Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.
OCR for page R1
A Review of the FBI’s Trilogy Information Technology Modernization Program A Review of the FBI’s Trilogy Information Technology Modernization Program James C. McGroddy and Herbert S. Lin, Editors Committee on the FBI’s Trilogy Information Technology Modernization Program Computer Science and Telecommunications Board Division on Engineering and Physical Sciences NATIONAL RESEARCH COUNCIL OF THE NATIONAL ACADEMIES THE NATIONAL ACADEMIES PRESS Washington, D.C. www.nap.edu
OCR for page R2
A Review of the FBI’s Trilogy Information Technology Modernization Program THE NATIONAL ACADEMIES PRESS 500 Fifth Street, N.W. Washington, DC 20001 NOTICE: The project that is the subject of this report was approved by the Governing Board of the National Research Council, whose members are drawn from the councils of the National Academy of Sciences, the National Academy of Engineering, and the Institute of Medicine. The members of the committee responsible for the report were chosen for their special competences and with regard for appropriate balance. This study was supported by the Federal Bureau of Investigation (FBI) at its request under Award Number A3D0316801. However, in accordance with NRC policy, the FBI did not review this report before publication, and the opinions, findings, conclusions, or recommendations expressed in this publication are those of the authors and do not necessarily reflect the views of the FBI. International Standard Book Number 0-309-09224-8 (Book) International Standard Book Number 0-309-53248-5 (PDF) This report is available from the National Academies Press, 500 Fifth Street, N.W., Lockbox 285, Washington, DC 20055; (800) 624-6242 or (202) 334-3313 (in the Washington metropolitan area); Internet, http://www.nap.edu Copyright 2004 by the National Academy of Sciences. All rights reserved. Printed in the United States of America Suggested citation: National Research Council, A Review of the FBI’s Trilogy Information Technology Modernization Program, Computer Science and Telecommunications Board, National Academies Press, Washington, D.C., 2004.
OCR for page R3
A Review of the FBI’s Trilogy Information Technology Modernization Program THE NATIONAL ACADEMIES Advisers to the Nation on Science, Engineering, and Medicine The National Academy of Sciences is a private, nonprofit, self-perpetuating society of distinguished scholars engaged in scientific and engineering research, dedicated to the furtherance of science and technology and to their use for the general welfare. Upon the authority of the charter granted to it by the Congress in 1863, the Academy has a mandate that requires it to advise the federal government on scientific and technical matters. Dr. Bruce M. Alberts is president of the National Academy of Sciences. The National Academy of Engineering was established in 1964, under the charter of the National Academy of Sciences, as a parallel organization of outstanding engineers. It is autonomous in its administration and in the selection of its members, sharing with the National Academy of Sciences the responsibility for advising the federal government. The National Academy of Engineering also sponsors engineering programs aimed at meeting national needs, encourages education and research, and recognizes the superior achievements of engineers. Dr. Wm. A. Wulf is president of the National Academy of Engineering. The Institute of Medicine was established in 1970 by the National Academy of Sciences to secure the services of eminent members of appropriate professions in the examination of policy matters pertaining to the health of the public. The Institute acts under the responsibility given to the National Academy of Sciences by its congressional charter to be an adviser to the federal government and, upon its own initiative, to identify issues of medical care, research, and education. Dr. Harvey V. Fineberg is president of the Institute of Medicine. The National Research Council was organized by the National Academy of Sciences in 1916 to associate the broad community of science and technology with the Academy’s purposes of furthering knowledge and advising the federal government. Functioning in accordance with general policies determined by the Academy, the Council has become the principal operating agency of both the National Academy of Sciences and the National Academy of Engineering in providing services to the government, the public, and the scientific and engineering communities. The Council is administered jointly by both Academies and the Institute of Medicine. Dr. Bruce M. Alberts and Dr. Wm. A. Wulf are chair and vice chair, respectively, of the National Research Council. www.national-academies.org
OCR for page R4
A Review of the FBI’s Trilogy Information Technology Modernization Program This page intentionally left blank.
