Review of the Critical Incident Response Plans of the United States Attorneys’ Offices
Report Number I-2004-001
OFFICE OF THE INSPECTOR GENERAL'S ANALYSIS OF
THE CRIMINAL DIVISION'S
AND THE EXECUTIVE OFFICE FOR UNITED STATES ATTORNEYS' RESPONSE
The Office of the Inspector General (OIG) sent copies of the draft report to the Executive Office for United States Attorneys (EOUSA) and the Criminal Division (CRM) with a request for written comments. The Director of EOUSA and the Assistant Attorney General for the Criminal Division responded to us in a joint memorandum dated November 10, 2003. Although EOUSA and CRM expressed concerns about several of the report's conclusions, they concurred with nine of the recommendations and partially concurred with the tenth. Our analysis of their response follows.
Response from CRM and EOUSA
CRM and EOUSA agree that they could have focused more attention on certain aspects of the crisis response program. However, they believe that the report should more clearly reflect that the Department of Justice (Department) is better prepared today to respond to critical incidents than it has been in the past. CRM and EOUSA suggest that much of the OIG's report focuses on historical flaws in their process for developing and assessing critical incident response plans (Plans), and that readers of the report may misunderstand the scope and nature of their past and current response preparation efforts. The CRM and EOUSA response provides detailed comments regarding three points that they believe deserve greater recognition. We examine each of these points in turn.
CRM and EOUSA state that the draft OIG report "does not place the existence and use of the Critical Response Plans in the appropriate context." They suggest that the quality of a United States Attorney's Office (USAO) Plan is only one part of "answering the broader question of whether USAOs are prepared to respond to critical incidents." CRM and EOUSA state that some of the recommended actions on the 48-item checklist "are so second nature to the experienced prosecutors drafting and/or implementing these plans that there would be no need to specifically list them." Consequently, they argue that examining whether a USAO has included items on the checklist in its Plan is not a proper standard for judging the USAO's preparedness to respond to a crisis. In addition, CRM and EOUSA state that some of the actions on the checklist are "primarily under the domain of the FBI [Federal Bureau of Investigation] or another law enforcement entity" with the USAOs in a supporting role and, therefore, those actions would not need to be addressed in the USAOs' Plans.
OIG Analysis. We agree that the Plans are only one part of the USAOs' critical incident response preparations. Therefore, in this review we examined other Crisis Management Coordinator (CMC) Program activities such as the training provided to USAOs' CMCs, the crisis response exercises conducted by USAOs, and the Counterterrorism Section's (CTS's) and EOUSA's support and administration of the CMC Program. We found significant deficiencies not only in the Plans, but also in those other activities. Consequently, our conclusion that USAOs have not prepared adequately is based on a more comprehensive review of critical incident response deficiencies than acknowledged by CTS and EOUSA.
We do not agree with CRM and EOUSA's contention that "some of the recommended actions in the 48-item checklist…are so second nature to experienced prosecutors" that they need not be included in the crisis response Plans. As demonstrated during numerous past critical incidents, even experienced personnel may forget obvious actions that are usually "second nature." Further, our interviews with 26 CMCs, all of whom are highly experienced prosecutors, confirmed that the 48 items on the checklist should be addressed in the Plans and are appropriate actions to take in responding to a critical incident.52
Moreover, while some of the 48 items on the checklist clearly are more important than others, our review found that most of the Plans omitted more than a few actions that might be considered "second-nature." Sixty-four of the 76 Plans (84 percent) addressed less than half of the 48 items and many of the missing items represented significant actions in a crisis situation. For example, 54 Plans failed to address crime scene protocols and preservation, which were identified as problems in the Oklahoma City Bombing after-action report. Including all 48 items in the Plans ensures that they will be addressed during training, exercises, and when responding to a critical incident. While we agree that some of the actions may be "second nature" during routine operations, we believe that failing to incorporate all 48 actions in the USAOs' Plans creates a needless risk that some actions will be omitted during a critical incident.
Regarding CRM and EOUSA's contention that some of the actions on the checklist are "primarily under the domain of the FBI or another law enforcement entity," we acknowledge that many entities may be involved in responding to a critical incident. However, the U.S. Attorney is the chief law enforcement officer in each federal judicial district, and the 48 action items were included on the checklist because the USAOs have a significant interest in each activity, even if they are not the lead entity for each item. U.S. Attorneys should prepare and train for any aspect of the government's response that will affect their ability to conduct a successful investigation and prosecution.
