Report on FBI IT Modernization



Report on FBI IT Modernization

DRAFT!!

version 01-22-04

(needs revision based on new sections)

1. Charge 1

2. Background 2

2.1 Missions 2

2.1.1 Criminal Investigations and Law Enforcement 2

2.1.2 Counterterrorism, Counterintelligence and Intelligence (CCI) 3

2.2 Key processes 3

2.2.1 Investigation 3

2.2.2 Intelligence 34

2.2.3 Information Management 35

3. Issues for the FBI 35

3.1 Enterprise Architecture Issues 36

3.1.1 What is an enterprise architecture? 36

3.1.2 Problems faced by the FBI 38

3.1.3 Items for Immediate Action Error! Bookmark not defined.10

3.2 System Design Issues 312

3.2.1 The Virtual Case File (VCF) Application 312

3.2.2 Data management and the Integrated Data Warehouse (IDW) 314

3.2.3 SCOPE 317

3.2.4 Mobile computing 318

3.2.5 Security 318

3.2.6 Privacy 321

3.3 Management issues 322

3.3.1 Overall development methodology 322

3.3.2 Contracting and Contract Management 324

3.3.3 Program/Contractor Management 324

3.4 Human Resources and External Constraints 326

3.4.1 Human resources 326

3.4.2 External constraints 327

4. Recommendations 328

Charge

As a result of an earlier real-time review in September 2002, the committee was asked to provide a more thorough review and set of recommendations on the FBI’s information technology modernization efforts, focusing primarily on the Trilogy upgrade but addressing other issues as necessary. Except as explicitly noted otherwise, the factual base regarding the FBI is derived from briefings to the committee on [October 27-28, 2003 and December 15-16, 2003dates of meeting 1 and meeting 2]. The committee’s conclusions and recommendations are based on its collective experience with large-scale IT system deployments.

Background

Today, the FBI is undergoing a massive shift of mission priorities. Whereas the FBI was previously oriented almost exclusively towards law enforcement and the investigation of criminal activities, as a result of the changes in the threat environment its mission has expanded to include—and as its top priority—the detection of potential domestic terrorism and the prevention of the success of domestic terrorist activities. The leadership of the FBI recognizes the need for upgraded information technology to enhance its ability to collect, store, search, retrieve, analyze and share information in pursuit of these priorities. At the same time, the FBI has not traditionally been among Federal agencies that have been regarded as technology innovators, and for many years, the FBI has been criticized for inadequate attention and competence with respect to its use of information technology. Outdated, inadequate, hard-to-use, and stovepiped are terms that have often been used to characterize the Bureau's technology.

In any organization engaged in any business, the introduction of modern information technology and the concomitant reengineering of an organization’s key processes to exploit the technology constitute a major challenge. In the FBI’s case, this transformation is being managed under intense operational pressures: the FBI’s traditional work must continue even as new technology is introduced and a more IT-exploiting culture is evolved. Compounding the challenge is the added strain of a new focus—preventive counter-terrorism, where success demands a different mindset, operational skills, and novelthe exploitation of a radically expanded set of information sources.

To be effective, IT investments must be aimed at enhancing the business effectiveness of an organization. The return on an IT investment must be measured in business terms – more and better results, increased responsiveness and agility, and improved efficiency of operations. Maximizing the return on a major IT investment thus requires an intimate and dynamic interplay between technology supporting strategy, and the trajectory of technology enabling and stimulating change in strategy over time. Thus, this report begins its discussion from the business/strategy side.

1 Missions

The nature of an agency’s missions and the agency’s strategy and business objectives are the primary drivers of the kinds of information and communication it needs and the processes it must exploit, and thus of the architecture, design and functioning of its information technology systems. In the case of the FBI, the two main missions with associated business objectives are: first, the investigation of criminal activity and the prosecution of criminals; and second, the prevention of terrorism within the US and against US interests around the world. (The designations “first” and “second” do not refer to today’s priorities, but rather to those of the past.) Supporting these missions and the achievement of the related business objectives of these business segments are a set of key processes which are used in different degrees in achieving the objectives.

1 Criminal Investigation and Law Enforcement

The traditional role of the FBI is that of an investigative agency for the Department of Justice of the United States. This role in investigating and preparing much of the basis for the prosecution of crimes is one of the key missions of the FBI. The information developed by the FBI investigators is provided to prosecutors who in turn determine if an individual will be prosecuted. The investigations occur when either a violation of the federal criminal code occurs or when the U.S. Attorney’s office supports an investigation. ( Is this a complete set ? Does FBI ever open an investigation on their own suspicions ? JCM I believe we were told at an earlier meeting that the FBI could open a “case” at their own discretion, but that may not literally be the same as an “investigation.”)

This role of the FBI in this area is responsive in that is initiated in response to an action or event or by a request from a legal authority. Once the FBI investigative activity has been initiated, the FBI will use all the resources legally at its disposal to gather relevant information related to the situation, as discussed below.

2 Counterterrorism, Counterintelligence, and Intelligence (CCI)

Since September 11, 2001, the FBI has been obliged to placed much greater emphasis on identifying and protecting the U.S from acts of terrorism. The FBI’s objective is to prevent acts of terrorism in the U.S. and against U.S. persons and interests throughout the world. Accomplishing this daunting objective requires, among many other things, the accessing, analysis, and exchange of massive amounts of information, and close, daily coordination and cooperation among law enforcement, intelligence and many other involved organizations.

This role of the FBI in this area is proactive in that is necessarily ongoing. That is, the execution of the mission is not executed in response to any particular eternal event. (If a serious event has already occurred it is, then it is not unreasonable to suggest that the execution of the CCI mission has not been entirely successful.)

(I think we may be making too much of “responsive” vs “proactive.” The FBI would argue that it is proactive even in investigatory cases, and one could conceivably argue that CCI may be triggered by a leading event, warranting investigation (e.g., a bombing). For our committee’s work, is the more important distinction between investigatory data and CCI data, with the understanding that there could be some overlap of purpose?)

2 Key processes

It is important to distinguish between missions and the key processes that support the accomplishment of those missions. In some cases, a key process supports only one mission; in others, a key process may support multiple missions. In both, the use of modern data-processing technology is essential. Processes involve things like information acquisition and the workflow of its mangement—how information is acquired, who must act on it, how it must be processed and analyzed, what types of inferences must be drawn, and how information of all types flows within the organization.

This section describes some of the key processes within the FBI.

1 Investigation

The investigatory process is the primary process supporting the law enforcement mission. Investigation develops information from a variety of sources, including but not limited to information gathered directly by special agents or other law enforcement agencies, information obtained through informants, information obtained from other agencies such as the INS or local law enforcement agencies, laboratory developed information, and open source information (e.g., information on the Internet or in newspapers). The collection and analysis of information is usually under the control of the individual agent or special agent in charge that is directly responsible for the investigation. The information or a subset of the information such as pointers is placed in centralized FBI files for appropriate dissemination and use as part of the case file.

The agent or group of agents assigned to a case is and has been the focal point of FBI criminal and law enforcement activities. The agent is responsible for carrying out the investigative task and managing much of the information involved. In the case of a criminal investigation, the information developed is then conveyed to the prosecutor for decision and action. In the case of a background investigation, the information is delivered to the requesting agency. The agent is the focal point of the activity with support from administrative staff, analysts, and other FBI employees. The investigative information is organized around cases and agents as the fundamental units. Moreover, there are a variety of legal and procedural requirements in place to ensure that developed information can be used in court to support prosecutorial activities. If information is insufficiently supported or vetted it will create probems in the prosecution of the case.

2 Intelligence

Intelligence processes include information collection and analytical functions. Information gathered under intelligence auspices isare subject to fewer restrictions than is information gathered in the investigatory process, since itand thus is not usually not used to support prosecutorial activities. Analytical intelligence processes are used in both law enforcement and CCI missions.

Information gathering in the intelligence context requires that voluminous information resources from internal and external sources be logically brought together and analyzed with the goal of identifying potential threats of, or precursors to, terrorist crimes. The range of sources of information which must be selectively probed and analyzed is enormous, and much of the (mostly computerized) information will not be obtained from government-owned sources. Much of the information will in fact be open-source information, such as newspapers in foreign languages, or found on the Internet.

Analytical functions in the intelligence process must analyze hierarchies of information analysis of often uncertain relevance and quality, but the desired result is the distillation of conclusions that become increasingly certain as they are further aggregated and refined. Such analyses may, at different stages, result in warnings and may initiate deeper and more focused investigations.

The intelligence process generally requires that the FBI receive information from and disseminate information to local law enforcement agencies, the U.S. intelligence community, and often with International agencies. The ability to share information at multiple levels of security classification with a wide variety of collaboratorsoperators is essential to the performance of the counter-terrorism mission. Sharing of informationSuch an ability plays a far more limited role is much more circumscribed in criminal investigation. Strong capabilities to access, manage, analyze and communicate information and intelligence across institutional boundaries are key to the analytic function at the core of the intelligence process.

Sharing information requires the support not only of technology, but also of cooperative relationships with the intelligence and law enforcement communities at levels, both from local andto international. Furthermore, its success demands a framework of policy and process to ensure appropriate balance among timely access, security and privacy rights. Trained analysts probe, tease apart and develop new information that can identify, confirm or deny an activity. When supporting the law enforcement mission, analysts must understand the investigative role of the Bureau and the agent’s operational processes. Similarly, agents must understand that the role of analysts is different than that of CID agents. Most analysts have specialized expertise and must be able to easily cooperate with colleagues on diverse topics. Analysts must be comfortable with the technology that is increasingly a source of information and a tool to support the sharing and analysis processes. And the individual analyst at the FBI must be highly skilled in the methods and processes that are used both for the criminal and CCI missions.

3 Information Management

The investigatory and intelligence processes used by the FBI are information-intensive, and the Bureau has recognized that state-of-the-artimproved information management that exploits available technology can significantly enhance the effectiveness of these processes. Furthermore, both counterterrorism and criminal activities are evolving in a way that spans traditional organizational boundaries in the FBI. Special-Agents-in-Charge (SACs) are organized around geography. Counterterrorism and crime no longer respect those boundaries, and thus a Bureau-wide technology deployment must be seen as a set of systems and data that span SACs.

;;;Example of something done well pre technology – don’t do IT that messes this up: [WHERE SHOULD THIS GO]

The FBI culture supports a robust practice of remote tasking whereby an agent in one office executes an investigative task for an agent elsewhere.

Keep doing this, don’t screw it up. (But we should also note that that the right IT improvements can make this teamwork even more effective.)

The FBI relies extensively on a well-developed remote tasking practice whereby an agent in one location who needs information from another area can easily transmit a request, called a “lead,” to the appropriate field office where it will be followed up by a local agent. This practice is remarkable in that it allows the organization to function on a continental scale without a tremendous cost in time and money for travel, central management of every case, and yet without sacrificing the personal contact that is essential to the interviewing success of FBI agents. For this to work as effectively as it manifestly does is a testimony to the quality of training and the uniformity of culture within the FBI. A thoughtful application of technology can serve to support and enrich this practice, but the FBI is urged to take care not to endanger the core culture that makes this practice work as effectively as it does.

Recognizing the need for improved support if invstigative processesse points, the FBI has embarked on a major IT modernization program, whose main focus today is the Trilogy program. Trilogy has two major objectives with corresponding project phases. The first is the installation of an end-user oriented infrastructure, consisting of a secure wide-area network and related local area networks, together with modern workstations, printers, scanners and base commercial software applications such as browsers. This infrastructure is intended to provide an enhanced platform for modern applications. The second element of Trilogy is an application which is oriented towards the traditional law enforcement mission of the FBI, a "Virtual Case File" (VCF) that provides user-friendly, Web browser capability to allow agents to electronically manage case-related information critical for law enforcement. Since the needs for, and capabilities of, IT continually increase, it must also be recognized that the delivery of Trilogy is but an initial phase of an operation that will continue as long as the Bureau is active.

(I thought there were more applications than just VCF in the second element of Trilogy? Weren’t some ‘business support’ systems also included? The key question from some readers’ point-of-view will be: Exactly what is Congress funding with the ever-increasing “Trilogy” budget? If the only application is VCF, so be it. RJB)

At this writing (February 2004), neither of the two initialse phases is fully complete, though significant progress has been made on both. In addition to these two major phases, a general requirement to support CCI activities has also been placed on Trilogy, although specifications for that novel task have not been developed. At the same time the FBI has embarked on the development and implementation of appropriate systems to support the intelligence functions, which are key to the counter-terrorism mission. Central to this thrust is the creation of a core ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download