TSA implemented 167 of the 251 (67 percent) requirements in both Acts, 55 of the 167 (33 percent) were not completed by the Acts’ established deadlines, and TSA did not complete the remaining 84 requirements. TSA was unable to complete 33 of these requirements because the actions relied on external stakeholders acting first or depended on conditions outside of TSA's control. The shortfalls occurred because TSA did not: (1) designate a lead office to establish internal controls, conduct oversight, and provide quality assurance for implementing the legislatively mandated requirements; (2) develop formal policies and procedures to ensure consistency and accountability for implementing the requirements on time; or (3) plan or develop an effective system to maintain relevant supporting documentation for the Acts’ requirements to help ensure information accuracy, continuity, and record retrieval capability. Further, TSA had difficulty completing some mandates that required lengthy regulatory processes or coordination with and reliance on external Government and industry stakeholders. Because TSA has not implemented all requirements, it may be missing opportunities to address vulnerabilities and strengthen the security of the Nation’s transportation systems. TSA provided a corrective action plan but did not concur with the recommendation.