Page 1 TOP OF DOC75–673 PDF
2001
USING INFORMATION TECHNOLOGY TO SECURE AMERICA'S BORDERS: INS PROBLEMS WITH PLANNING AND IMPLEMENTATION
HEARING
BEFORE THE
SUBCOMMITTEE ON
IMMIGRATION AND CLAIMS
OF THE
COMMITTEE ON THE JUDICIARY
HOUSE OF REPRESENTATIVES
ONE HUNDRED SEVENTH CONGRESS
FIRST SESSION
OCTOBER 11, 2001
Serial No. 43
Page 2 PREV PAGE TOP OF DOCPrinted for the use of the Committee on the Judiciary
Available via the World Wide Web: http://www.house.gov/judiciary
COMMITTEE ON THE JUDICIARY
F. JAMES SENSENBRENNER, JR., WISCONSIN, Chairman
HENRY J. HYDE, Illinois
GEORGE W. GEKAS, Pennsylvania
HOWARD COBLE, North Carolina
LAMAR SMITH, Texas
ELTON GALLEGLY, California
BOB GOODLATTE, Virginia
ED BRYANT, Tennessee
STEVE CHABOT, Ohio
BOB BARR, Georgia
WILLIAM L. JENKINS, Tennessee
ASA HUTCHINSON, Arkansas
CHRIS CANNON, Utah
LINDSEY O. GRAHAM, South Carolina
SPENCER BACHUS, Alabama
JOE SCARBOROUGH, Florida
JOHN N. HOSTETTLER, Indiana
MARK GREEN, Wisconsin
RIC KELLER, Florida
DARRELL E. ISSA, California
Page 3 PREV PAGE TOP OF DOCMELISSA A. HART, Pennsylvania
JEFF FLAKE, Arizona
MIKE PENCE, Indiana
JOHN CONYERS, Jr., Michigan
BARNEY FRANK, Massachusetts
HOWARD L. BERMAN, California
RICK BOUCHER, Virginia
JERROLD NADLER, New York
ROBERT C. SCOTT, Virginia
MELVIN L. WATT, North Carolina
ZOE LOFGREN, California
SHEILA JACKSON LEE, Texas
MAXINE WATERS, California
MARTIN T. MEEHAN, Massachusetts
WILLIAM D. DELAHUNT, Massachusetts
ROBERT WEXLER, Florida
TAMMY BALDWIN, Wisconsin
ANTHONY D. WEINER, New York
ADAM B. SCHIFF, California
PHILIP G. KIKO, Chief of Staff-General Counsel
PERRY H. APELBAUM, Minority Chief Counsel
Subcommittee on Immigration and Claims
Page 4 PREV PAGE TOP OF DOCGEORGE W. GEKAS, Pennsylvania, Chairman
DARRELL E. ISSA, California
MELISSA A. HART, Pennsylvania
LAMAR SMITH, Texas
ELTON GALLEGLY, California
CHRIS CANNON, Utah, Vice Chair
JEFF FLAKE, Arizona
SHEILA JACKSON LEE, Texas
BARNEY FRANK, Massachusetts
HOWARD L. BERMAN, California
ZOE LOFGREN, California
MARTIN T. MEEHAN, Massachusetts
GEORGE FISHMAN, Chief Counsel
LORA RIES, Counsel
CINDY BLACKSTON, Professional Staff
LEON BUCK, Minority Counsel
C O N T E N T S
OCTOBER 11, 2001
OPENING STATEMENT
Page 5 PREV PAGE TOP OF DOCThe Honorable George W. Gekas, a Representative in Congress From the State of Pennsylvania, and Chairman, Subcommittee on Immigration and Claims
The Honorable Sheila Jackson Lee, a Representative in Congress From the State of Texas, and Ranking Member, Subcommittee on Immigration and Claims
WITNESSES
Mr. Randolph C. Hite, Director, Information Technology Systems Issues, United States General Accounting Office
Oral Testimony
Prepared Statement
Mr. Glenn A. Fine, Inspector General, United States Department of Justice
Oral Testimony
Prepared Statement
The Honorable James W. Ziglar, Commissioner, Immigration and Naturalization Service (accompanied by Mr. Scott Hastings, Associate Commissioner for Information Resource Management)
Oral Testimony
Prepared Statement
Mr. Demetrios G. Papademetriou, Co-Director, Migration Policy Institute
Oral Testimony
Prepared Statement
Page 6 PREV PAGE TOP OF DOC
APPENDIX
Statements Submitted For The Record
The Honorable Sheila Jackson Lee, a Representative in Congress From the State of Texas
Material Submitted For The Record
Mr. Demetrios G. Papademetriou, Co-Director, Migration Policy Institute
Letter From the U.S. Department of Justice, the Honorable James W. Ziglar, Commissioner, Immigration and Naturalization Service
Letter From the U.S. Department of Justice, the Honorable James W. Ziglar, Commissioner, Immigration and Naturalization Service
USING INFORMATION TECHNOLOGY TO SECURE AMERICA'S BORDERS: INS PROBLEMS WITH PLANNING AND IMPLEMENTATION
THURSDAY, OCTOBER 11, 2001
House of Representatives,
Subcommittee on Immigration and Claims,
Page 7 PREV PAGE TOP OF DOCCommittee on the Judiciary,
Washington, DC.
The Subcommittee met, pursuant to notice, at 10 a.m., in Room 2141, Rayburn House Office Building, Hon. George W. Gekas [Chairman of the Subcommittee] presiding.
Mr. GEKAS [presiding]. The hour of 10 o'clock having arrived, the scheduled hearing for the Immigration and Claims Subcommittee of the Judiciary will come to order. We have thus kept faith in dropping the gavel with our theme of beginning every hearing and every meeting exactly on time, and now we have to recess until the appearance of a second Member because the rules of the House, and therefore the rules of the Committee, mandate that at least two Members have to be present for an official hearing.
So you have a choice between now and the time that the second Member comes. I could recite Shakespeare or break into song until that Member appears. [Laughter.]
Mr. GEKAS. Until you make up your minds, this Committee stands in recess until the second Member appears.
[Recess.]
Mr. GEKAS. The time of the recess has expired. We note, and we want the record to indicate that the lady from Texas, Ms. Jackson Lee, Ranking Minority Member, is present, thus, constituting with the chair a hearing quorum.
Page 8 PREV PAGE TOP OF DOCWe will begin the proceedings by asking the witnesses, those seated at the table and those prospective witnesses who might testify to something to please stand and be sworn.
Is Mr. Papademetriou here?
Mr. PAPADEMETRIOU. Yes, Mr. Chairman.
Mr. GEKAS. Will you please raise your right hands and be sworn.
[Witnesses sworn.]
Mr. GEKAS. You may be seated. We will call upon you as the order of witnesses indicates.
The first order of business is to get rid of the bells. [Laughter.]
Mr. GEKAS. The order of witnesses is exactly as the witnesses have been seated from our right to the left, and Mr. Hite will be the first witness. He is the Director of Information Technology Systems Issues at the U.S. General Accounting Office. He has been there for 25 years, has directed reviews of many and multifarious types of information-gathering techniques and particularly on the technology, which will possibly be the focus of today's hearing in quantity. He has a degree in business administration, and has received many awards, including the GAO's Meritorious Service Award.
Before he feels free to proceed, the chair will indulge in a brief opening statement to set the stage for the hearing, which I have already, in some ways, indicated through the introduction of Mr. Hite.
Page 9 PREV PAGE TOP OF DOC
Way before the events of September 11, and especially since, the status of aliens in our country is a weighty problem, heightened of course by what we have seen, the fury of activity in tracing aliens, and hijackers, and potential hijackers, et cetera, ever since the calamities of September 11.
We want to indulge in finding out what has happened to some of the mandates that we have presented to the INS in the past as a Congress, particularly with the border crossing cards and that technology. It seems to us that, thus far—and perhaps I am preparing Commissioner Ziglar for possible answers to our pointed questions—we see no reason for what has happened at the border with these cards, and we want fullest explanations and remedies.
Then there is the student visa problem, SEVIS or SEVIS [long e], as we want to call it, where it has been uncovered that the intent of Congress has not been fulfilled with an accountability on a range of people who are involved in the prosecution of that program. So the technology involved there and in the border crossing cards will be two of the focus issues of this hearing. We may wander into others, as is the want of the Members of Congress from time to time, like always, and we will ask the witnesses to consider what the chair has said as to the focus during the question and answer period that will follow the initial presentations.
We note the presence of Congressman Flake, a Member of the Committee. Let the record indicate that he is present.
We now yield to the lady from Texas for an opening statement.
Page 10 PREV PAGE TOP OF DOCMs. JACKSON LEE. Good morning to the witness, and, Mr. Chairman—witnesses—and Mr. Chairman thank you very much for holding this very important hearing. I look forward to working with you as this Committee works its will and works with our colleagues to emphasize the importance of the work of the INS, but as well to ensure that we have the skills and the tools to do the job that the American people desire.
Let me welcome Commissioner Ziglar. I believe this may be the first time he has testified before this Committee. I may be incorrect. He may have been busy, and we may have seen him before, but I think this is the first time, and I welcome the other witnesses.
These issues have been before these—this Committee, dealing with the securing of America's borders for many, many years, through many chairpersons and Ranking Members. This Oversight Hearing on Using Information Technology to Secure America's Borders: INS Problems with Planning and Implementation is important for two reasons.
First, this hearing will help us understand what we can do to prevent events such as September 11; second, this hearing is so vital because the mission of the INS to provide immigration services to alien citizens and businesses and to enforce the Nation's immigration laws is absolutely dependent on information technology. With poor information technology, we are making Immigration inspectors, Border Patrol officers and investigators work too hard. INS border security enforcement systems do not work effectively. We need systems that are versatile. This does not mean that INS employees and management are not working hard. It does mean that we have a lot to fix.
Instead of hastily appropriating more money to INS, whose budget has increased from $1.4 billion in fiscal year 1992 to over $5 billion in fiscal year 2001, we need to pursue additional options. It is clear to me from my many dealings with the INS that the main fix that is needed is a radical shift in the mentality of the Immigration and Naturalization Service, and I would also add a restructuring of the INS.
Page 11 PREV PAGE TOP OF DOC
For years I have struggled with the Agency that is unable to meet congressional deadlines. After pouring in massive amounts of revenue, Congress has not seen the improvements it desires. However, with better planning, structure, organization, most importantly management, there is no question that the Agency should be able to meet its goals. It is unclear how many different types of border security enforcement systems exist. INS has been auditing what systems it has in place since January of 2000. In addition, it is unclear what the purpose of each system is and how they operate.
I hope, Commissioner Ziglar, that you will be able to inform us about the different systems that exist and how they operate, all with the goal of making all of us better.
Furthermore, I would like to highlight some of the concerns I have with the current structure of information technology. A current snapshot of INS management and investment of information technology, as well as its information security, shows that INS cannot ensure that the money it spends each year on information technology will be able to support the function of the Agency or, B, that its information technology resources are adequately protected from unauthorized access or service disruption.
There are simply too many different border security enforcement systems to be used or managed. Serious consideration needs to be given to consolidating as many of these systems as possible or creating one system that is all relevant data, so that all relevant data becomes available.
One major system, the IDENT system, which is used to track recidivous aliens along the border between ports of entry, has been badly implemented, despite an investment exceeding $80 million. Department of Justice Management Division is moving forward with an additional $27 million integration effort. Serious consideration should be given to declaring a moratorium on spending money on this system, and instead replacing it with a new system that is truly integrated with all INS and FBI criminal database.
Page 12 PREV PAGE TOP OF DOC
We worked very closely with the Resendez-Ramirez case and held hearings on this matter in this Committee. This was a failure of INS to adequately track a known criminal, a serial killer, unfortunately. Such a situation cannot happen again, and hopefully this hearing will lead the way in correcting that.
Currently, some of INS systems require biometric cards, some do not. Some cards have bar codes, others have laser media. Some systems do not even use biometric data. There should be some discussion as to creating some conforming system so that all of the information can be used for a single type of card reading.
The recent terrorist attacks have seriously impeded legitimate international travel and commerce. That means that we really have to do something. Coming from Texas, I know that you have changed to the bar-coded cards, I believe. I hope you will comment on that and tell us how that is working. Certainly, coming from Texas, there have been many calls of concern on both sides of the border, as it relates to the delays, whether you have enough staff, whether the carding is working, and I think that is extremely important.
In the Antiterrorist Bill, I offered suggestions for the spending of the $50 million for the Canadian border, more cooperation between our law enforcement, of course, and Canadian law enforcement, more intimate relationships, if you will, or coordination/collaboration, in addition, using the highest type of technology, infrared technology, as well.
As I close, I simply want to say that we can spend a lot of time and are spending a lot of time on September 11. We wish and call upon all that we believe in that it did not happen. I would like the INS to be part of the solution, not part of the problem. And, if anything, we need to be at the top of our game, if you will, in sharing information, in technology utilization.
Page 13 PREV PAGE TOP OF DOC
And, clearly, let me say that the tracking of the visas, specialty visas, as the Chairman has so noted—he mentioned student visas—is an imperative, and I would like to have a response as to how the INS intends to coordinate with the State Department, who gives the visas, in terms of tracking overstays. Without knowing any detailed information about the intimacies of the final results of the investigation of September 11, I would hate to find out that many of those individuals were the result of overstays. We must give to the American people our word that their security is our most important responsibility, balanced, of course, with those individuals who have accessed legalization legally and are here to contribute to this Nation, respecting their rights as well.
I hope this hearing will lend itself to giving, minimally, some of the answers to the American people.
I yield back. I thank the Chairman.
Mr. GEKAS. The record will indicate that the lady from California, Ms. Lofgren is present, the gentleman from Texas, Mr. Smith.
Any opening statements that the Members might have can, by unanimous consent, become a part of the record, and they will appear immediately following the opening statements by the Chair and the Ranking Minority Member.
Mr. GEKAS. We now will proceed with the testimony with the already-introduced Mr. Hite, to whom we say we will allot 5 minutes for an oral presentation of your written statement, which is already becoming a part of the record, and we ask you to proceed.
Page 14 PREV PAGE TOP OF DOC
TESTIMONY OF RANDOLPH C. HITE, DIRECTOR, INFORMATION TECHNOLOGY SYSTEMS ISSUES, UNITED STATES GENERAL ACCOUNTING OFFICE
Mr. HITE. Thank you, Mr. Chairman, and Members of the Subcommittee for the opportunity to participate in today's hearing.
The events of September 11, 2001, have made INS's very important border security mission more prominent. When one considers that America's borders extend thousands of miles, involve hundreds of ports of entry, through which millions of visitors pass, an appreciation of how challenging this mission is begins to emerge. Couple this with the fact that INS must work in lockstep with a number of other Federal agencies that also play key roles in this border security mission area, then the challenge becomes more daunting.
How can INS meet its challenge? As with any organization, the key is leveraging resources, in the form of people, processes, and technology as the means to the desired end. For INS and its border security mission, however, people resources can only do so much given the vast number of border entry and crossing points. To augment its people, INS must transform both the way it does business and the technology it uses to support its business processes, thereby expanding its reach and visibility over our borders.
How can this be accomplished? Our research of private- and public-sector organizations that are successful in using IT shows that doing so requires the establishment of certain institutional IT management enablers. Two of these are enterprise architecture management and IT investment management, neither of which INS has currently implemented.
Page 15 PREV PAGE TOP OF DOC
Let me start with enterprise architecture management. Simply stated, an architecture consists of a set of explicitly defined models that show, in both business terms and technology terms, how an organization operates today, how it needs to operate tomorrow, and it provides a road map for transitioning between those two points in time. The goal is to ensure that new and modified Agency assets and the business processes that they support are designed and implemented in a way that promotes interoperability and avoids duplication.
Last year, we reported that INS did not have an enterprise architecture and that its efforts to develop one were unlikely to produce success. The good news is that INS has agreed with the recommendations and has made progress in implementing them. The bad news is that INS still does not have the enterprise completed and much remains to be done. Without an architecture, the best that INS can hope for is to patch together stovepipe operations and supporting systems. This would produce marginal improvements in performance.
Let me now turn to IT investment management, which, in general terms, is the mechanism for implementing the architecture. In short, investment management consists of the steps to assure that senior executives are adequately involved and informed about the crucial capital investment decisions that are central to moving an agency from where it is today to where it needs to be tomorrow. The goal is to assure that IT projects are implemented at acceptable costs, within reasonable and expected time frames, and are contributing to tangible, observable improvements in mission performance.
In this regard, we also reported last year that INS lacked the full set of investment management processes and practices—to ensure that IT projects would be delivered on time, on budget, would perform as intended, and more importantly would represent the right mix of systems to best support mission needs and priorities.
Page 16 PREV PAGE TOP OF DOC
While the good news is that INS has agreed with these recommendations and has made progress in implementing them, the bad news is that these processes and practices have yet to be implemented. Until it does, INS mission effectiveness and efficiency, in my view, are not achievable goals.
In summary, what this ''technology speak'' means is this: When it comes to investing in IT, and by association the processes that IT implements, INS is not positioned to know that it is doing the right thing and it is doing it the right way. To be right, INS must know, at a minimum, whether its investments in IT are aligned with an agency blueprint for change and whether they are the best mix of investments to maximize benefits, and minimize costs and risks. If this is not done, INS process and system environments will not evolve appreciably from where they are today, and it is unlikely that INS will be able to effectively and efficiently leverage process and technology resources to best meet border security mission needs.
That concludes my statement. I will be happy to answer any questions.
[The prepared statement of Mr. Hite follows:]
PREPARED STATEMENT OF RANDOLPH C. HITE
Mr. Chairman and Members of the Subcommittee:
Thank you for the opportunity to participate in today's hearing on the Immigration and Naturalization Service's (INS) use of information technology (IT) to secure America's borders. My statement is based on reports we have issued during the last year that address INS' institutional IT management process controls, and our recent follow-up work to determine progress in implementing the recommendations that we made in these reports.(see footnote 1)
Page 17 PREV PAGE TOP OF DOC
IT management process controls, such as investment management and enterprise architecture management, are recognized indicators of whether an organization, like INS, can successfully develop, acquire, implement, operate, and maintain IT systems and related infrastructure. Together, enterprise architecture management and investment management, respectively, serve to explicitly blueprint the future operational environment, in both business and technology terms, needed for an organization to effectively and efficiently achieve its strategic mission, and to assure adequate senior executive involvement in the crucial capital investment decisions required to effective and efficiently put in place this target environment.(see footnote 2)
In summary, INS has yet to implement the set of practices (e.g., policies, activities, abilities, measures) associated with effective IT investment and enterprise architecture management. As a result, INS is not positioned to know that its ongoing and planned IT investments are the ''right things to do,'' meaning it does not know whether these investments will produce mission value commensurate with costs and risks or whether these investments are superior to competing investment alternatives. Further, INS does not know that these investments are ''being done the right way,'' meaning it does not know whether investments are aligned with an agencywide blueprint (architecture) that defines how the agency plans to operationally and technologically function in the future, and it does not know whether each of its ongoing investments are meeting their cost, schedule, and performance commitments.
In light of the recent terrorist attacks, INS' border security mission has gained prominence. How effectively INS can perform this vital mission will depend in part on how well it can leverage both existing and new IT resources. Given the difficulty of this mission, effectively and efficiently leveraging technology would be a challenge even if INS had the requisite management process controls. Since it does not, INS' challenge becomes even more challenging. In the recommendations that we made in our recent reports, we recognized that INS would have to make near-term investments to meet pressing mission needs before it had established IT management process controls. A key to INS' doing so effectively is for its leadership to proactively compensate for missing management controls by ensuring that the requisite human capital skills and expertise are brought to bear on IT projects supporting its border security mission. While this is clearly not a long-term solution to the agency's IT management challenges, this strategy can serve as a temporary ''crutch'' until INS can follow through on its ongoing efforts to establish and implement effective management process controls and devote the resources to ensuring that these controls are practiced agencywide.
Page 18 PREV PAGE TOP OF DOC
BACKGROUND
The mission of INS, an agency of the Department of Justice, is to administer and enforce the immigration laws of the United States. To accomplish its mission, INS has three interrelated business areas—enforcement, immigration services, and corporate (i.e., mission-support) services. Enforcement includes border inspections of persons entering the United States, detecting and preventing smuggling and illegal entry, and identifying and removing illegal entrants. Immigration services include granting legal permanent residence status, nonimmigrant status (e.g. students and tourists), and naturalization. INS efforts to protect our nation's borders are performed under both of these core mission areas. Corporate services include functions such as financial and human capital management. INS' field structure consists of 3 regional offices, 4 regional service centers, 3 administrative centers, 36 district offices, 21 Border Patrol sectors, and more than 300 land, sea, and air ports of entry.
