National Criminal Intelligence Resource Center (NCIRC)

BEST PRACTICES

With the proliferation of fusion centers and intelligence units, various best practices have emerged to assist criminal justice agencies and organizations with the development and operation of an intelligence unit. This section provides best practices used in law enforcement intelligence operations, fusion centers, and information/intelligence sharing initiatives.

Best Practice Examples

Terrorism Risk Modeling for Intelligence Analysis and Infrastructure Protection

The U.S. Department of Homeland Security (DHS) is moving increasingly to risk analysis and risk-based resource allocation, a process that is designed to manage the greatest risks instead of attempting to protect everything. Efforts to develop analytical tools necessary to support this approach and institutionalize their use across the department are just beginning. In this context, DHS is exploring how existing risk-analysis tools might be useful for its Homeland Infrastructure Threat and Risk Analysis Center (HITRAC). This RAND report presents the results of three applications of a model routinely used by the insurance industry to assess liability from terrorism risk: the Probabilistic Terrorism Model developed by Risk Management Solutions, Inc. (RMS). Informative and useful findings were taken as a positive indication that the model would be a valuable resource for HITRAC.

A Governor’s Guide to Homeland Security

The National Governors Association Center for Best Practices’ article, A Governor’s Guide to Homeland Security provides governors with an overview of their homeland security roles and responsibilities and offers some guidance on how to approach issues such as mutual aid, information sharing, obtaining assistance from the military, and protecting critical infrastructure.

Lessons Learned Information Sharing

Lessons Learned Information Sharing (LLIS.gov) is the national network of lessons learned and best practices for emergency response providers and homeland security officials. LLIS.gov’s secure, restricted access information is designed to facilitate efforts to prevent, prepare for, and respond to acts of terrorism and other incidents across all disciplines and communities throughout the United States.

New Jersey State Police Practical Guide to Intelligence-Led Policing

The New Jersey State Police Practical Guide to Intelligence-Led Policing details the processes that the New Jersey State Police (NJSP) has adopted in order to operationalize the principles of Intelligence-Led Policing (ILP). It was written to ensure that all members of the NJSP share the same understanding of the concepts and vernacular that have been embraced to institutionalize intelligence as the foundation of all operations.

Information Sharing Environment Implementation Plan

The Information Sharing Environment Implementation Plan (ISE Implementation Plan) is a product of the requirements outlined in the Intelligence Reform and Terrorism Prevention Act of 2004. The ISE Implementation Plan describes the intended actions planned by the Office of the Director of National Intelligence for a future information sharing environment (ISE). The ISE Implementation Plan addresses the intended goals of the ISE, outlines the two-phased implementation approach, highlights the major information sharing challenges, and includes the conclusions and recommendations of the Office of the Program Manager Information Sharing Environment (PM–ISE). Included in this document is a description of how the PM–ISE will use the ISE Implementation Plan to manage the ISE. The recommendations cited will impact intelligence operations at all levels in the United States.

Supplementary Materials Available:

Information Sharing Environment Implementation Plan Report Sent to Congress

Privacy and Civil Liberties Policy Development Guide and Implementation Templates

The Privacy and Civil Liberties Policy Development Guide and Implementation Templates is a practical, hands-on resource that supports analysis of privacy protection requirements for information sharing environments. Its purpose is to provide guidance for the process of developing agency privacy policy that articulates agency privacy obligations and supports sharing, as well as to protect privacy and quality interests. The guide walks the user through the steps to determine what specific information a justice entity may collect, use, and disseminate during the course of routine justice operations and assists in the identification of what laws control the collection and sharing of that information.

Global Justice Information Sharing Initiative: Exploring Service-Oriented Architecture Services for Justice Information Sharing

The Justice Reference Architecture consists of four pieces: standards, services, policies, and registries. This paper provides an executive briefing on services. At its simplest, a service involves a producer and a consumer using an agreed-upon technical architecture and business rules to exchange information in support of a business process. There are technical standards and methods for specifying and complying with a number of security, reliability, and privacy provisions. If different agencies and justice associations agree on a set of architectural standards, they can incrementally build up what looks and acts like a single system, virtually without anyone being in charge.

Global Justice Information Sharing Initiative: Exploring Service-Oriented Architecture Registries for Justice Information Sharing

The Justice Reference Architecture consists of four pieces: standards, services, policies, and registries. This paper provides an executive briefing on registries. A registry facilitates information sharing by housing reusable software and services or providing instructions for accessing such software—a sort of “services yellow pages.” Registries enable a service provider organization to register its organization information, services information, and the artifacts related to the services. Registries also enable service consumer organizations to browse any registered organization’s services information and download the service information and related artifacts. Registries also enable a service provider and the consumer organizations to thereafter make agreements on doing business with one another.

Regional Information Sharing Systems (RISS)

RISS has expanded its services through the Automated Trusted Information Exchange (ATIX) to provide first responders and public safety executives and officials with access to homeland security, disaster, and terrorism information in a secure environment. RISS ATIX™ participants are designated into a specific group—including local, county, state, tribal, and federal government; law enforcement; emergency management; disaster relief; utilities; and, among others, the chemical, transportation, and telecommunication industries—based on their role. RISS ATIX combines four powerful components: RISS ATIX Web pages, RISS ATIX Bulletin Board, ATIXLive, and ATIX Secure E-Mail for participants to utilize in exchanging information.

Applying Security Practices to Justice Information Sharing

Applying Security Practices to Justice Information Sharing aims to educate management regarding fundamental security practices that should be included in information sharing. This document explores disciplines of information sharing that include, but are not limited to, governance, physical security, data integrity, public access, and network safeguards. Justice information sharing models are discussed, and examples are given as to how the models have been implemented in real-life situations.

Supplementary Materials Available:

Analyst Toolbox

The tools examined in this document represent the basic tool kit that the intelligence analyst will need to provide the vital intelligence service that is expected in today’s law enforcement environment.

National Criminal Intelligence Sharing Plan Overview

The National Criminal Intelligence Sharing Plan (NCISP), the first of its kind in the country, provides a blueprint to help agencies establish criminal intelligence sharing policies, procedures, standards, technologies, and training. The Plan was assembled with close input and cooperation from local, state, tribal, and federal law enforcement agencies, and it has been endorsed by numerous national law enforcement organizations. Implementation of NCISP will provide law enforcement agencies with the ability to gather, analyze, protect, and share information and intelligence to identify, investigate, prevent, deter, and defeat the perpetrators of criminal and terrorist activities, both domestically and internationally.

Supplementary Materials Available:

Fusion Center Guidelines

The document Fusion Center Guidelines addresses the development of guidelines for fusion centers as well as the foundation for the development of fusion center guidelines for law enforcement intelligence, public safety, and private sector entities. These guidelines and related materials will provide assistance to centers as they prioritize and address threats posed in their specific jurisdictions for all crime types, including terrorism, and guide administrators in developing policies, managing resources, and evaluating services. The fusion process supports the implementation of risk-based, information-driven prevention, response, and consequence management programs as well as efforts to address immediate and/or emerging threat-related circumstances and events. The document also defines fusion centers and explains that the principal role of fusion centers is to compile, blend, analyze, and disseminate criminal intelligence and other information (including, but not limited to, threat assessment, public safety, law enforcement, public health, social service, and public works) to support efforts to anticipate, identify, prevent, and/or monitor criminal activity.

Supplementary Materials Available:

Minimum Criminal Intelligence Training Standards for United States Law Enforcement and Other Criminal Justice Agencies

The document Minimum Criminal Intelligence Training Standards for United States Law Enforcement and Other Criminal Justice Agencies explains the recommended development of minimum training standards for all affected levels of law enforcement personnel, including core training objectives in six areas: General Law Enforcement Officer, Law Enforcement Executive, Intelligence Manager, Intelligence Officer/Collector, Intelligence Analyst, and Train-the-Trainer. The goals in developing the standards were to identify specific training topics and issues for each level of personnel involved in the intelligence process, to make specific recommendations for training objectives and the delivery of training, and to work with relevant agencies and groups to develop model curricula.

Law Enforcement Analytic Standards

The booklet Law Enforcement Analytic Standards discusses the standards created by the International Association of Law Enforcement Intelligence Analysts (IALEIA) as a result of the National Criminal Intelligence Sharing Plan (NCISP) recommendations. The analytic standards consist of 25 standards that explain the requirements of agencies to adopt the minimum standards for intelligence-led policing in order to support the development of sound, professional, and analytical products (intelligence). The standards are composed of educational standards and intelligence process standards, as well as testimony, data-source attribution, and feedback standards.

A Framework for Justice Information Sharing: Service-Oriented Architecture(SOA)

A Framework for Justice Information Sharing: Service-Oriented Architecture (SOA) recommends adoption of SOA and describes its application in the criminal justice community. The requirements and logistics essential for implementing SOA, such as software, hardware, structure, and design; consideration of lessons and developments of the public and private sector; and the evolution of design technology, are explained in this document. This document also explains several issues including services provided, standards, interagency agreements, registries, security, privacy, and data quality.

Global Justice XML Data Model (Global JXDM)

This Web site discusses the Global Justice Information Sharing Initiative (Global) Justice Extensible Markup Language (XML) Data Model (Global JXDM), which is a comprehensive product that includes a data model, a data dictionary, and an XML schema. The Global JXDM is an XML standard designed specifically for criminal justice information exchanges, providing law enforcement, public safety agencies, prosecutors, public defenders, and the judicial branch with a tool to effectively share data and information in a timely manner. Today, more than 50 law enforcement and justice-related projects have been implemented utilizing the Global JXDM.

Supplementary Materials Available:

Privacy, Civil Liberties, and Information Quality Policy Development for the Justice Decision Maker

Privacy and information quality policies protect agencies and make it easier to share information. The Privacy and Information Quality Policy Development for the Justice Decision Maker is a resource that justice and public safety leaders can use to make the best business decisions on privacy and information quality for their information sharing systems. The guideline provides the framework and outlines the approach for an agency to use when developing or reevaluating their privacy and information policies.