01.08.2013
Budget, fusion center, homeland security intelligence, Information sharing, intelligence, intelligence center, Performance Measures, Strategy, Uncategorized
The Department of Homeland Security (DHS) released its 2012 National Network of Fusion Centers Assessment Report and the results are encouraging. DHS reported that (overall) fusion centers improved their capability scores by 11 points over the 2011 assessment report card. Summary findings, based on Critical Operating Capabilities (COCs):
COC 1 – Receive
- All fusion centers (77 or 100%) have access to federally sponsored Sensitive But Unclassified (SBU) information sharing systems.
- Every fusion center (77 or 100%) has at least one person cleared to access Secret information, but regular staff turnover means that fusion centers will continue to request new clearances (approximately 500 new clearance requests in the next 12 months).
- A significant number of fusion centers have on-site access to classified information sharing systems (66 or 85.7%).
- Fusion center use of the DHS Secret Internet Protocol Router Network (SIPRNet) Whitelist (Whitelist) is limited (41 or 53.2%).
COC2 – Analyze
- Fusion centers are highly involved in assessing threat and risk for their area of responsibility (AOR) (72 or 93.5%).
- Fusion centers are obtaining and using customer feedback on their analytic products (structured feedback: 65 or 84.4%).
- Analytic production plans are used widely across the National Network (60 or 77.9%).
- Critical infrastructure protection capabilities continue to expand across the National Network (75 or 97.4%).
COC 3 – Disseminate
- Despite progress since 2011, less than half (35 or 45.5%) of the National Network have a process in place to verify that customers are receiving their products.
- Fusion centers are increasingly designating a single, primary information sharing system (72 or 93.5%), but Homeland Security Information Network (HSIN) Intel is not frequently cited (23 or 29.9%) as the primary system for unclassified communication between fusion centers.
COC 4 – Gather
- The number of fusion centers that have developed Standing Information Needs (SINs) has increased (59 or 76.6%), but continued attention to SINs development is necessary.
- The National Network has a robust request for information (RFI) management capability (69 or 89.6%).
- A significant percentage of the National Network are involved in the Nationwide Suspicious Activity Reporting (SAR) Initiative (NSI), in particular in providing line officers with information on the behaviors identified in the Information Sharing Environment (ISE)-SAR Functional Standard (SAR line officer training: 66 or 85.7%).
DHS has identified three areas for improving fision center capabilities:
- Use Standing Information Needs (SINs) as the foundation of a customer-driven fusion process:
Fusion centers need to have a process for a) deriving and cataloguing regional and federal information and intelligence needs SINs , and b) actively tagging/associating these SINs with the information and intelligence products they produce.
- Document key business processes and ensure consistent access to training:
High turnover in critical fusion center staff positions is going to be the norm, for a number of reasons – staff rotations, augmentation, contract renewals, promotions, etc. Fusion Center Directors must plan for this “churn” by taking the time to a) document the center’s core business processes, b) keep SOPs and policies up to date, and c) develop training and other performance support tools to minimize the impact of staff turnover on center operations.
- Implement organizational planning and evaluation processes to continuously improve fusion center operations:
Fusion centers should clearly develop and communicate their center’s mission, goals, and objectives by developing a strategic plan, and using that plan as a tool to measure its performance. The strategic plan and periodic performance reports should help to communicate how investments in the fusion center result in tangible results, and b) help to drive annual budget requests to sustain or enhance current center capabilities.
I see gaps in these areas in my own work with fusion centers…unfortunately, many fusion centers are so busy with operational activities, that developing SOPs, training, strategic plans, etc., ends up on the back burner.
One other area, not directly addressed by the DHS assessment process is the development of an effective plan and roadmap for building an IT infrastructure that supports the four COCs. This too gets relegated to the back burner. In some cases, IT is addressed, but in a piecemeal fashion – Fusion Center Directors should elevate the need for an integrated IT plan, one developed from Fusion Center business processes and describes three key areas.
Suggested Components of a Fusion Center IT Strategy
- Information and Intelligence exchanges – what information, data, and intelligence comes-in and goes-out of the Fusion Center?
- What functional capabilities does the Fusion Center have now and which systems deliver those capabilities? (as-is)
- What NEW functional capabilities does the Fusion Center need, and how will the center procure them? (to-be)
- How much money does the Fusion Center need to a) sustain current capabilities and b) to implement the new capabilities?
Feel free to reach out to me if your center would like to discuss enhancing your operational and/or IT planning capability.
r/Chuck
02.03.2013
Budget, congress, criminal justice, Data, data sharing, Information sharing, justice, law enforcement, Law enforcement information sharing, leadership, LEIS, N-DEx, NIEM
If you want law enforcement agencies to share information, go to the source and help the Chiefs and Sheriffs to push their data in the FBI’s National Data Exchange N-DEx. Trying to impose information sharing with unfunded standards mandates will not work.
As someone who has been in the standards business since 1995, history has proven to me that:
- The business need must drive standards, standards can NEVER drive the business; and
- Trying to SELL the business on standards is a losing strategy.
Hi Congressman Reichert,
You won’t remember me, but a long time ago we were in meetings together in Seattle with the likes of John McKay, Dave Brandt, Scott Jacobs, Dale Watson, and others working on building the Law Enforcement Information Exchange (LInX); I was the technical guy on the project, working with Chief Pat Lee and our very dear lost friend Julie Fisher (may she rest-in-peace, I sure miss her).
A hell of a lot of water has gone under the bridge since then–it’s been nearly TWELVE YEARS. If we look back over this time, we have had so many bills, laws, strategies, policies, papers, speeches, conferences, proclamations, and other assorted attempts to prod law enforcement data loose from the nearly 18,000 agencies across our country. While we are far better off than we were back then, I think we can agree that we still have a long way to go.
Where we differ, I’m afraid, is in the approach to get there – a few days ago, you proposed legislation, the Department of Justice Global Advisory Committee Authorization Act of 2013, as a means to improve information sharing among law enforcement agencies – do we really believe another “stick” will work to get agencies to share information? Do we really believe it’s a technology or data standards problem that’s preventing law enforcement data from being shared? As a technologist for 34 years, and someone who has been involved in law enforcement information sharing since the Gateway Project in St. Louis, MO in 1999, I can tell you it is neither.
While I applaud the work of the GAC, and I have many colleagues who participate in its work, I’m afraid having more meetings about information sharing, developing more standards, approving more legislation, and printing more paper will NOT help to reach the level of information sharing we all want.
Instead, I want to propose to you a solution aimed at capturing the commitment of the men and women who can actually make law enforcement information sharing happen, and virtually overnight (metaphorically speaking) – namely, the great men and women who lead our police and sheriffs departments across America.
Now to be fair, many of these agencies are already contributing their records to a system I am sure you are familiar with called the National Data Exchange (N-DEx). Built by the FBI CJIS Division, this system has matured into a pretty respectable platform for not only sharing law enforcement information, but also for helping cops and analysts to do their respective investigative and analytic work.
Now, in case you are wondering, I do not own stock in any of the companies that built N-DEx, nor has the FBI signed me up as a paid informant to market N-DEx. I write to you on my own volition as a result of my nearly six years of volunteer work as a member of the International Association of Chiefs of Police (IACP) Criminal Justice Information Systems (CJIS) Committee.
About two years ago I volunteered to lead a small sub-group of the committee who have either built, led, or managed municipal, state, federal, or regional information sharing systems. Our charge was (and still is) to help CJIS take a look under the hood of N-DEx to see what’s in there (data wise) and to help figure out what needs to be done to make it a more effective tool to help cops across America catch more criminals, and maybe, just maybe, even prevent criminals from acting in the first place.
While our work is far from done, I can tell you that one thing we need is more data – as you well know, be it N-DEx, LInX, RAIN, or any other information sharing system, it is only as good as the data that’s put into it.
Believe it or not we already have the data standards in-place to get the data into N-DEx. CJIS has developed two Information Exchange Packet Descriptions (IEPDs) that tells agencies exactly what to do and how to format and package up their data so it can get to N-DEx. Additionally, CJIS has an extensive team ready to assist and my colleagues over at the IJIS Institute hold training sessions sponsored by BJA, to help agencies along the process (NIEM training).
These two IEPDs can help law enforcement agencies today to share the following law enforcement records:
- Service Call
- Incident
- Arrest
- Missing Person
- Warrant Investigation
- Booking
- Holding
- Incarceration
- Pre-Trial Investigation
- Pre-Sent Investigation
- Supervised Release
So what’s the hold up? Speaking only for myself, and I will be very straight with you, I believe the root cause for not getting more law enforcement data into N-DEx is the current piecemeal, politically charged, hit and miss grant funding process that the Act you propose, if passed, will burden even further – see page 3, lines 17-25 and page 4, lines 1-6.
