Compliance with Standards Governing Combined DNA Index System Activities at the Virginia Northern Regional Forensic Laboratory, Fairfax, Virginia
Audit Report GR-30-06-003
Office of the Inspector General
The Federal Bureau of Investigation’s (FBI) Combined DNA Index System (CODIS) integrates DNA profiles gathered at the state and local levels into a national DNA database.1 Began as a pilot project in 1990, CODIS allows law enforcement officials at the national, state, and local level to search and compare DNA profiles, helping to solve cases and provide leads. The DNA Identification Act of 1994 (Act) formalized the FBI’s authority to establish a national DNA index for law enforcement purposes.2 The Act authorized the FBI to establish an index of DNA identification records of persons convicted of crimes and analyses of DNA samples recovered from crime scenes. The Act further specified that the indices include only DNA information that is based on analyses performed in accordance with quality assurance standards issued by the FBI.
The FBI implemented CODIS as a distributed database with three hierarchical levels that enables federal, state, and local crime laboratories to compare DNA profiles electronically. The National DNA Index System (NDIS) is the highest level in the CODIS hierarchy and enables the laboratories participating in the CODIS Program to compare DNA profiles on a national level. NDIS became operational in 1998 and is managed by the FBI as the nation’s DNA database containing DNA profiles uploaded by participating states. DNA profiles originate at the local level, flow upward to the state and national levels, and are compared to determine if a convicted offender can be linked to a crime, or if crimes can be linked to each other. Thus, a laboratory’s profiles have to be uploaded to NDIS before the profiles benefit the system as a whole.
The FBI provides CODIS software free of charge to any state or local law enforcement laboratory performing DNA analysis. Before a laboratory is allowed to participate at the national level, a Memorandum of Understanding (MOU) must be signed between the FBI and the applicable state laboratory. The MOU defines the responsibilities of each party, includes a sublicense for the use of the CODIS software, and delineates the standards laboratories must meet in order to utilize NDIS.
The objective of the audit was to determine if the Laboratory was in compliance with standards governing CODIS activities. Specifically, we performed testing to determine if the: (1) Laboratory was in compliance with NDIS participation requirements; (2) Laboratory was in compliance with the quality assurance standards issued by the FBI; and (3) Laboratory’s DNA profiles in CODIS databases were complete, accurate, and allowable.
We determined that the Laboratory was in compliance with the standards governing CODIS activities, as follows: