U.S. diplomatic compounds overseas continue to be endangered by lax security measures and, in many cases, are highly vulnerable to potential attack, a fact that the State Department has failed to address for nearly 10 years, according to a newly released government oversight report.
Nearly two years after terrorists killed four Americans at a U.S. facility in Benghazi, Libya, the State Department still "has not fully developed and implemented a risk management policy for overseas facilities," according to comprehensive new report by the Government Accountability Office (GAO).
The State Department still does not have the oversight mechanisms in place to properly supervise overseas security measures and respond to potential threats in a timely fashion, the report found.
The findings reveal that the State Department continues to falter when it comes to ensuring the security of U.S. diplomats in dangerous regions, despite warning of lax security issued by Congress and even State Department officials in the wake of the Benghazi attacks.
"While each of these problems is a reason for concern, in and of itself, taken as a whole they raise a greater concern that decision makers at State may not have complete and accurate information with which to make risk management decisions," the report warns. "As a result, there is a greater likelihood that security risks to overseas diplomatic facilities will not be adequately addressed—a situation that could have tragic consequences for U.S. government personnel working overseas."
U.S. personnel in "high-threat, high-risk posts overseas" are still being placed into "older" and "temporary work facilities that do not meet the same security standards as more recently constructed permanent facilities," according to the report.
Amid these lax security standards, some 336 attacks have been waged on U.S. facilities from January 1998 to December 2013, according to the report.
Investigators found that the State Department continues to use outmoded security measures and that it has failed to establish a common standard for security at facilities, meaning that some diplomatic compounds are given less security.
The State Department also was found to be incapable of "reassessing standards against evolving threats and risks," a flaw that makes compounds located in contentious regions such as the Middle East particularly vulnerable.
In one of the report’s more shocking findings, it was revealed that "updated [security] standards took more than eight years" in some instances.
The lack of a standard security model has had a visible impact on some compounds and created several "inconsistencies."
"Gaps in categorization and tracking of facilities could hamper the proper implementation of physical security standards," the GAO warned.
One set of standards, for instance, "requires anti-ram perimeter walls at medium- and higher-threat posts" while another "required them only at higher-threat posts."
The GAO identified at least one facility that was officially categorized as warehouse, but that included offices and "therefore should have been subject to more stringent standards."
GAO also discovered "some facility types for which [security] standards were lacking or unclear, instances in which the standards were not updated in a timely manner, and inconsistencies within the standards," according to the report.
In some cases, personnel at the diplomatic compounds have taken it upon themselves to boost security beyond what State requires.
The GAO "identified several posts that put security measures in place that exceed the standards because the standards did not adequately address emerging threats and risks," according to the report.
The lack of an "adequate and up-to-date" security standard had jeopardized safety at compounds and led staff on the ground to fend for themselves.
State additionally has failed to analyze and consider "all available information" when it established threat levels at various posts.
This forces personnel on the ground to decide for themselves whether more security is necessary and the petition State to follow through.
Interim and temporary facilities, such as the one used in Benghazi, remain the most vulnerable. To date, the State Department has implemented just 15 of 29 recommendations made by the Benghazi Accountability Review Board (ARB).
State additionally "lacks processes to re-evaluate the risk to interim and temporary facilities that have been in use longer than anticipated," according to the report. "Without a fully developed risk management policy, State may lack the information needed to make the best security decisions concerning personnel and facilities."
Officials have been forced to "rely on an ad hoc process to establish security measures, rather than systematically drawing upon collective subject-matter expertise," according to the GAO.
The compounds must submit to the State Department requests for "waivers and exceptions" to identify the steps they will take to "mitigate vulnerabilities."
Yet no one at the State Department is tracking these requests, the GAO found.
"Neither posts nor headquarters systematically tracks the waivers and exceptions" and State "has no process to re-evaluate waivers and exceptions when the threat or risk changes," according to the report.
"With such deficiencies, State cannot be assured it has all the information needed to mitigate facility vulnerabilities and that mitigation measures have been implemented," GAO warned.