dealing with the fact that we've got many young people, even those with an education, not able to get jobs and so needing morsi stance from parents as they age and i am a grandmother and looking forward to

supporting my grandchildren and encouraging them in their education and building their independent lives and there is uncertainty all the way around. when people talk about relying on your assets in order to take care of those needs, what you're saying, that is one lump. when you use them, they're gone. so you have so many risks, including i didn't even mention health care risks and uncovered health care cost that is seniors face. so you're using your assets, that is what you've got to protect you against a whole array of risks. catastrophic risk like a serious need for intensive long-term care is just beyond the capacity of this, this little nest egg, little or moderate or some cases larger to take care of and that's why it is so important we need some kind of insurance mechanism that, to which people can contribute in order to give

them, give everybody security. >> let me just build on that and frame the question a little bit differently and ask if i can, miss tumlinson, if you could explain why medicaid is not a very good substitute for a predesigned, well-functioning long-term care system. if you could kind of summarize that for us. >> sure. i will be thoughtful in this response. so i think the primary, when you think about what medicaid was really designed to do, it wasn't designed to, it is not designed to protect individual against risk. it is really designed to be there when everything else has failed. really the opposite of insurance. is that succinct enough? >> no. but go ahead. that's a very good point. i think it is critical to understanding, a lot of people

think, oh, we've got medicaid i will be okay if there's a problem out there. maybe another way to say it, is to ask, is this a sustainable path? that is, counting on medicaid to be the safety net and, at best, only modest savings that people are putting aside during their works years? >> i think when i think about it from perspective when i see people doing in the marketplace right now, which is essentially using their savings to purchase something that will keep them from being on the medicaid program eventually. in other words, it's not, in theory what you would want a insurance product to do enable you to purchase services you need in the setting that is actually most appropriate for your need. whereas a safety net program is really again, kind of designed simply to absorb, sort of in the most, you know, custodial, custodial warehousing situation that bare bones funded, it's

really again kind of the opposite what you would expect an insurance product a good insurance product to do. when my own parents, when i encouraged them to buy insurance, it was really, my dad said, my federal pension will cover the cost of a nursing home. but wouldn't you like to stay at home? let's talk about, let's insure against being in a nurse home. >> mr. chairman, could i ask dr. chernof to respond? >> yes thank you. we have public policy, i said it before and i will say it in front of you, that is perfectly built for 1972. the reality medicaid is a program in its inception was predominantly focused on women of child bearing age and their children. that was really its

constitutional core way back when and the average life expectancy in 1965 was 69. as a physician if i was in practice then you would have seen the first icus, first ccus, likely hid of surviving a fairly morbid or event like stroke or heart attack, that was a very different time and place. people are living much longer and live with more serious complications. the reality our public policy hasn't caught up with that i agree with ann's the description of role of medicaid. i would argue with all of you the null hypothesis, if we do nothing is incredibly expensive. medicaid will bear the burden of that, we will all bear the burden. the families bear the burden. states bear the burden, federal government bears the burden in kind of an unstructured way. if you think about the work of the commission, while we didn't make a specific financing

recommendation and we're having a broad discussion about the ranges of ways one might consider solving it every single commission thinks it needs to be solved but this notion after different model and one that actually addresses, confronts the long-term care need this country faces as a way of taking pressure off some of the public programs and what would it really take, what would it really take to stein a program that fundamentally actually shores up, certainly medicaid and also medicare to a degree. because i will say as doctor, my last point, i will stop, i promise, the night light in this system is the emergency room. so i get the point medicare doesn't pay for long-term care, but at end of day when something happens in somebody's family and you throw up your hand, it's a trip to the emergency room. i will tell you that the emergency room doctors takes one look at that person says, upstairs we go. the process begins. so i think what we're having together, us, and all of you is

a fundamental discussion about the need to think about a different structure to take on this issue in the process of shoring up our public programs. >> i, thank you, the question was addressed earlier to miss tumlinson about how we are going to pay for this. you give us all the reminder if we don't design a program we'll just pay for it. we'll just pay for it in some really terrible ways. thank you, mr. chairman. >> thank you, ma'am. senator white house. -- whitehouse. >> i hesitate to jump in, as far as closing words go, what senator warren just said, if we don't do something we're still going to pay for it, we'll really pay for it in terrible ways is kind of a good closing salvo for the whole thing but, i go after you. so i get to go ahead and foul up what was a great closing. i did want to follow up with ms. tumlinson about, what we're seeing in rhode island is people

who have made the responsible choice, invested their money into a long-term care insurance policy, are now finding that the premium is going up pretty dramatically, to the point where for some people it is really no longer doable. that is particularly frustrating you paid in all this time. you have a connection to that policy and to bail on it makes everything you paid already look like money down the drain which in fact it is. so, it strikes me in terms of relying on the private sector to handle this problem, they're actually going the wrong way in terms of where the prices are headed and where the likely market share of affordable, long-term care coverage is headed. is that your feelings nationally or is that what just -- >> no, that is definitely national and again, that not to

beat this drum too much but my parents premiums went up quite a bit and that was in a really good program and really, you know, about the best-run, employer-based long of-term care insurance program that exists. i think it points to not necessarily that the private sector is not up up to the taske don't have enough people in the risk pool for it to be a stable, financial bet for an insurance company, particularly when you're paying benefits on a set of product that is are coming due 30 years after you sold them. it is a very, when we modeled this, it was incredible challenging thing to do. really to the insurance companies, you know -- >> out at actuarial frontier. >> it is, exactly. wish i thought of that, yes. yes, exactly. that is where we've been standing and it is not very comfortable. >> given the problems they have, let me turn to miss feder, we've

known each other for a while. judy, welcome, thank you for being here. what do you think, you talked in your testimony about private-public models. what would a couple you think the most likely and sensible models look like very generally in terms of bringing private contribution and public participation into this? >> well, as i said, senator, and it's a pleasure to see you, that we, we, the public, a public benefit has to be at the core and what i have begun to consider and would like to see us spend more time on and think there is some interest in is thinking of a, a limited public benefit that would be available to people after a waiting period, that would be determined, this is, i'm thinking now of the retiree population, we would adapt it

for the younger disabled population. but what the, the waiting period would depend upon what your earnings, lifetime earnings looked at like, at retirement. so that that would give a clear indication to families of what they were expected, what the whole they were expected to pay before a public benefit would kick in. it would give insurance companies, and i was interested to see recently genworth has been talking that. >> you would know in advance what the waiting period would be? >> that's right. >> for the public program so you would have to buy the first months or years of it and you know that going in? >> right. people who had not, earned much would have a shorter waiting period. and people who had earned a lot would have a longer waiting period. so it would be adjusted to income. and, what i think, genworth is looking at something like this because the insurance consist, insurance industries has the biggest problem out on the actuarial frontier with the

tail, the, the biggest expenditures. so they're essentially giving them some protection at the back end. so i think that that is, something to explore. i think it's very important as we explore options, there's another option, which is that you give a limited benefit up front. but everybody gets it. but that leaves the tail for the insurance industry to cover and that may be less comfortable for them but i think we need to look at these options and see what is it that the public sector can do and guaranty that creates some space for private sector innovation. that's where i would like to see us explore. >> okay. the last thing i'll ask, and it's a question for the record is this. any of the witnesses have information on what you believe the government's present exposure to long-term care

liability is right now, as we speak? your null hypothesis model, dr. chernof. if you have any way to quantify what the cause is of that, that will help our discussion in terms of trying to work with cbo and other people to figure out, if we're going to pay for this to a degree anyway and there is a smarter way to do it i would like to have that conversation bearing in mind what the experts say we are going to pay for this anyway. >> senator whitehouse, cms at one point did a present value calculation, sort of a mini trustee's report for that number. i don't know if they continue to do it. >> that's why i made it a question for the record. anybody who has info could get back i appreciate it. i yield back to the chairman. thank him and our wonderful ranking member for all their leadership on these issues. >> well, it's not clear to me where we go.

