Colts Neck Solutions LLC
Intelligence Community Information Sharing and Process Improvement
April 12, 2005


Executive Summary

The U.S. Intelligence Community has been the focus of two major reviews - one by the 9/11 Commission and the more recently by The Commission on the Intelligence Capabilities of the United States Regarding Weapons of Mass Destruction (WMD Commission). Although the two Commissions had different charters and memberships, both emphasized the need for improved intelligence information sharing and, of particular emphasis by the WMD Commission, improved information origination commitment processes. The recent WMD Commission Report outlined "how tos" for improvement as well as highlighting the organizational, process, environmental, systems and attitudinal barriers to be overcome. The WMD Commission's principle "customer" for its recommendations is the new Director of National Intelligence (DNI), along with other Intelligence Community stakeholders.  However, even  if you are not in any way affiliated with the Intelligence Community, you nevertheless should not read the  Commissions' reports or this proposal merely as a "spectator" fortunate not to have to do all the heavy lifting facing the DNI and others. The odds are that your company or institution suffers from similar performance barriers and missed opportunities, but because the stakes are not as high you are not under the same level of scrutiny as the U.S. Intelligence Community.

This is Colts Neck Solutions LLC's second proposal on the subject of Intelligence sharing. On January 3, 2005, Colts Neck Solutions LLC published its conceptual "how tos" to address the information sharing and Information Technology aspects of the 9/11 Commission's recommendations, as those recommendations were embodied in the Intelligence Reform and Terrorist Prevention Act of 2004. To implement the "information sharing environment" described in the Act, Colts Neck Solutions LLC recommended use of various well-tested eBusiness and supply chain architectures and techniques as opposed to "enterprise integration."

Below is a second, supplementary proposal designed to address the additional points emphasized by the WMD Commission's March 31, 2005 Report. This second proposal amplifies points of particular relevance to the WMD Commission. For example, the WMD Commission recommended changes and additions to managerial roles and organizational functioning within the Intelligence Community, so this second Colts Neck Solutions LLC proposal delves deeper into topics such as the need for improved workflow systems, Business Process Management (BPM) systems, "available to promise" capabilities, data analysis and other internal improvements. The WMD Commission was very forceful in discussing blocked intelligence gathering requests, which makes available-to-promise capabilities a very important remediation tool.  Indeed, because of what the WMD regarded as serious hindrances to Intelligence prioritization, the WMD Commission advocated further expansion of the Intelligence Community to include significant subsets of the FBI and the Department of Justice. The WMD Commission also highlighted various attitudinal issues and conflicts, and in this second proposal Colts Neck Solutions LLC highlights the "attitudinal" advantages of adopting an "eBusiness" paradigm as the basis for Intelligence Community internal cooperation within the boundaries of "need to know," privacy, and due process.

Nothing that the WMD Commission proposed "contra-indicated" what Colts Neck Solutions LLC originally offered on January 3, 2005 as a conceptual solution to information sharing, but the WMD Commission did open up some new topics and added some intensity to older ones. A full understanding of what Colts Neck Solutions LLC proposes and why requires reading of both this document and the January 3 document -  available online , as is the much briefer January 3, 2005 original press announcement.

The January 3, 2005  proposal is at http://www.xmloptimization.com/ISE1.html.

To obtain Microsoft Word versions of these documents, please send an email request to customer.service@coltsnecksolutions.com.


Introduction: Weapons of Mass Destruction Commission Findings

The Commission on the Intelligence Capabilities of the United States Regarding Weapons of Mass Destruction (the WMD Commission) reviewed the U.S. Intelligence Community's judgments about Iraq's WMD programs and concluded that the Intelligence Community was "simply wrong," while also finding shortcomings in other WMD-related intelligence findings.  As a remedy, the WMD Commission recommended "dramatic change," because "We need an Intelligence Community that is truly integrated, far more imaginative and willing to run risks, open to a new generation of Americans, and receptive to new technologies." The WMD Commission's vision for "dramatic change" is heavily dependent on the aligning Intelligence Community needs with Information Technology capabilities, and such alignment is the primary subject of this document.

To a substantial degree, the WMD Commission validated earlier recommendations made by the 9/11 Commission for improved information-sharing within the Intelligence Community. In December 2004, Congress in effect embedded many of the 9/11 Commission's recommendations into the Intelligence Reform and Terrorism Prevention Act of 2004. On January 3, 2005, Colts Neck Solutions LLC released a proposal for a conceptual means to implement the Information Sharing Environment (ISE) prescribed in the Intelligence Reform Act. In brief, what it proposed is the "repurposing" of eBusiness architectures and other commonly used Internet-oriented Information Technology approaches to implement the "Information Sharing Environment" (ISE) mandated by Congress in the Intelligence Reform Act of 2004.

The WMD Commission had a somewhat different charter and did its work later, so its findings and recommendations - published in sanitized form on March 31, 2005 - went beyond those of the 9/11 Commission or the resulting legislation.

This Colts Neck Solutions LLC follow-up paper addresses the WMD Commission's findings and recommendations, to the extent that they are different from the 9/11 Commission's. For example, whereas the 9/11 Commission focused primarily on intelligence terrorist organizations, the WMD Commission was also concerned about the quality of classic intelligence processes concerning nation-states' capabilities. The WMD Commission's most notable add-on recommendation is that the Intelligence Community's recently-legislated boundaries be enlarged even further to include an intelligence-focused subset of the Federal Bureau of Investigation (FBI) and the Department of Justice (DOJ). Both the FBI and DOJ would need to reorganize internally to accommodate that recommendation. The Commission also offered some intangible recommendations, such as that the new Director of National Intelligence (DNI) replace the phrase "information sharing" with a different name to reduce the perception that information is in effect the private property of originating agencies.

Note that, also post-dating the original January 3, 2005 ISE proposal, it has also become apparent to the author that the "law enforcement" community also could benefit from its own implementation of the Colts Neck Solutions' ISE proposal. Further, the intersection and symbiotic relationships between the intelligence community and the law enforcement community remain complex and challenging to anyone trying to create a definitively-bounded "Intelligence Community." However bounded, managing information across the boundary between intelligence and law enforcement is itself a complex "eBusiness" relationship.

Recommendations offered by the WMD Commission in its March 31, 2005 Report

As a benchmark of need, below are listed the information-sharing and information origination requirements to be found in the WMD Commission's 500 page report. This list, which excludes many organizational and operational matters, is for the most part a task list for the yet-to-be confirmed Director of National Intelligence (DNI) and his team. The information-centric requirements recapitulated below are not necessarily expressed in the Commission's exact language or sequence.

a.  Extend the legislatively prescribed ISE to include "all intelligence" rather than just terrorism-related intelligence.

b. Reorganize the FBI to create within it a distinct National Security Service within the Bureau…including the FBI's Counterterrorism and Counterintelligence Divisions and its Directorate of Intelligence, and [make these] subject to the coordination and budget authorities of the DNI.

c. Unify in a single Chief Information Management Officer (CIMO) the roles of information-sharing management, protection of sources and methods management, and traditional CIO functions.

d. Apply more appropriate "risk management" techniques to minimize "overly stringent protective requirements" that hinder information sharing and the exploitation of new forms of identity management.

e. Within this new "risk management" framework, take away from originating agencies unilateral control of "need to know" decision-making.

f. Centralize rules regarding data held on 'U.S. persons" under the DNI and have the implementation of the rules standardized across the Intelligence Community

g. Implement to the fullest extent possible uniform data and process standards across the Intelligence Community to facilitate implementation of a networked community.

h. Establish a centralized registry of all members of the Intelligence Community to serve as a database of expertise as well as registry of clearances, etc.

i.Catalog all data held within the Information Sharing Environment in a way that enables the underlying network to compare user privileges with data sensitivity.