Finally, as described in the Department's Performance Plan, one purpose of the USAOs' Plans is to provide a "cross-walk" with the Plans of the FBI and other law enforcement entities. In accord with that purpose, addressing all 48 actions in the USAOs' Plans is essential for ensuring that the Department's response to a critical incident is coordinated and effective, regardless of jurisdictional authorities.
CRM and EOUSA state, "The draft report does not clearly acknowledge the extensive and comprehensive joint efforts undertaken during the past two years to enhance the Department's overall ability to respond to critical incidents." Further, they state that "the draft report…does not adequately reflect the substantial changes that were made in CTS, EOUSA, and the USAOs in response to 9/11 to focus attention on critical response to terrorism incidents," such as the revised Strategic Plan and the Anti-Terrorism Advisory Council (ATAC).53 Finally, CRM and EOUSA state that the report "faults CTS and EOUSA for failing to provide appropriate training and guidance as to changes in law and departmental and national policy (Draft report at iii, 18, 22)," and cite several examples of training that they state "specifically addressed crisis response in terrorism and provided updated legal" training to improve the ability of the USAOs to respond to a crisis.
OIG Analysis. As stated by CRM and EOUSA, after September 11, 2001, the Attorney General directed that the Department refocus its efforts on preventing terrorism. Consequently, CTS, EOUSA, and the USAOs all substantially refocused and undertook several major initiatives to prevent terrorist attacks. Our report acknowledges some of these initiatives, such as the training of 1,600 prosecutors and law enforcement officers, a 4-day anti-terrorism teleconference to 25,000 viewers, an anti-terrorism conference attended by U.S. Attorneys in January 2003, and 6 national security conferences attended by prosecutors and FBI supervisors (page 20). However, while CTS and EOUSA have taken significant steps to respond to the threat of terrorism by improving the Department's ability to prevent attacks, which we acknowledge, there is a significant difference between preventing attacks and preparing to handle a crisis if prevention efforts fail. Our review focused on the USAOs' preparations to respond in the event that terrorist attacks - or other critical incidents that do not involve terrorism - occur.
During our review, we examined the training cited by CRM and EOUSA and found that it was not complete or effective because it did not sufficiently address critical incident response (as opposed to preventing terrorist attacks), and few CMC Program staff attended the training. For example, we reviewed the two national ATTF training conferences and the six regional training conferences and found that the training focused on intelligence gathering and information sharing to prevent terrorist attacks, not on preparing to respond after an attack or other critical incident. Only the first ATTF conference included a session on crisis response and it was only a small part of the agenda.
Moreover, our review of the attendee lists from training events related to the ATTF initiative found that few CMCs attended the training. For example, the CTS provided us with the rosters from three training events: National Security Conferences, May-July 2003; Bioterrorism Conference, April 2003; and National Security Conference, September 2003. Based on our most recent list of CMCs, we found that 52 of 94 CMCs attended the May-July National Security Conference, 14 attended the April Bioterrorism Conference, and none attended the September National Security Conference.
Our conclusion that the training provided to CMCs was inadequate was confirmed in our interviews with CMCs, as most (24 of the 26) identified the lack of training as the major hurdle they faced in improving the readiness of their offices to respond to a critical incident. In particular, all ten of the CMCs we interviewed who also hold the ATTF Coordinator position for their USAOs told us that the ATTF training they attended was not a substitute for CMC-specific training.
CRM and EOUSA's statement that the report "faults CTS and EOUSA for failing to provide appropriate training and guidance as to changes in law and departmental and national policy (Draft report at iii, 18, 22)" is incorrect. We reported a lack of training, but, as is made clear on page 19, it was the USAOs' CMCs who reported to us during interviews that they needed additional training on changes in law and departmental policy. Specifically, the report states: "the CMCs stated that the training should be revised to include changes that have occurred since the last CMC Training Conference in 1999. The changes include the post September 11, 2001, reorganization of the Department to focus on counterterrorism; the passage of the USA PATRIOT Act and other terrorism-related legislation" and other changes. We included the CMCs' statements so that CTS and EOUSA could consider addressing the CMCs' self-identified needs when developing future training.
Therefore, while we acknowledged CTS and EOUSA's significant efforts since September 11, 2001, those efforts have been directed predominantly at improving the ability of the Department to prevent terrorist attacks. Although preventing attacks is of primary importance, the Attorney General's Anti-Terrorism Plan also directs the Department to be prepared to respond when terrorist attacks or other critical incidents occur. Despite CTS and EOUSA's efforts, our review of the USAOs' preparations to respond after attacks and other critical incidents found that the Plans were inadequate; that few USAOs conducted exercises to test their Plans; and that CTS and EOUSA did not fulfill their administrative and support responsibilities to provide guidance and conduct crisis response training. These deficiencies existed from the inception of the CMC Program in 1996 and still have not been addressed adequately. Consequently, we maintain that the USAOs have not effectively implemented the CMC Program. However, we acknowledged that CTS and EOUSA have begun to address these deficiencies, as they stated in their Action Plan included with their response to the report.
