Fusion Center Guidelines

Fusion Center Guidelines
Developing and Sharing Information and Intelligence in a New Era

Guidelines for Establishing and Operating Fusion Centers at the Local, State, and Federal Levels
Law Enforcement Intelligence, Public Safety, and the Private Sector
United States Department of Justice
Fusion Center Guidelines

Developing and Sharing Information and Intelligence in a New Era
Guidelines for Establishing and Operating Fusion Centers at the Local, State, and Federal Levels
Law Enforcement Intelligence, Public Safety, and the Private Sector
Fusion Center GuidelinesDeveloping and Sharing Information in a New Era
This document was prepared under the leadership, guidance, and funding of the Bureau of Justice Assistance (BJA), Office of Justice Programs, U.S. Department of Justice, in collaboration with the U.S. Department of Justices Global Justice Information Sharing Initiative and the U.S. Department of Homeland Security. The opinions, findings, and conclusions or recommendations expressed in this document are those of the authors and do not necessarily represent the official position or policies of the U.S. Department of Justice or the U.S. Department of Homeland Security.

Foreword
The U.S. Department of Justce (DOJ) and the U.S. Department of Homeland Securty (DHS) collaborated n the development of these fuson center gudelnes. The ntent of the partnershp is to provide a consistent, unified message and to provide a comprehensve set of gudelnes for developng and operatng a fuson center wthn a state or regon. Members of DOJs Global Justce Informaton Sharng Intatve (Global) and DHSs Homeland Securty Advsory Councl (HSAC) supported ths project, whch nvolved numerous law enforcement experts and practtoners from local, state, trbal, and federal agences, as well as representatves of publc safety and prvate sector enttes across the country. Ther collectve knowledge, nsght, and wllngness to partcpate resulted n an outstandng product. Strong leadershp for the projects focus groups was provded by Peter Modaffer, char of the Law Enforcement Intellgence Focus Group; John Cohen, char of the Publc Safety Focus Group; and Kenneth Bouche, char of the Prvate Sector Focus Group. Ths effort would not have been possble wthout the support and gudance of key ndvduals. A specal thank you s gven to the followng ndvduals for ther leadershp and commtment to this initiative: Regina B. Schofield, Assistant Attorney General, Office of Justice Programs (OJP); Domingo S. Herraiz, Director, Bureau of Justce Assstance (BJA), OJP; J. Patrck McCreary, Assocate Deputy Drector of Natonal Polcy, BJA; Tm Beres, Director, Preparedness Programs Division, Office for Domestic Preparedness, DHS; Dave Brannegan, Program Manager, Office of State and Local Government Coordnaton and Preparedness, DHS; Danel Ostergaard, Executve Drector, HSAC, DHS; Michael Miron, Jeff Gaynor, and Candace Stoltz, Directors, Intellgence and Informaton Sharng Workng Groups, HSAC; DHS; and Mtt Romney, charman, Intellgence and Informaton Sharng Workng Group, HSAC, DHS.
The Role of Leadership

In developng our countrys response to the threat of terrorsm, law enforcement, publc safety, and prvate sector leaders have recognized the need to improve the sharing of information and intelligence across agency borders. Every official involved n nformaton and ntellgence sharng has a stake n ths ntatve. Leaders must move forward wth a new paradgm on the exchange of nformaton and ntellgence, one that ncludes the ntegraton of law enforcement, publc safety, and the prvate sector. Law enforcement, publc safety, and prvate sector leaders are encouraged to embrace the gudelnes n ths report when establshng a fuson center or partcpatng n one. Informaton and ntellgence sharng among states and jursdctons wll become seamless and efficient when each fusion center uses a common set of guidelines. It is the intent of this document to provide guidelines that help ensure fusion centers are established and operated effectively and efficiently in a manner that protects the privacy and civil liberties of citizens. The complete support of public safety leaders at all levels is critical to the successful mplementaton and operaton of fuson centers.

v
Table of Contents
Foreword ................................................................................................................................................................................................iii Executive Summary ..............................................................................................................................................................................1 Summary of Guidelines and Key Elements ........................................................................................................................................5 IntroductionFusion Concept and Functions ...................................................................................................................................9 Fuson Center Gudelnes Development...........................................................................................................................................9 The Fuson Concept .........................................................................................................................................................................10 Fuson Centers .................................................................................................................................................................................12 Fuson Center Functons ..................................................................................................................................................................13 Functonal Categores ......................................................................................................................................................................13 State Strategy ..................................................................................................................................................................................14 Informaton Flow ..............................................................................................................................................................................14 . Background and Methodology ............................................................................................................................................................15 . A Phased Approach .........................................................................................................................................................................15 . Phase ILaw Enforcement Intellgence Component ......................................................................................................................15 . Phase 2Publc Safety Component ................................................................................................................................................16 Phase 3Prvate Sector Component ..............................................................................................................................................17 Guidelines Gudelne 1: The NCISP and the Intellgence and Fuson Processes ...........................................................................................19 Gudelne 2: Msson Statement and Goals ...................................................................................................................................23 Gudelne 3: Governance...............................................................................................................................................................25 Gudelne 4: Collaboraton ............................................................................................................................................................29 Gudelne 5: Memorandum of Understandng (MOU) and Non-Dsclosure Agreement (NDA) .....................................................31 . Gudelne 6: Database Resources.................................................................................................................................................33 Gudelne 7: Interconnectvty ........................................................................................................................................................37 Gudelne 8: Prvacy and Cvl Lbertes .........................................................................................................................................41 Gudelne 9: Securty .....................................................................................................................................................................43 Gudelne 10: Faclty, Locaton, and Physcal Infrastructure ...........................................................................................................47 Gudelne 11: Human Resources ....................................................................................................................................................51 Gudelne 12: Tranng of Center Personnel ....................................................................................................................................53 Gudelne 13: Multdscplnary Awareness and Educaton ..............................................................................................................55 Gudelne 14: Intellgence Servces and Products ...........................................................................................................................57
Gudelne 15: Polces and Procedures ...........................................................................................................................................59 Gudelne 16: Center Performance Measurement and Evaluaton ..................................................................................................61 Gudelne 17: Fundng .....................................................................................................................................................................63 Gudelne 18: Communcatons Plan ...............................................................................................................................................65 Next Steps ..............................................................................................................................................................................................67 Appendices Appendx A: Focus Group Partcpants and Acknowledgements...................................................................................................A-1 Appendx B: Fuson Center CD Resources ...................................................................................................................................B-1 Appendx C: Functonal Categores ...............................................................................................................................................C-1 Appendx D: HSAC Homeland Securty Intellgence and Informaton Fuson Report ...................................................................D-1 Appendx E: Informaton Exchange Analyss and Desgn Report ..................................................................................................E-1 Appendx F: Fuson Center Report Glossary.................................................................................................................................F-1 Appendx G: Acronyms ..................................................................................................................................................................G-1
v
Executive Summary
The need to develop and share nformaton and ntellgence across all levels of government has significantly changed over the last few years. The long-standng nformaton sharng challenges among law enforcement agences, publc safety agences, and the prvate sector are slowly dsappearng. Yet, the need to dentfy, prevent, montor, and respond to terrorst and criminal activities remains a significant need for the law enforcement, ntellgence, publc safety, and prvate sector communtes. Through the support, expertse, and knowledge of leaders from all enttes nvolved, the fuson center concept can become a reality. Each official has a stake in the development and exchange of nformaton and ntellgence and should act as an ambassador to support and further ths ntatve. It s the responsblty of leadershp to mplement and adhere to the Fusion Center Guidelines. and operaton of centers. The gudelnes are a mlestone n achieving a unified force among all levels of law enforcement agencies; public safety agencies, such as fire, health, and transportaton; and the prvate sector. Fuson centers brng all the relevant partners together to maximize the ability to prevent and respond to terrorsm and crmnal acts. By embracng ths concept, these entities will be able to effectively and efficiently safeguard our homeland and maximize anticrime efforts.
What Is the Fusion Center Guidelines Initiative?

In 2004 and 2005, many states began creatng fuson centers wth varous local, state, and federal funds. At the tme, no standards or gudelnes were n exstence to assst wth nteroperablty and communcaton ssues wth other centers at the state, regonal, and federal levels. As a result, centers desgned to share nformaton were actually slos of nformaton, ncapable of nformaton exchange. In response, the U.S. Department of Justce (DOJ), at the request of ts Global Justce
In their January 2005 survey, the National Governors Association Center for Best Practices revealed that states ranked the development of state intelligence fusion centers as one of their highest priorities.
The development and exchange of ntellgence s not easy. Sharng ths data requres not only strong leadershp, t also requres the commtment, dedcaton, and trust of a dverse group of men and women who beleve n the power of collaboraton. How can law enforcement, public safety, and private entities embrace a collaborative process to improve intelligence sharing and, ultimately, increase the ability to detect, prevent, and solve crimes while safeguarding our homeland? Recently, an ntatve has emerged that ncorporates the varous elements of an deal nformaton and ntellgence sharng project: fuson centers (or center). Ths ntatve offers gudelnes and tools to assst n the establshment
Informaton Sharng Intatves (Global) Crmnal Intellgence Coordnatng Councl (CICC), formed the Law Enforcement Intellgence Fuson Center Focus Group (FCFG).1 Concurrently, the U.S. Department of Homeland Securtys (DHS) Homeland Securty Advsory Councl (HSAC or Councl) Intellgence and Informaton Sharng Workng Group was focusng on preventon and nformaton sharng by developng gudelnes for local and state agences n relaton to the collecton, analyss, and dssemnaton of terrorsm-related ntellgence (.e., the fuson process). The recommendatons resultng from DOJs ntatve and HSACs efforts lad the foundaton for the expanson of the Fusion Center Guidelines to ntegrate the publc safety and prvate sector enttes. Subsequent to publshng Verson 1 of the Fusion Center Guidelines and the HSACs Intelligence and Information Sharing Initiative: Homeland Security Intelligence and Information Fusion report, DOJ and HSAC establshed two addtonal focus groups the Publc Safety FCFG and the Prvate Sector FCFGn an effort to develop a comprehensve set of gudelnes for fuson centers. Partcpants n the three focus groups2 ncluded experts and practtoners from local, state, and federal law enforcement agences; publc safety agences; and the prvate sector as well as representatves from currently operatng fuson centers.3 In addton, representatves from natonal law enforcement, publc safety, and private sector organizations participated in the focus groups. These gudelnes should be used to ensure that fuson centers are establshed and operated consstently, resultng n enhanced coordnaton efforts, strengthened partnershps, and mproved crime-fighting and antiterrorism capabilities. The guidelines and related materals wll provde assstance to centers as they prioritize and address threats posed in their specific jurisdictions for all crme types, ncludng terrorsm. In addton, the gudelnes wll help admnstrators develop polces, manage resources, and evaluate servces assocated wth the jursdctons fuson center. The gudelnes should be used for homeland securty, as well as all crimes and hazards. The full report contains an in-depth explanaton of the gudelnes and ther key elements. Also ncluded n the report are addtonal resources, model polces, and tools for gudelne mplementaton.
response, and consequence management programs. At the same tme, t supports efforts to address mmedate or emergng threat-related crcumstances and events. Data fuson nvolves the exchange of nformaton from dfferent sourcesncludng law enforcement, publc safety, and the prvate sectorand, wth analyss, can result n meanngful and actonable ntellgence and nformaton. The fuson process turns ths nformaton and ntellgence nto actonable knowledge. Fuson also allows for relentless reevaluaton of exstng data n context wth new data n order to provde constant updates. The publc safety and prvate sector components are ntegral n the fuson process because they provde fuson centers wth crme-related nformaton, ncludng rsk and threat assessments, and subject-matter experts who can aid in threat identification.
Fusion: Turning Information and Intelligence Into Actionable Knowledge
Because of the prvacy concerns that attach to personally identifiable information, it is not the intent of fusion centers to combine federal databases containing personally identifiable nformaton wth state, local, and trbal databases nto one system or warehouse. Rather, when a threat, crmnal predcate, or public safety need is identified, fusion centers will allow information from all sources to be readily gathered, analyzed, and exchanged, based upon the predcate, by provdng access to a varety of dsparate databases that are mantaned and controlled by approprate local, state, trbal, and federal representatves at the fuson center. The product of ths exchange wll be stored by the entty takng acton n accordance wth any applcable fuson center and/or department polcy, ncludng state and federal prvacy laws and requrements.
What Is a Fusion Center?

A fusion center is an effective and efficient mechanism to exchange information and intelligence, maximize resources, streamline operations, and improve the ability to fight crime and terrorism by analyzing data from a variety of sources. In addton, fuson centers are a condut for mplementng portons of the National Criminal Intelligence Sharing Plan (hereafter, NCISP or Plan).4 The NCISP s the blueprnt for law enforcement admnstrators to follow when enhancng or buldng an ntellgence functon. The Plan contans over 25 recommendations that were vetted by law enforcement officials and experts from local, state, trbal, and federal agences. It embraces ntellgence-led polcng, communty polcng, and collaboraton and serves as the foundaton for the Fusion Center Guidelines. A fusion center is defined as a collaborative effort of two or more agences that provde resources, expertse, and nformaton to the center with the goal of maximizing their ability to detect, prevent, nvestgate, and respond to crmnal and terrorst actvty. Among the prmary focuses of fuson centers are the
4 The National Criminal Intelligence Sharing Plan s avalable at www.t.ojp.gov.
What Is the Fusion Process?

The concept of fuson has emerged as the fundamental process to facltate the sharng of homeland securty-related and crme-related nformaton and ntellgence. For purposes of ths ntatve, fuson refers to the overarchng process of managing the flow of information and intelligence across all levels and sectors of government and prvate ndustry. It goes beyond establshng an nformaton/ntellgence center or creatng a computer network. The fuson process supports the mplementaton of rsk-based, nformaton-drven preventon,
1 Prevously named the Fuson Center Intellgence Standards Focus Group. 2 A complete lstng of partcpants from each of the focus groups can be found n Appendx A. 3 Informaton on currently operatng fuson and ntellgence centers can be accessed va the Natonal Crmnal Intellgence Resource Center at www.ncrc.gov.
ntellgence and fuson processes, through whch nformaton s collected, integrated, evaluated, analyzed, and disseminated. Nontradtonal collectors of ntellgence, such as publc safety entities and private sector organizations, possess important nformaton (e.g., rsk assessments and suspcous actvty reports) that can be fused wth law enforcement data to provde meanngful nformaton and ntellgence about threats and crmnal actvty. It s recommended that the fuson of publc safety and prvate sector nformaton wth law enforcement data be virtual through networking and utilizing a search function. Examples of the types of nformaton ncorporated nto these processes are threat assessments and nformaton related to publc safety, law enforcement, publc health, socal servces, and publc works. Federal data that contans personally identifiable information should not be combined with this data
Crmnal Justce Educaton Emergency Servces (non-law enforcement) Energy Government Health and Publc Health Servces Hosptalty and Lodgng Informaton and Telecommuncatons Mltary Facltes and Defense Industral Base Postal and Shppng Prvate Securty Publc Works Real Estate Retal Socal Servces Transportaton
Although each fusion center will have unique characteristics, it is important for centers to operate under a consistent framework similar to the construction of a group of buildings where each structure is unique, yet a consistent set of building codes and regualtions are adhered to regardless of the size or shape of the building.
untl a threat, crmnal predcate, or publc safety need has been identified. These processes support efforts to anticipate, identify, prevent, montor, and respond to crmnal actvty. Federal law enforcement agences that are partcpatng n fuson centers should ensure that they comply wth all applcable prvacy laws when contemplatng the wholesale sharng of nformaton wth nontradtonal law enforcement enttes. Ideally, the fuson center nvolves every level and dscplne of government, prvate sector enttes, and the publcthough the level of nvolvement of some of these partcpants wll vary based on specific circumstances. The fusion process should be organized and coordinated, at a minimum, on a statewide level, and each state should establsh and mantan a center to facltate the fuson process. Though the foundaton of fuson centers s the law enforcement ntellgence component, center leadershp should evaluate ther respectve jursdctons to determne what publc safety and prvate sector enttes should partcpate n the fuson center. To ad n ths assessment, functonal categores have been developed, n whch smlar enttes are grouped. These categores are not comprehensve but represent a startng pont for fuson center leadershp to begn assessng what agencies and organizations should be involved in the centers operatons. The functonal categores nclude: Agrculture, Food, Water, and the Envronment Bankng and Fnance Chemical Industry and Hazardous Materials
The Fusion Center Guidelines report contans an appendx descrbng the functonal categores and provdes examples of the types of nformaton that the enttes can provde to fuson centers.
Why Should Fusion Centers Be Established?

The ultmate goal s to provde a mechansm through whch government, law enforcement, publc safety, and the prvate sector can come together wth a common purpose and mprove the ablty to safeguard our homeland and prevent crmnal actvty. It s crtcal for government to accomplsh more wth less. Fuson centers embody the core of collaboraton, and as demands ncrease and resources decrease, fuson centers wll become an effective tool to maximize available resources and buld trusted relatonshps. It s recommended that fuson centers adhere to these gudelnes and ntegrate the key elements of each gudelne to the fullest extent, n order to enhance nformaton and ntellgence sharng.
Summary of Guidelines and Key Elements

5
Summary of Gudelnes and Key Elements5
1. Adhere to the tenets contained in the National Criminal Intelligence Sharing Plan (NCISP) and other sector-specific information sharing plans, and perform all steps of the intelligence and fusion processes.
Consult the tenets of the NCISP, and use model standards and polces as a blueprnt for establshng or enhancng the ntellgence functon wthn the center. Consult the Homeland Securty Advsory Councls (HSAC) Intelligence and Information Sharing Initiative: Homeland Security Intelligence and Information Fusion report when ncorporatng the fuson process n the center.
4. Create a collaborative environment for the sharing of intelligence and information among local, state, tribal, and federal law enforcement agencies, public safety agencies, and the private sector.
Mantan a dverse membershp to nclude representatves from local, state, trbal, and federal law enforcement, publc safety, and the prvate sector. Conduct regular meetngs wth center personnel, and participate in networking groups and organizations. Educate and liase with elected officials and community leadershp to promote awareness of center operatons.
2. Collaboratively develop and embrace a mission statement, and identify goals for the fusion center.
Develop the centers msson statement and goals collaboratvely wth partcpatng enttes. Identify customer needs, define tasks, and prioritize functons. Ensure the msson statement s clear and concse and conveys the purpose, prorty, and role of the center. Include the name and type of the center, what the center does, and whom the center serves n the msson statement.
5. Utilize Memoranda of Understanding (MOUs), NonDisclosure Agreements (NDAs), or other types of agency agreements, as appropriate.
Educate and consult legal advsors early n the fuson center development process. Utilize an NDA for fusion center personnel and partcpants to ad n the securty of propretary nformaton. Ensure awareness of local, state, and federal publc records laws as they relate to NDAs, ncludng the Freedom of Informaton Act (FOIA). Use an MOU as the foundaton for a collaboratve ntatve, founded on trust, wth the ntent to share and exchange nformaton. At a mnmum, consder ncludng the followng elements n fuson center MOUs:

3. Create a representative governance structure that includes law enforcement, public safety, and the private sector.
Ensure all partcpatng agences have a voce n the establshment and operaton of the fuson center. Ensure partcpatng enttes are adequately represented wthn the governance structure. Compose the governing body with officials who have authorty to commt resources and make decsons.
5 Electronc versons of the documents, products, and reports referenced n the followng gudelnes can be found at www.t.ojp.gov.
Involved partes Msson Governance Authorty Securty Assgnment of personnel (removal/rotaton) Fundng/costs Civil liability/indemnification issues Polces and procedures Prvacy Terms
Integrty control Dspute resoluton process Ponts of contact Effective date/duration/modification/termination Servces Deconfliction procedure Code of conduct for contractors Specal condtons Protocols for communcaton and nformaton exchange
consstent wth the centers prvacy polcy. Establsh a process for trackng and handlng prvacy complants or concerns. Develop rules on the use of prvately held data systems nformaton. Adhere to applcable state and federal consttutonal and statutory prvacy and cvl lbertes provsons. Specfy that publc safety and prvate sector databases should not be combned wth any federal databases that contain personally identifiable information. Fuson center partcpants should comply wth all local, state, trbal, and federal prvacy laws, when applcable.
6. Leverage the databases, systems, and networks available via participating entities to maximize information sharing.
Obtan access to an array of databases and systems. At a mnmum, consder obtanng access to drvers lcense nformaton, motor vehcle regstraton data, locaton nformaton, law enforcement and crmnal justce systems or networks, and correctonal data. Become a member of a regonal or state secure law enforcement network, such as the Regonal Informaton Sharng Systems (RISS)/Federal Bureau of Investgatons (FBI) Law Enforcement Onlne (LEO) system, the U.S. Department of Homeland Securtys (DHS) Homeland Securty Informaton Network (HSIN), or the FBIs Law Enforcement Regonal Data Exchange (R-DEx) and Natonal Data Exchange (N-DEx).
9. Ensure appropriate security measures are in place for the facility, data, and personnel.
Develop, publsh, and adhere to a securty plan, and ensure proper safeguards are n place. Ensure securty plans are marked, handled, and controlled as sensitive but unclassified (SBU) information. Obtan approprate securty clearances for personnel wthn the center and key decson makers who need access. Conduct background checks on personnel. Tran personnel on the centers securty protocols. Consult Globals Applying Security Practices to Justice Information Sharing document and resource materals when developng a securty plan. Consult the Homeland Securty Informaton Act of 2002: Crtcal Infrastructure Informaton Act when collectng and storng crtcal nfrastructure-related nformaton. Consult prvate ndustry securty personnel when obtaining and storing industry-specific information (e.g., buldng securty plans). Ensure state laws allow for the security and confidentiality of publc and prvate sector data.
7. Create an environment in which participants seamlessly communicate by leveraging existing systems and those currently under development, and allow for future connectivity to other local, state, tribal, and federal systems. Use the U.S. Department of Justices (DOJ) Global Justice Extensible Markup Language (XML) Data Model and the National Information Exchange Model (NIEM) standards for future database and network development, and consider utilizing the Justice Information Exchange Model (JIEM) for enterprise development.
Establsh formal communcatons protocols, and ensure effective and efficient information exchange. Develop and mplement a communcatons plan, and ensure secure and redundant communcatons. Ensure communcatons and systems access polces, ncludng consequences for noncomplance. Consider utilizing the Organization for the Advancement of Structured Information Standards (OASIS)-ratified Common Alertng Protocol (CAP) to enable the exchange of emergency alert and publc warnng nformaton over data networks and computer-controlled warnng systems.
10. Integrate technology, systems, and people.

Colocate personnel and/or utilize virtual integration to brng technology, systems, and people together. Base the selecton of a ste on the functonal needs of the center. Plan, dentfy, desgn, tran, mplement, and adhere to a physcal securty plan and a contngency plan.
11. Achieve a diversified representation of personnel based on the needs and functions of the center.
Mantan a 24-hour-a-day/7-day-a-week operaton when feasble. Requre a mnmum term commtment for full-tme center personnel. Identfy subject-matter experts from the prvate sector for utilization when industry-specific threats or crimes are identified (e.g., cyber threats). Adhere to the Law Enforcement Analytic Standards booklet and other relevant analytc publcatons avalable through the Internatonal Assocaton of Law Enforcement
8. Develop, publish, and adhere to a privacy and civil liberties policy.

Develop, dsplay, adhere to, and tran personnel on the centers prvacy polcy. Consult the Far Informaton Practces when developng a prvacy polcy. Ensure all other polces and nternal controls are
Intellgence Analysts (IALEIA) when hrng personnel to perform the analytc functon.
make decsons and allocate resources. Utilize performance measures to track progress and ensure accountablty. Inform center personnel of performance and progress on a regular bass.
12. Ensure personnel are properly trained.

Adhere to the tranng objectves outlned n the National Criminal Intelligence Sharing Plan. Ensure center personnel meet the mnmum tranng standards outlned n the report Minimum Criminal Intelligence Training Standards for United States Law Enforcement and Other Criminal Justice Agencies. Ensure center personnel receve tranng on faclty and nformaton securty, operatons, polces, and procedures. Include cross-educatonal tranng regardng the fuson centers and the applcable functonal categores, ncludng the types of nformaton that enttes can provde to the fuson center and what the center does wth the nformaton, once receved.
17. Establish and maintain the center based on funding availability and sustainability.
Identfy center needs and avalable fundng sources, to nclude local, state, trbal, federal, and nongovernmental sources. Establsh an operatonal budget and adhere to reportng requrements.
13. Provide a multitiered awareness and educational program to implement intelligence-led policing and the development and sharing of information.
Ensure approprate noncenter personnel nvolved n the ntellgence process are aware of the centers functons, ncludng polcymakers, agency heads, and prvate sector executves. Develop and dssemnate outreach and educatonal materials to officers, analysts, policymakers, and others.
18. Develop and implement a communications plan among fusion center personnel; all law enforcement, public safety, and private sector agencies and entities involved; and the general public.
Determne prmary and secondary modes of communcaton between the fuson center and partcpatng enttes. Incorporate regular testng of the plan to ensure ts functonalty. Include a mechansm to alert fuson center partcpants of new nformaton and ntellgence.
14. Offer a variety of intelligence services and products to customers.

Produce strategc and tactcal products to support the msson and prortes of the center. Consult the Law Enforcement Analytic Standards booklet to ensure development of professonal qualty analytc products. Ensure that feedback from partcpatng agences and organizations occurs when products are created and dstrbuted.
15. Develop, publish, and adhere to a policies and procedures manual.

Use a standardized format to allow for easy reading, filing, retrevng, and correctng. Implement an annual revew of center drectves, and purge or revse outdated polces and procedures. Ensure that personnel have access to the latest polces and procedures manual.
16. Define expectations, measure performance, and determine effectiveness.

Desgn performance measures based on the centers core msson, goals, and objectves. Ensure performance measures are vald, relable, measurable, and quantifiable. Develop an evaluaton process to gauge the adequacy, approprateness, and success of center servces. Use performance measures and an evaluaton process to
A companion CD has been developed in conjunction with the Fusion Center Guidelines report. This CD contains sample policies, checklists, resource documents, and links to Web sites that are referenced throughout the report. For copies of the resource CD, contact DOJs Global at (850) 385-0600. The fusion center resources are also available at DOJs Global Web site, www.it.ojp.gov/fusioncenter, DHSs Web site, and the Homeland Security Information Network (HSIN).
Introduction Fusion Concept and Functions

As crmnal and terrorst actvty threatens the safety of our nations citizens and visitors, the ability to quickly exchange relevant nformaton and ntellgence becomes ncreasngly critical. Over the last few years, significant progress has been made n breakng down barrers and mprovng nformaton exchange. Policymakers and leaders have recognized the mportance of creatng an envronment where ntellgence can be securely shared among law enforcement, publc safety agences, and the prvate sector. Although strdes have been made, there s stll much work ahead. There s stll an urgent need to rigorously refine and accommodate our rapidly changing world. Many obstacles have been encountered that have mpacted the ablty to share ntellgence, such as the lack of trusted partnershps; dsparate, ncompatble, and antquated communcatons, computer systems, and software; the need to query multple databases or systems; the lack of communcaton; the lack of standards and polces; and legal and cultural ssues. These barriers have proven to be difficult hurdles. Yet, there are steps that can be taken to overcome these ssues and create a proactve envronment for the successful exchange of ntellgence.
Information systems contribute to every aspect of homeland security. Although American information technology is the most advanced in the world, our countrys information systems have not adequately supported the homeland security mission. Databases used for federal law enforcement, immigration, intelligence, public health, surveillance, and emergency management have not been connected in a way that allows us to comprehend where information gaps and redundancies exist. We must link the vast amounts of knowledge residing within each government agency while ensuring adequate privacy. The National Strategy for Homeland Security July 2002
Through the Global Intellgence Workng Group (GIWG)one of Globals four ssue-focused workng groupsntellgence ssues, concerns, and obstacles have been addressed. Globals Crmnal Intellgence Coordnatng Councl (CICC)7 supported the development of the Law Enforcement Intellgence Fuson Center Focus Group (FCFG) to ntate Phase 1 of the fuson center gudelnes development. Ths group was tasked wth recommending guidelines specifically for the law enforcement
7 The CICC was establshed n response to recommendatons contaned n the NCISP. The CICC s composed of local, state, and federal enttes and advses the U.S. Attorney General on matters relatng to crmnal ntellgence.
Fusion Center Guidelines Development

Through the U.S. Department of Justce (DOJ), members of ts Global Justce Informaton Sharng Intatve (Global) have developed recommended gudelnes to enhance justce nformaton sharng.6 Examples nclude the National Criminal Intelligence Sharing Plan (NCISP or Plan), the Privacy and Information Quality Policy Development for the Justice Decision Maker, the Applying Security Practices to Justice Information Sharing, and the Global Justce Extensble Markup Language (XML) Data Model (Global JXDM). DOJs Global represents over 30 law enforcement organizations throughout the country, at all levels of government. Global promotes standards-based electronc nformaton exchange to provde the justce communty wth tmely, accurate, complete, and accessble nformaton n a secure and trusted envronment.
6 For more nformaton regardng Global, vst www.t.ojp.gov.
ntellgence component of fuson centers. The focus group was also tasked wth recommendng related model polces and procedures to support this initiative. Group members recognized the need and mportance of ntegratng all publc safety and prvate partners. Concurrently, a parallel effort was under way by the Homeland Securty Advsory Councl (HSAC) Intellgence and Informaton Sharng Workng Group to develop ntellgence and nformaton sharing guidelines, based on specific presidential directives, for local, state, and federal agences creatng fuson centers.8 These drectves provde gudance to local and state enttes regardng preventon and response to crmnal and terrorst actvtes.9 The recommendations and findings resulting from HSACs Intellgence and Informaton Sharng Workng Group efforts support the expanson of the Fusion Center Guidelines to publc safety and prvate sector enttes. Subsequent to the efforts of the Law Enforcement Intellgence FCFG and HSAC, the Publc Safety FCFG was created for the purpose of ntegratng the publc safety component nto the Fusion Center Guidelines. Members of the focus group concentrated on the need for nformaton and ntellgence sharng between law enforcement and publc safety communtes. Ths group endorsed the gudelnes developed by the Law Enforcement Intellgence FCFG and offered suggestons and recommendatons to successfully ncorporate publc safety enttes nto fuson centers. The last phase establshed the Prvate Sector FCFG, whose msson was to ntegrate the prvate sector nto the gudelnes. Wth 85 percent of crtcal nfrastructure owned by prvate enttes, ther nvolvement n fuson centers s essental to havng a comprehensive all-hazards, all-crimes fusion center. Key points addressed ncluded collaboraton between the fuson center and mission-critical private sector entities, as well as identification of prvate sector capabltes and nformaton needs. In addton, the need for a two-way educatonal process between the prvate sector and fusion centers was identified. The purpose of this educatonal process s to develop an understandng of how each entty operates and how each can enhance operatons and functonalty wth the other. All levels of government, the prvate sector, and nongovernmental organizations must work together to prepare for, prevent, respond to, and recover from terrorst and crmnal events. Through
8 More nformaton on HSAC can be accessed at www.dhs.gov/hsac. 9 Homeland Securty Presdental Drectve 8 (HSPD-8) was ssued wth the purpose of establshng polces to strengthen the preparedness of the Unted States to prevent and respond to threatened or actual domestc terrorst attacks, major dsasters, and other emergences. Ths is done by requiring a national domestic all-hazards preparedness goal, establshng mechansms for mproved delvery of federal preparedness assstance to state and local governments, and outlnng actons to strengthen preparedness capabltes of federal, state, and local enttes. HSPD-5 addresses the management of domestic incidents and identifies steps for mproved coordnaton n response to ncdents. It requres the U.S. Department of Homeland Securty to coordnate wth other federal departments and local, state, and trbal governments to establsh a Natonal Response Plan (NRP) and a Natonal Incdent Management System (NIMS). Each of these tems plays a role n the establshment of fuson centers and lays a foundaton for enhanced nformaton and ntellgence sharng among all levels of law enforcement, publc safety, and the prvate sector. For more nformaton regardng HSPD-8, HSPD-5, NRP, and NIMS, vst www.ojp.usdoj.gov/odp/assessments/hspd8.htm.
the hard work, dedcaton, and commtment of the ndvduals partcpatng n these efforts, the approprate gudelnes, tools, and nformaton wll be avalable to all enttes nvolved. In addton, a collaboratve envronment wll result n a consstent, unified approach to prevention and response. The ultmate goal s to provde a mechansm where law enforcement, publc safety, and prvate sector partners can come together wth a common purpose and mprove the ablty to safeguard our homeland and prevent crmnal actvty. The fuson center is this mechanism; it is key to ensuring the flow of threatand crme-related nformaton between local, state, regonal, and federal partners. The gudelnes contaned n the report represent the key components and ssues to consder when establshng fuson centers.
The Fusion Concept

