GAO hits agency info-sharing policy
- By Alice Lipowicz
- Apr 19, 2006
Federal policies for information-sharing against terrorism are fragmented and haphazardly applied, according to a recent Government Accountability Office report
The problems reflect not only the huge challenge of the task, but also that responsibility for information sharing has been shifted among several agencies. The duties were passed from the Office of Management and Budget to the Homeland Security Department in 2003, but neither has completed the task, the report said.
In 2005, under the intelligence reform legislation, the newly created Office of the Director of National Intelligence took responsibility to create and oversee a new Information-Sharing Environment. However, that program has been stalled since at least January, when its program manager resigned, GAO said.
'More than four years after Sept. 11, the nation still lacks governmentwide policies and processes to help agencies integrate the myriad of ongoing efforts ' to improve the sharing of terrorism-related information that is critical to protecting our homeland,' GAO wrote.
Federal agencies use 56 different sensitive, unclassified designations to protect information such as investigative leads on suspected criminal activity, drug enforcement case backgrounds and nuclear power plant information. Most of the categories lack common definitions and policies for sharing.
More than half the federal agencies reviewed by GAO reported challenges in sharing sensitive but unclassified information in the 56 categories, the report said. Without overall policies, the agencies are making decisions about sharing on a case-by-case basis and are applying the classifications in a fragmented manner.
For example, sometimes different types of information are labeled similarly, and sometimes similar information is labeled differently depending on the agency, GAO said.
In addition, there are no policies to govern which government employees, and how many, should have authority to designate that specific data be considered sensitive. Nor are there policies on how to train those employees and review their performance.
'The lack of such recommended internal controls increases the risk that the designations will be misapplied,' GAO report said.
GAO recommends that the director of national intelligence and OMB review inventories of agencies' sensitive but unclassified procedures, and develop a policy that consolidates the designations and makes them consistent. GAO also advises that internal controls be put into place for information sharing.
The director of national intelligence neither agreed nor disagreed with GAO's findings; however, the director also declined to comment on GAO's draft report, saying that the review of intelligence activities is 'beyond GAO's purview.' GAO disagreed with that assessment.
John Russack, the former program manager of the information sharing environment, announced his resignation Jan. 26. His replacement, Thomas McNamara, a special assistant to the president for national security affairs and former ambassador to Colombia, was announced March 20 by the White House to fill the post.Alice Lipowicz is a staff writer for
Government Computer News' sister publication, Washington Technology
Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.