Year 2000 Computing Challenge:
FBI Needs to Complete Business Continuity Plans
AIMD-00-11: Published: Oct 22, 1999. Publicly Released: Oct 22, 1999.
Additional Materials:
- Full Report:
Contact:
(202) 512-3000
contact@gao.gov
Office of Public Affairs
(202) 512-4800
youngc1@gao.gov
Pursuant to a congressional request, GAO provided information on the Federal Bureau of Investigation's (FBI) plans and controls for year 2000 business continuity planning, focusing on: (1) the status of and plans for completing the FBI's contingency planning for continuity of operations; and (2) whether the FBI's contingency planning efforts satisfy the key processes in GAO's year 2000 business continuity and contingency planning guide.
GAO noted that: (1) the FBI reported that it has renovated, tested, and certified as year 2000 compliant all but 1 of its 43 mission-critical systems and has developed system-level contingency plans for all but 2 of the 43; (2) the FBI has made some progress in its year 2000 business continuity planning, but this very important effort is running late; (3) to ensure that there will be sufficient time to develop, test, and finalize plans, GAO recommended in earlier testimony that plans be developed by April 30, 1999, and tested, including addressing problems and retesting by September 30, 1999, in order to allow agencies sufficient time to evaluate whether the plans will provide the level of core business capability needed and whether the plans can be implemented within a specified timeframe; (4) however, the FBI had not yet developed division-level business continuity plans or field office plans, and it did not expect to complete the integration of the division plans until September 1999; (5) further, it had not established a target date for completing field office plans or testing both field-level and division-level plans; (6) these delays left the FBI with little time to complete the many planning tasks that remain and ensure that it is ready to minimize the impact of possible year 2000-induced system failures; (7) the FBI also did not have many of the management controls and processes needed to effectively guide its continuity planning effort through the short time remaining before the year 2000 deadline; (8) according to the year 2000 official, the FBI had not implemented these controls and processes because the Department of Justice's guidance focuses on system-level contingency plans and does not require business continuity planning; (9) further, the official stated that the FBI is inherently capable of ensuring continuity of operations because its agents in both headquarters and the field are well trained and prepared for responding to various emergency circumstances, of which potential year 2000 system failure is just one; and (10) by not employing the management rigor and discipline specified in GAO's year 2000 business continuity planning guide, the FBI will not be able to ensure that it: (a) properly focuses its planning effort on the agency's most critical operations; (b) selects the best strategies to protect these operations; (c) has sufficient resources and staff dedicated to implementing continuity plans; and (d) can efficiently and effectively invoke its continuity plans, if necessary.
Recommendations for Executive Action
Status: Closed - Implemented
Comments: In response to the report, Justice convened a meeting of its component bureaus, which GAO attended and facilitated. The purpose of the meeting was to specify the requirement for, and explain the importance of, Year 2000 business continuity plans.
Recommendation: The Attorney General should direct the Department of Justice's Year 2000 Program Office to clarify the department's expectations for Year 2000 business continuity planning for all Justice bureaus, emphasizing the need for these plans and discussing Office of Management and Budget's adoption of GAO's guidance as a federal standard.
Agency Affected: Department of Justice
Status: Closed - Implemented
Comments: The FBI Year 2000 Program Management Office developed a plan for developing and testing business continuity plans. The plan required FBI headquarters and field offices to develop and test business continuity plans by November 1, 1999, and December 15, 1999, respectively.
Recommendation: The Attorney General should direct the Director, FBI, to establish and implement a plan for the timely development and testing of effective headquarters and field office year 2000 business continuity plans, including incremental milestones for completing all relevant key processes in GAO's guide associated with business impact analysis, plan development, and plan testing.
Agency Affected: Department of Justice
Status: Closed - Implemented
Comments: The FBI's actions were limited to business continuity plan testing. Specifically, the FBI tested its headquarters business continuity plans on November 18, 1999 and December 2, 1999. In addition, the FBI also conducted joint testing of headquarters and field offices' business continuity plans on December 8-9, 1999.
Recommendation: The Attorney General should direct the Director, FBI, to establish and implement effective controls and structures for managing year 2000 business continuity planning, including each of the relevant key processes addressed in GAO's year 2000 continuity planning guide and discussed in this report as not yet being satisfied.
Agency Affected: Department of Justice
Explore the full database of GAO's Open Recommendations
»
Jan 13, 2021
-
Department of Energy Contracting:
Improvements Needed to Ensure DOE Assesses Its Full Range of Contracting Fraud RisksGAO-21-44: Published: Jan 13, 2021. Publicly Released: Jan 13, 2021.
Dec 16, 2020
-
Data Governance:
Agencies Made Progress in Establishing Governance, but Need to Address Key MilestonesGAO-21-152: Published: Dec 16, 2020. Publicly Released: Dec 16, 2020.
Dec 9, 2020
-
2020 Census:
The Bureau Concluded Field Work but Uncertainty about Data Quality, Accuracy, and Protection RemainsGAO-21-206R: Published: Dec 9, 2020. Publicly Released: Dec 9, 2020.
Dec 3, 2020
-
2020 Census:
Census Bureau Needs to Assess Data Quality Concerns Stemming from Recent Design ChangesGAO-21-142: Published: Dec 3, 2020. Publicly Released: Dec 3, 2020. -
2020 Census:
Census Bureau Needs to Ensure Transparency over Data QualityGAO-21-262T: Published: Dec 3, 2020. Publicly Released: Dec 3, 2020.
Nov 30, 2020
-
Federal Buying Power:
OMB Can Further Advance Category Management Initiative by Focusing on Requirements, Data, and TrainingGAO-21-40: Published: Nov 30, 2020. Publicly Released: Nov 30, 2020.
Nov 24, 2020
-
Disaster Response:
Agencies Should Assess Contracting Workforce Needs and Purchase Card Fraud RiskGAO-21-42: Published: Nov 24, 2020. Publicly Released: Nov 24, 2020.
Nov 23, 2020
-
Federal Contracting:
Actions Needed to Improve Department of Labor's Enforcement of Service Worker Wage ProtectionsGAO-21-11: Published: Oct 29, 2020. Publicly Released: Nov 23, 2020.
Nov 18, 2020
-
Federal Telework:
Key Practices That Can Help Ensure the Success of Telework ProgramsGAO-21-238T: Published: Nov 18, 2020. Publicly Released: Nov 18, 2020.
Oct 7, 2020
-
Unaccompanied Children:
Actions Needed to Improve Grant Application Reviews and Oversight of Care FacilitiesGAO-20-609: Published: Sep 15, 2020. Publicly Released: Oct 7, 2020.
Looking for more? Browse all our products here