Law enforcement has always been aware of the key role that nformaton and ntellgence play n preventon and response. Although t s mpossble to protect every potental target from every concevable method of attack, a number of strateges can be implemented to maximize this ability. In addition, further refinement in the intelligence and information sharing arena will maximize the ability to respond quickly and efficiently if an ncdent occurs. Effectve terrorsm-related ntellgence nformaton and crme preventon, protecton, preparedness, and response depend on tmely and accurate nformaton about the terrorsts, ther operatons, ther support mechansms and structure, ther targets, and ther attack methods. Ths nformaton should serve as a gude for efforts to rapdly dentfy both mmedate and longterm threats; dentfy persons nvolved n terrorsm-related and crmnal actvtes; and gude the mplementaton of nformatondrven and rsk-based preventon, response, and consequencemanagement. Snce September 11, both response and preventon are crtcal to an overall strategy to secure our homeland and decrease crmnal activities. September 11 also confirmed how critical local, state, trbal, and federal law enforcement agences and publc safety and prvate sector enttes are n collectng mportant nformaton and ntellgence that ultmately mpacts the natons overall ablty to prevent terrorsm-related and crmnal actvtes. In respondng
Fusion: Turning Information and Intelligence Into Actionable Knowledge
10
to September 11 and subsequent ncdents (e.g., the anthrax ssue), t became apparent how mportant t s to ncorporate nontraditional collectors of data (e.g., fire and health entities) nto preventon efforts. Data fuson represents an mportant part of a mechansm that can dramatcally mprove nformaton and ntellgence sharng between all components and collectors of nformaton. As a result of the need to exchange dverse data from varous sources, fuson emerged as the fundamental process to facltate the sharng of homeland securty- and crme-related ntellgence. On the surface, it would appear that defining fusion is difficult. Although the concept s new to many law enforcement, publc safety, and prvate sector communtes, fuson s not new to many other ndustres and the mltary. In fact, fuson has been dscussed and used n transportaton and avaton; satellte magng; meteorology and weather forecastng; sensory magng; and mltary and defense actvtes for years. Fusion refers to managing the flow of information and intelligence across levels and sectors of government and prvate ndustry.10 It goes beyond establshng an ntellgence center or creatng a computer network. Fuson supports the mplementaton of rsk-based, nformaton-drven preventon, response, and consequence management programs. At the same tme, t supports efforts to address mmedate or emergng threatrelated crcumstances and events. Data fuson nvolves the exchange of nformaton from dfferent sources, ncludng law enforcement, publc safety, and the prvate sector.11 When combned wth approprate analyses, t can result n meanngful and actonable ntellgence and nformaton. The fuson process turns nformaton and ntellgence nto knowledge. The prmary emphass of fuson s to dentfy emergng terrorsm-related threats and rsks as well as to support ongong efforts to address crmnal actvtes. The fuson process wll: Allow local and state enttes to better forecast and dentfy emergng crme and publc health trends. Support multdscplnary, proactve, rsk-based, and communty-focused problem solvng. Provide a continuous flow of intelligence to officials to assist n developng a depcton of evolvng threats. Improve the delvery of emergency and nonemergency servces.
Figure 1 Fusion Process
measures, the process wll also be crtcal f an ncdent occurs, providing information to responders as well as officials, media, and citizens. It is important to note that the fusion process is not a system or database; t s an mportant part of a mechansm by whch partcpatng law enforcement, publc safety, and prvate sector enttes can provde and receve enhanced nformaton from a fuson center. Crmnal and terrorsm-related ntellgence s derved by collecting, blending, analyzing, and evaluating relevant nformaton from a broad array of sources on a contnual bass. There s no sngle source for terrorsm-related nformaton. It can come through the efforts of the ntellgence communty; local, state, trbal, and federal law enforcement authortes; other government agences (e.g., transportaton and health departments); the prvate sector; and the general publc. In order to mplement an effectve fuson process, a number of ssues must be addressed, ncludng the followng: The use of common terminology, definitions, and lexicon by all stakeholders. Up-to-date awareness and understandng of the global threat envronment. A clear understandng of the lnkages between terrorsmrelated and nonterrorsm-related nformaton and ntellgence. Clearly defined intelligence and information requirements that prioritize and guide planning, collection, analysis, and dssemnaton efforts. Clear delneaton of roles, responsbltes, and requrements of each level and sector of government nvolved n the fuson process.
To illustrate the fusion process within a conceptualized fusion center concept, Fgure 1 depcts a dstrbuted capablty, populated by multple and dverse nformaton sources. Users access the data via a common interface, extracting, analyzing, and dssemnatng nformaton based on need and current demands. Although t s antcpated that fuson and fuson centers wll prmarly be used for preventve and proactve
10 Terms and definitions mentioned in this document, including fusion, are specific to the fusion center initiative. Varying definitions of the same term may be utilized within the law enforcement intelligence, public safety, and private sector fields, and participants in the fusion center initiative should ensure that term definitions do not deconflict. Definitions of terms specified in this document can be found in Appendix F. 11 The fuson of publc safety and prvate sector nformaton wth any federal database containing personally identifiable information should be virtual through networking and utilizing a search function. Federal agences partcpatng n the fuson center should adhere to applcable federal laws and regulatons.
11
Understandng and elmnatng mpedments to nformaton collecton and sharng. Extensve and ongong nteracton wth the prvate sector and wth the publc at large. Connectvty (techncal and procedural) wth crtcal ntellgence streams, analyss centers, communcaton centers, and nformaton repostores. Extensve partcpaton of subject-matter experts n the analytcal process. Capacty to ensure aggressve oversght and accountablty to protect consttutonal protectons and cvl lbertes.
Important intelligence that may forewarn of a future attack may be derived from information collected by local, state, tribal, and federal law enforcement agencies; public safety agencies; and private sector entities through crime control and other normal activities, as well as by people living and working in our communities.
are tradtonally law enforcement centrc. Emergency Operatons Centers (EOC) focus on dsaster recovery (both natural and man-made). It s mportant to note that although these centers are dfferent and have unque mssons, they must work together and understand each others goals and prortes. If an ncdent occurs, all of these resources wll be needed to successfully minimize loss and apprehend suspects. The fusion center provdes ntellgence to the EOC regardng the dsaster or related events. Because of the nvestment, expertse, and capablty ntegrated wthn a fuson center, plans and procedures should nclude how each fuson center wll support the jursdctons emergency management structure durng crses. Furthermore, each fuson center should make provsons for supportng crss management and recovery operatons as lad out n the Incdent Command System (ICS), the Natonal Incdent Management System (NIMS), and the Natonal Response Plan (NRP). Fuson centers embody the core of collaboraton. Collaboraton ncreases capacty, communcaton, and contnuty of servce whle decreasng duplcaton.12 As demands ncrease and resources decrease, collaboraton becomes an evermore effective tool to maximize resources and build trusted relatonshps. In a recent survey conducted by the Natonal Governors Assocaton (NGA) Center for Best Practces, respondng states ranked the development of a state ntellgence fuson center as one of ther hghest prortes.13 This is significant and ndcates a need to quckly provde nformaton, materals, and gudelnes to assst n establshng and operatng fuson centers. As llustrated n Fgure 2, the fuson center concept embraces the collaboration of numerous resources, maximizing and streamlnng operatons, whle movng jontly toward a common goal. The figure depicts participating entities using MOUs to define their roles, responsibilities, and contributions toward center operatons. These resources funnel nto a central locaton, the fusion center. Here, authorized personnel use the resources and nformaton to assst nvestgatve and ntellgence servces, homeland securty, and publc safety operatons and to ntegrate crtcal nfrastructure functons and prvate sector partnershps. Partcpants are subject to all the polces and procedures that gude center operatons. Approprate nformaton and ntellgence is then disseminated to authorized recipients and used to nvestgate crmes and proactvely address threats.
12 C. R. Pete Petersen, M.Ed., Community Collaboration, March 4, 2003. 13 NGA Center for Best Practces, Homeland Security in the States: Much Progress, More Work, January 24, 2005.
Through the use of fuson centers and by ntegratng these gudelnes, model templates, polces, and tools, the outstandng ssues hnderng our natons ablty to seamlessly develop and share information and intelligence will be minimized.
Fusion Centers
The ablty to coordnate effectve responses n the event of a terrorist attack is a significant challenge facing our nation. It s mperatve that all approprate means to combat terrorsm, respond to terrorst attacks, and reduce crmnal actvty be employed. This section will define fusion centers; summarize the basc functons of a fuson center; and provde a summary comparson of fuson centers, ntellgence centers, and emergency operatons centers.
A fusion center is a collaborative effort of two or more agencies that provide resources, expertise, and/or information to the center with the goal of maximizing the ability to detect, prevent, investigate, apprehend, and respond to criminal and terrorist activity. The primary components of a fusion center are situational awareness and warnings that are supported by law enforcement intelligence, derived from the application of the intelligence process, where requirements for actionable information are generated and information is collected, integrated, evaluated, analyzed, and disseminated. Other key components resident in the fusion center include representatives of public safety, homeland security, the private sector, and critical infrastructure communities.
Fuson centers are not tradtonal ntellgence centers nor do they perform the same functons as emergency operatons centers. Fuson centers are multdscplnary, whereas ntellgence centers
12
Figure 2Fusion Center Components
One of the prncpal outcomes of the fuson process should be the identification of terrorism-related leadsany nexus between crme-related and other nformaton collected by local, state, and private entities and a terrorist organization and/or attack. Many experts beleve that there s a hgh probablty of dentfyng terrorsts through precursor crmnal actvty, ncludng llegal drug operatons, money launderng, fraud, terrorsm, and dentty theft.14 The fusion process does not replace or replicate mission-specific ntellgence and nformaton management. It does, however, leverage nformaton and ntellgence developed through these processes and systems to support the rapid identification of patterns and trends that may reflect an emerging threat. Some of the recommended goals and functons for fuson centers nclude: Serve as the prmary pont of contact to report crmnal/ terrorst nformaton to the local Jont Terrorsm Task Force (JTTF) and DHSs Homeland Securty Operatons Center (HSOC). Include the capablty of blendng law enforcement nformaton and ntellgence. Collect, analyze, and disseminate all-crimes information, so as to dentfy emergng patterns and trends. Evaluate and reevaluate the process, new data, and emergng threats. Adopt and adhere to a statewde strategy to examne the nformaton exchanges of the states law enforcement and homeland securty partners, ncludng dssemnaton of nformaton by the state Homeland Securty Advsor to law enforcement. Mantan an up-to-date statewde rsk assessment. Serve as a recept-and-dssemnaton hub for law enforcement nformaton provded by federal enttes, such as that provded by the Federal Bureau of Investgatons Regonal Data Exchange (R-DEx) and Natonal Data Exchange (N-DEx), when operatonal, and DHSs Homeland Securty Informaton Network (HSIN).
Fuson centers wll act as an analytcal hub, processng, evaluatng, and dssemnatng crtcal nformaton for law enforcement, publc safety, and prvate partners, based on a crmnal predcate, threat, or publc safety need. They wll focus on collaboraton and analyss and wll become a repostory for information that flows through the center, while ensuring state and federal prvacy laws and requrements are adhered to. Ultmately, fuson centers wll become the center for nvestgatve support, nformaton and ntellgence sharng, homeland securty, and publc safety and prvate sector partners.
Fusion Center Functions

The principal role of the fusion center is to compile, analyze, and dssemnate crmnal/terrorst nformaton and ntellgence and other nformaton (ncludng, but not lmted to, threat, publc safety, law enforcement, publc health, socal servces, and publc works) to support efforts to antcpate, dentfy, prevent, and/or montor crmnal/terrorst actvty. Ths crmnal nformaton and ntellgence should be both strategc (.e., desgned to provde general gudance of patterns and trends) and tactcal (i.e., focused on a specific criminal event). To be meaningful, the fuson center must do more than a one-tme collecton of law enforcement nformaton. It must nclude developng the capability to analyze on an ongoing basis law enforcement nformaton and ntellgence wth other mportant nformaton, such as publc health and transportaton, based on a crmnal predcate, threat, or publc safety need. The goal s to rapdly dentfy emergng threats; support multdscplnary, proactve, and communty-focused problem-solvng actvtes; support predctve analyss capabltes; and mprove the delvery of emergency and nonemergency servces.
Each of these areas can be expanded to nclude a number of crtcal tasks and responsbltes. To successfully acheve these goals, the first responder and private community, along wth the publc, must be a part of the fuson center concept. The ntegraton of nontradtonal consumers of nformaton and ntellgence s a key component of a fuson center. The responsbltes of fuson centers are mmense. Gudelnes, as well as sample polces and templates, must be developed to assst n establshng and operatng fuson centers.
Functional Categories
Every level and sector (dscplne) of government and the prvate sector should be ntegrated nto fuson centers. Ths may seem lke a dauntng task; however, functonal categores have been developed to assst n ntegraton efforts. These categores are not meant to be exhaustve; rather, they provde governance bodes a startng place to begn collaboraton wth dfferent components and enttes. Each fuson center should evaluate ts needs, threats, and consttuents to determne what enttes should be ntegrated. Enttes that comprse the functonal categores can provde fuson centers wth both
14 The Impact of Terrorism on State Law Enforcement, June 2005, p. 34.
13
strategc and tactcal nformaton, ncludng crme trends for partcular ndustres and publc safety agences, suspcous actvty, and rsk assessments. Fusng ths nformaton, based on an identified threat, criminal predicate, or public safety need, wth law enforcement ntellgence wll provde centers wth a more complete pcture of crme and terrorsm. The fuson of publc safety and prvate sector nformaton wth law enforcement data should be virtual through networking and utilizing a search functon, thus ensurng the separaton of federal data that contains personally identifiable information. The overarchng functonal categores nclude: Agrculture, Food, Water, and the Envronment Bankng and Fnance Chemical Industry and Hazardous Materials Crmnal Justce Educaton Emergency Servces (non-law enforcement) Energy Government Health and Publc Health Servces Hosptalty and Lodgng Informaton and Telecommuncatons Mltary Facltes and Defense Industral Base Postal and Shppng Prvate Securty Publc Works Real Estate Retal Socal Servces Transportaton
a state level, and each state should establsh and mantan an analytc center. Furthermore, each state fuson center should regularly collaborate and coordnate wth other state fuson centers to prevent nformaton slos from developng wthn states. Ths effort wll enhance nformaton and ntellgence sharng. The functons wthn a state fuson center should be based on the ntellgence cycle, ncludng requrements, prortes, identified collectors, indicators for the collectors to be aware of, collecton mechansms, methods of analyss, and producton and dssemnaton of reports and assessments to the approprate recpents. Publc safety and prvate sector enttes, along wth the general publc, are a crtcal part of ths plan and should be ncorporated nto the ntellgence cycle as collectors and recpents of nformaton, based on ther nformaton requrements. Each major urban area may want to establsh a smlar capacty, ensurng that t s lnked wth the state center. Other localtes, trbal governments, and even the prvate sector should develop a process to nterlnk to these state fuson efforts. The publc should be engaged through publc educaton programs that descrbe what they should look for and what to do f they observe suspcous actvty. Efforts should be scalable and organized and managed on a geographc bass so adjustments can be made based on changes n the envronment. And, whle natonal gudelnes should gude the process, the actual technologes and operatonal protocols used by ndvdual jursdctons should be based on the specific capabilities.
Information Flow
Wth the establshment of fuson centers around the country, t s mportant to have a clear understandng of who should receve and disseminate information and how it flows both vertically and horizontally among all local, state, tribal, and federal government agences and prvate enttes. Successful counterterrorsm efforts requre that local, state, trbal, and federal law enforcement agences, along wth publc safety and prvate sector enttes, have an effectve nformaton sharng and collaboraton capablty. Ths wll ensure they can seamlessly collect, collate, blend, analyze, disseminate, and use information and intelligence. Intellgence and nformaton should be provded based on the needs of the user. Although fuson center partcpants may nclude emergency management, publc health, transportaton, publc works, and the prvate sector, each dscplne wll not need the same level of detail (e.g., fire officials and emergency management officials may not need the specific suspect nformaton that law enforcement requres). Fuson centers should also exchange nformaton wth approprate federal partners such as DOJ (e.g., Federal Bureau of Investgaton, Jont Terrorst Task Force, and U.S. Marshals), DHS (e.g., U.S. Customs and Border Protecton, U.S. Immgraton and Customs Enforcement, and Emergency Alert Networks), Hgh Intensty Drug Trafficking Areas (HIDTA), Regional Information Sharing Systems (RISS) centers, the Centers for Dsease Control and Preventon (CDC), and other nformaton sharng ntatves.16
16 For nformaton to be exchanged, refer to the Informaton Sharng Envronment (ISE) requred under the Intellgence Reform and Terrorsm Preventon Act (IRTPA) of 2004, http://www.gpoaccess.gov/seralset/ creports/ntel_reform.html.
These categores outlne the types of law enforcement ntellgence and publc safety and prvate sector enttes to nclude n collaboraton. Types of nformaton that may be provded to fusion centers include a suspicious fire that a fire department responds to, an unusual sckness reported at a publc health department, spkes n cattle dsease on a farm, or suspcous bankng actvty reports.15 In addton, these enttes should be recpents of nformaton and ntellgence from fuson centers, ncludng threat alerts and related response efforts.
State Strategy
Fuson nvolves every level and sector (dscplne) of government, prvate sector enttes, and the publcthough the level of involvement of some participants will vary based on specific crcumstances. Some dscplnes, such as law enforcement, represent a core component of the fuson process due to the relatonshp between crme and terrorsm and the fact that, n many cases, law enforcement authortes are best suted to coordnate statewde and local fuson. The HSAC workng group recommended that fuson centers be establshed n every state. The fusion process should be organized and coordinated on
15 An n-depth lst of the enttes that comprse each of the functonal categores and varous examples of the types of nformaton these enttes can provde to fuson centers can be found n Appendx C.
14
Background and Methodology

A Phased Approach
The development of fuson center gudelnes was separated nto three phaseslaw enforcement ntellgence, publc safety, and the prvate sector. The law enforcement ntellgence phase developed the foundaton for the gudelnes. As each phase was establshed, prevous phase partcpants were ncluded n focus group meetngs. Ths ensured that the gudelnes were applcable to all components wthn a fuson center. In addton, ths allowed for dscussons to occur between all component representatves to dentfy concerns wth the gudelnes, ts methodology, and how to effectvely ncorporate each component. The actvtes and recommendatons of each focus group wll be explaned further n the report.
. . . we must create new ways to share information and intelligence both vertically, between governments, and horizontally, across agencies and jurisdictions . . . efforts with the Global Intelligence Working Group to create a National Criminal Intelligence Sharing Plan . . . is a helpful and welcome response. Former Homeland Security Secretary Tom Ridge October 23, 2003, Philadelphia, PA
Intellgence s the product of systematc gatherng, evaluaton, and analyss of raw data on ndvduals or actvtes suspected of beng, or known to be, crmnal. Intellgence-led polcng s the collecton and analyss of nformaton to produce an ntellgence end product desgned to nform law enforcement decson makng at both the tactcal and strategc levels.19 The GIWG proposed 28 recommendatons and acton tems for mplementaton, whch are outlned n the NCISP. An event was held at the U.S. Department of Justce on May 14, 2004, to publicly support the recommendations and the Plan. Officials from local, state, and federal law enforcement agences were present. The recommendatons contaned n the Plan pertan to a wde spectrum of ntellgence ssues and concerns, ncludng: Standards for management Insttutonalsm and outreach Protecton of rghts and prvacy Standards for process
Phase ILaw Enforcement Intelligence Component

Background
Early n 2002, the Internatonal Assocaton of Chefs of Polce (IACP) convened a Crmnal Intellgence Sharng Summt attended by law enforcement executves and ntellgence experts from across the country. Partcpants agreed that all law enforcement agences must work together toward a common goal: developng the capablty to gather nformaton, produce ntellgence, and share that ntellgence wth other law enforcement and publc safety agences. The Summt led to the creaton of the Global Intellgence Workng Group (GIWG). The GIWG, one of four ssue-focused workng groups under the Global Justce Informaton Sharng Intatve (Global),17 was tasked wth recommendng a natonal ntellgence plan. Members of the GIWG nclude representatves from law enforcement and justice organizations at all levels of government. The GIWG promoted ntellgence-led polcng, recommended leveragng exstng systems, and addressed the current and future needs of law enforcement agences when developng the National Criminal Intelligence Sharing Plan (NCISP).18
17 For more nformaton regardng Global, vst www.t.ojp.gov. 18 A copy of the National Criminal Intelligence Sharing Plan can be
obtaned at http://t.ojp.gov/topc.jsp?topc_d=93. 19 Appendx A of the National Criminal Intelligence Sharing Plan, October 2003.
15
Sharing of classified information Standards for tranng Connectvty
that centers be scalable based on the needs of the cty, state, or regon and should conduct tactcal, operatonal, and strategc ntellgence functons n support of crmnal nvestgatons. The focus groups work developed Verson 1, contanng 17 fuson center law enforcement ntellgence gudelnes. These gudelnes are the foundaton for the ntellgence component of fuson centers and take ntellgence sharng to the next level. In addton, the focus group developed sample polces, tools, and a resource CD to assst agences n ntegratng the gudelnes. The Verson 1 gudelnes were presented to and supported by the CICC, the GIWG, the Global Advsory Commttee, and DOJs Justce Intellgence Coordnatng Councl (JICC). These gudelnes were also approved by each component of the U.S. Department of Homeland Securty (DHS). Verson 1 of the Fusion Center Guidelines was publshed n July 2005. Concurrent wth the efforts of the Law Enforcement Intellgence Focus Group were the efforts of the Homeland Securty Advsory Councls (HSAC) Intellgence and Informaton Sharng Workng Group. The HSAC workng group developed a report that revolved around ntegratng the fuson process nto fuson centers. The result of the Law Enforcement Intellgence Workng Group and the Intellgence and Informaton Sharng Workng Group was a jonng of efforts to expand the Fusion Center Guidelines to nclude the publc safety and prvate sector components. HSAC also establshed a Prvate Sector Informaton Sharng Task Force that addressed the obstacles of nformaton sharng between the federal government and the prvate sector. Ths task force also provded recommendatons to alleviate the identified information sharing obstacles.21
Globals Crmnal Intellgence Coordnatng Councl (CICC),20 n support of DOJs efforts to develop fuson center gudelnes, recommended the creaton of the Law Enforcement Intellgence Fuson Center Focus Group to further many of the tenets outlned n the Plan.
The Plan represents law enforcements commitment to take it upon itself to ensure that we do everything possible to connect the dots, whether it be a set of criminal dots or a set of terrorist dots. Former U.S. Attorney General John Ashcroft May 14, 2004, Washington, DC Methodology
The first phase of the Fusion Center Guidelines ntatve was the establshment of the Law Enforcement Intellgence FCFG. The focus group was composed of representatves from a varety of local, state, and federal law enforcement agences across the country, ncludng law enforcement personnel nvolved wth developng fuson centers, and offered example polces and materals to assst n ths ntatve. Throughout the meetngs and subsequent communcatons, partcpants were encouraged to dscuss and share best practces resultng from the establshment and operaton of ther centers or ntatves. The focus group recommended that the ntellgence component nclude all crme types and that centers provde an array of ntellgence servces. The group also recommended
20 The Crmnal Intellgence Coordnatng Councl (CICC) was establshed n response to recommendatons contaned n the NCISP. The CICC s composed of local, state, and federal enttes and advses the U.S. Attorney General on matters relatng to crmnal ntellgence.
Phase 2Public Safety Component

Methodology
Subsequent to the completon of Verson 1 of the Fusion Center Guidelines, Phase 2 of the ntatve began, whch nvolved ncorporatng the publc safety component nto fuson centers. Even n the plannng stages, Phase 2 was a collaboratve effort between DOJ and DHS. Ths collaboraton demonstrated the commtment of the federal government to ensure a unted and comprehensve set of gudelnes for ntegratng publc safety wth law enforcement nto local, state, regonal, and federal fuson centers. The publc safety component s essental to fuson centers for: Precursor nformaton regardng crme, ncludng nformaton on diversion drugs and hazardous material. Frst responders, who can provde nontradtonal nformaton to fusion centers (e.g., fire and health departments). Informaton on suspcous crmnal-related actvty.
Partcpants n the Publc Safety FCFG ncluded members from a variety of public safety components, including fire, health, transportaton, agrculture, and envronmental protecton. Also partcpatng n the meetng were select members of the Law Enforcement Intellgence FCFG. The first task the focus group addressed was to define what public safety is with respect to a fusion center. The focus group defined
21 A copy of ths report can be found on the companon Fusion Center Guidelines resource CD.
16
publc safety enttes as government-based agences that respond to contemplated or completed crmnal acts, man-made or natural dsasters, publc health ssues, or ntentonal acts that threaten or drectly mpact the essental functons of socety. Examples of these functons nclude economc, transportaton, communcatons, publc works, power/energy, and food supply. Also dscussed durng the meetng were the concept of the fuson center and the definition of the fusion process with a focus on how to incorporate the publc safety component nto the center and process. The focus group identified many public safety entities that could potentially be integrated into a fusion center and categorized them nto functonal categores. The categores are ncluded as an appendx to the gudelnes and, although not comprehensve, serve as a starting point for operating fusion centers to utilize when ntegratng publc safety enttes.22 When jursdctons are establshng a fuson center, the functonal categores should be evaluated and the applicable entities should be identified and ncluded as partners. The consensus of the Publc Safety FCFG was that the 17 gudelnes n Verson 1 provde a thorough explanaton and gudance for jursdctons establshng and operatng a fuson center. The focus group recommended addng n Verson 2 of the gudelnes a more comprehensve explanaton of the fuson process and examples of how publc safety enttes can be ncorporated nto the process.
how public safety entities fit into these efforts. This awareness tranng should be offered ntally to agency heads to receve support for ntegraton and then delvered to the nformaton gatherers and ndvduals who wll support the fuson center. There are a varety of ways that ntegraton of the publc safety component can occur. Whle the gudelnes fully address ntegraton opportuntes, the fuson center and publc safety agences should determne whether a full-tme representatve or a lason wll be used n the center for recevng and sharng nformaton and ntellgence.
Phase 3Private Sector Component

Methodology
Phase 3 of the Fusion Center Guidelines ntatve nvolved the ntegraton of the prvate sector. DOJ and DHS once agan collaborated wth the development of the Prvate Sector FCFG. Ths focus group was comprsed of varous prvate sector ndustry and assocaton representatves, ncludng toursm, bankng and finance, maritime, and security. The private sector is a crucial component of fuson centers. Approxmately 85 percent of the natons crtcal nfrastructure s owned by the prvate sector and
Implementation
Collaboraton s vtal to the success of fuson centers. The publc safety component can provde fuson centers wth nformaton that wll add value to the ntellgence and fuson processes. Addtonally, fuson centers can provde publc safety enttes wth nformaton and ntellgence that mpact them, such as bomb threats, health-related nformaton and ntellgence, and/or transportation-related information. Public safety entities (fire, EMS, transportation) often impact the lives of citizens, and ensurng that these enttes mantan stuatonal awareness and are actvely nvolved n the fuson center s mportant to protectng the lives of citizens. Fusion center governance members should evaluate the needs of ther jursdcton to dentfy what publc safety enttes should be nvolved n the fuson center wth partcular focus on health servces, government, transportaton, educaton, crmnal justce and securty, socal servces, and publc works. Publc safety partners should be ncorporated nto all phases of the ntellgence/fuson process. Enttes wthn ths sector represent nontradtonal nformaton gatherers and can provde fuson centers wth both strategc and tactcal nformaton, ncludng crme-related trends (e.g., prescrpton drug fraud and fire investigations); additional response capabilities (fire and hazmat); and suspicious activity (e.g., unusual diseases reported at hosptals). Publc safety enttes should also be ncluded n the dssemnaton and evaluaton phases. Because of the groundbreakng efforts of the fuson center, partcpatng enttes may need awareness-level tranng of how the fuson center works, an explanaton of the ntellgence cycle, and
22 A complete lstng of each of the functonal categores and correspondng enttes, wth examples of the types of nformaton that these enttes can provde to fuson centers, can be found n Appendx C.
We will build a national environment that enables the sharing of essential homeland security information. We must build a system of systems that can provide the right information to the right people at all times. Information will be shared horizontally across each level of government and vertically among federal, state, and local governments; private industry; and citizens. Source: The Presidents National Strategy for Homeland Security
vulnerable to crme, such as terrorsm and fraud. Accordng to a study jontly conducted by the Councl of State Governments and Eastern Kentucky Unversty, snce September 11, 2001, nteractons between the prvate sector and state law enforcement agencies have significantly increased. Specifically, private companies are communicating with agencies about the securty of ther facltes and workers and ther nteractons wth representatves of corporate securty.23 Ths nteracton further demonstrates the necessty of prvate sector partcpaton n fuson centers. The prvate sector owns the facltes that may be targets of crme, ncludng terrorsm, and law enforcement has the nformaton and ntellgence regardng the crmnal event.
23 The Impact of Terrorism on State Law Enforcement, June 2005, p. 23.
17
The purpose of ths focus group was to dentfy ssues and concerns that should be addressed when fuson centers ncorporate the prvate sector. Several mpedments to nformaton sharng by the prvate sector nclude the potental for unauthorized release of their information, lack of control of data, possblty of propretary dsclosure, and concerns regardng the information being used to impose civil fines in regulatory areas of government. One of the recurring themes identified by the group was the need for ongong collaboraton between the prvate sector and fuson centers. In addton, the group acknowledged that the ntegraton of the prvate sector nto fuson centers s a groundbreakng endeavor. To ensure successful ntegraton, a two-way educaton process was recommended between fuson centers and the prvate sector. The focus group also recommended expandng the functonal categores ntally developed by the Publc Safety FCFG to nclude prvate sector enttes. Ths expanson wll promote comprehensve collaboraton wthn fuson centers. The focus group based the categores on the natonal Informaton Sharng Analyss Centers (ISAC) components and added categores, as needed. Furthermore, the focus group agreed on the need to ncorporate prvate sector subject-matter experts nto fuson centers to be utilized routinely or as needed, depending on the size and functon of the fuson center. Through ths ntegraton, centers wll have addtonal resources to use when threats are developed regardng the prvate sector. Moreover, subjectmatter experts can provde fuson centers wth threat assessment results, specifically risks that have been identified for various ndustres. Another recommendaton of the focus group was the development and utilization of Non-Disclosure Agreements (NDA) wthn fuson centers. Focus Group members felt NDAs would provde the prvate sector wth another level of securty when sharng nformaton wth fuson center personnel. Data from the prvate sector s an mportant element n the fuson process; t ads n the development of accurate and comprehensve products. Even though there are a varety of ndustres that fall under ths component, the greater the nvolvement, the greater the success of the fuson center.
What ndustres are located wthn or affect the jursdcton? What are the major economc drvers and employers n the jursdcton? What ndustres and crtcal nfrastructure servces are essental for emergency servces or sustanng qualty of lfe for citizens? What groups or assocatons can collectvely represent an ndustry wthn the fuson centers (e.g., professonal assocatons)? What are past, current, and emergng threats and/or rsks that affect the private sector, and which specific entities do they affect? What are the msson crtcal enttes that should be ncluded n fuson center collaboraton (e.g., telecommuncatons and energy)? What enttes can provde fuson centers wth tmely and actonable nformaton to ncorporate nto the ntellgence cycle and the centers operatons? What prvate sector enttes are currently workng wth government agences?
Fuson center leadershp should coordnate wth regulatory agences to determne what type of nformaton s avalable from the prvate sector and can be provded to, or accessed by, the fuson center. These regulatory agences have already establshed workng relatonshps wth prvate sector enttes and may ad n prvate sector partcpaton. When partnerng wth fuson centers, the prvate sector should determine how integration will occur. Will the organization supply full-tme personnel to the fuson center, wll varous prvate sector enttes create a rotatng prvate sector desk, or wll prvate sector enttes establsh a lason wth the fuson center that wll receve and share nformaton? Once the applicable industries and organizations have been identified, it is recommended that fusion center officials conduct a seres of meetngs wth the prvate sector enttes. Fuson center heads may desire to initially meet with chief executive officers, or ther equvalent, to provde an overvew of what the fuson center s and the mportance of collaboraton between the fuson center and the private sector. Once company and organization leaders affirm their commitment to fusion centers, private sector security drectors and fuson center managers may dscuss the plan of ntegraton, ncludng nformaton requrements; who, f any personnel, would be located wthn the fuson center; and ther respectve needs. Two-way awareness tranng between the fuson center and the prvate sector should be mplemented, ncludng an overvew of what prvate sector enttes can provde to fuson centers; what fuson centers can provde to the prvate sector; and the purpose of fuson centers, ncludng the National Criminal Intelligence Sharing Plan (NCISP) and the ntellgence and fuson processes. To ensure contnued partcpaton, regular meetngs should be held wth prvate sector enttes to keep them nformed of actvtes of the center. It s mperatve that feedback occur when prvate sector enttes provde nformaton to fuson centers. Closng the nformaton loop wll ad n contnued nvolvement by all partcpants.
Implementation
The prvate sector can offer fuson centers a varety of resources, including industry-specific subject-matter experts who can provide expertise when specific threats have been identified (e.g., cyber securty subject-matter experts can provde assstance relatng to computer vruses, worms, and hackng ncdents); rsk assessment nformaton (e.g., the rsks assocated wth certan prvate sector operatons ); suspcous ncdents and actvty nformaton; and crtcal nfrastructure nformaton (e.g., the locaton of crtcal nfrastructure nodes, operatonal nterdependences, buldng blueprnts, and what, f any, hazardous materials are housed there). When ntegratng the prvate sector, the governance body should first assess the private sector environment within the jurisdiction of the fuson center to determne what enttes should be ncorporated nto the fuson centers. Questons that center staff should answer nclude: What prvate sector assocatons are wthn the jursdcton?
18
Guideline 1
Adhere to the National Criminal Intelligence Sharing Plan (NCISP) and other sector-specific information sharing guidelines, and perform all steps of the intelligence and fusion processes.
The NCISP and the Intelligence and Fusion Processes Justification

