FBI policy office disciplines IT spending

The FBI is hoping its new Office of Information Technology Policy and Planning (OIPP) will help propel the bureau toward 21st Century IT capabilities.

The office sets policies, develops plans, oversees through governance procedures and directs investment. The office is one of four created by the FBI’s Office of the CIO in July 2004 as part of centralizing the bureau’s IT operations.

OIPP helps ensure that the FBI’s IT spending will best support its mission by balancing engineering with policy and knowing business best practices as well as cutting-edge technology, Sanjeev “Sonny” Bhagowalia, the acting assistant director who heads the office, said Wednesday.

The office plays a key role in meeting FBI Director Robert Mueller’s goal of giving the FBI world-class IT capability by 2010, Bhagowalia said.

OIPP also addresses audits from the Justice Department’s inspector general and the Government Accountability Office that have criticized the FBI for lacking a standard methodology and governance for developing enterprisewide IT, Bhagowalia said.

All of the agency’s IT programs now follow the FBI’s Enterprise Architecture, which prevents overspending, redundancy and misalignment with the agency’s mission and needs, Bhagowalia said. OIPP began developing its Enterprise Architecture in summer 2004 through a partnership with Bearing Point.

The FBI finished its ‘as-is’ architecture last spring and completed in December its first comprehensive list of all 479 FBI IT systems, Bhagowalia said. The agency published an interim architecture as part of the Sentinel RFP this month.

OIPP has completed a target architecture for the next three to five years and must now create a plan to bridge the interim and target architectures by the fall, he said.

OIPP also oversees the expansion of the FBI’s new governance process for IT investment and project management. The Life Cycle Management Directive (LCMD) is the FBI’s first enterprisewide framework that ensures that all IT programs follow identical policies, Bhagowalia said. The FBI created the first version last summer and is expected to release the third version in early fall.

LCMD creates a standardized, repeatable and sustainable development process that involves all stakeholders to make sure that IT programs meet their needs, Bhagowalia said.

To assist LCMD, OIPP has bought Metier WorkLenz, an application that acts as an automated dashboard that tracks projects’ progress in real time from acquisition to implementation to disposal, Bhagowalia said.

The FBI has already successfully completed several major projects since its IT reorganization, Bhagowalia said. One is a joint Public Key Infrastructure (PKI) project between OIPP and the FBI’s Security Division.

Through PKI, 27,000 FBI employees were given smart cards with their encrypted biometric information on it. The cards provide both physical and cybersecurity.

Employees must use their cards to enter FBI facilities and insert them into card readers when they log on to their computers as an extra authentication measure.

The cards also automatically encrypt e-mail and other documents and provide digital signatures to assist workflow and verify users’ identities.

Another recent project is the FBI Intelligence Information Report (IIR) Dissemination System, or FIDS. The first XML-based system in the intelligence community, FIDS automates workflow to more quickly share information within the FBI and with outside law enforcement agencies and the intelligence community, Bhagowalia said.

FIDS has “tear lines” that allow the sharing of unclassified information while protecting classified information, Bhagowalia said. The program was completed in six months and started operation at the close of 2004.

One of OIPP’s other goals is to prevent another fiasco like the failure of the FBI’s $170 million Virtual Case File (VCF) management system, part of the FBI’s Trilogy IT modernization plan. Originally due in December 2003, VCF was shelved in March without ever having been implemented.

In a February audit, Glenn Fine, the Justice Department’s inspector general, blamed VCF's meltdown on poor management and oversight, design modifications during the project, and bad IT investment practices. Fine warned that the FBI must improve its antiquated computer systems or risk being unable to do its job.

Since learning of VCF’s failure, the Senate Judiciary Committee has criticized the FBI for wasting so much money on it and has warned that Sentinel, VCF’s replacement, had better work and not cost too much.