Ombudsman, and Traveler Engagement;
• an Office of Legislative Affairs;
• an Office of Finance and Administration;
• an Office of the Chief of Operations;
• an Office of the Chief of Mission Support; and
• an Office of Chief Counsel.

(Sec. 1503) The Aviation and Transportation Security Act is amended to decrease from 30% to 15% of the annual rate of pay the TSA Administrator may receive as a performance bonus for any calendar year.

The bill repeals:

• TSA's aviation security program for charter air carriers, and
• grant funding for TSA research and development of aviation security technology.

The bill also repeals provisions expressing the sense of the House of Representatives that:

• the TSA should develop security procedures to allow passengers to transport musical instruments in the cabin of an aircraft, and
• air carriers that transport U.S. mail under a contract with the U.S. Postal Service (USPS) should transport any animal that the USPS allows to be shipped through the mail.

(Sec. 1504) This section requires the TSA to submit annually (currently, biennially):

• an update to its strategic five-year technology investment plan, and
• a report on the extent to which security-related technology acquired since the last issuance or update of the plan is consistent with the planned technology programs and projects identified for that security-related technology.

The TSA shall also include information about acquisitions completed during the fiscal year preceding the fiscal year in which such report is submitted.

The TSA shall:

• report to Congress on any TSA equipment that is operating after the end of its life-cycle or the end of its useful life projection under the technology investment plan, and
• notify airports and airlines of any changes to the plan.

(Sec. 1505) The TSA shall develop and implement a preventive maintenance validation process for security-related technology deployed to airports.

The maintenance contracts for security-related technology deployed to airports shall include penalties for noncompliance whenever preventive or corrective maintenance has not been completed according to contractual requirements and manufacturers' specifications.

(Sec. 1506) The TSA shall conduct an efficiency review of itself to identify and effectuate spending reductions and administrative savings.

(Sec. 1507) The TSA shall develop a strategic plan to reduce by 20% by June 30, 2019, the number of TSA positions at the Senior Executive Service level.

Subtitle B--Passenger Security and Screening

(Sec. 1511) DHS shall continue to review all of its trusted traveler vetting programs using representatives from such programs to make recommendations on possible efficiencies.

(Sec. 1512) The TSA shall conduct a biometric pilot project at airports to verify the identity of members of the TSA PreCheck or another DHS trusted traveler program providing TSA expedited screening.

(Sec. 1513) The TSA shall implement an identity and travel document verification system at all airports for persons entering into the sterile area of an airport.

(Sec. 1514) The TSA shall:

• conduct a computed tomography pilot project to screen baggage at passenger checkpoints,
• ensure that by December 31, 2018, at least 300 explosives detection canine teams are dedicated to passenger screening at U.S. airports, and
• require that standard operating procedures at airport checkpoints for passengers and carry-on baggage are carried out in a uniform manner.

(Sec. 1517) The TSA shall ensure the availability of the DHS Traveler Redress Inquiry Program (DHS TRIP) redress process to adjudicate inquiries for individuals who:

• are U.S. citizens or permanent residents,
• have filed an inquiry with DHS TRIP after receiving enhanced screening at an airport security checkpoint more than 3 times in any 60-day period, and
• believe they have been wrongly identified as being a threat to aviation security.

The TSA shall review and update the Privacy Impact Assessment for the Secure Flight programs and publish it on its website.

The TSA shall:

• conduct a comprehensive review of TSA's intelligence-based screening rules, and
• ensure such rules are taken into account for Federal Air Marshal mission scheduling.

The GAO shall study the effectiveness of such screening rules to identify and mitigate potential threats to aviation security.

(Sec. 1518) The TSA is authorized to provide screening services upon request of a commercial charter air carrier in areas other than primary passenger terminals.

(Sec. 1519) The TSA shall:

• develop a standard working document for all Federal Air Marshal Service agreements between the United States and foreign governments, and
• seek to acquire an automated software capability for the scheduling of such service missions based on current risk modeling.

(Sec. 1521) DHS shall audit all of its canine training programs and convene a working group of representatives from all such programs to make recommendations on possible efficiencies from integrating training standards and facilities. The TSA shall develop a canine staffing allocation model to determine the optimal number of passenger screening canines at U.S. airports.

(Sec. 1522) The U.S. Ambassador or the charge d'affaires to the United States Mission to the International Civil Aviation Organization shall introduce a resolution to raise minimum standards for airport security.

(Sec. 1523) DHS is prohibited from incorporating an increase in the passenger security fee beyond that authorized at the time that its proposed annual budget is transmitted to Congress.

(Sec. 1524) The bill revises requirements directing DOT to assess the effectiveness of the security measures maintained at foreign airports. Such assessment shall include the extent such airports screen and vet their airport workers.