After the tragc events of September 11, 2001, law enforcement executves and ntellgence experts natonwde agreed that law enforcement agences must work together to develop the capablty to gather nformaton, produce ntellgence, and share that ntellgence wth other law enforcement and publc safety agences. The National Criminal Intelligence Sharing Plan (NCISP or Plan) was developed n response to ths need. The NCISP provdes model standards and polces, recommends methodologies for sharing classified reports, and recommends a nationwide sensitive but unclassified (SBU) communications capablty for crmnal ntellgence sharng. The Plan s a lvng document that provdes local, state, trbal, and federal law enforcement agences the tools and resources necessary for developng, gatherng, accessng, recevng, and sharng ntellgence. It s the blueprnt that law enforcement agences can employ to support their crime-fighting and public safety efforts whle leveragng exstng systems and networks. The Plan s not a system or a network, nor s t technology-based. It s the framework for the development and sharng of ntellgence. It supports collaboraton and fosters an envronment n whch all levels of law enforcement work together to mprove the safety of our naton. The NCISP s founded on the concept of ntellgence-led polcng and encourages law enforcement agences to embrace and ntegrate ntellgence-led polcng elements n ther efforts. Proactve nstead of reactve, ntellgence-led polcng allows law enforcement to:24 Descrbe, understand, and map crmnalty and the crmnal busness process. Make nformed choces and decsons. Engage the most approprate tactcs.
Target resources. Disrupt prolific criminals. Artculate a case to the publc and n court.
Intellgence-led polcng also provdes advantages to publc safety and prvate sector components, ncludng trends n crmnal actvty and ncreased nformaton sharng wth law enforcement to address crme preventon efforts. Crmnal ntellgence s the result of a process nvolvng plannng and drecton, nformaton collecton, processng/collaton, analyss, dssemnaton, and reevaluaton of nformaton on suspected criminals and/or organizations. This sequential process s commonly referred to as the ntellgence process (or cycle). There are varous models of the ntellgence process n use; however, most models contan the basc steps depcted n the followng graphc:
The Intelligence Process
24 Ronald Bain, The Dynamics of Retooling and Staffing: Excellence and Innovaton n Polce Management, Canadan Polce College, 2003.
19
Intelligence Process
The ntellgence process s the means of developng raw information into finished intelligence products for use in decision making and formulating policies/actions. The first step, planning and drecton, nvolves dentfyng the need for data. Agency members should engage n a process of decdng what they want to know (or what they need to collect) before they collect t, or they may obtan ndscrmnate, unfocused nformaton. Collecton s the gatherng of the raw data needed to produce ntellgence products. Data may be collected from many sources, ncludng but not lmted to publc records, the Internet, confidential sources, incident reports, and periodicals. The next step, processng and collaton, nvolves evaluatng the nformatons valdty and relablty. Collaton entals sortng, combining, categorizing, and arranging the data collected so relatonshps can be determned. Analyss transforms the raw data nto products that are useful. Ths s also the functon that separates nformaton from ntellgence. It s ths vtal functon that makes the collecton effort beneficial. Without this portion of the process, we are left wth dsjonted peces of nformaton to whch no meanng has been attached. The goal s to develop a report that connects nformaton n a logcal and meanngful manner to produce
an ntellgence report that contans vald judgments based on analyzed information.25 Dssemnaton s also vtal. Wthout dssemnatng the ntellgence developed, t s pontless to collect t. To be useful, the ntellgence dssemnated must be tmely and credble. Dssemnaton must also be evaluated based on a rght to know and the need to know. The rght to know means the recpent has the legal authorty to obtan the nformaton pursuant to court order, statute, or decsonal law. The need to know means the requestor has the need to obtain information to execute official responsbltes.26 When dssemnaton occurs, t s mperatve to nclude all components of fuson centers, ncludng the publc safety and prvate sectors. The final step involves evaluation/reevaluation of the process performed and the products produced. Evaluaton/reevaluaton assesses current and new nformaton, asssts n developng an awareness of possble weak areas as well as potental threats, and strives to eliminate previously identified weaknesses that have been hardened as a result of the fuson process. Overall, ths step provdes an opportunty to revew the performance or effectveness of the fuson centers ntellgence functon.27 As prevously ndcated, fuson centers have mproved law enforcements ability to fight crime and terrorism. Ensuring that each step wthn the process s followed wll facltate the producton of useful ntellgence. Nontradtonal collectors of information, e.g., the private sector, fire, public works, and publc health, are vtal to successfully complete the ntellgence process. Whle law enforcement has ntellgence nformaton and expertse, the publc safety and prvate sectors have the nformaton systems, processes, and nfrastructure that may be targets of crme and terrorsm. Further, fuson, through managng the flow of information and intelligence across all levels and sectors of government, ntegrates the ntellgence process to accomplsh ths sharng. The ntellgence process provdes a framework for the fused nformaton to be turned nto ntellgence. Fusion centers utilize the intelligence process to analyze threatrelated ntellgence and nformaton. These centers are not smply nformaton collecton hubs but venues to brng together approprate partners to prevent crme- and terrorsm-related ncdents.
The Fusion Process

The stages of the fuson process generally correlate wth the ntellgence cycle. The Homeland Securty Advsory Councls (HSAC) Intelligence and Information Sharing Initiative: Homeland Security Intelligence and Information Fusion report detals the stages of fuson and how to mplement the process.28 The first stage, the management and governance stage, establshes the foundaton for fuson n that t overvews the need for a
25 Bob Morehouse, The Role of Crmnal Intellgence n Law Enforcement. Marlyn B. Peterson (Managng Ed.), Bob Morehouse, and Rchard Wrght (Eds.), Intelligence 2000: Revising the Basic Elements, Sacramento, CA: Law Enforcement Intellgence Unt and Lawrencevlle, NJ: Internatonal Assocaton of Law Enforcement Intellgence Analysts, Inc., 2000, pp. 1-12. 26 Ibd, p. 9. 27 The National Criminal Intelligence Sharing Plan, 2003, p. 7. 28 Ths report, ncludng a comprehensve explanaton of the fuson process, can be found n ts entrety n Appendx D.
20
management structure, who the stakeholders are, and fuson center goals and objectves. The second stage, plannng and requrements development, lays the foundaton for the types of nformaton that wll be collected. Ths phase establshes where nformaton wll come from and the types of nformaton the fuson center wll collect. It also provdes collecton lmtatons and prvacy ssues that affect collecton and sharng of nformaton. Collecton s the thrd stage of the process durng whch the plannng and requrements development stage becomes operatonal. Ths s when nformaton s collected from varous sources, ncludng law enforcement agences, publc safety agencies (e.g., health, fire, and transportation), and the private sector. Ths stage s essental for fuson centers to be effectve. The fourth stage, analyss, s smlar to the analyss phase n the ntellgence cycle n that t s durng ths stage that the nformaton collected s turned nto actonable ntellgence. One of the goals of the fuson center durng ths stage s to dentfy trends or nformaton that wll prevent a terrorst attack or other crmnal actvty. The fifth stage is dissemination, tasking, and archiving. During this stage, the information that has been collected and analyzed s then dssemnated to stakeholders. The sxth stage s reevaluaton. The purpose of ths stage s for the fuson center and stakeholders to ensure that what s beng collected, analyzed, and disseminated is factual, timely, and relevant. It s durng ths stage that tweaks and mprovements are made to the fuson process. The last stage is the modification of the requirements stage (Stage 2). After reevaluaton occurs and mprovements or changes are identified, this stage allows the improvements to be implemented and the process refined.29 Often, gaps n the ntellgence process exst. To assst n closng these gaps, the Federal Bureau of Investgaton (FBI) developed a template to assst agences n dentfyng and trackng ntellgence gaps. A summary of the FBIs Intellgence Requrements and a copy of the template can be found n Law Enforcement Intelligence: A Guide for State, Local, and Tribal Law Enforcement Agencies (Carter, November 2004).30 A copy of ths gude s ncluded on the resource CD. It s recommended that fuson centers create a formal ntellgence and nformaton requirements process that prioritizes and guides the intelligence functon.
Issues for Consideration

When mplementng portons of the NCISP, consder these steps to help establsh or enhance an ntellgence component of a fuson center: Recognize your responsibilities and lead by example. Establsh a msson statement and a polcy to address developng and sharng ntellgence data wthn your agency. Connect to your state crmnal justce network and regonal ntellgence databases, and partcpate n nformaton sharng ntatves. Ensure prvacy s protected n polcy and practce. Access law enforcement Web stes, subscrbe to law enforcement lstservs, and use the Internet as an nformaton resource.31 Provde your agency members wth approprate tranng on the crmnal ntellgence process. Become a member n your Regonal Informaton Sharng System (RISS) center. Become a member of the FBIs Law Enforcement Onlne (LEO). Partner wth publc and prvate nfrastructure owners and operators. Partcpate n local, state, and natonal ntellgence organizations. Partcpate n the U.S. Department of Homeland Securtys (DHS) Homeland Securty Informaton Network (HSIN) Program. Ensure the fusion center is fully utilizing the jurisdictions exstng networks and nformaton repostores for crmnal and hazard information.
Available Resources on Fusion Center CD

10 Smple Steps to help your agency become a part of the National Criminal Intelligence Sharing Plan HSACs Intelligence and Information Sharing Initiative: Homeland Security Intelligence and Information Fusion report Law Enforcement Intelligence: A Guide for State, Local, and Tribal Law Enforcement Law Enforcement Intellgence Unt (LEIU) Audt Checklst National Criminal Intelligence Sharing Plan report
29 Intelligence and Information Sharing Initiative: Homeland Security Intelligence and Information Fusion report. 30 Avalable on the Communty Orented Polcng Servces (COPS) Web ste at www.cops.usdoj.gov/Default.asp?Item=1404.
31 Prior to entering the public Internet as a law enforcement officer or intelligence organization, consult with jurisdiction and department legal advsors to ensure complance wth any polcy or regulaton concernng law enforcement ntellgence use of the Internet for nformaton sharng. Furthermore, using the official government identity and information system for Internet searchng can pose a securty rsk to the agency network and subject of the search. Explore dfferent ways to avod such rsks wth competent techncal and legal authortes.
21
22
Guideline 2
Develop and embrace a mission statement and identify goals for the fusion center.
Mission Statement and Goals Justification

A mission statement is a written statement of the organizations purpose, such as enhancng publc safety, sharng nformaton, or resolvng crmnal nvestgatons. It s mportant to have a msson statement because t focuses efforts and s the foundaton of all the decsons that follow. A msson statement can also nspre people in the organization and inform customers of the benefits and advantages of what the organization offers and is the first step n educatng enttes about the center and ts servces. If a center has a clear understandng of ts short- and long-term goals, t wll be easer to ntegrate efforts. Goals are what you want to accomplsh. Objectves are how you are gong to get there. Goals should be measurable and observable. They should have specific achievable steps (objectives) with built-in accountablty for accomplshment. Goals should be hgh enough to challenge the center but realstc enough to be attanable. Unversal law enforcement goals nclude four major desred outcomes: 1. The reducton of the ncdence of crme. 2. The suppresson of crmnal actvty. 3. The regulaton of noncrmnal conduct. 4. The provson of servces.32 Fuson centers wll have many demands placed on them, and t s mportant to have clear prortes. For example, n order to properly develop a msson statement and goals, centers should prioritize tasks such as analytical services, homeland security ssues, and nvestgatve support.
organization. Identifying center customers and their needs and defining center prortes pror to draftng the msson statement and goals. Prioritizing the intelligence function to address threats posed in specific fusion center jurisdictions. Integratng ntellgence-led polcng to support customer needs, define tasks, and prioritize functions. Utilizing vision statements and/or guiding principles to focus efforts. Using the center mission to promote the organization and support grant requests and fundng. Includng the msson statement n the Memorandum of Understandng (MOU) (see Gudelne 5). Including five to ten points that outline the benefits of public safety and prvate sector partcpaton n the fuson process.
Elements of Mission Statements

Msson statements should be clear and concse. They should nclude the prmary purpose, prorty, and roles of the center. Msson statements should communcate the essence of the organization so that stakeholders and the public are clear on the purpose and ntent of the center. Ensure that the msson statement includes the name of the agency or organization, the type of agency, what the agency does, and whom the agency serves. It s crtcal that the approprate tme and commtment be devoted to developng an adequate msson statement. A good msson statement wll provde strategc vson and drecton for the center. Once the msson statement s created and approved, t should not requre revson very often. The goals and objectves developed by the center should all be lnked to the msson statement. These wll be the short-term measures used to gauge whether the center is fulfilling the stated mission. However, if the msson statement becomes napproprate, rrelevant, or outdated or f the centers drecton changes, the msson statement should be revsed accordngly.

When creatng a msson statement and goals, consder: Developng the center msson statement and goals collaboratvely wth partcpatng enttes as ths wll create ownershp and assst n dentfyng the prmary role(s) of the
32 www.communtypolcng.org/goal.html.
23
Example Mission Statements

Upstate New York Regional Intelligence Center (UNYRIC)
To advance the efficient, timely, and accurate exchange of nformaton between all New York state law enforcement agences. The UNYRIC focuses on all aspects of crmnal actvty n the 54 countes outsde the New York Cty area and nteracts wth law enforcement agences natonwde.
State Terrorism Threat Assessment Center (STTAC)California

To coordnate the collecton of antterrorsm ntellgence data, the dssemnaton of that ntellgence to law enforcement agences, and the use of antterrorsm ntellgence resources.
Sample Mission Statements

The followng are sample templates that centers may use when developng a msson statement: The fuson center s a publc-prvate partnershp, consstng of local, state, trbal, and federal law enforcement and publc safety agences and the prvate sector. It acts as an nformaton sharng gateway wth the ntent to assst law enforcement [homeland securty agences or agences tasked wth homeland securty functons] to detect, prevent, and solve crmes. The fuson center s a publc-prvate partnershp among local, state, trbal, and federal law enforcement and publc safety agences and the prvate sector. It collects, evaluates, analyzes, and disseminates information and intelligence to the law enforcement communty [homeland securty agences or agences tasked wth homeland securty functons] n a tmely, effectve, and secure manner.
Arizona Counter Terrorism Information Center (ACTIC)

To protect the citizens by ensuring the resiliency of critical infrastructure operations throughout Arizona by enhancing and coordnatng counterterrorsm ntellgence and other nvestgatve support efforts among prvate sector and local, state, trbal, and federal law enforcement agences.
Rockland County Intelligence Center (RCIC)

To provde ntellgence to law enforcement agences based upon the collecton, evaluaton, and analyss of nformaton that can dentfy crmnal actvty. Ths ntellgence can be presented n the form of: Strategc ntellgence, whch addresses exstng patterns or emergng trends of crmnal actvty. Tactical intelligence, which pertains to a specific event that can be used mmedately.

A Staircase to Strategic Planning: Mission, The Communty Polcng Consortum, www.communtypolcng.org/msson. html
Georgia Information Sharing and Analysis Center (GISAC)

To serve as the focal pont for the collecton, assessment, analyss, and dssemnaton of terrorsm ntellgence relatng to Georga.
24
Guideline 3
Create a representative governance structure that includes law enforcement, public safety, and the private sector.
Governance Justification
Governance may be defined as the set of organizational regulatons and standards exercsed by management to provde strategc drecton and ensure objectves are acheved, rsks are managed approprately, and resources are used responsbly.33 Establshng a governance structure creates a supported envronment that frames the ablty for the center to functon and operate, assgn tasks, allocate and manage resources, and develop and enforce policy. Governance creates a centralized body to revew and endorse ssues affectng operatons. Members actng as the governance body are ambassadors to the program and carry the message to ther agences and consttuents. Governance provdes a forum for partcpants to voce concerns, offer suggestons, and make decsons. It enhances relatonshps, ncreases effectveness, and provdes leadershp and cohesveness among partcpants. The governance structure ensures an equal opportunty for all partcpatng agences and users to have ownershp n the decson-makng process. The governng body should be nclusve to law enforcement, publc safety, and prvate sector partners, thereby ensurng the effectveness of the fuson center. Ths can be acheved through assessng the jursdcton to determne what components, and enttes wthn the components, should be ncluded n the fuson center and governance body. Through the governance structure, agences can strategcally plan for center operatons and future enhancements, as well as dentfy obstacles and offer resolutons.
the U.S. Department of Justce (DOJ), the U.S. Department of Homeland Securty (DHS), and other state enttes, local authortes, and relevant enttes to establsh process. Composing the governing body of high-level officials who have the power and authorty to commt ther respectve agencys resources and personnel to the center. Identifying private sector organizations in the jurisdiction to nclude n the governance body. Establshng an advsory commttee composed of prvate sector leadershp, who wll provde representaton and advce to the governng body. Includng members from the Informaton Sharng and Analyss Centers (ISAC).34 Defining the management structure to include what entity oversees the centers, manages the operatons, and coordnates daly actvtes. Maintaining a governance structure that is reasonable in size yet ensures representaton of all agences that comprse the center. Creatng an effectve and tmely mechansm to communcate decsons made by the governng body to partcpants and center personnel. Evaluatng how poltcal ssues and clmate may mpact center support and operatons. Establshng operatonal and techncal commttees. Establshng an oversght commttee to ensure, among other thngs, that the ntellgence process s properly followed. Establshng a prvacy commttee that wll lase wth communty prvacy advocacy groups to ensure cvl rghts and prvacy protecton. Developng bylaws for operatons of the governance structure.

When creatng a governance structure, consder: Allowng partcpants to have nput n the establshment of a governance structure composed of law enforcement, publc safety, and prvate sector stakeholders. Collaboratng wth the Jont Terrorsm Task Force (JTTF), the Attorney Generals Ant-Terrorsm Advsory Councl (ATAC),
Office of Justice Programs (OJP) Web site, www.t.ojp.gov.
33
34 ISACs are sector-specific centers that coordinate the sharing of terrorsm-related nformaton. More nformaton on ISACs can be found at www.dhs.gov.
25
Committees
Governng bodes may employ commttees to help execute and adhere to center polces and procedures, as well as to dentfy, revew, develop, and/or mplement new programs or polces. Executve commttees set polcy, make crtcal decsons, and commt resources. Operatonal commttees may be asked to focus on specific policies, such as purge and retention or privacy (see Gudelne 8). These types of commttees may be asked to develop fundng strateges or dentfy grant opportuntes. Techncal commttees wll focus on techncal standards, crtcal nfrastructure operaton, and securty. Under these commttees, subcommttees may be used to conduct detaled research and analyss, ultmately to brng recommendatons to the governng body for revew and endorsement.35 To ad n the complete ntegraton of the prvate sector nto the governng body, t s recommended that an advsory commttee be establshed. Ths commttee, composed of prvate sector organizations and associations, will ensure that critical private sector enttes, as well as prvate securty managers, are represented both n the fuson center and n the governance structure. Fuson centers should consder establshng an oversght commttee that reports drectly to the governance body. Ths commttee wll be responsble for provdng oversght on the dayto-day operations of the fusion center, including proper utilization of the ntellgence and fuson processes.
Iowa Law Enforcement Intelligence Network (LEIN)

Iowa LEIN s governed by a seven-member executve board, sx of whom are local law enforcement officers who are elected annually by ther fellow LEIN members from across the state. The seventh member and charperson of the executve board s the state LEIN coordnator (a specal agent wth the Iowa Department of Publc Safetys Intellgence Bureau).
State Terrorism Threat Assessment Center (STTAC)California

The State Terrorsm Threat Assessment Center (STTAC) s a partnershp of the Calforna Department of Justce, the Calforna Highway Patrol, the California Office of Homeland Security, and other state and federal agences. It provdes statewde assessments, nformaton trackng, pattern-analyss products, and geographc report lnkages, as well as regonal nvestgatve support throughout the state. It also provdes Calfornas senor leaders with situational awareness of identified threats along with constant access to the latest local, state, and natonal ntellgence products. To complement the STTAC, Calforna has created four mutually supportng Regonal Terrorsm Threat Assessment Centers (RTTAC). Ther areas of responsblty mrror those of the four Federal Bureau of Investigation (FBI) Field Offices in the state. In some cases, they are colocated wth the FBIs Jont Terrorsm Task Forces to help minimize reporting conflicts, while facilitating the coordination of nformaton among the STTAC, RTTACs, and the FBI.
Example Governance Structures

The county executive, sheriff, Office of Fire and Emergency Servces, and the Polce Chefs Assocaton of Rockland County are permanent members of the governance body for the Rockland County Emergency Operatons Center (EOC). In the event of an emergency, the center, operatng wthn the parameters of the Natonal Incdent Management System (NIMS), requests addtonal personnel (health, publc utltes, and prvate securty) to respond to the center, as needed. These personnel have been previously identified and trained as center representatives and are utilized based on the type of emergency, e.g., publc health, terrorsm, or weather-related. The RCIC Oversght Commttee s comprsed of polce chefs chosen by the Rockland County Polce Chefs Assocaton (local representatves), the county sherff, and dstrct attorney (county representatves). All agences represented n both the EOC and the RCIC meet on a regular bass to dscuss areas of concern and work collectvely to enhance the effectveness of law enforcement and the countys emergency preparedness ntatves.
Governance Template
The followng example offers centers a startng pont for developng a governance structure. Fgure 3 llustrates a threetered approach. The bottom level represents staff members assgned to perform the fuson/ntellgence process and provde nvestgatve support. These members may come from a varety of agences and represent the core of center operatons. Here, data ntegraton and analyss wll take place. Personnel may include intelligence analysts and officers. The middle section represents the day-to-day management of the center. It also ncludes admnstratve staff, such as computer support staff and
Figure 3Fusion Center Governance Structure Example
35 Kelly J. Harrs, Governance Structures, Roles and Responsibilities, September 2000 (Updated/Ressued 2004).
26
legal servces. In some cases, ths secton may nclude a faclty manager. The top secton represents polcy and drecton. Ths secton s smaller, ndcatng a select group of ndvduals from each partcpatng entty who have been desgnated as part of the governng structure or board. The llustraton shows nformaton flowing top down and bottom up.
Parliamentary Procedures
The governance board may want to make use of parlamentary procedures to create an effectve governng process. Procedures such as Roberts Rules of Order can be very helpful n ntroducng, debatng, and decdng on ssues. There are a number of Web stes, such as www.rulesonlne.com that contan the full text and/or summary nformaton regardng Roberts Rules of Order and parlamentary procedures.
Developing Bylaws
Accordng to The Legal Guide for Association Board Members, bylaws are defined as an important association corporate legal document that consttutes the agreement between the assocaton and ts members. Properly drafted bylaws set forth the essential organizational and operational provisions governing the assocaton.36 Bylaws are just one example of a governng mechanism that a center may utilize to enforce organizational rules. A bylaws sample document s provded on the resource CD.

Bylaws Sample Template Board Gudelnes, www.mapnp.org/lbrary/boards/boards.htm Global Justce Informaton Sharng Intatve Advsory Commttee Bylaws, http://t.ojp.gov/documents/GACBylaws.pdf Parlamentary Procedures, www.rulesonlne.com
36 James G. Seely, The Legal Guide for Association Board Members, Schneder, 1995, p. 71.
27
28
Guideline 4
Create a collaborative environment for the sharing of intelligence and information among local, state, tribal, and federal law enforcement agencies, public safety, and the private sector.
Collaboration Justification
To maximize intelligence sharing, all levels of law enforcement and publc safety agences and the prvate sector must communcate and collaborate. The objectve s to leverage resources and expertse whle mprovng the ablty to detect, prevent, and apprehend terrorsts and other crmnals. Fosterng a collaboratve envronment bulds trust among partcpatng enttes, strengthens partnershps, and provdes ndvdual as well as a collectve ownershp n the msson and goals of the center. The National Criminal Intelligence Sharing Plan speaks to ths as well: Sharng s founded upon trust between the nformaton provder and the ntellgence consumer. Such trust s most often fostered on an nterpersonal bass; therefore, law enforcement task forces and other jont work endeavors succeed where colocated, nterspersed personnel from dfferent agences and job types convene for a common purpose.37 Fosterng a collaboratve envronment s not only mportant to sharng, collectng, developng, and dssemnatng ntellgence but also to sharng decsons and ownershp. It dscovers solutons and expands capacty. In an envronment where some resources are decreasng whle demands are ncreasng, collaboraton has become even more essental. The purpose of collaboraton s to ncrease capacty, communcaton, and contnuty of servce whle decreasng duplcaton.38 A key to the success of fuson centers s to ensure that feedback occurs between the fuson center and the enttes that provde nformaton and ntellgence. Inherent n a collaboratve envronment s two-way communcaton; enttes that provde nformaton to fuson centers should also receve nformaton from fuson centers. Ths wll result n buy-n from all partcpants and wll ad n the success of the nformaton sharng envronment. Fuson centers should also contnually seek outreach opportuntes to ensure that publc safety agences and the prvate sector are represented, thereby meetng the needs of ther consttuents.
Successful collaboraton s contngent upon a trustng envronment. Fuson centers should seek to establsh an nformaton sharng system that ads n collaboraton, whle ensurng the securty of the nformaton wthn the system and the system tself. Ths envronment should also be equpped to handle varous types of nformaton that publc safety and the prvate sector submt, ncludng publc, senstve, propretary, and secret nformaton. Ths envronment may nclude e-mal, a vrtual prvate network, a secured Internet ste, lstservs, or face-to-face meetngs. Collaboraton begns wth nterpersonal relationships, and fusion centers should institutionalize these relatonshps through ongong dalogue and nformaton sharing. Issue-based collaborative techniques may be utilized by the fusion center when a specific threat is identified. These technques allow the prvate sector to change ts partcpaton within the fusion center, based on the identified threat. For example, a transportaton entty may have a lason n the fuson center, but if a threat is identified that affects transportation, that organization may provide full-time participation until the threat is neutralized. There are a varety of publc safety and prvate sector enttes to nclude n fuson centers. Each jursdcton has dfferent needs, and collaboraton wll be based on these needs. Fuson centers should seek to network wth varous publc safety and
37 National Criminal Intelligence Sharing Plan, November 2004, p. 9. 38 C. R. Pete Petersen, M.Ed., Communty Collaboraton, March 4, 2003, www.communtycollaboraton.net.
29
private sector organizations and associations. The greater the effort by the fuson center, the greater the ncorporaton and partnershp wth publc safety and the prvate sector. Examples of these organizations and associations include InfraGard, Sector Coordnatng Councls (SCC), 39 Informaton Sharng and Analyss Centers (ISAC),40 and the Unted States Publc-Prvate Partnershp (USP3).41 Overarchng functonal categores have been developed n whch ndvdual agences, companies, and organizations can be grouped together. Though not comprehensve, these categores and accompanyng enttes serve as a foundaton and wll ad fuson centers n determnng what enttes should be nvolved n the center. Governance bodes should dentfy the needs and vulnerabltes, organizations with a large employee base, and major economic drvers wthn the jursdcton of the fuson center. The goal s to determne what enttes should partcpate and be ntegrated nto the fuson center. To ensure the effectveness of collaboraton wthn the fuson center, lnes of communcaton should be establshed wth the varous enttes that make up the categores accordng to the needs of the fuson center and jursdcton. A lst of the functonal categores and assocated enttes s located n Appendx C of ths report. An example of effectve collaboraton s the Texas Coastal Regon Advsory System (TCRAS). TCRAS s a Jont Terrorsm Task Force (JTTF) ntatve and s used to quckly dssemnate nformaton to law enforcement partners, as well as other companes and agences that are responsble for crtcal nfrastructure operatons n the area.42 TCRAS demonstrates an effectve nformaton sharng envronment that ncorporates the law enforcement, publc safety, and prvate sector components of a fuson center.

Collaboration Principles
A successful collaboraton must contnually provde value to ts partcpants, customers, and consttuency. To foster and enhance collaboraton, consder mplementng the followng prncples: Mantanng a dverse membershp to nclude representatves from local, state, trbal, and federal law enforcement; all sectors of publc safety; and key prvate sector companes and organizations. Includng prvate sector assocatons when ncorporatng the prvate sector. Two examples are FlordaFrst and ChcagoFrst, bankng coaltons created to work wth government agencies to help financial institutions prepare for natonal dsasters and terrorsm.43 Utilizing a phased approach when integrating private sector enttes to accurately dentfy and address the needs of the enttes. Developng and partcpatng n networkng groups and organizations that exist locally, regionally, statewide, natonally, and nternatonally. Workng wth JTTF, Ant-Terrorsm Advsory Councl (ATAC), the U.S. Department of Justce (DOJ), DHS, other state and local entities, and other relevant organizations or groups. Complng a contact lst of publc safety and prvate sector representatves, ncludng after-hours numbers. Conductng regular meetngs for the purpose of collaboraton and nformaton sharng. Establshng procedures for mantanng the contnuty of personal, organizational, and institutional relationships. Educatng and tranng the law enforcement, publc safety, and prvate sector communtes on the ntellgence and fuson processes and fuson center operatons. Educating and liaising with elected officials, private sector executves, and other communty leaders to promote awareness of the fuson center functons. Ensurng feedback to enttes that provde nformaton to fuson centers (e.g., the results of the nformaton that has been provded to the fuson center). Ensurng, at a mnmum, contact nformaton s collected and up to date for msson crtcal enttes (e.g., utltes, publc works, and telecommuncatons).
39 The roles of Sector Coordnatng Councls (SCC) are to serve as a sngle forum nto the respectve sector for the entre range of homeland security issues; institutionalize the sectors coordination of polcy development, sector-wde strategy, and plannng; ensure program promulgaton and mplementaton; montor sector progress; provde provsons of best practces and gudelnes; develop requrements for nformaton sharng, research, and development; and serve as the pont of cross-sector coordnaton (Homeland Security Information Sharing Between Government and the Private Sector, August 10, 2005, p. 17). 40 Addtonal nformaton on SCCs and ISACs can be found at www.dhs.gov. 41 The Unted States Publc-Prvate Partnershp (USP3) (formerly known as the U.S. Department of Homeland Securtys (DHS) HSIN-CI) was mplemented as a DHS program that s regonally admnstered and governed by ts prvate and publc members. Current membershp s approxmately 40,000, nnety percent of whch are from the prvate sector, who are actively using the programs vertical and horizontal information sharng strateges for local, regonal, and natonal routne nformaton sharing and all-hazards 24/7 alerts and warnings. Due to its success, DHS and the Federal Bureau of Investgaton (FBI) wll contnue to jontly sponsor and grow the program natonally, wth a goal of 200,000 members. 42 Addtonal nformaton on TCRAS can be found at www.tcras.org.

Communty Collaboraton, www.communtycollaboraton.net
43 Jm Freer, Banks Band Together, The South Florida Business Journal, October 2005, www.bizjournals.com/southflorida/ stores/2005/10/17/daly1.html.
30
Guideline 5
Utilize Memorandums of Understanding (MOUs), Non-Disclosure Agreements (NDAs), or other types of agency agreements, as appropriate.
Memorandum of Understanding (MOU) and Non-Disclosure Agreement (NDA) MOU

It s recommended that fuson centers be governed and managed n accordance wth an MOU. An MOU, a necessary tool for information sharing, defines the terms, responsibilities, relatonshps, ntentons, and commtments of each partcpatng entty; the agreement also provdes an outlne of the who, what, where, when, why, and how of the project. Partners should commt to the program polces by sgnng the MOU. In addton to MOUs, some initiatives utilize agency, individual, and data sharng user agreements.
Fundng/costs Civil liability/indemnification issues Polces and procedures Prvacy gudelnes Terms Integrty control Dspute resoluton process Ponts of contact Effective date/duration/modification/termination Servces Deconfliction procedure Specal condtons Protocols for communcaton and nformaton exchange Protocols for background checks on fuson center partcpants

When negotatng and draftng MOUs, consder: Identfyng and understandng the legal and practcal mplcatons of the MOU. Defining the roles and responsibilities of the participating agences. Embracng and encouragng trusted relatonshps. Includng language requrng that all assgned personnel mantan access to ther own agencys data.
NDA
The fuson center determnes rsks to the prvate sector and analyzes suspicious activity information. This function requires the sharng of senstve nformaton from the prvate sector to the fuson center. To ad n sharng ths senstve nformaton, a Non-Dsclosure Agreement may be used. The NDA provdes prvate sector enttes an addtonal layer of securty, ensurng the securty of prvate sector propretary nformaton and trade secrets. The development of an NDA and a clear understandng of what t does and does not cover are crtcal to prvate sector partcpaton. One of the functons of the NDA s to provde a mechansm for fuson center leadershp, partcpants, and personnel to protect nformaton. NDAs wll vary by jursdctons, based on the types of prvate sector enttes partcpatng n the fuson center. Centers should specfy the types of nformaton covered n an NDA, e.g., strategc and rsk assessment nformaton. Tactcal nformaton, such as suspcous actvty reports, should not be ncluded n an NDA because ths nformaton may be shared wth law enforcement outsde of the fuson center (e.g., the Jont Terrorsm Task Force (JTTF), Feld Intellgence Group, the state polce, or other approprate agences). Informaton that the
Example MOUs
At a mnmum, nclude the followng elements n the MOU: Involved partes Msson Governance Authorty Securty Assgnment of personnel (removal/rotaton)
31
private sector may not want disseminated should be specified in the NDA. Ths nformaton may nclude trade secret nformaton (crtcal to a busness operaton), propretary nformaton (customer lsts, throughput rates), and senstve securty nformaton (guard schedules, ste plans, securty plan access). In addton, fuson centers should specfy how ths nformaton s protected when creatng an NDA. Subject-matter experts may provde fuson centers wth ntellgence related to ther respectve sectors wthout dsclosure of trade secrets or propretary nformaton. But f ths type of nformaton s provded, fuson centers should be senstve to the storng of the nformaton wthout approval from the provdng entty. NDAs do not supersede publc records laws or legal processes. Therefore, fusion centers should be cognizant of local, state, and federal publc records laws that may supersede an NDA, such as state sunshne laws, the Freedom of Informaton Act (FOIA), and federal and state prvacy laws and requrements. If the center has a legal commttee, ths commttee should be able to provde nput nto the development and use of an NDA. In addton, t s recommended that fuson centers and ther leadershp encourage approprate polcymakers to legslate the protecton of prvate sector data provded to fuson centers.
Specfyng what nformaton should be shared and protected (e.g., propretary and trade secrets). If trade secrets or propretary nformaton s provded, an NDA may nclude the followng caveats: The nformaton beng provded s owned by the prvate sector partner and s provded for a lmted purpose of determining a specific risk associated with the entity. It s the prvate sector partners responsblty to dentfy the nformaton as propretary. Fuson centers should take nto account local, state, and federal FOIA laws n an effort to ensure that nformaton identified as proprietary may not be disclosed beyond the mmedate recpent group wthout wrtten consent of the provdng prvate sector partner.

28 CFR Part 23 Sample MOU Arizona Counter Terrorism Information Center MOU Calforna Publc Records Exempton Canada Department of Defense (DOD) MOU Gudelnes DHS Non-Dsclosure Agreement, www.fas.org/sgp/othergov/ dhs-nda.pdf Florda Statute 119.071 Freedom of Informaton Act, www.usdoj.gov/04foa Jont Terrorsm Task Force MOU Massachusetts Statute MOU Sample Template Rockland County Intellgence Center MOU Upstate New York Regonal Intellgence Center MOU

When developng an NDA, consder: Identfyng and understandng the legal and practcal mplcatons of an NDA. Defining what information will be treated as confidential. Specifying what entities can receive confidential information. Indcatng how long the NDA wll be n effect. Identfyng the types of nformaton that the NDA wll cover. Identfyng repercussons for volaton of the NDA. Clearly specfyng local, state, and federal publc records laws wthn the NDA.
32
Guideline 6
Leverage the databases, systems, and networks available via participating entities to maximize information sharing.
Database Resources Justification

Durng the focus group process, partcpants revewed a number of nformaton and ntellgence sharng ntatves. Most of the ntatves have access to some local, state, and federal databases, as well as other organizations or data sets. Centers may want to evaluate the types of databases that partcpatng agencies have available. Gaps should be identified and researched. Leveragng the databases and systems avalable va participating entities will help maximize information sharing. This s an opportunty to access prevously unavalable nformaton. It s recommended that ownershp and control of law enforcement nformaton shared through the center reman wth the orgnatng agency. Data owners should be responsble for the qualty of data shared. Access to data can be controlled n a varety of
ways, ncludng fuson center leadershp controllng who has access or data orgnators controllng access levels. For more nformaton about the securty of data, see Gudelne 9 (Securty). Another opton s for the center to house ther nformaton. If a center chooses ths opton, t s mportant for the necessary polces and procedures to be n place to govern use and access. Fuson centers should consult wth publc safety and prvate sector personnel to determne f any nformaton sharng databases may be avalable wthn ther respectve jursdctons. Specal consderaton should be gven to the development of polces and procedures that ensure publc safety and prvate sector nformaton s not combned wth federal data that contains personally identifiable information, and when a criminal predicate, threat, or public safety need is identified, access to this information will be virtual through networking and utilizing a search functon. Addtonally, fuson center partcpants should ensure complance wth all local, state, and federal prvacy and cvl lbertes laws and statutes.

When accessng databases, consder obtanng access to a varety of databases and systems, such as: Drvers lcense Motor vehcle regstraton Locaton nformaton (411, addresses, and phone numbers) Law enforcement databases Natonal Crme Informaton Center (NCIC), NletsThe Internatonal Justce and Publc Safety Informaton Sharng Network, and the Terrorst Screenng Center (TSC) Crmnal justce agences Publc and prvate sources (Securty Industry databases, Identty Theft databases, Gamng Industry databases) Regonal Informaton Sharng Systems (RISS)/Law Enforcement Onlne (LEO), U.S. Department of Homeland Securtys (DHS) Homeland Securty Informaton Network (HSIN), ncludng the Unted States Prvate-Publc Partnershp (USP3)formerly HSIN-CI. (Note: RISS, LEO, and DHSs HSIN are currently collaboratng on a network capablty.)
33
Organizational and association resources (InfraGard, The Infrastructure Securty Partnershp)44 Correctons Sex offender regstres Volent Crmnal Apprehenson Program (VICAP) Health- and Publc Health-Related Databases (Publc Health Informaton Network, Health Alert Network)
FBIs Regional Data Exchange (R-DEx)R-DEx provdes an nterface to Regonal Intellgence Centers (RICs) to enable searchng of unstructured documents and for retrevng matchng documents. R-DEx serves two man functons: provdng RICs wth access to DOJs data and enablng a RICs user to perform full-text searches over DOJ unstructured documents for the regon, n addton to the state and local documents accessed nternally. Financial Crimes Enforcement Network (FinCEN)FnCEN supports law enforcement nvestgatve efforts and fosters nteragency and global cooperaton aganst domestc and international financial crimes. Its objective is to provide United States polcymakers wth strategc analyss of domestc and worldwde money-launderng developments, trends, and patterns. FinCEN controls over 150 million reports filed under the Bank Secrecy Act and other smlar laws. www.fincen.gov High Intensity Drug Trafficking Areas (HIDTA)Ths program provdes federal funds to problem areas to help elmnate or reduce drug trafficking and its harmful consequences. Analysts at HIDTA centers have access to a varety of databases and systems that are avalable to law enforcement. www.whtehousedrugpolcy.gov/hdta/ndex.html Homeland Security Information Network (HSIN)HSIN provdes a secure Internet-based technology that allows realtime information sharing at the sensitive but unclassified level. It s the collaboratve system used by the DHS Operatons Center to collect and dssemnate nformaton between DHS and local, state, trbal, and federal agences nvolved n combatng terrorsm. HSIN also ncludes publc safety and prvate sector connectvty (USP3), homeland securty, and other nformaton. Access to secret nformaton wll be avalable n the near future on HSIN-Secret. www.dhs.gov/dhspublc/dsplay?content=3350 International Association of Crime Analysts (IACA)IACA helps crme analysts around the world mprove ther sklls and make valuable contacts, helps law enforcement agences maximize use of crime analysis, and advocates for standards of performance and technque wthn the professons. www.aca.net International Association of Law Enforcement Intelligence Analysts (IALEIA)IALEIAs mission is to professionalize analyss n law enforcement, the mltary, and prvate ndustry. IALEIA has publshed a number of booklets and holds major conferences, local or regonal chapter meetngs, and tranng sessons. www.alea.org International Criminal Police Organization (INTERPOL) INTERPOL is a worldwide law enforcement organization, establshed for mutual assstance n the preventon, detecton, and deterrence of nternatonal crmes. It houses nternatonal polce databases, provdes secure nternatonal communcatons between member countres for the exchange of routne crmnal nvestgatve nformaton, and s an nformaton clearnghouse on nternatonal crmnal/fugtves and stolen propertes. www.usdoj.gov/usncb Law Enforcement Intelligence Unit (LEIU)The purpose of LEIU is to record and exchange confidential criminal information on organized crime not previously available through regular polce communcaton channels. Membershp n LEIU s open
Also mportant are such ssues as: Controls and safeguards for data access levels Technical specification of databases (structured/unstructured data) Identification and leveraging of partner resources Ownershp of the data n the fuson center Data qualty and data relablty
System/Network Resources
The followng are avalable resources for law enforcement enttes. Ths lst s not meant to be all nclusve. Addtonal resources and Web stes may exst to assst fuson centers. El Paso Intelligence Center (EPIC)EPIC establshed a Southwest Border Intellgence Servce Center wth a concentraton on drug movement and mmgraton volatons. Members of EPIC have access to a wde range of ntellgence, ncludng nformaton from the U.S. Drug Enforcement Admnstraton and U.S. Immgraton and Customs Enforcement (ICE). www.usdoj.gov/dea/programs/epc.htm Federal Bureau of Investigations (FBI) LEO Program LEO s a natonal, nteractve computer communcatons system and nformaton servce, an ntranet exclusvely for the law enforcement communty. www.fb.gov/hq/cjsd/leo.htm FBIs National Data Exchange (N-DEx)N-DEx wll provde the first implementation of structured search and index capabilities for the U.S. Department of Justces (DOJ) Law Enforcement Informaton Sharng Program. All knds of data (e.g., structured, full-text, multmeda) wll be avalable through N-DEx, although searchng, matchng, and lnkng wll only be possble on welldefined entities (people, vehicles, locations, weapons, phone numbers, etc.), not arbtrary text (full-text data). The ntal focus s on structured ncdent data but wll be expanded to other structured data (extracted entty data from full-text documents). N-DExs focus s on large agences and aggregated data sources, such as RICs, but wll expand to any law enforcement agency.
44 The goal of InfraGard s to promote ongong dalogue and tmely communcaton between members and the FBI concernng varous counterterrorsm, counterntellgence, and crmnal matters. Ths nformaton sharng s accomplshed by 84 InfraGard chapters that are linked with the 56 FBI field office territories and their FBI Special Agent Coordnators. Any crtcal nfrastructure owners and operators can jon InfraGard and partcpate n local chapter tranng and educaton initiatives; receive sensitive, unclassified information updates; and partcpate n meetngs. All InfraGard applcants must submt to a records check, ncludng a crmnal hstory check, pror to becomng a member, n order to ensure the program s composed of well-ntentoned, law abdng citizens. For more information, visit www.nfragard.net.
34
to local or state law enforcement agences havng a crmnal ntellgence functon. The applcant must be sponsored by a current member. LEIU may be reached at the State Terrorsm Threat Assessment Center, Bureau of Investgaton, Intellgence Operations Program, Central Coordinating Agency, Post Office Box 163029, Sacramento, Calforna 95816-3029. www.leu-homepage.org/ndex.php National Crime Information Center (NCIC)NCIC s a natonwde nformaton system that lnks together local, state, trbal, and federal crmnal justce agences. NCICs capabltes include an enhanced name search, fingerprint searches, nformaton on persons on probaton or parole, a convcted sex offender regstry, and a regstry of ndvduals ncarcerated n the federal prson system. www.fb.gov/hq/cjsd/ncc.htm National Drug Intelligence Center (NDIC)The NDIC supports natonal polcy and law enforcement decsons wth tmely strategc domestc drug ntellgence assessments, focusng on the production, trafficking, and consumption trends and patterns of all llct drugs nsde Unted States natonal borders and terrtores. www.usdoj.gov/ndc National White Collar Crime Center (NW3C)NW3C provdes a natonal support network for local and state law
enforcement agences nvolved n the preventon, nvestgaton, and prosecuton of economc and hgh-tech crme. NW3C s a member-affiliated organization comprised of law enforcement agences, state regulatory bodes, and local and state prosecution offices. Support services are offered in five main categores: economc and computer crme tranng, ntellgence and analytcal servces, case fundng for desgnated cases, research, and fraud-complant referral and analyss through ts Natonal Fraud Complant Management Center/Internet Fraud Complant Center. www.nw3c.org and www.tranng.nw3c.org NletsThe Internatonal Justce and Publc Safety Informaton Sharng NetworkNlets s an nterstate law enforcement network for the exchange of law enforcement and related justce nformaton. www.nlets.org RISS Automated Trusted Information Exchange (ATIX)RISS ATIX provdes users wth secure nteragency communcatons and nformaton sharng resources for exchangng publc safety and law enforcement nformaton. www.rssnfo.com/rssatx.htm RISSNETRISSNET provdes the sx RISS centers wth a secure crmnal ntellgence network for communcatons and nformaton sharng by local, state, trbal, and federal law enforcement agences. www.rssnfo.com
35
36
Guideline 7
Create an environment in which participants seamlessly communicate by leveraging existing systems and those currently under development, and allow for future connectivity to other local, state, tribal, and federal systems. Use the U.S. Department of Justices (DOJ) Global Justice Extensible Markup Language (XML) Data Model (Global JXDM) and the National Information Exchange Model (NIEM) standards for future database and network development, and consider utilizing the Justice Information Exchange Model (JIEM) for enterprise development.
Interconnectivity Justification
Law enforcement enttes must communcate. The ultmate goal s to elmnate barrers to communcatons and ntellgence development and exchange. Communcaton barrers come n a number of formse.g., ncompatble or dsparate computer systems, lack of trust, lack of nteroperablty, lack of a common termnology, and lack of fundng. Centers should establsh formal protocols (polces and procedures) and standards to enhance communications, as well as create effective and efficient vehicles for exchangng nformaton. Center personnel and leadershp should communcate frequently and be responsve to the needs, concerns, and deas of both nternal and external partners. The nformaton contaned n ths gudelne pertans to verbal, wrtten, and electronc communcatons. It s recommended that fuson centers leverage exstng systems and those currently under development and allow for future connectvty to other state, local, trbal, and federal systems. Furthermore, centers should be aware of and educated on Global JXDM. Any new database development should be Global JXDMcomplant and meet exstng standards. It s mportant to note that
DOJ and the U.S. Department of Homeland Securty (DHS) are ntegratng the use of Global JXDM nto grant recpent crtera. Global JXDM s a comprehensve product that ncludes a data model, a data dctonary, and an XML schema that s sponsored by DOJ. Its development s supported by the Global XML Structure Task Force (GXSTF), whch works closely wth researchers at the Georga Tech Research Insttute (GTRI). The Global JXDM is an XML standard designed specifically for crmnal justce nformaton exchanges, provdng law enforcement, publc safety agences, prosecutors, publc defenders, and the judcal branch wth a tool to effectvely share data and nformaton n a tmely manner. The Global JXDM removes the burden from agences to ndependently create exchange standards, and because of ts extensblty, there s more flexibility to deal with unique agency requirements and changes. Through the use of a common vocabulary that s understood system to system, Global JXDM enables access from multple sources and reuse n multple applcatons.

When establshng connectvty and communcatons, consder: Strvng for compatblty not commonalty. Includng both techncal and manageral portons of connectvty. Usng Web-enabled technology when avalable. Usng a dstrbuted structure when approprate. Developng mechansms to communcate nternally wth partcpatng agences. Developng a polcy to ensure proper communcaton wth leaders and polcymakers, the publc and prvate sector, media, and citizens. Ensurng secure and redundant communcatons. Establishing an electronic notification capability for fusion center partcpants. Mantanng a stand-alone securty system (moble). Implementng a communcatons plan.
37
Identfyng the requrements for prvate sector and publc safety systems and networks. Adherng to need-to-know/rght-to-know stpulatons. Developng outreach materal to help ncrease awareness among policymakers, media, and citizens. Conductng tranng on proper communcaton and center polcy. Meetng regularly wth personnel and offerng ntellgence exchange sessons. Rememberng that communcaton goes beyond just n-house communcaton. Incorporatng the protocols for communcaton and nformaton exchange n the MOU (Gudelne 5).
and other Informaton Exchange Package Documentaton (IEPD) artfacts that are essental to mplementng the Global JXDM. Ths wll eventually enable justce agences to seamlessly generate (and, f need be, regenerate) Global JXDM-complant nformaton exchanges from the busness rules encapsulated n JIEM, ensurng that they can be rapdly adapted to the needs of an ncreasngly dynamc envronment. JIEM s also beng enhanced to support the exchange of nformaton; not only wthn domans (as n the justce doman today) but between dfferent domans, such as justce, emergency management, transportaton, and ntellgence; n support of emergng organizations, such as fusion centers.46
Justice Information Exchange Model

It is important to document and analyze information exchange at the plannng stage of a project and to create a blueprnt at the enterprse level (among agences, levels of government, and a varety of dscplnes) for electroncally sharng data that capitalizes on efficiency, accuracy, and timeliness. This is regardless of whether nterfaces between systems for sharng ntellgence consst of smple queres and responses or are more sophstcated transactonal processes that buld central ndex entres or populate data warehouses. Ths desgn should be created by business experts from the participating organizations, under the drecton of polcy leaders and wth the assstance of technologsts. It should be based on a dscplned examnaton of current busness practces, exstng technology, and paper and electronc exchange of ntellgence that already s occurrng. The Justce Informaton Exchange Model (JIEM) can assst fuson centers n performng these mportant tasks. Created by SEARCH, The Natonal Consortum for Justce Informaton and Statistics, and supported by the Office of Justice Programs (OJP) Bureau of Justce Assstance (BJA), JIEM documents the processes, trggerng events, and condtons that govern nformaton exchanged at the enterprse level. It models the data that flows or should flow between organizations. JIEM was developed to collect requrements from practtoners for justce information sharing initiatives, specifically to assist justice system leaders in analyzing and documenting existing information exchange at the enterprse level. JIEM was also developed to assst n desgnng new electronc exchange processes as a part of an ntegrated justce ntatve and n adoptng and mplementng natonal busness, data, and technology models to save tme, effort, and money. It s a conceptual framework that presents the flow of information between agencies, defines the key events that trigger the need to share information, identifies the agences nvolved n the exchange, and descrbes the nature of the nformaton exchange, rrespectve of whether one s analyzing a justice or nonjustice system exchange. JIEM helps justce and publc safety practtoners to artculate requrements that can be communcated to technologsts who develop systems and nterfaces.45 JIEM s lnked wth DOJs Global JXDM, allowng easy mportng of model components to desgn electronc documents. Soon t wll be lnked wth the ablty to mport and export XML schema
45 Addtonal nformaton on JIEM can be found at www.search.org/ programs/nfo/jem.asp.
National Information Exchange Model

The U.S. Department of Justices (DOJ) Office Justice Programs (OJP) Bureau of Justce Assstance (BJA) s collaboratng wth DHS to utilize the Global JXDM as the base for the deployment of the Natonal Informaton Exchange Model (NIEM). NIEM wll provde the foundaton and buldng blocks for natonal-level nteroperable nformaton sharng and data exchange that wll ntegrate the publc safety and prvate sector enttes to the already establshed law enforcement nformaton exchange. The tentatve date for NIEM to be operatonal s October 2006.47 In addton to NIEM and JIEM, other optons for nterconnectvty include developing and utilizing a secure Internet site to post alerts, calendars that may nclude tranng nformaton and significant dates, and a chat interface. Another option is a Web portal to connect the fuson center wth prvate sector and publc safety partners that wll allow for a sngle sgn-on and can provde stuatonal awareness reports, threats, and warnngs. It also has the capability for e-mail notifications. Interconnectivity also ncludes face-to-face communcaton, ncludng regular meetngs wth other ntellgence centers to share nformaton and intelligence. Interconnectivity aids in institutionalizing the relatonshps between the fuson center and the publc safety and prvate sector partners. However, fuson centers and ther partners should be aware of prvacy ssues when developng nformaton sharng networks, systems, or Web stes.
Distributed Versus Centralized Systems

Currently, both distributed and centralized systems are beng used successfully for law enforcement nformaton and intelligence sharing. There are benefits and challenges to both models. A dstrbuted model allows partcpatng enttes to control ther data. Data s not commngled or housed n a data warehouse. Agences are responsble for the qualty of the data and the accessblty of ther nformaton. The dstrbuted structure can streamline policy development and minimize privacy concerns, while providing the same functionality as a centralized model.
46 The SEARCH report, Information Exchange Analysis and Design, can be found n Appendx E of ths report. 47 For more nformaton on NIEM, vst www.nem.gov.
38
The distributed model is also reliable and can maximize resources. Dstrbuted systems are scalable and offer aggregate computer power. However, securty ssues, resource dstrbuton, demand, and computng power can lmt the dstrbuted model.48 A centralized system places all information in one location. Collecton of nformaton and refreshng of data can be complicated with a centralized structure. However, often the functionality of the centralized system is greater and allows for ncreased speed. A whte paper prepared by the Integrated Justce Informaton Systems (IJIS) Insttute provdes a comparatve analyss of the distributed and centralized system based on five components: cost, governance and data ownershp, performance and functons, scalablty, and securty and prvacy. Ths document s ncluded on the resource CD. Centers should evaluate both structures to determine the best fit. As described above, it is the recommendaton of the Fusion Center Guidelines that systems can be distributed or centralized; however, federal data that contains personally identifiable information should be separate from other types of nformaton the fuson center receves, ncludng publc safety and prvate sector nformaton.
ther own data, both n terms of who s allowed to access t and n ensurng the ntegrty of the data. It allows agences to retan the nvestment they have made n ther exstng systems and at the same tme gan access to valuable nformaton contaned n other agency systems. It uses the technology of the Internet, whch s user-frendly and readly understood by most. In 2004, DOJs Global Infrastructure/Standards Workng Group (GISWG) publshed a document enttled A Framework for Justice Information Sharing: Service-Oriented Architecture (SOA). Based on the report, Global recognizes that SOA is the recommended framework for development of a justce nformaton sharng system. The report ndcates that a system should be desgned and developed around the basc components of the operatonal procedures or busness practces of an agency. These components are then combned nto a larger, loosely related structure that, n turn, can be combned nto an even larger entty. The SOA desgn must be avalable to all agences and support the evoluton of change and new technology, wth support for start-up, mantenance, and future upgrades to the nformaton sharng systems that are based on the SOA framework. A complete copy of the report s contaned on the accompanyng resource CD.
Service-Oriented Architecture
Informaton sharng s a long-standng practce among justce agences, partcularly wthn the law enforcement communty. As socety becomes more moble, the mportance of sharng data to mprove polce effectveness grows exponentally. The Web and the technologes that support t have enabled nformaton sharng to go beyond exchanges among specific partners to embrace the whole of the justce communty. Ths ncludes law enforcement, prosecutors, defense counsel, courts, probaton, and correctons, and a host of corollary dscplnes, such as homeland securty, fire, emergency services, health, education, transportation, and motor vehcle lcensng. Servce-orented archtecture (SOA) ncorporates sx fundamental prncples for the sharng of nformaton n the crmnal justce communty: The architecture must recognize innumerable independent agences and fundng bodes from the prvate sector through local, state, trbal, and federal governments. Informaton sharng must occur across agences that represent dvergent dscplnes, branches of government, and operatng assumptons. The infrastructure must be able to accommodate an infinite range of scales, from small operatons wth few partcpants n a rural county to natonal processes that reach across local, state, trbal, federal, and even nternatonal boundares. Informaton sharng must occur among data sources that dffer wdely n software, hardware, structure, and desgn. Public sector technology investment must reflect and ncorporate the lessons and developments of the prvate sector. The nfrastructure desgn must be dynamc, capable of evolvng as the nformaton sharng requrements change and the technology s transformed.
Organization for the Advancement of Structured Information Sharing Systems (OASIS)Ratified Common Alerting Protocol (CAP)
It s recommended that, where possble, fuson centers use the OASIS-ratified CAP to enable the exchange of emergency alert and publc warnng nformaton over data networks and computercontrolled warnng systems. Usng CAP also adds an element of redundancy to the systems and networks. By lmtng transportspecific nomenclature, CAP remains fully compatible with exstng publc warnng systems, ncludng those desgned for multlngual and specal-needs populatons, as well as wth XML applcatons, such as Web servces. CAP data elements have been ncorporated n DOJs Global JXDM. Other agences, such as DHSs Federal Emergency Management Agency (FEMA), have embraced the CAP and are n the process of ntegratng t nto all alert and warnng systems.

A Critical Look at Centralized and Distributed Strategies for Large-Scale Justice Information Sharing Applications (a whte paper prepared by the IJIS Insttute) A Framework for Justice Information Sharing: Service-Oriented Architecture (SOA), http://t.ojp.gov/ documents/200409_Global_Infrastructure_Report.pdf Global Justce XML Data Model (Global JXDM), www.t.ojp. gov/gjxdm Justce Informaton Exchange Model, www.search.org/ programs/nfo/jem.asp Model Intellgence Database Polcy
Ths concept of desgn allows the orgnal data owners to control

48 Texas A&M Unversty Computer Scence Department. Introducton to Dstrbuted Systems, 2001.
39
40
Guideline 8
Develop, publish, and adhere to a privacy and civil liberties policy.
Privacy and Civil Liberties Justification

The National Criminal Intelligence Sharing Plan (NCISP) stresses the need to ensure that consttutonal rghts, cvl lbertes, cvl rghts, and prvacy are protected throughout the ntellgence process. In order to balance law enforcements ablty to share information with the rights of citizens, appropriate privacy and cvl lbertes polces must be n place.
personal data is collected should be specified no later than at the tme of data collecton. Its subsequent use should be limited to the fulfillment of those purposes or such others as are not incompatible with those purposes and as are specified on each occason of change of purpose. 4. Use limitation principle. Personal data should not be dsclosed, made avalable, or otherwse used for purposes other than those specified in accordance with Principle 3 except (a) wth the consent of the data subject or (b) by the authorty of law. 5. Security safeguards principle. Personal data should be protected by reasonable securty safeguards aganst loss or unauthorized access, destruction, misuse, modification, or dsclosure. 6. Openness principle. There should be a general polcy of openness about developments, practces, and polces wth respect to personal data. Means should be readly avalable for establshng the exstence and nature of personal data, and the man purposes of ther use, as well as the dentty and usual resdence of the data controller. 7. Individual participation principle. An ndvdual should have the right to (a) obtain confirmation of whether or not the data controller has data relatng to hm; (b) have the data related to hm wthn a reasonable tme, cost, and manner and n a form that s readly ntellgble to hm; (c) be gven an explanaton f a request made under (a) and (b) s dened and be able to challenge such denal; and (d) challenge data relatng to hm and, f the challenge s successful, to have the data erased, rectified, completed, or amended. 8. Accountability principle. A data controller should be accountable for complyng wth measures that gve effect to the prncples stated above. The NCISP recommends that prvacy polces should: Elmnate unnecessary dscreton n decson makng, gude the necessary dscreton, and contnually audt the process to ensure conformance wth the polcy. Ensure legtmacywhen an agency s developng a new polcy or revewng exstng ones, nterested partes and competng vewponts should be represented. Clearly define the parameters of the policy.
Process
Prvacy and cvl lbertes protecton should be consdered n the plannng stages of a fuson center. As systems are desgned, analyss should be made and protectons should be developed for personally identifiable information to ensure its protection. DOJs Global Justce Informaton Sharng Intatve (Global) has developed the Privacy Policy Development Guide and the Privacy and Civil Rights Policy Template for Justice Information Systems to ad justce practtoners wth developng or revsng an agencys prvacy polcy. Furthermore, the gude asssts agences n artculatng prvacy oblgatons n a manner that protects the justce agency, the ndvdual, and the publc and makes t easer to do what s necessaryshare crtcal justce nformaton. These documents are contaned as attachments to the gudelnes. The Global documents utilize, and any fusion center should consder, the Far Informaton Practces whch are the accepted baselne for prvacy protecton worldwde. The followng s a summary of the Far Informaton Practces: 1. Collection limitation principle. There should be lmts to the collecton of personal data, and any data should be obtaned by lawful and far means and, where approprate, wth the knowledge or consent of the data subject. 2. Data quality principle. Personal data should be relevant to the purposes for whch they are to be used and, to the extent necessary for those purposes, should be accurate, complete, and up to date. 3. Purpose specification principle. The purposes for whch
41
Acknowledge and address mportant ssues that currently are not ncluded n some exstng crmnal ntellgence polces. Identfy the decson ponts wthn the ntellgence process and provde approprate gudance and structure for each.
Develop a mechansm for ongong nformaton prvacy awareness. Establsh a process for trackng and handlng prvacy complants or concerns. Develop a consstent sancton polcy for falure to comply wth the privacy policy for all individuals in the organization. Recognize the overlap in privacy activities and security activities, and coordinate both within the organization. Ensure all center personnel are adequately traned n usng the prvacy polcy. Seek legal counsel.

Issues to consder when draftng a prvacy polcy nclude: Addng ntroductory language that clearly states the prvacy practces of the center. Descrbng the nformaton collected and how nformaton s stored. Establshng a common lexcon of terms for dealng wth rolebased access. Defining and publishing how the information will be used. Draftng a clear, promnent, and understandable polcy. Avod communcatng n complcated or techncal ways. Dsplayng the prvacy polcy for both center personnel and customers. Ensurng that all other polces and nternal controls are consstent wth the prvacy polcy. Establshng a busness practce of notfyng government agences of suspected naccurate data. Adherng to applcable state and federal consttutonal and statutory cvl rghts provsons. Partnerng wth tranng centers on prvacy protecton requrements and conductng perodc prvacy securty audts. Consultng wth a prvacy commttee (see Gudelne 3) to ensure that citizens privacy and civil rights are protected. When utilizing commercially available databases, ensuring the usage is for official business and the information obtained s not commngled wth prvate sector data. To prevent publc records dsclosure, rsk and vulnerablty assessments should not be stored wth publcly avalable data. Determining if there are security breach notification laws wthn the jursdcton and followng those laws, f applcable.

Audt Checklst (LEIU), www.t.ojp.gov/documents/LEIU_ audt_checklst.pdf Globals Privacy and Information Quality Policy Development for the Justice Decision Maker, http://t.ojp.gov/ documents/200411_global_prvacy_document.pdf Natonal Crmnal Justce AssocatonJustice Information Privacy Guideline, www.ncja.org/pdf/prvacygudelne.pdf Privacy and Civil Rights Policy Templates for Justice Information Systems Prvacy Polcy Sample Template Privacy Policy Development Guide
Adhering to a Privacy Policy

There are a number of mechansms that centers can develop or establsh that wll assst them n adherng to ther prvacy polcy. Some of these nclude:49 Establsh a prvacy oversght commttee (see Gudelne 3) or appoint a privacy officer. Develop or update prvacy tranng and orentaton for all employees.
49 Beth Hjort, A HIPAA Prvacy Checklst (AHIMA Practce Bref), Journal of AHIMA 72, Number 6, 64A-C, 2001.
42
Guideline 9
Ensure the appropriate security measures are in place for the facility, data, and personnel.
Security Justification
Securty pertans to nformaton, documents, databases, faclty, and personnel and includes measures such as authorization, encryption, access control, and confidentiality. In determining how most approprately to protect data, there are many polcy and techncal ssues for data owners to consder. It s mportant that polcy ssues be decded upon before techncal ssues are developed. The prvate sector s affected by market forces, shareholder value, and varous rules and regulatons regardng the sharng and storage of nformaton, ncludng anttrust laws and the Freedom of Informaton Act (FOIA). The Homeland Securty Act of 2002 states that the Crtcal Infrastructure Informaton Act grants an exempton from FOIA for the U.S. Department of Homeland Securty (DHS) when prvate sector companes provde crtcal nfrastructure nformaton for the purposes of homeland securty-related ssues. In addton, the Crtcal Infrastructure Informaton Act provdes for the protecton of crtcal nfrastructure nformaton submtted to DHS and subsequently shared wth local and state agences for the purposes of ensurng the reslence of crtcal nfrastructure operatons or n furtherance of an nvestgaton of a crmnal act.50 When prvate sector enttes submt crtcal nfrastructure nformaton to the fuson center, the center must ensure the information is protected from unauthorized disclosure. Fusion center leadershp should be aware of local, state, and federal laws regardng the release of nformaton, ncludng state sunshne laws and FOIA. Faclty and personnel securty should also be a part of the centers securty plan. Approprate securty clearances should be obtaned for personnel wthn the fuson center and key decson makers who need access. Securty plans should be marked, handled, and controlled as sensitive but unclassified information. Some questons to consder when developng a securty polcy and plan nclude:
50 Homeland Securty Act of 2002, Crtcal Infrastructure Informaton, www.dhs.gov/nterweb/assetlbrary/CII_Act.pdf.
Who does the data owner want to have access? How should users access the data? What access methods are necessary for the users jobs? Should audts be used to ensure proper use of data? Should centers conduct background checks on personnel? What securty needs exst for the faclty? What securty s needed for the data? Should a system-loggng mechansm be used?

When developng securty protocols, consder: Adoptng establshed models for secure nformaton and ntellgence sharng, such as Regonal Informaton Sharng Systems (RISS), Law Enforcement Onlne (LEO), Regonal Data Exchange (R-DEx), and Homeland Securty Informaton Network (HSIN). Addressing limited/restricted access, authorization, authentcaton, and encrypton. Applyng securty polces to both physcal and electronc forms of nformaton.
43
Usng the Applying Security Practices to Justice Information Sharing document. Determnng access levels and mantanng a polcy on the level of nformaton released. Verfyng access based on crtera establshed by governance structure. Creating a form to be submitted by the agency authorizing access/supervsory approval. Conductng background checks on personnel. Utilizing local or state lead law enforcement agency background check standards on publc safety and prvate sector partcpants, to the extent permssble by state law. Clearly defining in the Memorandum of Understanding (MOU) all background check crtera or gudelnes to law enforcement, publc safety, and prvate sector partners. Consultng the National Criminal Intelligence Sharing Plan (NCISP) (Recommendaton 28) when developng a background check polcy. Usng applcable securty gudelnes for access control. Provdng relevant securty clearances. Creatng and provdng a tranng component on center securty protocols. Utilizing relevant local, state, and federal building security requrements. Utilizing relevant portions of 28 CFR Part 23 as it relates to securty. Appointing a privacy officer as a central point for compliance and oversght.
developng and adherng to securty polces: Identfy potental physcal threats to departmental computer systems and networks. Establsh polces and procedures to thwart potental physcal threats. Conduct audts to montor employee complance wth department polces and procedures. Consder ncludng the followng physcal securty polces n the organizations overall security policy: Identify unauthorized hardware attached to the department computer system; make routne checks of system hardware for unauthorized hardware. Lmt nstallaton of hardware and software owned by employees on department desktop workstatons. Identfy, tag, and nventory all computer system hardware. Conduct regular nspectons and nventores of system hardware. Conduct unscheduled nspectons and nventores of system hardware. Implement polces that nstruct employees/users on how to react to ntruders and how to respond to ncdents where an ntruson has been detected. Require background checks on all employees every five years.
Centers may also consider maintaining a security officer who s responsble for evaluatng and provdng nformaton about the securty program to management and communcatng security requirements and concerns to the organization. The security officer conducts security training and awareness and prepares a polcy on securty. Any breach ssues would be reported to and investigated by the security officer. The security officer should also coordinate background checks on center personnel. Background checks are mportant because, although the nformaton and ntellgence dssemnated by the fusion center may be unclassified, it is still sensitive, and therefore all approprate methods of nformaton protecton should be undertaken, ncludng background checks. The NCISP states that background requrements for access to the nationwide sensitive but unclassified communications capablty by law enforcement personnel shall be consstent wth requrements appled to the desgnaton and employment of sworn personnel, as set by the partcpatng state or trbal government.51 Consderaton should be gven to colocatng wth other intelligence centers, such as High Intensity Drug Trafficking Areas (HIDTA) or other law enforcement facltes, n order to share securty responsbltes. Applying Security Practices to Justice Information Sharing provdes detals on how to safeguard crtcal elements of nformaton sharng ntatves, as well as the nfrastructure and ntegrty of data, systems, facltes, and personnel. Accordng to the document, the followng ssues should be consdered when
51 NCISP, pp. 24-25.
Federal regulaton 28 CFR Part 23 s a gudelne for law enforcement agences that operate federally funded, multjursdctonal crmnal ntellgence systems, and t provdes the followng gudelnes regardng securty: The database, manual or electronc, shall be located n a physcally secured area that s restrcted to desgnated authorized personnel. Only designated authorized personnel will have access to nformaton stored n the database. All authorized visitors, regardless of agency, are required to register with designated authorized personnel prior to gaining admsson to the faclty and physcal locaton housng the database. All authorized registered visitors will be escorted by designated authorized personnel for the duration of the visit. All hard-copy submissions and/or manual files will be secured by lead agency-designated authorized personnel when not beng used and at the end of each shft. Employment polces and procedures for screenng/rejectng, transferrng, or removng personnel havng drect access wll be adopted. When direct remote terminal access is authorized by partcpatng agences, polces and procedures addressng the followng addtonal securty measures shall be adopted: Identification of authorized remote terminals and security of termnals.
44
Identification and verification of an authorized access officer (remote terminal operator). Identification of levels of dissemination of information as drected by the submttng agency. Rejection of submissions unless critical data fields are completed. Technologcal safeguards on access, use, dssemnaton, and revew and purge. Physcal securty. Training and certification of participating agency personnel. Audts and nspectons of partcpatng agences, ncludng file data-supporting submissions, security of access termnals, and polcy-and-procedure complance. Documentaton for audt trals of the entre operaton.

