Fusion centers provide the most benefit and have the greatest impact when they develop and implement appropriate security policies, procedures, and protocols to address physical, personnel, and information security within their centers. Effective security practices provide federal partners with assurance that the information shared with fusion centers is safeguarded and shared appropriately. Security assurance enables and enhances trusted partnerships and facilitates relevant information sharing and collaborative activities.
11.1 Of the fusion centers that fall under Department of Homeland Security (DHS) security purview, percentage of fusion centers that undergo an annual Security Compliance Review (SCR) based on DHS standards
Explanation: DHS conducts Security Compliance Reviews (SCRs)—a formal security audit—
at those fusion centers that fall within DHS security purview. This includes any fusion centers where DHS has sponsored personnel security clearances or the installation of the Homeland Secure Data Network (HSDN) Secret-level information system. It does not include fusion centers that are co-located with Federal Bureau of Investigation (FBI) offices where the FBI oversees security. SCRs track fusion center compliance with applicable security policies and procedures and identify areas where fusion centers require attention in order to achieve full compliance with these policies and procedures. DHS typically conducts SCRs on a three-year cycle, so each fusion center subject to an SCR undergoes a review once every three years.
Conducting periodic SCRs at those centers governed by DHS security protocols helps ensure the appropriate protection and safeguarding of facilities, systems, personnel, and information, including classified National Security Information stored at fusion centers. This performance measure tracks the annual DHS SCR rate, which reflects the DHS annual SCR schedule published by the DHS Chief Security Officer.
Collection Approach: The DHS Chief Security Officer will track and report data for this measure. The final percentage will be calculated by dividing the number of SCRs conducted by the total number of SCRs scheduled during the assessment period.
11.2 Of the fusion centers that participated in the Department of Homeland Security (DHS)
Security Compliance Review (SCR) during the assessment period, percentage of findings identified in the SCR report for which fusion centers took corrective actions within the timeframe identified
Explanation: DHS conducts Security Compliance Reviews (SCRs)—a formal security audit—
at those fusion centers that fall within DHS security purview. This includes any fusion centers where DHS has sponsored personnel security clearances or the installation of the Homeland Secure Data Network (HSDN) Secret-level information system. SCRs track fusion center compliance with applicable security policies and procedures and identify areas where fusion centers require attention in order to achieve full compliance with these policies and procedures.
Not all SCRs identify areas requiring attention. This performance measure tracks the total number of “required actions” 19 identified in any SCRs conducted during the assessment period, as well as the number of “required actions” that were fully addressed by the subject fusion centers during the assessment period and deemed resolved by the DHS Chief Security Officer.
Collection Approach: The DHS Chief Security Officer will track and report data for this measure. The final percentage will be calculated by dividing the number of corrective actions completed divided by the total number of required actions stemming from SCR findings.
11.3 Percentage of State, Local, Tribal, Territorial (SLTT) fusion center personnel requiring SECRET clearances who have them, or have submitted requests to the appropriate granting authority for them
Explanation: Fusion center personnel with a valid “need to know,” as determined by fusion center directors, are eligible to be granted SECRET or higher level security clearances by
appropriate clearance-granting authorities, including DHS and the FBI. Clearances allow fusion center personnel to access classified National Security Information to support fusion center operations and to facilitate the timely exchange of information with cleared partners. This performance measure tracks the number of fusion center personnel across the National Network who are deemed to have a valid “need to know,” and who have either been granted a final SECRET or higher clearance by DHS or the FBI, or who have been nominated for a SECRET or higher clearance.
Collection Approach: DHS will use the annual Fusion Center Assessment to collect data related to this performance measure. Fusion centers will report the number of fusion center personnel with a valid “need to know” who have been granted SECRET or higher level security clearances or who have been nominated for such clearances. The final percentage will be
calculated by dividing the number of fusion center personnel requiring clearances who have been granted clearances – to include interim clearances – or who have submitted requests for
clearances by the total number of fusion center personnel requiring clearances.
19 Fusion centers are required to correct any “required actions” identified in the SCR within 60 days of receiving the final SCR report.
Conclusion
The performance measures developed collaboratively by DHS with Federal and SLTT partners offer a comprehensive and more complete framework to evaluate the performance of the National Network. Congruent with the logic model, these measures show linkages between the outputs of fusion center operations and the overall impact the National Network is having as a part of the Homeland Security Enterprise.
The FCPP measures all program elements of the fusion process, as reflected in the logic model.