we've had two different opinions expressed. dr. feder argue that is a public benefit is the answer. dr. war thousand ski, why don't you give us an financial and political difficulties. why wouldn't a public benefit help? s. >> those are very large set-asides, senator. >> i understand, particularly in these times. >> i think people need to be given choices. i think they need to design things as best fit their situation and to be given the support they need in a prudent way so certainly there is a role for government but i think they need to be provided as much in the way of choices and

opportunities as they can and that provides the right incentives because we certainly do want people who can afford. and i think many can, to finance these, these costs and to insure that these costs that they do so and then it is not burdened, it is not unfair burden on others for that to happen. and furthermore, i think they really do need, i think it is a strong possibility, a strong likelihood, that the private sector, with the right structure, would design different options and different policy designs that would appeal to a, you know, different situations and different, different needs. which i think is really impossible for a public program to do. public programs, in order, all to be efficient and to be able to be administered, and we're seeing this right now in the aca, have to be very simple and have to be very straightforward.

that is why social security works. if you have if you in fact give people choices through a public program it is just administratively extremely difficult. >> and herein lies the dilemma because it is another public program that would, we would be creating. but i can tell you from my experience as the, before i came to the senate, i was the elected insurance commissioner of florida and the behavior of humans with regard to buying insurance, unless they think they absolutely need it, they're not going to buy it. and this is almost out of sight, out of mind. if you want to spread that base by getting the young as well as the old into it, it is going to

be very, very hard to get people to buy this insurance. what do you think, dr. feder? >> i agree with you, senator nelson, and we have a lot of experience with that and i'm always interested when we talk about private insurance and long-term care that we look at, we're at the same time looking at our experience with the non-group, the individual insurance market for health care and we know that that is a market that is riddled with problems because of, in part, because of a desire of insurers to avoid people with preexisting conditions and, and to limit their risk. and that's what you see unless you have everybody participating. and my, the idea i was discussing with senator whitehouse i put before the commission and hope we will all consider in the future is that i think that there is, based on a

view that we can better educate and help people prepare and help an industry respond if we do, as has been said, bruce said it, set up a structure that creates some clarity and about how you can prepare so that by, if a public program takes on that tail risk in some ways and tells people based on their resources what they have to prepare for, you can better educate around participation and preparation but that back end federal program is one, as ann has emphasized that everybody is participating in whether through taxes or premiums or whatever we're calling it. it needs to be a shared risk in order to work. >> dr. chernof, i can't help but smile thinking about how you

could get people buy this ahead of time. you could have a individual mandate, and if that sound familiar, we just had quite a debate about that. and it was declared constitutional by the supreme court but it is not easy. let me ask you, on a completely different kind of subject. what, we really had problems in florida with assisted living facilities basically taking advantage of seniors. nursing homes. you have any suggestions? i mean we've got people that are starting these things up that are unlicensed. obviously they're breaking the law. but, we talking about the care

and nurturing of our seniors. did your commission suggest anything that we ought to be doing? >> so you raise a really important question, senator nelson, and actually, as a commission this is not an area we had a lot of focus on directly. i think indirectly we had a real concern that we don't really understand how to think about or measure quality in the space. it is, this is a space that has a lot of resources that are paid for privately or come out of, or voluntary services. and so it lives in a different place than the rest of health care lives. and, that kind of our rubric then for, both regulatory oversight, quality control and

integration, need a lot more work. but the commission itself, to answer your question, directly, didn't specifically bo into great detail about these sort of alternative forms of community-based support, oversight and regulation. >> actually i think we, had more testimony on that then than you're remembering, bruce. i think that, that we had a lot of discussion about, had it on the workforce side and we had a great deal of discussion and concern about, and we also actually as affected we had testimony as to problems, quality problems as to nursing homes as well as assisted living facilities. over the years there has been a lot of policy effort to mitigate those particularly on the nursing homeside. they persist, and inadequate standards and poorly-trained staff. because medicaid doesn't cover,

doesn't finance assisted living facilities there is real concern about absence of standards as you say. so i believe that we heard a lot of testimony and i know in the alternative, our alternative report we made recommendations about, we addressed it on the staff, on the training side. there's been an expose' recently, of particular assisted living facility of grossly inadequate training for staff while claiming to be offering specialized care for alzheimer's patients, or residents. and, it was, it was both embarrassing and appalling when you saw it on national tv and it is not a lone example. so we did hear testimony, not only about the need for, but examples of training programs. i believe the one that we heard from was in the state of washington, both better standards and training for workers, who in order, there were better obviously for the

patients for whom they served and also creates better jobs along, if accompanied by better pay for the workers who were relying on we're to care for our families. >> but i would say, and the commission made many recommendations on workforce, your specific question, senator, was oversight, regulation and management of these new delivery entities and while we did hear a little bit of testimony in that space that is not a place where the commission made any recommendations and the workforce piece is only a part of what it means to operate these different kinds of environments. from a health care perspective people are only one piece of it and the oversight of things like assisted living organizations and other kinds of residential care options, that are sort of multiplying in front of our eyes, that's a completely different question and the workforce is just an important but it is only one piece of that discussion. so the question you raised merits a lot of careful thought.

and candidly the commission itself didn't get that far into the issue. >> do you want to comment with regard to long-term care for seniors who also have disabilities? does the system work? >> that's a great question, senator nelson and let me back it up a step. the system we have now doesn't work well for hardly anybody. i don't think it works well for older individuals with serious, chronic illness or functional limitations or cognitive impairment. it is a, very fractured, very provider-centric system. and it leaves individuals and their families to do the care coordination which is basically missing from most models in most systems of care. we heard about some models that were better. and there are, sort of paths to better processes of care, but the commission lays out a whole series of recommendations of

things that could be better. to your question, i think it is even harder for younger individuals. these, many of the system that is serve them were actually not built for them. they may have been built for older people or built for a different population. i think for younger individual with serious functional limitations or cognitive impairments they have their whole lives ahead of them. they have a different, they're in a different place in their life trajectory than an older person is and have different desires and family, work, and so i know i do think we have a long way to go. it is particularly long way to go for younger folks with serious needs. >> suppose we enacted a plan for private insurance. then the question comes, who is going to regulate it? would we turn it over to the state insurance commissioners? or the state health regulatory agencies? miss tumlinson?

>> well, that's a good question. , if we move in the direction of creating a, more incentives for people to purchase private long-term care insurance or reform the marketplace to improve demand and supply and all of those kinds of things, we would continue to regulate it at the state level the way it always has been but there has to be more of a federal, there have to be more, more of a federal role in setting the bare bones standards and, i guess you could call it parameters around some of these policies would be and how would they work. because fundamentally the marketplace is not working. so we need some marketplace reforms. i think those have to come from the federal level. i think issues around the, regulation around the, insurance pools and that kind of thing could continue to operate at the state level. >> senator nelson, i would just point out in the current setup, regulatory setup, obviously

states have the main regulatory responsibility but as part of tax issues the federal government already does have some role in terms of both design and, design of long-term care insurance policies. one would imagine that if there were additional tax incentives provided, just naturally it would go, that there would be an increased responsibility. i'll also note that one other of the reasons for the increases in premiums is related to federal policy, that is the policy of the federal reserve board with very low interest rates. those policies were priced assuming 6% interest rates. which clearly we're nowhere near that. so there is an interesting mix of federal and state issues at hand. >> the commission recommended that you remove the requirement that a patient must stay in the hospital for three days, before

they can receive services in a skilled nursing facility. now there are a few of us up here that agree with that. can you tell us why you ended up recommending that? >> sure. i think that there was a sense that that rule was created in a different time and place. would i say that the commission felt that, what it needs to be is revisited. it does need to be replaces but, it needs to be revisited and model of care rethought through because length of stay has come down over time, we want, the goal should be to get people to the right wear care by the right provider. so having this three-day length ever stay requirement there are people who could maybe step down to lower level of care sooner but are not able to access that level of care. and or, are put in a higher level of care because the higher level, or a different level of care, for example, say acute

rehab, which is actually more expensive than the skilled nursing facility might be. so i think our call was for there to be an opportunity to revisit and remove that three-day length of stay and replace it with an approach that is more sensible and consistent with current care practices again being mindful it was put there for a reason which was really a cost control mechanism more than anything else. taking it away creates new opportunities. we do think in the current environment it isn't serving that cost control goal was originally put in place to try to achieve. >> i will add, that was a consensus of the commission and another element of it was that there's been a trend of patients being in hospitals, thinking they were admitted and never actually being admitted. and therefore, that does not count, even if they're in the hospital for five days. and that struck us as just plain wrong.

but it does, it, it does raise a question of what is the mechanism that does control that next phase as bruce indicated, and we didn't have enough time to sort of figure out the replacement but three-day rule struck us as not the right one. >> we are going to include in the record an article by bloomberg news that that illustrates how difficult it is for seniors to afford long-term care. . .

and we decided this was the best entertainment. [laughter] except perhaps for the performers. [laughter] >> well, you'll have been great. it's a tough issue. thank you for helping us get into it and start to peel back the onion. we appreciate it. happy holidays. merry christmas, happy new year. the meeting is adjourned senators return to washington for legislative business monday january 6th.

in september, a navy veteran shot and killed 12 people with the washington navy yard. the senate homeland security committee last week held a hearing on security at federal

buildings and other facilities, delaware senator tom carper chairs the two and a half-hour hearing. >> [inaudible conversations] >> good morning, senator. the early bird. >> good morning mr. chairman. >> how are you doing? welcome, everyone. thank you for joining us and some of you joining again and again and it's nice to see you

all. it's an important hearing and the second in a series of hearings that will enable us to take a closer look at federal security for the federal facilities. three months ago as we know, aaron alexis reported for the washington navy yard with an intention to inflict pain and suffering on anyone in his path. we do not know now and maybe we never well to be entirely clear why this tragedy came to pass but hopefully the lessons learned from it will provide a foundation for preventing future tragedies like this one. let's take a moment to recount how he got access to the navy yard to successfully enter the facility that fateful morning. in 2007, aaron alexis joined the u.s. navy as with other service members a background check was performed and he was granted a low level security clearance. after honorable discharge in 2011, he was hired by defense

contractor who confirmed that he possessed a valid security clearance. he came as a trustworthy individual. because of that security clearance in that job, he was provided an ied card the would authorize his access to certain facilities including building 197 at the washington navy yard. shortly before 8 a.m. on september 16th, 2013, alexis drove through the front gate and displayed his access card. he was admitted by security, parked his car and he walked into building 197. upon entering the building, alexis encountered to security in automated turnstiles are required and validated access card and a security guard posted near an entrance. unfortunately the measures were designed to prevent unauthorized access and not to screen for

weapons. they thought the people working there were trustworthy because they had a security clearance and had been vetted. eight minutes after he cleared the security, he began shooting co-workers using a shotgun that he had successfully concealed. in the wake of the shooting of the washington navy yard the committee began the review of security practices and procedures highlighted by the attack. the first oversight hearing looked at the security clearance process that the federal agencies implemented to determine who should have access to sensitive information or to the facility's. at the hearing we explored ways to improve the process and were reminded that quality cannot be sacrificed for speed the purpose of today's hearing is to review how we physically secure federal facilities from an attack. in many instances, security measures began long before the person approaches the facility. how he was able to maintain a

security clearance he was trusted as a defense contractor and granted access to the needy are complex. aaron alexis exploited his trust and heard a lot of innocent people. the aftermath it's only natural that we wonder if all people entering a federal facility even employees should be screened in some way. should we have and often use a phrase from ronald reagan trust but verify. workplace violence sets up some of the examples of many undesirable threats were facing the federal facilities. other threats must to detect and deter. in addition to the active shooters agencies must develop countermeasures for improved explosive devices, biological weapons and other types of assaults. today's hearing will examine federal agencies' efforts to develop and maintain effective leaders of security at the

facilities and prevent future attacks against innocent people. facility's security is not just about protecting the physical structure of the building. it's about securing the millions of innocent people who work and visit the facility on an almost daily basis. today's hearing on the facility's security is also about honoring the 12 men and women who die on september 16th earlier this year. and by learning from that incident and doing all that we can to prevent a similar tragedy from happening in the future. people who work with me know that one of my guiding principles is that if it isn't perfect, make it better. the goal today is to figure out how we can do a better job of protecting people at federal facilities. we can start by asking some fundamental questions. first, we need to ask how federal agencies determine what the threats are in their

specific facilities. as we know not every facility is the same. of large and oklahoma city it may be a target. however the more likely threat is a security office median irs tax payer system center tie her to come increase it is an acting badly and out of an impulse. second we should ask federal agencies properly assessing and prioritizing these risks. as we all know, the world around us is constantly changing. so is the nature of the threats that we face. as a result, the methods for a securing should always be under observation and under assessment. because of the nature of the threat continues to revolve, the methods we use to secure our homeland must continue to ease off.

that leads me to my final question that is how do agencies respond to these threats. a measure that may work for one facility may not work for another. for example not every facility might be able to be built 50 feet or more away from the nearest public road to protect against the vehicle plant. i also want to know if the agencies are sufficiently sharing best practices. is the department working with agencies to share its expertise in this experience. for the military senior officials determine which security measures should be implemented. however civilian officials sitting on the local facility security committee may have little or no training in security matters or as the commanding officer for the military installation may have years of experience and education and security matters. most importantly i want to know what has been undertaken since the navy are shooting to improve

security threat of many departments and agencies very responsibly for securing federal facilities and that a part of defense and the general services administration and department of energy could also include the federal protective service as a component of homeland security. it's responsible for protecting federal facilities leased by the general services administration. there is no doubt that the federal protective service has a difficult mission. that agency employees about 1,000 force that officers to protect more than 9,000 civilian federal facilities. think about that. these are spread out all across the country. while the federal protective service is responsible for assessing security in the facilities it lacks complete authority to implement security measures. it may recommend installing

metal detectors and activate screening equipment at a facility but it is the local security committee to decide whether to authorize and pay for those recommended security measures. enzi repeated the government accountability office report has highlighted cord reports have highlighted a number of internal management challenges have impeded the federal protection service ability to protect facilities. for example, the federal protective service must complete the facility's security assessment in a timely manner so that they can share with them what to the offices that protect because it has been able to do that other agencies have sought to complete their own facility secured the assistance creating unnecessary duplication and waste. the federal protective service must also do a better job of tracking and overseeing the training of the 14,000 contract guards it uses to protect its

facilities. the agency must ensure that both its federal law enforcement officers and the armed security guards it uses are appropriately trained, equipped and prepared. ensuring the training equipment, preparedness of the federal officers informed contract security guards is essential to provide for the security of the facilities safeguarded by the federal protective service. this will require the minimum focus on the active shooter scenario training and in the wake of the shootings at the navy yard and even a west virginia courthouse we cannot afford to be ill-prepared for this type of a threat. while the director, derek paterson has worked to improve the performance, the agency hasn't always received the needs from congress. i am committed to working with him to make the agency more efficient and more effective. we can start by focusing on the

cost saving and cost neutral solutions that are much more likely to be received by the bipartisan support from my colleagues here in congress. i hope that today's hearing will help us find better ways to improve security at federal facilities and i believe there's much to be learned from the navy yard tragedy to prevent similar incidents in the future and we will be joined by dr. colburn on these issues and normally i don't turn to the senator from north dakota to see if she would like to make a comment that you are welcome to if you like. >> we will go ahead and proceed. >> i'm going to briefly introduce the witnesses and reintroduce others and. i want to introduce as a first witness can you mention your name caitlin durkovich assistant secretary for protection for the

national protection and programs director of the department of homeland security where we have a newly confirmed secretary johnson approved i think yesterday by a vote of 70 to 16 or publicly how grateful i am to the colleagues to cut and republicans for their support and especially dr. colburn who was a supporter of the nomination and i think it will take a couple days to process the paperwork to be sworn in to a payroll need him in place and we need the team to lead including the able deputy secretary of homeland security if confirmed will be that person. directed in may at 2,012th and assistant secretary for the infrastructure protection millions durkovich leads to strengthen and build resilience in the nation's critical infrastructure.

