Report criticizes CIA recordkeeping

Flawed recordkeeping practices at the CIA have increased the risk of losing

critical data, including documents about agency activities and policies

and information of historical value, according to a report by the National

Archives and Records Administration.

The report, "Records Management in the Central Intelligence Agency: A NARA

Evaluation," found "serious shortcomings" in the CIA's overall recordkeeping

practices and singled out the agency's handling of electronic records. The

failure of the CIA to inventory and schedule key electronic records for

transfer to NARA poses "a serious risk that information of great value will

not be preserved," the report stated.

The CIA established an Electronic Records Management Program Office in 1995

after a congressional request for information sent officials scrambling

to locate data stored on a wide array of systems, local servers and paper

files. The overall success of the office has been "mixed," according to

the report.

Although the agency has "strongly embraced" electronic recordkeeping, it

has lagged far behind in scheduling data contained in automated systems,

the report found. The agency maintains thousands of systems but has submitted

schedules covering only about 60 of them, nearly all of which pertain to

routine administrative functions. None of the major systems that contain

key records, such as the President's Daily Brief, major intelligence publications

and files pertaining to covert operations, has been scheduled.

"Many in the CIA believe that electronically maintained information is not

a record, or if it is a record, it is almost invariably disposable," the

report stated. "They also believe that when the retention of electronic

data is required, it can and should be preserved in a hard copy format."

By 2002, CIA officials plan to deploy a centralized electronic repository

to streamline record creation, maintenance and retrieval. The Pro-active

Electronic Records Management (PERM) system will collect and display information

from official agency documents from the time of their creation. It also

will provide automated alerts when documents become eligible for declassification


The first phase of PERM has focused on e-mail. However, the system is not

yet capable of determining whether individual e-mail messages have official

record status. Likewise, PERM's success in simplifying electronic record

maintenance will depend on the "extent that it incorporates other databases

and office automation applications," according to the report. The agency

has developed plans to integrate other systems with PERM, but the plans

do not include a migration strategy that complies with NARA regulations.

Steven Aftergood, an intelligence analyst with the Federation of American

Scientists' Project on Government Secrecy, said that whenever a "mild-mannered"

agency such as NARA issues a report like this, it is worth noting. "CIA

is probably not doing a worse job of records management than other agencies,

but it ought to be doing considerably better," Aftergood said. "After all,

the task of information management is essential to intelligence production.

If the agency can't get this right, it is wasting its time — and our money."


Archives reconsidering records policies, formats [, March 23, 2000]

Keep up with all the news with the Records Management microsite

BY Dan Verton
Apr. 5, 2000

More Related Links


  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected