Figure 1 Pictures displaying the Key DOJ Customers
Picture 1 = Congress
Picture 2 = White House
Picture 3 = State and Local Governments
Picture 4 = Law Enforcement
Picture 5 = General Public
Picture 6 = Foreign Governments
Picture 7 = Courts
Figure 2 Chart displaying IT Budget FY 1992 - FY 2003
(in Millions)
FY 1992 = $678
FY 1993 = $797
FY 1994 = $958
FY 1995 = $834
FY 1996 = $1,190
FY 1997 = $1,206
FY 1998 = $1,345
FY 1999 = $1,473
FY 2000 = $1,408
FY 2001 = $1,872
FY 2002 = $2,093
FY 2003 = $2,050
Figure 3 Chart displaying the features and capabilities
of the Department's Infrasture
Picture 1 = Individual Worker
Picture 2 = desktop terminal
Picture 3 = network servers and mainframe computers
Picture 4 = networked desktop terminals
Picture 5 = databases
Picture 6 = business systems
Figure 4 Depicts our current network environment.
The DOJ network environment is an aggregation of a number of independent, national
networks developed and operated by each of the major DOJ components.
Figure 5 Chart displaying Number of systems with security
weaknesses (of 112)
The Department's Security Report for 2001 concluded that more than half of the
112 systems analyzed had vulnerabilities in the areas of audit, authentication,
contingency planning, and configuration management.
Audit = 70 percent
Authentication = 68 percent
Contingency Plan = 60 percent
Configuration Mgmt. = 55 percent
Data Integrity = 48 percent
Encryption = 45 percent
Security Training - 42 percent
Documentation = 39 percent
Management Control = 29 percent
Figure 6 Four major Activities of the Department's IT Information Security
Program
Plan: Planning to ascertain threats and trust relationships = What are critical
assets ? Who can harm them? How?
Assess: Assessing the current levels of protection and their effectiveness
=
What protections are in place? How effective are they?
Implement: Implementing and integrating controls = What controls should be used? Multiple controls (defense in depth) Integrated and effective?
Respond: Responding to incidents = What incidents occurred? How effective was response? Room for improvement?
Figure 7 Chart displaying Common and Unique Solutions
supported by a Unified Infrastructure
Common solutions are application systems and databases used by more than one component.
DOJ components will use a combination of common solutions, using shared systems
and databases, and unique systems.
Figure 8 displaying the Federal Enterprise Architecture Framework (FEAF)
in a pyramid shape with four layers.
Layers from top to bottom
Layer 1 = Business Architecture
Layer 2 = Data Architecture
Layer 3 = Application Architecture
Layer 4 = Technology Architecture
Figure 9 displaying the FEAF Methodology
Describes the Federal Enterprise Architecture Framework and a particular segment
within the architecture. The crosscutting segment architecture is labeled "booking".
Figure 10 displaying OMB/GAO Select-Control-Evaluate Process Model with
three elements arranged in a circular pattern connected by curved arrows.
Three Elements