Update: New FBI management system could cost $500M
A contract for the 'Sentinel' project is expected in the next few weeks
Computerworld - A new case management system being implemented by the U.S. Federal Bureau of Investigation to help fight terrorism could cost as much as $500 million, blowing away the $170 million it sank into a previous project that was abandoned a year ago, according to a government watchdog group.
In a 91-page audit report released Tuesday by the inspector general's office in the U.S. Department of Justice ( .pdf available), cost estimates for the new FBI IT system range from $400 million to $500 million, based on information provided by the FBI to congressional inquiries. An exact figure for the project is expected when the FBI finalizes a contract for the system, called Sentinel.
That contract award is officially expected sometime in the next 30 days, but Tuesday an FBI spokeswoman said that it will come shortly.
"The FBI has completed the vendor evaluations in the Sentinel contract award process," FBI spokeswoman Catherine Milhoan said in a statement. "We are currently in negotiations with one of the vendors and have advised the other vendor that their proposal was not within the competitive range. We cannot disclose the identity of either vendor at this point."
Milhoan said the number of bidders that pursued the contract and related details will also be made public when the contract matters are settled.
The inspector general's office, which was previously highly critical of the FBI's earlier failed attempts to upgrade its technology systems as a result of "poorly defined design requirements, lack of mature Information Technology Investment Management processes, and poor management continuity and oversight," was much more upbeat about the proposed Sentinel system and its planned oversight.
"With Sentinel, the FBI is relying on improved management processes, use of commercially available components and a four-phase approach over 39 to 48 months to develop a replacement for its obsolete Automated Case Support (ACS) system," the audit stated. "In reviewing the management processes and controls the FBI has applied to the pre-acquisition phase of Sentinel, we believe that the FBI has adequately planned for the project and this planning provides reasonable assurance that the FBI can successfully complete Sentinel if the processes and controls are implemented as intended."
The report added that several concerns remain, however -- for example, the program management office for the project is not yet fully staffed, and there are questions about Sentinel's ability to share information with external intelligence and law enforcement agencies. It also remains uncertain whether Sentinel can provide a common framework for other agencies' case management systems.
The audit also said the inspector general's office will continue to monitor the FBI's system security plans as the project evolves. As of December 2005, the FBI had not completed a system security plan or a required verification and validation plan. Even so, Sentinel was allowed by the FBI to proceed, the report said. According to the inspector general, the FBI said at the time that a system security plan couldn't be completed until Sentinel's vendor provides detailed information on the project's design. A separate contract will be awarded to develop an independent verification and validation (IV&V) plan. Those explanations were deemed "reasonable" by the inspector general's office. "However, in our next audit, we will monitor whether the FBI completes the system security plan and the IV&V plan during the early stages of Sentinel's development," the inspector general's report stated.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts