FBI needs to step back before moving forward, IG says

By Dibya Sarkar

By Dibya Sarkar

|

Although the FBI is working to establish a fingerprint system with DHS, it needs to regroup following a failed effort to modernize a system that manages evidence, DOJ's IG said.

Although the FBI is forging ahead with establishing an interoperable fingerprint system with the Homeland Security Department, the Justice Department needs to regroup following a failed $1.18 million effort to modernize a system that manages evidence, according to a semi-annual report released by Justice's inspector general.The recently released 66-page IG report, which summarizes the office's audits, investigations, inspections and special reviews, provided updates on several information technology initiatives Justice agencies started.In March, after two and a half years, FBI officials terminated a contract with a private company for a commercial laboratory information management system that would have used bar code technology to track evidence and improve reporting capabilities at the FBI Laboratory in Quantico, Va. "After many delays and extensive customization" the system did not meet the agency's security requirements, the IG report states.According to the report, the initiative began before the agency's IT investment management processes were established, making it difficult to identify problems with the contract and adequately document security requirements for certification and accreditation of the software. Among several recommendations, the IG report states that an experienced IT manager must oversee any future project.The laboratory conducts more than 1 million examinations of physical evidence annually, but the current system is limited in tracking evidence and reporting capabilities.However, the joint initiative to make the bureau’s 10-fingerprint Integrated Automated Fingerprint Identification System interoperable with DHS’ two-fingerprint Automated Biometric Identification System is on track, the IG report states. In the first phase of the three-phase project, both agencies will establish a joint automated system to share important immigration and law enforcement data. The other two phases will focus on expanding the shared data and access by various federal, state and local law enforcement agencies to that data. The initiative is scheduled to be complete by December 2009."When the interoperability effort is completed, a single request will search all fingerprint records maintained by the FBI and the DHS, and the requestor will receive all associated criminal history and immigration information about an individual," according to the IG report.The IG report also provided updates with respect to the Federal Information Security Management Act (FISMA).A review found that systems within the FBI; the Bureau of Alcohol, Tobacco, Firearms and Explosive (ATF); the Drug Enforcement Agency (DEA); and the Justice Management Division (JMD) were all certified and accredited, security controls were tested and evaluated in the past year, and contingency plans were in compliance with FISMA. However, the FBI, ATF and DEA did not perform electronic authentication risk assessments, and the FBI and ATF did not fully implement Justice's process for tracking system vulnerabilities and corrective actions, the IG report adds."Moreover, departmentwide system configuration policy was not always implemented as required within the DEA and JMD," the IG report states. "With respect to IT security awareness training, we found that ATF did not fully ensure that all of its employees were trained as required by department policy."The IG's office is also reviewing and evaluating several classified and unclassified systems within several Justice agencies and plans to issue reports this fiscal year.In assessing compliance with the Office of Management and Budget guidelines for securing sensitive data, the IG report states that although Justice is implementing additional security controls to protect personally identifiable information, it is not fully compliant for all automated systems."For example, the department failed to ensure that personally identifiable information is transported and stored off-site only in encrypted form," the report states. "We also found that the department is not requiring users who access the system remotely to provide two independent ways of authenticating identity, as required by the National Institute of Standards and Technology Special Publications 800-53 and 800-53 A."Additionally, Justice has established a task force to develop a comprehensive approach to secure wireless access to personally identifiable data on the internal systems and assess technical solutions for remote access.

Justice Department Inspector General's Semi-Annual Report to Congress

Related Links





























NEXT STORY: More GSA buzz on the holiday party circuit

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.