Instead, I ask that you please answer the following question…
If law enforcement information sharing is important enough to push though a Public Act, where is the nationwide project, with funding, to get all shareable law enforcement data loaded into the one system that would give ALL law enforcement officers and analysts access to collective knowledge of the nearly 18,000 law enforcement agencies?
The immediate answer might be “we already have one; N-DEx;” however, N-DEx is only a piece of the answer…it’s as they say, “one hand clapping.” And in all fairness to my friends and colleagues at the FBI CJIS Division, that program was only charged and funded to build the N-DEx bucket, they were never funded to actually go get the data to fill the bucket.
The strategy, for whatever reason back then, was relegated to a “build it and they will come” approach, that IMHO has not worked very well so far and may take another 5-10 years to work. I should also note that the bucket isn’t totally empty…there are quite a number of agencies and regional projects, like LInX, that have stepped up and are helping to fill the bucket – however, if we want to expedite filling up the bucket, focusing on mandating more standards is not the answer
What I submit is the “other hand clapping” is the need for a shift focus, away from policy, standards, and technology, and establish a funded nationwide project that will offer a menu of choices and support packages to the Chiefs and Sheriffs that will enable them to start sending as many of their shareable records as possible to N-DEx.
Some of the options/support packages could include:
- Provide direct funding to agencies and regional information sharing systems to develop N-DEx conformant data feeds to N-DEx;
- Grant direct funding to RMS and CAD system providers to develop N-DEx conformant data feeds from their software, with the stipulation they must offer the capability at no additional cost to agencies that use their products;
- Establish a law enforcement data mapping assistance center, either bolted on to IJIS NIEM Help Desk, as an extension of NLETS menu of services, or through funding support at an existing information sharing project like the Law Enforcement Technology, Training, & Research Center who works in partnership with the University of Central Florida.
At the end of the day, we all know that the safety and effectiveness of law enforcement is greatly affected by the information he or she has at their fingertips when responding to that call.
Do you really want to leave it to chance that that officer’s life is taken, or a criminal or terrorist is let go because his or her agency wasn’t “lucky enough” to win the grant lottery that year?
So, let’s empower the single most powerful force that can make sure the information is available – the Sheriff or Chief leading that agency. Let’s stop with the unfunded mandates, laws, standards, studies, point papers, etc., and let’s finally put a project in-place with the funding necessary to make it happen.
v/r
Chuck Georgo,
Executive Director
NOWHERETOHIDE.ORG
chuck@nowheretohide.org
28.12.2009
Analysis, Budget, Data, Information sharing, transparency
I just took a look at the OMB Data.Gov Concept of Operations, and while I don’t want to sound like a party pooper, but I am very concerned about the Data.gov effort. We appear to be moving full speed ahead with the technical aspect of making data available on data.gov without really thinking through the policy, politics, resource, and other non-technical aspects of the project that could really hurt what could be a very valuable resource.
A few concerns I have include:
1. None of the Data.gov principles in the CONOP address the “real-world effects” we hope to achieve through data.gov–from an operational programs perspective. All seven principles in the CONOP address “internal” activities (means). We need to address success in terms of what citizens will realize through the Data.gov effort.
2. The entire Data.gov effort appears to be driven out of context from any government performance planning and evaluation process. Shouldn’t the need for data transparency be driven by specific strategic management questions? Where are the links to the President’s Management Agenda? Agency strategic plans?
3. There are more than 200 Congressional Committees with varying degrees of oversight of over a similar number of agencies in the Executive Branch. How will Data.gov impact Congress’ efforts to monitor (oversee) agency performance? What will happen when there is a disparity between a) what an agency says it’s doing, b) what oversight committee(s) say they are doing, and c) how the public views that agency’s performance based on data posted on Data.gov?
4. Transparency, Participation and Collaboration (TPC) are the buzz words of the month, but what does that really mean? The opening sentence of the CONOP states “Data.gov is a flagship Administration initiative intended to allow the public to easily find, access, understand, and use data that are generated by the Federal government.” Do we really expect the general public to access and analyze the data at Data.gov? If so, do we really understand how the public will want to see/access the information? More importantly, are we (agencies) fully prepared to digest and respond to received public feedback?