as the share of the security committee, ms. durkovich overseas the mission to develop security standards and best practices for civilian federal facilities in the united states. the next witness is retired brigadier general eric patterson. general, great to see you. a director of the federal service in the homeland security national protection and program's director. dr. patterson was appointed the position in september of 2010. as director he oversees the service mission to protect and deliver and law enforcement and security services to over 9,000 civilian federal facilities and in the safeguard there are more than 1.4 million visitors. i understand usurp in the air force for over 30 years. thank you for that service. the final witness is the deputy director personnel, industrial and facility security policy within the office of the

undersecretary defense for intelligence, united states department of defense, the undersecretary defense for intelligence and dod policy programs and guidance related to among other things personnel facility's security and also appeared before the committee about a month ago at the first hearing on the washington navy yard hearing. welcome you all today. before we asked ms. durkovich ne appealed to dr. colburn. good morning. >> i apologize for being late to the witnesses and the chairman. i will put my opening statement in the record. >> fair enough. welcome. ms. durkovich please your statement will be made a part of the record and you are welcome to summarize what you see fit. thank you very much frank a member coburn, senator heitkamp.

i'm honored to help remember those that have been victims. as assistant secretary for infrastructure protection, i've had the responsibility to lead the overall coordination of the nation's critical infrastructure security and resilience efforts. one of the most rewarding opportunities i have is to serve as the chair of the interagency security committee and oversee the people love of the standards, reports, guidelines and best practices for facilities security at nearly 400,000 federal facilities. we were created by executive order following the bombing of the federal building in oklahoma city april 19th, 1995. isc and its members and agencies are responsible for the creation and adoption of numerous standards, guidelines and best practices for the protection of

these nearly 400,000 nonmilitary federal facilities across the country. the work is based on the real world present day conditions and challenges and allows cost savings by focusing on specific security needs of the agency. standards provide the federal community with strategies for identifying physical security measures and facilities for the design and implementation of the risk-based security policies. recently, the isc risk-management process for the federal facility standard that designs the criteria and process scenes of those responsible for security should use to determine a facility security level and provide an integrated single source of the facility's security countermeasures for all nonmilitary federal facilities. the standard also provides guidance for the customization of the countermeasures for federal facilities and explains that risk to ibm dressed in various ways depending on the agency mission needs. for example the presence of a child care center on site historical significance.

it is most important to note to that of the isc is a collaborative agency body. 53 federal departments and agencies participate and take the lead on bringing the ideas to the table and drafting the standards and best practices. when agencies cannot solve security related problems on their own, the isc brings officers and senior executives together to solve continuing government white security concerns. the membership also engages in the development of standards and best practices based on the evolving of real world threats. recent defense of demonstrated need to identify measures that can be taken to reduce the risk of mass casualty shootings and workplace violence come in prepared is and expand and strengthen ongoing efforts intended to prevent the future incidences. the department of homeland security names to prepare in the community approach by providing resources to a broad range of stakeholders on issues such as active shooters awareness,

countering and provide explosive device incidents responses and workplace violence. working with partners in the private sector the dhs has developed training and other oprah's material to assist the operators of critical infrastructure to better train their stuff and coordinate with local law enforcement for these types of incidents is. we have posted workshops and developed in online trading tool targeted at preparing those that work in the buildings. these efforts and resources have been well received and are applicable to the federal facilities as well as commercial cases and other government buildings. cognizant of the growing threat, the isc formed a federal active shooter working group while a number of federal guidance documents previously existed on active shooter preparedness and response this working group was formed to streamline the existing policy into a single cohesive document. to date the working group has met five times and reviewed numerous publications and

documents including training materials developed by the department for commercial facility. ogle also leverage the lessons learned from real-world incidences such as the navy yard shooting and will serve as a resource for agency to enhance preparedness for an active shooter incident in the federal facility. threats to the infrastructure including federal facilities are wide ranging and constantly evolving and not only are there terrorist threats like the boston bombing this past spring or the shopping mall attack in nairobi in september but the hazards from weather-related even such as hurricane sandy and cyberinfrastructure increasingly under attack have a direct impact on the security of our federal building. it is impossible to anticipate every threat. but the department is taking a holistic approach to creating a more secure and resultant infrastructure fin retirement fathi handle these challenges and in the work it exemplifies these efforts in shoring the

federal facilities are secure and resilient as a large undertaking but the work of the member departments and agencies ensure that those responsible for the federal security have the tools and resources to mitigate the threat to inclosing i would like to thank you for the opportunity to appear before you and discuss the important work of the isc and how we can learn from these events and make sure they do not happen again. i look forward to answering any questions that you may have. >> secretaries durkovich, thank you for your testimony and work. general, wellcome. >> ranking member and senator heitkamp, i am the director of the federal protective service with the national protection program director of the department of homeland security and honored to testify before the committee today regarding the mission and operation of the federal protective service. we are charged with protecting and delivering integrated law enforcement and security

services to over 9,000 facilities owned or leased by the general service administration and safeguards are more than 1.4 million daily occupancy and visitors. in performing this mission the direct influence over 1,000 law enforcement officers inspectors and special agents who perform a variety of critical functions including contract and protected security office or oversight facility security assessments and uniformed police response. the respecters to the inspectors received training at the federal law enforcement training center and in the field. this training ensures that the law enforcement personnel are able to effectively respond to the tens of thousands of call for service received annually by fps assessments in the fps protected facilities. the facility security assessments document security related risks to the given facility and provided a countermeasure recommendation designed to enable the agencies

to me to the interagency security committee standards for federal security. throughout the process, fps works with stakeholders to identify and gather all necessary information for the characterizing the risks to each facility. fps builds a consensus in the agencies regarding the type of physical countermeasures and the number of the guard post staffed by fps. appropriate for each individual facility. approximately 13,000 fps contract at guard posts at the federal facilities. juan pso to detect and report criminal activities and respond to emergency situations. pso also have firearms, explosives and other dangerous weapons that do not enter federal facilities. in fact, they stopped

approximately 700,000 prohibited items from entering federal facilities every year. partners the private sector are companies ensure that the guard has led the certification training and qualification requirements specified in the contract covering subject areas such as currency in protection, actions to take a special situations such as building he evacuation's, safety and fire prevention. all pso must undergo background investigation to determine their fitness to begin work on behalf of the government and are rigorously trained. however it is important to note that pso are not sworn of law enforcement officers. rather, they are employees of private security companies and we do not have the authority to deputize the many law enforcement capacity to meet an individual psoss authority to perform the services are based on state specific loss where they are employed. to ensure the high performance

of the contracted work force, the law enforcement personnel can huffpost inspections and integrated covert test activities to monitor under the compliance and countermeasure effectiveness. additionally, the personal files are audited periodically to validate the certifications and training records reflect compliance with contract requirements and in fiscal year 2013 alone, fps conducted 54,800 post inspections and over $17 personnel file of its triet federal protective service is committed to providing safety, security and a sense of well-being to thousands of employees who work and conduct business in the facilities each day. we continuously strive to further enhance, integrate and transform our organization to meet the challenges of any vaulting threat landscape and have recently made progress towards closing out outstanding recommendations pertaining to

the operations. in fiscal year 2013 alone, they submitted documentation to the gao for closure and consideration pertaining to the 13 recommendations including strategies to enhance the human capital planning and improve the tenant communication. of those presented over six or successfully closed as implemented and seven are pending internal review for closure. significant progress has been made towards closing bell longstanding recommendations related to the handling of the training and oversight. while challenge is undoubtedly remain, the fps has closed six outstanding recommendations directly related to the program area and its pending gao internal review process for closure considering for two more. we have also made advances towards addressing recommendations relative to the risk assessment methodology. specifically, fps is on its promise to meet the requirements of the risk management process

for the federal facilities and to ensure that stakeholders have an understanding of the threats they face we've begun to provide a threat assessment report as part of each fsa. going forward, fps will continue to work to explore consequences and impact of the content of the facility's security assessment and explore the inclusion of consequences into the process. in closing i would like to acknowledge and thank the distinguished members of the committee for the opportunity to testify today and i would be pleased to answer any questions that you may have. >> welcome, good to see you. please proceed. >> in two-term and carper, a ranking member and senator heitkamp. i appreciate the opportunity to be here today to address the practices and procedures in the department of defense regarding the facility's security. i am steve lewis deputy director of the security policy and oversight directorate in the office of the undersecretary

