Running head: RISK ASSESSMENT REPORT 1

Risk Assessment Report: Project Proposal and Annotated Bibliography

Name

Institutional Affiliation
RISK ASSESSMENT REPORT: PROJECT PROPOSAL & ANNOTATED BIBLIOGRAPHY 2

Project Proposal:

A Proposal to Assess and Report on the Transportation Security Administration's Computing and

Networking Infrastructure Risks

Introduction

The Transportation Security Administration (TSA) plays a crucial role of ensuring safe

transportation services within the United States of America (USA). Of most importance,

however, is TSA's role in the air transport sector. Air transportation in the USA enables the

movements of about 42 billion pounds of cargo and 1 billion passengers yearly (Tonar & Talton,

2019). As such, the air transportation sector is a key part of the USA's overall economy. These

movements create cash flow into and out of the country. This cash flow translates into 5% of the

nation's GDP. The sector also employs millions of workers in the USA (Tonar & Talton, 2019).

Therefore, it is paramount that air transportation in the USA is safe and secure. The TSA does

this work of ensuring such security. Yet, information available to the public audience indicates

that the TSA continues to struggle with mitigating risks, especially concerning computing and

networking infrastructure.

Statement of Problem

The TSA has continued to introduce security programs and systems targeted at ensuring

safe air transportation. However, the execution of these programs and systems often exposes the

challenges that the TSA often faces in mitigating all involved risks. Most of these programs

directly rely on computing and networking infrastructure. Therefore, it is necessary to

comprehend why risks in these areas pose a huge threat to the firm's overall functioning. An

example is the Security Technology Integrated Program (STIP). STIP helps to smooth the
RISK ASSESSMENT REPORT: PROJECT PROPOSAL & ANNOTATED BIBLIOGRAPHY 3

transfer and exchange of passengers' and cargo's screening information throughout the

organization (Homeland Security, 2010, p. 1). Essentially, STIP, like other programs, is meant to

improve the screening process and ensure passengers of safe transportation.

However, Homeland Security conducted audits of STIP and TSA in 2016 and found that

the organization poorly managed such programs (OIG, 2016, p. 1). In 2017, Homeland Security

further tested TSA's reliability in screening at checkpoints and found only a 30% success rate

(Tonar & Talton, 2019). As a result, there are questions about the organization's ability to deal

with risks directly relating to safe air transport.

Objectives

I propose to assess and report on risks that TSA faces in its performance the function of

ensuring safe air transport. More specifically, the risk assessment carried out will be on

vulnerabilities in the TSA's computing and networking infrastructure. These aspects of the TSA

are crucial to its overall functioning.

Plan of Action

The report will meet the set objectives by relying on a thorough review of open-source

documents that indicate the risks posed on the TSA's functioning. Following this action, there

will be a detailed analysis of the risks posed to the organization and related to computing and

networking infrastructure. The report will then offer possible solutions to these risks.

Conclusion

People depend on the TSA to ensure their safe air movement. As the TSA continues to

face risks in conducting this role, it is important to assess the critical risks and offer solutions.
RISK ASSESSMENT REPORT: PROJECT PROPOSAL & ANNOTATED BIBLIOGRAPHY 4

References

Homeland Security. (2010). IT program assessment TSA- Security Technology Integrated

Program (STIP) (2010). https://www.dhs.gov/xlibrary/assets/mgmt/itpa-tsa-stip2010.pdf

OIG. (2016). IT management challenges continue in TSA's security technology integrated

program. Department of Homeland

Security. https://www.oig.dhs.gov/assets/Mgmt/2016/OIG-16-87-May16.pdf

Tonar, R., & Talton, E. (2019, January 28). Is the TSA really

necessary? Forbes. https://www.forbes.com/sites/ellistalton/2019/01/28/is-the-tsa-really-

necessary/#4a5fcdec25e0
RISK ASSESSMENT REPORT: PROJECT PROPOSAL & ANNOTATED BIBLIOGRAPHY 5

Annotated Bibliography

References

Awodele, O., Onuiri, E. E., & Okolie, S. O. (2012). Vulnerabilities in Network Infrastructures

and Prevention/Containment Measures [Paper presentation]. Informing Science & IT

Education Conference,

Nigeria. http://proceedings.informingscience.org/InSITE2012/InSITE12p053-

067Awodele0012.pdf

This article presented at the Informing Science & IT Education Conference in 2012

covers the common computing and networking vulnerabilities affecting many organizations

struggle. The article establishes how exponential developments in computing and networking

infrastructure generate risks that may interfere with the security, efficiency, and effectiveness of

these organizations. These vulnerabilities include poor configuration of infrastructure, active

hacking by malicious users, presence of computer and network viruses, and mismanagement of

computing and networking critical information such as passwords. This article is important to the

report as it establishes the various risks in computing and networking infrastructure.

Department of Homeland Security. (2019). Department of Homeland Security: Transportation

Security Administration budget overview.

Author. https://www.dhs.gov/sites/default/files/publications/Transportation%20Security

%20Administration.pdf

This budget report by the United States Department of Homeland Security establishes the

TSA's organizational structure and mandates. The article deems the TSA as having a strategic

organization structure as depicted by its budgets and roles. In particular, the core mandates of the

TSA, categorized as mission programs, depict how strategic the organization's structure should
RISK ASSESSMENT REPORT: PROJECT PROPOSAL & ANNOTATED BIBLIOGRAPHY 6

be. One critical mission program mentioned is aviation screening operations. This role involves

the screening of cargo and passengers as a means of ensuring safe air travels. The article presents

the technologies, processes, and budgets of this mission program. The paper offers the risk

assessment report the TSA company profile important to understanding how computing and

networking vulnerabilities affect critical functions of the organization.

Joshi, C., & Kumar Singh, U. (2018). Testbed for Mitigation of Network Vulnerabilities-

Enhancing organization's security resilience in an experimental

environment. International Journal Of Computer Application, 2(8), 48-

62. https://doi.org/10.26808/rs.ca.i8v2.05

This journal article presents the need for timely experimentation and mitigation of

computing and networking vulnerabilities. The article posits that proactive testing of networking

infrastructure is the best way of noting and mitigating any vulnerabilities. This document is

important to the report as it establishes the need to identify vulnerabilities early enough and the

use of tested designs and concepts to mitigate available vulnerabilities.

OIG. (2016). IT management challenges continue in TSA's security technology integrated

program. Department of Homeland

Security. https://www.oig.dhs.gov/assets/Mgmt/2016/OIG-16-87-May16.pdf

This audit report by the Department of Homeland Security indicates the TSA's

inefficiency in managing networking infrastructure as exemplified by the STIP. Furthermore, the

report indicates how mismanagement of such infrastructure leads to loss of confidentiality and
RISK ASSESSMENT REPORT: PROJECT PROPOSAL & ANNOTATED BIBLIOGRAPHY 7

perceived integrity. This report is important to the risk assessment as it indicates the challenges

the TSA undergoes to mitigate computing and networking infrastructure risks.

Tonar, R., & Talton, E. (2019, January 28). Is the TSA really

necessary? Forbes. https://www.forbes.com/sites/ellistalton/2019/01/28/is-the-tsa-really-

necessary/#4a5fcdec25e0

This news article published by Forbes queries the significance of the TSA in air transport.

The article recounts the rationale behind the TSA's formation and implies that the current bulk of

air transportation in the United States still offers the TSA its relevance. The article is very

important to the risk assessment report, as it indicates the seriousness of the work conducted by

the TSA. That is, if any risks become actualized within the TSA, then serious damages would be

realized within the United States and its global market.

Tripathy, B. K. (2020). Risk assessment in IT infrastructure. In Ethics, laws, and policies for

privacy, security, and liability (pp. 1-14). https://www.intechopen.com/online-first/risk-

assessment-in-it-infrastructure

This book chapter indicates the importance of computing and networking infrastructure

in organizations. Such infrastructures offer reliability, robustness, and efficiency in the provision

of the necessary services. The article also indicates how computing and networking systems are

varied with heterogeneous functions. Nevertheless, organizations need to ensure that these varied

systems are interlinked well to maximize needed results. The article is important as it establishes

the importance of such infrastructure to the TSA.