On September 6, 2007, the OIG sent a copy of the draft report to the United States Marshals Service (USMS) with a request for written comments. In a memorandum dated September 28, 2007, the USMS provided a response in which it agreed with five of the report’s six recommendations and described the actions it had taken or planned to take to implement the recommendations. The USMS disagreed with one recommendation. Based on our analysis of the USMS’s response, four recommendations are resolved and remain open, and two recommendations are unresolved and remain open.
In its response, the USMS described a number of initiatives that it has undertaken to enhance its protective intelligence program from our initial March 2004 report to the present. The OIG has identified many of these initiatives in the current report and included in Appendix I a March 30, 2007, memorandum from the USMS that provides a detailed list of initiatives, some of which the USMS has completed and others it has planned. While the OIG acknowledges that these initiatives are important steps towards implementing the USMS’s new threat analysis process and its protective intelligence program for identifying potential threats, we note, as discussed in our report, that the USMS has made only limited progress in implementing the major components of its judicial security program.
Recommendation 1. Develop a formal plan that defines objectives, tasks, milestones, and resources for the new threat assessment process.
Status. Resolved – open.
Summary of the USMS Response. The USMS concurred with this recommendation. The USMS identified actions that are part of its plan for a new threat assessment process. The USMS’s Assistant Director for the Judicial Security Division issued a memorandum to the districts, dated September 10, 2007, on the new threat assessment process. He also announced that the Threat Management Center was activated on September 17, 2007. The USMS is eliminating the 3- and 7-day timeliness standards and updating the draft of Policy Directive 10.3, which should be completed by October 2007. Office of Protective Intelligence (OPI) staff will be assigned to develop a formal plan for the new threat assessment process.
OIG Analysis. The actions undertaken and planned by the USMS are responsive to our recommendation. Please provide the OIG with copies of (1) the memorandum announcing the activation of the Threat Management Center which describes the Center’s policies and procedures; (2) the September 10, 2007, memorandum; (3) the memorandum notifying the districts of the elimination of the 3- and 7-day standard; (4) Policy Directive 10.3; and (5) the formal plan that incorporates the policies and procedures defined in the documents referenced in the USMS response. The plan should define objectives, tasks, milestones, and resources for the new threat assessment process. By December 31, 2007, please provide the requested information or a status report describing the progress and expected completion dates.
Recommendation 2. Create a workload tracking system for threat assessments.
Status. Resolved – open.
Summary of the USMS Response. The USMS concurred with this recommendation, and stated that an OPI staff member will be assigned to develop a formal plan for a new workload tracking system. The USMS identified actions that are part of a plan for the new tracking system. Currently, OPI management uses a manual tracking system based on the Justice Detainee Information System to track the analysis of reported protective investigations. The system is used to produce weekly reports to monitor the status of the investigation as well as to perform research and analysis on national or regional trends. The system also is used to produce monthly status reports that detail the dates cases are received in OPI and what cases are still active investigations. OPI uses its manual system to ensure that case analyses are completed within the prescribed timeframes established by USMS policy. The system also can produce reports analyzing the workload distribution in OPI. Such reviews are used in making decisions about future work assignments.
OIG Analysis. The actions undertaken and planned by the USMS are responsive to our recommendation. This recommendation was intended to help ensure that the USMS did not permit a reoccurrence of a situation similar to the one in October 2006 when a backlog of 1,190 threat assessments had not been completed by OPI staff. So that the OIG can assess whether the new workload tracking system will enable USMS management to effectively manage the threat assessment workload, please provide the OIG with a copy of the formal plan for the new workload tracking system being developed by OPI staff. The documents provided should include a complete listing of the data that will be tracked regarding the new threat analysis process and sample weekly and monthly reports. Please provide the requested information or a status report describing the progress and expected completion dates by December 31, 2007.
Recommendation 3. Develop a formal plan that defines objectives, tasks, milestones, and resources for implementing a protective intelligence function to identify potential threats.
Status. Unresolved – open.
Summary of the USMS Response. The USMS concurred with this recommendation, but in its response did not address how it intends to develop a formal plan defining objectives, tasks, milestones, and resources for implementing a protective intelligence function to identify potential threats. The USMS instead provided a description of specific activities it uses to collect information on potential threats. The USMS has also issued guidance on the type of judicial security information to be reported by the districts and has included the guidance in training being provided to its Criminal Investigators and Deputy U.S. Marshals.
OIG Analysis. Although the USMS concurred with the recommendation, we believe that the USMS description of its activities is not responsive to our recommendation. Although the USMS’s response identifies multiple information sources that can be used to identify threats, it does not discuss what information will be collected, how it will be analyzed, or what reports will be prepared by its district staff to address potential threats. Nor did the USMS address how it will develop a formal plan that defines objectives, tasks, milestones, and resources for implementing a protective intelligence function to identify potential threats. By December 31, 2007, please provide the OIG with a copy of a formal plan, including examples of reports, or a status report on its development.
Recommendation 4. Modify USMS databases to support the new threat assessment process and protective intelligence function to identify potential threats.
Status. Resolved – open.
Summary of the USMS Response. The USMS concurred with this recommendation. The USMS stated that it has been modifying databases to identify potential threats, and that these initiatives will take place in two phases, one short-term and the other long-term.
OIG Analysis. The actions undertaken and planned by the USMS are responsive to our recommendation. To enable the OIG to assess the USMS’s progress in implementing this recommendation, please provide the OIG with a status report on the implementation of the described short- and long-term initiatives by December 31, 2007.
Recommendation 5. Require the home alarm contractor to notify the USMS of alarm events after notifying the local law enforcement agency.
Status. Unresolved – open.
Summary of the USMS Response. The USMS disagreed with this recommendation. The USMS stated that its Off-Site Judicial Security Program Office has evaluated this issue through extensive consultation with senior USMS management and its home alarm contractor. The USMS stated that its home alarm contractor follows standard industry protocols for alarm events by first calling the resident’s emergency point of contact and, if no response is received, contacting local law enforcement. According to the USMS, local law enforcement officials will contact the USMS if they determine the event warrants USMS participation. The USMS stated that it “believes this is a reasonable and appropriate program management decision to ensure judicial safety is given the highest priority while remaining cognizant of the agency’s limited resources” and that the current policies for “USMS notification of alarm events at judicial residences are prudent.”
OIG Analysis. The OIG does not agree with the USMS’s position because the USMS’s response does not demonstrate that the current protocol provides the USMS with timely information on alarm incidents necessary for it to fulfill its mission of protecting the judiciary. We are concerned that the current protocol makes local law enforcement responsible for determining when the USMS should be notified of an incident at a judge’s residence and for notifying the USMS so that it may consider initiating a protective investigation.
We are also concerned that the current protocol offers too many opportunities for errors that would preclude a prompt USMS response to an incident. For example, under the current protocol, for the USMS to consistently and promptly respond to incidents at federal judges’ residences the many hundreds of different local law enforcement agencies that may respond to alarms at the more than 2,000 different judges’ residences must (1) have current information from the USMS regarding which addresses are judges’ residences; (2) consistently connect that information to the address when responding to an emergency call; (3) accurately identify that an incident may be pertinent to the USMS judicial security mission; and (4) promptly contact the appropriate USMS district office to inform the USMS of the incident. Merely maintaining local law enforcement’s awareness of all judges’ current addresses as judges are appointed, move, resign, or retire will be a difficult and time-consuming task for the USMS. In contrast, if the USMS arranges for its contractor to notify the USMS district office of an alarm incident after it has been reported to local law enforcement, the notifications will be accurate, immediate, and entirely within the control of the USMS and its single contractor.
The OIG requests that the USMS reconsider this recommendation that the USMS require its contractor to notify the USMS of alarm events after notifying the responsible local law enforcement agency. If the USMS maintains that the current protocol provides adequate protection to the judiciary, we request that the USMS provide a more complete response that demonstrates that in FY 2007 it was notified of home alarm incidents consistently and promptly to enable it to carry out its mission to protect the judiciary. Specifically, the OIG requests information that the USMS did not have available during our review: (1) a list of the local law enforcement agencies that received letters notifying them or providing updated information on federal judges’ residences in their jurisdictions; (2) a list of the incidents since the contract was awarded in which the contractor notified a local law enforcement agency that an alarm had occurred at a judge’s residence, by district; (3) when each local law enforcement agency subsequently notified the USMS district office of the incident; and (4) the action that the USMS district office took in each case. We request that the USMS inform us of its reconsideration and provide the requested information by October 31, 2007.
Recommendation 6. Issue operational guidance for requesting and deploying Technical Operations Group resources and Rapid Deployment Teams.
Status. Resolved – open.
Summary of the USMS Response. The USMS concurred with this recommendation. The USMS stated that policies addressing this recommendation will be issued in the first quarter of FY 2008.
OIG Analysis. The actions planned by the USMS are responsive to our recommendation. Please provide the OIG with formal operational guidance for requesting and deploying Technical Operations Group resources and Rapid Deployment Teams by December 31, 2007.