Applying Security Practices to Justice Information Sharing, http://t.ojp.gov/documents/asp/ntroducton/ndex.htm Crtcal Infrastructure Informaton Act of 2002, www.dhs.gov/ nterweb/assetlbrary/CII_Act.pdf Natonal Insttute of Standards and Technology (NIST) template and example polces, http://csrc.nst.gov/fasp Safeguarding Classified and Sensitive But Unclassified Information, Reference Booklet for State, Local, Tribal, and Private Sector Programs, U.S. Department of Homeland Securty, May 2005
45
46
Guideline 10
Integrate technology, systems, and people.
Facility, Location, and Physical Infrastructure Justification

Ensurng that partcpants are ntegrated s a key element of the fuson center. It s mportant to brng technology, systems, and people together. Integratng these components streamlnes operations, creates an effective and efficient environment, and ncreases productvty. There are a number of ways to ntegrate partcpants. Two optons are presented for consderaton colocatng and vrtual ntegraton. Colocatng personnel n one faclty s the preference. Colocatng partcpatng enttes mproves communcaton and breaks down barrers. Often, lack of resources and fundng can mpede the ablty to colocate. However, t s recommended that partcpatng agences strve to locate personnel n the same faclty, when possble. Colocaton consoldates resources and equpment. In addton, t fosters an envronment to develop and exchange nformaton and ntellgence. If colocatng s not a feasble opton for a fuson center, partcpatng enttes may consder vrtual ntegraton, that nvolves lnkng the nformaton sharng and communcatons systems so personnel can seamlessly access and exchange nformaton. Fortunately, technology has mproved greatly over the years and contnues to generate new and nnovatve capabltes. Vrtual ntegraton can be an effectve technology soluton for ntegratng personnel and processes. Regardless of the opton a fuson center chooses, t s mportant to ensure flexibility and scalability, allowing for each step of the ntellgence process to be conducted.
the ablty for moble capacty, contngency operatons durng emergencies, and flexibility in offering services and support. The Publc Safety FCFG acknowledged that wth the ncluson of publc safety enttes, colocaton may not always be feasble. Lasons may be establshed wth the varous publc safety enttes that can be made operatonal when the need arses. Furthermore, the Prvate Sector FCFG noted that due to the vast number and types of prvate ndustry wthn a jursdcton, colocaton may not be attanable. Instead, the focus group developed optons for ntegratng prvate sector enttes. One opton s to nsttute a rotatng prvate sector desk. Ths wll allow dfferent enttes full-tme partcpaton wthn the fuson center to both understand the workngs of the fuson center and partcpate n the processes that take place. By ntatng a rotatng desk, varous prvate sector enttes wll have the ablty to partcpate and valdate ther nvestment n the fuson center. Another opton for ntegratng the prvate sector s to dentfy subject-matter experts wthn the prvate sector who can provde fuson centers wth expertse as the need arses. For example, when a threat is made on the transportation industry, identified subject-matter experts from varous transportaton enttes can be contacted by the fuson center to determne how the threat wll mpact the jursdcton and ndustry.

The Law Enforcement Intellgence Fuson Center Focus Group (FCFG) preferred that partcpatng enttes be colocated. However, they also recognized the logistical issues and obstacles affectng the ablty to colocate. In addton, the focus group recognized that not colocating also has benefits, such as
47
A number of logstcal ssues must be addressed when decdng on a faclty and locaton for a fuson center. The prmary ssues, not n prorty order, nclude: Connectvty Wll the fuson center, emergency operatons center, or other partners be connected? If so, how? Scalablty Ensure the faclty allows for future and emergency expanson. Securty Ensure securty for the faclty, data, personnel, and vstors (see Gudelne 9). Redundancy Ensure redundancy for the nfrastructure, resources, personnel, systems, etc. Emergency Power Contnuty of Operatons Plan (COOP) Threat/Vulnerablty Assessments Use prvate sector subject-matter experts to determne rsks based on threat assessments. Poltcal Issues Recognize that the political climate will be different for each center. Work with and inform political officials and policymakers regularly. Access Ensure center personnel have seamless access to each other. Personnel Ensure full and equal representaton at local, state, and federal levels. Ensure representaton from law enforcement, publc safety, and prvate sector components. Authorty/Regulatons Follow approprate polcy, statutes, Concept of Operatons (CONOPS), and other gudelnes. Roles and Responsbltes Clearly define personnel responsibilities, including roles durng emergency stuatons.
Facltes management Feedback
If the center plans on managng multple stes, addtonal consderaton should address connectvty and collaboraton ssues. The followng lst contans some key components to assst agences n developng a plan to locate, acqure, and/or renovate, and mantan a faclty: Identfy faclty needs. Identfy a faclty project team to manage faclty ssues. Ensure that center personnel are nvolved n ste selecton. Communcate wth center leadershp. Identfy and secure needed fundng (see Gudelne 17). Conduct a space-needs analyss. Utilize existing resources, when possible. Consult the U.S. General Servces Admnstratons Facilities Standards for the Public Buildings Service when buldng a faclty to house the fuson center. Conduct ste vsts. Consder geographcal and envronmental ssues, as well as convenence and locaton. Consder the survvablty of the buldng. Conduct a msson/operatonal contnuty assessment. Develop a transton plan and tmetable for occupancy. Work wth techncal personnel to ensure that connectvty and securty ssues are establshed. Tran staff regardng faclty, securty measures, and polcy requrements. Conduct Contnuty of Operatons exercses to ensure the operatonal reslency of the center. Ensure plans and/or procedures are n place for regular faclty evaluaton and buldng mantenance.
Physical Security
Physcal securty ncludes all elements that make up the faclty: t protects people, property, and processes. Centers should plan, dentfy, desgn, tran, and mplement all approprate securty measures; adhere to them; dentfy and create a program that identifies physical assets, threats, and vulnerabilities; assess and prioritize risks; and identify ways to resolve and respond to concerns or breaches.52 A physcal securty plan should have, at a mnmum, the followng components:53 Rsk assessment Operatng procedures Tranng, testng, and rehearsal plan Managng threats Communcatons plan
Site Selection
When selectng or buldng a ste for a fuson center, t s mportant for the ste to be based on the functonal needs of the center. At a mnmum, a ste should be desgned based on the followng functonal elements: Collecton/data management Analyss Command and control/executve Deconfliction Communcaton and dssemnaton
52 Davd Hochman, Disruption Defense: Facility Security Breaches, 2002. 53 U.S. General Servces Admnstraton, 3d ed., www.gsa.gov, 2004.
48
Occupant Emergency Plan (OEP) COOP
Centers may consder mantanng a faclty/securty manager or officer who is responsible for preparing the facility security polcy, montorng and adherng to the polcy, and tranng center personnel regardng the securty polcy and protocols. Tranng of users s crtcal. Users must understand ther role and responsblty n adherng to a securty plan, as well as how to notfy the approprate management when ssues or concerns arse regardng securty, such as lost badges or noncomplance (see Gudelne 9).
can usually be accomplshed at the Secret level. Resources regardng securty clearances are ncluded on the resource CD. Law enforcement should be cognizant of classification levels when dstrbutng nformaton to publc safety and prvate sector enttes. One of the goals of the fuson center s to enhance information sharing, and information classification barriers should be minimized. Rather than rely on clearances, fusion centers should attempt to declassfy nformaton and ntellgence, when possble, to dssemnate to publc safety and prvate sector partners. Centers also need a secure operation to perform classified work. Centers may consder use of the Senstve Compartmented Information Facility (SCIF) concept. An SCIF is defined as an accredted area, room, group of rooms, buldng, or an nstallaton where Senstve Compartmented Informaton (SCI) may be stored, used, discussed, and processed. SCI is classified nformaton concernng or derved from ntellgence sources, methods, or analytcal processes that s requred to be handled wthn formal access control systems establshed by the drector of the Central Intellgence Agency.54
Contingency Plan
The Law Enforcement Intellgence FCFG recommended that fuson centers dentfy a skeleton model for emergency operatons. Centers should develop a contngency plan. A contngency plan enables the sustaned executon of mssoncrtcal processes and nformaton technology systems durng an extraordnary event that causes these systems to fal. In addton, t s recommended that fuson centers develop and adopt a COOP to perform essental functons at an alternate locaton durng an emergency. COOP enables each level of government and jursdcton to preserve, mantan, and/or reconsttute ts capablty to functon effectvely n the event of a threat, dsaster, or emergency. Consult the U.S. Department of Homeland Securty (DHS) Federal Emergency Management Agencys (FEMA) Interim Guidance on Continuity of Operations Planning for State and Local Governments, dated May 2004.

Executve Orders 12968, 12958, and 13292 Regardng Classified Information FBI Securty Clearance and Frequently Asked Questons GSAs Facilities Standards for the Public Buildings Service IACP Police Facility Planning Guidelines: A Desk Reference for Law Enforcement Executives, www.acp.org/documents/ pdfs/Publcatons/ACF2F3D%2Epdf Natonal Insttute of Standards and Technology, Contngency Plan Template, http://csrc.nst.gov/fasp/FASPDocs/ contngency-plan/contngencyplan-template.doc
Security Clearances
Most nformaton needed by state or local law enforcement can be shared at an unclassified level. However, in those cases where it is necessary to share classified information, it
54 Crmnal Intellgence Glossary of Terms, November 2004.
49
50
Guideline 11
Achieve a diversified representation of personnel based on the needs and functions of the center.
Human Resources Justification

Selectng personnel depends upon the needs and functons of the center. The center wll conduct, at a mnmum, all aspects of the ntellgence process. Staff wll need the ablty to perform analytcal functons and provde strategc and tactcal assstance. It s mportant for the center to recrut the hghest qualty ndvduals and to ensure center personnel are assgned appropriately. For example, leadership should ensure qualified personnel are selected for key objectves such as collecton and analyss. Personnel should demonstrate attenton to detal, ntegrty, good nterpersonal communcaton sklls, and the ablty to accept and learn from constructve crtcsm. Publc safety and prvate sector personnel should be ncluded in staffing. Leadership should be cognizant of the integration of publc safety and prvate sector partners and ther mportance to the success of operatons, though enttes for each component may provde personnel n dfferent ways (full-tme representaton, a part-tme representatve, or a lason). Publc safety and prvate sector participation may fluctuate based on identified threats or ongong operatons. For nstance, f an nformaton technology (IT) threat is identified, public safety/private sector partners who are experts in the IT field may change from a liaison-type membership to full-time personnel until that threat is neutralized or unsubstantiated. Or, if hazardous material moves through the fuson center jursdcton once a month, publc and prvate sector partners associated with hazardous materials may become fulltme personnel wthn the fuson center durng ths operaton. Fuson center management should consder exchangng personnel wth prvate sector partners to ad n tranng and understandng how each component functons. Cross-tranng wll ad n provdng fuson center analysts wth an understandng of the prvate sector, ncludng what threats affect them, how threats are handled, and the types of nformaton that the prvate sector can provde to fuson centers. Prvate sector personnel assgned to the fuson center wll understand fuson center operatons and nformaton requrements.
Furthermore, the governance body should contnually evaluate center membershp and partners. In short, the fuson center represents a fluid environment, and as new businesses and organizations are established within the jurisdiction, the governance body should reach out to these organizations.

When staffing a fusion center, consider: Recrutng personnel based on a Concept of Operatons (CONOPS) and center msson and goals. Mantanng a 24-hour-a-day/7-day-a-week operaton wth appropriate staffing levels. Ensurng approprate command structure and leadershp. Establshng a permanent full-tme cvlan (non-law enforcement) poston to provde contnuty and consstency n the long term (.e., faclty manager/center drector). Maintaining a small core staff dedicated to specific functons, such as admnstraton, nformaton technology, communcatons, and graphcs. Creatng unts of operaton (or crme desks), such as ntellgence, crmnal nvestgatons (e.g., volent crmes, drugs, and gangs), analytcal, and homeland securty. Identifying and utilizing subject-matter experts from law enforcement, publc safety, and the prvate sector. Ensurng equal/proportonal representaton of personnel from partcpatng enttes. Mantanng legal counsel dedcated to the fuson center to help clarfy laws, rules, regulatons, and statutes governng the collecton, mantenance, and dssemnaton of nformaton and lason wth the development of polces, procedures, gudelnes, and operatonal manuals. Liaising with the local prosecutors office. Securng approprate number and types of securty clearances for personnel and dentfyng clearances based on local, state, and federal requrements. Requrng a mnmum term commtment for full-tme center personnel.
51
Ensurng a Memorandum of Understandng (MOU) addresses human resources management and ssues. Institutionalizing professionalism. Establshng a mechansm to manage temporary personnel. Usng a personnel checklst when assgnng or removng personnel from the center (see Sample Checklst on resource CD).
Staffing Model Templates

While most staffing models do not focus specifically on law enforcement personnel, there are some gudelnes that leadershp can use to help adequately staff a fuson center. Durng the focus group meetngs, the followng categores of staffing were recommended. These categories include: Collecton functoncollecton management process Analytcal servces Techncal support Communcatons lason for dssemnaton and sharng externally Leadershp/commandsupportng ntellgence-led polcng
Example Staffing
Arizona Counter Terrorism Information Center (ACTIC)
The ACTIC wll operate on a 24-hour-a-day/7-day-a-week bass and will function as a multiagency, all-hazard effort staffed by members of the Department of Publc Safety and other local, state, and federal agences.
California State Terrorism Threat Assessment Center (STTAC) and Regional Terrorism Threat Assessment Centers (RTTAC)
The STTAC and four RTTACs are all-crimes, all-hazards fuson centers that ntegrate local Jont Terrorsm Task Forces (JTTFs), FBI Feld Intellgence Groups (FIG), Terrorsm Early Warnng Groups (TEWG), and other state agences n ther operations. Terrorism Liaison Officers (TLO) are designated at local agences and have network access to the Calforna Jont Regonal Informaton Exchange System (CAL JRIES) to lnk local operatons and nformaton gatherng wth the STTAC and RTTACs.
This staffing model follows the functions within the intelligence process. Focus group members recommended that the intelligence process dictate the number and level of staffing. It s also mportant to consder the need for supervsory and management postons, as well as tranng and nformaton technology support personnel.
Standards for Analysts

In support of the National Criminal Intelligence Sharing Plan (NCISP), the Internatonal Assocaton of Law Enforcement Intellgence Analyss (IALEIA) publshed the Law Enforcement Analytic Standards booklet, whch s ncluded on the accompanyng resource CD. The booklet contans standards regardng educaton, tranng, contnung educaton, professonal development, certification, and analytic attributes. It is recommended that centers follow these standards when hrng analysts, preparng ndvduals for the poston of analyst, and/or enhancng an ndvduals sklls and abltes (see Gudelne 14, Intellgence Servces and Products, for more nformaton).

RCIC provdes servces to all law enforcement agences and is composed of sworn officers from Rockland County law enforcement agencies. The Intelligence Center officers are assigned specialized desks. Each desk focuses on a specific type of crmnal actvty, ncludng burglary/robbery, counterterrorism, factual data analysis, firearm tracking, identity crimes, organized crime, and street gangs.

Law Enforcement Analytic Standards, http://t.ojp.gov/ documents/law_enforcement_analytc_standards.pdf Personnel Sample Checklst
Georgia Information Sharing and Analysis Center (GISAC)

GISACs day-to-day operations, facilities, personnel, finances, and admnstraton are managed by Georga Bureau of Investgaton supervsors. There are a total of 18 personnel assgned.
Statewide Terrorism Intelligence Center (STIC) Illinois

STIC operates three 24-hour-a-day/7-day-a-week shfts, wth a half-hour overlap on each shift for shift-change briefing. Each shift is staffed with one full-time watch officer and four contractual terrorsm research specalsts (TRS). STIC mantans addtonal supervsory and operatonal staff on the day shft. Each employee works a 37.5-hour workweek. Minimum staffing is one supervsor and two TRSs, Monday through Frday, and two TRSs on weekends.
52
Guideline 12
Ensure personnel are properly trained.
Training of Center Personnel Justification

Training helps personnel maximize the ability to effectively utilize tools in support of center functions. It is recommended that fuson centers adhere to the tranng objectves outlned n the National Criminal Intelligence Sharing Plan (NCISP). In addton, t s recommended that personnel workng wthn the center meet the core tranng standards developed by the Global Intellgence Workng Group (GIWG) and Counter-Terrorsm Tranng Coordnaton Workng Group (CTTWG). Each of the six training classifications identified by the GIWG (intelligence analyst, intelligence supervisor, law enforcement officer, law enforcement executive, intelligence officer/collector, and trainthe-traner) have unque standards. Center personnel should also receve an overvew of center operatons, polces and procedures, and any unque protocols or communcaton needs. The Natonal Governors Assocaton (NGA) Center for Best Practces publshed a paper, State Intelligence Fusion Centers: Recent State Actions, whch surveyed the types of resources that the states need to complete development of or mprove ther ntellgence fuson centers.55 Numerous responses ncluded the need for additional trainingspecifically, training for analysts and supervsors. Publc safety and prvate sector ntegraton nto fuson centers presents new tranng obstacles and opportuntes. Though law enforcement has tradtonally been the prmary ntellgence component n crme preventon, the ntroducton of publc safety and the prvate sector nto the ntellgence process requres addtonal tranng on the ntellgence and fuson processes. In addton, cross-educatonal tranng should occur between the fuson center and the publc safety and prvate sector enttes n order to gve each an understandng of the respectve busness practces wthn each component, what they can provde to fuson centers, and what they need from fuson centers. Fuson center personnel should consder partcpatng n tabletop exercses (TTX), functonal exercses, and full-scale exercses that private sector organizations may stage. These exercises
55 Natonal Governors Assocaton, Center for Best Practces, State Intelligence Fusion Centers: Recent State Actions, 2005.
will assist fusion centers in institutionalizing partnerships with publc safety and the prvate sector through strategc and tactcal ntegraton and wll also ad n testng the communcatons plan (see Gudelne 18). Fuson center partcpaton n these types of exercses wll also ad n dentfyng the nformaton requrements of the fuson center, prvate sector, and publc safety enttes.
53
The publc safety and prvate sector components represent nontradtonal gatherers of nformaton and present an opportunty to enhance and ncrease the amount and types of data that fuson centers receve. Because these enttes are nontradtonal and may not be aware of the ntellgence cycle and the nformaton requrements of the fuson center, fuson centers should provde tranng to fuson center staff and publc safety and prvate sector lasons. Ths tranng explans the types of nformaton that nontradtonal gatherers should be aware of, the mportance of ths nformaton, how to gather the nformaton, and who to report t to.
States Law Enforcement and Other Criminal Justice Agencies and have been endorsed by the GIWG Tranng/Outreach Commttee, the Crmnal Intellgence Coordnatng Councl (CICC), the CTTWG, and the Global Advsory Commttee. The report s ncluded on the resource CD. These recommended mnmum crmnal ntellgence tranng standards were developed for the following training classifications: Intellgence analyst Intellgence manager Law enforcement executve General law enforcement officer (basic recruit and n-servce) Intelligence officer/collector Tran-the-traner These efforts are significant, not only in implementing the tenets of NCISP but also in building awareness, institutionalizing the mportance of crmnal ntellgence, ncreasng the value of ntellgence personnel, fosterng relatonshps among the law enforcement communty, mprovng the ablty to detect and prevent acts of terrorsm and other crmes, and creatng a safer home for citizens. The U.S. Department of Homeland Security (DHS), Office of State and Local Government Coordnaton and Preparedness, is currently developing training in the field of intelligence and information sharing capabilities. Once finalized, this training will be available for widespread utilization by state and local governments, as well as all relevant fuson center partcpants.56 It s also recommended that center staff receve tranng regardng faclty securty and operatons and nformaton securty, as well as the centers polces and procedures.

When revewng tranng, consder: Identfyng tranng needs of center personnel. Providing specialized training, as appropriate. Provdng tranng on the fuson center operatons, NCISP, ntellgence cycle, and the fuson process. Provdng nformaton collecton tranng for fuson center partcpants. Provdng tranng n tactcal and strategc ntellgence. Seekng accredted or standards-complant tranng programs for government personnel. Utilizing private security entities for subject-matter training (e.g., cyber securty). Emphasizing analysis and its link to intelligence-led policing. Developng materals and ntegratng outreach efforts. Adherng to other tranng mandates. Ensuring that personnel assigned to specific crime desks receive crime-specific training. Utilizing scenario-based training, simulations, games, and tabletop and field exercises. Partcpatng n publc safety and prvate sector tabletop, functonal, and full-scale exercses. Partcpatng n college- and unversty-sponsored ntellgence and analyst tranng programs.

Counter-Terrorsm Tranng Coordnaton Workng Group (CTTWG) Web ste, www.counterterrorsmtranng.gov Homeland Securty Presdental Drectve 5 (HSPD-5), www. whtehouse.gov/news/releases/2003/02/20030228-9.html Homeland Securty Presdental Drectve 8 (HSPD-8), www.fas.org/rp/offdocs/nspd/hspd-8.html Internatonal Assocaton of Law Enforcement Intellgence Analysts (IALEIA), www.alea.org/ Internatonal Assocaton of Drectors of Law Enforcement Standards and Tranng (IADLEST), www.adlest.org/ Minimum Criminal Intelligence Training Standards for United States Law Enforcement and Other Criminal Justice Agencies, www.t.ojp.gov/documents/mnmum_crmnal_ ntel_tranng_standards.pdf Natonal Whte Collar Crme Center (NW3C), www.nw3c.org
NCISP Training Objectives and Minimum Training Standards

In November 2003, the Crmnal Intellgence Tranng Coordnaton Strategy (CITCS) Workng Group was establshed to develop a recommended ntellgence tranng coordnaton strategy. The CITCS recognized that there were voids in existing crmnal ntellgence tranng and duplcaton of effort n terms of tranng development and delvery. The CITCS met throughout 2004 and finalized their recommendations in June 2004. The CITCS recommendatons are contaned n the report enttled Minimum Criminal Intelligence Training Standards for United
56 More nformaton about the tranng opportuntes avalable can be found at the Office for Domestic Preparedness Web ste at www.ojp.usdoj.gov/odp/.
54
Guideline 13
Provide a multitiered awareness and educational program to implement intelligence-led policing and the development and sharing of information.
Multidisciplinary Awareness and Education Justification

In addton to tranng center personnel (see Gudelne 12), a center should provde general awareness tranng for all those nvolved n ntellgence, regardless of whether they are assgned drectly to the center. All nvestgatve or ntellgence personnel, as well as nontradtonal gatherers of nformatonsuch as fire, emergency management, and health personnelshould receve tranng. Personnel should be equpped to dentfy suspcous actvtes or threats and provde nformaton to fuson center personnel, as approprate. Further, nontradtonal partners should be provded wth stuatonal awareness tranng, specifically, training that aids in the identification of activities and events that may be related to a crmnal enterprse. In addton, polcymakers and legslators should understand the centers msson and goals n order to effectvely support center efforts, make decsons regardng fundng and resource allocaton, and respond approprately durng emergences. Part of ths process s developng outreach materals and ensurng that tranng s ongong and relevant. The tranng objectves and recommended mnmum crmnal ntellgence tranng standards developed n support of the National Criminal Intelligence Sharing Plan (NCISP) apply to ths standard (also see Gudelne 12, Tranng of Center Personnel). Recommended mnmum crmnal ntellgence tranng standards have been developed for the following training classifications: Intellgence analyst Intellgence manager Law enforcement executve General law enforcement officer (basic recruit and in-service) Intelligence officer/collector Tran-the-traner
and executves offer gudelnes and nformaton pertanng to the importance of intelligence, process collecting, and analyzing and dssemnatng ntellgence; how to manage and support an ntellgence functon; and how to develop and adhere to approprate polces. Nontradtonal collectors of ntellgence, public safety entities such as fire, health, and agriculture, and the prvate sector should have awareness tranng, ncludng nformaton gatherng. Many local, state, and prvate organizations provide awareness-level training. Centers should dentfy approprate tranng mechansms and provde outreach to personnel. The general publc should be knowledgeable and prepared. Ths level of publc awareness and educaton requres a focused and concentrated effort. Optons for leadershp to nform the publc about fuson centers nclude partcpaton at town hall meetngs, cty commsson meetngs, or meda nteracton (newspaper artcles, televson news stores). It s mportant n order for the publc to support the fuson center to understand ts purpose and msson.

When revewng awareness tranng, consder: Talorng tranng based on the needs of ndvdual personnel (i.e., law enforcement officers and executive, public safety, and prvate sector representatves). Identfyng what elements ntellgence personnel need regardng center operatons. Developng materals and ntegratng outreach efforts. Communcatng wth all agences servced by the center to ensure approprate tranng. Prioritizing the intelligence function to address threats posed in specific fusion center jurisdictions. Integratng ntellgence-led polcng to support customer needs, define tasks, and prioritize functions. Utilizing computer-based training for nontraditional information gatherers (e.g., security officers).
Training standards for analysts, officers, and collectors should nclude elements regardng how to dentfy and collect ntellgence. In addton, the recommendatons for managers
55
Ensurng tranng ncludes awareness of prvacy ssues assocated wth nformaton collecton, storage, and dssemnaton.

Counter-Terrorsm Tranng Coordnaton Workng Group (CTTWG) Web ste, www.counterterrorsmtranng.gov HSACs Intelligence and Information Sharing Initiative: Homeland Security Intelligence and Information Fusion report Minimum Criminal Intelligence Training Standards for United States Law Enforcement and Other Criminal Justice Agencies, www.t.ojp.gov/documents/mnmum_crmnal_ ntel_tranng_standards.pdf
56
Guideline 14
Offer a variety of intelligence services and products to customers.
Intelligence Services and Products Justification

The majorty of the ntatves revewed durng the focus groups processes operate 24 hours a day, 7 days a week and act as a clearnghouse for nformaton and/or ntellgence sharng. The ntellgence process acts as the framework but does not lmt nformaton sharng to ntellgence product dssemnaton. As such, personnel utilize the intelligence process while producing analytcal servces, such as crme-pattern analyss, assocaton analysis, telephone-toll analysis, flowcharting, financial analysis, and strategc analyss. Fuson centers should take nto account the needs and requrements of ther respectve jursdctons when producng products and servces. As a result of sharng nformaton throughout the ntellgence process, the ntatves provde an array of ntellgence products, such as ntellgence reports, brefs, threat assessments, charts, graphs, and mappng. Thus, t s mportant that center personnel, especally analysts, be famlar wth computer applcatons that have nformaton storage capabltes whch allow the user to sort, query, and filter information; applications for presenting information; and applications for linking and flowcharting. Some initiatives have compartmentalized their operations by creatng dvsons, such as nvestgatons, ntellgence, and admnstraton. Ths structure may assst n dentfyng and assgnng responsbltes, as well as holdng personnel accountable. It s mportant to know who the programs customers are and what types of servces and products they need.
Intellgence support for nvestgatons Vsual nvestgatve analyss Alerts and notifications Deconfliction Target identification Crtcal nfrastructure analyss Tranng opportuntes Geospatal magng Criminal backgrounds and profiles Case correlaton Crme-pattern analyss Assocaton, lnk, and network analyss Telephone-toll analyss Flowchartng Fnancal analyss Intelligence reports and briefings Threat assessments Terrorsm calendar

It s recommended that law enforcement ntellgence programs produce both strategc and tactcal products to support the msson and prortes of the center. A major purpose of ntellgence analyss s management decson makng. Consder provdng the followng servces and products: Investgatve and tactcal response Proactve strategc analyss
Centers should prioritize their intelligence function, based on specific threats in their jurisdictions/regions, and integrate intelligence-led policing to support customer needs, define tasks, and prioritize functions. When specific threats are identified, centers should partner with agencies and organizations that can ad n analyss, e.g., computer analyss and forensc analyss. For example, f a government network has been hacked nto, then computer resources from law enforcement and the prvate sector may help the nvestgaton and analyss.
Standards for Analytical Products

The National Criminal Intelligence Sharing Plan (NCISP) recommends that the agency chief executive officer and the manager of ntellgence functons should support the development of sound, professonal analytc products (ntellgence). One way to accomplsh ths s to recommend that products meet substantve crtera. The Internatonal
57
Assocaton of Law Enforcement Intellgence Analysts (IALEIA) Law Enforcement Analytic Standards booklet provdes standards for analyss that correspond to the ntellgence process. These standards focus on: Plannng Drecton Collecton Legal constrants Evaluaton Collaton Analytc accuracy Computerized analysis Analytc product content Analytc outcomes Dssemnaton plan Analytc report Analytc product format Analytc testmony Data source attrbuton Analytc feedback Analytc producton evaluaton
Center personnel must utilize the relationships between regulatory government agences and the prvate sector when conductng rsk assessments, these relatonshps have already been established and expertise identified. For the nonregulated industry, center personnel should meet with industry officials to dentfy the crtcal nfrastructure and what s avalable. These meetngs wll also lay the foundaton for developng trusted relatonshps wth subject-matter experts. The fuson center should be aware that nformaton gathered by regulatory agences may be protected by regulatons and, therefore, not be subject to dssemnaton. In addton, the center may develop assessments of the vulnerabltes and securty protocols for crtcal facltes. Ths may range from smply mantanng the assessments completed by others to actually partcpatng n on-ste assessments. Ether way, t s mportant that the center receve rsk assessments to aid in threat identification and prevention. The fusion center may consder workng wth the area Jont Terrorsm Task Force (JTTF), Ant-Terrorsm Advsory Councl (ATAC), Informaton Sharng and Analyss Center (ISAC), and the U.S. Department of Homeland Securty (DHS), ncludng the USP3 portal, as well as other state and local authortes, to desgn and mplement operatonal reslency objectves to nclude protectve measures that mtgate vulnerabltes. Included n the resource documents s a secton from the Florda Department of Law Enforcement (FDLE) Terrorism Protection Manual that covers crtcal nfrastructure assessments. Industry-specific subject-matter experts should be used to aid in infrastructure assessments and the identification of rsks assocated wth the prvate sector. Subject-matter experts have the knowledge and tranng to dentfy and assess crtcal nfrastructure assocated wth the prvate ndustry and are valuable assets for fuson centers. Furthermore, workng wth subject-matter experts wll demonstrate contnued collaboraton between prvate ndustres and fuson centers and wll foster trust and the creaton of successful partnershps. If fuson centers are tasked wth conductng crtcal nfrastructure assessments, every effort should be made to protect the results of these assessments. Ths nformaton s senstve and must not be released to nonauthorized personnel. Center management should be aware of local, state, and federal laws regardng the storng and release of ths nformaton. The DHS Office of Preparedness and Office of Intelligence and Analyss (OPOIA) helps deter, prevent, and mtgate consequences in all-hazard environments, assessing threats, explotable vulnerabltes, and consequences. Developed as a result of the Crtcal Infrastructure Informaton Act, the OPOIA can ad centers wth assessments, rsk analyss, and complatons of crtcal nfrastructure assets. More nformaton regardng these programs can be vewed at www.dhs.gov.
It is recommended that analysts or individuals fulfilling the analytc functon adhere to the standards outlned n the booklet. A copy of the booklet s ncluded on the resource CD.
Infrastructure Assessment and Resources

A significant role for any fusion center concerned with homeland securty, s trackng crtcal nfrastructure and assessng the lkelhood of t beng the target of a terrorst attack. It s mperatve that there s collaboraton between center personnel and prvate sector partners when rsk assessments are beng conducted regardng the prvate sector. The prvate sector has detaled knowledge of ts nformaton, processes, and nfrastructure, and ts subject-matter experts and securty personnel can dentfy accurate and comprehensve rsks. Fuson centers may also analyze risks within the jurisdiction, including those rsks assocated wth publc safety and prvate securty. Rsk assessments, when performed n conjuncton wth prvate sector securty and subject-matter experts, wll ad the center n dentfyng key nfrastructure when threats are present. Fuson centers may also be tasked wth catalogng crtcal nfrastructure; developng a methodology to track ntellgence relatng to threats, explotable vulnerabltes, and the consequences of loss of those facltes; mantanng and sharng wth partners a lst of specal events that may pose a threat (e.g., hgh vsblty and large crowds); and developng a mechansm to update ths nformaton regularly.

DHSs National Response Plan, December 2004 Terrorism Protection Manual, FDLE, February 28, 2003
58
Guideline 15
Develop, publish, and adhere to a policies and procedures manual.
Policies and Procedures Justification

Fusion centers should use a formalized policies and procedures manual. A comprehensve manual offers a number of advantages.57 It demonstrates that the center has provded drecton to ts employees and that personnel follow approved procedures n carryng out ther dutes. In addton, polces and procedures ndcate that the governng body has been proactve n plannng, nstead of reactve or watng untl an ncdent occurs to wrte polcy. The polces and procedures manual s the foundaton for communcatons wthn the center and among personnel. By developng, publshng, and adherng to a polces and procedures manual, the expectatons for personnel are outlned, creatng consstency and accountablty whle reducng lablty and enhancng overall professonalsm. A polces and procedures manual also serves as a central repostory for all center drectves. It s mportant for personnel to easly locate the centers most recent procedures.
Implementng an annual revew of center drectves and purgng or revsng outdated polces and procedures. Establshng a contractors code of conduct. Ctng of the polcy and procedures manual n the Memorandum of Understandng (MOU) and Non-Dsclosure Agreement (NDA) (Gudelne 5). Outlnng how and from whom ntellgence requrements are determned; e.g., the prvate sector has ntellgence requrements for protecton of ts facltes. Ensurng understandng of and complance wth local and state confidentiality laws and how to appropriately safeguard data. Ctng prvacy polces (local, state, and federal), ncludng the separaton of nformaton, to ensure understandng of and complance wth the prvacy gudelne.

When desgnng a polces and procedures manual, consder:58 Outlnng the roles and responsbltes of all partes nvolved. Includng language that nformaton should only be used for crmnal nvestgatons. Includng the centers msson, goals, objectves, polces, procedures, rules, and regulatons. Talorng the manual to meet the needs of the center. Ensurng personnel have easy access to the manual. Provdng employees a copy of the manual and/or provdng an onlne manual. Using a standardized format to allow for easy reading, filing, retrevng, and correctng.
Suggested Policies and Procedures

Begn by dentfyng exstng gudelnes, statutes, polces, and procedures that affect center operatons and ensure adherence to regulatons, such as 28 CFR Part 23 and the Crtcal Infrastructure Informaton Act. Personnel should be traned on and understand all center processes and polces and procedures
57 Mchael Carpenter, M.A., M.A.T., Put It n Wrtng: The Polce Polcy Manual, FBI Law Enforcement Bulletin, Vol. 69, No. 10, October 2000. 58 Ibd.
59
and adhere to them at all tmes. Areas that may requre polces and procedures nclude: Intellgence process (see Gudelne 1, NCISP). Intellgence collecton requrements. Securty for data, faclty, personnel, and systems (for more nformaton, see Securty (Gudelne 9); Faclty, Locaton, and Physcal Infrastructure (Gudelne 10); and Human Resources (Gudelne 11). Communcatons (for more nformaton, see Interconnectvty [Gudelne 7]). Prvacy (for more nformaton, see Gudelne 8, Prvacy and Cvl Lbertes). Accountablty and revew. Sanctons and volatons of polces and procedures.
In addton to the regulatons of 28 CFR Part 23, the National Criminal Information Sharing Plan (NCISP) also recognizes the followng documents and gudelnes for creatng and mplementng a polces and procedures manual: the Law Enforcement Intelligence Unit (LEIU) Criminal Intelligence File Guidelines and the Justice Information Privacy Guideline.

