ARMS Act

The Aviation Risk Mitigation and Security Act (ARMS Act) would require the Transportation Security Administration (TSA) to create and run a formal, risk-informed covert testing program to evaluate aviation security operations, including passenger and baggage screening. The act mandates a headquarters-based testing approach with multiple project scenarios each year, ensuring every Category X airport participates at least once annually. It pushes for a structured mitigation process when vulnerabilities are found, including root-cause analysis, a formal mitigation decision with milestones and timelines, and mandatory retesting to gauge effectiveness. The bill also establishes annual public and congressional reporting, allows for classified annexes, and requires a Government Accountability Office (GAO) review within three years to assess the program’s effectiveness and statistical validity. Overall, the bill aims to systematically uncover and address security vulnerabilities using data-driven testing while balancing security with transparency.