(Sec. 1525) The bill amends the Gerardo Hernandez Airport Security Act of 2015 to mandate (currently, authorize) the contents of security incident response reports at airports.

TSA shall review active shooter response guidelines for DHS personnel and make a recommendation to DHS to modify such guidelines for personnel who are: (1) certified federal law enforcement officials, and (2) uniformed but unarmed security officials.

(Sec. 1526) The bill revises security screening opt-out program requirements to decrease from 120 days to 90 days the time that the TSA must approve or deny an application received from an airport operator to have the screening of passengers and property at the airport carried out by the screening personnel of a qualified private screening company. The TSA shall immediately upon issuing a denial (currently, within 60 days) provide the operator a written report of the denial.

The TSA shall also make best efforts to enter into a contract with the private screening company to provide screening services at an airport within 180 days after approval of an application.

An airport operator who has screening services provided by a private screening company is encouraged to recommend to the TSA innovative screening approaches and technologies.

(Sec. 1527) The TSA shall convene a working group consisting of representatives of TSA and labor organizations representing security screeners to discuss reforms to TSA's personnel management system and appeals to the Merit Systems Protection Board and grievance procedures.

(Sec. 1528) The TSA may establish a task force to conduct activities designed to identify and develop an innovative technology or capability with the potential of enhancing aviation security prior to TSA's acquisition of such technology or capability.

(Sec. 1529) The TSA shall report to Congress on its law enforcement officer reimbursement program.

Subtitle C--Transportation Security Screening Personnel Training and Accountability

(Sec. 1531) The TSA shall establish:

• a training program for new security screening personnel located at the Federal Law Enforcement Training Center in Glynco, Georgia; and
• recurring training of such personnel regarding updates to screening procedures and technologies in response to weaknesses identified in covert tests at airports.

The GAO shall report on the effectiveness of the new security screening personnel training at Glynco, Georgia.

(Sec. 1532) The TSA shall conduct a study of the cost and feasibility of developing an alternative training program for security screening personnel that is equal to the training program for new security screening personnel located at Glynco, Georgia.

(Sec. 1533) The TSA shall ensure that information of a covert test of security screeners by a covert testing office, the DHS Inspector General, or the GAO of a transportation security system is not provided to the screeners to be tested prior to the completion of such test, except an authorized individual conducting such test may provide information of a covert test to: (1) federal employees, officers, and contractors (including military personnel), state and local government employees and officers, and law enforcement officials; and (2) an appropriate individual if a security screener or other individual who is not a covered employee identifies the individual conducting such test as a potential threat.

The head of each covert testing office shall ensure that a cover team of covert testing office employees accompany and monitor individuals conducting a covert test of a transportation security system.

Subtitle D--Airport Access Controls and Perimeter Security

(Sec. 1541) The TSA shall conduct, and submit to Congress and the GAO, a cost and feasibility study of a significant number of Category I, II, III, IV, and X airports assessing the impact if all employee access points from non-secured to secured airport areas are comprised of the following:

• a secure door utilizing card and pin entry or biometric technology;
• surveillance video recording capable of storing video data for at least 30 days; and
• certain advanced screening technologies (including at least one of the following: magnetometer [walk through or hand-held], explosives detection canines or explosives trace detection, advanced imaging technology, or X-ray bag screening technology).

The GAO shall assess the completed study and report the results to Congress.

The TSA shall work with air carriers, foreign air carriers, airport operators, labor unions representing credentialed employees, and TSA's Aviation Security Advisory Committee to: (1) enhance security awareness of credentialed airport workers regarding insider threats to aviation security and recognized practices related to airport access controls; and (2) assess credentialing standards, policies, and practices to ensure that such threats to aviation security are addressed.

The TSA shall also:

• require the submission of a social security number for each individual applying for a Security Identification Display Area, Sterile Area, or Air Operations Area airport credential;
• work with airport operators and the TSA Advisory Committee to identify advanced technologies, such as biometric identification technologies, for securing employee access to secured and sterile airport areas;
• ensure that credentialed aviation worker populations currently requiring a finger-print-based criminal record history check are continuously vetted through the Federal Bureau of Investigation's Rap Back Service to mitigate insider threats;
• enhance its ability to educate TSA personnel on and better mitigate such threats to aviation security;
• ensure that TSA employee physical inspection efforts of aviation workers (Playbook operations) are focused on providing the greatest level of security effectiveness; and
• conduct covert testing of TSA employee screening operations at airports.

The TSA shall establish a national database of individuals who have had either their airport or airport operator-issued badge revoked for failure to comply with aviation security requirements, as well as a process to allow individuals whose names were mistakenly entered into such database to correct the record and have their names removed from it.

DHS is designated as the lead interagency coordinator of insider threat investigations and mitigation efforts at airports.

(Sec. 1542) The TSA shall:

• update the Transportation Sector Security Rick Assessment for the aviation sector;
• update the Comprehensive Risk Assessment of Perimeter and Access Control Security for airports;
• conduct a system-wide assessment of airport access control points and airport perimeter security, including cargo facilities; and
• update the 2012 National Strategy for Airport Perimeter and Access Control Security.

(Sec. 1543) The bill authorizes appropriations for FY2018-FY2019 for: (1) TSA monitoring of passenger exit points from the sterile area of airports, and (2) deployment of armed law enforcement personnel at each airport security screening location.

Subtitle E--Air Cargo Security

(Sec. 1551) DHS shall establish: (1) an air cargo advance screening (ACAS) program for the collection by the U.S. Customs and Border Protection (CBP) of advance electronic information from air carriers and other persons within the supply chain regarding cargo transported to the United States; and (2) a system that will allow freight forwarders, shippers, and air carriers to provide data on air cargo shipments departing from any location and bound to the United States.

DHS shall ensure that all high-risk cargo is inspected prior to being loaded onto aircraft at the last point of departure or at an earlier point in the supply chain.

DHS shall report to Congress detailing the operational implementation of providing advance information under the ACAS program and the value of such information in targeting cargo.

(Sec. 1552) The bill amends the Implementing Recommendations of the 9/11 Commission Act of 2007 to direct the TSA to:

• develop and issue standards for the use of third-party explosives detection canine teams for the primary screening of air cargo;
• develop a process to identify qualified non-federal entities that will certify such canine teams as meeting such standards; and
• provide that canines certified for the primary screening of air cargo can be used by air carriers, foreign air carriers, freight forwarders, and shippers.

Subtitle F--Information Sharing and Cybersecurity

(Sec. 1561) The TSA shall require each Federal Security Director of an airport to:

• meet quarterly with the airport director, airport security coordinator, and law enforcement agencies serving each airport to discuss incident management protocols, including resolution of screening anomalies at passenger screening checkpoints; and
• inform, consult, and coordinate with the airport security coordinator in a timely manner on security matters impacting airport operations and to establish and maintain protocols for such airport operators to ensure coordinated responses to such matters.

The TSA shall also:

• develop a plan to improve intelligence information sharing with state and local entities that includes best practices to ensure that such information is actionable, useful, and not redundant; and
• establish a mechanism to share best practices among federal, state, local, and tribal entities relating to employee training, employee professional development, technology development and deployment, hardening tactics, and passenger and employee awareness programs.

DHS shall:

• develop, implement, and update biennially a cybersecurity risk assessment model for aviation security that is consistent with the National Institute of Standards and Technology Framework for Improvement Critical Infrastructure Cybersecurity;
• establish guidelines for voluntary reporting of aviation-related cybersecurity risks and incidents to the DHS national cybersecurity and communications integration center and other appropriate federal agencies;
• direct the sharing of information regarding cybersecurity risks and incidents to address aviation-specific risks and, upon request, conduct cybersecurity vulnerability assessments for airports and air carriers; and
• evaluate the cybersecurity of TSA databases for trusted traveler and credentialing programs, including the Transportation Worker Identification Credential and Pre-Check trusted travelers programs, and develop information on any cybersecurity vulnerabilities and remediation plans for such vulnerabilities.

Subtitle G--Surface Transportation Security

(Sec. 1572) DHS shall:

• assess the vulnerabilities of and risks to surface transportation systems,
• develop and implement a risk-based security strategy to mitigate such vulnerabilities and risks, and
• coordinate with the heads of other federal agencies and stakeholders in developing and implementing such strategy.

(Sec. 1573) The TSA shall submit to Congress a report that contains a risk-based budget and resource allocation plan for surface transportation sectors that: (1) reflects the risk-based security strategy; and (2) is organized by appropriations account, program, project, and initiative.

The President's budget shall include a separate statement clearly distinguishing the resources requested for surface transportation security from the resources requested for aviation security.

DHS shall notify Congress not later than 15 days after the TSA allocates any resources or personnel, or the use of facilities, technology systems, or vetting resources, for a non-transportation security purpose or National Special Security Event.

(Sec. 1574) The GAO shall review, and report on: (1) the staffing, budget, resource, and personnel allocation, and management oversight strategy of TSA's surface transportation security programs; and (2) the coordination between the TSA, other federal, state, or local agencies with jurisdiction over a mode of surface transportation, critical infrastructure entities, the Transportation Systems Sector Coordinating Council, and relevant stakeholders.

(Sec. 1575) The TSA shall make available through a public website information on the status of each surface transportation security regulation that is directed by law to be issued but that has not been issued for more than two years since enactment of each such law.

The DHS Inspector General, not later than 180 days after enactment of this bill and biennially thereafter until all of the requirements under titles XIII (Transportation Security Enhancements), XIV (Public Transportation Security), and XV (Surface Transportation Security) of the Implementing Recommendations of the 9/11 Commission Act of 2007 and under this bill have been fully implemented, shall report on such requirements that have not been fully implemented and recommendations on whether they should be amended or repealed.

(Sec. 1576) The TSA is authorized to maintain, at the request of and in collaboration with federal, state, and local transportation stakeholders, for the deployment of 30 Visible Intermodal Prevention and Response (VIPR) teams to prevent acts of terrorism against U.S. transportation systems and for other counterterrorism purposes. TSA shall notify Congress if it determines the number of VIPR teams should be reduced to less than 30.

In forming a VIPR team, DHS shall, prior to and during the deployment, consult with all transportation entities directly affected by such deployment as to specific locations and times within the facilities of such entities at which such teams are to be deployed to maximize its effectiveness.

TSA shall develop and implement qualitative performance measures to assess the effectiveness of VIPR team operations as well as a plan for ensuring the interoperability of communications among VIPR teams participants and between VIPR teams and transportation entities.

(Sec. 1577) The TSA shall establish the Surface Transportation Security Advisory Committee to make recommendations on surface transportation security matters.

(Sec. 1578) The DHS Inspector General shall review and report on TSA's explosives detection canine team program.

(Sec. 1579) Before the DHS Inspector General submits the report on the explosives detection canine team program, the TSA may increase up to 70 the number of state and local surface and maritime transportation explosives detection canine teams. After such report is submitted, DHS may increase up to 200 the number of additional teams.

(Sec. 1580) DHS shall prioritize the research and facilitation of next generation technologies to detect explosives in the nation's surface transportation systems.

(Sec. 1581) The GAO shall study, and report on, how the TSA: (1) identifies and compares U.S. and foreign passenger transportation system security standards and best practices for protecting passenger transportation systems, shared terminal facilities, and cyber systems; and (2) disseminates such findings to transportation stakeholders.

(Sec. 1582) The bill expands the permissible uses of railroad security improvement grants to include one or more of the following: (1) for communications interoperability where appropriate with relevant outside transportation agencies and entities; (2) for the security preparedness of intercity passenger railroad stations, trains, infrastructure, and security capital improvement projects; (3) for the sharing of intelligence and information about security preparedness, including connectivity to the Federal Bureau of Investigation's (FBI) National Terrorist Screening Center (TSC); and (4) to hire, train, and employ preparedness officers.

DHS is authorized to make grants to the National Railroad Passenger Corporation (Amtrak) for specific systemwide security upgrade projects, including: (1) to connect to the TSC watchlist, (2) improvements to passenger and Amtrak employee and contractor verification systems (including identity verification technology), or (3) improvements to the security of Amtrak computer systems, including cybersecurity assessments and programs.

(Sec. 1583) The GAO shall submit to Congress a report that: (1) identifies any duplication or redundancy between the TSA and DOT relating to surface transportation security inspections or oversight; and (2) provides recommendations relating to improvements to TSA's Surface Transportation Security Inspectors program.

(Sec. 1584) The TSA shall establish a security awareness program for the training of surface transportation operators and frontline employees to obtain the necessary skills to observe, assess, and respond to suspicious items or actions that could be a threat to transportation.

DHS shall: (1) ensure there exists a national mechanism for individuals to report to DHS suspicious activity in transportation systems; and (2) establish procedures to review and follow-up on each such report and to share it with appropriate federal, state, local, and tribal entities.

(Sec. 1585) An individual subject to credentialing or a background investigation prior to the issuance of a license to operate a motor vehicle to transport hazardous material (hazmat) may satisfy such requirement by obtaining a valid transportation security card.

A "valid transportation security card" means a transportation security card issued by the U.S. Coast Guard that is: (1) not expired, (2) shows no signs of tampering, and (3) bears a photograph of the individual representing such card.

(Sec. 1586) This section revises state limitations on the issuance of a hazmat license to allow an individual who holds a valid transportation security card to be issued such a license.

(Sec. 1587) The Coast Guard shall develop and implement a plan to utilize the FBI's Rap Back Service to establish recurrent vetting for individuals holding valid transportation security cards.

(Sec. 1588) The GAO shall study DHS and DOT roles and responsibilities regarding pipeline security.

Subtitle H--Security Enhancements in Public Areas of Transportation Facilities

(Sec. 1591) DHS may establish a working group to promote collaboration between DHS and public and private stakeholders to develop non-binding recommendations for enhancing security in public areas of transportations facilities.

(