The Audit Division, Office of the Inspector General has completed an audit of compliance with standards governing Combined DNA Index System (CODIS) activities at the Maine State Police Crime Laboratory (Laboratory). The Federal Bureau of Investigation’s (FBI) CODIS program blends forensic science and computer technology to provide an investigative tool to federal, state, and local crime laboratories in the United States, as well as those from selected international law enforcement agencies. The CODIS program allows laboratories to compare and match DNA profiles electronically to assist law enforcement in solving crimes and identifying missing or unidentified persons.1 The FBI’s CODIS Unit manages CODIS and is responsible for developing, providing, and supporting the program to foster the exchange and comparison of forensic DNA evidence.
The FBI implemented CODIS as a distributed database with hierarchical levels that enable federal, state, and local crime laboratories to compare DNA profiles electronically. The hierarchy consists of three distinct levels that flow upward from the local level to the state level and then, if allowable, the national level. NDIS, the highest level in the hierarchy, is managed by the FBI as the nation’s DNA database containing DNA profiles uploaded by law enforcement agencies across the United States. NDIS enables the laboratories participating in the CODIS program to electronically compare DNA profiles on a national level. The State DNA Index System (SDIS) is used at the state level to serve as a state’s DNA database containing DNA profiles from local laboratories and state offenders. The Local DNA Index System (LDIS) is used by local laboratories.
The objectives of our audit were to determine if the: (1) Laboratory was in compliance with NDIS participation requirements; (2) Laboratory was in compliance with Quality Assurance Standards (QAS) issued by the FBI; and (3) Laboratory’s forensic DNA profiles in CODIS databases were complete, accurate, and allowable for inclusion in NDIS.
We determined that the Laboratory was generally in compliance with those standards governing CODIS activities that we reviewed. However, we noted some exceptions during our review. Specifically, we noted the following.
- We tested 8 of a total 52 NDIS matches and found that in 2 of the 8 cases, the candidate matches were not confirmed in a timely manner. In addition, the Laboratory received an external evaluation in March 2008 and the evaluation resulted in four findings. We found that although Laboratory officials forwarded the evaluation report to the NDIS Custodian within the 30-day timeframe, the Laboratory did not forward its response to the evaluation report’s findings, nor did it include any corrective action plans and documents. The Laboratory complied with the other areas of the NDIS procedures that we reviewed.
- We found that the Laboratory complied with all of the quality assurance standards we reviewed.
- We tested 100 of the Laboratory’s 1,766 total forensic profiles, as of June 17, 2008, and we found 82 profiles were complete, accurate, and allowable. We took issue with 18 of the Laboratory’s profiles because the profiles were not properly supported with casework documentation, were unallowable, or were incomplete. Laboratory officials took action during our audit to retain 5 of the 18 profiles in NDIS, including the addition of casework to the profiles and uploading missing loci for one profile. Of the 13 unallowable or incomplete profiles remaining, 2 matched persons other than the perpetrator, 3 could not be potentially attributed to a putative perpetrator, and the Laboratory could not provide adequate casework documentation to support the inclusion of 8 profiles in NDIS.2
We made three recommendations to address the Laboratory’s compliance with standards governing CODIS activities, which are discussed in detail in the Findings and Recommendations section of the report. Our audit scope and methodology are detailed in Appendix I of the report and the audit criteria are detailed in Appendix II.
We discussed the results of our audit with Laboratory officials and have included their comments in the report as applicable. As a result of our audit, Laboratory officials removed 13 profiles from NDIS, uploaded the missing loci of 1 incomplete profile, and obtained additional casework documentation to justify the inclusion of 5 profiles in NDIS.3
In addition, we requested a written response to a draft of our audit report from the Laboratory and the FBI. In its response, Appendix IV of this report, the Laboratory agreed with our findings and recommendations. In its response, Appendix V of this report, the FBI stated that it was in contact with the laboratory to address our recommendations, and as a result our recommendations are resolved. Our analysis of the responses, and the actions necessary to close the report are contained in Appendix VI of this report.
- DNA, or deoxyribonucleic acid, is genetic material found in almost all living cells that contains encoded information necessary for building and maintaining life. Approximately 99.9-percent of human DNA is the same for all people. The differences found in the remaining 0.1-percent allow scientists to develop a unique set of DNA identification characteristics (a DNA profile) for an individual by analyzing a specimen containing DNA.
- One of the unallowable profiles we identified was also incomplete.
- One of the 5 profiles where documentation was added, also was the profile with the missing loci.