defense for intelligence. and i am here today on behalf of dr. michael, the undersecretary defense for intelligence or usdi. the usdi is the principal staff assistant to the secretary deputy secretary of defense, for security matters and is responsible for setting the overall dod physical security policy. and in this role, the usdi provides the standards for the personnel, installations, facilities and related assets. the usdi security responsibilities are complemented by those in the assistant secretary defense for homeland security and american security affairs who is responsible for the dod anti-terrorism program. in the week of the tragic washington navy yard shooting incident, the secretary of defense initiative concurrent internal and independent review is to identify and recommend

actions that address gaps or deficiencies in the dod programs, policies and procedures regarding the installations. the review's cover the granting and renewing of security clearances for dod employees and contractor personnel. in order to address the departments facility policies and practices it is first important to describe the requirement for the military commanders or their civilian equivalents to conduct a comprehensive security evaluation of a facility or activity. the purpose of this evaluation is to determine what the ability of the installation to the tours, withstand and recover from the full range of the adversarial capabilities. based upon a threat assessment, compliance with established protection standards and risk management. based upon the results of these

evaluations, active and passive measures are tailored to safeguard and prevent unauthorized access to personnel, equipment installations and information by employing eight laird security concept known as security in that. the department requires the development and maintenance of comprehensive plans to address a broad spectrum of natural and man-made scenarios. these include the development of the joint response plans to add first or terrorist incidences such as active shooters and unauthorized access facilities. military commanders or their civilian equivalence using risk-management principles are required to conduct an annual local flournoy of the assessment and are subject every three years to hire the headquarters of assessments such as the joint staff integrated of vulnerability assessment. the department has worked very

hard to foster improvements that proves greater efficiencies and effectiveness in the facility securities. and in its continuing efforts to harmonize its facilities security posture with other federal departments and agencies, the military commanders located in the dod occupied facility space, primarily those not on the dod installation, must utilize the federal interagency care to the dhaka security committee's risk management process for federal buildings. this effort includes the incorporation of the physical security standards and the dod guidance for example unified facilities criteria. the dot also participates in the various interagency forces such as the interagency security committee along with representatives, the department of homeland security and many other federal agencies and the department's. these enable the sharing of best practices, physical security standards and cyber and

terrorist information in support of the collective resolve to enhance the quality and effectiveness of the physical security of federal facilities. we also have ongoing initiatives across the department to enhance the security such as the development of an identity management enterprise services architecture and the approach to the sharing of identity and physical access control the information and complement ongoing continuous evaluation concept demonstration efforts. we will provide real-time vetting of individuals requiring unescorted access to the dod facilities and these will be run against the dod federal, state and other authoritative data services. the users will be able to authenticate individual access credentials and fitness to enter the facility. we believe that it will vastly enhance the security of the personnel facilities worldwide.

thank you for your time and i'm happy to take any questions. >> i'm going to call on dr. colburn first and then we will yield to senator heitkamp. >> general patterson, go through again the recommendations that you all have now met because my understanding was of the 26 recommendations between 2010 to 2012 that prior to the needy are shooting only four of those had been acted on; is that correct? >> i can get you a listing of all of the recommendations. >> but in your testimony you listed several. what you do that for me again? >> i don't think i listed them specifically. >> you set numbers and that's what i want. >> i can get the specifics behind the recommendations but i don't have the recommendations before me right now.

the numbers are accurate. >> but there were 26 outstanding recommendations between 2010 to 2012? four of them had been acted on an accomplished based on their recommendations and you gave a litany of others that you had acted on. >> yes, sir i was giving a general oversight of the numbers. >> give that to me again william -- will you? >> in 2013, we submitted documentation to the gao from closure and consideration pertaining to 13 recommendations including the strategies to enhance the human capital

planning and improved communications. of those presented, six were accepted and closed as implemented and seven of them are pending the internal review for closure. >> so that's half of them of the 26. so, my question to secretary durkovich, were you aware that there were 26 outstanding recommendations made by the gao and that up until the first of the 13 only four had been acted on? >> thank you for the question. yes. i am aware of the various recommendations that are open and that have been closed and from a high level standpoint, the department has initiated an overall effort to make sure that all of the open recommendations the department is that those areas and components and sub

components work closely with to address those recommendations and take steps to close them. >> when did you will initiate that? >> as recommendations are provided to us by the gao, we began our work -- >> dahlia understand that, then you just said that you initiated a process where they would be addressed. >> that is the standard process in the department. when we receive a recommendation from the gao first we have to submit a letter about whether we agree or disagree and that begins the process. i don't have specific oversight over the recommendations as the assistant secretary for the office of infrastructure protection nigh handle plug recommendations that are specific for example to my programs including the isc so we have open recommendations and

work very closely to document what we are doing to address those recommendations and provide regular updates through letters to begin document to what we think we will need for the mitigation measures but we've taken to address the recommendations. >> let's see if i've got this right because i may not. the security committee doesn't much regions for compliance; is that correct? >> based on the executive order, the departments and agencies shall comply with the standards produced by the executive security committee. >> what i'm asking is they don't monitor the individual agencies to see if they are in compliance the agencies are supposed to do it but they do not want her to

see that that happens is that correct? >> that is correct. >> and it's the responsibility of each individual agency to make sure if they comply with that. >> based on the executive order, yes, sir. >> let's go back to fps. how is it that your agency is complying with the standards set? >> ackley dubow work with our federal partners and as we go into assessments, we will meet recommendations as they are outlined by the isc and for a variety of reasons, a federal partner may or may not be able to implement. it could be because of cost. it could be because of a variety of things that they may decide that they cannot meet those specific recommendations. however, once we do understand that they are not able to, we tried to work with them to try

to mitigate those shortfalls as best as we can so it isn't as if we walk away from that. >> i'm not saying that three nitze -- the large portion of the officers that we either contract or have are not trained. >> if i may explain there is a reason for that he and other reason is because historical es i stated in my testimony, the active shooter response, not awareness but active shooter who response has been a function of law enforcement work of and as such, the psos are not law enforcement officials and so to put them in a position to where they are responding as a law enforcement officer requires at least a coordination with the state and there there has to be some contractual agreement that they will respond in that manner

now. because we recognize that in some instances to our psos will be the only folks in the position may be to respond in a very prompt manner we are now working with the national association of security companies to look at how we can provide training where they can apply some response if you will enough manner. but the bottom line is that we still want law enforcement folks to respond because that is where they are trained. we spend any number of hours with our inspectors and agents and learning how to respond to enactive shooter situation. and we haven't done that without psos soviet find a happy medium so that we do not put our psos and hardaway. we need to find the training for them in order to respond effectively.

>> will have security personnel in the federal buildings. but if we have an active shooter, we don't want them -- right now they are not trained in the way to handle that situation. >> here is what they are trained in. they are trained to protect the people to get them to keep people from coming into the buildings that they do not enter harm's way. they are also trained to help people evacuate in a timely manner and if in fact they are approached or they come in contact they are trained to engage. what they are not trained in is to go find the shooter and then take action. as a mix of they are trained to engage. >> and all of them are? >> yes, sir. >> i am past my time. >> senator. >> thank you mr. chairman.

the first obligation of any invoice is safety. i think that you will find that in a lot of the facilities across the country, whether they are in manufacturing plant for processing plant of any type or even any major office. it is not only good employee management, but it also saves a lot of money. and i think this committee is deeply concerned about the public of the safety employees and buildings. and certainly the navy yard is yet again another example of where we do not live in a perfect world. but were their things that could have been done that should have been done differently that would have either preventative or limited the death once the shooting began. and i want to go back to a couple of critical points here

which is even though we have executive order that we have all of the gao reports and all of the recommendations that is also like the words get written that no one is responsible for the follow-up and no one is responsible for the implementation and no one is responsible to the public employees to say yes we have done everything that we can and we know what the path forward is that will enhance your safety but we just made these recommendations and we hope that whoever manages the building or whoever wins this agency is taking safety as seriously as we do. and so i will tell you i am concerned listening to this that there doesn't seem to be a lot of coordination and even when there is coordination there isn't a lot of follow-up in terms of making sure that these things get done. i want to go back to maybe what i not understanding is the engagement of an active shooter. i chaired a task force when i

was the attorney general on safety. we made everyone in the building have training. and the recommendation was carried out by very many across this country is that we have trained on what happens if there is an active shooter. the person we found out we needed to train to give the training to was the woman that answered the phone or the man that answered the phone at the reception desk and obviously, in most federal buildings the person you will encounter will be someone general that is under your jurisdiction. and so, what recommendations what you may to change what you are currently doing in the active shooter situation? >> yes, ma'am, as an agency, we have fought long and hard about this to be a we have been working very diligently with our vendors to take a look at where we need to be in helping them and helping us to understand, you know, how do we go forward now and the training.

what training do we need to provide, what level of training do we need to provide for our psos. >> have you ever considered maybe someone that is trained and authorized to engage in a much higher level should be on duty not always to do thus tamminga and the screening and kind of the day to day but have someone there who actually has a role in providing protection? >> yes then we would love to. we have about 600 inspectors who are law enforcement officials who are in a number of our buildings on a regular basis, but we have thousands of buildings that i can't put all enforcement folks on every building. we have great relationships we established relationships with state and local authorities that we can call on very quickly to respond if we have a problem but at this point i don't have the resources that would allow us to put a law enforcement individual

in these facilities now there is a possibility that, you know, we could possibly deputize some of our contract personnel, however that would clearly be more costly and we would have to figure out how we would do that. >> is troubling now that there doesn't seem to be a lot of kind of creative thinking on how we can use the resources we have more effectively to protect folks. and i -- obviously this is a great tragedy and i know of many people that are still dealing with of the extant of the tragedy but the best way that we can deal with this is to assure people that we have learned the lessons. can you tell me what lessing's your agency has learned from this? i know that you are undergoing this review but give us a little peek into with the thinking is right now. >> well, since we talked a little bit about the active

shooter awareness and training, within the department, we have incorporated the active shooter awareness and to the anti-terrorism level one training. so that has been introduced throughout the dod population. in addition, we published the work place violence and active shooter prevention and response and this was in response to the fort hood incident. we have measures in place to not only deal with it at an awareness level but in terms of response within the department. since the washington navy yard tragedy, we focused on continuous evaluations of the vetted personnel to it not just people that have security clearances, and also people are eligible to have access to the

dod installations. and we can do the best investigation possible, but things change in people's lives over time and we have to be constantly aware of what those changes are. and we have established a pilot on continuous evaluation which is going to look at the inquiry is of public and dod records to look for issues of concern and this is an ongoing effort we are trying to expand it to include individuals who are visiting installations on a fairly regular basis. it was the initiative that i mentioned which would in an automated fashion allow for sharing of information of concern between the dod facilities.

as if a visitor to one installation presented a problem there for whatever reason is that would be available to the other installations that person may be going to visit. so that is the focus. how do we become a prize of information as it develops and not waiting five or ten years until the next investigation. >> if i can make a comment i think obviously i would like to see better coordination and follow-up as the number of recommendations. we come and say we are working on it. that just is a constant source of frustration on the committee about we are working on it or we are concerned about it. it doesn't cut any more especially when we are talking about the safety of public employees and relieve the integrity of your mission.

so i would like to see a follow-up on the gao recommendations with the timeline is for actually getting those implemented. >> may i take a moment to address the coordination issue and i just want to go back to the interagency security committee and reiterate the last 17 years. we had the chief security officers and other executives from the departments and agencies to participate as a part of the committee and look at the evolving threats and hazards and work together to produce the standards and best practices, whether it is on the occupancy emergency plans and prohibited federal items in federal buildings whether it is on the training of the federal security committees and certainly the risk management practice that we've released this past august. it's a highly collaborative body and while there is not a formal compliance mechanism, the fact that these 53 chief security officers come together and work

over months to produce these standards it then becomes incumbent on them to ensure that their facilities adopt them. we have some informal mechanisms we are looking at and there are tools and development to help us to better assess how the facilities are implementing the standards and best practices, but i wanted to spell that out that it is entirely collaborative. certainly coming out of the navy yard we have established an active shooter working group as i mentioned in my opening statement both designed to look at what happened and at the work we've done over the last course of six years in the commercial facility space we have online training and we do in person training and part of little is to look at the various tools and documents on the training staff are available right now to leverage those so that we can

bring them into the federal workplace to the training is a very important aspect that the director patterson does as a part of his responsibilities. but there are other things i think we can do to augment that to answer your question and ensure that as we look at developing the best practice or the standard that we are encouraging and recommending that the exercise and test the training that we do and that we ensure that there are documents and marketing materials available to our employees, but i think there is a lot that can be done and that can be leveraged from the work we've already done on the commercial sector and that certainly is the goal of our active shooter working group. we have several members of the committee who served as the attorney general command thank

you for bringing that expertise to bear. secretary durkovich i'm going to ask you to make this real for me and my colleagues of the committee to cut through not that you are using jargon, but to cut through the federal and burbage and say why do we describe its missions and how we measure whether it is working well, how we measure success? make it real for us. >> thank you for the opportunity to explain. so the security committee came about after the bombing at the alfred p. murrah building in 1995 with the recognition that we had to do a better job protecting our federal facilities. again almost every.

those that participate in the federal interagency committee and of the senior security lessen the department the chief security officer. we take evolving threats and devolving challenges and it is the chief security officer who look at the particular threats who decide how we as a federal family best addressed that threat make sure the facilities to mitigate them so there is a formal process the committee has produced if there's a standard by which we go about about all of the federal civilian facilities with the exception of the military and the military installations and it begins with determining what of the

facility's security level to look at the federal facility and based on what its function is is a headquarters office or field office? does it had historical significance for example is the declaration of independence or bill of rights contained? are there other ancillary functions, child care facilities and things that is what allows it to determine whether a facility is either a level five which is the highest level or level one which is more of the storefront office. then we apply the physical security criteria so based on the level and what we called the design and basis standard that is 31 undies lawyer double events that we determined are the most attractive for most likely to happen to the federal facility in their ranges from arson to the sabotage to active

shooters and also weather-related events but based on those scenarios what are their rights of the security measures to put in place at these federal facilities? this is a risk-based process and as you pointed out in your opening statement it is difficult to apply all of these because as you've noted, not all buildings were built 100 or 150 years ago with 15 to 18-foot setback. we have to think about how you mitigate some of these vulnerabilities based on the of real-world realities. and so, we help provide facilities with options and include balance thinking about the blast resistant windows but really working them through this risk management process and the establishment of the security committees and ensuring that the individuals that set on those committees have the training that the need to carry out their duties is a core part of again,

what the interagency security committee has thought about and how again when there are unique functions inside of the building how do we make sure that we are also protecting those functions and again, that is things like child-care and other high priority efforts. so, that is the basis for with the interagency security committee does and again, thinking about how we keep those standards fresh and recognize that we are living in a world where our adversaries are highly adaptive. so, when we start to see emerging threats or trends, again, we bring the 53 chief security officers together to come up with a standard to ensure that all federal facilities are working from a certain baseline and we are doing that with active shooters thinking about as we start to see some of these small scale

complex that tax how are we a have the training and have done the preparedness so that we can mitigate the threats? .. >> if you went out and surveyed each of the federal departments and agencies, you'll find they have implemented all of the

interagency security, all of the isc standards stink you say those standards continue to be updated? >> and again they come together to help develop these standards. we don't have a formal mechanism for measuring what's been implemented. there is one isc approved tool. we are working on approving others, but anecdotally, again, i am confident that all of the member departments and agencies have implemented the standards. and when they can't they are responsible for coming to us and telling us why they can't and the fact that they're willing to bear that risk. >> talk to us about sharing best practices across departments. >> again -- >> and how this committee facilitates that. >> one of the benefits of the interagency security committee is as you may have a chief security officer who represents a level five facility you can come and talk about some the

things that they've done. take for example, a headquarters bonuses on constitution avenue. the things they've put in place to mitigate the fact they can't have a setback. the fact that the use ballot, the fact these blast resistant windows. the very nature of the interagency security commute is the fact we can bring together and we convene these senior level executives to talk about best practices. i think what you about what you're doing with the isc, it's not just the sharing of federal facilities best practices but the fact that for over the course of the last six years been working very closely with the commercial facility sector. these are buildings, stadiums, venues where the public passes through them day in and day out, what we have an active shooter drink and where we thought about how do you again strength and provide layers of security may not always be obvious to the public. how do we take those lessons learned? how do we take those best practices and printing to utter

facilities as well. as part of the active shooter working group that we've stood up you'll see a mix of both what we are doing in the federal sector but also the lessons learned, the leading practices that we developed in the commercial facilities sector as well. >> dr. coburn. >> just a follow. i want to put in the record a letter from dhs police deputy director of operations chris clyne that was released novemb november 22. which is new active shooter guidelines. and i'm somewhat confused after reading this. i think i can pretty well -- i don't understand the engagement. if somebody is with a firearm in a federal building and we have a pso officer there, nothing here says that they will engage him. >> yes, sir. my point was that the original

objective and mission of the pso was to ensure that safe ingress and egress of people coming into the facility but it was not to pursue an active shooter. that has always been the purview and the ground of, for law enforcement, trained law enforcement personnel. as we have we looked at how we might have our psos engage, we were looking at any legal obstacles that we may have to overcome as a result of that. as well as any state requirements that they may have to meet as well. and my point in talking about, if, in fact, an armed individual comes into the facility and to recognize that they are armed and asked that individual to please drop the gun or drop your weapon, or put your weapon down and they don't, then they are authorized to engage. okay, if, in fact, they are clearing the building are trying

to get people out of the building and they run into the active shooter, they will engage. what they are not trained to do is go from room to room trying to find -- >> i understand i that but i gus the point i'm making from this letter, that's not clear in your. this is the new requirements for active shooter. >> yes, sir. >> that's not a clear part of the statement. >> yes, sir. that was dated november, and in early december we had a conversation with all of our vendors telephonically, 90% of our vendors, telephonically to tell them we be coming out with new instruction of how they would engage and be prepared for the. so yes, sir. it is evolving. >> right now if anything happened today, they would be following this, not what you testified? >> no, sir. they would continue to engage. if, in fact, -- their first priority are the safety of the folks that are in the building.

for one, they will keep people from coming in until help folks get out. all right. now, if they in fact do engage the shooter, if they come into contact with one another, they will engage. what they will do today is they will pursue -- >> i understand that. what i'm saying is, it is not clear to me in terms of reading this letter that says they will engage. >> i will have to take a look at that speed this is what you all put out november 22. and that's the important thing. one other area i want to cover with you, general patterson. do we direct fps contracted street to do joint exercise with local law enforcement? in other words, a dry run? in other words, much like tim heitkamp said. >> what we do when we conduct an exercise can we conduct a lot of exercise. in fact, we conduct a number of active shooter training exercises --

>> you're missing my point. do we require our contractocontracto r -- >> i was going to get to that. >> to do joint training with local law enforcement? >> they do it when we do it. >> is it every -- isn't a requirement of the contract to do joint training with local enforcement so everybody is coordinated much, going back to western heitkamp said. >> yes, sir. they are exercise will be part of our exercise as we practice with local law enforcement. >> okay, but you're not in everyone of these building and you going to have an exercise in every one of these buildings. that's what the record shows. so is not the fact that you've actually directed these contractors not to do joint training with local law enforcement? >> i would say we have -- effect is i don't think at this point we don't have anything specifically addresses joint training with local law enforcement in our contracted out a plea but i'll have to get back to you on that. i don't have a contract before

me so i would have to take a look. >> senator heitkamp. >> i wasn't intending on following up but if you want you can pick up from where senator coburn has taken the discussion, which is security is -- it i can say it this way, is best done when it is clear that this is a high priority. and you know, it concerns me that public employees and really the public sees someone sitting at a desk and usually in uniform. there's an assumption that there is a bevy of powers that come with that and that there is an aura of protection that goes with that. and if it doesn't include engagement, if it doesn't include having folks who are at least capable of some kind of immediate intervention, you know, and if those rules are not

clear i think we left the wrong message with a lot of people in public. and so, i would like to know for many of these buildings there was not any kind of electronic screening or x-ray machines at the navy yard, correct? you could just walk -- i mean, if you stand in through the turnstile and kind of waved and signed and that was it, right? okay, this is the building that has thousands of public employees. i can understand that if you're looking at the building that houses the public, the employees for the foreign service agency in watford city north dakota you might not want to put any kind of screening device. but for a building that houses and employees, where employees, thousands of employees, and

commonsense like there might be some cost benefit and safety in looking at electronic surveillance, there might be some cost benefit in providing law trained, you know, people at the front to engage, that we might look at those kinds of procedures. and i don't hear that today. i thought i was going to hear, you know, that we are looking, doing cost-benefit analysis you're not that my folks in watford city are not important but i don't expect you to hire a law trained guard to protect the one person that works there. i don't expect that. but i might expect you to think about doing that in a building that houses thousands of people in a city that frequently is a target, symbolically, of terrorism or these kinds of attacks. and i really would ask you guys to go back and rethink what you're saying today about how you can enhance security looking beyond simply, you know, simply

continued the process that you've engaged in today. >> if i could address your concerns for just a minute. we are actually, we are doing, we really are doing due diligence in pursuing this matter. we are working aggressively with the vendors to, one, to look at what authorities the states entitled to relative to engagement. we're also looking at within the department to look at what authorities might be levied, we could went to these folks relative to legally from the federal sector. so we, in fact, are looking at how we might address this moving into the future because we know, we realize it is a concern. one of the other things that i spent a lot of time doing is engaging with the federal executive board across the country, looking at what are some the challenges they're having, what are the concerns from their people in these facilities and how can we provide better training, more

training, additional training to those folks in the facility as to how to respond to an active shooter. because that's very important as well, how to get people out of harm's way when they recognize there's an event in progress cracks so i would tell you we're looking at this. we are taking it very seriously. it may not come across that way in some of the testimony that we are providing, but i can tell you we're spending a lot of time with her contractors, a lot of time with legal to find it was that middleground, the ground we can take? because ultimately we have to figure who is going to bear the cost of this ad hoc we do this in fundamentally smartly, effectively, efficiently but still provide the same result or similar result of protecting folks in those facilities. >> not to belabor this, but it just seems like if i were looking at this, and if i were in any of your shoes, i was a i've got 1000 people that work in a building in a city that's a

target, we don't have screening devices and we don't have law trained guards. maybe we got to rethink that as a strategy. >> if i may address that. when we set the facility security level, the recommended, as part of the recommended security practices if you're a level three or above, for example, we will at a minimum recommend that there are guards on site at the facility. as you move up, so, for example, at any of the headquarters buildings, a game that you see along constitution avenue you will find advanced screening techniques, magnetometers. you have to run back some of to what happened when walk in the buildings today. as we go down to the storefronts out in the states, that is were you not see that level of security, but based on what you facility security level is, there is a standard that goes with that security and that's part of what the interagency security committee does is make

recommendations, and begin -- >> secretary, back to that point. you make recommendations and there's no mechanism to mandate that those recommendations are carried out. >> we did not have a formal compliance mechanism to monitor what has been adopted, yes. >> if i may, i just want to clarify. general, what i'm asking specifically on the gao recommendation, the dates at which you submitted, the dates they were cleared on just the 2010 through 2012 gao recommendation. >> 2010-2012. >> a question for secretary durkovich. is a public knowledge what federal buildings are rated what? can i go on a website somewhere and find that out? >> i have to -- no.

it's not public knowledge. we can make that able to you but it's not public, no. because it presents a security risk. >> i understand, that's why i asked the question. thank you. >> i want to stick with the matter of gao recommendation. gao does a very good work. they have a lot of people but they have a whole lot of work to do, and they frankly have been getting the kind of resources they need to do all we're asking them to do. describe for me, one or both of you, maybe general patterson, explain to us the process. gao comes in, they are looking at the work is being done and how it's being managed, funded and so forth. they make recommendations. describe the process, they give and take before the finalize recommendations. >> i'm sorry? >> described a process whereby gao comes in, examines what's being done, takes recommendations. you have the opportunity i

presume to respond to that. we use gao recommendations, especially the high-risk list. we use that as a to-do list as we do our oversight. just described the back and forth that leads to the issuance of a recommendation. i think there were 26 of them that you mentioned. about 13 of them have been responded to and about half of those 13 have been if he will accept the. i'm just interested in the process. >> the process, when the gao makes her condition, one of the first things we do is sit down with my staff to take a look at what the genesis and but the challenge is that we have for the recommendation and with the background on the recommendation. then we move forward to look at how we're going to resolve the issue that, or the challenge that gao has brought forward. what i recognize is that some

things that we can handle and move forward pretty quickly. of the things not so, only because it will require extensive resources and we have to figure out how we do that. for instance, one of the challenges that we have is we have 13,000 vsos, ma guards, that with oversight responsibility for but we don't have an automated or technology right now available to do our best job in oversight and those folks when they come to work, when they check in, when they lead to make sure the certifications are where they need to be and so forth. one of the challenges that i set forth for my staff and for the agency is to come up with a technology-based system that will allow us to move forward with that. to figure out, and no when a pso was on post, when h his wife's income when he swipes out and to

ensure that he or she has the proper certification they're supposed to. that's one of the challenges, one of the issues that gao has brought forward is that because we've only got 600 law enforcement folks out there to do this, with 13,000 guards, it presents a bit of a challenge. these 13,000 guards probably generate about 170,000 records, okay, that we must review over a period of time. so what we're looking for is an automated process to help with that. we are engaged with dhs science and technology to begin to help us beginning to look for ways and off the shelf possibly recommendations that we can begin to put into place that will allow us to better oversight these 13,000 guards. so it's issues like that or challenges like that, that keep us from moving forward as

expeditiously as we would like to. >> let me raise a question about that. you have 13,000 contracted guards and get 600 people working directly for you that our law enforcement officers. that's less than 20 people a person. we need an automated system to do that? what about random audits? how about finding a contractor doesn't perform? >> we do random audits. everyone of my regions is responsible for doing 10%-20% random audits per month. part of the challenge is because there are so many records, in any given time we can do an audit today, okay, but tomorrow or within the next month if that's not a record that we are auditing, it may for some odd reason -- not some odd reason, but the individual who made a certification based on expiration of time or having to reach for my and so forth, so

having, allowing us or being able to audit our records would help us tremendously in better oversight in this process. >> why should you automate? why shouldn't you for short contractors to automate and present a? >> that's an option. >> it's not an option. is the only common sense thing to do. if you want to demonstrate they are certified in compliance. and then you audit whether not they're telling you the truth rather than spend a whole bunch of money, i was running all 13,000 people when they're really not our employees to their contracted employees for somebody who took a contract to guard a building. again it goes back to contracting. put in the contract which expect other contractors to supply which is certified to people doing their jobs. >> and many other contractors to have automated process. however, from time to time we do find discrepancies in the

records. >> good, then you could find that contract and would you put is that the reason for you to lose a contract and by the way, we'll have someone else have this contract next time. these are not non-lucrative contracts. they are making money off of every hour every guard works. >> i want -- [inaudible] >> without objection, this letter will be made part of the record. want to give it a little bit here and just say as a defense contractor with a valid department of defense id card, aaron alexis was allowed access to the washington navy yard, as we know. and like many employees in other workplaces he was considered a trusted employee. not screen for any weapons. unfortunately, workplace violence continues to be a threat. i just want to start with you, mr. lewis, if i could. but could each of you answer the

following two questions. the first question is, do you believe that we should consider screening employees as well as visitors at federal facilities? say that again. do you believe we should consider screening employees as well as visitors at federal facilities? second, is there any potential downside to screening employees? is there any potential downside to screening employees? and i would like for each of you to answer that. mr. lewis, if you would start place. >> current dod policy does not require that type of screening where somebody goes through a metal detection device, but it does allow a random selection of individuals for that type of screening. so there are those procedures in place. there is the option in place. and again, we rely on the

judgment of the installation command to make a determination as to what's appropriate under the local circumstances. the drawback to screening every employee coming through is the negative impact on mission accomplishment. there are facilities where there are 10,000 employees coming through, often in roughly the same window, and screening every single employee would be disruptive to getting the work done. that's the balance. you know, factoring in cost and mission accomplished with against screening every employ employee. >> general? >> yes, sir. i think it's something i'm sure can be considered. you know, we put a lot of trust in the system that we have. we put a lot of trust in the

fact that we do background investigations, and once a background investigation is completed we believe that the individual that has received that background investigation is trustworthy. so at the point that we decide that maybe we don't believe in that background investigation, then that's maybe the time we start looking at a system that we screen all our employees as we commend. it is a way to begin to mitigate, if you will, some of the risk. but again, i think it would be something that we would have to think through very carefully before we do that. i know that in many of our facilities we have, in some of our facilities we have both. in the department of transportation a screen everybody in their headquarters building. in other facilities the only screen the visitors who come through.

and to date in most of our facilities we haven't had a problem with our employees but with the folks have been screen. if we decide that we are going to screen, and then it might be a bit of a challenge only because it's a new process and that process will require a longer processing time for our folks to get through. so we would have to carefully work with gsa and others and how we organize, if you will, that flow of folks because at 8:00 in the morning when you have hundreds of people entering the building and they're accustomed to moving through it and showing a badge, based upon the security clearance, it could create a challenge. >> all right. secretary durkovich, same question, please. >> so as i mentioned the interagency security committee has put some thought through at least have ago about screening visitors as they enter into our federal facilities. and part of that is based again

on the facility security level. i would agree with my colleague, director patterson, in that we have to have trust in the system. and that the department of homeland security, in addition to evaluating who has clearances, we also ensure that employees and contractors who are affiliated with the department also undergo a suitability. i think in order to ensure that there is not a negative impact on the mission, and we have to account for the fact that there are resource implications about opportunity costs associated with screening employees. that i think a system that we have in place works overall. unfortunately, we do have incidents where i think it is incumbent upon us to look at those incidents and to make sure that we're leveraging the lessons learned so we make sure that it doesn't happen again. but i think overall there's a

downside to screening employees. as you know, sir, from your oversight of the department, we all have taken on an awful lot of work to ensure the safety and security of the american people, and that is way of life can thrive, and that any impediment or obstacle to allowing our employees to do their important job every day is an impact on the nation. and we have processes in place that allow us to ensure that we have employees who represent the highest standards. and that we should continue to trust in the system as opposed to screening everyone. clearly at certain facilities would have measures in place. director patterson recognize when i go to the nasc ever got to show, not only swipe my badge to show my badge. if i bring a vehicle onto the premises, there are dogs and

there are vehicle searches that happen. so the our again to be on the level of facility, different layers of security. but in terms of putting -- spent before recognize any questions you might want to ask, senator ayotte, let me just ask one might quick question and i'll ask you very briefly. some of you have been before us before. i like to ask what you expected to, what can we do here? maybe give one idea what can we do in the legislative branch to better ensure that you are able to meet the responsibilities that are placed on you, for workplace protection? while you think about that i'll just make sure, today said that i have and i and our colleagues are debating a budget resolution, a framework for a spending plan for our federal, for the balance of this fiscal year. it does a number of things.

i think there's three things we ought to do for deficit reduction which makes it simple. not one, anton reforms that saves money, space programs, doesn't savage for people. number two, tax reform that eliminates a number of our tax expenditures. we've got a lot of them. some of them have met their purpose and they need to be retired or modified. the use of some revenues we generate with the use of corporate tax rates and use of revenues for deficit reduction. number three, just look at everything we do and see across the government had to be get better results for less money for everything we do. those are three things i continued to harp on. but one of the things you do with the budget resolution, and omnibus appropriations bill, separate appropriation bills that fall is the we move away a little bit away from sequestration across the board cut to allow agencies, departments could have better savings. we need to allocate their

resources. hopefully that is something that will enable us to look at risk, put more money there and there is less risk, be able to the list wanted to in terms of weight we can do to help you work better, just give us one good idea and speak very briefly. >> i'll start. in some ways, sir, you have answered my question. or you have given my response. it is recognizing that this country, there are a number of risks that we face. it is a large country, and part of the conversation that we have to have it both the department of homeland security and the administration as lawmakers and with the american public is we can't medicate every threat. and so it is understanding fellows that will have the most significant consequences and ensuring that we are having a conversation about how we go about mitigating them, that we have the resources, the personnel to go about doing it. so having the conversations that