Justice IG recommends threat-tracking system improvements

A new audit by the Justice Department’s inspector general says that although the FBI’s electronic terrorist threat and suspicious activity tracking system represents a significant step forward in how the bureau handles threat information, improvements are needed in several key areas.

The IG said the electronic workflow processes allowed by the Guardian tracking system has enhanced the FBI’s capabilities to track and share information about terrorist threats, but the bureau needs to better ensure the accuracy, timeliness and completeness of the data entered into the system. The FBI needs to improve its oversight of Guardian and implement performance measures to determine FBI’s effectiveness in resolving threats and incidents, the IG said in a report released Nov. 7.

In a statement released that day, FBI Assistant Director John Miller said the bureau agreed with the IG’s recommendations and it has put in place measures to resolve all of the identified issues.

Between July 2004 and November 2007, the FBI documented approximately 108,000 potential terrorism-related threats, reports of suspicious activity or watchlist encounters in Guardian. Although the “overwhelming majority” were found to have no link to terrorism, the FBI initiated 600 criminal and terrorism-related investigations from October 2006 to December 2007 that resulted from those entries, the IG said.

The number of terrorist threats and suspicious incidents entered into the system has increased annually and the FBI has the policy of investigating every credible threat it receives. However, the IG found the bureau hadn't taken adequate steps to prepare for the increases.

The IG said although FBI supervisors are responsible for reviewing and closing each incident in Guardian, the supervisors did not always perform that review before the incident was closed. The IG also found that although the necessary summary information for a threat was entered into the system, users did not consistently include additional information in Guardian’s supplementary tabs, making some searches or trend analyses of Guardian’s data less accurate.

In addition, the auditors found that users had entered information into FBI’s Automated Case Support system used to track FBI investigations, but had not entered the corresponding data into Guardian, as generally required. The audit also found eGuardian, the FBI’s threat tracking system for sharing sensitive but unclassified threat information with state and local authorities, has been delayed in its deployment.

The IG’s report recommended that the bureau:

•Ensure that entries are closed or forwarded in a timely manner.

•Make sure all threat information coming from ongoing counterterrorism investigations is added to the Guardian system.

• Develop performance measurements to determine the FBI’s success in resolving terrorist threats and suspicious incidents and ensure the measurements are followed.

•Ensure threat incidents entered into Guardian are reviewed by supervisors.

•Develop a schedule for technical patches to Guardian.

•Incorporate threat- and incident-performance measurements into existing plans for resource allocation.

• Determine the value added by entering supplementary information, provide issue-related guidance on supplementary tabs and ensure the guidance is followed.

About the Author

Ben Bain is a reporter for Federal Computer Week.

Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected