Return to the USDOJ/OIG Home Page

Federal Bureau of Investigation's Management of Information Technology Investments

Report No. 03-09
December 2002
Office of the Inspector General


APPENDIX VII

 
  U.S. Department of Justice

Federal Bureau of Investigation

  Washington, D.C. 20535-0001

November 8, 2002
 
 
 
Mr. Guy K. Zimmerman
U.S. Department of Justice
Room 4706, 950 Pennsylvania Avenue N. W.
Washington, D.C. 20530

Dear Mr. Zimmerman:

Reference is made to your memorandum dated October 10, 2002, concerning the FBI response to recommendations set forth in the Department of Justice (DOJ), Office of the Inspector General (OIG), draft audit report entitled “Federal Bureau of Investigation’s Management of Information Technology Investments. This memorandum requested the FBI review and provide written comments regarding report recommendations. Specifically, you requested the FBI comment as to its agreement or disagreement with each of the recommendations. You also requested the FBI identify steps taken or planned to achieve corrective action and to include dates of implementation.

Attached is the FBI’s written response which is based on the ITIM process as it exists today. However, with my recent appointment as Chief Information Officer and the hiring of a Chief Financial Officer, an assessment of the current process was initiated to identify areas to streamline and improve efficiencies within the ITIM process and between the ITIM process and other related business processes. The current ITIM process, as audited, may change as a result of this assessment. We anticipate the assessment and implementation of changes to be completed by February 2003.

Please note, the format of the enclosed document identifies the DOJ OIG draft audit report recommendation followed by the response of FBI Executive Management. Additionally, a sensitivity review was conducted per your request and the results are included in the written response.

The recommendation responses set forth in the attached were coordinated through the FBI’s Inspection Division. Please contact me on 202-324-6165 or Lynne Hunt of the Inspection Division on 202-324-2901 should you have any questions.

 
 
  Sincerely yours,

original signed

Darwin A. John
Chief Information Officer

 


 

FBI Response
to
DOJ OIG Draft Audit Report
Federal Bureau of Investigation’s
Management of Information Technology Investments

 

Recommendation Number 1, Page 33: We recommend that the Director of the FBI: Require the ITIM Program Office to plan for and take more timely action to allow board members and other ITIM users to execute assigned responsibilities competently (Prerequisite 1)

Response: The FBI agrees with this recommendation. As a part of the ITIM governance structure established in April 2002, (1) the ITIM Program Office has established regularly scheduled meetings for each of the investment boards. These meetings are part of the ITIM process and have standing agenda’s of items to be discussed. (2) The ITIM Program Office maintains an up-to--date list of items requiring board member action and the status of those items. (3) The ITIM Program Office supports a variety of requests from board members for information relating to their required duties.

The ITIM Program Office’s ability to carry out these tasks on a regular and consistent basis is dependent on adequate permanent staffing of the ITIM Program Office (see Recommendation Number 15)

Recommendation Number 2, Page 33: We recommend that the Director of the FBI: Ensure that all members of the IT investment boards receive sufficient education and training to execute assigned responsibilities effectively. We suggest that for each of the investment boards the FBI: (1) identify the core competencies required of members in using the IT investment approach, and (2) develop appropriate education and training development plans to ensure members acquire the required core competencies (Prerequisite 2)

Response: The FBI agrees with this recommendation and has made significant progress towards implementation. Specifically, in March 2002 the ITIM Program Office provided training for each investment board member on the overall IT Investment Management Framework and detailed training on the SELECT process. The SELECT process training provided critical information to IT investment stakeholders as the Bureau implemented the “SELECT” pilot to support the selection of investments to be included in the FY 2004 Enhancement Request to DOJ.

Additional training for the CONTROL and EVALUATE process is a requirement of the ITIM office as part of their respective pilot phases scheduled later this fiscal year, i.e., second and third quarters of FY 2003 respectively. Also, the Director has ratified the ITIM Program Office developed Program Charters and Roles and Responsibilities documents dated June 2002 that specifically identify the core competencies required for each investment board members, specifically for the Executive Review Board (ERB), Project Oversight Committee (POC), and Technical Review Board (TRB).

Recommendation Number 3, Page 41: We recommend that the Director of the FBI ensures: Official project management guidance is consistently followed by all FBI IT project managers.