CRM and EOUSA stated that although they could have "done more to focus attention on certain aspects of the crisis response program, especially between September 11, 2001, and the fall of 2002, [they] have been working together since then to provide the necessary focus and training to improve the crisis response program." They cite various collaborative training efforts and an October 17, 2003, Departmental memorandum to all United States Attorneys to "re-appoint a CMC that will operate under the auspices of the ATAC" as evidence "that crisis response efforts are currently being enhanced to respond to areas for improvement noted in the OIG report."
OIG Analysis. We considered the training and other efforts that CRM and EOUSA cited as evidence that improvements are underway. We reviewed each of the efforts they described, but found that many were not as effective as they could have been for improving the CMC Program (as described in our response in section B), or that the efforts had not yet taken place. For example:
Our report also acknowledged that, since we began our review in December 2002, CTS and EOUSA increased their attention to the CMC Program. Those efforts ultimately could significantly improve the USAOs' crisis response preparations. However, the deficiencies we found in our review of the USAOs' plans and exercises, the training provided to CMCs, and the administration and support provided by CTS and EOUSA show that significant improvements are still needed.
CRM and EOUSA state that the report's final conclusion concerning the Department's overall preparedness "exceeds the scope of an inquiry that was limited to a review of critical incident response plans and does not properly credit all the steps taken by EOUSA, CTS, and the USAOs." They assert that this is particularly significant because the report does not contain a time frame for the inspection, but "includes the finding that the need to prepare for critical incidents has not been met." CRM and EOUSA conclude by stating that they will continue to seek to improve preparedness, but believe "that a complete review of past efforts, current work, and future plans demonstrates that the need to prepare is being properly addressed."
OIG Analysis. The CRM and EOUSA response understates the scope of our review. As described on page i, "We conducted this review to determine whether the USAOs have acted to improve their ability to respond quickly and appropriately to critical incidents by developing comprehensive critical incident response plans, training staff to carry out the Plans, and exercising the Plans." We also considered all of the past, current, and planned efforts cited by CTS and EOUSA as contributing to the USAOs' preparedness to respond to critical incidents. In addition, our survey and interviews with CMCs addressed many aspects of the USAOs' crisis response preparations. We found significant shortcomings in each of these areas, which led us to conclude that "[t]he failure of the USAOs, CTS, and EOUSA to fully implement the CMC Program leaves the Department less prepared to respond effectively when critical incidents occur" (page 32) (emphasis added). In our report, we did not conclude that the Department was "unprepared" to respond to a critical incident. Rather, we concluded that the Department was "less prepared" than it could have been - and should be - to respond to critical incidents.
That conclusion is warranted because we found that significant deficiencies in the majority of USAOs' Plans have remained uncorrected for years, that few USAOs conducted regular crisis response exercises since 1996 (most conducted no exercises), and that the training provided to CMCs was inadequate. Further, notwithstanding current efforts, CTS and EOUSA's support and administration of the CMC Program have not been effective to correct the deficiencies.55 The inadequate and incomplete preparations we documented contradict CRM and EOUSA's opinion "that a complete review of past efforts, current work, and future plans demonstrates that the need to prepare is being properly addressed." The corrective actions that CRM and EOUSA agreed to implement, and have begun to implement in response to our review and its ten recommendations (described below), once completed, will help ensure that USAOs are better prepared to respond to critical incidents.
Regarding CRM and EOUSA's statement that the draft report contained "no statement concerning the timeframe" of the review, our final report includes the beginning and end dates of our review-the review began in December 2002 and ended in October 2003.
Recommendation 1: Resolved - Open
Summary of CRM and EOUSA's Response: CRM and EOUSA agree that performance measures should reflect that USAOs have "meaningful plans and periodically exercise and revise those plans." To that end, EOUSA and CTS will develop performance measures to assess, exercise, and revise crisis response plans by June 30, 2004. However, CRM and EOUSA state, "The establishment of performance measures to evaluate overall readiness is a more complex matter and exceeds the scope of this review."
OIG Analysis. The actions planned by CTS and EOUSA - to jointly develop performance measures to assess critical incident response plans, as well as the USAOs' exercise and revision of those plans - are responsive to our recommendation. Please provide us with a copy of the performance measures by July 9, 2004, as well as CTS and EOUSA's plan to implement and track the performance measures.