j.Insure that information consumers are aware of information's existence and the name of a point of contact with whom to negotiate access.

k.Establish uniform information technology management, procedures and certification rules across the Intelligence community - e.g., pertaining to matters such as certifying software, networks, etc.

l. Simplify and modernize the information classification system with particular attention to implementation in a network-centric Information Sharing Environment.

m. Stimulate sharing via "collection of metrics …self-enforcing milestones …incentives … and training.

n. Create an "Open Source Directorate" to facilitate collection and sharing of publicly available external information, as well as actively promoting use of such information.

o. Create a central repository for all "finished intelligence."

p. Create a standardized workbench and set of processes for intelligence analysts.

This Colts Neck Solutions LLC paper does not delve into the internal organizational constructs proposed by the WMD Commission, but instead defines an information infrastructure to support them. As an example, the WMD Commission proposes the creation of new Intelligence Community "Mission Managers." Mission Managers would be controllers for both "collections" and "analysis" in given areas of focus and, therefore, important "customers" for an eBusiness approach to Intelligence Information Sharing..

However, the IT architecture proposed does include additional provision for supporting some of these new internal roles. In the Commission's findings and recommendations, it did not include reference to workflow-oriented systems or the more comprehensive variants known as Business Process Management (BPM) or "available to promise" (ATP) systems capabilities. These are described below because the Commission proposed organizational arrangements that probably would not work efficiently and effectively without such systems.

Clearly, the proposed IT architecture for the Intelligence Community needs to be sufficiently adaptable to accommodate these and other potential organizational changes.

Intangible Requirements Expressed in the WMD Commission Report

The WMD Commission is impatient for there to be some changes in attitude and organizational posture.

In particular, the WMD Commission rejects the phase "information sharing" or at least its attitudinal implications. In the WMD Commission's view, that phase implies agency-level ownership and misstates "collecting agencies obligations to the Intelligence Community, and to the government more broadly." It therefore suggested that the Director of National Intelligence (DNI) should put his "…imprimatur on a new phrase…" perhaps "information access" or 'information integration' that indicates that information within the Community is a Community asset - not the property of a particular agency." Elsewhere, the Commission referred to a "culture of 'stewardship'…the DNI should require the submission of all intelligence information …to the Information Sharing Environment."

Nevertheless, lacking a definitive, better phrase, the WMD Commission continued to use the terms "information sharing" and "information sharing environment" (ISE).

It also posited unifying attitudinal notions such as "one team, one fight" in the war on terrorism, which presumably has the corollary "unified information." The WMD Commission apparently advocates that the default position should be that the Intelligence Community should have what it describes as "unfettered access" to, for example, Homeland Defense's many databases.

The WMD Commission's recommended remedies to attitudinal problems were primarily changes in organizational roles, scope and operating protocols - e.g., having the FBI and Justice reorganize so that the DMI can oversee a finite set of domestic intelligence assets. Whether or not this suggestion for expanding the Intelligence Community has merit, there clearly is a limit as to how many assets one can effectively "internalize" within the Intelligence Community.

Addressing the WMD Commission's Requirements

The WMD Commission was frank and forceful in stating that lack of information access was and remains one of three major systemic problems to be addressed by the Intelligence community and by the new DNI.  The other two problems are diffused leadership/accountability and, not to be overlooked, the past and prospective dearth of raw information in certain critical arenas.  Also, the WMD Commission sees a need for fundamental changes in attitude.

Information technology does not in itself solve the sharing problem, but it can certainly facilitate solution and recast the dialog into more productive channels. Often attitude problems are symptomatic of process or informational limitations that discourage people from making or delivering on commitments.

The original Colts Neck Solutions LLC proposal of January 3, 2005 suggested that "information sharing" should be thought of as a form of eBusiness and supply chain processes, minus actual dollar unit prices. Doing so not only offers substantive IT architectural advantages, but also attitudinal ones. Recasting the discussion to an eBusiness context has the benefit of encouraging entrepreneurial, customer-focused approaches that can enlist peoples' interests.