The Fusion Center Cost Assessment, as part of the annual Fusion Center Assessment, gathers data and reports on the inputs of the National Network from Federal and SLTT partners and the private sector. The capability-centric Fusion Center Assessment examines the critical operational capabilities and enabling capabilities of the National Network, which correspond to the elements called “processes” in the National Network logic model. The performance measures measure the outputs and direct outcomes and by proxy, the intermediate outcomes and impact of the National Network. The Fusion Center Readiness Initiative sponsors exercises which help inform this entire process, including capabilities and performance.
In order to implement the performance management framework, fusion centers and Federal partners will need to provide data which, when analyzed, will allow for the performance measure results to be reported. SLPO is directing ongoing research to assess proposed methods of data collection for the performance measures. In addition, it is developing a common data
infrastructure using a diverse range of surveys, Fusion Center Assessment data, and existing data. Once this process is completed it will allow the FCPP to capture objective, standardized data to evaluate the value and impact of the National Network in supporting national information sharing and homeland security outcomes.
As discussed above, these performance measures are not intended to capture every output produced by every fusion center. They are focused on common National Network outputs and outcomes. Data will be reported through the Final Report at the National Network level, not for individual fusion centers. Moreover, the 2013 data will provide a baseline against which future years’ data will be compared. SLPO may use this year’s baseline data to set performance targets in future years, but there are no specific targets for this first year of data collection.
That said, SLPO will analyze this year’s initial performance data to the extent possible to identify performance gaps network-wide and in individual centers for purposes of gap mitigation. Given the diversity of fusion center roles and activities, simply reviewing
disaggregated data without context may be more misleading than illuminating. For that reason, SLPO intends to perform this analysis by designing an analytic framework linking fusion center performance data with other fusion center data (such as data on inputs and processes as well as outputs and outcomes) to identify correlations in performance trends. That will enable SLPO to work with individual centers as necessary to mitigate any identified gaps and thus improve the overall effectiveness of the National Network. As more data comes in during future years’
assessments, SLPO will continue to improve its ability to design gap mitigation programs well-targeted to addressing specific performance gaps. Eventually, SLPO intends to develop these performance measures into return-on-investment metrics for the system as a whole that will link system performance to funding and help support future grant justifications.
Appendix A: Definitions of Logic Model Elements
InputsDHS sees fusion center sustainment as a shared responsibility between partners at all levels of government. As such, the logic model distinguishes among federal resources, SLTT resources, and private sector resources. Most types of resources identified in the logic model are the same for Federal and SLTT partners.
Grant Funding
Fusion centers have emphasized the importance of federal grants in their budgets, arguing grant funding is indispensable to building and maintaining their operations. The primary program through which fusion centers access federal funding is the FEMA Homeland Security Grant Program. That program is not dedicated solely to fusion centers, however. Fusion centers also receive federal funding through a variety of other programs, including the Department of Justice’s Justice Assistance Grants.
Personnel
SLTT agencies provide the core staff for fusion centers. Types of personnel vary depending on the mission scope and types of jurisdictions involved in the center, and personnel can be assigned full-time, part-time or on an as-needed basis depending on evolving threats and requirements.
Among the most common types of SLTT personnel assigned to fusion centers are:
• Analysts
• Criminal investigators, including specialized personnel such as highway patrol, narcotics officers, financial crimes investigators, and violent crimes investigators
• Representatives of fire services, emergency medical services, public health agencies, corrections agencies, critical infrastructure, and other public safety and private sector stakeholders
• Support personnel, such as those handling administration, information technology, communications, graphics, security, and privacy
Equipment
As with personnel, SLTT agencies receive federal assistance in covering the costs of equipment, including basic office equipment and technology. Technology supplied by federal partners includes software (such as relational databases and geographic information systems), hardware (including installation and maintenance costs for federal networks and secure video
teleconference capabilities), projectors, and secure telephones.
Training, Exercises, and Technical Assistance
Federal partners develop and deliver training for fusion centers on subjects such as critical thinking and analytic methods, intelligence writing and briefing, and other skills. Fusion centers may participate in any number of other training programs and homeland security exercises developed at the Federal and SLTT levels. DHS and the Department of Justice jointly run a Fusion Process Technical Assistance Program that provides a range of services to fusion centers.
Topics covered in the program include development of concepts of operations, technology implementation, security plans and policy development, communications planning and outreach, and counterterrorism awareness training.