The CRM and EOUSA's objection that measuring the overall readiness of USAOs exceeds the scope of the review misconstrues our recommendation. Our recommendation was to establish performance measures "to assess the readiness of USAOs to respond to critical incidents." By establishing performance measures to assess the significant products and activities associated with critical incident response preparedness, which is within the scope of this review, CRM and EOUSA will meet the intent of this recommendation.
Recommendation 2: Resolved - Open
Summary of CRM and EOUSA's Response. CRM and EOUSA state that USAOs are revising their Plans in accordance with the "Guide to Developing a Model Crisis Response Plan" issued in May 2003. CRM and EOUSA further state that they are forming a small working group with participation from the Attorney General's Advisory Committee to review the revised Plans and provide "individualized feedback to all USAOs." Lastly, they state that CTS and EOUSA have scheduled crisis response training at the National Advocacy Center in March 2004, which will include a tabletop exercise to test each USAO's Plan.
OIG Analysis. The actions planned by CTS and EOUSA are responsive to our recommendation. By January 15, 2004, please provide us with the charter or other instructions for the working group and the criteria developed for evaluating the USAOs' Plans. By July 9, 2004, please provide us with a list of USAOs that have submitted revised Plans and received feedback on the revised Plans.
Recommendation 3: Unresolved - Open
Summary of CRM and EOUSA's Response. CRM and EOUSA agree that participation in periodic exercises to test critical incident response plans is advisable, but disagree that each USAO should be required to conduct its own exercises. CRM and EOUSA state that this requirement may be a burden for some offices, particularly smaller offices, and could divert USAOs from other equally important duties. With respect to participating in periodic exercises of the Plans, CRM states that CTS is enhancing its expertise in designing crisis response exercises in order to provide specific guidance to USAOs. Finally, CRM and EOUSA state that the agenda for the March 2004 training at the National Advocacy Center will include crisis response exercises.
OIG Analysis. The CRM and EOUSA response does not address our recommendation that each USAO follow the standard practice of testing its plan for responding in the event of a critical incident.56 While conducting full field exercises may be burdensome for some USAOs, the intent of our recommendation may be met with exercises that are limited in scope (e.g., tabletop exercises) or frequency (e.g., triennial exercises in lieu of annual exercises), or that are conducted in conjunction with another agency (e.g., another USAO or the FBI). We note that CTS and EOUSA intend to include exercises in the agenda for the planned March 2004 training. However, while small segments on conducting exercises were included in the 1997 and 1999 CMC training, over 60 percent (49 of 81) of the USAOs responding to our survey still reported that they had conducted no exercises since 1996. Therefore, by January 15, 2004, please provide us with an appropriate requirement and implementing guidance for USAOs to periodically conduct exercises or to participate in exercises led by other organizations. As CRM and EOUSA agreed in response to Recommendation 1 to develop performance measures to "assess crisis response plans and [the] exercise…of those plans," the exercise requirements should be consistent with the performance measures.
Recommendation 4: Resolved - Open
Summary of CRM and EOUSA's Response. CRM and EOUSA agree with the recommendation that all United States Attorneys establish workload-reporting procedures to capture the time dedicated to critical incident response planning duties, and state that EOUSA is "exploring appropriate means to implement this recommendation."
OIG Analysis. The planned actions are responsive to our recommendation. Please provide us with the new workload-reporting procedure or a status report on its development by March 31, 2004.
Recommendation 5: Resolved - Open
Summary of CRM and EOUSA's Response. CRM and EOUSA agree that CTS should provide updated training and guidance to USAOs on how to prepare effective and comprehensive Plans. In its response, CRM and EOUSA cite ongoing efforts to implement this recommendation, including the May 2003 Guide, EOUSA and Centers for Disease Control co-sponsored training, Department training for prosecutors and investigators on the USA PATRIOT Act, and the "broad array of substantive training" provided by EOUSA to USAOs and Department attorneys. CRM and EOUSA also state that the upcoming March 2004 training at the National Advocacy Center will include "additional guidance on changes in legislation, policy and critical incidence response practice that have taken place since September 11, 2001."
OIG Analysis. The ongoing and planned efforts to improve training and guidance on preparing to respond to critical incidents are responsive to our recommendation. Please provide us with the final agenda for the March 2004 training conference by April 9, 2004.