Response: The FBI agrees with this recommendation. With the reorganization resulting from the establishment of the expanded Chief Information Officer (CIO) organization and the formalization of the Projects Management Office (PMO) headed by the FBI’s Program Management Executive, that organization will have responsibility for establishing IT program management guidance within the Bureau. Policy, standards, and guidance will be established and mandated for all FBI IT projects. Selected projects, based on cost, size, complexity, risk, and/or importance to mission will be closely monitored by the PMO to ensure adherence to that guidance. The remainder of the projects will be monitored by their appropriate Division Assistant Director. As a part of the ITIM process, all projects will be required to present selected information to the POC and boards at specified decision points as part of the oversight process.

Recommendation Number 4, Page 41: We recommend that the Director of the FBI ensure: Written policies and procedures are developed for management oversight of IT projects for use by the investment review boards (Organizational Commitment 2)

Response: The FBI agrees with this recommendation. High-level written policy and procedure documents have been developed for the SELECT phase of the ITIM program piloted in March 2002 and are currently used by the investment review boards. High-level written policy and procedure documents are currently under development for the CONTROL and EVALUATE phases. As part of the planned continued maturity plans for the next phase, detailed written policy and procedure documents are included in the scope (third quarter FY 2003). Thereafter, as each element of ITIM (CONTROL/SELECT/EVALUATE) is matured, the respective policy and procedure documentation will be updated as part of the maturation process.

Recommendation Number 5, Page 41: We recommend that the Director of the FBI ensure: IT Investment Review Boards are supported by a centralized project management office that operates in accordance with ITIM policies and procedures (Prerequisite 1).

Response: The FBI agrees with this recommendation. A centralized PMO has been established by the Director and under the auspices of the CIO. The CONTROL design currently underway establishes that the centralized PMO will operate in accordance with the ITIM policies and procedures. The CONTROL design and pilot will involve the communication of essential project data between the PMO and ITIM Program Office. In addition, PMO will utilize the existing ITIM governance structure.

Recommendation Number 6, Page 41: We recommend that the Director of the FBI ensures: Each IT project has a project management plan, approved by the Project Oversight Committee, that includes cost and schedule controls (Prerequisite 2).

Response: The FBI agrees with this recommendation. As part of the ITIM process, each project, in accordance with standards established by the PMO, will develop a project management plan to include cost and schedule controls appropriate to its size, complexity, risk, and importance to the Bureau’s mission. Once approved, that project will be tracked against that plan with reporting at the appropriate points in the plan to the review board designated at time of plan approval.

Recommendation Number 7, Page 41: We recommend that the Director of the FBI ensure: Information being developed in the IT asset inventory is made available to, and used by, the boards.

Response: The FBI agrees with this recommendation. As part of the enterprise architecture basic plan a comprehensive inventory of IT assets is being compiled. As part of the next phase of the ITIM framework maturity, the IT inventory will be assessed and analyzed for alignment to the Bureau's mission as well as functional and technical quality. The results will be made available as an investment decision making tool to the IT Governance Boards and other key stakeholders. Planned completion for the first phase of the inventory performance assessment is targeted for the third quarter FY 2003.

Recommendation Number 8, Page 41: We recommend that the Director of the FBI ensure: Execution of the five key practices consisting of the activities necessary for the investment review boards to maintain effective oversight of IT projects during the critical control phase. These five key practices consist of:

Providing each projects up-to-date cost and schedule data to the appropriate IT investment board (Activity 1).

Response: The FBI agrees with this recommendation. As part of the CONTROL design, and as described in the response to Recommendation Number 19, it is at eight key decision points during the development life-cycle of an IT project that the FBI's POC would review scope, cost, and schedule of top-level projects that the FBI is managing. The first pilot of CONTROL is expected to begin in December 2002 and the roll-out of CONTROL is expected to be completed by fourth quarter FY 2003.

Establishing criteria for the boards to review each IT project's performance by comparing actual cost and schedule data to expectations (Activity 2). Response: The FBI agrees with this recommendation. As part of the CONTROL design, the Office of the CIO is developing the required criteria and process for the investment review boards to review each IT project's performance by comparing actual cost and schedule data to expectations. The first pilot of CONTROL is expected to begin in December 2002 and the roll-out of CONTROL is expected to be completed by fourth quarter FY 2003.

Performing special reviews of projects that have not met predetermined performance standards (Activity 3).

Response: The FBI agrees with this recommendation. As part of the CONTROL design, the ITIM Program Office is developing a policy by which the investment review boards will be able to conduct special reviews, as needed, on those projects that have not met pre-determined standards. The PMO will develop the specific process. The process will monitor specific key scope, cost, and schedule performance indicators and an escalation of reporting requirements to serve as early warning of project deviation from expectations (see response to Recommendation Number 19 for additional details). The first pilot of CONTROL is expected to begin in December 2002 and the roll-out of CONTROL is expected to be completed by fourth quarter FY 2003.

Defining, documenting, and agreeing to corrective actions for each under-performing project by the appropriate IT investment board and the project manager (Activity 4).

Response: The FBI agrees with this recommendation. As part of the CONTROL design, the ITIM Program Office is developing the policy for defining, documenting and agreeing to corrective actions for each under-performing project by the appropriate IT investment board. The PMO will specify the procedures for executing the corrective actions. The CONTROL process will identify the specific actions required by the project manager/sponsor and alternatives available to the investment review board members. The first pilot of CONTROL is expected to begin in December 2002 and the roll-out of CONTROL is expected to be completed by fourth quarter FY 2003.

Tracking and implementing corrective actions until the desired outcomes are achieved (Activity 5).

Response: The FBI agrees with this recommendation. As part of the CONTROL design, the ITIM Program Policy mandates the necessary tracking, including the implementation of corrective actions to ensure that desired project outcomes are achieved. The first pilot of CONTROL is expected to begin in December 2002 and the roll-out of CONTROL is expected to be completed by fourth quarter FY 2003.

Recommendation Number 9, Page 46: We recommend that the Director of the FBI ensure: Establish a deadline for completing the creation of the FBI IT inventory and ensure progress toward completion is monitored.

Response: The FBI agrees with this recommendation. The established deadline for completing and validating the FBI IT inventory is the end of the second quarter FY 2003. The performance evaluation of the IT inventory is expected to be completed by third quarter FY 2003. Results of the evaluation will be incorporated into the overall ITIM governance framework. Progress is being monitored through periodic updates to the ITIM Program Office.

Recommendation Number 10, Page 47: Implement processes to ensure: a. Subsequent changes to IT projects and systems are identified and documented in the inventory; b. Information from the inventory is available on demand to decision-makers and other affected parties; and c. The IT project and system inventory and its information records are maintained to contribute to future investment selections and assessments.

Response: The FBI agrees with this recommendation. In addition to implementing the processes (see response to Recommendation Number 7 above) the ITIM framework requires, ongoing maintenance and performance evaluation of the IT inventory. As a fully integrated part of the process, this information will be used to contribute to future IT investment decisions. Periodic updates to the IT inventory is planned for fourth quarter FY 2003.

Recommendation Number 11, Page 52: We recommend that the Director of the FBI ensures: Written policies and procedures are developed for identifying the business needs (and the associated users) of each IT project (Organizational Commitment 1).

Response: The FBI agrees with this recommendation and has made significant progress towards full implementation. As of March 2002 the SELECT Phase had been implemented for all new IT investment requests. As part of the SELECT process, high-level written policy and procedures were developed for identifying the business needs of each IT project. Specifically, the FBI has been using Concept Papers and the required 300 Exhibit to standardize the documentation of the business case.

Recommendation Number 12, Page 52: We recommend that the Director of the FBI ensures: Adequate resources are allocated to train ITIM users in identifying business needs and associated users (Prerequisites 1 and 3).

Response: The FBI agrees with this recommendation. Training for the overall IT Investment Management Framework and specifically the SELECT process was completed in March 2002 by the current ITIM Program Office staff and the FBI contractor. This training was offered bureau-wide and included the members of the three investment boards, in addition to the Business Lines' ITIM liaisons and other key stakeholders. Training for CONTROL and EVALUATE is planned just-in-time as those programs are respectively rolled out.

As personnel continue to change in the organization, the ITIM Office will (1) require staffing to maintain a 'retraining' program, or (2) execute a 'train-the-trainer' program within the business units vis-à-vis the 'business liaison' role. Option 1 will require staffing support and Option 2 will require Senior Leadership Team support to include this responsibility within the liaison role.

Recommendation Number 13, Page 52: We recommend that the Director of the FBI ensures: Identified users participate in project management throughout a project's life-cycle (Activity 3).

Response: The FBI agrees with this recommendation. The PMO will, as part of its project management process, institute procedures involving the appropriate users throughout the development cycle. For example, the Trilogy Program has established a Joint Application Development (JAD) process. This process has brought a broad range of users from a number of field offices to headquarters to participate in the development of requirements for the Trilogy Virtual Case File (VCF) . The team will continue to function through the development life-cycle, reviewing designs and participating in testing, acceptance and implementation. This approach will be applied to all large-scale development projects. The PMO contains a VCF/JAD Unit, which will apply this methodology of requirements elicitation, definition and specification to FBI development projects.

Recommendation Number 14, Page 59: We recommend that the Director of the FBI ensures: The ITIM process applies to all IT project proposals, including proposals that are funded through the FBI's base funding.

Response: The FBI agrees with this recommendation and has made progress towards its implementation. The ITIM SELECT process was applied to all new investment requests for the new Budget Year FY 2004. As the ITIM process is matured, all IT project proposals including those funded through the FBI's base budget will be subject to the SELECT process. During FY 2003, it is planned that the FY 2003 base and enhancement requests will be subject to the ITIM program.

Recommendation Number 15, Page 59: We recommend that the Director of the FBI ensures: Sufficient staffing is provided to the ITIM Program Office, as recommended in the Post-Implementation Review.

Response: The FBI agrees with this recommendation and currently has requested 6 additional full-time FBI staff employees for the ITIM Program Office.

Recommendation Number 16, Page 67: We recommend that the Director of the FBI ensure: The recommendations set forth in the Post-Implementation Review relating to expanding the policies and procedures of the ITIM process are implemented.

Response: The FBI agrees with this recommendation. As of September 2002, the FBI has implemented all recommendations of the Post-Implementation Review relating to expanding polices and procedures of the ITIM process. The FBI plans to continually mature the ITIM process as needed.

Recommendation Number 17, Page 72: We recommend that the Director of the FBI ensures: The ITIM Program Office and the ITIM contractor incorporate the input from various ITIM users, including those from the enterprise architecture office, CJIS Division, the Laboratory Division, and the Inspection Division as the control and evaluate phases of the ITIM process are being developed and refined. This input should be solicited through working group sessions scheduled on a periodic basis.

Response: The FBI agrees with this recommendation and has incorporated the input from each of the various ITIM users mentioned during the CONTROL and EVALUATE design phase. As of September 2002, interviews and working group sessions with each of the various ITIM user communities were completed and their input was used in the design of the CONTROL and EVALUATE design and pilot.

Recommendation Number 18, Page 72: We recommend that the Director of the FBI ensures: The ITIM process is modified so that the Technical Review Board and Enterprise Architecture Technical Committee perform a business architecture compliance review of IT project proposals to ensure these proposals support the mission of the FBI.

Response: The FBI agrees with this recommendation. The ITIM process is being modified to ensure that the TRB and the Enterprise Architecture Technical Committee will perform a business architecture compliance review of IT projects to ensure support of FBI missions. This modification will be completed by third quarter FY 2003.

Recommendation Number 19, Page 80: We recommend that the Director of the FBI ensures: The FBI prepares a plan that specifically details how the project management office will support the ITIM process. This plan should include the project management office's criteria and thresholds for: (1) selecting IT projects to manage, and (2) identifying projects that the Project Oversight Committee will review.

Response: The FBI agrees with this recommendation. The FBI is currently preparing a plan that addresses the FBI's implementation of the ITIM process. That plan will address how the PRO, and the new Planning Organization within the Office of the dO will interact with and support the ITIM process. FBI's Office of the CIO plans to use the ITIM process to manage all FBI IT investments. The Cbs Planning ~ivision will develop the FBI IT Architecture, coordinate all IT Planning and assist in evaluating the FBI's IT initiatives during the program select phase. The PMO will also assist in evaluating IT projects during the Select Ph~se. Once a project is selected for development through t~ie ITIM review process, and funded through the Budget Process, the PMO will manage selected major projects and smaller or less critical projects will be assigned to the Operations Support Division in the Office of the CIO or to the Sponsoring Division.

The PMO will develop large and complex projects on behalf of-sponsoring divisions to ensure their successful execution and free the operational FBI divisions to focus on their priority missions. Projects will originate within FBIHQ and field divisions. Sponsoring divisions will be required to make a business case that justifies the investment, through the ITIM process.

Examples of selection criteria for a project's development to be managed by the PMO are: 1) greater than $1OM total value, 2) high risk, 3) high level of development complexity, 4) FBI priority project, and/or 5) emergency project (i.e., response to quick-reaction requirement). However, these criteria are currently being finalized; project selection will also depend upon resources available to the PMO to carry out their mission.

The ITIM process has proposed eight major decision points during the development life-cycle of a project. It is at these key decision points that the POC would review those top-level projects that the PMO is managing. At each decision point, a decision by senior FBI management will be made whether to proceed with a project and continue to commit resources to it or to end a project and reprogram its funds. The POC may desire more frequent reports of program status for those projects designated as requiring intense scrutiny, such as monthly Trilogy project briefings.

Recommendation Number 20, Page 80: We recommend that the Director of the FBI ensures: The FBI develops and implements a specific plan detailing how and when it will integrate the ITIM process with a system development life-cycle methodology such as the Project Management Process.

Response: The FBI agrees with this recommendation. The PMO will establish a Project Management Process that incorporates a system life-cycle methodology. This methodology, with appropriate tailoring, will be mandatory for all projects in the Bureau. The PMO will ensure that this process is fully integrated into and supports the ITIM process.

Recommendation Number 21, Page 85: We recommend that the Director of the FBI ensures: The FBI continues its efforts to establish a comprehensive enterprise architecture. The FBI must develop and implement a specific plan to integrate ITIM and enterprise architecture processes, even as these processes are being further refined and developed.

Response: The FBI agrees with this recommendation. The FBI enterprise architecture is under development within a single governance structure as established by the ITIM framework as approved by DOJ in May 2002. FBI is accelerating the focus and attention on enterprise architecture and has a 6-month target to implement the first phase of a world-class enterprise architecture framework (April 2003) . As with the ITIM program, the FBI plans to continually mature the Bureau's Enterprise Architecture.

Recommendation Number 22, Page 113: We recommend that the Director of the FBI: The IT Investment Review Boards initiate oversight of Trilogy, including: (a) the establishment of cost, schedule, technical, and performance baselines; and (b) tracking significant deviations from these baselines and taking corrective actions as necessary.

Response: The FBI agrees with this recommendation. Trilogy baselines for cost, schedule, and technical performance are being established. Trilogy is comprised of two components, TNC/IPC and UAC. The TNC/IPC and the TJAC baselines will be established once the current Engineering Change Proposals (ECP's) are negotiated. Metrics are being included in those baselines that will allow tracking and recognition of significant deviation.

Because of the advanced stages of the Trilogy components and the significant schedule compression, the PMO, in conjunction with the IT Investment Review Boards, will establish a set of cost, schedule, and performance goals to be monitored. The PMO will monitor those factors on a regular basis and report the progress to the IT Investment Review Boards against set milestones.

Recommendation Number 23, Page 113: We recommend that the Director of the FBI: The technical requirements for Trilogy are adequately defined, documented, and shared with other IT users.

Response: The FBI agrees with this recommendation. For the UAC portion of Trilogy, the Virtual Case File (VCF) functional requirements were defined in a series of five Joint Application Development (JAD) sessions, and approximately twelve Working Groups that were made up of SAIC, Information Resources Division, and IT users. The IT users were the ones that identified the needs that were transferred into requirements. They did this utilizing a walkthrough of their business processes, while identifying areas of inefficiencies that could be facilitated through re-engineering. The IT users also served as reviewers of the subsequent requirements documentation, commenting on the appropriateness of the requirements. The IT users will continue to be a part of the VCF team throughout the development process.

For the TNC/ICP portion of Trilogy, the requirements have been defined, documented and made available.

Recommendation Number 24, Page 113: We recommend that the Director of the FBI: The Trilogy project managers prepare an action plan to address the risks identified by the three internal reports on Trilogy. This plan should include (a) actions already taken to mitigate these risks, (b) planned actions, including suspense dates, and (c) an explanation for why some risks cannot be mitigated, if applicable. The IT investment review boards should then approve this plan and monitor it for implementation.

Response: The FBI agrees with this recommendation. An action plan will be prepared by the Trilogy Project Management Office addressing the three reports (INSD, CJIS and IV&V assessment) by 12/31/02. Common actions from the reports will be combined resulting in a synthesized list of actions. This plan will include actions already taken to mitigate these risks, planned actions, including suspense dates, and an explanation for why some risks cannot be mitigated, if applicable. The plan will be approved by the CIO and monitored for compliance.

Recommendation Number 25, Page 113: We recommend that the Director of the FBI: For future IT deployments, ensure that processes are established for field offices to submit input and receive feedback from FBI Headquarters prior to installing equipment.

Response: The FBI agrees with this recommendation. A successful process was used for the site installation schedule for the Trilogy project. It was coordinated with each Field Office through an initial site survey. Due to the success of this process, it will be incorporated into the overall ITIM framework and will be used for all future IT deployments.

Recommendation Number 26, Page 113: We recommend that the Director of the FBI: Initiate action to remedy contractor deficiencies associated with inefficient: (a) operation of the service support center, and (b) maintenance support for Trilogy architecture.

Response: The FBI agrees with this recommendation. The Trilogy Program awarded a maintenance contract to Dyndorp/Ijnisys to provide maintenance for the Trilogy deployed components. That service level agreement (SLA) contract runs through December 2003. There is another 3-year multi-year maintenance contract for Legacy and non-Trilogy maintenance components which runs through the end of fiscal 2004. The FBI is in the process of consolidating IT maintenance contract requirements to benefit from economies-of-scale.

During the first month of the new maintenance contract, outstanding trouble tickets have been reduced from 260 to 140. As the contractor becomes fully engaged in this activity, the number of outstanding trouble tickets will decrease further. The new maintenance contract contains metrics. Contractor statistics are being monitored daily.

The Trilogy Program is working to develop and deliver an Enterprise Operations Center (EOC) with staffing, training, and tools to provide central management, monitoring, and administration of the Trilogy deployed infrastructure. The EOC will have a higher technical level of skill and ability to resolve and pro-actively manage the network components and any problem resolution for all FBI customers.

Until the EOC with its Enterprise Management System (EMS) is in place and operational, the problem will not be fully resolved. When the EMS is operational, it will provide a new way to manage, operate, and maintain Trilogy. The EMS will provide the FOC with the capability to centrally monitor and control the Trilogy system. This capability will enable the EOC to detect emerging problems and take corrective actions before they impact system performance. The EOC is expected to resolve the majority of all problems. The goal is to correct 80% of the problems at the EOC on the first call. The other 20% will be escalated but resolved within established timeframes. The EOC ITS will retain ownership of the problem ticket until the problem is resolved.

Recommendation Number 27, Page 113: We recommend that the Director of the FBI: Initiate action to enhance employee IT training by: (a) remedying problems associated with the FBI's on-line training system, and (b) developing a training plan specifically tailored to information technology specialists and electronic technicians.

Response: The FBI agrees with this recommendation.

(a) All issues identified during the first phase of MS Office 2000 training, March 2002 through May 2002, have been corrected.

The primary issue related to the FBI Virtual Academy Learning Management System (LMS) deployment in use for the Trilogy project had been related to password issues. Of the calls and e-mails fielded during the training sessions of the first 23 offices, 93% were related to users forgetting their passwords. The remaining 7% of calls and e-mails were in support of the Training Technicians, Administrative Officers, or Training Coordinators roles in relation to the Approval Console and the Microsoft Office 2000 Computer-Eased Training (CBT) courses.

The issues surrounding the CBT itself were problems with various programs within the suite of products received from the vendor, SmartForce, Inc. All of the problems that arose during the training were resolved by the vendor, SmartForce, Inc. A new CBT issue arose recently regarding a course freezing during the assessment portion of the first unit of a CDT. The contractor has been contacted and they are working to provide a new version of the software.

Additionally, an issue arose in two large field offices with the FBI Virtual Academy approval process. The heart of the issue had to do with the Field Office's implementation and allocation of resources to support the training, not the application itself. Lastly, one other issue that affected the full implementation of the FBI Virtual Academy was the e-mail capability. The Virtual Academy must reference a Simple Mail Transfer Protocol gateway on the network to transport e-mail to the end users. The LMS is currently operating without this e-mail capability until the Trilogy implementation of Exchange.

(b) The FBI has one Training Plan for Trilogy. Core technology training is being acquired for the Information Technology Specialist (ITS) and Electronic Technician (ET) personnel enhance their skills, necessary to operate and maintain the software and hardware deployed by Trilogy. This core technology training for EOC personnel is being coordinated by the EOC Program Manager. Vendors have been procured to provide instructional services in core technical areas to the ITS personnel at each deployment site. The ET Training PrOgram, which has been in existence for 25 years and is well established, has been upgraded to accommodate the new TNC/IPC equipment and technology courses, as well. This program is servicing the core technology training for the ET staff.

The Trilogy IPC/TNC program enhances and compliments this core technology training by providing CET courses and technical procedural training at the time of IPC/TNC Full Site Capability deployment. The procedural training will be specific to the duties and responsibilities of the ITS and ET population, both in the field and EOC, with respect to the Trilogy IPC/TNC implementation of system maintenance and administrator functions. Existing FBI videoteleconferencing (VTC) facilities will be used to instruct the field ITS and ET staff. Considering the disperse geographical locations of the more than 800 IT support personnel, this training delivery approach presents a more cost-effective means than the traditional face-to-face instructor-led training. The VTC capability provides the capability to deliver instructor-led training from a single location while participants at multiple remote sites can receive the broadcast signal simultaneously. A video recording of the training will also be provided to each site as a back up to the VTC delivery since twenty-seven of the fifty-six Field Offices do not currently possess VTC capability. The training delivery method for the EOC staff located at FBI Headquarters and Fort Monmouth, NJ, will be face-to-face instructor-led training. CBT courses covering the IPC/TNC software and hardware technologies will also be available via the FBI Virtual Academy LMS.

Recommendation Number 28, Page 113: We recommend that the Director of the FBI: Initiate action to complete the Extended Fast Track deployment timely by: (a) delivering the remaining quantities of Extended Fast Track desktop computers, and (b) procuring sufficient quantities of fiber optic cables.

Response: The FBI agrees with Part (a) of this recommendation. The remaining Extended Fast Track desktop computers will be shipped to all sites except New York City by December 31,2002. The remaining computers for New York City will be shipped in February 2003 after they have completed the upgrade of their internal fiber cable plant.

The FBI agrees that sufficient quantities of fiber optic cables must be procured for extended Fast Track to be successful. Trilogy funded the Back Bone fiber optic upgrade at one Field Office, Los Angeles, but this was a one time expense, made to meet critical schedule constraints. Since Trilogy did not budget for fiber optic cable upgrades, the FBI has decided to pay for this requirement from other FBI funding.

Recommendation Number 29, Page 113: We recommend that the Director of the FBI: Initiate action to: (a) procure adequate trouble-shooting equipment for Trilogy architecture, and (b) complete timely development of FBI unique macros for MS Word.

Response: The FBI agrees with Part (a) of this recommendation. Once the EOC is operational, adequate trouble shooting equipment f or Trilogy will be in place and operational.

The FBI disagrees with Part (b) of this recommendation. The FBI has chosen to use a Web based approach for submissions previously supported by Word Perfect Macros. Therefore, there will be no Macro development required for Microsoft Word.

Recommendation Number 30, Page 118: We recommend that the Director of the FBI ensures: The IT Strategic Plan and Performance Plans are updated to: (1) Fully integrate these plans with the FBI1s ITIM Process; and (2) include those performance goals and indicators included in DOJ's IT Strategic Plan.

Response: The FBI agrees with this recommendation and concurs with the advice that the ITIM process should be fully integrated into future IT and performance plans. The FBI intends to complete an IT Strategic Planning process by fourth quarter FY 2003 that is fully part of the ITIM overall framework. The ITIM Program Office will be fully involved in the IT Strategic Planning efforts. The resulting IT Strategic Plan will be aligned with the FBI's operational strategic plan.

Sensitivity Review Response: The review found no sensitive or classified information related to IT systems, however, this review did not cover sensitive information related to general FBI operational security. It is requested that the report be classified as For Official Use Only (FOUO) or Limited Official Use (LOU).