OCR for page R5
A Review of the FBI’s Trilogy Information Technology Modernization Program COMMITTEE ON THE FBI’S TRILOGY INFORMATION TECHNOLOGY MODERNIZATION PROGRAM JAMES C. McGRODDY, IBM (retired), Chair EDWARD BALKOVICH, RAND RICHARD BASEIL, Holmdel, New Jersey MATT BLAZE, University of Pennsylvania W. EARL BOEBERT, Sandia National Laboratories MARC DONNER, Morgan Stanley MICHAEL McGILL, Columbus, Ohio JAMES NOGA, Massachusetts General Hospital CARL O’BERRY, The Boeing Company KEN ORR, The Ken Orr Institute JAMES PATTON, The MITRE Corporation MARK SEIDEN, MSB Associates GEORGE SPIX, Microsoft Corporation CHARLES E. STUART, Competitive Enterprise Solutions, LLC GIO WIEDERHOLD, Stanford University HERBERT S. LIN, Senior Scientist and Study Director KRISTEN BATCH, Research Associate DAVID DRAKE, Senior Project Assistant (until November 2003)
OCR for page R6
A Review of the FBI’s Trilogy Information Technology Modernization Program COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD DAVID D. CLARK, Massachusetts Institute of Technology, Chair ERIC BENHAMOU, 3Com Corporation ELAINE COHEN, University of Utah THOMAS E. DARCIE, University of Victoria MARK E. DEAN, IBM Research JOSEPH FARRELL, University of California, Berkeley JOAN FEIGENBAUM, Yale University HECTOR GARCIA-MOLINA, Stanford University RANDY H. KATZ, University of California, Berkeley WENDY A. KELLOGG, IBM T.J. Watson Research Center SARA KIESLER, Carnegie Mellon University BUTLER W. LAMPSON, Microsoft Corporation, CSTB member emeritus DAVID LIDDLE, U.S. Venture Partners TERESA H. MENG, Stanford University TOM M. MITCHELL, Carnegie Mellon University DANIEL PIKE, GCI Cable and Entertainment ERIC SCHMIDT, Google, Inc. FRED B. SCHNEIDER, Cornell University BURTON SMITH, Cray, Inc. WILLIAM STEAD, Vanderbilt University ANDREW J. VITERBI, Viterbi Group, LLC JEANNETTE M. WING, Carnegie Mellon University CHARLES BROWNSTEIN, Director KRISTEN BATCH, Research Associate JENNIFER M. BISHOP, Program Associate JANET BRISCOE, Administrative Officer JON EISENBERG, Senior Program Officer RENEE HAWKINS, Financial Associate PHIL HILLIARD, Research Associate MARGARET MARSH HUYNH, Senior Project Assistant ALAN S. INOUYE, Senior Program Officer HERBERT S. LIN, Senior Scientist LYNETTE I. MILLETT, Program Officer DAVID PADGHAM, Research Associate CYNTHIA A. PATTERSON, Program Officer JANICE SABUDA, Senior Project Assistant BRANDYE WILLIAMS, Staff Assistant STEVEN WOO, Dissemination Officer For more information on CSTB, see its Web site at <http://www.cstb.org>, write to CSTB, National Research Council, 500 Fifth Street, N.W., Washington, DC 20001, call at (202) 334-2605, or e-mail at email@example.com.
OCR for page R7
A Review of the FBI’s Trilogy Information Technology Modernization Program Preface In September 2002, the Federal Bureau of Investigation (FBI) requested the assistance of the National Research Council (NRC) in providing expertise to assist it in its review of the Trilogy information technology (IT) modernization program. In response, the NRC convened a number of experts who met with the FBI. The FBI briefed these experts on various aspects of the program, and these experts responded to the FBI as individuals to those briefings. (In hindsight, many of these individually provided comments presaged the more formal findings and conclusions presented in this report.) In July 2003, the FBI again requested the assistance of the NRC on the same topic, after having made progress in its IT modernization efforts. The committee’s charge was to provide a more thorough review and set of recommendations on the FBI’s information technology modernization efforts, focusing primarily on the Trilogy program but addressing related issues as necessary. In this second request, the FBI asked for a written report, thus invoking the regular NRC report process. To minimize the time needed to respond to the FBI, the Computer Science and Telecommunications Board (CSTB) of the NRC selected a committee composed largely but not exclusively of the experts convened for the September 2002 meeting. The committee’s charge was to review the FBI’s efforts on the Trilogy IT modernization program, based on input provided to the committee by the FBI. The FBI also requested a review that could be done quickly and relatively inexpensively. Accordingly, the committee did not systematically develop information from non-FBI sources, nor did it undertake a comprehensive review of all FBI IT systems or plans for such systems. Furthermore, the committee was only able to sample the programs of interest, and thus it did not achieve a comprehensive picture even of those programs. Except as explicitly noted otherwise, the briefings to the committee on October 27-28, 2003, and December 15-16, 2003, constitute the factual base for this effort. The committee’s conclusions and recommendations reflect its collective experience with large-scale IT system deployments.