To carry out its responsibilities, INS relies on IT. For example, the Integrated Surveillance Intelligence System (ISIS) is to provide ''24 by 7'' border coverage through ground-based sensors, fixed cameras, and computer-aided detection capabilities. Also the Student Exchange Visitor Information System (SEVIS) is to manage information about nonimmigrant foreign students and exchange visitors from schools and exchange programs.
Each year INS invests, on average, about $300 million in IT systems, infrastructure, and services.
INS' Longstanding Problems in Managing IT Projects Have Been Well Chronicled
Page 19 PREV PAGE TOP OF DOC
Recent studies have identified significant weaknesses in INS' management of IT projects. In August 1998, the Logistics Management Institute (LMI) reported that INS did not track and manage projects to a set of cost, schedule, technical, and benefit baselines.(see footnote 3) LMI noted that while INS had defined good procedures for developing systems, it did not consistently follow them. Similarly, in July 1999, the Justice Inspector General (IG) reported that INS was not adequately managing its IT systems.(see footnote 4) In particular, the IG reported that (1) estimated completion dates for some IT projects had been delayed without explanation, (2) project costs continued to spiral upward with no justification for how funds are spent, and (3) projects were nearing completion with no assurance that they would meet performance and functional requirements.
DESPITE RECENT PROGRESS, INS LACKS IMPORTANT INSTITUTIONAL IT MANAGEMENT CONTROLS
In light of the reported problems on individual projects, we reviewed INS' institutional approach to managing IT to determine the root cause of project problems and to provide the basis for recommending fundamental management reform. In doing so, we focused on two key and closely related IT management process controls: investment management and enterprise architecture management. In August 2000 and December 2000, we reported that INS lacked both of these management process controls because the former agency leadership had not viewed either as an institutional priority. We also provided INS, through our recommendations, a roadmap for establishing and implementing both controls.(see footnote 5) INS agreed with our findings and recommendations, and it committed to implementing the recommendations. Although INS has made progress to date in doing so, much remains to be accomplished before it will have implemented these management controls and have the capability to effectively and efficiently manage IT.
Page 20 PREV PAGE TOP OF DOC
Effective Planning and Implementation of IT Requires Architecture-Centric Investment Management
As defined by the Clinger-Cohen Act of 1996 and associated Office and Management and Budget instructions, and as practiced by leading public and private sector organizations, effective IT investment management requires implementing process controls for maximizing the value and assessing and managing the risks of investments. The goal is to have the means in place and functioning to help ensure that IT projects are being implemented at acceptable costs, within reasonable and expected time frames, and are contributing to tangible, observable improvements in mission performance.
To help agencies understand their respective IT investment management capabilities, we developed the Information Technology Investment Management (ITIM) maturity framework. The ITIM framework is a tool that identifies critical processes and practices for successful IT investment and organizes them into a framework of increasingly mature stages.(see footnote 6) A fundamental premise of the framework is that each incremental stage lays a foundation on which subsequent stages build. The initial stage focuses on controlling investments already underway, while also starting to establish a way to select new investments. Later stages emphasize managing investments from a portfolio perspective in which individual investments are evaluated as a set of competing options based on their contribution to mission goals and objectives. The goal is to arrive at the optimal mix of projects in which to invest resources. Agencies can use the framework for assessing the strengths and weaknesses of their existing investment management processes and for developing a roadmap for improvement. The Chief Information Officers Council has endorsed the ITIM framework.
Page 21 PREV PAGE TOP OF DOCIn order for an agency to achieve a minimum level of IT management effectiveness, it needs to first gain control of its current investments. To do this, it must establish and implement processes and practices for ensuring that projects have defined cost, schedule, and performance expectations; that projects are continuously controlled to determine whether commitments are being met and to address deviations; and that decisionmakers have this basic investment information to use in selecting new projects for funding and deciding whether to continue existing projects. Once it has established these project-specific control and selection processes, the agency then should move to considering each new investment not as a separate and distinct project, but rather as part of an integrated portfolio of investments that collectively contribute to mission goals and objectives. To do this, the agency should establish and implement processes and practices for analyzing the relative pros and cons of competing investment options and selecting a set of investments that agency leadership believes best meets mission-based and explicitly defined investment criteria.
Integral to an effective IT investment management process is having a well-defined enterprise architecture or blueprint for guiding the content and characteristics of investments in new and existing IT systems, infrastructure, and services. The goal is to help ensure that the new and modified IT assets will, among other things, be designed and implemented to promote interoperability and avoid duplication, thereby optimizing agencywide performance and accountability.
In more specific terms, an enterprise architecture is a comprehensive and systematically derived description of organization's operations, both in logical terms (including business functions and applications, business rules, work locations, information needs and users, and the interrelationships among these variables) and in technical terms (including IT hardware, software, data, communications, security, and performance characteristics and standards). If defined properly, enterprise architectures can clarify and help optimize the connections among an organization's interrelated and interdependent business operations and the underlying IT supporting these operations.(see footnote 7) A complete enterprise architecture includes both the current architecture (as it is now) and the target architecture (the goal), as well as a plan for moving between the two. To assist agencies in developing, maintaining, and implementing enterprise architectures, we collaborated with the Chief Information Officers Council to develop a practical guide for enterprise architecture management.(see footnote 8)
Page 22 PREV PAGE TOP OF DOC
INS Has Taken Steps to Improve IT Investment Management But Effective Processes and Practices Have Yet To Be Implemented
In December 2000 we reported that while INS had some investment control elements, it nevertheless lacked the full set of foundational investment management processes and practices needed to effectively control its ongoing IT projects and ensure that they were meeting cost, schedule, and performance commitments and contributing to measurable mission performance and accountability goals. For example, INS had not consistently (1) developed and maintained project management plans that specified cost and schedule baselines, (2) linked projects to INS mission needs, and (3) tracked and monitored projects to determine whether they were meeting project baselines and mission needs. Without this information, the investment review board (that, to its credit, INS had established to make investment selection decisions) could not act to effectively address deviations. The result was increased risk that the technology needed to support mission goals, such as securing America's borders, would not be delivered on time and on budget and would not perform as intended.
We also reported in December 2000 that INS was not effectively managing its IT investments, both new proposals and ongoing projects, as a portfolio, meaning that INS' investment review board was not making portfolio selection and control decisions in terms of what mix of proposed and ongoing projects collectively best supported achievement of mission needs and priorities. In particular, INS had not defined, and thus was not using, investment selection criteria that were linked to mission needs and addressed cost, schedule, benefits, and risk. Without such criteria, the board lacked the basic information needed to assess the relative merits of and make trade-offs among its options for increasing IT capabilities, including acquiring new, enhancing existing, and operating and maintaining existing systems and infrastructure. By not employing portfolio investment management, we concluded that INS was at risk of not having the right mix of technology in place to support critical mission priorities, such as protecting America's borders against the threat of terrorism. Accordingly, we made a series of recommendations to INS aimed at, among other things, treating the development and implementation of IT investment management process controls as an agency priority and managing them as such.
Page 23 PREV PAGE TOP OF DOC
Since our December 2000 report, INS has taken steps to implement our recommendations for establishing and following rigorous and disciplined investment management controls. In particular, it has developed a guide for IT investment management that, according to INS, defines many of the missing processes and practices. The key for INS will be to ensure that these processes and practices are effectively implemented. Given that the Justice IG, in reporting on IT project problems, found that INS was not following established project management procedures, successful implementation of INS' newly developed investment guide cannot be taken for granted, and needs to be given the attention it deserves.
INS Is Taking Steps to Develop an Enterprise Architecture, But It Still Lacks this Important IT Management Tool
In July 2000, we reported that INS did not have an enterprise architecture, including a description of both its ''as is'' and ''to be'' operational and technology environments and a roadmap for transitioning between the two environments. Moreover, we also reported that the efforts underway to develop the architecture were flawed and unlikely to produce useful architectural products.(see footnote 9) In particular, the development efforts were limited to a producing a bottom-up description of INS' current IT environment (e.g., hardware and system software computing platforms, data structures and schemas, software applications) and mapping the software applications to mission areas. While this was a reasonable start to describing the current architectural environment, important steps still needed to be accomplished, such as linking the systems environment description to a decomposed view of agency mission areas, including each area's component business functions, information needs, and information flows among functions. Moreover, doing this reliably required the participation of agency business owners; however, these owners were not involved.
Page 24 PREV PAGE TOP OF DOC
Also, INS had not begun developing either a target architecture or a capital investment plan for sequencing the projects that will it allow to migrate from its current architecture to its target architecture. These two components would be integral to INS' previously mentioned need to implement effective investment management processes and practices because both controlling and selecting IT projects requires ensuring that these projects are provided for in the sequencing plan and are aligned with the target architecture. By doing so, investment decisionmakers can know (1) how proposed projects contribute to the strategic mission goals, needs, and priorities and (2) whether these projects will be engineered according to the technical models and standards, that are both embedded in the target architecture descriptions.
Equally important, we reported that INS' architecture development efforts were not being managed as a formal program, including having meaningful plans that provided a detailed breakdown of the work and associated schedules and resource needs. Further, these efforts did not include performance measures and progress reporting requirements to ensure that the effort was progressing satisfactorily. As a result, we concluded that it was unlikely that INS could produce a meaningful architecture that could be used to effectively and efficiently guide and constrain IT investment and project decisionmaking. Accordingly, we made a series of recommendations to INS aimed at making development of an enterprise architecture an agency priority and managing it as such.
INS agreed with our recommendations and has since taken steps to improve its ability to manage development of its enterprise architecture. For example, INS reports that it has (1) established an enterprise architecture program office, (2) developed a business model of its current operational environment, (3) developed plans for defining a target architecture and capital investment sequencing plan, and (4) established teams representing all business units to define current and target business environments. While these are positive steps, they are only a beginning, and much remains to be accomplished before INS will have the kind of agency blueprint needed to support effective project investment and engineering decision-making.
Page 25 PREV PAGE TOP OF DOC
In conclusion, INS is a challenged agency when it comes to effectively and efficiently managing IT. Nevertheless, immediate border security demands have emerged that require the agency to effectively leverage technology as part of its response to these demands. To address this situation in the near term, INS will have to ensure that it compensates for management process control weaknesses by engaging the requisite human capital expertise on its border security efforts. In the long term, INS will need to continue to implement our open recommendations aimed at reforming the agency's IT management process controls.
Mr. Chairman and Members of the Subcommittee, this concludes my statement. I would be happy to address any question that you have.
Mr. GEKAS. We thank the gentleman, and we will return to him during the Q and A.
We now turn to an introduction of Glenn A. Fine, the Inspector General of the United States Department of Justice. He has worked for the Department of Justice Office of the Inspector General since January 1995. Initially, he was special counsel to the Inspector General.
Mr. Fine graduated magna cum laude from Harvard in 1979, with an A.B. degree in economics. He was a Rhodes Scholar and earned B.A. and M.A. degrees from Oxford. He received his law degree magna cum laude from Harvard Law School in 1985.
We ask the gentleman to proceed for a period of 5 minutes to summarize the written statement which, as previously indicated for all witnesses, is already a part of the record.
Page 26 PREV PAGE TOP OF DOC
TESTIMONY OF GLENN A. FINE, INSPECTOR GENERAL, UNITED STATES DEPARTMENT OF JUSTICE
Mr. FINE. Mr. Chairman and Members of the Subcommittee on Immigration and Claims, I appreciate the opportunity to appear before the Subcommittee to testify on the INS's use of information technology to secure America's borders.
My testimony this morning will focus on the work of the Office of the Inspector General in examining INS programs and their related information technology systems. At the outset, I want to stress that while the OIG has noted serious deficiencies in INS IT systems over the years, this should in no way diminish the important contributions thousands of INS employees make on a daily basis. They perform diligently, under very difficult circumstances, and their mission is critical to this country.
Yet our reviews of INS programs and associated IT systems have revealed significant problems in the INS's efforts to fulfill that mission. A 1998 OIG audit of the INS's management of IT systems found that the INS did not adequately manage or monitor its numerous initiatives.
We issued a follow-up audit report in 1999, which again concluded that the INS still could not sufficiently track the status of its IT projects to determine whether progress was acceptable, given the amount of time and funds already spent. Estimated completion dates for projects were delayed without explanation; costs continued to spiral upward with no justification for how funds were spent; and projects neared completion with no assurance of meeting performance and functional requirements.
Page 27 PREV PAGE TOP OF DOC
Since our audits, the GAO has issued two reports reaching related conclusions, which Mr. Hite just summarized. I will briefly summarize some OIG reviews of a few specific systems that are discussed in my written statement.
The INS's automated biometric identification system, known as IDENT, is used, in part, to identify individuals who the INS apprehends. This system scans two fingerprints and pictures of aliens and compares them against records in the IDENT lookout and recidivist databases.
The INS envisioned that most of its operations, including the Border Patrol, Investigations, Detention and Deportation, Intelligence and Inspections, would benefit from IDENT through its quick identification of individuals and its ability to obtain information about them. However, an OIG inspection found that the INS was not enrolling all of the aliens apprehended along the U.S.-Mexico border into IDENT and had virtually no controls to ensure the quality of data entered. We also raised concerns that the INS had not sufficiently trained its employees on the system.
In March 2000, the OIG issued another review that again found problems with IDENT in tragic circumstances. Rafael Resendez-Ramirez was a Mexican national accused of committing several murders in the United States. When local police searching for Resendez contacted INS investigators in Houston, none of the INS investigators placed a lookout for him in IDENT.
Consequently, when Border Patrol agents apprehended Resendez as he attempted to illegally cross the border into New Mexico, nothing in IDENT alerted them to the fact that he was wanted for murder or had an extensive criminal record. The Border Patrol, therefore, followed its standard policy and voluntarily returned him to Mexico. Resendez returned to the United States within days of his release and murdered several more people before surrendering.
Page 28 PREV PAGE TOP OF DOC
Our review of the Resendez case showed problems that were indicative of and partly caused by larger failings in the design and implementation of IDENT. We found that training on IDENT for INS employees, particularly outside the Border Patrol, was ineffective or nonexistent. INS program offices, such as Investigations and Intelligence, viewed IDENT as a Border Patrol initiative and were not educated on how it could be useful to their mission. Also, IDENT was not, and still is not, linked with the FBI's Integrated Automated Fingerprint Identification System and the FBI's National Crime Information Center 2000 system.
The Resendez case vividly illustrated the need for integration of the INS and FBI systems and spurred the FBI and the INS to begin to develop an integration plan. However, that plan is still being developed.
Another OIG review examined the INS's tracking and identification of nonimmigrant visa overstays. These are visitors who enter the United States legally, but fail to depart when required. The INS estimates that 40 to 50 percent of the approximately 6 million or more illegal aliens in the United States fit into this category. Our review found that the principal INS system for tracking visa overstays, the Nonimmigrant Information System, was not producing reliable data, either in the aggregate or on individuals. We also found that the INS had no specific enforcement program to identify, locate, apprehend, and remove overstays, and that using the INS data was of little use for locating them.
Also related to the issue of nonimmigrant overstays, the OIG recently examined the INS's efforts to meet congressional directives to develop an automated entry and exit control system that would collect a record for aliens arriving in the United States from an I-94 card and automatically match these with I-94 departure cards. The OIG found that the INS has not properly managed the project. Despite having spent $31 million on the system, the INS was operating it at only a few airports and does not have clear evidence that it would meet its intended goals.
Page 29 PREV PAGE TOP OF DOC
We also conducted other reviews discussed in my written testimony that examine the Visa Waiver Program, the Border Patrol's efforts to control illegal activity along the northern border, and how the INS handled the cases of two men who entered and remained in the United States before being arrested on charges of attempting to bomb the Brooklyn subway system in 1999.
In sum, these and other OIG projects have found that the INS failed to manage and implement reliable integrated IT systems in a timely and cost-effective manner. The OIG believes the INS needs to more stringently manage and establish priorities for the development of its systems, rather than spend enormous resources developing so many IT systems for so many different purposes.
Among other recommendations, we urge the INS to ensure that its databases share information both within and outside the INS. We also believe the INS needs to expand the use of biometrics to identify individuals with whom the INS comes in contact. In addition, the INS must improve its tracking of nonimmigrant visa overstays. The current system for identifying them does not produce reliable or accurate information, and the automated I-94 project does not seem to be working.
Solving the problems of INS information technology is a complex issue with no easy solutions. It requires strategic vision, strong leadership, and individual and organizational accountability. This effort needs to be a top priority of the Agency, since effective INS information technology is essential to protecting the integrity of the immigration system and the national security.
Page 30 PREV PAGE TOP OF DOC
I would be pleased to answer any questions.
[The prepared statement of Mr. Fine follows:]
PREPARED STATEMENT OF GLENN A. FINE
Mr. Chairman, Congresswoman Jackson Lee, and Members of the Subcommittee on Immigration and Claims:
I. INTRODUCTION
I appreciate the opportunity to appear before the Subcommittee on Immigration and Claims to discuss the Immigration and Naturalization Service's (INS's) use of information technology to secure America's borders. My testimony this morning will focus on the work of the Department of Justice (Department) Office of the Inspector General (OIG) in examining programs and related automated systems in the INS.
In recent years, the OIG has spent approximately one-half of our total resources on INS-related oversight. We expended this effort in response to concerns expressed within the Department and Congress, as well as our own assessment, about how the INS was handling its important and diverse responsibilities. As the INS's budget and workforce have increased to more than $5 billion and 33,000 staff, the need for concerted OIG oversight similarly has increased.
Page 31 PREV PAGE TOP OF DOCAt the outset of my statement, I want to stress that while the OIG has noted serious deficiencies in INS operations and systems over the years, this should in no way diminish the important contributions thousands of INS employees make on a daily basis. These employees perform diligently, under very difficult circumstances, and their mission is critical to the proper functioning of our government.
Yet, as this statement will discuss, our reviews of INS programs and their associated information technology systems have revealed significant problems that leave gaps in the INS's attempts to secure the nation's borders. In this statement, I will highlight examples of OIG work in the INS that identifies some of these shortcomings.
Before I turn to these specific OIG reviews, however, let me offer several general observations based upon our body of work in the INS. Over the past decade, the OIG has found serious process and management deficiencies in the INS. Many OIG reviews of INS programs have questioned the reliability of the agency's automated information systems and the accuracy of the data produced by those systems. We see separate automated systems planned for almost every function in the INS, but many of these systems do not ''talk'' to each other and therefore cannot be used to meet other important agency missions. Furthermore, given the INS's track record in acquiring and managing information technology (IT) systems, the OIG is concerned that the INS will not have the managerial expertise or ability to bring all of its automation initiatives successfully to completion, particularly in a timely and cost effective fashion.
According to Department of Justice estimates, the INS has spent more than $290 million on automated systems in fiscal year (FY) 2001 and more than $260 million in FY 2000. All told, through fiscal year 2001, the INS planned to spend approximately $2.6 billion on its automation programs. However, two OIG reviews of the INS's management of its automation initiatives found lengthy delays in completing many automation programs, unnecessary cost increases, and a significant risk that finished projects would fail to meet the agency's needs.
Page 32 PREV PAGE TOP OF DOC
The OIG first notified the INS in 1995 of our concerns regarding systemic problems in INS automation programs. Based on our extensive audit work during the early 1990s, we identified ten risk areas in the INS's management of its automation programs that required close scrutiny by agency managers.
In March 1998, the OIG completed the first of two comprehensive audits of the INS's management of its automation programs. In our first audit, we found that the INS did not adequately monitor its automation programs. We concluded that the INS lacked comprehensive performance measures and insufficiently tracked the status of its projects. Consequently, the INS could not determine if progress towards the completion of the projects was acceptable. As a result, we stated that the INS faced risks that: (1) completed projects would not meet the overall goals of the automation programs; (2) completion of the automated projects would be significantly delayed; and (3) unnecessary cost increases would occur.
In July 1999, the OIG issued a follow-up report, which again found that the INS was not adequately managing its automation programs. In the 1999 audit, we noted that the INS still could not sufficiently track the status of its automation projects to determine whether progress was acceptable given the amount of time and funds already spent. We reported that: (1) estimated completion dates for projects were delayed without explanation; (2) costs continued to spiral upward with no justification for how funds were spent; and (3) projects neared completion with no assurance for meeting performance and functional requirements.
