The Federal Bureau of Investigation's Terrorist Threat and Suspicious Incident Tracking System

Audit Report 09-02
November 2008
Office of the Inspector General


Appendix VI
Office of the Inspector General Analysis and Summary of
Actions Necessary to Close the Report

The OIG provided a draft of this audit report to the FBI for its review and comment. The FBI’s response to our audit report is included as Appendix V of this report. The FBI concurred with all seven recommendations in this report. Our analysis of the FBI’s response to the seven recommendations is provided below. Based on the FBI’s response, the OIG considers the report resolved. The following is a summary of the actions necessary to close the recommendations.

Summary of Actions Necessary to Close the Recommendations

  1. Resolved. The FBI agreed with this recommendation. In its response, the FBI said that it will amend the Guardian policy to specifically include relief supervisors and other individuals designated by FBI management to function in the Guardian Supervisor role. The FBI also stated that the Threat Monitoring Unit (TMU) will draft updated Guardian policy to clarify this issue and to enumerate pending Guardian enhancements resulting from the recently issued Attorney General Guidelines for Domestic FBI Operations. This recommendation can be closed when we receive documentation showing that the Guardian policy has been appropriately updated and implemented to ensure that the review of threat incidents entered into Guardian is performed by those individuals designated as supervisors.

  2. Resolved. In response to this recommendation, the FBI agreed to ensure that terrorist threats and suspicious incidents entered in Guardian are closed or forwarded for investigation in a timely manner. The FBI stated that current policy dictates all Guardian incidents should be closed within 30 days of incident creation and that existing Guardian policy regarding this matter continues to be reinforced by the National Threat Center Section (NTCS). Additionally, the TMU sends an e-mail communication to all field offices on a monthly basis detailing field office performance in addressing Guardian leads and instructing them to address any incidents not closed within 30 days. During our audit testing, however, we found instances where threats were not closed within 30 days of their creation in Guardian. This recommendation can be closed when we receive documentation evidencing that the FBI is closing Guardian incidents or forwarding them for investigation within 30 days of their creation.

  3. Resolved. In response to this recommendation, the FBI agreed that completion of Guardian’s supplementary tabs strengthens individual searches, improves analysis capabilities, and yields better results for searches of Guardian information. The FBI said its TMU will conduct periodic random sampling of new incidents to determine field office usage of the supplemental tabs. Additionally, the TMU will draft updated Guardian policy to reinforce completion of the supplementary tabs. This recommendation can be closed when we receive documentation showing that the Guardian policy has been appropriately updated and that the guidance for completing the supplementary tabs is being followed.

  4. Resolved. The FBI agreed with our recommendation. In its response, the FBI stated that all threat information obtained from ongoing counterterrorism investigations that meet Guardian entry requirements should be entered in Guardian in a timely manner. The FBI stated that current Guardian policy dictates that all field offices, Legal Attachés, and other FBI entities are required to enter all terrorism related threats and suspicious incidents into Guardian. During our audit testing, we found instances where the FBI did not always ensure that threat information obtained from ongoing counterterrorism investigations was included in Guardian. This recommendation can be closed when we receive evidence of specific actions implemented to ensure that all threat information obtained from ongoing counterterrorism investigations that meets Guardian entry requirements is entered in Guardian.

  5. Resolved. In response to this recommendation, the FBI agreed to develop and implement a schedule to ensure technical maintenance patches to the Guardian system are completed in a timely manner. The FBI said this recommendation has been implemented in coordination with scheduled technical patches to the Guardian system and in performing emergency maintenance as needed. The FBI noted that the Guardian Technical Team received authorization from the Technical Configuration Control Board for a specific fixed monthly timeframe to conduct any necessary maintenance to the Guardian system. Additionally, for calendar year 2008 the TMU advised that a quarterly Guardian release schedule would be implemented and that three successful releases updating Guardian were implemented during 2008. This recommendation can be closed when we receive documentation showing that the FBI has developed and implemented a schedule to ensure technical patches to the Guardian system are completed in a timely manner.

  6. Resolved. In response to this recommendation, the FBI agreed to develop performance measures to support its efforts to resolve terrorist threats and suspicious incidents. The FBI said that in FY 2007 it began using threat and suspicious incident performance measures in management performance appraisal reviews, as well as through the FBI Inspection’s Division’s new Semi-Annual Program Reviews, which contain sections specifically addressing field office performance in utilizing Guardian. The FBI noted that each field office is annually rated by the Counterterrorism Division (CTD) on its adherence to the FBI 30-day policy for closing a Guardian incident or referring the incident for investigation. Additionally, Guardian system enhancements are currently being implemented that will allow for better tracking of various Guardian measures and statistics, such as the FBI’s timeliness and results of its threat assessments. Finally, the newly issued Attorney General Guidelines have necessitated changes to the Guardian program and Guardian policy. The Guardian program changes are intended to provide NTCS the ability to generate reports that will track the timeliness and results of assessments tracked in Guardian. This recommendation can be closed when we receive documentation showing that the FBI has developed performance measures to evaluate its efforts in addressing terrorist threats and suspicious incidents.

  7. Resolved. The FBI agreed with this recommendation. In its response, the FBI stated that it would incorporate threat and incident performance measures into existing resource allocation plans. The FBI said its Resource Planning Office established the Corporate Resource Planning Board to apply executive oversight to the resource allocation process and to ensure resource decisions are made in accordance with the FBI’s strategic objectives. Additionally, the FBI said Guardian staff will work with the Corporate Resource Planning Board to incorporate Guardian threat and suspicious incident performance measures into existing resource allocation plans. This recommendation can be closed when we receive documentation demonstrating that the FBI has incorporated threat and suspicious incident performance measurements into existing resource allocation plans.

 


« Previous Table of Contents Next »