Also, measurement and evaluation becomes easier, because eBusiness processes create automated audit trails, so the performance metrics called for by the WMD Commission would be "free" and available to higher-level governance review. Information suppliers would get credit for completed transactions, while information seekers would get credit for diligent, wide-ranging searches. These same traceability processes also support recall of contaminated data.

Although the term eBusiness was never used in the WMD Commission report, the Commission used a familiar eBusiness term in citing the importance of "cataloging" information holdings. Indeed, catalog creation is itself a measurable, readily evaluated eBusiness artifact. As noted in the original January 3, 2005 Colts Neck Solutions LLC proposal, the most difficult information access issues - ad hoc queries by analysts and investigators - would be supported by "two-ended" work flow and catalog access within the OBI (open buying on the internet) dialog- so that "need to know" would be neither unilateral or weakened with respect to its legitimate purposes.

The inappropriate information flow blockages which so troubled the WMD Commission and the 9/11 Commission would, if existing in the future,  be visible, logged, and reported with sufficient specificity to support effective escalation.

The WMD Commission went into some detail regarding its concerns over delays in  transaction execution by one agency on behalf of another, especially with respect to collection processes. Indeed, its definition of the "Mission Manager" role seeks to address that problem, and perhaps such a role will help.

Although role changes can be important, it is apparent that much of the improved process execution and accountability required by the WMD Commission necessitates the implementation of "available to promise" (ATP) systems processes. Online airline reservation systems, as an example familiar to many readers, perform millions of ATP transactions per day on a customer self-service basis.

Behind ATP, Intelligence Community information suppliers would need to have implemented supporting scheduling, production and inventory management capabilities. Within the eBusiness/supply chain world, there are also supply chain forecasting and collaborative planning processes that can operate across enterprise boundaries. If the service-providing organizations within the Intelligence Community (and outside as well) implement effective, self-service ATP processes, much of the need would be addressed via "self-service", while senior management could address the hard, probably complex cases.

Note that in the commercial world the XYZ company can support online catalogs and available to promise capabilities with trading partners without necessarily having to "share," consolidate onto the same system, achieve deep integration or even generally synchronize metadata. Trading relationships do require a contract and service level agreement to define levels of support, terms and conditions, pricing, etc. as well as some minimal set of interoperability standards. OASIS ebXML and Oasis UBL (universal business language) are examples.

Within the Intelligence Community, eBusiness interoperability approaches would make it feasible to create information exchange or supply chain relationships across different platforms and business environments. The participating agencies and sub agencies can independently move ahead and be measured as to accomplishment.

These observations are not advanced as an argument against deep standardization, but to offer encouragement for moving ahead quickly based on interoperability standardization. If Intelligence Community business processes, metadata and data can be synchronized, so much the better, but given the urgency involved, waiting for the standards "Godot" to arrive to do deep integration is not warranted.

Supply and Quality of Intelligence Factoids and other Raw Data

The WMD Commission described situations in which the Intelligence Community was hampered by sheer lack of raw data, while overworking the few facts it possessed. Merely sharing scarcity is not very nourishing.

The WMD Commission's report highlighted both the dearth of supply and associated quality problems in the analysis of Iraq's WMD program. That analysis centered on the "factoid" that Iraq had purchased 7075-T6 aluminum tubes, and Intelligence Community conclusions about the significance of those tubes were central to the enormously significant debate about the state of Iraq's nuclear weapons program. Although the WMD Commission criticized the debaters for coming to the wrong conclusion, the larger issue was that there were so few facts to inform the debate. Clearly the Intelligence Communities analysis "mills" need a greater supply of factoids to function properly.

This dearth of information is sometimes the result of a complete absence of information, and the Commission advocated various changes to improve collection. The WMD Commission identified two major initiatives - improved and better prioritized collections efforts and improved use of "open source" information.

Alternatively, the cupboard may be bare because of failure to "digitize" available information so that it can be indexed, accessed and exploited. To the extent that it is the "digitized" information cupboard that is bare, or at least pretty barren, investment is needed to recover and index the data.

Although not explicitly listed as a requirement or even a hope by the Commission, it is clear that what the Intelligence Community needs is not only enough raw data - from widely cast nets - to validate positive assertions (e.g., "country XYZ is building a nuclear bomb"), but to tackle the tougher task of validating negatives (e.g., "country XYZ is not building a nuclear bomb"). The latter requires that not a crumb of raw data go unexamined, ideally by pattern-detecting systems processes supported by powerful search capabilities.

As noted in the Colts Neck Solutions LLC proposal of January 3, 2005, "search" is of enormous importance. Also, the organizational tendency to reject "search" facilities that turn up thousands of perhaps irrelevant hits needs to be mitigated, because there are needles in every haystack.

The WMD Commission cited cases in which the Intelligence Community was negatively impacted by contaminated, low-quality data. Consequently, the WMD Commission's report makes it clear that the Intelligence Community needs better factoid "recall" capability to recover from contaminated data.

In commercial, physical product supply chain processes, if a supplier unknowingly ships to customers what is later discovered to be a faulty part or tainted ingredient, that supplier needs to have adequate lot or item tracking to recover those faulty items or at least advise its proximate customers of the problem. If the next level in the supply chain has "infected" its own products by inclusion of the faulty parts or ingredients, those companies need their own traceability capabilities to recall whichever of their products are impacted.

As described by the WMD Commission, the Secretary of State's presentation to the U.N. regarding Iraq needed to be "recalled" because it incorporated spurious factoids and assertions originating from the source code named Curveball. However, the Community lacked an effective multi-level "recall" process. Again, supply chain techniques are called for to address this important need.

Intelligence Community "Risk Management" (AKA "Need to Know")

The WMD Commission advocated adoption of what it termed a risk management process as an alternative to classic "need to know" and security classification levels. By risk management it presumably meant a scheme based quantifying risk in terms of expected value (probability of damage x damage). Whatever the words or evaluation process used, the WMD Commission is apparently willing to run more risk in order to reduce the perceived blighting effect of so-called "need-to-know." However, the author suggests that "two-sided" workflow process can finesse (and automate) the process.

In its report, the Commission stated that "It is unrealistic to think that we can achieve our information-sharing goals without departing from traditional approaches to the "need-to-know" principle…[information] providers cannot know for sure when a user 'needs' a particular piece of information." ." The 9/11 Commission made parallel comments.

It may be useful to recapitulate on what is meant by "need-to-know."

"Need-to-know" can be thought of as enforcing two or, often, three bounds to information access - 1) need is bounded by job requirements specific to an individual, and 2) "trust" level is expressed in terms of clearance - Confidential, Secret, etc. plus various special categories. The third bound - not always applicable - are the various aspects of "due process" which have to do with honoring civil liberties, privacy, management of evidence, etc. An information seeker's bounds may be enlarged or altered on a situational basis - e.g., if the requestor has a temporary change in role or if the requestor has a warrant that satisfies due process concerns.

The three bounds, as they apply to a given information requester, in effect define his or her information access "compartment." Within that compartment, the user should have free and convenient access, while outside that compartment the user should have no access.

What appears to be a reasonable way to "compartmentalize" information access gets a bit murkier with respect to real-world application and enforcement. Clearances can be a problem, but for the most part the person either does or does not have a requisite clearance. What is more challenging is judging whether a person's information requests align with his/her work assignments. By definition, a person's work assignments stem from his or her line of management or line of command. Logically, the person's management should judge whether a request is consistent with one or more work assignments. Of course, to make such a judgment the relevant manager or managers must know what is being requested.

