Follow-up Review of the Critical Incident Response Plans of the United States Attorneys’ Offices

Evaluation and Inspections Report I-2007-001
January 2007
Office of the Inspector General


In May 1996, the Attorney General directed the Department to implement a Crisis Management Coordinator (CMC) Program to improve the USAOs’ preparedness to respond “quickly and appropriately” to critical incidents. At the heart of the CMC Program implementation was the requirement that each of the 93 USAOs develop a critical incident response plan (CIRP). The Attorney General directed that the Counterterrorism Section (CTS)28 and the Executive Office for United States Attorneys (EOUSA) administer and support the CMC Program.

In 2003, the Office of the Inspector General (OIG) reviewed the CMC Program.29 That review found, among other things, that the USAOs’ CIRPs were inadequate in scope and content and that the USAOs generally had not followed the standard crisis preparedness practice of conducting regular critical incident response exercises. The OIG conducted this follow-up review to examine the USAO’s progress since our 2003 report to prepare to respond to critical incidents.


Critical Incidents

Critical incidents include acts of terrorism, hostage situations, and natural disasters. Typically, these events involve one or more of the following factors (although the presence of one factor by itself does not automatically mean that an incident is critical):

  • Involves threats or acts of violence against government or social institutions.

  • Involves significant loss of life, significant injuries, or significant damage to property.

  • Demands use of substantial resources.

  • Attracts close public scrutiny through the media.

  • Requires coordination among federal law enforcement agencies (more so than usual), state or local law enforcement agencies, local or state prosecutors, emergency relief services, or emergency response services.

  • Requires ongoing communication with upper-level personnel at the Department.

Source: OIG review of USAOs’ critical incident response plans.

Responding quickly and appropriately when critical incidents occur is an essential part of the Department’s mission, as well as an integral part of the Department’s strategy for protecting the nation from terrorism. Problems encountered during prior critical incidents – such as the Branch Davidian standoff near Waco, Texas, the bombing of the Murrah Federal Building in Oklahoma City, and natural disasters like Hurricane Andrew – resulted in significant congressional and public scrutiny of the Department’s actions. After-action reports on these and other critical incidents identified serious mistakes by the Department in areas such as communication and coordination between negotiating and tactical elements, personnel availability, crime scene management and evidence collection, and use of deadly force.

Since 1998, at least 11 department and 5 other federal and legislative initiatives have focused on correcting past deficiencies and improving the ability of the Department (and other federal agencies) to respond to critical incidents (Table 1, page 4). Between 1988 and 1996, six initiatives established requirements for periodic exercises of emergency operating plans30 and assigned EOUSA responsibility for overseeing the emergency preparedness of the USAOs,31 including developing critical incident response training.32

Federal actions taken between 2001 and 2006 reinforce the fact that being prepared to respond to critical incidents is one of the Department’s primary objectives. For example, the Department’s Anti‑Terrorism Plan (2001) and the National Strategy for Homeland Security (2002), two initiatives implemented to update the Department’s strategic objectives in the aftermath of the September 2001 terrorist attacks, both identify responding effectively to critical incidents as one of the Department’s three major strategic objectives.

The Department further reinforced the importance of the CMC Program and CIRPs in its fiscal year (FY) 2003-2008 Strategic Plan, which stated that “the Department will continue to foster the promulgation and dissemination of cooperative domestic preparedness initiatives in support of state and local emergency responders.”33

Table 1: Selected Critical Incidents and Federal Actions, 1988-2003

Dec 1988

— DOJ Crisis Management Plan


Oct 1989

— DOJ National Security Emergency Preparedness Program

Ruby Ridge incident —

Aug 1992


Hurricane Andrew —

Aug 1992


World Trade Center bombing —

Feb 1993


Branch Davidian standoff —



Apr 1994

— FBI Critical Incident Response Group (CIRG) formed

Oklahoma City bombing —

April 1995


Jun 1995

— PDD 39, “ U.S. Policy on Counterterrorism”


Jan 1996

— Attorney General’s Critical Incident Response Group formed

Freemen standoff —



May 1996

— USAO Crisis Management Coordinator Program formed


May 1998

— PDD-62, “Protection Against – Unconventional Threats
    to the Homeland and Americans Overseas,” issued

World Trade Center and Pentagon attacks —

Sep 2001


Sep 2001

— DOJ Anti-Terrorism Plan issued


Oct 2001

— Deputy AG issues “Guidance for Anti-Terrorism Task Forces”


Oct 2001

— USA Patriot Act passed by Congress

Anthrax attacks: New York, Washington, D.C., and Florida —

Oct 2001


Oct 2001

— Interagency Domestic Terrorism Concept of Operations
    Plan issued


Nov 2001

— Anti-Terrorism Task Forces established in USAOs


Nov 2001

— “Blueprint for Change, A Plan to Reshape the Department and
    Its Components to Focus on Anti-Terrorism” issued


Jul 2002

— National Strategy for Homeland Security issued

Washington, D.C., area sniper shootings —

Oct 2002


Nov 2002

— Criminal Division reorganized


Feb 2003

— Homeland Security Presidential Directive issued

Hurricane Ivan —

Sep 2004


Serial shooter, Arizona —

May 2005-
Aug 2006


Baseline Killer (rapist) —

Aug 2005-


Hurricane Katrina —

Sep 2005


Hurricane Rita —

Sep 2005


Source: OIG review of department and other documents.

The CMC Program’s purpose is to improve crisis response.

Since its inception in 1996, the CMC Program has been designed to improve the USAOs’ ability to accomplish their statutory responsibilities while responding quickly and appropriately to critical incidents.34 Specifically, implementing better planning and preparation for responding to critical incidents is intended to improve the USAOs’ performance in providing legal services and following procedures during crises; enhance the USAOs’ coordination with law enforcement and emergency response agencies; ensure the identification and organization of resources needed to respond to a critical incident; and improve the USAOs’ anticipation of likely crisis situations.35

At the direction of the Attorney General, each USAO was to improve its ability to perform during a critical incident by developing CIRPs. These CIRPs were to clarify Department-wide notification procedures, district office resources, headquarters response, and the command and control process during a critical incident. In addition, the Attorney General directed that EOUSA and the CTS administer and provide support to the CMC Program.

The USAOs, CTS, and EOUSA have responsibilities in administering the CMC Program.

Figure 1 shows the offices and divisions involved in the CMC Program. Each component has specific responsibilities, which are described in the following sections.

Figure 1: CMC Program Offices and Divisions

Organization Chart Attorney General Deputy Attorney General connector connector connector Executive Office for the United States Attorneys United States Attorneys Criminal Division connector connector Crisis Management Coordinators Counterterrorism Section National Crisis Management Coordinator Office of Legal Education Evaluation and Review Staff Security Program Staff
Source: Organization charts for the Department of Justice, EOUSA, and Criminal Division.

U.S. Attorneys. According to the 1996 decision memorandum, in the event of a critical incident the U.S. Attorney is the on-scene legal decision maker and is responsible for managing the Department’s response by, among other things:

To coordinate and plan each USAO’s response to a critical incident, the Attorney General directed each U.S. Attorney to select a senior Assistant U.S. Attorney (AUSA) to be the CMC and directed that at least one AUSA at each USAO receive crisis response training. The CMC for each USAO was directed to submit a CIRP to EOUSA describing how the USAO would manage its responsibilities during a critical incident. The CMCs were also directed to coordinate the development and implementation of their CIRPs with appropriate federal, state, and local law enforcement and emergency response agencies, and participate in crisis response exercises with those agencies. The CMCs also were responsible for identifying the resources their USAOs required to respond quickly and appropriately to a critical incident.

