Earlier this week, the General Accounting Office (GAO) issued a report entitled, "Continuity of
Operations: Improved Planning Needed to Ensure Delivery of Essential Government Services." The
report concluded that none of the federal agencies it reviewed had fully implemented the federal
government's own recommended preparations for the aftermath of a terrorist attack. The report, which
reviewed contingency plans for 23 agencies and 15 components of civilian cabinet-level departments,
cited several specific shortcomings that demonstrate the Bush Administration's continuing failure to
make robust efforts to prepare our country for the possibility of further terrorist attacks or other breaches
of our homeland security. This document examines some of the GAO's essential findings.
Federal agencies fail to identify essential services to be provided in the event of an attack. In July
1999, the Federal Emergency Management Agency (FEMA) issued the Federal Preparedness Circular
(FPC 65), which states that a viable post-attack plan for a government agency must first identify an
agency's essential functions. GAO found that five of the 38 post-attack plans they reviewed did not
identify any essential functions, and that several others failed to identify certain essential services.
Overall, the agencies reviewed failed to list among their essential functions 20 of the 38 high-impact
programs previously identified by the Office of Management and Budget. The Washington Post notes
that, while these omitted high-impact programs were not named, "the high-impact list includes such
efforts as food stamps, umemployment insurance, Social Security benefits and the National Weather
Service." (March 30, 2004) GAO concluded that "without better oversight, agencies are likely to continue
to base their post-attack plans on ill-defined assumptions that may limit the utility of the resulting plans."
Federal agencies maintain inadequate post-attack plans. Of the 23 agencies reviewed, three had
no post-attack plan in place at all. The remaining 20, which included 15 cabinet-level departments, had
plans in place, but "none of these plans addressed all the guidance in FPC 65." Six post-attack plans
failed to identify personnel to perform essential functions. Seventeen did not establish rules and
procedures regarding succession in emergencies. Seven failed to identify adequate emergency
communications channels. Only one agency had conducted annual individual and team post-attack
training.
FEMA has failed to exercise adequate oversight. GAO found that "the lack of compliance shown by
many agencies' post-attack plans can be largely attributed to FEMA's limited guidance and oversight of
executive branch post-attack planning." FEMA, now part of the Department of Homeland Security and
under the leadership of Secretary Tom Ridge, "has issued little guidance" in helping agencies develop
viable plans, and has yet to develop a regular assessment of post-attack planning in the agencies under
its authority. "Without...active oversight," GAO concluded, "continuity planning efforts will continue to fall
short and increase the risk that the public will not be able to rely upon the continued delivery of essential
government programs and services following an emergency."