We identified three causes for these problems. First, INS managers did not have a common base line of automation projects by which to focus their collective efforts. In fact, the INS had substantial difficulty providing us with a complete list of their automation projects. Second, project information needed for effective management and decision-making was not readily available. Third, INS managers did not develop, document, or implement basic management control processes necessary to ensure that projects would be completed on schedule and meet performance and functional requirements. The ultimate cost for the INS's automation programs was uncertain because actual costs incurred were unreliable and projected cost estimates were unsupported.
Page 33 PREV PAGE TOP OF DOC
Furthermore, we found that the INS had not implemented adequate safeguards to ensure the accuracy of existing data that would be used by systems being developed or re-engineered, or the adequacy of future data inputs. As a result, new or existing INS systems could contain inaccurate or unreliable data.
Since these audits, the General Accounting Office (GAO) issued reports in August 2000 and December 2000 that reached related conclusions about the INS's management of its information technology programs. Those reports concluded that the INS does not have an enterprise architecture to ensure that the hundreds of millions of dollars it spends each year on new and existing technology will optimally support the INS's mission. The GAO also concluded that the INS did not have adequate processes in place to effectively manage its planned and ongoing information technology programs.
I will now describe several OIG reviews that examined the management and performance of individual INS information technology systems.
II. OIG REVIEWS
A. Automated Biometric Identification System (IDENT)
In 1989, the INS began to develop an automated biometric identification system to identify quickly individuals who are apprehended or have come into contact with the INS. Biometrics are biological measurements unique to each person, such as fingerprints, hand geometry, facial patterns, retinal patterns, or other characteristics, that are used to identify individuals. Fingerprints are the most common biometric used by law enforcement agencies. Historically, without a biometric system, the INS had to rely upon the names provided by aliens who were apprehended when checking against their databases or other records. But aliens often used false names or different names during different apprehensions. Also, many persons have similar names, and spelling errors can result in problems identifying individuals accurately.
Page 34 PREV PAGE TOP OF DOC
After several studies, in 1994 the INS began implementing the Automatic Biometric Identification System, called IDENT. IDENT was first deployed in the San Diego Border Patrol Sector and subsequently throughout the southwest border. IDENT workstations consist of a personal computer, camera, and a single-fingerprint scanner. During enrollment of individuals into IDENT, INS agents scan an individual's two fingerprints, take the individual's photograph, and enter basic apprehension information about the individual into the automated system. When this information is saved, IDENT matches the fingerprints of the individual against the corresponding fingerprints of all individuals in two central IDENT databases, the lookout database and the recidivist database.
In the 1996 Illegal Immigration Reform and Immigrant Responsibility Act, Congress directed the INS to expand the use of IDENT to ''apply to illegal or criminal aliens apprehended Nationwide.'' INS officials envisioned that most of the agency's programs and operations—including the Border Patrol, Investigations, Detention and Deportation, Intelligence, Inspections, Benefits Adjudication, and the INS Service Centers—would benefit from the IDENT system through its quick identification of individuals and its ability to obtain information about them from previous encounters with the INS, including any criminal history.
In 1998, the OIG evaluated the INS's implementation of IDENT and found that the INS was enrolling less than two-thirds of the aliens apprehended along the U.S.-Mexico border into the IDENT system. In addition, the INS was entering the fingerprints in the IDENT lookout database of only 41 percent of the aliens deported and excluded in FY 1996; of these, only 24 percent had accompanying photographs even though the INS relies on photographs to confirm identification. We found virtually no controls in place to ensure the quality of data entered into the IDENT lookout database. As a result, we found duplicate records and invalid data. We also raised concerns that the INS had not provided sufficient training to its employees on the use of IDENT. These failures hampered the INS's ability to make consistent and effective use of IDENT.
Page 35 PREV PAGE TOP OF DOC
B. The Rafael Resendez-Ramirez Case and the Operation of IDENT
In March 2000, the OIG issued another review that implicated the IDENT system in tragic circumstances. The OIG examined how the INS handled its encounters with Rafael Resendez-Ramirez (Resendez), a Mexican national accused of committing several murders in the United States. Resendez was known as ''the railway killer'' because he allegedly traveled around the United States by freight train and committed murders near railroad lines. In early 1999, Texas police obtained a warrant for Resendez's arrest in connection with a brutal murder in Houston, Texas. The police mounted an extensive search to find Resendez and contacted several INS investigators in Houston seeking assistance in the search for him. However, none of those INS investigators placed a lookout notice' for Resendez in IDENT. Instead, the INS investigators referred the police to other agencies or databases.
Consequently, when Border Patrol agents apprehended Resendez on June 1, 1999, as he attempted to illegally cross the border into New Mexico, nothing in IDENT alerted them to the fact that Resendez was wanted for murder or had an extensive criminal record. As a result, the Border Patrol followed its standard policy and voluntarily returned Resendez to Mexico. He returned to the United States within days of his release and murdered several more people before surrendering on July 13, 1999.
The OIG review concluded that the failings by the INS employees who did not place a lookout for Resendez in IDENT were indicative of and partly caused by larger failings in the INS's design and implementation of IDENT. We found that the training that was given to INS employees on IDENT, particularly outside the Border Patrol, was ineffective or non-existent. In the 1998 OIG report, we had noted problems with IDENT training and recommended that the INS develop and implement a strategy for sufficiently training INS personnel using IDENT. Unfortunately, the INS largely rejected this recommendation, claiming that its IDENT training was adequate. We found in the Resendez review that INS program offices, such as Investigations and Intelligence, viewed IDENT as a Border Patrol initiative and were not educated on how IDENT could be useful to their mission.
Page 36 PREV PAGE TOP OF DOC
When we interviewed INS employees in various offices involved with the Resendez case, we found that their knowledge of IDENT was severely lacking. The INS investigators who were contacted by police searching for Resendez did not think of IDENT, even when they were asked to place a lookout in INS databases for Resendez. Although the INS had distributed a lookout policy, it provided no training on the policy and did little to ensure that the policy was understood or read.
IDENT was not, and still is not, linked with FBI databases. The INS's IDENT system and the FBI's Integrated Automated Fingerprint Identification System (IAFIS) and the National Crime Information Center (NCIC) 2000 system were developed separately and along different time lines. Although the INS and the FBI periodically discussed integration of their systems as they were being developed, there was never a sustained effort to achieve that goal and no agreement on integration was reached. We were told that the INS and the FBI made little effort to understand the operational requirements of the other agency. Each agency focused on meeting its own requirements and did not pursue integration. As a result, when the FBI finally deployed IAFIS and NCIC 2000 in July 1999, the FBI fingerprint systems were not linked to IDENT.
The Resendez case vividly illustrated the need for integration of the INS and FBI systems and spurred the FBI and the INS to develop an integration plan. The plan required studies to help determine the feasibility of integration of the systems, which initially would allow the fingerprints of aliens apprehended by the INS to be searched against a subset of the FBI's Criminal Master File and eventually against the entire master file. However, an integration plan is still in the process of being developed and may take years to implement fully.
Page 37 PREV PAGE TOP OF DOCC. Nonimmigrant Overstays
The INS estimates the number of illegal aliens in the United States at 5 million to 6 million, while others estimate the number to be even higher. A common perception about illegal aliens is that the vast majority enter the United States by surreptitiously crossing our land borders, primarily from Mexico. In fact, the INS estimates that approximately 40 to 50 percent of the illegal alien population entered the United States legally as temporary visitors but simply failed to depart when required. The INS refers to these illegal aliens as nonimmigrant ''overstays.'' More than 90 percent of overstays are tourists or business visitors, but overstays also include students and temporary workers.
In a 1997 inspection, the OIG found that the principal INS record-keeping system for tracking nonimmigrant overstays, the Nonimmigrant Information System (NIIS), does not produce reliable data, either in the aggregate or on individual nonimmigrants. Normally, passengers arriving in the United States fill out an I-94 form and present it to the INS inspector upon arrival. The inspector collects the arrival portion of the form and returns the departure portion to the passenger. The arrival portion is sent to an INS contractor, who inputs the data into NIIS. When the person leaves the United States, the airlines are supposed to collect the departure portion of the I-94 form and provide it to the INS for input into NIIS. The data is then matched by NIIS to identify nonimmigrant overstays.
We found that the NIIS data is incomplete and unreliable due to missing departure records and errors in processing of the records. NIIS does not contain departure records for a large number of aliens, most of whom the INS assumes have left the United States. The INS believes that unrecorded departures result from airlines failing to collect departure forms, from aliens departing through land borders, from data entry errors, from records being lost through electronic transmission or tape-loading problems, or from the failure of the system to match arrival and departure records.
Page 38 PREV PAGE TOP OF DOC
We also found that the INS had no specific enforcement program to identify, locate, apprehend, and remove nonimmigrant overstays, and we concluded that NIIS data would be of little use for locating aliens.
D. The INS's Automated I-94 System
The Illegal Immigration Reform and Immigrant Responsibility Act of 1996 directed the Attorney General to develop an automated entry and exit control system that would collect a record for every alien departing the United States and automatically match these departure records with the record of the alien's arrival. This proposal was designed to replace the manual system of collecting I-94 cards and enable the INS, through on-line searching procedures, to identify lawfully admitted nonimmigrants who remain in the United Sates beyond the period authorized. In 2000, however, Congress extended the deadline for implementing the system for airports and sea border ports of entry until December 31, 2003, and for high-traffic land border ports of entry until December 31, 2004.
In response to this congressional requirement, the INS introduced a pilot system in 1997 to automate the processing of air passenger I-94 forms. This automated I-94 system captures arrival and departure data electronically and uploads non-U.S. citizen data to the INS's NIIS.
This summer, the OIG completed an audit of the design and implementation of the automated I-94 system and found that the INS has not properly managed the project. Despite having spent $31.2 million on the system from FY 1996 to FY 2000, the INS: (1) does not have clear evidence that the system meets its intended goals; (2) has won the cooperation of only two airlines; (3) is operating the system at only a few airports; and (4) is in the process of modifying the system. INS officials estimated that an additional $57 million would be needed for FY 2001 through FY 2005 to complete the system. These projections include development, equipment, and operation and maintenance costs.
Page 39 PREV PAGE TOP OF DOC
As a result of our concerns, we made a series of recommendations to help ensure that the INS rigorously analyzes the costs, benefits, risks, and performance measures of the automated I-94 System before proceeding with further expenditures.