It is perhaps in recognition that managers may not know about request that Executive Order 12968 creates another layer of checking. Executive Order 12968 states that "It is the responsibility of … authorized holders of classified information to verify that a prospective recipient's eligibility for access has been granted by an authorized agency official and to ensure that a need-to-know exists prior to allowing such access, and to challenge requests for access that do not appear well-founded."

Clearly, this Executive Order allots a secondary "check and balance" role to the information custodian - if credentials and need are "verified" the way is clear to "share" the information. However, the information custodian holds the "high ground" - until he or she is convinced to open the door the door stays locked, so verify can mean "block." Indeed, the Commission referred to "…some of the worst offenders" as being Intelligence Community members blocking one another's' requests, at least in part on the basis of Executive Order 12968. There is a potential Mad Magazine sort of paradox that the requestor cannot explain his or her "need to know" to the information custodian because the custodian does not have appropriate clearance.

Nevertheless, the essence of this provision of Executive Order 12968 may be worth preserving and automating through workflow, which also can be used to make sure that requesting agencies have an automated means to review requests.

As described in Colts Neck Solutions LLC's January 3, 2005 proposal, the "natural" flow is achieved through two-ended workflow within the OBI process model (more familiarly referred to as PunchOut or Roundtrip). The user logs onto his or her "home" system, as appropriate the "home system" punches him or her out to the information holder's system and, simultaneously passes logon credentials to the holder's system in order to support "single sign on. At this point, the holder's system knows what agency the requestor is with as well as identity and clearance. The holder's system presents the user with a catalog or perhaps a configurator (preferable for, say, selecting imagery or to define queries). This step offers supplier-side "workflow" opportunities in that the holding agency's system would certainly dynamically filter the catalog based on clearance level and possibly on other factors.

The user selects the desired items, much as he or she would at, for example, www.barnesandnoble.com (and if the agencies added features to support user "reviews" and "ratings" so much the better). At "checkout," the holder's system would pass the user and his/her "market basket" back to the user's home system. Note that the holding agency can insert into the market basket whatever advisory language is appropriate (e.g., if what is requested requires special shipping, courier or storage arrangements or requires a copy of a warrant or subpoena).

Once the user and market basket are back at the "home" system, the market basket would go through home agency workflow. What the workflow entails would be up to the home agency or perhaps to the DNI or others. In situations perhaps triggered by some characteristic of the information request, outsider reviewers such as the Civil Liberties Protection Officer or a delegate could be incorporated into the workflow sequence.  If the workflow reviews denies the request that would be the end of the process. If approved, the home system would transmit what is now an approved agency order to the holding agency's system.

At this point in the process, the holding agency would know that 1) the person's clearance is adequate, and 2) the person's agency supports the request and has indeed made it an approved agency request. Except for some genuinely "hard" cases the holding agency would release the requested information - whether digitized or in physical form. More about OBI is available - click here.

Note that this "two-ended" process supports and automates the separate accountabilities of the "customer agency" and the "supplier" agency.  The customer side would enforce the appropriate "bounds," while the supplier side would have supported the validation checks specified in Executive Order 12968. As exemplified in the commercial world, this entire dialog could take less than a minute or two, subject to whatever "think time" is required to select and item or items and for workflow approvals, so it is an excellent vehicle for self-service research by analysts. Use of OBI is not of course the entire story, because system to system data interchanges based on a "service oroented architecture" (SOA) also plays a key role.

As noted above, the WMD Commission and the 9/11 Commission before it highlighted the need for highly effective information-sharing between the Intelligence Community and agencies and some private entities on the "edge."

The U.S. Coast Guard, for example, is an "edge" entity that 1) rescues people (a popular service) and encourages community volunteerism regarding boating safety, 2) polices them (boat safety inspections, still pretty much a service), with 3) some criminal investigation, anti-terrorism and quasi-military work mixed in as well. "Unfettered access" could create different sorts of risk from category to category, but especially with respect to matters that potentially could end up in criminal court.

