Follow-up Review of the Status of IDENT/IAFIS Integration
E & I Report No. I-2005-001
On November 19, 2004, the Office of the Inspector General (OIG) sent copies of the draft report to the Federal Bureau of Investigation (FBI) and the Department of Justiceís (DOJ) Justice Management Division (JMD) with a request for written comments.1 The Assistant Attorney General for Administration and the FBI responded to us in a consolidated memorandum dated December 16, 2004 (Appendix III). JMD and the FBI concurred with all six of our recommendations. Our analysis of their comments follows.
Recommendation 1: By December 31, 2004, report to the Homeland Security Council (HSC) and Congress that the DOJ, the DHS, and the DOS have reached an impasse and cannot complete the MOU directed by Congress. The report should formally request that the HSC or Congress decide on the adoption of the NIST Technology Standard and define the capabilities to be provided in the interoperable system.
Summary of Response. JMD stated that it hopes that our report will help resolve the issues related to the objective of achieving interoperability between IDENT and IAFIS. JMD stated that it would transmit our final report to the HSC and ask that its members address the matter. JMD also stated that it intends to report to Congress on the status of this project within 90 days of enactment of the DOJís FY 2005 appropriations act.
OIG Analysis. We accepted and modified the date in our recommendation to reflect the Departmentís proposed action. We consider the recommendation resolved but open. To close the recommendation, we request that by March 31, 2005, JMD provide a copy of the report sent to the HSC. In addition, we request that JMD provide a copy of its status report to Congress when completed.
Recommendation 2: Increase the transmission of the fingerprints of Known or Suspected Terrorists from the FBI to the DHS from monthly to at least weekly.
Summary of Response. JMD stated that the FBI will provide the fingerprints of Known or Suspected Terrorists to the DHS within one week of establishing the record in IAFIS. JMD also stated that the FBI is exploring opportunities to improve its processing of Known and Suspected Terrorists and is developing several IAFIS system changes that may allow for these records to be exchanged with the DHS on a daily basis.
OIG Analysis. We consider the recommendation resolved but open. To close the recommendation, we request that by March 31, 2005, the FBI provide: (1) documentation demonstrating that the FBI began providing the DHS with the fingerprints of Known or Suspected Terrorists within one week of establishing the record in IAFIS and (2) the status of the FBIís efforts to implement the daily transmission of these fingerprint records to the DHS. Until the DHS is able to directly access IAFIS, we encourage the FBI to continue working towards the goal of providing the DHS with the most recent fingerprint records of Known or Suspected Terrorists.
Recommendation 3: Request access to a random sample of data from US-VISIT and other relevant immigration biometric databases used for enforcement or benefit purposes for comparison to IAFIS in order to determine the risk posed by not checking all visitors against IAFIS.
Summary of Response. JMD stated that although it has not yet reached agreement with the DHS on the parameters of this proposed study, JMD believes that an agreement can be achieved once other larger issues have been resolved through the HSC.
OIG Analysis. We consider the recommendation resolved but open. To close this recommendation, we request that by March 31, 2005, JMD provide documentation of the request for access to data, the DHS/DOS response, and the results of the risk analysis conducted on any data received.
Recommendation 4: Coordinate with the DHS to identify the capacity needed to conduct IAFIS searches on all visitors referred to secondary inspection and inform the DOJís CIO how the capacity of IAFIS could be increased to handle that level of activity.
Summary of Response. JMD stated that until the issues articulated in our report are resolved, it is premature to identify specific operational requirements and the attendant system capabilities that would be needed. JMD stated that "as soon as these issues are settled, the DOJ will move expeditiously to ensure that it, and its systems, can meet expectations."
OIG Analysis. We consider the recommendation resolved but open. To close the recommendation, we request that by March 31, 2005, JMD provide documentation demonstrating that: (1) the DOJ coordinated with the DHS to resolve issues and identify the capacity needed to conduct IAFIS searches on all visitors referred to secondary inspection and (2) the DOJís CIO was informed of how the capacity of could be increased to handle the activity that would be generated by conducting IAFIS searches on all visitors referred to secondary inspection.
Recommendation 5: Develop options for the eventual upgrade of IAFIS to enable the system to conduct ten flat fingerprint searches on all US-VISIT enrollees and TPRS submissions from the Border Patrol.2
Summary of Response. JMD stated that this recommendation presupposes policy decisions that have not been made. Until policy decisions are made at the HSC level, JMD stated that it seems "inadvisable and inappropriate to spend resources to develop detailed options for full operational implementation." JMD stated that pending policy decisions by the HSC, the DOJ "continues exploring various options informally as to ways to further and better support US-VISIT."
OIG Analysis. We consider the recommendation resolved but open. We accept JMDís statement that decisions by the HSC could alter the final operational implementation requirements. Thus, by March 31, 2005, please provide a copy of the HSCís final decision on IAFIS, IDENT, and US-VISIT operational requirements; or a status report on the efforts to establish the final operational requirements and a copy of the initiatives that the FBI stated that it has developed initiatives to support improving search reliability for ten flat fingerprint searches.
To close this recommendation, we request that within 90 days after the final operational requirements are established, JMD and the FBI provide the plans developed to upgrade IAFIS to meet the requirements established.
Recommendation 6: Take steps to ensure that IAFIS meets its availability requirement of 99 percent.
Summary of Response. JMD stated that the FBI has been working to improve IAFIS availability routinely since the system became operational in July 1999. JMD stated that since that time, IAFIS system availability has increased annually and the FBI has several initiatives underway to reduce unscheduled outages by eliminating single point of failure and creating redundancy where possible. JMD stated that the FBI is currently standardizing the hardware platforms across IAFIS, which it stated will provide automated recovery capabilities to support rapid restoration of services during off-nominal events (i.e., unscheduled downtime). The FBI stated that this initiative, which began in 2003, will be completed by April 2005. JMD also stated that the FBIís long-term plans to reduce scheduled and unscheduled IAFIS outages include developing a full system disaster recovery capability. JMD stated that the FBI is currently defining the concept of operations and system requirements for this capability, but because funding for the capability has not yet been identified, the FBI has not determined the implementation date.
OIG Analysis. We consider this recommendation resolved but open. To close the recommendation, we request that by June 1, 2005, the FBI provide: (1) documentation demonstrating that it has implemented initiatives to reduce unscheduled IAFIS outages; (2) the status of efforts to standardize the hardware platforms across IAFIS; and (3) the implementation date of its long-term plans for full system disaster recovery capability, including the concept of operations and system requirements. We believe the FBI should continue to improve IAFIS availability and develop initiatives to that effect.