28 CFR Part 23, www.r.com/28cfr/Overvew.htm Evaluation Checklists for Intelligence Units, Paul R. Roger IACPs Criminal Intelligence Model Policy Law Enforcement Intellgence Unts (LEIU) Criminal Intelligence File Guidelines, http://t.ojp.gov/documents/LEIU_ Crm_Intell_Fle_Gudelnes.pdf Justice Information Privacy Guideline, www.ncja.org/pdf/ prvacygudelne.pdf Privacy Policy Development Guide, http://t.ojp.gov/ documents/Prvacy_Gude_Fnal.pdf
28 CFR Part 23
Agences that use federal funds to set up or mantan a crmnal ntellgence database (and share nformaton between jursdctons) may need to comply wth the regulatons of 28 CFR Part 23. The regulatons requre agences to have polces and procedures n place regardng ntellgence operatons. The specifics of the policies are left to the individual agencies. A copy of ths regulaton s ncluded on the accompanyng resource CD. Addtonal nformaton may also be found at www.r.com/28cfr.
60
Guideline 16
Define expectations, measure performance, and determine effectiveness.
Center Performance Measurement and Evaluation Justification

It s mportant to have a process that systematcally revews performance. Performance measurement revew s crtcally important to the health of an organization. The review must accurately reflect existing performance and operate to initiate mprovement. Revewng an enttys objectves s requred to ensure ntegrty of the measurement process and to justfy continued investment in the organization or project. An effective and verifiable performance measurement-and-review process can address these concerns. The performance measures addressed under ths standard refer to the centers performance, not those of an ndvdual. Personnel ssues are addressed under Gudelne 11, Human Resources. Due to the unque structure of fuson centers, tradtonal law enforcement performance measures may not adequately gauge center performance. Performance measures should be desgned based on the centers core msson, goals, and objectves and should reflect services generated from all areas of the center. It s also mportant to note that performance measures and fundng are often related. Management should consder ths relatonshp when developng measures and revewng/submttng fundng requests. Performance measures offer quanttatve valdaton for management and polcymakers regardng the effectveness of the fuson center. Furthermore, performance measures may demonstrate to law enforcement, publc safety, and the prvate sector the effectveness of housng a multdscplnary ntellgence functon n one locaton, whch may result n contnued fundng for the center. Centers mght also consder developng an evaluaton process, whch dffers from performance measurement. Performance measures assess center servces and accomplshment of ts mission. Evaluation, on the other hand, reflects judgments regardng the adequacy, approprateness, and success of a partcular servce or actvty.59 In other words, performance
59 Charles R. McClure, Performance Measures, School of Informaton Studes, Syracuse Unversty, 1996.
measures focus on the what whle evaluaton focuses on the why.

When establshng performance measures and evaluatng effectveness, consder: Defining the expected performance. Developng outputs and outcomes that measure the expected performance. Coordnatng the development and revew of measures and performance wth partcpatng agences. Developing meaningful relevant and quantifiable measures. Creatng measures that are based on vald and relable data. Valdtyask the queston: Does the nformaton actually represent what we beleve t represents? Relabltyask the queston: Is the source of the nformaton consstent and dependable? Creatng both nternal and external measures where nternal measures pertan to admnstratve purposes. Establshng reasonable standards and targets. Leveragng whch systems and databases statstcally capture data. Utilizing automation to capture, store, and report performance. Reportng and revewng on performance regularly (.e., board or managers meetngs) and adjustng operatons, as approprate. Publicizing performance to the public, policymakers, and customers. Creatng accountablty and deterrng the consequences for not meetng targets. Surveyng customers. Integratng feedback and suggestons nto fuson center operatons. Developng a strategc plan to gude operatons.
61
Contnually evaluatng performance measures to extend beyond the crmnal justce nformaton sharng envronment, to nclude publc safety and the prvate sector. Lasng wth the U.S. Department of Homeland Securty (DHS), Office of State and Local Government Coordination and Preparedness, regardng the Target Capabltes Lst.
Using Performance Measures

Once performance measures are developed, baselne data wll need to be obtained during the first year of operation. Baseline data asssts managers n determnng the standards for future years. Measures should reflect center goals and be quantifiable. Standards should be challengng to acheve but also realstc. Management should revew performance regularly and nform center personnel of progress. By keepng employees nformed and nvolvng them n the performance-measure process, they wll be motvated to work collectvty to reach targeted goals. Performance measures can be ted to fundng and resource requests and have a significant impact on support and future endeavors.
Elements of Good Performance Measures

Generally accepted gudelnes for developng performance measures nclude: Using standard terms and definitions. Gaugng progress towards agency goals and benchmarks or other hgh-level outcomes. Focusng on key ssues. Havng reasonable targets. Basng on accurate and relable data. Beng easly understood and measurng performance n a sngle area. Beng tmely. Lmtng subjectvtybeng objectve.

Office of Management and Budget, www.omb.gov Target Capabltes Lst, Verson 1.1, www.ojp.usdoj.gov/odp/ docs/TCL1_1.pdf
62
Guideline 17
Establish and maintain the center based on funding availability and sustainability.
Funding Justification
Fundng s crtcal to establshng fuson centers, drectly mpactng a centers longevty and ablty to effectvely and efficiently operate. Often, new initiatives receive start-up funds through government programs and/or grants. Ths seed money s an excellent means of begnnng new projects or programs. Unfortunately, some efforts end because ntal fundng has been spent and no additional funding was identified or obtained to contnue the project. For the long term, t s essental that centers take responsblty for fundng to ensure sustanablty. Fuson centers that have been surveyed regardng ther ongong needs repeatedly cte fundng as a prorty n the development and sustanment of the center.60 It s recommended that management dentfy the needs of the center and dentfy avalable fundng sources from local, state, federal, and nongovernmental sources. Fuson center leadershp should seek to lnk the performance of the center to fundng. As seed money ends, performance measures may be an effectve tool for fuson centers to use n securing funding. Performance measures that cover notifications and ntellgence servces and products demonstrate the success and return on nvestment of a fuson center.
Adherng to reportng requrements (.e., annual report). Ensurng fuson center sustanablty. Identfyng return on nvestment for fuson center partners (e.g., defining what partners will receive as a result of partcpaton).
Center Expenses
To effectvely operate a fuson center, a number of cost elements must be identified and addressed in a budget. Some of these expenses can be shared among partcpatng agences. The followng s a sample lst of budgetary expenses that wll requre fundng: Salary Vehcles Equpment Supples/commodtes Faclty Furnshngs Informaton technology support Communcaton equpment Tranng Travel Contractual (coper, delvery) Prntng Physcal securty (personnel, sensors, specal rooms for federally classified information, and related systems) Communications (high-bandwidth, federally classified nformaton)

When revewng fundng needs and sources, consder: Basng fundng on center prortes. Leveragng exstng resources/fundng from partcpatng enttes. Ensurng resource commtment of partcpatng enttes s addressed n the Memorandum of Understandng (MOU). Identifying supplemental funding sources (i.e., seized assets/ forfetures, local and state government appropratons, state and federal grants, and prvate sources). Establshng an operatonal budget.

Summary of Fundng Resources The U.S. Governments Official Web Portal, www.firstgov.gov
60 NGA, Center for Best Practces, State Intellgence Fuson Centers: Recent State Actons, 2005.
63
64
Guideline 18
Develop and implement a communications plan within the fusion center; among all involved law enforcement, public safety, and private sector agencies and entities; and with the general public.
Communications Plan Justification

Communcaton s essental to fuson center operatons. Fuson center leadershp must be able to communcate wth center personnel and representatves, should the need arse. Wth the ncluson of publc safety and prvate sector partners, communcaton needs become complex. Publc safety and prvate sector enttes may not always be present n the fuson center daly actvtes but are key partners n ts operaton. Wth a varety of communcaton optons, centers should develop levels of communcaton, backup communcaton procedures, and emergency contact protocols. Snce September 11, there has been a focus on nteroperablty wthn the law enforcement community and among first responders (e.g., fire and EMS). It s mportant to have nteroperablty between fuson center representatves. If communcatons systems are not nteroperable, the effort wll be futle. The general publc s also an ntegral part of the communcatons plan. They may report nformaton and events to the fuson center, and n the event of a terrorst attack or crme ncdent, the publc must be kept nformed of the stuaton. Varous types of communcaton nclude: E-mal Electronic notification to pagers and cell phones Hard lne telephone Secured lne telephone Satellte telephone Fax machne Vdeo teleconferencng Handheld rado Password-protected Web page for postng nformaton Face-to-face Alert notification systems W-F Mesh networks
Personnel and partners wthn the fuson center should be aware of the dfferent types of nformaton that may be communcated wthn the fuson center, ncludng publc, senstve, propretary, and secret. These different classification types should determine how fuson centers share nformaton. Fuson center personnel should have a clear understanding of what the classifications are and how they apply to nformaton sharng. When fuson centers develop a communcatons plan, leadershp should antcpate that n the event of a terrorst attack or largescale emergency, phone lnes wll quckly be ted up or dsabled and phone servce lost; therefore, alternate communcaton means should be ncluded n the communcatons plan. For example, f landlne and all phone voce crcuts are jammed, the use of text messagng may be a vable opton. Smlarly, f power s avalable and voce crcuts are jammed, Internet messagng can be utilized. The communications plan should also include personnel recall procedures and, for those enttes that do not supply a full-tme member to the fuson centers, lason call-out procedures. Fusion centers should identify a public information officer (PIO) to ad n the coordnaton of publc and meda nqures nto the fuson center. In the event of a dsaster (man-made or natural), a PIO wll ad n ensurng that fuson center staff are not hndered from conductng ther dutes and redrected to answerng meda queres. A PIO may also perform n a proactve awareness capacty, nformng the meda and the publc of ongong operatons and success stores wthn the fuson center.

When dentfyng communcatons needs, consder: Determnng how fuson center components wll communcate durng a dsaster. Identfyng an alternatve power source for communcatons when tradtonal utltes are unavalable. Creatng a ter system for communcatons based on threat level. Ensurng the exstng communcaton capabltes between components and enttes are nteroperable.
65
Ensurng that all enttes have approprate communcaton tools (e.g., vdeo-teleconferencng equpment, pagers, or cell phones wth text-messagng capabltes). Incorporating current communications plans that are utilized by law enforcement and emergency servces (ncludng hospitals, EMS, and fire). Obtanng a cache of rados for fuson center personnel to use n emergency stuatons. If the communcatons plan ncludes rado communcaton, meetng wth law enforcement to dentfy a fuson center rado channel (e.g., specal events channel or specal operatons channel). Settng asde a phone lne only accessble to fuson center personnel and partnerng enttes for emergency communcatons.
Includng a secton that addresses testng the plan to ensure operablty and mantenance of current contact nformaton for fuson center partcpants. Creatng redundancy n the communcatons plan. In advance of an emergency, consultng wth the local telephone provder about avalable backup and alternatve communcatons optons for the fuson center, ncludng moble cellular stes. Equppng the center wth a satellte phone to ensure communcaton beyond the local rado net when, n an emergency, standard connectvty s lost.

State and Local Guide (SLG) 101: Guide for All-Hazard Emergency Operations Planning, Chapter 4, http://www.fema. gov/pdf/plan/4-ch.pdf
66
Next Steps
Fusion centers should strive to institutionalize the relationships establshed wth ts law enforcement, publc safety, and prvate sector partners. It s through these relatonshps that the center wll be truly effectve n the preventon and deterrence of crme and terrorism. As relationships are institutionalized, mistrust and fear of nformaton dsclosure wll dmnsh and effectve and efficient information and intelligence sharing will be seamless. Furthermore, n the event of a dsaster or major crme ncdent, these relatonshps wll be vtal n successfully nvestgatng the crme or gettng essental servces back onlne. In order for the relationships within the fusion center to be institutionalized, fuson center governance should have ongong dalogue wth publc and prvate sector leadershp and agency heads. Fuson centers should become nvolved n exstng ndustry networks and organizations, such as credit card fraud networks. Through these establshed networks, fuson centers can demonstrate effectveness n usng the ntellgence and fuson processes. Tranng must also occur between center personnel and ther publc and prvate partners for successful ntegraton. Ths tranng ncludes awareness of the ntellgence and fuson processes, the types of nformaton and ntellgence crucal to crme preventon, the functon of the fuson center and how t operates, and an understandng of the types of nformaton that the publc and prvate sector enttes can provde to the center. Fuson center tranng should also nclude jont tabletop, functonal, and full-scale exercses wth law enforcement, publc safety, and prvate sector partners. These exercses wll ad
67
n dentfyng the role and the nformaton requrements of both the fuson center and the components and wll also test the communcatons plan. Fuson centers represent a capablty for law enforcement, publc safety, and prvate sector enttes to securely develop and share nformaton and ntellgence n an nnovatve, effectve, and efficient manner. Many of the issues impacting fusion centers have been addressed in this report, specifically those affectng ther ntellgence functon. Undenably, as centers are establshed, addtonal ssues wll arse, best practces wll emerge, and future needs will be identified. This document is not meant to be all nclusve; nstead, the recommendatons contaned heren are the foundaton for a much larger and complex enterprse. As ths process contnues, the members of the three focus groups reman commtted to sharng nformaton about fuson center development, operatons, and servces wth all levels of law enforcement. Further developments and materials will be provided on the Office of Justice Programs (OJP) Web ste at www.t.ojp.gov. As recommended n ths report, fuson centers should be establshed n all states to allow for the maxmum capablty of ntellgence and nformaton exchange. Although these gudelnes are not meant to be mandatory, focus group members urge fundng agences and others to promote and adhere to these mnmum gudelnes.
Movng from a reactve response approach to a proactve and preventve approach wll mprove law enforcements ablty to detect and prevent crme and publc safety personnels capablty to respond to emergences. The fuson center concept s an opportunty to brng together crtcal resources and produce meanngful nformaton and ntellgence for dssemnaton to the rght people at the rght tme for the rght reasons. Through collectve and collaboratve mplementaton, the center, ts personnel, and the citizens the center serves will benefit. A key benefit of fusion centers is minimizing duplication. The U.S. Department of Homeland Securty (DHS), the U.S. Department of Justice (DOJ), and the states must be cognizant of exstng fuson centers and those currently under development (ncludng the Urban Area Securty Intatve [UASI] regons) and leverage and enhance the centers that currently exst. Dstrbuton of the Fusion Center Guidelines: Law Enforcement Intelligence, Public Safety, and the Private Sector s mportant for the maxmum effectveness of fuson centers. It s recommended that DOJ and DHS spearhead efforts to ensure that the gudelnes are dstrbuted to all key components and enttes of fuson centers, ncludng law enforcement, publc safety, and prvate sector enttes.
68
Appendix A
Focus Group Participants and Acknowledgements
Law Enforcement Intelligence Fusion Center Focus Group Participants

Norm Beasley, Lieutenant Colonel Arizona Counter Terrorism Information Center Kenneth A. Bouche, Colonel Illnos State Polce Roger Bragdon, Chief Spokane, Washngton, Polce Department David Carter, Ph.D. Mchgan State Unversty Stephen Clark Georga Emergency Management Agency Daniel Cooney, Captain Upstate New York Regonal Intellgence Center C. Patrick Duecy CPD Consultants, LLC John T. Elliff Federal Bureau of Investgaton Dennis Ellis, Lieutenant Indana State Polce William Fennell, Program Manager U.S. Drug Enforcement Admnstraton Max Fratoddi Counterdrug Intellgence Executve Secretarat
Bob Hardin, Inspector Georga Bureau of Investgaton Chris Holmes, Deputy Program Manager ManTech Informaton Systems and Technology U.S. Department of Homeland Securty Cliff Karchmer, Director Polce Executve Research Forum Clark Kimerer, Deputy Chief Seattle, Washngton, Polce Department Mark Marshall, Chief Smithfield, Virginia, Police Department Jerry Marynik, Administrator State Terrorsm Threat Assessment Center Calforna Department of Justce Mary Meyer, Officer Mnnesota Department of Publc Safety Peter A. Modafferi, Chief Rockland County, New York, Dstrct Attorneys Office Doug Poole, Acting Chief U.S. Drug Enforcement Admnstraton Russ Porter, Chief Iowa Department of Publc Safety Don Robertson Georga Bureau of Investgaton Richard A. Russell, Director U.S. Department of Homeland Securty
Kurt Schmid, Senior Advisor Office of National Drug Control Policy Clark Smith, Senior Information Technology Specialist U.S. Department of Justce Mike Snyders, Lieutenant Colonel Illnos State Polce Nicholas Theodos, Major New Jersey State Polce Mark Zadra, Chief of Investigations Florda Department of Law Enforcement
A-1
Public Safety Fusion Center Focus Group Participants

Richard Andrews, Senior Director Natonal Center for Crses and Contnuty Coordnaton Robert Belfiore, Chief Port Authorty of New York and New Jersey Grea Bevis, Bureau Chief Florda Department of Envronmental Protecton Kenneth A. Bouche, Colonel Illnos State Polce Michael Caldwell, M.D., M.P.H. Natonal Assocaton of County and Cty Health Officials Dutchess County, New York, Health Department John Cohen, Policy Advisor Massachusetts Executive Office of Public Safety Thomas Frazier, Executive Director Major Ctes Chefs Assocaton Donna Hunsaker, Ph.D. Kentucky Medcal Examner John Hunt, Major New Jersey State Polce Bart R. Johnson, Colonel New York State Polce Art Johnstone, Director Florda Department of Agrculture and Consumer Servces Clark Kimerer, Deputy Chief Seattle, Washngton, Polce Department Fred LaMontagne, Chief Portland, Mane, Fre Department Peter A. Modafferi, Chief Rockland County, New York, Dstrct Attorneys Office Thomas J. OReilly, Administrator New Jersey Office of the Attorney General Joseph M. Polisar, Chief Garden Grove, Calforna, Polce Department
Thomas J. Richardson, Captain Seattle, Washngton, Fre Department Mark Zadra, Chief of Investigations Florda Department of Law Enforcement
Freeman Mendell, First Assistant Informaton Technology Systems Laurence Mulcrone, Director of Security and Safety McCormck Place/Navy Per Colin Nurse, National Technology Officer, State and Local Government Mcrosoft Corporaton Thomas J. OReilly, Administrator New Jersey Office of the Attorney General Russell Porter, Assistant Director Iowa Department of Publc Safety Daniel Rattner, Principal D. M. Rattner and Assocates Richard Ryan, Assistant Deputy Director, Corporate Security Archer Danels Mdland Company Dan Sauvageau, Vice President Fdelty Investments Thomas Seamon, Chair Prvate Sector Lason Commttee Charman Internatonal Assocaton of Chefs of Polce
Private Sector Fusion Center Focus Group Participants

Richard Andrews, Senior Director Natonal Center for Crses and Contnuty Coordnaton Drew Arena, Assistant General Counsel for Legal Compliance Verizon Communications Roy Barnes, Manager General Motors Corporaton Earnest A. Blackwelder, Senior Vice President Busness Executve for Natonal Securty Kenneth A. Bouche, Colonel Illnos State Polce John Cohen, Senior Advisor Massachusetts Executive Office of Public Safety Michael Cohen, Deputy Regional Director Ctgroup Securty and Investgatve Servces Jack Faer, President Fdelty Investments Shawna French-Lind Wal-Mart Stores, Inc. Bart R. Johnson, Colonel New York State Polce Art Johnstone, Director Florda Department of Agrculture and Consumer Servces Lynne D. Kidder, Vice President Busness Executves for Natonal Securty Maurice McBride, Secretary and Attorney National Petrochemical and Refiners Assocaton Kathleen McChesney, Vice President The Walt Dsney World Company
A-2
Acknowledgements
Robert G. Beecher, Private Sector Liaison U.S. Department of Homeland Securty Daron Borst, Supervisory Special Agent Federal Bureau of Investgaton Tom Brozycki, Investigator Upstate New York Regonal Intellgence Center Hyuk Byun, Program Executive, Communications and Information Technology Natonal Insttute of Justce Scott Charbo, Chief Information Officer U.S. Department of Homeland Securty David Clopton, Ph.D. Natonal Insttute of Justce R. Scott Crabtree, Section Chief Federal Bureau of Investgaton Harvey Eisenberg, Coordinator Ant-Terrorsm Advsory Councl of Maryland Richard T. Garcia, Regional Security Advisor Shell Internatonal Donald J. Good, Unit Chief Federal Bureau of Investgaton Bob Greeves, Policy Advisor U.S. Department of Justce Corey Gruber, Director U.S. Department of Homeland Securty
Julie Hamilton DFI Government Servces Kelly Harris, Deputy Executive Director SEARCH, The Natonal Consortum for Justce Informaton and Statstcs Ronald P. Hawley, Executive Director SEARCH, The Natonal Consortum for Justce Informaton and Statstcs Matthew Jack, Supervisory Special Agent U.S. Department of Homeland Securty Richard Kelly, Director New Jersey State Polce Joseph Eric Kennedy, Deputy Director Liaison U.S. Department of Homeland Securty Harri J. Kramer U.S. Department of Homeland Securty Erin Lee, Senior Policy Analyst Natonal Governors Assocaton, Center for Best Practces Christopher Logan, Senior Policy Analyst Natonal Governors Assocaton, Center for Best Practces George Marenic U.S. Department of Homeland Securty Erik Miller Federal Bureau of Investgaton John Millican New Jersey State Polce John Morgan, Ph.D., Assistant Director for Science and Technology Natonal Insttute of Justce
Rodney A. Morgan, Jr., Unit Chief Federal Bureau of Investgaton Brady K. OHanlon, Program Manager U.S. Department of Homeland Securty Diane Pitts, Intelligence Analyst U.S. Department of Homeland Securty Richard Randall, Sheriff Kendall County, Illinois, Sheriffs Office Sue Reingold, Associate Director U.S. Department of Homeland Securty Robert Riegle, Executive Officer U.S. Department of Homeland Securty Diego Rodriquez, Unit Chief Federal Bureau of Investgaton Jeffrey Sands, Special Advisor U.S. Department of Homeland Securty Lane B. Scheiber, Ph.D. Insttute for Defense Analyses Dennis Schrader, Director Maryland Governors Office of Homeland Securty Kelly Tapp, Communications Manager U.S. Department of Justce Karen Waterman U.S. Department of Homeland Securty Colleen Wilson U.S. Department of Homeland Securty
A-3
A-4
Appendix B
Fusion Center CD Resources
Guideline 1The NCISP and the Intelligence and Fusion Processes

10 Smple Steps to help your agency become a part of the National Criminal Intelligence Sharing Plan HSACs Intelligence and Information Sharing Initiative: Homeland Security Intelligence and Information Fusion report Law Enforcement Intelligence: A Guide for State, Local, and Tribal Law Enforcement Law Enforcement Intellgence Unt (LEIU) Audt Checklst National Criminal Intelligence Sharing Plan report
Guideline 4Collaboration
Communty Collaboraton, www. communtycollaboraton.net
FBIs LEO Program, www.fb.gov/hq/cjsd/leo.htm Fnancal Crmes Enforcement Network (FnCEN), www.fincen.gov High Intensity Drug Trafficking Areas (HIDTA), www.whtehousedrugpolcy. gov/hdta/ndex.html Homeland Securty Informaton Network (HSIN), www.dhs.gov/ dhspublc/dsplay?content=3350 Internatonal Assocaton of Crme Analysts (IACA), www.aca.net Internatonal Assocaton of Law Enforcement Intellgence Analysts (IALEIA), www.alea.org Internatonal Crmnal Polce Organization (INTERPOL), www. usdoj.gov/usncb Law Enforcement Intellgence Unt (LEIU), www.leu-homepage.org/ ndex.php Natonal Crme Informaton Center (NCIC), www.fb.gov/hq/cjsd/ncc.htm Natonal Drug Intellgence Center (NDIC), www.usdoj.gov/ndc Natonal Whte Collar Crme Center (NW3C), www.nw3c.org and www. tranng.nw3c.org NletsThe Internatonal Justce and Publc Safety Informaton Sharng Network, www.nlets.org RISS Automated Trusted Informaton Exchange (ATIX), www.rssnfo.com/ rssatx.htm RISSNET, www.rssnfo.com
Guideline 5Memorandum of Understanding (MOU) and Non-Disclosure Agreement (NDA)

28 CFR Part 23 Sample MOU Arizona Counter Terrorism Information Center MOU Calforna Publc Records Exempton Canada Department of Defense (DOD) MOU Gudelnes DHS Non-Dsclosure Agreement, www.fas.org/sgp/othergov/dhs-nda.pdf Florda Statute 119.071 Freedom of Informaton Act, www. usdoj.gov/04foa Jont Terrorsm Task Force MOU Massachusetts Statute MOU Sample Template Rockland County Intellgence Center MOU Upstate New York Regonal Intellgence Center MOU
Guideline 2Mission Statement and Goals

A Staircase to Strategic Planning: Mission, The Communty Polcng Consortum, www.communtypolcng. org/msson.html
Guideline 3Governance
Bylaws Sample Template Board Gudelnes, www.mapnp.org/ lbrary/boards/boards.htm Global Justce Informaton Sharng Intatve Advsory Commttee Bylaws, http://t.ojp.gov/documents/ GACBylaws.pdf Parlamentary Procedures, www. rulesonlne.com
Guideline 6Database Resources

El Paso Intellgence Center (EPIC), www.usdoj.gov/dea/programs/epc. htm
B-1
Guideline 7Interconnectivity
A Critical Look at Centralized and Distributed Strategies for LargeScale Justice Information Sharing Applications (a whte paper prepared by the IJIS Insttute) A Framework for Justice Information Sharing: Service-Oriented Architecture (SOA), http://t.ojp. gov/documents/200409_Global_ Infrastructure_Report.pdf Global Justce XML Data Model (Global JXDM), www.t.ojp.gov/gjxdm Justce Informaton Exchange Model, www.search.org/programs/nfo/jem.asp Model Intellgence Database Polcy
Guideline 10Facility, Location, and Physical Infrastructure

Executve Orders 12068, 12958, and 13292 Regarding Classified Informaton FBI Securty Clearance and Frequently Asked Questons GSAs Facilities Standards for the Public Buildings Service IACP Police Facility Planning Guidelines: A Desk Reference for Law Enforcement Executives, www. acp.org/documents/pdfs/Publcatons/ ACF2F3D%2Epdf Natonal Insttute of Standards and Technology, Contngency Plan Template, http://csrc.nst.gov/ fasp/FASPDocs/contngency-plan/ contngencyplan-template.doc
Minimum Criminal Intelligence Training Standards for United States Law Enforcement and Other Criminal Justice Agencies, www.t.ojp.gov/ documents/mnmum_crmnal_ntel_ tranng_standards.pdf Natonal Whte Collar Crme Center (NW3C), www.nw3c.org
Guideline 14Intelligence Services and Products

DHSs National Response Plan, December 2004 Terrorism Protection Manual, FDLE, February 28, 2003
Guideline 8Privacy and Civil Liberties

Audt Checklst (LEIU), www.t.ojp.gov/ documents/LEIU_audt_checklst.pdf Globals Privacy and Information Quality Policy Development for the Justice Decision Maker, http://t.ojp. gov/documents/200411_global_ prvacy_document.pdf Natonal Crmnal Justce AssocatonJustice Information Privacy Guideline, www.ncja.org/pdf/ prvacygudelne.pdf Privacy and Civil Rights Policy Templates for Justice Information Systems Prvacy Polcy Sample Template Privacy Policy Development Guide
Guideline 15Policies and Procedures

28 CFR Part 23, www.r.com/28cfr/ Overvew.htm Evaluation Checklists for Intelligence Units, Paul R. Roger IACPs Criminal Intelligence Model Policy Law Enforcement Intellgence Unts (LEIU) Criminal Intelligence File Guidelines, http://t.ojp.gov/ documents/LEIU_Crm_Intell_Fle_ Gudelnes.pdf Justice Information Privacy Guideline, www.ncja.org/pdf/prvacygudelne.pdf Privacy Policy Development Guide, http://t.ojp.gov/documents/Prvacy_ Gude_Fnal.pdf
Guideline 11Human Resources

Law Enforcement Analytic Standards, http://t.ojp.gov/documents/law_ enforcement_analytc_standards.pdf Personnel Sample Checklst
Guidelines 12 and 13 Training of Center Personnel/ Multidisciplinary Awareness and Education

Counter-Terrorsm Tranng Coordnaton Workng Group (CTTWG) Web ste, www. counterterrorsmtranng.gov HSACs Intelligence and Information Sharing Initiative: Homeland Security Intelligence and Information Fusion report Homeland Securty Presdental Drectve 5 (HSPD-5), www. whtehouse.gov/news/ releases/2003/02/20030228-9.html Homeland Securty Presdental Drectve 8 (HSPD-8), www.fas.org/rp/offdocs/nspd/hspd8.html Internatonal Assocaton of Law Enforcement Intellgence Analysts (IALEIA), www.alea.org/ Internatonal Assocaton of Drectors of Law Enforcement Standards and Tranng (IADLEST), www.adlest.org/
Guideline 9Security
Applying Security Practices to Justice Information Sharing, http://t.ojp.gov/ documents/asp/ntroducton/ndex.htm Crtcal Infrastructure Informaton Act of 2002, www.dhs.gov/nterweb/ assetlbrary/CII_Act.pdf Natonal Insttute of Standards and Technology (NIST) template and example polces, http://csrc.nst. gov/fasp Safeguarding Classified and Sensitive But Unclassified Information, Reference Booklet for State, Local, Tribal, and Private Sector Programs, U.S. Department of Homeland Securty, May 2005
Guideline 16Center Performance Measurement and Evaluation

Office of Management and Budget, www.omb.gov Target Capabltes Lst, Verson 1.1, www.ojp.usdoj.gov/odp/docs/TCL1_ 1.pdf
Guideline 17Funding
Summary of Fundng Resources The U.S. Governments Official Web Portal, www.firstgov.gov
Guideline 18 Communications Plan

State and Local Guide (SLG) 101: Guide for All-Hazard Emergency Operations Planning, Chapter 4, http:// www.fema.gov/pdf/plan/4-ch.pdf
B-2
Organization Links
CopNet, www.copnet.org Defense Informaton Systems Agency, www.dsa.ml FBI Terrorsm Informaton, http://www. fb.gov/terrornfo/counterrorsm/ waronterrorhome.html Internatonal Assocaton of Crme Analysts (IACA), www.aca.net Internatonal Assocaton of Law Enforcement Intellgence Analysts (IALEIA), www.alea.org Integrated Justce Informaton Systems Insttute, www.js.org
Natonal Assocaton of Countes, www.naco.org Natonal Assocaton of State Chef Information Officers, www.nasco.org Natonal Governors Assocatons Project on Justce Informaton Sharng, www.nga.org Office of Management and Budget, www.omb.gov Office of Justice Programs, U.S. Department of Justce, www.t.ojp.gov Regonal Informaton Sharng Systems, www.rssnfo.com
SEARCH, The Natonal Consortum for Justce Informaton and Statstcs, www.search.org Terrorsm Research Center, www.terrorsm.com U.S. Department of Defense News, www.defendamerca.ml U.S. Department of Homeland Securty, www.dhs.gov U.S. Department of Justce, www.justce.gov U.S. Department of State, www.state.gov/s/ct
B-3
B-4
Appendix C
Functional Categories
Collaboraton and ntegraton are key to the success of fuson centers. The Publc Safety and Prvate Sector Fuson Center Focus Groups (FCFGs) developed overarchng functonal categores composed of the dfferent enttes that make up these components. The categores are not comprehensve but provde a startng pont for fuson centers to utilize when integrating the dfferent facets of law enforcement, publc safety, and the prvate sector. Indvdual fuson centers should dentfy the crtcal enttes wthn ther partcular jursdcton to ncorporate nto the center. The categores nclude: Agrculture, Food, Water, and the Envronment Bankng and Fnance Chemical Industry and Hazardous Materals Crmnal Justce Educaton Emergency Servces (Non-Law Enforcement) Energy Government Health and Publc Health Servces Hosptalty and Lodgng Informaton and Telecommuncatons Mltary Facltes and Defense Industral Base Postal and Shppng Prvate Securty Publc Works Real Estate Retal
Socal Servces Transportaton
Informaton receved from these categores and assocated enttes should be used for threat and crme preventon. Applcable local, state, and federal laws should be followed when nformaton s provded to fuson centers. In addton, ths nformaton may be used for crmnal investigations with an identified criminal predcate.
Lsted below are varous enttes that fuson centers should consder for ntegraton. U.S. Department of Agrculture (USDA), www.usda.gov/ U.S. Department of Health and Human Servces, www.hhs.gov U.S. Envronmental Protecton Agency, www.epa.gov State agrculture departments Food/water producton facltes (farm/ ranch/preharvest) Food/water processng facltes Grocery stores/supermarkets Restaurants Informaton Sharng Analyss Centers (ISAC) Agrculture Food Water Food and Agrculture Sector Coordnatng Councl
Agriculture, Food, Water, and the Environment

Ths category s composed of enttes that focus on the food and water supply chan, from the rasng/producton of food and water to the dstrbuton to consumers. Enttes wthn ths category can provde fuson centers wth a varety of strategc and tactcal nformaton. It may nclude crtcal nfrastructure nformaton regardng the locaton of agrculture-related enttes, ncludng the locaton of lvestock and processng plants, as well as types of chemcals used at processng plants and how they are stored; the locaton of water storage facltes and suspcous actvty surroundng these facltes; and any unusual tamperng of food products. In addton, these enttes can provde fuson centers wth nformaton regardng suspcous ncdents that may occur relatng to agrculture and agrculturalrelated crme trends. Subject-matter experts can provde fuson centers wth resources and expertse when agricultural-related threats are identified.
Banking and Finance

This category is composed of financial enttes, ncludng banks, nvestment firms, credit companies, and governmentrelated financial departments. Entities wthn ths category can provde fuson centers wth nformaton related to the bankng ndustry, ncludng suspcous actvty, crtcal nfrastructure nformaton, and crme trends (e.g., fraud, dentty theft, and suspcous actvty reports). Enttes wthn ths category may also provde fuson centers wth tactcal nformaton, ncludng nformaton to ad
C-1
n ongong crmnal nvestgatons, e.g., account nformaton and credt hstory (with applicable legal authorization). The enttes nclude: U.S. Department of the Treasury, www.ustreas.gov Fnancal Crmes Enforcement Network (FnCEN), www.fincen.gov State financial departments Bankng companes Investment companes Credt card companes Credt report companes Securities firms Fnancal servces ISAC Fnancal Servces Sector Coordnatng Councl www.fsscc.org/
www.amercanchemstry.com Pharmaceutcal companes
U.S. Secret Servce U.S. Postal Inspecton Servce U.S.P.S. Office of Inspector General
Criminal Justice
These are components of local, state, trbal, and federal governments and are responsble for the management of crmnal convcton, ncarceraton, reform, and rentegraton (.e., law enforcement, courts, and correctons). Ths category can provde fuson centers wth a varety of nformaton, ncludng crme trends and threat assessments. In addton, ths component can provde bookng photos, bographcal nformaton, and hstorcal crmnal actvty regardng persons, businesses, and organizations. Criminal justce enttes can provde fuson centers wth strategc and tactcal nformaton and ntellgence. The followng s a complaton of organizations that should be considered when ntegratng the crmnal justce sector nto fuson centers. Ths lst s not exhaustve but should be used as a foundaton. Also provded are examples of the types of nformaton avalable to share. The enttes nclude: Law Enforcement Agencies: Can provde fuson centers wth a varety of nformaton, ncludng crme trends, drug and threat assessments, case nformaton (volent crme, economc crme, narcotcs, and terrorism), seizure information, and crmnal actvty, both hstorcal and current, on persons, busnesses, organizations, and locations. Local law enforcement Cty and county College and unversty polce departments State law enforcement Hghway patrol State agences wth nvestgatons bureaus Trbal law enforcement Federal law enforcement Federal Bureau of Investgaton U.S. Marshals Servce U.S. Drug Enforcement Admnstraton Bureau of Alcohol, Tobacco, Frearms and Explosves U.S. Immgraton and Customs Enforcement
Court System: Can provde nformaton on crmnal cases, crmnal hstory, dspostons, and bographcal nformaton on targets.
County clerk of courts Crmnal justce nformaton systems U.S. courts
Corrections Agencies: Can provde fuson centers wth bookng photos, last known addresses, gang nformaton, names of assocates and relatves (vstors), and bographcal nformaton. County jal State prson system Federal Bureau of Prsons
Chemical Industry and Hazardous Materials

Ths category s composed of enttes that are responsble for the producton, storage, transportaton, and delvery of chemicals and other hazardous materals. These enttes may provde fuson centers wth nformaton on types of chemicals and hazardous materials, how chemicals and hazardous materials may affect a contamnated area, suspcous actvty relatng to the chemcal ndustry or hazardous materials, and critical nfrastructure nformaton. The enttes nclude: U.S. Envronmental Protecton Agency (EPA), www.epa.gov U.S. Department of Transportatons Pipeline and Hazardous Materials Safety Admnstraton (PHMSA), www.phmsa.dot.gov/ State envronmental departments (e.g., Natural Resources and Envronmental Protecton) Fre departments and/or local hazardous material response agences Chemcal ndustry Chemtrec: 24/7 Emergency Communcatons Center for the chemcal ndustry Chemcal ndustry ISAC National Petrochemical and Refiners Assocaton, www.npradc.org/ Amercan Chemstry Councl,
Probation and Parole Agencies: Can provde nformaton regardng employment nformaton of suspects and current addresses of suspects. Probation officers Parole board
Education
Ths category s composed of organizations and businesses that are responsble for the educaton of chldren and adults. Enttes wthn ths component can provde fuson centers wth nformaton regardng suspcous actvtes occurrng on and around school grounds, as well as nformaton on crtcal nfrastructure and assocated rsk assessments. In addton, n the event of a terrorst ncdent or crme relatng to schools, t s mportant for fuson centers to have establshed partnershps to ad n communication and information flow. The enttes nclude: Day care centers Preschools Prmary and secondary schools Postsecondary schools Colleges and unverstes Techncal schools
C-2
Emergency Services
(Non-Law Enforcement) Enttes wthn ths category are components of local, state, trbal, and federal governments and are responsble for the protecton and safety of lves and property wthn a jursdcton. Commonly one of the first responders to an incident, the Emergency Medcal Servces category can provde both strategc and tactcal nformaton. Below s a lst of emergency servces enttes; ths lst s not comprehensve but provdes fuson centers wth a foundaton to buld on. The enttes nclude: Fire: Can provde assessments on types of fires, how specific fires are started, and ongoing fire investigation information. Local fire departments Private fire departments U.S. Fre Admnstraton, www.usfa.fema.gov U.S. Fre Marshal Forestry departments
Civil Air Patrol: Can offer a varety of servces, ncludng homeland securty mssons, counterdrug mssons, and search-and-rescue operatons. Health: Dependng on the ncdent (e.g., whte powder ncdents), health department representatves may take part n response efforts. See the Health and Publc Health Servces category for addtonal health nformaton.
Motor Vehicle Administration: Can provde tactcal nformaton to fuson centers regardng drvers lcense nformaton, motor vehcle regstraton, vehicle body files, and suspicious nformaton concernng attempts to obtan drvers lcenses. Parks and Recreation Departments: Can provde nformaton regardng suspcous actvty n and around local parks. U.S. Division of Forestry: Can provde nformaton regardng suspcous actvtes wthn a natonal park nvolvng persons, vehicles, and fires.
Energy
Ths category contans enttes that focus on the development and dstrbuton of energy-related products. These enttes can provde strategc and tactcal nformaton, ncludng crtcal nfrastructure nformaton, rsk assessments, and suspcous ncdents. Ths lst s not comprehensve, and the energy component should be evaluated n each jursdcton to determne fuson center needs. The enttes nclude: U.S. Department of Energy, www.energy.gov Nuclear power plants Electrcty companes Utltes Ol companes Natural gas companes North Amercan Electrc Relablty Councl
Health and Public Health Services

These enttes are composed of local, state, trbal, and federal government agences and the prvate sector and are responsble for protectng and mprovng the health of citizens. The following is a compilation of organizations that should be consdered when ntegratng the health servces sector nto fusons centers. Ths lst s not exhaustve but should be used as a foundaton for collaboraton. Ths category can provde strategc and tactcal nformaton. In addton, these enttes have access to nformaton regardng crtcal health servces wthn a certan communty or natonwde. Ths nformaton can dentfy the readness of a gven area to respond to a safety threat. Health servces agences may also provde nformaton to fuson centers regardng prescrpton drug trends, dsease outbreaks, and vtal statstcs nformaton. Agences wthn ths category also montor and track medcne and vaccne supples and are capable of dentfyng gaps n avalablty. A varety of these agences should be consdered for partcpaton n certan fuson center stuatons. For example, n rural areas, veternary hosptals may be the only medcal facltes avalable. In tmes of crses, many of these hosptals wll be capable of servng as trage centers. The veternary professon s also a crtcal lnk to the health and productvty of animal agriculture, including the fight aganst agroterrorsm. The enttes nclude:
Emergency Medical Services (EMS): Can provde nformaton regardng types of njures occurrng at an ncdent and suspcous actvty that EMS techncans may observe while performing official dutes. Local fire departments Hosptal Prvate EMS servces
Government
Ths category s composed of enttes that enable the government to carry out its official duties, including licensing and regulaton of enttes (people, busnesses, and organizations). These entities vary but should be consdered for ncluson nto fuson centers. The followng lst s not exhaustve, and the fuson center should determne what enttes to nclude. Game and Fish: Can provde fuson centers wth nformaton on suspcous actvty as t relates to boatng, such as nformaton regardng crmnal nvestgatons (e.g., drug nterdcton and vessel identification). Government Administration: Can provde varous types of nformaton pertanng to tax and ttle, crtcal nfrastructure, emergency plannng, and cvl records, ncludng property appraser, mortgages, deeds, and cvl suts.
Hazardous Materials: Can provde nformaton on dfferent types of hazardous materials and hazardous materal splls, as well as ncdent and operatons data. Local fire departments Envronmental Protecton Agences U.S. Department of Transportaton, Office of Hazardous Materials Safety, http://hazmat.dot.gov/ Private hazardous material contractors
Emergency Management: Can provde nformaton on locaton of crtcal infrastructure, notifications of declared emergences, and threat assessments. Emergency management drectors Federal Emergency Management Agency
C-3
Health Departments: Can provde nformaton on dsease trends, local dsease outbreaks, and vtal statstcs. Local and state health departments U.S. Department of Health and Human Servces, www.hhs.gov
Center for Veternary Medcne, www.fda.gov/cvm/default.html
Federal Communcatons Commsson (FCC) Telecommuncatons companes Wreless Hard-lne
Hospitality and Lodging

These enttes focus on sports, entertanment, toursm, and recreaton. Enttes wthn ths category may provde nformaton regardng suspcous persons or actvty, crtcal nfrastructure nformaton, nvestgatve nformaton (e.g., access to Closed Crcut Televson [CCTV]), and trends n crme-related actvty. The enttes nclude: Gamng ndustry Sports authorty Sportng facltes Amusement parks Cruse lnes Hotels, motels, and resorts Conventon centers
Cyber Security Informaton Technology ISAC Research and Educaton Networkng ISAC Mult-State ISAC Unted States Computer Emergency Readness Team (US-CERT), www.us-cert.gov Natonal Cyber Securty Dvson (NCSD) Law Enforcement and Intellgence Branch
Hospitals: Can provde nformaton regardng suspcous ncdents and patent nformaton. In addton, hosptals are vtal n response efforts to gauge types of njures, total number njured, and hosptal capacty. Disease Control: Can provde dsease assessments, nformaton regardng dsease outbreaks, and nformaton on laboratores that can assst wth response and recovery efforts. Local and state health departments Centers for Dsease Control and Preventon (CDC), www.cdc.gov
Military Facilities and Defense Industrial Base

These enttes may provde mltary expertse, crtcal nfrastructure nformaton, and nformaton relatng to response efforts and suspcous ncdents around mltary bases. Ths category ncludes: Military Base Security: Can provde nformaton relatng to suspcous ncdents that occur on and around mltary bases, nformaton on persons who have attempted to gan access to the base wthout permsson, and crtcal nfrastructure nformaton. National Guard: Can provde nformaton regardng crtcal nfrastructure, rsk assessments concernng mltary enttes, and nformaton related to weapons of mass destructon (WMD). Defense Contractors: Companes provdng products and servces to support mltary operatons.
Food Safety: Can provde nformaton regardng food and waterborne dseases, ncludng reportng of suspcous ncdents and nvestgatve efforts. Health departments Centers for Dsease Control and Preventon, www.cdc.gov/ foodborneoutbreaks/ U.S. Department of Agrculture, www. fss.usda.gov/Fact_Sheets/ndex.asp
Information and Telecommunications

Ths category s composed of the nformaton technology and communcatons-related ndustry, ncludng computer operatng systems, hardware and software companes, Internet servce provders, and telephone companes. Ths category can provde a varety of nformaton. Informaton technology enttes can provde expertse and nformaton on computer trends, ncludng vruses, computer-hackng ncdents, and cyber securty ntatves. Telecommuncatons enttes can provde nformaton on crtcal nfrastructure, suspcous ncdents, and ongong case support with proper authorization. These enttes nclude: Information Technology State technology offices InfraGard, www.nfragard.net/ Computer and software companes IT Sector Coordnatng Councl Meda transmsson towers Communcatons Infrastructure Sector Coordnatng Councl
Medical Examiners/Death Investigators: Can provde nformaton regardng suspcous deaths, types of death, and causes of death. Mental Health Facilities: Can ad n response and recovery efforts. Pharmaceutical: Can provde stockple nformaton and nformaton relatng to crtcal nfrastructure and suspcous actvty surroundng chemcal plants. Primary Care Physicians: Can provde nformaton regardng suspcous njures and dseases and bographcal nformaton. Veterinary: Can provde nformaton relatng to suspcous actvtes regardng dsease outbreaks n anmals and can ad n response efforts.
Postal and Shipping

Ths category conssts of enttes whose prmary responsblty s the delvery of mal and packages, from both a publc and prvate perspectve. The Postal and Shppng category can provde tactcal and strategc nformaton regardng types of mal-outs prvate companes are dstrbutng that may look suspcous, suspcous packages that are beng maled out, and ongong crmnal investigations. The post office can, with proper authorization, provide information
Communications
Telecommunication Internet servce provders Electronc mal provders
C-4
to fuson centers about the types of mal that are beng sent to target homes or busnesses. The enttes nclude: U.S. Post Office Shppng companes
Private Security
When establshng a fuson center, prvate securty enttes should be consdered because they may be able to provde crtcal nfrastructure nformaton, suspcous actvty reports, and busness contnuty plans. The enttes nclude: Corporate security offices Prvate securty companes Alarm companes Armored car companes Investigative firms
dstrbuton centers, and onlne stores. These enttes may provde nformaton on suspcous actvty n and around the shopping complex, identification of vulnerabltes assocated wth the complex, crtcal nfrastructure nformaton, and nvestgatve leads, ncludng CCTV nformaton. The enttes nclude: Malls Retal stores Shoppng centers
lst s not exhaustve but should be used as a foundaton. Ths category can provde access to nformaton regardng the varous transportaton corrdors throughout the Unted States. Further, t can offer both strategc and tactcal nformaton that can be ncorporated nto the ntellgence and fuson processes. Transportatonrelated agences can dentfy the rsks and vulnerabltes of potental target areas, such as roads and ralways that have direct access to hazardous waste sites and ports that house nformaton on the types of shps that are docked and the cargo they carry. The enttes nclude: Aviation: Can provde nformaton regardng arport crtcal nfrastructure, suspcous actvty, tems that have been confiscated, accident analyses, and types of cargo that are beng shpped. Transportaton Securty Admnstraton (TSA), www.tsa.gov Office of Aviation Safety (Component of Natonal Transportaton Safety Board [NTSB]), www.ntsb.gov Federal Avaton Admnstraton (FAA), www.faa.gov Avaton Safety Reportng System (ASRS), http://asrs.arc.nasa.gov/ State department of transportaton State aeronautcs commsson Arport authorty Commercal arlne carrers Prvate shppng companes (e.g., FedEx and UPS)
Social Services
These enttes are composed of local, state, trbal, and federal government agences and the prvate sector and are responsble for provdng servces that help mprove peoples standard of lvng. Ths category can provde nformaton regardng the functon and responsbltes of many avalable programs and servces. Socal servce agences can be the source of a varety of nformaton, ncludng welfare fraud. These programs and servces can provde communty support, educaton, and plannng assstance n preparaton for and response to a potental terrorst attack. The enttes nclude: State and Child Welfare: Can provde nformaton regardng welfare fraud, electronic benefits transfer fraud, bographcal nformaton on targets of nvestgatons and, wth proper authorization, employment-related nformaton on targets. U.S. Department of Health and Human Servces Department of Chldren and Famles
Public Works
These enttes are responsble for nfrastructure created for publc use. Enttes wthn ths category may provde nformaton regardng suspcous actvty and crtcal nfrastructure, as well as subject-matter experts who may help dentfy rsks assocated wth publc works. The enttes nclude: State department of transportaton Water management dstrcts Santaton Waste management Road constructon companes
Real Estate
These enttes focus on the real estaterelated ndustry. Enttes wthn ths category can provde nformaton regardng suspcous actvtes (e.g., suspicious fires, persons, and activities) and ongong case-related nformaton wth proper authorization. The entities include: Apartment facltes Faclty management companes Housng authortes Real Estate ISAC
Mental Health Facilities: Can ad n response and recovery efforts.
Highway: Can provde nformaton on critical infrastructure, traffic crashes, nterdcton efforts, llegal products that have been seized, and cargo information. Federal Hghway Admnstraton (FHWA), www.fhwa.dot.gov Federal Motor Carrer Safety Admnstraton (FMCSA), www.fmcsa. dot.gov National Highway Traffic Safety Admnstraton (NHTSA), www.nhtsa. dot.gov Office of Highway Safety (Component of NTSB), www.ntsb.gov/Surface/ hghway/hghway.htm State department of transportaton Turnpke authorty Publc transt
Transportation
Each level of government (local, state, trbal, and federal) and the prvate sector have transportaton enttes whose responsbltes nclude avaton, ral, publc transportaton, hghway, and martme servces. Both governmental and prvate transportaton enttes should be consdered when jursdctons are establshng a fuson center. The following is a compilation of organizations that should be consdered when ntegratng the transportaton sector. Ths
Retail
These companies and organizations are nvolved n the retal ndustry; ths can nclude shoppng malls, wholesale stores,
C-5
Maritime: Can provde nformaton on port crtcal nfrastructure, vessel nformaton, cargo nformaton, suspcous activity, and contraband seizures. U.S. Coast Guard, http://www.uscg. ml/USCG.shtm Martme Admnstraton (MARAD), www.marad.dot.gov/ndex.html Sant Lawrence Seaway Development Corporaton (SLSDC), www.seaway. dot.gov Office of Marine Safety (Component of NTSB), www.ntsb.gov/surface/marne/ marne.htm Port authorty Ports councl Brdge and tunnel authorty Harbor master and/or commander
Rail: Can provde nformaton on crtcal nfrastructure (e.g., the locaton of ral lnes) and types of cargo beng shpped, including hazmat information. Various prvate sector ral enttes also have law enforcement components. Federal Ralroad Admnstraton (FRA), www.fra.dot.gov Federal Transt Admnstraton (FTA), http://transt-safety.volpe.dot.gov Surface Transportaton Board (STB), www.stb.dot.gov Office of Railroad, Pipeline, and Hazardous Materials Safety (Component of NTSB), www.ntsb. gov/ralroad/ralroad.htm State department of transportaton Ral authorty Amercan Ralroad Assocaton
C-6
Appendix D
HSAC Homeland Security Intelligence and Information Fusion Report April 28, 2005
U.S. Department of Homeland Securty Homeland Securty Advsory Councl Intellgence And Informaton Sharng Intatve: Homeland Securty Intellgence & Informaton Fuson Joseph J. Grano, Jr. Charman Homeland Securty Advsory Councl William H. Webster Vce Charman Homeland Securty Advsory Councl Daniel J. Ostergaard Executve Drector Homeland Securty Advsory Councl Mitt Romney Charman Intellgence & nformaton Sharng Workng Group John Cohen Executve Drector Intellgence & nformaton Sharng Workng Group Michael J. Miron Drector Intellgence & nformaton Sharng Workng Group
and how they operate, how they are supported, the targets the enemes ntend to attack, and the method of attack they ntend to use. Ths nformaton should serve as a gude for efforts to: Identfy rapdly both mmedate and long-term threats; Identfy persons nvolved n terrorsmrelated actvtes; and Gude the mplementaton of nformaton-drven and rskbased preventon, response, and consequence management efforts.
Terrorsm-related ntellgence s derved by collecting, blending, analyzing, and evaluatng relevant nformaton from a broad array of sources on a contnual bass. There s no sngle source for terrorsmrelated nformaton. It can come through the efforts of the ntellgence communty; Federal, State, trbal, and local law enforcement authortes; other government agences (e.g., transportaton, healthcare, general government), and the prvate sector (e.g., transportation, healthcare, financial, Internet/nformaton technology). For the most part, terrorsm-related nformaton has tradtonally been collected outsde of the Unted States. Typcally, the collecton of ths type of nformaton was vewed as the responsblty of the ntellgence communty and, therefore, there was lttle to no nvolvement by most State and local law enforcement enttes. The attacks of September 11, 2001, however, taught us that those wantng to commt acts of terrorsm may lve n our local communtes and be engaged n
crmnal and/or other suspcous actvty as they plan attacks on targets wthn the Unted States and ts terrtores. Important ntellgence that may forewarn of a future attack may be derved from nformaton collected by State, trbal, and local government personnel through crme control and other routne actvtes and/or by people lvng and workng n our local communtes. Successful counterterrorsm efforts requre that Federal, State, trbal, local, and prvatesector enttes have an effectve nformaton sharng and collaboraton capablty to ensure they can seamlessly collect, blend, analyze, disseminate, and use nformaton regardng threats, vulnerabltes, and consequences n support of preventon, response, and consequence management efforts. The Presdent and the U.S. Congress have drected that an nformaton sharng envronment (ISE) be created n the next two years to facltate nformaton sharng and collaboraton actvtes wthn the Federal Government (horizontally) and between Federal, State, trbal, local, and prvate-sector enttes (vertcally). The concept of ntellgence/nformaton fuson has emerged as the fundamental process (or processes) to facltate the sharng of homeland securty-related nformaton and ntellgence at a natonal level, and, therefore, has become a gudng prncple in defining the ISE.
Background
Effectve terrorsm-related preventon, protecton, preparedness, response, and recovery efforts depend on tmely, accurate, and actonable nformaton about who the enemes are,61 where
61 Includng ther capabltes, ntentons, strengths, weaknesses.
D-1
Homeland Security Intelligence/Information Fusion

Homeland securty ntellgence/ nformaton fuson s the overarchng process of managing the flow of nformaton and ntellgence across levels and sectors of government and the prvate sector to support the rapid identification of emergng terrorsm-related threats and other crcumstances requrng nterventon by government and prvate-sector authortes. It s more than the one-tme collecton of law enforcement and/or terrorsm-related ntellgence nformaton and t goes beyond establshng an ntellgence center or creatng a computer network. Intellgence fuson s a clearly defined, ongoing process that involves the delneaton of roles and responsbltes; the creaton of requrements; and the collecton, blendng, analyss, tmely dssemnaton, and reevaluaton of crtcal data, nformaton, and ntellgence derved from the followng: Autonomous ntellgence and nformaton management systems (techncal and operatonal) establshed to support the core mssons of ndvdual Federal, State, local, trbal, and government enttes; General publc; and Prvate-sector enttes.
and trends that may be ndcatve of an emergng threat condton. Although the prmary emphass of ntellgence/ nformaton fuson s to dentfy, deter, and respond to emergng terrorsm-related threats and risks, a collateral benefit to State, trbal and local enttes s that t wll support ongong efforts to address nonterrorsm related ssues by: Allowng State and local enttes to better dentfy and forecast emergng crme, publc health, and qualty-of-lfe trends; Supportng targeted law enforcement and other multdscplnary, proactve, rsk-based and communty-focused, problem-solvng actvtes; and Improvng the delvery of emergency and nonemergency servces. Effectve ntellgence/nformaton fuson requres the followng: The use of common termnology, definitions, and lexicon by all stakeholders; Up-to-date awareness and understandng of the global and domestc threat envronment; A clear understandng of the lnks between terrorsm-related ntellgence and nonterrorsm-related nformaton (e.g., flight school training, drug trafficking) so as to identify those actvtes that are precursors or ndcators of an emergng threat; Clearly defined intelligence and nformaton requrements wth the Federal ntellgence communty that prioritize and guide planning, collecton, analyss, dssemnaton, and reevaluaton efforts; Identfyng crtcal nformaton repostores62 and establshng the processes, protocols, procedures, and techncal capabltes to extract nformaton and/or ntellgence from those repostores; Relance on exstng nformaton pathways and analytc processes as ssble;
All-hazards and all-crimes approach to defining information collection, analyss, and dssemnaton; Clear delneaton of roles, responsbltes, and requrements of each level and sector of government nvolved n the fuson process; Understandng and elmnaton of mpedments to nformaton collecton and sharng (.e., t should be a prorty for the Federal Government to provde State, local, and trbal entities unclassified terrorism-related nformaton/ntellgence so that t can be ntegrated nto statewde and/or local fuson efforts); Capacty to convert nformaton nto operatonal ntellgence; Extensve and contnuous nteracton wth the prvate sector and wth the publc at large; Connectvty (techncal and/or procedural) wth crtcal ntellgence streams, analyss centers, communcaton centers, and nformaton repostores at all levels of classification as necessary; Extensve partcpaton of subjectmatter experts (SMEs) n the analytcal process; and Capacty and commtment to ensure aggressve oversght and accountablty so as to protect aganst the nfrngement of consttutonal protectons and cvl lbertes.
The fuson process s a key part of our natons homeland securty efforts. Ths process supports the mplementaton of rsk-based, nformaton-drven preventon, response, and consequence management programs. Smultaneously, t supports efforts to address mmedate and/or emergng, threat-related crcumstances and events. Although the collecton, analyss, and dssemnaton of terrorsmrelated ntellgence s not the sole goal of the fuson process, one of the prncpal outcomes should be the identification of terrorsm-related leadsthat s, any nexus between crme-related and other nformaton collected by State, local, trbal, and prvate enttes and a terrorist organization and/or attack. The fuson process does not replace or replicate mission-specific intelligence and nformaton management processes and systems. It does, however, leverage nformaton and ntellgence developed through these processes and systems to support the rapid identification of patterns
Participants in the Fusion Process

To some degree, the fuson process nvolves every level and sector (dscplne) of government, the prvate-sector, and the publc. The level of nvolvement from these partcpants wll vary based on specific circumstances. Some disciplines, such as law enforcement, represent a core component of the fuson process because of the relatonshp between crme and because, n many cases, law enforcement authortes are best-suted to coordnate statewde and local fuson efforts. Mnmally, the fuson process should be organized and coordinated on a statewde level and each State should establsh and mantan an analytc center to facltate the fuson process. Each major urban area (as defined by the Urban Area Securty Intatve [UASI] program) may want to establsh a smlar capacty ensurng t s nterlnked wth the
62 These repostores are not lmted to those mantaned by law enforcement enttes. For example, crtcal nformaton may be contaned n systems supportng medcal examners (unattended death), publc health enttes, emergency rooms (nformaton smlar to the Drug Abuse Warnng Network program), envronmental regulatory nspectors, transportaton enttes, housng nspectors, health nspectors, buldng code nspectors, etc.
D-2
fuson process establshed by the State. Other localtes, trbal governments, and even prvate-sector enttes should develop a process to nterlnk and partcpate n these statewde (or UASI) fuson efforts. The publc should be engaged through publc educaton programs that descrbe what they should look for and what to do f they observe suspcous actvtes or crcumstances. Efforts should be organized and managed on a geographc bass and scalable so adjustments can be made based on changes n the operatng and/or threat envronment. Whle natonal standards and gudelnes should gude the institutionalization of the process, the actual technologcal nfrastructure and operatonal protocols used by ndvdual jursdctons should be based on the management structure, specific needs, and capabltes of each ndvdual jursdcton.
Define collection requirements based on results of rsk assessments. Identfy the crcumstances or events (e.g., crme, publc health) that represent ndcators and/or precursors of threats. Identfy the sources and/or repostores of data and nformaton regardng ndcators and precursors. Identfy the exstng capacty to collect key nformaton from exstng sources. Identfy collecton gaps and mtgate. Define public education, and other actvtes necessary to enhance stuatonal awareness by the publc. Develop tranng for front lne law enforcement and other personnel so that they can better dentfy suspcous actvtes that may represent plannng and/or operatonal actvty by terrorst group. Ensure a mechansm exsts to support reportng of collected nformaton (e.g., 9-1-1, tplne, Internet, connectvty to key nformaton systems). Identfy regulatory, statutory, prvacy, and/or other ssues that mpede collecton and sharng of nformaton. Develop (n partnershp wth private-sector officials) detailed knowledge of vulnerabltes and consequence n the prvate sector to possble terrorst attacks to assess the lkelhood of attack, the lkely methods of attack, the lkely equpment and substances used to carry out such an attack, and dentfy plannng actvtes. Collection Communcate collecton requrements to relevant State, trbal, local, and prvate-sector enttes. Implement stuatonal awareness actvtes (e.g., tranng, publc educaton). Mtgate mpedments to collecton. Compile classified and unclassified data, information and
ntellgence generated by people and organizations. Serve as the 24/7/365 ntal pont of contact for nformaton provded by the U.S. Department of Homeland Securty, Department of Defense, Department of Justce, Federal Bureau of Investgaton, and other Federal enttes (va telephone calls, Homeland Securty Informaton Network/Jont Regonal Informaton Exchange System, LEO, e-mal bulletns, VTC, fax) for the recept of the followng: Immediate threat-specific information (classified and unclassified) Long-term threat information (classified and unclassified) Tactics and methods used by terrorists (classified and unclassified) Integrate wth other reportng systems (e.g., 9-1-1, 3-1-1), and establsh and mantan further, easy-to-use capablty for the publc reportng of suspcous actvty n conjuncton wth the Jont Terrorsm Task Force (e.g., nternet, toll-free tplne). Establsh a process to dentfy and track reports of suspcous crcumstances (e.g., preoperatonal survellance, acquston of tems used n an attack). Analysis Blend data, nformaton, and ntellgence receved from multple sources. Reconcile, deconflict data, and valdate as to credblty of data, nformaton and ntellgence receved from collecton sources. Evaluate and analyze data and nformaton usng SMEs. Identify and prioritize the risks faced by the jursdcton (e.g., State, local). Produce value-added ntellgence products that can support the development of performancedrven, rsk-based preventon, response, and consequence management programs. Identify specific protective measures to dentfy and dsrupt
Stages of the Fusion Process

Fuson s cyclcal process that ncludes the followng stages and actvtes: Management/Governance Define a management structure (e.g., who s n charge, what entty wll manage and coordnate daly actvtes). Identfy core (permanent) and ad hoc stakeholders. Desgn a governance structure advsory commttee (multdscplnary and multlevel of government). Define goals and objectives. Develop a process to define nformaton and ntellgence collecton requrements. Develop the process and necessary memorandums of understandng to communcate requrements. Planning and Requirements Development Conduct (and update frequently) a comprehensve and compatble rsk assessment (threat, vulnerablty, and consequence). Identfy patterns and trends reflective of emerging threats.
D-3
potental terrorst attacks durng the plannng and early operatonal stages. Dissemination, Tasking, and Archiving Identfy those enttes and people (e.g., officials, executives) responsble for developng and mplementng preventon, response, and consequence management (publc and prvate) efforts. Provde relevant and actonable ntellgence n a tmely manner to those enttes responsble for mplementng preventon, response, and consequence management efforts (publc and prvate sector). Archve all data, nformaton, and ntellgence to support future efforts. Support the development of performance-based preventon, response, and consequence management measures. Establsh the capacty to track performance metrcs assocated wth preventon, response, and consequence management efforts. Provde feedback to nformaton collectors. Reevaluation Track the achevement of preventon, response, and consequence management program performance metrcs so as to evaluate mpact on the rsk envronment. Update threat, vulnerablty, and consequence assessments so as to update the rsk envronment.
Assess effectveness of natonal (.e., Federal, State, trbal, and local) ntellgence and nformaton collecton requrements process. Modification of Requirements Modfy collecton requrements as necessary. Communicate modifications in a tmely manner.
Fusion Group SubjectMatter Experts

Kenneth Bouche, Colonel, State Polce, Illnos Dan Cooney, Captan, State Polce, New York George Foresman, Homeland Securty Advsor, Vrgna Bart Johnson, Leutenant Colonel, State Polce, New York Fred LaMontagne, Fre Chef, Mane Pete Modaffer, Chef of Detectves, Rockland County, New York Steve McGraw, Homeland Securty Advsor, Texas Jm McMahon, Homeland Securty Advsor, New York Tom OReilly, Office of the Attorney General, New Jersey Russ Porter, Assstant Drector, Department of Publc Safety, Iowa Mark Zadra, Chief of Investigations, Office of Statewde Intellgence, Florda Department of Law Enforcement
Intelligence and Information Sharing Working Group Members

Char, Governor Mtt Romney (Homeland Securty Advsory Councl [HSAC]) Chuck Canterbury (HSAC) Frank Clluffo (HSAC) Major General Bruce Lawlor (Retred) (HSAC) Mayor Patrck McCrory (HSAC) Lyda Thomas (HSAC) Mayor Karen Anderson (State and Local Senor Advsory Commttee [SLSAC]) James Dunlap (SLSAC) Don Knabe (SLSAC) Peggy Merrss (SLSAC) Karen Mller (SLSAC) Mayor Donald Plusquellc (SLSAC) Mchael Carona (Emergency Response Senor Advsory Commttee [ERSAC]) Frank Cruthers (ERSAC) Ellen Gordon (ERSAC) Phllp Keth (ERSAC) Paul Manscalco (ERSAC) Dr. Allan Zenowitz (Academe, Policy and Research Senor Advsory Commttee) George Vradenburg (Prvate Sector Senor Advsory Commttee) John Cohen (Office of the Governor, Massachusetts) Cindy Gillespie (Office of the Governor, Massachusetts)
Homeland Security Advisory Council Staff

Dan Ostergaard, Executve Drector, Homeland Securty Advsory Councl Rch Davs, Drector, Academe and Polcy Research Senor Advsory Commttee Jeff Gaynor, Drector, Emergency Response Senor Advsory Commttee Kate Knapp, Specal Assstant to the Homeland Securty Advsory Councl Mke Mron, Drector, State and Local Officials Senior Advisory Committee Candace Stoltz, Director, Private Sector Senor Advsory Commttee
D-4
Appendix E
Information Exchange Analysis and Design Report
Information Exchange Analysis and Design

Analyze information exchange among law enforcement and homeland security partners and build models for successful information sharing.
Justification
Law enforcement and homeland securty partners operate myrad systems for collecting, maintaining, analyzing, and sharng data and nformaton crtcal to carryng out ther respectve mssons. Creatng the capacty to share nformaton among and between agences, levels of government, and a varety of dscplnes ndeed, creatng an enterprse approach means overcomng establshed barrers to data exchange. It nvolves understandng cross-jursdctonal nformaton needs and the data exchanges that cross sometmes radcally dfferent lnes of busness. Informaton exchange n any envronment s trggered by nternal or external events. In the justce system and homeland securty envronments, these trggerng events are the key decson ponts n our routne busness processes, such as an arrest, a traffic accident involving hazardous materials, a release from prson, or a terrorst ncdent. In order to share ntellgence electroncally, t s essental to understand the nature of these busness processes, decson ponts, and trggerng events. Most organizations do an adequate job of applyng technology n ther nternal envronments. On the other hand,
most nformaton exchange between organizations is not developed with smlar rgor, followng the anarchy model. In the anarchy model, each nterface s a custom nterface, and decsons about nformaton sharng are made wthout regard for other data that may pass between the same two organizations and without regard for other agences that may need the same nformaton. As nterfaces are constructed wth ths anarchy model, archtectural decsons are made that may constran future efforts to share data by organizations that may have no nterest n these orgnal exchanges. For example, a decson by courts and prosecutors to establsh a data warehouse as a central locaton for sharng documents electroncally wll make it more difficult and expensive for law enforcement agences to develop a mddleware approach for sharng traffic accident information. In a second example, law enforcement agences and the courts may decde on an approach for sharng ctaton nformaton electroncally, wthout consultng the prosecutor, the state motor vehcle dvson, or the state crmnal hstory repostory, whch also have an nterest n electronc ctaton data. There are two problems that result from applcaton of the anarchy model: 1) the archtecture that evolves s seldom optmal and often s nadequate for most other nformaton exchange, and 2) efforts to expand nformaton exchange generally end up collapsng beneath ther own weght as the number of data tradng partners ncreases. What s needed s an enterprse model for desgnng
nformaton exchange for fuson centers. An enterprse approach consders all of the nformaton exchange needs of all stakeholders when developng the ntegraton archtecture. Whether nterfaces between systems for sharng ntellgence consst of smple queres and responses, or are more sophstcated transactonal processes that buld central ndex entres or populate data warehouses, t s mportant to document and analyze this information exchange at the plannng stage of a project and to create a blueprnt at the enterprse level for sharng data electronically that capitalizes on efficiency, accuracy, and tmelness. Ths desgn should be created by busness experts from the participating organizations, under the drecton of polcy leaders and wth the assstance of technologsts. It should be based on a dscplned examnaton of current busness practces, exstng technology, and paper and electronc exchange of ntellgence that already s occurrng.
The Justice Information Exchange Model (JIEM)

The Justce Informaton Exchange Model (JIEM) s a tool that can assst fuson centers n performng these mportant tasks. JIEM documents the processes, trggerng events, and condtons that govern nformaton exchange at the enterprse level. It models the data that flows or should flow between organizations. It is a plannng tool, a busness modelng tool, an nformaton exchange modelng tool, and a data modelng tool. It s lnked
E-1
wth the Global Justce XML Data Model (GJXDM), allowng easy mportng of model components to desgn electronc documents. Soon t wll be lnked wth the ablty to mport and export XML schema and other Informaton Exchange Package Documentaton (IEPD) artfacts that are essental to mplementng the GJXDM. Ths wll eventually enable justce agences to seamlessly generate (and, f need be, re-generate) GJXDM complant nformaton exchanges from the busness rules encapsulated n JIEM, ensurng that they can be rapdly adapted to the needs of an ncreasngly dynamc envronment. JIEM s also beng enhanced to support the exchange of nformaton not only wthn domans (as n the justce doman today) but between dfferent domans, such as justce, emergency management, transportaton, and ntellgence, n support of emerging organizations such as Fusion Centers. JIEM was developed to collect requrements from practtoners for justce nformaton sharng ntatves; specifically to assist justice system leaders in analyzing and documenting exstng nformaton exchange at the enterprse level, n desgnng new electronc exchange processes as a part of an ntegrated justce ntatve, and n adoptng and mplementng natonal busness, data, and technology models to save tme, effort, and money. It helps justce and publc safety practtoners to artculate requrements that can be communcated to technologsts who develop systems and nterfaces. It s beng expanded to support the needs of developers who wll buld the systems and nterfaces needed to share ntellgence n the law enforcement and homeland securty communty. JIEM was created by SEARCH, the Natonal Consortum for Justce Informaton and Statstcs, wth fundng from the Bureau of Justce Assstance, Office of Justice Programs, U.S. Department of Justce. It has been used in dozens of integrated justice initiatives in the Unted States and has been adopted by the Canadan government.
Creating a Blueprint for Information Sharing

Once practtoners understand the enterprse and how t conducts busness, they can begn to buld a blueprnt for a more effectve enterprse. Informaton sharing analysis will expose inefficiencies, redundances, gaps, and opportuntes n the current system. Once the systems current operatons are obvous to decson makers, they can decde how they want to work together n the future and construct a blueprnt or to-be plan. Ths wll be a crtcal actvty for the development of a natonwde system of ntellgence fuson centers.
capitalizing on the experience of other jursdctons.
What Is Included in JIEM?