E. The Visa Waiver Program
The Immigration Reform and Control Act of 1986 created the Visa Waiver Pilot Program (VWPP), which permitted citizens from certain countries to enter the United States as visitors without first obtaining a visa. The law allowed VWPP visitors to stay in the United States for up to 90 days per visit and required them to possess a round trip ticket and waive their rights to appeal immigration officers' determinations of admissibility or contest any deportation actions.
In October 2000, the program became permanent and is now known as the Visa Waiver Program. Currently visa requirements are waived for citizens of 29 countries who wish to visit the United States.
In 1999, the OIG assessed the INS's efforts to minimize illegal immigration and security threats posed by abuse of the VWPP. Because visitors traveling for business or pleasure under the VWPP were not required to obtain visas, they were not screened in any way prior to their arrival at U.S. ports of entry. Instead, VWPP visitors presented their passports to INS inspectors on arrival. The inspectors observed the applicants, examined their passports, and conducted checks against a computerized lookout system to decide whether to allow applicants entry into the United States. This review by INS inspectors was the principal means of preventing illegal entry. INS inspectors had, on average, less than one minute to check and decide on each applicant.
Page 40 PREV PAGE TOP OF DOC
As a result of our review, we found that INS inspectors did not query all VWPP passport numbers against the INS's computerized system. In addition, our inspection noted that terrorists, criminals, and alien smugglers have attempted to gain entry into the United States through the VWPP.
During our review, the INS informed the OIG that the theft of passports from VWPP countries was a serious problem. Because these stolen passports are genuine documents, their fraudulent use is difficult for INS inspectors to detect. During our review, we tested a sample of 1,067 passports stolen from VWPP countries and found that almost 10 percent may have been used to successfully enter the United States. We also identified problems with the way the INS maintains its lookout system, including its failure to enter information about stolen VWPP passports into the lookout database in a timely or accurate manner. As a result, 567 stolen passports in our sample of 1,067 (53 percent) had no lookout record in the INS system. Of the 500 passport numbers that had lookout records, 112 (22 percent) were not entered accurately. This missing or inaccurate information reduced the effectiveness of the lookout system and increased the possibility that inadmissible VWPP applicants could enter the United States.
F. The OIG's ''Bombs in Brooklyn'' Report
In a report issued in March 1998, the OIG examined how two individuals, Gazi Ibrahim Abu Mezer and Lafi Khalil, entered and remained in the United States before their July 1997 apprehension in Brooklyn for allegedly planning to bomb the New York City subway system. Mezer was subsequently convicted and sentenced to life imprisonment. Khalil was acquitted of charges stemming from the bombing plot but found guilty of immigration violations.
Page 41 PREV PAGE TOP OF DOC
In our report, we described how both men were able to enter the United States and remain here. Khalil, who had a Jordanian passport, applied to the U.S. Consular Office in Jerusalem for a visa to travel through the United States en route to Ecuador. The consular official gave him a 29-day, C-1 transit visa after a three-minute interview. When Khalil arrived in New York on
December 7, 1996, an immigration inspector mistakenly granted him a 6-month, B-2 tourist visa. He overstayed that visa and was arrested in Brooklyn, along with Mezer, in July 1997.
Mezer, who claimed Jordanian nationality, received a visa from the Canadian Embassy in Israel to study in Canada. Shortly after arriving in Canada in September 1993, he applied for convention status, which is similar to political asylum in the United States, based on his claimed fear of persecution in Israel. Mezer later admitted that he had traveled to Canada with the intent to reach the United States.
In 1996, Mezer was detained by the Border Patrol twice while attempting to cross the border into Washington State. Each time the Border Patrol voluntarily returned him to Canada. In January 1997, the Border Patrol apprehended Mezer in Washington a third time and initiated formal deportation proceedings. Mezer then filed an application for political asylum in the United States and was later released on a $5,000 bond. In his asylum application, Mezer claimed that Israeli authorities had persecuted him because they wrongly believed he was a member of Hamas. The immigration court requested comments from the State Department about Mezer's asylum application, and the State Department returned the application with a sticker indicating that it did not have specific information on Mezer. Mezer's attorney later withdrew the asylum application, stating that Mezer had returned to Canada. Mezer was arrested shortly thereafter in Brooklyn for plotting to bomb the subway system.
Page 42 PREV PAGE TOP OF DOC
During our review, we did not find any information that Mezer was a known terrorist. However, we found systemic problems that were revealed by his case. Our review found that Mezer had entered and remained in Canada despite two criminal convictions there, which highlighted the ease of entry into Canada and the difficulty of controlling illegal immigration from Canada into the United States. We also noted the inadequacy of Border Patrol resources to address illegal immigration along the northern border. In addition, Mezer's case reflected confusion between U.S. government agencies as to which agency would conduct a check for information on whether an asylum applicant was a terrorist. We recommended that the INS and the State Department coordinate more closely on accessing and sharing information that would suggest a detained alien or asylum applicant may be a terrorist.
G. Border Patrol Efforts Along the Northern Border
In February 2000, the OIG issued a report that systematically examined the Border Patrol's efforts to control illegal activity along the northern border, examined how the Border Patrol collects and assesses information about illegal activity and responds to it, and evaluated the allocation of Border Patrol resources to the northern border.
The nearly 4,000 miles of border between the United States and Canada are managed by 8 of the Border Patrol's 21 sectors. As of September 30, 1999, 311 of the national total of 8,364 Border Patrol agents (3.7 percent) were assigned to northern border sectors. In keeping with the INS's strategic plan, the Border Patrol deployed 7,706 Border Patrol agents (92.1 percent of the total) to its nine southwest Border Patrol sectors. The remaining 347 agents were assigned to the coastal sectors, headquarters, INS regional offices, and the Border Patrol Academy. Currently, according to the INS, there are 334 Border Patrol agents assigned to the northern border.
Page 43 PREV PAGE TOP OF DOC
Border Patrol sectors on the Canadian border face significant challenges, even though the volume of known illegal alien entries is much less than along the Mexican border. The OIG review reported an increase in illegal activity along the northern border, including an increase in alien and drug smuggling. But the INS was unable to assess the level of illegal activity along the northern border, given the limited personnel and equipment resources allotted to its eight northern Border Patrol sectors. However, it is clear that the level of illegal activity exceeds the Border Patrol's capacity to respond. We also found that other factors, such as the detailing of agents from the northern to the southwest border and lack of detention space to house apprehended aliens, further diluted the Border Patrol's enforcement capabilities along the northern border.
We concluded that the number of agents assigned could not adequately patrol the entire length of the northern border. Shifts with no Border Patrol coverage left the northern border open. INS Intelligence officers also told us that criminals monitor the Border Patrol's radio communications and observe their actions. The criminals know the times when the fewest agents are on duty and plan their illegal operations accordingly. The Border Patrol realized this risk but, because of the low numbers of agents assigned to northern border sectors, it could not cover all shifts 24 hours a day, 7 days a week. Most Border Patrol officials we interviewed believed around-the-clock coverage was the minimum acceptable level of coverage for northern Border Patrol stations.
''Force-multipliers'' such as cameras, sensors, and other technology aid the Border Patrol in its surveillance and interdiction activities, but we found that northern border sectors do not have adequate amounts of this equipment. For example, at the time of our inspection, one northern border sector had identified 65 smuggling corridors along the more than 300 miles of border within its area of responsibility, but the sector had only 36 sensors with which to monitor these corridors.
Page 44 PREV PAGE TOP OF DOC
The Border Patrol's Strategic Plan, issued in 1994, does not address the northern border until the plan's fourth and final phase. Phase I of the Strategic Plan was designed to control the San Diego and El Paso Corridors; Phase II to control South Texas and Tucson corridors; Phase III to control the remainder of the southwest border; and Phase IV to control the rest of the borders, including the northern border. At the time of our inspection in 2000, the Border Patrol was in Phase II of its strategic plan, and no date had been set for implementation of Phase IV. In addition, the strategic plan did not articulate the strategies that the Border Patrol would eventually use to control the northern border once it has achieved control of the southwest border.
The OIG recommended that the INS Commissioner outline the approach the Border Patrol would take to secure the northern border, including determining the minimum number of Border Patrol agents required to address existing gaps in coverage, determining the amount of intelligence resources needed to more accurately assess the level of illegal activity, and identifying and implementing accurate data collection methods to support decisions about personnel and equipment. INS eventually wrote a strategic plan regarding the northern border, but we understand that it has not been implemented. We also recommended that the Commissioner evaluate whether there was a continuing need to detail Border Patrol agents out of northern sectors.
H. Other OIG Reviews
In addition to these reviews, the OIG has examined other INS programs and their related automated systems, including:
Page 45 PREV PAGE TOP OF DOCVoluntary Departures: A 1999 OIG inspection found that the INS could not verify evidence of departure in 54 percent of the cases that we reviewed in which an illegal alien had been permitted to voluntarily leave the United States rather than face deportation. We found that the INS's record keeping for voluntary departures was seriously flawed. The INS's failure to document voluntary departures resulted in an incomplete immigration history for these illegal aliens and hampered subsequent efforts by INS or other law enforcement officials who need to complete immigration histories for each illegal alien they encounter in order to make appropriate decisions about the alien's disposition.
In addition, we concluded that the INS's Interior Voluntary Return Tracking System (IVRTS), implemented in FY 1997, did not track individual aliens who were granted voluntary departure and thus could offer only an incomplete count of the number of these departures nationwide. At the time of our review, IVRTS did not record the names or alien numbers of the aliens granted voluntary departure. Furthermore, the system provided no information suitable for follow-up enforcement and no useful information to include in the INS's lookout indices.
Secondary Inspections at Airports: The Treasury Enforcement Communications System (TECS) is a system used by the U.S. Customs Service, the INS, and other federal agencies to access information about individuals who are of interest to law enforcement agencies so that their entry into the United States may be monitored or prevented. TECS allows INS inspectors to review an individual's travel history, including the results of prior inspections, when determining the admissibility of persons seeking entry into this country. Other federal agencies and INS programs, including those focusing on intelligence and counterterrorism, often rely on INS inspection data in TECS.
Page 46 PREV PAGE TOP OF DOC
A March 2001 OIG audit tested INS data in TECS related to secondary inspections (inspections of travelers that require a more detailed review than the standard primary inspection) at three airports. The audit examined whether the data accurately reflected referrals of travelers to secondary inspection and whether the data included secondary inspection results. We found that the INS's data in TECS for inspections performed at two airports were reliable, while the data for inspections at the third was not. We found that the third airport's inspectors entered the required referral designation and secondary inspection results in TECS for only 3 percent of the secondary inspections performed.
III. CONCLUSION
As described by these reports, our work has found that the INS has not managed its diverse information technology systems well. We found numerous and longstanding problems of failures by INS managers to implement reliable, integrated systems in a timely and cost-effective manner.
We believe that the INS needs to more stringently establish priorities on the development of its systems, rather than spend enormous resources and effort to develop so many systems for so many different purposes. The INS has in use or in development approximately 100 automated information systems and it appears to have a separate system for each function in the agency, without sufficient connection or interrelation.
Among other recommendations, based on our work we urge the INS to ensure that its databases share information, both within and outside the INS. For example, the INS and the FBI's automated fingerprint systems—IDENT, IAFIS, and NCIC 2000—need to be connected. The INS also needs to expand the use of biometrics to accurately identify individuals with whom the INS comes into contact.
Page 47 PREV PAGE TOP OF DOC
It is clear that more resources need to be devoted to the northern border. Technology such as cameras and sensors can help in this effort, but there are too few agents and inspectors along the northern border.
The INS also must improve its tracking of nonimmigrant visa overstays. The current system for identifying overstays—manual I-94 cards inputted into the NIIS database—does not produce reliable or accurate information, either as a whole or on individual overstays, and the automated I-94 project has not worked. The INS must design a system that can accurately capture arrival and departure data, and automatically match them in a reliable fashion.
Solving the problems of INS information technology is a complex issue with no easy solutions, but it requires a strategic vision, strong leadership, and individual and organizational accountability. This effort needs to be a top priority of the agency, since effective INS information technology is essential to protecting the integrity of the immigration system and the national security.
This concludes my prepared statement. I would be pleased to answer any questions.
Mr. GEKAS. We thank the gentleman.
We turn to Commissioner Ziglar. James Ziglar had, prior to becoming Commissioner of INS, served as sergeant at arms in the Senate of the United States. There, he, in effect, came back to the Senate because he, at one time, served as an aid to then-Senator Eastland. He also had served as a law clerk for Supreme Court Justice Blackmun, has served on Wall Street with a lot of different entities and now comes to bring his long legal experience, and practical experience, and political experience, I might add, to the current post of Commissioner of the INS.
Page 48 PREV PAGE TOP OF DOC
We welcome him and ask him to proceed with a 5-minute summary of his written testimony. But before he does that, we will ask him to identify the colleagues who have joined him, the ones who joined him in taking the oath, so that we can identify them for the record. So would you introduce them separately.
TESTIMONY OF THE HONORABLE JAMES W. ZIGLAR, COMMISSIONER, IMMIGRATION AND NATURALIZATION SERVICE; ACCOMPANIED BY SCOTT HASTINGS, ASSOCIATE COMMISSIONER FOR INFORMATION RESOURCE MANAGEMENT; DAVID YENTZER, ASSOCIATE COMMISSIONER FOR ADMINISTRATION; AND MICHAEL PEARSON, EXECUTIVE ASSOCIATE COMMISSIONER FOR FIELD OPERATIONS
Mr. ZIGLAR. Thank you, Mr. Chairman. I have with me today a variety of the folks from the INS who are expert in a number of the issues, areas that you are talking about today.
Mike Pearson is head of field operations; Mike Cronin, who is our program director; Bob Gardner, who is our budget director; Dave Yentzer with the management side of the business; George Bohlinger, who is with the management side of the business; Paul Rosenberg, who is head of our Enterprise Architecture Area; and Scott Hastings, who is our technology guru.
Mr. GEKAS. We may have to pepper them with some questions along with questions for you at a later point. Proceed.
Mr. ZIGLAR. I was pleased that you put them under oath, so that you could.
Page 49 PREV PAGE TOP OF DOC
Mr. GEKAS. Very good. Please proceed.
Mr. ZIGLAR. Thank you, Mr. Chairman. I am pleased to have this opportunity to come today and talk to you about technology, in terms of how it can help us to secure our borders. This is, as Congresswoman Jackson Lee noted, my first appearance before this Committee, and I am pleased to be here. I certainly enjoyed my time over on the Senate side as sergeant at arms, and I had an opportunity in that job to work with a number of Members of the House, as well as some of your officers in the House, and it was a great experience for me.
When I started this job 2 months ago, I knew I had a big challenge in from of me, and Congressman Gekas certainly made that point to me on several occasions when we discussed it. I never had even an inkling, Mr. Chairman, that events would take the dramatic turn that they have, and we sit here today facing what we face.
The goals that the President set for me and that the Congress wholeheartedly endorsed when I took this job were really threefold: First was to restructure the INS in a way that it would focus on its two missions and focus on them effectively, and that is enforcement and service; the second goal that I was given was to modernize the management structure and the processes of the INS so that it could do its job and serve its mission better; and thirdly was to modernize, synchronize and rationalize the IT technology system at the INS again so that we could better serve the missions that we have in front of us, and that is enforcement and service.
Mr. Chairman, these goals are exactly the same today as they were before September the 11, for the simple reason that an effective and efficient INS is the best way that I know of to help protect Americans, along with other Government agencies, against the evils that we saw and that occurred on September 11. Congresswoman Jackson Lee, I can tell you that we want to be part of the solution to the problem, not the problem.
Page 50 PREV PAGE TOP OF DOC
Mr. Chairman, I am neither inclined, nor particularly willing, to waste my time on trying to assign blame for failures in the past or perceived failures in the past. I think we can, and we should, learn from failures, but we need to move ahead, and we need to move ahead aggressively with this organization.
I believe that the INS has the will, I believe that it has the determination, and I believe that with adding some human resources, we have the human resources necessary to accomplish the mission that you want us to accomplish and that the President wants us to accomplish. We are moving ahead rapidly, Mr. Chairman, as I speak, in making those changes. Let me give you some examples.
First, we will very soon be providing to you a reorganization, a restructuring plan that is significant, that is substantial. That plan has been developed, and we have continued the development of it even since September 11. It has been personally approved by the Attorney General. He has spent time with me looking at it, and he has personally approved it. It is now pending before OMB, and it is in the final stages of approval over there, at which point we will bring this draft plan up to you and to your colleagues, and show it to you, and get your feedback, and work with you on it, and we will need your help on that, Mr. Chairman.
Mr. Chairman, we are aggressively developing an IT enterprise architecture, and we are doing it, as Mr. Hite noted, we are doing it in concert with the GAO, and we are doing it based upon a suggested plan that the GAO has given us. We are proceeding with the GAO. We have people at GAO and our organization on a regular basis. We welcome their help. They have been a great resource for us in the development of this enterprise architecture.
Page 51 PREV PAGE TOP OF DOC
Also, Mr. Chairman, let me address one thing about that enterprise architecture and what the GAO did, and that is that with respect to our investment management, we have created an Investment Review Board that is, on a regular basis—and I have personally gone to these meetings. I have not left them to other people—we are looking at every technology that we are trying to employ now, even ahead of the enterprise architecture design being completed and using something called the interim technology architecture to make sure that the employment of these technologies will fit on the platform that will ultimately come out of the enterprise architecture planning. So we are dealing with the investment management area. And, again, GAO is quite aware of what we are doing, and working with us, and working with us very cooperatively.
Mr. Chairman, with your support, we are prepared to move ahead with the SEVIS system—it used to be called the CIPRIS system—but which is the student tracking system. As you know, that system has been delayed for a variety of reasons. It was the subject of great opposition by the academic establishment and some institutions. It was the subject of a bit of criticism, particularly from Congress, and particularly with respect to the fees that would be collected and how they were collected, and it took legislation to change that process.
We have, all of a sudden, experienced, for some reason, a disappearance of all of that opposition since September the 11. And, in fact, several weeks ago I sent over for approval the regulations to implement the fee collection structure so that we can start getting revenues in for the system, and as you know, the system has to be paid for out of the revenues collected.
Page 52 PREV PAGE TOP OF DOCMr. Chairman, with some appropriated funds up front so that we can build the system quickly, as opposed to building it out of the revenues that come out of the exam fees, we can deliver the SEVIS system a year, I believe, in advance of the December 20, 2003, deadline that Congress has set on us to have that system in place, but we need your help. We need your money to do that.
Mr. Chairman, we are integrating our various, and we have got a bunch of them, our various enforcement databases, and they are already designed to do different things out there. It is an interesting exercise to try to figure out these databases, and I have been working hard at it, but we are integrating those databases into something called the ENFORCE system. The ENFORCE system literally will draw from all of the different databases that we have, as well as reaching out beyond our databases into the FBI and other places, to bring information in about individuals who then that we come in contact, so that we know as much as there is to be known about these individuals.
We also have integrated, and it is fully integrated, our system, our ENFORCE system, which is the data collection system, with our IDENT system, which is an identification system. IDENT is not a database system, it is an identification system based upon biometrics. We have integrated those.
Mr. GEKAS. Without objection, we will extend an extra 2 minutes to the Commissioner to complete his oral statement because he is giving us vital information at this juncture.
Mr. ZIGLAR. Thank you, Mr. Chairman. I didn't realize I had run out of time.
Page 53 PREV PAGE TOP OF DOC
In any event, the point is that we are building this platform and, in fact, we are putting in place, we are actually bringing our databases into the ENFORCE system now, and that platform will be on top of the overall enterprise architecture plan that is being developed.
Mr. Chairman, we are also going to be bringing on line soon the transitional work stations for the integration or the ultimate integration of the IDENT system with the IAFIS system which, of course, is the FBI system. That is being managed by the Justice Management Division. INS and the FBI are working together on them, but it will be soon that we will have in place those first work stations that are transitional work stations to the integration of that system. That is not inconsistent with our integration of IDENT and ENFORCE. It simply adds to the breadth of it.
Mr. Chairman, we are moving aggressively to implement the entry-exit tracking system that has been talked about so much. I have to tell you, on a personal note, I am very much in favor of putting that system into place, and I believe that we have our first deadline is in 2003, and I believe that we are going to meet that deadline, and I think we are going to beat that deadline. I am pushing people just as hard as I can to make things happen, and we can obviously talk about that in a few minutes in greater detail.