Recommendation 6: Resolved - Open
Summary of CRM and EOUSA's Response. CRM and EOUSA agree with the recommendation that CRM review all USAOs' Plans, including revisions, to ensure that the Plans cover all critical areas; provide individualized feedback to USAOs; and periodically report to the Deputy Attorney General on the status of the USAOs' Plans. As stated in the response to Recommendation 2, CRM and EOUSA plan to form a small working group with the Attorney General's Advisory Committee to review, evaluate, and provide feedback to each USAO on its Plan. CTS states that it has already drafted proposed criteria for evaluating the Plans using the May 2003 Guide and cites the upcoming March 2004 training at the National Advocacy Center, which will include a tabletop exercise "designed to test the crisis response plans of every USAO and provide feedback to them."
OIG Analysis. The actions planned by CRM and EOUSA are responsive to our recommendation. The supplemental information we requested for Recommendation 2 will suffice to provide the status of actions taken to implement this recommendation.
Recommendation 7: Resolved - Open
Summary of CRM and EOUSA's Response. CRM and EOUSA agree with the recommendation to provide USAOs with training and guidance on how to develop and conduct appropriate critical incident response exercises, and plan to provide the training and guidance at the March 2004 national conference. However, CRM and EOUSA reiterate the objection they raised in response to Recommendation 3, i.e., that they do not agree that each office should be required to conduct its own exercises.
OIG Analysis. The actions planned by CRM and EOUSA are responsive to our recommendation. Please provide us with copies of the training materials and guidance relevant to exercising critical incident response plans by April 9, 2004.
Regarding CRM and EOUSA's reiteration of their objection to requiring each office to conduct its own exercises, in our analysis of the response to Recommendation 3 we request that they establish an appropriate requirement for USAOs to conduct exercises (field, tabletop, or other) or to participate in exercises led by other organizations. CRM and EOUSA agreed in response to Recommendation 1 to develop performance measures to "assess crisis response plans and [the] exercise…of those plans." (emphasis added) At the March 2004 national training conference, the USAOs should be provided guidance on how to develop and conduct exercises and informed how their performance at conducting exercises will be tracked.
Recommendation 8: Resolved - Open
Summary of CRM and EOUSA's Response. CRM and EOUSA agree that they should complete the development of a website containing information on critical incident response. They indicate that the website will contain resources on crisis response issues; best practices; updates on law, policies, and procedures; and other relevant information, as well as links to other existing websites with information on crisis response. The CTS is piloting the website with several USAOs and is working with EOUSA to make it available to all USAOs. The response further indicates that CRM and EOUSA believe that it would be more cost effective to augment an existing website (i.e., the website being piloted by CTS) than to develop an additional one.
OIG Analysis. The actions planned by CRM and EOUSA to develop the described website are responsive to our recommendation. By January 15, 2004, please provide us with access to the website and a copy of the website development and implementation plans.
Regarding CRM and EOUSA's statement that they intend to augment the current pilot rather than develop a new website, that course of action is consistent with the intent of our recommendation that they "complete the development" of the website now being piloted.
Recommendation 9: Resolved - Open
Summary of CRM and EOUSA's Response. CRM and EOUSA agree with the recommendation that EOUSA establish a system for accurately tracking and reporting the status of USAOs' submissions of and updates to their Plans. CRM and EOUSA state that they have been working closely together to track incoming communications from USAOs and ensure that they both maintain consistent records. CRM and EOUSA anticipate that "a similar mechanism can be utilized to track submissions of updated crisis response plans." In an Action Plan for Crisis Management Response Planning provided with their response, CRM and EOUSA indicate that the target completion date for the shared tracking system is November 1, 2004.
OIG Analysis. The actions planned by CRM and EOUSA to develop a system that will track the Plan submissions and other incoming communications from USAOs and ensure that CTS and EOUSA maintain consistent records are responsive to our recommendation. By March 31, 2004, please provide us with a status report on the development of the tracking system that CRM and EOUSA will use to monitor USAO Plan submissions and other communications.
Recommendation 10: Resolved - Open
Summary of CRM and EOUSA's Response. CRM and EOUSA agree with the recommendation "to the extent that it requests that we ensure that EARS evaluations of USAOs include a requirement for USAOs to have a current, updated crisis response plan and to periodically test these plans."
OIG Analysis. The actions planned by CRM and EOUSA - to revise the Evaluation and Review Staff (EARS) evaluations to include steps to ensure that USAOs have current, updated crisis response plans and that the USAOs are periodically testing those plans - are responsive to our recommendation. By March 31, 2004, please provide us with the EARS' review guide that includes procedures for evaluating the USAOs' compliance with the requirement to have current, updated Plans and conduct periodic exercises of the Plans.