5. Who will pay the agencies to support data transparency? Do we really understand the burden involved in achieving open government? The last thing federal agencies need is another unfunded mandate.
6. Finally, how do we know the data that’s made accessible via Data.gov is good data (correct)? The GPRA required OIG review and certification of agency data published in annual performance reports. What can we expect in the way of quality from near-real-time access to agency performance data? Will we require the same data quality process for data feeds posted on Data.gov? Will agencies be funded to do it right?
I provide similar commentary on this issue and an analysis of the recent Executive Order in a December 17th blog posting here: https://www.nowheretohide.org/2009/12/17/open-government-directive-another-ambiguous-unfunded-and-edental-mandate/
Don’t get me wrong, I am all for open government, but let’s do it right. Let’s give the techies a couple of days off and let’s take a good hard look at the non-technical issues that could really hurt this effort if they’re not properly addressed.
Your comments and thoughts welcomed.
Thanks…r/Chuck
07.10.2009
Budget, public safety, Strategy
I just returned from the 2009 International Association of Chiefs of Police (IACP) Conference that was held in Denver, CO. It was a very nice conference. I attended my usual CJIS and LEIM meetings, sat in on a few very informative workshop sessions, and (of course) reconnected with many friends and collegues. One particular conversation topic that came up many times was the budget problems state and municipal jurisdictions were facing and how many law enforcement agencies had or were about to lay off staff to accomodate fair-share budget cuts imposed by state, county, or city managers.
What made this matter of particular interest to me was that one of my law enforcement friends was considering paying back a grant they received to hire additional officers becuase they would (within a year) end up having to lay-off an equal number of officers to accomodate a nearly $3,000,000 budget cut the City was going to impose on the agency. I asked him what his Chief was doing to build a case to prevent from having to take the cut? From the tone of his response, it didn’t sound like they were confident that such a strategy would be successful. He then remarked how unfair it was that when the local Fire Department asked for a new station, they received the money to build it without question…but when the police department makes a comparable request, it fails to pass.
So, I looked him in the eye and asked him…”So what is YOUR firehouse?”
An agency’s budget is built (for the most part) on a political processs pretty much based on the old value equation. In other words the level of agency funding is based on the percieved public safety value of the actions and materiel to be funded; (VALUE=BENEFIT/COST). Agencies that want to protect or enhance their budget must take strategic (and political) actions to build the case that cutting their budget would be detrimental to sustaining safe communities.
Just as a Fire Department can easily show the value of a new fire truck or firehouse, law enforcement agencies must be able to articulate the consquences of either cutting their budget or failing to fund new initiatives, and they must do it in a way that captures the political will necessary to support their cause. Unfortunately, many agencies try to make the best of the situation and strip their internal capacity and/or reduce their services in other areas to compensate for the cuts, leaving themselves open to public criticism.
I suggested to my friend that instead of “sucking it up” and accepting the cut, that he (and his chief) figure out a strategy to build public and (if necessary) private support for either finding alternatives to the budget cut or (at a minimum) reducing the amount of the budget cut they are expected to take.
I am a big believer in the “shifting the burden” strategy whereby the law enforcement agency (or any agency for that matter) would layout the public safety problems faced by the community, the operational strategies required to address those issues, and an estimated cost of the resources (by budget category) to undertake those actions (performance based budget), and then present that to the County Manager/Council, City Manager/Council, etc., and let them decide what will be funded or not funded. The key here is to SHIFT THE BURDEN TO THEM TO SAY NO TO ADDRESSING PARTICULAR CRIME CONCERNS.
Unfortunately, many agencies will be uncomfortable with this strategy and would instead perfer to set their own priorities–some may disagree with me, but agencies that do this (in my opinion) leave themselves open to the risks associated with being held to those objectives without being given the resources to be successful. I also see the “shift the burden” strategy as a) a way for agencies to hold their state, county, city leadership accountable for fully funding public safety initiatives and b) as a strategy to prevent those same leaders from cutting initiatives they originally agreed to fund–this puts the burden for establishing the value of law enforcement in the hands of those with the checkbook, and…
What politician is going to want to tell their constituants that they want less public safety?
Your thoughts and comments welcomed..r/Chuck