Finally, Mr. Chairman, with your support, we can complete the employment of the border crossing card system, and we can expand the IDENT system, and those are two issues I know that you want to talk about, as we go forward, in this hearing. I would love to be able to answer your questions on this.
Page 54 PREV PAGE TOP OF DOC
Mr. Chairman, I appreciate the additional time that you have given me, but I want to make one last statement. I want you and this Committee to know, and I want the American people to know that the INS is moving forward and that we were moving forward before September 11 occurred.
Mr. Chairman, I appreciate the time, and I look forward to answering your questions.
[The prepared statement of Mr. Ziglar follows:]
PREPARED STATEMENT OF JAMES W. ZIGLAR
MR. CHAIRMAN AND MEMBERS OF THE COMMITTEE, I am pleased to have this opportunity to testify on ''The Use of Information Technology in Immigration Enforcement.''
This is my first opportunity to appear before this committee since being confirmed as Commissioner and I look forward to working with you for the benefit of the American people.
I am here today to discuss with you how the INS can enhance our country's security at our borders and in our processes, particularly in the context of the better employment of technology. While I am sure we could spend a great deal of time dwelling on past shortcomings in technology or other areas, I hope that we can focus on the future. Whatever the facts are from the past, Mr. Chairman, they are not a prologue for the future.
Page 55 PREV PAGE TOP OF DOC
I have been on the job approximately two months. I cannot account for the reason one or another system did not come online by a particular date or did not function as advertised. Experience has taught me that there usually is plenty of blame to spread around. I have no interest in playing the blame game. My interest and inclination is to fix problems and always look ahead.
I can assure you of one thing, Mr. Chairman, and that is meeting deadlines set by the Congress and the President is my top priority. If a deadline cannot be met either because it is not realistic or for another legitimate reason, then my policy will be to tell Congress or the President in advance.
I have worked in the Congress, having served as the Senate Sergeant at Arms from November 1998 to August 2001, and as a staffer in the Senate from 1964 to 1971. I enjoy and treasure warm friendships with many Members of Congress from both sides of the aisle. I intend for my relationships with Members—and the agency's relationship—to be positive. I want us to work together for the sake of the American people. I have been very pleased that in the days and weeks since September 11, the sentiment I've heard time and again from Members of Congress has been: ''How can we help?''
It is in that spirit that I come to you with this testimony about our technology systems, but, more importantly, with a series of ideas to improve our security in the months and years ahead.
STEPS TO IMPROVE SECURITY
Page 56 PREV PAGE TOP OF DOC
Even before September 11, we were examining how we can improve the INS, at all levels, and especially in the area of technology. We recognize that technology is a huge ''force multiplier'' that we must employ effectively at the INS if we are to accomplish our mission.
Pursuant to the mandates of the Clinger-Cohen legislation, in response to the recommendations of the General Accounting Office (GAO), and because it makes good business sense, the INS is currently in the process of developing its Enterprise Architecture. This project represents our long-term, strategically-oriented approach to accomplishing the information driven aspects of the INS mission. We began the planning for this project in October 2000 and I expect the final delivery of this project, the transition plan to our target architecture, to be ready at the beginning of the 3rd quarter of FY 2002.
In addition, as part of our restructuring initiative, which I have discussed with you and a number of Members, I encouraged our employees at all levels to think ''outside the box'' as to how we can better accomplish our mission. They responded with a number of creative ideas, some of which we are still evaluating. However, within the context of what is already known to be ''do-able'' and effective, we are considering a series of measures that would strengthen our enforcement capabilities. We are working within the Administration to determine how to implement these measures. Some of our ideas are as follows:
Border Patrol
As requested in the President's budget, increase the number of Border Patrol agents and support staff along the northern border, while not neglecting the continuing needs along the southwest border. Such increases should also include necessary facilities, infrastructure and vehicles.
Page 57 PREV PAGE TOP OF DOC
Provide additional agent support equipment and technology enhancements. Unfortunately, neither the Senate nor the House currently is funding the President's request at $20 million for ''force multiplying technology.''
Expand access to biometric identification systems, such as IDENT.
Inspections
In the Inspections area, as we proposed in our FY 2002 budget, we believe we should increase the number of Inspectors at our Ports of Entry.
Require inspection of all International-to-International Transit Passengers (ITI) so that all travelers who arrive in the United States are inspected.
Information and Technology Initiatives
Require carriers to submit Advance Passenger Information before boarding passengers (whether the passenger is heading to the United States or attempting to depart the United States) to assist in preventing known or suspected terrorists, criminals, and inadmissible passengers from boarding.
Make Advance Passenger Information data widely available to law enforcement agencies, enhancing the ability to identify potential threats prior to departure from or arrival in the United States, as well as to prevent the departure of individuals who may have committed crimes while in the United States.
Page 58 PREV PAGE TOP OF DOC
Implement the National Crime Information Center Interstate Identification Index (NCIC III) at all ports of entry so that aliens with criminal histories can be identified prior to or upon arrival in the United States. NCIC III should also be available at all consular posts, INS service centers and adjudication offices to help identify aliens who pose a potential threat.
Improve lookout system checks for the adjudications of applications at INS service centers.
Improve INS infrastructure and integration of all data systems so that data from all sources on aliens is accessible to inspectors, special agents, adjudicators, and other appropriate law enforcement agencies. This initiative is ongoing.
Personnel Issues
Waive the calendar-year overtime cap for INS employees to increase the number of staff-hours available by increasing the overtime hours people can work. This proposal is included in the Administration's Terrorism Bill.
Other Initiatives
Re-examine and potentially eliminate the Transit Without Visa Program (TWOV) and Progressive Clearance to prevent inadmissible international passengers from entering the United States.
Reassess the designation of specific countries in the Visa Waiver Program to ensure that proper passport policies are in place. This initiative will require the concurrence of and joint participation by the Department of State.
Page 59 PREV PAGE TOP OF DOC
Obtain from the Department of State visa data and photographs in electronic form at ports of entry so that visa information will be available at the time of actual inspection.
Explore alternative inspection systems that allow for facilitation of low risk travelers while focusing on high-risk travelers.
Review the present listing of designated ports of entry, in concert with the U.S. Customs Service, to eliminate unnecessary ports. This will allow the INS to deploy more inspectors to fewer locations making for a more efficient use of resources.
DATABASE IMPROVEMENTS
In addition to the measures cited above, I have instructed my staff to move forward expeditiously on two database improvement projects mandated by Congress. While neither of these is a panacea, but both would be an improvement over the status quo. First, there has been much attention paid to student visas in recent weeks. Today, the INS maintains limited records on foreign students and is able to access that information on demand. However, the information is on old technology platforms that are insufficient for today's need for rapid access. That is why we are moving forward with the Student Exchange Visitor Information System (SEVIS), formerly known as CIPRIS. These objections, primarily by the academic establishment, have delayed its development and deployment. However, with the events of September 11, these objections have virtually disappeared and the INS, with your help, will meet, and intends to beat, the Congress' date of December 20, 2003 to start implementation of SEVIS with respect to all foreign nationals holding student visas. I hasten to add that there is a critical need to concurrently review and revise the process by which foreign students gain admission to the United States through the I-20 certification process as we build the system.
Page 60 PREV PAGE TOP OF DOC
Second, substantial attention also has been paid to entry and exit data. Currently, the INS collects data on the entry and exit of certain visitors. The data, most of which is provided to the INS in paper form to meet our manifest requirements, first must be transferred by hand from paper to an electronic database. This is an extremely inefficient way of processing data which delays access to the data by weeks and months. Knowing who has entered and who has departed our country in real time is an important element in enforcing our laws. The Data Management Improvement Act, passed in 2000, requires the INS to develop a fully-automated integrated entry-exit data collection system and deploy this system at airports and seaports by the end of 2003, the 50 largest land ports of entry by the end of 2004, and completing the deployment to all other ports of entry by the end of 2005. The legislation also requires a private sector role to ensure that any systems developed to collect data do not harm tourism or trade.
The INS already uses limited airline and cruise line data which is now provided voluntarily as an integral part of the inspection process at airports and seaports. We will work closely with Congress, other agencies, and the travel industry in the coming months to expand our access to needed data and to enhance our use of that data to ensure border security and more complete tracking of arrivals and departures.
There has also been a great deal of focus on the databases used to identify persons who are inadmissible to the United States or who pose a threat to our country. The INS, the Customs Service, and the Department of State's Bureau of Consular Affairs have worked diligently over the past decade to provide our ports of entry and consular posts with access to data needed by our officers. The data contained in the National Automated Immigration Lookout System (NAILS), the Treasury Enforcement Communications System (TECS II), and the Consular Lookout and Support System (CLASS) are uniformly available to our ports of entry through a shared database called the Interagency Border Inspection System (IBIS) that is maintained on the U.S. Customs Service mainframe computer.
Page 61 PREV PAGE TOP OF DOC
Through IBIS, the officers at our ports of entry can also access limited data from the National Crime Information Center (NCIC). Immigration and Customs officers have long had the capability to check NCIC wanted persons data on a limited basis. Only recently have immigration inspectors been authorized to routinely use NCIC criminal history data (NCIC III) to identify criminal aliens in advance of their arrival. This capacity now exists at two ports of entry. Before September 11, the INS was working to expand the availability of this valuable data source to additional locations. Legislation is being considered to ensure this expansion is successful. I strongly support this legislation. To expedite this process, we will require the assistance of Congress for additional communications and mainframe capacity so that we may obtain real-time NCIC III data.
Many people who cross our land borders do so with a Border Crossing Card (BCC). The INS and State Department have been working aggressively over the past several years to replace the old Border Crossing Cards with the new biometric ''laser visa.'' Based on the statutory deadline, holders of the old BCC can no longer enter the country. The new BCC has many security features that make it a much more secure entry document.
Both at and between our ports of entry, the INS has used a fingerprint identification system known as IDENT to track immigration violators. This system has provided the INS with a significant capacity to identify recidivists and impostors. Congress has directed the Department of Justice to integrate IDENT with access to the FBI's automated fingerprint system, IAFIS, and we have been proceeding toward that objective with the FBI and under the Department's direction.
Page 62 PREV PAGE TOP OF DOCTHE LIMITS OF TECHNOLOGY
There is no quick fix, technological or otherwise, to the problems we face. We must work with advanced technology and do all we can to improve our systems. But we should not misl