Indeed, the most risk-fraught edge service "join" is between the Intelligence Community and the domestic law enforcement community (and perhaps non-domestic law enforcement as well). There are two risks to be balanced. On one hand, there is a risk that information generated in the course of law enforcement activities will not be exploited in time to prevent some terrorist act or transfer of WMD technology. On the other hand, it may be that "unfettered access" will contaminate evidence, leaving court officers to face unpalatable choices between releasing some eminently guilty perpetrators or prosecuting and convicting despite some egregious violation of due process. There is no excuse for having either to occur.

As described above, the "two-sided" workflow OBI process provides what suits the Intelligence Communities purposes, which is appropriately "fettered and focused" access. It also opens up the opportunity for information sharing reciprocity - e.g., so that edge agencies can appropriately access the Intelligence Community's systems.

The premise of Colts Neck Solutions' original proposal and of this follow-on expansion is that effective use of eBusiness techniques - which were born to function in arms length commercial relationships - can minimize head-to-conflicts between Intelligence effectiveness and civil liberties, while minimizing risk that - as happened on the Titanic, security "compartments" will be breached.

It is important to recall that "need-to-know" compartmentalization is not exclusively or even primarily about civil liberties or privacy. Intelligence agencies in countries that have no interest in either nevertheless "compartmentalize" knowledge. The internal organization is itself a leaky vessel and internal rogues are particularly dangerous. Also, techniques thought of as "external" threats- e.g., information disclosure achieved through "social engineering" - are also internal risks, making it important to have proper workflow and audit logs inside and out.

Overall, concern for "risk management" brings the discussion back to the merits of eBusiness approaches and, often, to the two ended workflow processes enabled by "PunchOut" or other variants of OBI (Open Buying on the Internet).

Efficiency

The WMD Commission referred to a need for efficiency and non-duplication of effort, but did not reference the need for efficiency-oriented process engineering and business process management (BPM) systems. Clearly, these are needed to support higher activity volumes and enlargement of the Intelligence Community.

What the WMD Commission did offer was a somewhat peculiar opposite. It stated that the FISA (Foreign Intelligence Surveillance Act) warrant request process is not an obstacle to appropriate intelligence collection regarding WMT. On the other hand, the Commission reported that requesting FISA warrants poses growing administrative burdens on the Department of Justice's Office of Intelligence Policy Review (OIPR). For the sake of reducing administrative overhead, the Commission therefore proposed changes in FISA to extend surveillance begin and ends dates and other measures to reduce the need to get or renew warrants.

However, what is probably the better solution is to implement an improved business process management system - more specifically docket administration software. Overall, success in streamlining self-service information access, collections request processing and the like will build demand, so productivity-enhancing tools and techniques are likely to be essential to reduce this and other chokepoints and roadblocks.

Law Enforcement, Financial Services and Medical Communities

As noted in the original Colts Neck Solutions LLC proposal, these three "communities" face many of the same issues as have been described regarding the Intelligence Community. Therefore what Colts Neck Solutions LLC proposes for the Intelligence Community also has applicability to these three, because they each face the tension between the benefits versus the risks involved of in implementing community-wide information-sharing.

However, besides each communities' information-sharing needs within themselves, there are important crossover points between communities. Certainly, tracing terrorists or state-supported development of WMP development potentially can involve interaction with (obviously) law enforcement and less obviously with the financial services and medical/biotechnology industries. Therefore, if a given "community" adopts the sort of  interoperable information exchange desrcibed in the Colts Neck Solutions LLC proposals, that community will be better prepared to exchange information and enforce "need-to-know" and "due process" with one another. Given the urgency of the sittuation highlighted by both the 9/11 Commission and the WMD Commission, presumably the Intelligence Community should set the pace and the direction.


                                                            Fulton Wilcox
                                                            Senior Partner
                                                            Colts Neck Solutions LLC
                                                            Colts Neck, New Jersey




HOME
Site Map