JIEM has five components: A conceptual framework for understandng justce nformaton exchanges (today), as well as nformaton exchanges n and between addtonal domans (such as emergency management, transportaton, mmgraton, and ntellgence) n the future. A methodology for analyzing current nformaton exchange and for reengneerng nformaton exchange n an nformaton sharng envronment. The JIEM Modeling Tool, a Webbased software package to assst justce system practtoners n applyng JIEM. The JIEM Reference Model, a set of nformaton exchange descrptons that are common to most jursdctons. An nterface wth the Global Justice XML Data Model that allows users to mport types and propertes drectly nto ther JIEM documents.
Common Exchanges Create a Reference Model for Others to Use

JIEM users have each created databases of ther detaled justce nformaton exchanges. JIEM was desgned to allow administrators to review, analyze, compare, and contrast exchanges entered by all jursdctons. That research has led to the development of the JIEM Reference Model, a set of common exchanges found n most locatons. A smlar process could be used to create a unversal set of exchanges for ntellgence sharng. Wth a reference model, fuson centers that are just begnnng ther nformaton sharng efforts could ncorporate those common exchanges, rather than startng wth nothng. They could mport those exchanges nto a new database that can then be talored to the unque needs of ther regon or jursdcton. The reference model enables centers to buld exchanges that reflect their individual busness practces but n a manner that s consstent wth natonal actvtes and ntatves. Ths essental product of JIEM was developed by and for the practtoners who use the tool to model actual, operatonal exchanges n ther jursdctons. The JIEM methodology and modelng tool can be used by any enterprse seekng to analyze its business processes, understand ts nformaton exchange, and reengneer ts busness processes by quckly leveragng best practces and
Who Uses JIEM?

JIEM s used by practtoners durng the strategc plannng phase of an nformaton sharng ntatve or later by developers during the design of specific interfaces between applcatons. Usng JIEM, a ste can accomplsh the followng: Document exstng busness processes and information flow between justce and justce-related organizations with text and graphical outputs. Analyze the effectiveness and economy of exstng practces. Gather requrements for mproved nformaton exchange, creatng a blueprnt for the ntegraton ntatve. Analyze existing data transfers to determne whch provde the most favorable cost/benefit ratios for automaton. Use JIEM outputs as nputs to other developer tools to enhance justce applcatons and to develop nterfaces between systems.
E-2
Access, mport, and extend natonal models, such as the JIEM Reference Model, the Global Justce XML Data Model, and Informaton Exchange Package Documentaton (IEPD). Regster locally developed IEPD artfacts n a natonal repostory for use by others. Provde data to support natonal efforts to develop and mprove models, methodologes, and tools to support ntegrated justce.
language and methodology to focus on busness practces of mutual concern at the enterprse level. Access to best practces from around the naton to avod renventng the wheel. Free software and support to preserve scarce resources; a personal computer and Internet access are the only requrements to access JIEM. Partcpaton n natonal efforts to mprove the ntegraton of justce nformaton resources.
Understandng the dversty n format and structure of nformaton n all of these agences. Analyzing the diversity of technology applcatons, communcatons protocols, and development envronments that exst n justcerelated organizations. Acknowledgng the ssues that relate to busness processes that overlap organizational boundaries and the need to coordnate these practces between enttes. Mantanng relatonshps wth leaders of these organizations to ensure that nternal changes n busness processes do not dsrupt nformaton exchange. Recognizing the organizational, poltcal, legal, and budgetary constrants that operate on justce organizations and drive efforts to mprove operatons whle conservng resources.
JIEM Benefits
The JIEM analyss requres the actve nput of stakeholders from all partcpatng organizations. It delivers a number of benefits to local, state, and regional ntegrated justce efforts that go beyond the specific products provided by the system, ncludng: An opportunty to brng staff from dverse but nterdependent justce dscplnes together wth a common

When analyzing and designing methods for obtanng and dssemnatng ntellgence electroncally, consder: Identifying organizations that will contrbute and consume nformaton from the fuson center. Recognizing the political independence of these organizations that are operatonally nterdependent.
E-3
E-4
Appendix F
Fusion Center Report Glossary
28 CFR Part 23A gudelne for law enforcement agences that operate federally funded multjursdctonal crmnal ntellgence systems (Crmnal Intellgence Glossary, November 2004). Administrative AnalysisThe provson of economc, geographc, or socal nformaton to admnstrators (Gottleb, Sngh, and Arenberg, 1995, p. 13). The analyss of economc, geographc, demographc, census, or behavoral data to dentfy trends and condtons useful to ad admnstrators n makng polcy and/or resource allocaton decsons (Crmnal Intellgence Glossary, November 2004). Advanced AuthenticationDefinitively dentfyng users before they access an organizations network is a key component n protectng nformaton resources. Start by choosng an authentcaton system wth encrypted password protocols. Before choosng an advanced authentcaton system, t s mperatve that data owners evaluate user access, hardware, and other requrements (Crmnal Intellgence Glossary, November 2004). AnalysisThe revew of nformaton and ts comparson to other nformaton to determne the meanng of the data n reference to a crmnal nvestgaton or assessment. (Peterson, 1994, p. 269) That actvty whereby meanng, actual or suggested, s derved through organizing and systematically examining dverse nformaton and applyng nductve or deductve logc for the purposes of crmnal nvestgaton or assessment (Crmnal Intellgence Glossary, November 2004).
Association/Link/Network Analysis Collecton and analyss of nformaton that shows relatonshps among vared ndvduals suspected of beng nvolved n crmnal actvty that may provde nsght nto the crmnal operaton and whch nvestgatve strateges mght work best (Law Enforcement Analytic Standards, November 2004). The entry of crtcal nvestgatve and/or assessment varables nto a two-axs matrx to examne the relatonshps and patterns that emerge as the varables are correlated n the matrx (Crmnal Intellgence Glossary, November 2004). Audit TrailsThe use of audt procedures (e.g., trackng who s accessng the data or what data was accessed) combned wth analyss of audit logs and follow-up for unauthorized or anomalous actvty s essental for long-term system securty and prvacy (Crmnal Intellgence Glossary, November 2004).99 AuthenticationThe process of dentfyng an ndvdual, usually based on a username and password. In securty systems, authentcaton s dstnct from authorization, whch s the process of gvng ndvduals access to system objects based on ther dentty. Authentcaton merely ensures that the ndvdual s who he or she clams to be but says nothng about the access rghts of the ndvdual (www.webopeda.com). AuthorizationThe process of grantng or denyng access to a network resource. Most computer securty systems are based on a two-step process. The first stage s authentcaton, whch ensures
that a user s who he or she clams to be. The second stage is authorization, whch allows the user access to varous resources based on the users dentty (www.webopeda.com). Classified Information/Intelligence A unform system for classfyng, safeguardng, and declassfyng natonal securty nformaton, ncludng nformaton relatng to defense aganst transnatonal terrorsm, to ensure certan nformaton be maintained in confidence in order to protect citizens, U.S. democratic nsttutons, U.S. homeland securty, and U.S. nteractons wth foregn natons and enttes (Crmnal Intellgence Glossary, November 2004). Top Secret Classification Appled to nformaton, the unauthorized disclosure of which reasonably could be expected to cause exceptonally grave damage to the natonal securty that the original classification authority s able to dentfy or descrbe (Executve Order 12958, March 25, 2003). Secret ClassificationAppled to information, the unauthorized dsclosure of whch reasonably could be expected to cause serous damage to the natonal securty that the orgnal classification authority is able to dentfy or descrbe (Executve Order 12958, March 25, 2003). Confidential Classification Appled to nformaton, the unauthorized disclosure of whch reasonably could be
F-1
expected to cause damage to the natonal securty that the orgnal classification authority is able to dentfy or descrbe (Executve Order 12958, March 25, 2003). Collation (of Information)The process whereby nformaton s assembled together and compared crtcally (Law Enforcement Analytic Standards, November 2004). A revew of collected and evaluated nformaton to determne ts substantve applcablty to a case or problem at ssue and placement of useful nformaton nto a form or system that permts easy and rapd access and retreval (Crmnal Intellgence Glossary, November 2004). Collection (of Information)The drected, focused gatherng of nformaton from all avalable sources (INTERPOL, 1996, p. 9). The identification, location, and recordng/storng of nformaton, typcally from an orgnal source and usng both human and technologcal means, for nput nto the ntellgence cycle for the purpose of meeting a defined tactical or strategc ntellgence goal (Crmnal Intellgence Glossary, November 2004). Commodity Flow AnalysisGraphc depctons and descrptons of transactons, shpments, and dstrbuton of contraband goods and money derved from unlawful actvtes n order to ad n the dsrupton of the unlawful actvtes and apprehend those persons nvolved n all aspects of the unlawful actvtes (Crmnal Intellgence Glossary, November 2004). Concept of Operations (CONOPS)A statement outlnng how an operaton or organization will achieve its mission and goals. The concept s desgned to gve an overall pcture of the operaton. Continuity of Operations Plan (COOP)A plan that specifies the actvtes of ndvdual departments and agences and ther subcompartments to ensure that ther essental functons are performed n the event of an emergency or dsaster. CoordinationThe process of nterrelatng work functons, responsbltes, dutes, resources, and ntatves drected toward goal attanment (Crmnal Intellgence Glossary, November 2004).
Crime-Pattern AnalysisA process that looks for lnks between crmes and other ncdents to reveal smlartes and dfferences that can be used to help predct and prevent future crmnal actvty (Law Enforcement Analytic Standards, November 2004). An assessment of the nature, extent, and changes of crme based on the characterstcs of the crmnal ncdent, ncludng modus operand, temporal, and geographc varables (Crmnal Intellgence Glossary, November 2004). Criminal Investigative AnalysisThe use of components of a crme and/or the physcal and psychologcal attrbutes of a crmnal to ascertan the dentty of the crmnal (Peterson, 1994, p. 42). An analytc process that studes seral offenders, vctms, and crme scenes n order to assess characterstcs and behavors of offender(s) wth the ntent to identify or aid in the identification of the offender(s) (Crmnal Intellgence Glossary, November 2004). Critical Infrastructure Resiliency (CIR)The ablty of crtcal nfrastructure systems to mantan or rapdly recover essental functons and structure n the face of nternal and external change and to degrade gracefully f they must. (Science Magazine and the Report of the Crtcal Infrastructure Task Force, January 2006, by the U.S. Department of Homeland Securtys Homeland Securty Advsory Councl.) Database IntegrityIt may be advsable, dependng on the senstvty of the data, to utilize multilevel, secure database products to ensure the safety of data. In addton, lmtng data access va database engne passwords or dgtal certificates separate from the operating system password adds another layer of securty (Crmnal Intellgence Glossary, November 2004). DeconflictionThe process or system used to determne whether multple law enforcement agences are nvestgatng the same person or crme and whch provides notification to each agency nvolved of the shared nterest n the case, as well as provdng contact nformaton. Ths s an nformaton and ntellgence sharng process that seeks to minimize conflicts between agencies and maximize the effectiveness of an nvestgaton (Crmnal Intellgence Glossary, November 2004).
Dissemination (of Intelligence)The release of nformaton, usually under certan protocols (Peterson, 1994, p. 271). The process of effectvely dstrbutng analyzed intelligence utilizing certain protocols n the most approprate format to those n need of the nformaton to facltate ther accomplshment of organizational goals (Criminal Intelligence Glossary, November 2004). EncryptionThe process of encodng information so that unauthorized ndvduals wll be unable to read, understand, or use the nformaton. A password or key s requred to decode (decrypt) the nformaton back nto ts orgnal, useable form. Evaluation (of Information)An assessment of the relablty of the source and accuracy of the raw data (Morrs and Frost, 1983, p. 4). All nformaton collected for the ntellgence cycle s revewed for ts qualty, wth an assessment of the valdty and relablty of the nformaton (Crmnal Intellgence Glossary, November 2004). Event Flow AnalysisGraphc depctons and descrptons of ncdents, behavors, and people nvolved n an unlawful event, ntended to help understand how an event occurred as a tool to ad n prosecuton, as well as preventon of future unlawful events (Crmnal Intellgence Glossary, November 2004). The complaton and analyss of data relatng to events as they have occurred over tme allow the analyst to draw conclusons and recommendatons based on the analyss (Peterson, 1994). Financial AnalysisA revew and analyses of financial data to ascertain the presence of crmnal actvty. It can nclude bank record analyss, net worth analysis, financial profiles, source and applications of funds, financial statement analyss, and/or Bank Secrecy Act record analyss. It can also show destnatons of proceeds of crme and support prosecutons (Law Enforcement Analytic Standards, November 2004). Flow AnalysisThe revew of raw data to determne the sequence of events or interactions that may reflect criminal actvty. It can nclude tmelnes, event flow analysis, commodity flow analysis, and activity flow analysis; it may show mssng actons or events that need
F-2
further nvestgaton (Law Enforcement Analytic Standards, November 2004).
Freedom of Information Act (FOIA)The Freedom of Informaton
evolvng trends. The bulletns are typically sensitive but unclassified and avalable for dstrbuton to local, state, trbal, and federal law enforcement. Intelligence Information Reports (IIR) Raw, unevaluated ntellgence concernng pershable or tme-lmted nformaton concernng crmnal or natonal securty ssues. Whle the full IIR may be classified, local, state, and tribal law enforcement agences wll have access to sensitive but unclassified information n the report under the tear lne (Crmnal Intellgence Glossary, November 2004). Intelligence-Led PolicingThe collecton and analyss of nformaton to produce an ntellgence end product desgned to nform polce decson makng at both the tactcal and strategc levels (NCISP, October 2003). The dynamc use of ntellgence to gude operatonal law enforcement actvtes to targets, commodtes, or threats for both tactcal responses and strategc decson makng for resource allocaton and/or strategc responses (Crmnal Intellgence Glossary, November 2004). Intelligence Process (Cycle)Plannng and drecton, collecton, processng and collatng, analyss and productons, and dssemnaton (Morehouse, 2001, p. 8). An organized process by which nformaton s gathered, assessed, and distributed in order to fulfill the goals of the ntellgence functont s a method of performng analytc actvtes and placng the analyss n a useable form (Crmnal Intellgence Glossary, November 2004). Intelligence ProductsReports or documents that contan assessments, forecasts, assocatons, lnks, and other outputs from the analytc process that may be dssemnated for use by law enforcement agences for preventon of crmes, target hardenng, apprehenson of offenders, and prosecuton (Crmnal Intellgence Glossary, November 2004). National Criminal Intelligence Sharing Plan (NCISP)A formal ntellgence sharng ntatve, supported by the U.S. Department of Justce that securely lnks local, state, trbal, and federal law enforcement agences, facltatng the exchange of crtcal ntellgence. The Plan contans model polces and standards and s a blueprnt for law enforcement admnstrators to follow when enhancng or buldng an ntellgence functon. It
Act, 5 U.S.C. 552, enacted n 1966, statutorly provdes that any person has a rght, enforceable n court, to access federal agency records, except to the extent that such records (or portons thereof) are protected from dsclosure by one of nne exemptons (Crmnal Intellgence Glossary, November 2004).
descrbes a natonwde communcatons capablty that wll lnk all levels of law enforcement personnel, including officers on the street, ntellgence analysts, unt commanders, and polce executves (Crmnal Intellgence Glossary, November 2004). Need to KnowAs a result of jurisdictional, organizational, or operatonal necesstes, ntellgence or nformaton s dssemnated to further an nvestgaton (Crmnal Intellgence Glossary, November 2004). Operational AnalysisIdentfyng the salent features, such as groups of or ndvdual crmnals relevant premses, contact ponts, and methods of communcaton (Europol, 200, Insert 3). An assessment of the methodology of a criminal enterprise or terrorist organization that depcts how the enterprse performs ts actvtes, ncludng communcatons, phlosophy, compensaton, securty, and other varables that are essental for the enterprse to exst (Crmnal Intellgence Glossary, November 2004). Perimeter SecurityRouters, firewalls, and ntruson detecton systems should be mplemented to tghtly control access to networks from outsde sources. Routers and firewalls filter and restrict traffic based upon very specific access control decsons made by the network operators, thereby limiting the types of unauthorized actvtes on a network (Crmnal Intellgence Glossary, November 2004). Physical SecuritySystem and network admnstrators should tghtly control physcal access to computer and network hardware. Only authorized members of the techncal staff should be allowed access to systems (Crmnal Intellgence Glossary, November 2004). PlanningThe preparaton for future situations, estimating organizational demands and resources needed to attend to those stuatons, and ntatng strateges to respond to those stuatons (Crmnal Intellgence Glossary, November 2004). Privacy (of Information)The assurance that legal and consttutonal restrctons on the collecton, mantenance, use, and dsclosure of personally identifiable information will be adhered to by crmnal justce agences, wth use of such nformaton to be strctly
Fusion CenterA collaboratve effort of two or more agences that provde resources, expertse, and/or nformaton to the center with the goal of maximizing the ablty to detect, prevent, apprehend, and respond to crmnal and terrorsm actvty (Recommended Fuson Center Law Enforcement Intellgence Standards, March 2005). Inference DevelopmentDrawng conclusons based on facts (Peterson, 1994, p. 48). The creaton of a probablstc concluson, estmate, or predcton related to an ntellgence target based upon the use of nductve or deductve logc n the analyss of raw nformaton related to the target (Crmnal Intellgence Glossary, November 2004). Intelligence (Criminal)The product of systematc gatherng, evaluaton, and synthess of raw data on ndvduals or actvtes suspected of beng, or known to be, crmnal n nature. Intellgence s information that has been analyzed to determne ts meanng and relevance. Information is compiled, analyzed, and/or dssemnated n an effort to antcpate, prevent, or montor crmnal actvty (NCISP, October 2003). The product of the analyss of raw nformaton related to crmes or crme patterns wth respect to an identifiable person or group of persons n an effort to antcpate, prevent, or montor possble crmnal actvty (Crmnal Intellgence Glossary, November 2004). Intelligence AssessmentA comprehensve report on an ntellgence ssue related to crmnal or natonal securty threats avalable to local, state, trbal, and federal law enforcement agences (Crmnal Intellgence Glossary, November 2004). Intelligence BulletinsA finished ntellgence product n artcle format that descrbes new developments and
F-3
lmted to crcumstances where legal process permts use of the personally identifiable information (Criminal Intellgence Glossary, November 2004). Privacy (Personal)The assurance that legal and consttutonal restrctons on the collecton, mantenance, use, and dsclosure of behavors of an ndvdual, ncludng hs/her communcatons, assocatons, and transactons, wll be adhered to by crmnal justce agences, wth use of such nformaton to be strctly lmted to crcumstances where legal process authorizes surveillance and nvestgaton (Crmnal Intellgence Glossary, November 2004). Profile/Criminal ProfileAn nvestgatve technque by whch to identify and define the major personality and behavoral characterstcs of the crmnal offender based upon an analyss of the crme(s) he or she has commtted (Crmnal Intellgence Glossary, November 2004). ReliabilityAsks the queston, Is the source of the nformaton consstent and dependable? (Crmnal Intellgence Glossary, November 2004) RequirementA valdated ntellgence nformaton need (IIN) submtted to address an ntellgence gap. Requrements can be standng (normally vald for months or years) or ad hoc (processed as they are identified, normally outside of planned, perodc requrements development and prioritization cycles) (FBI Intelligence Requrements and Collecton Management Process, August 2003, p. 9). Right to KnowBased on havng legal authority, ones official position, legal mandates, or official agreements, allowing the ndvdual to receve ntellgence reports (Crmnal Intellgence Glossary, November 2004). Risk AssessmentAn analyss of a target, llegal commodty, or vctm to dentfy the probablty of beng attacked or criminally compromised and to analyze vulnerabltes. Sensitive But Unclassified (SBU) InformationInformaton that has not been classified by a federal law enforcement agency whch pertans to significant law enforcement cases under nvestgaton and crmnal ntellgence
reports that requre dssemnaton crtera to only those persons necessary to further the nvestgaton or to prevent a crme or terrorst act (Crmnal Intellgence Glossary, November 2004). Sensitive Compartmented Information (SCI)Classified information concerning or derved from ntellgence sources, methods, or analytcal processes that s requred to be handled wthn formal access control systems establshed by the drector of the Central Intellgence Agency (Crmnal Intellgence Glossary, November 2004). Sensitive Compartmented Information Facility (SCIF)An accredted area, room, group of rooms, buldngs, or an nstallaton where SCI may be stored, used, dscussed, and/or processed (Crmnal Intellgence Glossary, November 2004). Spatial AnalysisThe process of usng a geographc nformaton system n combnaton wth crme-analyss technques to assess the geographc context of offenders, crmes, and other law enforcement actvty (Crmnal Intellgence Glossary, November 2004). Strategic IntelligenceMost often related to the structure and movement of organized criminal elements, patterns of crmnal actvty, crmnal trend projectons, or projectve plannng (Law Enforcement Analytic Standards, November 2004). An assessment of targeted crme patterns, crime trends, criminal organizations, and/or unlawful commodty transactons for purposes of plannng, decson makng, and resource allocaton; the focused examnaton of unque, pervasve, and/or complex crme problems (Crmnal Intellgence Glossary, November 2004). Tactical IntelligenceInformaton regarding a specific criminal event that can be used mmedately by operatonal unts to further a crmnal nvestgaton, plan tactcal operatons, and provde for officer safety (Law Enforcement Analytic Standards, November 2004). Evaluated nformaton on whch mmedate enforcement acton can be based; intelligence activity focused specifically on developng an actve case (Crmnal Intellgence Glossary, November 2004). TerrorismPremedtated, poltcally motvated volence perpetrated aganst noncombatant targets by subnatonal
groups or clandestne agents, usually intended to influence an audience (Title 22 of the Unted States Code, Secton 2656f[d]). Terrorism InformationAll nformaton, whether collected, produced, or dstrbuted by ntellgence, law enforcement, mltary, homeland securty, or other Unted States government actvtes, relatng to 1) the exstence, organization, capabilities, plans, intentions, vulnerability, means of finance or materal support, or actvtes of foregn or nternatonal terrorst groups or ndvduals, or of domestc groups or ndvduals nvolved n transnatonal terrorsm; 2) threats posed by such groups or ndvduals to the Unted States, U.S. citizens, or U.S. interests or to those of other natons; 3) communcatons of or by such groups or ndvduals; or 4) nformaton relatng to groups or ndvduals reasonably beleved to be assstng or assocated wth such groups or ndvduals (Executve Order 13356). Threat AssessmentA strategc document whch looks at a groups propensty for volence or crmnalty or the possble occurrence of a crmnal actvty n a certan tme or place (Peterson, 1994, pp. 56-57). An assessment of a crmnal or terrorst presence wthn a jursdcton ntegrated wth an assessment of potental targets of that presence and a statement of probablty that the crmnal or terrorst wll commt an unlawful act. The assessment focuses on the crmnals or terrorsts opportunty, capablty, and willingness to fulfill the threat (Criminal Intellgence Glossary, November 2004). ValidityAsks the queston, Does the nformaton actually represent what we beleve t represents? (Crmnal Intellgence Glossary, November 2004). Vulnerability AssessmentA strategc document whch vews the weaknesses n a system that mght be exploted by a crmnal endeavor (NCISP, October 2003). An assessment of possble crmnal or terrorst group targets wthn a jursdcton ntegrated wth an assessment of the targets weaknesses, lkelhood of beng attacked, and ablty to wthstand an attack (Crmnal Intellgence Glossary, November 2004).
F-4
Appendix G
Acronyms
ACTIC ATIX CAP CDC CFR CICC CII Act CITCS CONOPS COOP CTTWG DHS DISA DOJ EPIC FAQ FBI FEMA FinCEN FOIA FOUO GISAC GISWG GIWG Global Global JXDM GTRI
Arizona Counter Terrorism Information Center Automated Trusted Informaton Exchange Common Alertng Protocol Centers for Dsease Control and Preventon Code of Federal Regulatons Crmnal Intellgence Coordnatng Councl Crtcal Infrastructure Informaton Act Crmnal Intellgence Tranng Coordnaton Strategy Concept of Operatons Contnuty of Operatons Plan Counter-Terrorsm Tranng Coordnaton Workng Group U.S. Department of Homeland Securty Defense Informaton Systems Agency U.S. Department of Justce El Paso Intellgence Center Frequently Asked Questons Federal Bureau of Investgaton Federal Emergency Management Agency Fnancal Crmes Enforcement Network Freedom of Informaton Act For Official Use Only Georga Informaton Sharng and Analyss Center Global Infrastructure/Standards Workng Group Global Intellgence Workng Group Global Justce Informaton Sharng Intatve Global Justce XML Data Model Georga Tech Research Insttute
GXSTF HIDTA HIFCA HSAC HSIN HSOC HSPD IACA IACP IADLEST IALEIA ICE ICSIS IJIS INTERPOL JICC LEIN LEIU LEO LES MOU NCISP NCJA NCSD NDA NDIC NIST
Global XML Structure Task Force High Intensity Drug Trafficking Areas Hgh Intensty Fnancal Crme Areas Homeland Securty Advsory Councl Homeland Securty Informaton Network Homeland Securty Operatons Center Homeland Securty Presdental Drectve Internatonal Assocaton of Crme Analysts Internatonal Assocaton of Chefs of Polce Internatonal Assocaton of Drectors of Law Enforcement Standards and Tranng Internatonal Assocaton of Law Enforcement Intellgence Analysts U.S. Immgraton and Customs Enforcement Integrated Convergence Support Informaton System Integrated Justce Informaton System International Criminal Police Organization Justce Intellgence Coordnatng Councl Law Enforcement Intellgence Network Law Enforcement Intellgence Unt Law Enforcement Onlne Law Enforcement Senstve Memorandum of Understandng National Criminal Intelligence Sharing Plan Natonal Crmnal Justce Assocaton Natonal Cyber Securty Dvson Non-Dsclosure Agreement Natonal Drug Informaton Center Natonal Insttute of Standards and Technology
G-1
Nlets NW3C OASIS OEP OJP RCIC RISS SARA SBU SCI SCIF
The Internatonal Justce and Publc Safety Informaton Sharng Network Natonal Whte Collar Crme Center Organization for the Advancement of Structured Informaton Standards Occupant Emergency Plan Office of Justice Programs Rockland County Intellgence Center Regonal Informaton Sharng Systems Superfund Amendments and Reauthorization Act Sensitive But Unclassified Senstve Compartmented Informaton Senstve Compartmented Informaton Faclty
SME SOA STTAC STIC TRS UNYRIC US-CERT USP3 VICAP XML
Subject-Matter Expert Servce-Orented Archtecture State Terrorsm Threat Assessment Center (Calforna) Statewde Terrorsm Intellgence Center (Illnos) Terrorsm Research Specalsts Upstate New York Regonal Intellgence Center Unted States Computer Emergency Readness Team Unted States Publc-Prvate Partnershp (formerly DHSs HSIN-CI) Volent Crmnal Apprehenson Program Extensble Markup Language
G-2
About GlobAl
The U.S. Department of Justices Global Justice Information Sharing Initiative (Global) serves as a Federal Advisory Committee to the U.S. Attorney General on critical justice information sharing initiatives. Global promotes standards-based electronic information exchange to provide justice and public safety communities with timely, accurate, complete, and accessible information in a secure and trusted environment. Global is administered by the U.S. Department of Justice, Office of Justice Programs, Bureau of Justice Assistance.
A companion CD has been developed in conjunction with the Fusion Center Guidelines report. This CD contains sample policies, checklists, resource documents, and links to Web sites that are referenced throughout the report. For copies of the resource CD, contact DOJs Global at (850) 385-0600.
The fusion center resources are also available at DOJs Global Web site, www.it.ojp.gov/fusioncenter, DHSs Web site, and the Homeland Security Information Network (HSIN).
For more information about the Fusion Center Guidelines, contact DOJs Global at (850) 385-0600. For more information about DOJs initiatives, go to
www.it.ojp.gov.
Issued August 2006

Fusion Center Guidelines

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Fusion Center Guidelines

Uploaded by

Copyright:

Available Formats

Fusion Center Guidelines

Developing and Sharing Information and Intelligence in a New Era

Law Enforcement Intelligence, Public Safety, and the Private Sector

United States Department of Justice

Fusion Center Guidelines

Law Enforcement Intelligence, Public Safety, and the Private Sector

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

The Role of Leadership

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

What Is the Fusion Center Guidelines Initiative?

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Fusion: Turning Information and Intelligence Into Actionable Knowledge

What Is a Fusion Center?

What Is the Fusion Process?

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Why Should Fusion Centers Be Established?

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Summary of Guidelines and Key Elements

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

10. Integrate technology, systems, and people.

8. Develop, publish, and adhere to a privacy and civil liberties policy.

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

12. Ensure personnel are properly trained.

14. Offer a variety of intelligence services and products to customers.

15. Develop, publish, and adhere to a policies and procedures manual.

16. Define expectations, measure performance, and determine effectiveness.

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Introduction Fusion Concept and Functions

Fusion Center Guidelines Development

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

The Fusion Concept

Fusion: Turning Information and Intelligence Into Actionable Knowledge

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Figure 1 Fusion Process

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Figure 2Fusion Center Components

Fusion Center Functions

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Background and Methodology

Phase ILaw Enforcement Intelligence Component

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Sharing of classified information Standards for tranng Connectvty

Phase 2Public Safety Component

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Phase 3Private Sector Component

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

The NCISP and the Intelligence and Fusion Processes Justification

The Intelligence Process

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

The Fusion Process

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Issues for Consideration

Available Resources on Fusion Center CD

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Fusion Center GuidelinesDeveloping and Sharing Information in a New Era

Sharing of classified information Standards for tranng Connectvty

Ths concept of desgn allows the orgnal data owners to control

Facltes management Feedback

54 Crmnal Intellgence Glossary of Terms, November 2004.