OCR for page R8
A Review of the FBI’s Trilogy Information Technology Modernization Program The committee wishes to thank Herbert Lin, the CSTB study director, for his efforts in developing coherent drafts from assorted e-mails and brief notes from committee meetings, and for being the prime driver of the early completion of this report. We also thank the CSTB staff, particularly Kristen Batch for research support, and D.C. Drake for administrative support. James C. McGroddy, Chair Committee on the FBI’s Trilogy Information Technology Modernization Program
OCR for page R9
A Review of the FBI’s Trilogy Information Technology Modernization Program Acknowledgment of Reviewers This report was reviewed in draft form by individuals chosen for their diverse perspectives and technical expertise, in accordance with procedures approved by the National Research Council’s (NRC’s) Report Review Committee. The purpose of this independent review is to provide candid and critical comments that will assist the institution in making its published report as sound as possible and to ensure that the report meets institutional standards for objectivity, evidence, and responsiveness to the study charge. The review comments and draft manuscript remain confidential to protect the integrity of the deliberative process. We wish to thank the following individuals for their participation in the review of this report: Steven Bellovin, AT&T Research Ed Feigenbaum, Stanford University Stuart Feldman, IBM Robert Grossman, Open Data Partners, LLC Beryl Howell, Stroz Friedberg, LLC Sidney Karin, University of California, San Diego Kenneth Laudon, New York University Michael Miravalle, Dolphin Technology, Inc. Joseph Smialowski, Fleet Bank Robert Spinrad, Palo Alto, California Howard Wactlar, Carnegie Mellon University Patrick Webb, Consultant Todd White, Emerio, Inc. Although the reviewers listed above have provided many constructive comments and suggestions, they were not asked to endorse the conclusions or recommendations nor did they see the final draft of the report before its release. The review of this report was overseen by
OCR for page R10
A Review of the FBI’s Trilogy Information Technology Modernization Program Gerry Dinneen (Lexington, Massachusetts). Appointed by the NRC, he was responsible for making certain that an independent examination of this report was carried out in accordance with institutional procedures and that all review comments were carefully considered. Responsibility for the final content of this report rests entirely with the authoring committee and the institution.
OCR for page R11
A Review of the FBI’s Trilogy Information Technology Modernization Program Contents EXECUTIVE SUMMARY 1 1 BACKGROUND 9 1.1 Preliminaries, 10 1.2 Missions of the FBI, 10 1.2.1 Criminal Investigation, 11 1.2.2 Counterterrorism, 11 1.3 Key FBI Processes, 12 1.3.1 Investigation, 12 1.3.2 Intelligence, 13 1.3.3 Information Management, 14 2 IT-RELATED ISSUES FOR THE FBI REQUIRING IMMEDIATE ACTION 16 2.1 Enterprise Architecture Issues, 16 2.1.1 Creating an Enterprise Architecture That Serves FBI Objectives, 16 2.1.2 FBI Activities with Respect to Enterprise Architecture, 22 2.1.3 Data Management Issues Arising from the Absence of an Enterprise Architecture, 24 2.2 Designing IT Systems to Support FBI Strategy and Operational Needs, 26 2.2.1 The Virtual Case File (VCF) Application of Trilogy, 26 2.2.2 Data Management and the Integrated Data Warehouse (IDW), 29 2.2.3 SCOPE, 34 2.2.4 Mobile Computing, 35 2.2.5 Security, 35 2.2.6 Privacy, 39
OCR for page R12
A Review of the FBI’s Trilogy Information Technology Modernization Program 2.3 Ensuring Effective Management of IT Development and Implementation, 40 2.3.1 Overall Development Methodology, 40 2.3.2 Contracting and Contract Management, 42 2.3.3 Program Management, 43 2.4 Ensuring the Growth of FBI IT Expertise and Dealing with External Factors, 45 2.4.1 Human Resources, 45 2.4.2 External Constraints, 47 3 RECOMMENDATIONS 48 3.1 Regarding Enterprise Architecture, 48 3.2 Regarding System Design, 50 3.3 Regarding Program and Contract Management, 54 3.4 Regarding Human Resources, 55 3.5 Conclusion, 55 APPENDIX: Short Biographies 57 What Is CSTB? 65