One of the most visible component agencies of the DHS is the Transportation Security Agency (TSA), an agency employing 55,000 staff members primarily tasked with providing aviation security and protecting the millions of individuals who fly annually.
While we have not experienced another event like September 11 since the TSA was created, critics have often contended that early on in its history the TSA was reactive rather than proactive in developing security screening policies and did not clearly communicate requirements to flyers. Additionally, TSA screening practices are still seen by many to be a blunt instrument - treating the elderly and young children as threats appears to be misguided to most Americans.
The result was a great deal of frustration for everyone involved. Flyers felt that TSA policies were arbitrary and/or arbitrarily enforced and disproportionate to the risk. And the agents charged with implementing TSA policies struggled with morale.
The TSA was constituted very quickly in response to a very tragic and painful terrorist attack and Americans expected a great deal of the agency. Its challenges are staggering – involving 10 million flights a year. As with any complex organization facing enormous challenges, it has taken time for TSA processes, people, policy and information systems to mature.
Corporations with a large number of suppliers face similar challenges. Each supplier represents potential risk to the business, including financial risk because it may fail and disrupt the supply chain, or reputational risk resulting from corporate malfeasance which could land the firm with the wrong kind of headlines in The Wall Street Journal. While it is tempting to want to create a policy that eliminates all risks represented by suppliers, this approach is not cost-effective and it also is counter-productive because it prevents managers from achieving and benefiting from supply chain management efficiencies.
While those of us in the private sector aren’t accustomed to looking to government for management best practices, we must recognize that the TSA has begun to develop and implement policies and practices that can effectively identify bad actors and mitigate risk, while also providing a better experience for the millions of flyers and reducing manpower requirements and costs.
There are two principles which apply equally to screening flyers and suppliers, and we can learn from the TSA how best to screen suppliers:
Risk-Based Assessments and Proportionate ResponseThe most sophisticated traveler screening operation on the planet is that of Israel. Unlike the early TSA system which focused on physical threat identification, Israel primarily relies on information about the individual fliers and their history to assess likely risks. The TSA has made several changes in its policy over the last few years to incorporate this risk-based strategy in its screening.
For example, the TSA worked with the US Customs Bureau to support a trusted traveler program called Global Entry that requires frequent flyers to undergo a background screening and interview. If accepted to the program, those travelers can then take advantage of an expedited airport screening process, much shorter lines and easier x-ray procedures. They won’t even have to take off their shoes!
This trusted traveler program, consequently, frees up screening staff to not only to minimize the time consumed by the screening process itself but also to focus their attention on real threats through a Pre-Check program. This Pre-Check program relies on a solid database of up-to-date background information on flyers and leverages this information and statistics to predict risks and respond accordingly.
“TSA Pre-Check moves us closer to our goal of delivering the most effective and efficient screening by recognizing that most passengers do not pose a threat to security,” explained TSA Administrator John Pistole in an interview regarding the new screening program.
While there is much opportunity for improvement, the TSA continues to focus on leveraging information and technology to improve security and private sector firms must likewise explore many new resources available to identify and mitigate supplier risk.
Similarly corporations should risk segment all current and potential suppliers using information-based assessments and then focus management attention on the small percentage of those suppliers that represent greater risk to the firm. Similarly to the TSA approach, key to the success of the corporate risk mitigation program will be a reliance on both supplier-provided and trusted 3rd party information to assess risk and provide additional screening and due diligence options, proportionate to the risk involved. For more information on applying supplier screening information and analytics, click here to view our recent webcast “Mitigating Supply Chain Risk without increasing your Budget”