The CTS and EOUSA. When the CMC Program was implemented in 1996, the Attorney General assigned the CTS to review the CIRPs the USAOs submitted for content and quality and to provide feedback to each district. EOUSA was assigned to monitor timely CIRP submission and CIRP updates. To support the CMC Program, the Attorney General directed the CTS, in conjunction with EOUSA, to develop and ensure training for the CMCs. The Attorney General stressed “training and advanced planning are imperative” given the intense time constraints and public attention during a critical incident. Specifically, the CTS was to provide CMCs training in:

The direction for the CTS and EOUSA to develop training was reiterated on October 21, 1999,36 and in the Department’s FY 2002 Performance Report:

In the area of preparation for and response to acts of terrorism, the Terrorism and Violent Crime Section [now CTS] is responsible for administering the Department’s Attorney Critical Incident Response Group and its Crisis Management Coordinators program, which involves the development of a crisis response plan for each federal judicial district and the training of specially selected federal prosecutors from the U.S. Attorneys’ offices and the DOJ litigating divisions in crisis preparation and response techniques.37

Previous OIG report on USAOs’ CIRPs made 10 recommendations.

In 2003, the OIG issued a report that reviewed the CMC Program to determine whether the USAOs improved their ability to respond quickly and appropriately to critical incidents by developing CIRPs, training staff to carry out the CIRPs, and exercising their CIRPs.38 In December 2003, the OIG reported that most USAOs had not effectively implemented the CMC Program as required by the Attorney General. That review found that the USAOs’ CIRPs were inadequate in scope and content to ensure a quick and appropriate response to a terrorist attack or other critical incident. Also, the USAOs generally did not follow the standard crisis preparedness practice of conducting regular critical incident response exercises.

The OIG review also found that the CTS and EOUSA did not adequately administer and support the program. The CTS and EOUSA provided only minimal guidance to the CMCs and did not update the guidance as changes in Department and national policy occurred. Further, the CMCs received only limited training, consisting primarily of two national conferences held in 1997 and 1999. The CTS provided no further training from 1999 until March 2003, when it sponsored a 2‑hour videoconference. The CTS and EOUSA also failed to track, file, and thoroughly review the CIRPs the USAOs submitted.

Our December 2003 report contained 10 recommendations aimed at improving the preparedness of the USAOs to respond to critical incidents.

We recommended that the Deputy Attorney General:

  1. Ensure that performance measures are developed to assess the readiness of USAOs to respond to critical incidents.

We recommended that all U.S. Attorneys:

  1. Revise the CIRPs to address the action items identified by the CTS, and regularly update the plans to reflect changes in law, departmental policy, or local procedures.

  2. Conduct and participate in periodic exercises to test the CIRPs and practice responding to critical incidents.

  3. Establish workload-reporting procedures that capture the time dedicated to critical incident response planning duties.

We recommended that the Assistant Attorney General, Criminal Division:

  1. Provide updated training and guidance to the USAOs on how to prepare effective and comprehensive CIRPs. The guidance should reflect changes in legislation, policy, and critical incident response practice that have taken place since September 11, 2001.

  2. Review all USAOs’ CIRPs, including revisions, to ensure that the CIRPs cover all critical areas; provide individualized feedback to USAOs; and periodically report to the Deputy Attorney General on the status of the USAOs’ CIRPs.

  3. Provide the USAOs with training and guidance on how to develop and conduct appropriate critical incident response exercises, either independently or in conjunction with the FBI or other offices.

  4. In conjunction with EOUSA, complete the development of a web site containing information on critical incident response, including lessons learned, exercise scenarios, and best practices.

We recommended that the Director, EOUSA:

  1. Establish a system for accurately tracking and reporting the status of USAO submissions and updates to CIRPs.

  2. With advice from the CTS, revise the operations review process to include a full evaluation of the preparedness of USAOs to respond to critical incidents.

In this report, we discuss the USAOs’, EOUSA’s, and the CTS’s progress since our 2003 report in improving preparedness to respond to critical incidents. On pages 13 through 19, we describe the positive steps taken to prepare USAOs to respond to critical incidents. On pages 20 through 31, we describe areas where improvements by these organizations are still needed.

Purpose, Scope, and Methodology

The OIG conducted this follow-up review to examine the USAOs’ efforts to prepare to respond to critical incidents. Specifically, we reviewed whether (1) each USAO had a revised and approved CIRP; (2) each USAO had completed the required annual CIRP exercise and accompanying after-action report; (3) EOUSA and the CTS had provided direction and guidance that assisted USAOs in their efforts to respond to critical incidents, and (4) any other factors may impede the USAOs’ ability to prepare to respond to critical incidents.

The scope of this review examined the USAOs’, EOUSA’s, and the CTS’s efforts taken since our December 2003 report to prepare to respond to critical incidents. In particular, we concentrated on the USAOs’ planning and preparation for responding to critical incidents and the actions taken by EOUSA and the CTS to assist the USAOs in those efforts. The fieldwork for this review was completed from May 2006 to November 2006.

The methodology used in this review consisted of interviews as well as document review and analysis. We also w e conducted an e-mail survey of the 93 USAOs and used follow-up correspondence and telephone calls to clarify survey responses by, and obtain additional information from, CMCs.

Interviews. To examine the activities of EOUSA, the CTS, and the USAOs in critical incident preparedness, we interviewed officials from each of the three entities.

Interviews with EOUSA personnel. From EOUSA we interviewed the Director, Acting Deputy Director (former Chief Financial Officer), Chief Operations Officer (and Acting Chief Information Officer), Director of Evaluation and Review Staff, the Assistant Director for Security Programs, and EOUSA Legislative Counsel (who was also the EOUSA Liaison for this review).

Interviews with the CTS personnel. From the CTS, we interviewed the Acting Director, Deputy Chief, National Antiterrorism Advisory Council Coordinator, and National Crisis Management Coordinator.

Interviews with USAO personnel. We interviewed current CMCs about critical incidents that occurred in their districts. We discussed these events with the following USAOs:

Document review. To determine whether all USAOs had revised and approved CIRPs on file, had completed the required annual exercises, and submitted exercise (or critical event) after-action reports, we reviewed and analyzed all available CIRPs and after-action reports provided by the 93 CMCs. In particular we focused on whether:

Survey. To address all of our review objectives, w e devised a 60‑question survey of CMCs using a software package capable of distributing the survey via e-mail to all 93 CMCs. (See Appendix II for the questionnaire.) This survey was designed to elicit information on the following areas:

Survey follow-up. To verify and clarify survey responses from the CMCs, we contacted 85 CMCs and conducted follow-up interviews via e-mail and telephone calls. Through these interviews, we also obtained updates on 2006 CIRP exercises scheduled to take place or conducted following the survey completion date.

  1. In 1996, the units that would become the CTS were part of the Department’s Terrorism and Violent Crime Section. The CTS was formed in a December 1, 2002 reorganization and placed within the Criminal Division. On September 28, 2006, the Department announced that the CTS would become part of the National Security Division established under the USA Patriot Improvement and Reauthorization Act of 2005 (Pub. L. No. 109-177 (2006)).

  2. See the OIG report entitled Review of the Critical Incident Response Plans of the United States Attorneys’ Offices, I-2004-001, December 2003,

  3. DOJ Order 1900.6A, Department of Justice Crisis Management Plan, 1988.

  4. DOJ Order 1900.5A, National Security Emergency Preparedness Program, 1989.

  5. Memorandum from Merrick Garland, Principal Associate Attorney General, to the Attorney General, “Attorney Critical Incident Response Group,” January 11, 1996.

  6. Department of Justice, Fiscal Years 2003-2008 Strategic Plan, p. 2.13.

  7. Each of 93 United States Attorneys (U.S. Attorneys) is the chief federal law enforcement officer within his or her particular jurisdiction and serves as the principal litigator under the direction of the Attorney General.

  8. Attorney General’s speech to CMCs at the first national training conference, June 17, 1997, p. 7.

  9. Memorandum for the Attorney General from the Deputy Attorney General, “U.S. Attorney’s Offices’ Preparedness to Address Critical Incidents,” October 21, 1999, p. 4.

  10. Department of Justice, FY 2002 Performance Report/FY 2003 Revised Final Performance Plan/FY 2004 Performance Plan, Strategic Objective & Annual Goal 1.2-1.3: Investigate and Prosecute Terrorist Acts, p. 3.

  11. See the OIG report entitled Review of the Critical Incident Response Plans of the United States Attorneys’ Offices, I-2004-001, December 2003,

« Previous Table of Contents Next »