Data and Data Systems
Fusion centers’ ability to receive classified and unclassified information hinges on their access to the systems where that information resides. Fusion centers have access to classified information via the DHS Homeland Secure Data Network and/or the FBI Network. Fusion centers also have access to multiple federal and SLTT sensitive-but-unclassified systems, including FBI’s Law Enforcement Online and DHS’s HSIN. Federal data systems such as the NSI SDR and the front end interfaces connected to the NSI SDR also provide key platforms for fusion centers to submit, review, and search suspicious activity information. Fusion centers also use data available
through SLTT agencies’ systems as appropriate, such as local records management systems, crime data networks, geographic information systems, motor vehicle registration and other databases.
Intelligence and Other Information
Fusion centers gather intelligence and other information related to terrorism, crime, and other threats from within their AOR. They also receive such information from federal partners.
Facilities
As fusion centers are owned and operated by state and local agencies, those agencies are typically responsible for identifying and maintaining the physical facilities housing fusion centers, although many are co-located with a federal agency, such as the FBI.
Guiding Documents
SLTT authorities produce plans, policies, and standard operating procedures that provide critical guidance to fusion center operations.
Other Stakeholder Resources:
Examples of resources provided by other stakeholders include fusion center personnel funded by private sector partners, access to university subject matter experts, and resources provided by community groups.
Processes
The processes in the logic model represent the ways in which the inputs involved in fusion centers develop the centers’ outputs. The processes in this model equate to the intelligence cycle, as represented by the four critical operational capabilities (COCs) and enabling capabilities (ECs) that fusion center directors and federal partners identified to guide fusion centers’ work in capability development.
The four COCs represent the “operational priorities” of the National Network and reflect fusion centers’ key roles in the homeland security intelligence cycle. They work together in an
ongoing, cyclical fashion. Fusion centers receive threat information from the Federal
Government and gather local information from agencies and the public in their AORs. They analyze information in a local context, making new connections and perhaps developing new questions and conducting further inquiry. Analysts then develop intelligence products, and centers disseminate them to relevant customers. The products and services customers receive from fusion centers then may heighten stakeholder awareness and lead to additional locally generated information or federal information, which in turn leads to further analysis, production and dissemination.
The processes are:
• Receive: The ability to receive classified and unclassified information from federal partners. Fusion centers access National Terrorism Advisory System alerts and other threat information from federal partners through federal portals and systems; they can then use that information in their analytic products and/or disseminate it to SLTT and private sector partners. This capability requires fusion centers to have appropriate policies and processes for receiving unclassified and classified federal information, personnel cleared and trained to handle the information, and access to federal systems to receive such information.
• Analyze: The ability to assess local implications of threat information through the use of a formal risk assessment process. Fusion centers overlay national intelligence with local, regional, and statewide information and, through analysis, develop timely intelligence products for their customers. Fusion centers should have policies, plans (including an analytic production plan), customer feedback processes, and information management technology. These assets help properly trained analysts add local context to time-sensitive threat information, develop products such as threat and risk assessments, and contribute to statewide and national risk assessments.
• Disseminate: The ability to further disseminate threat information to other SLTT entities within their jurisdictions. Dissemination should be organized, targeted, and timely so the information can contribute to better-informed prevention, protection, and response actions. Fusion centers should therefore have documented plans, policies, and/or
procedures specifying the type of information and manner of delivery necessary for each stakeholder. Unclassified dissemination mechanisms include e-mail and HSIN Intel.
• Gather: The ability to gather locally generated information, aggregate it, analyze it, and share it with federal partners as appropriate. Such information can come from local agencies and the public and often takes the form of tips and leads and suspicious activity reporting. The role of many fusion centers in gathering SAR gives them an important role in the NSI. The capability to gather local threat information also underscores the importance of fusion center documentation of SINs. Centers should engage stakeholders to identify their information needs, incorporate them into their SINs, and then use the SINs to guide information gathering.
The four ECs provide a foundation for the fusion process by ensuring fusion centers have the policies, strategies, technology, infrastructure, and other elements necessary for proper day-to
day operations and long-term growth. They are:
• Protection of Privacy, Civil Rights, and Civil Liberties (P/CRCL): Fusion center
protection of P/CRCL involves development and implementation of an approved privacy policy, compliance reviews, appointment of well-trained fusion center privacy officers, and outreach to the public and other stakeholders.
• Sustainment Strategy: Fusion centers are encouraged to engage in strategic planning and
performance measurement efforts to guide resource allocation, evaluate effectiveness, and demonstrate value. Such efforts include development of strategic plans and budgets linked to them, participation in cost assessments and financial audits, and exercises to evaluate capabilities.
• Communications and Outreach: By developing and implementing a communications and outreach plan, fusion centers can engage more proactively and consistently with
stakeholders to communicate the mission, purpose, and value of fusion centers.
Appointing a public affairs or public information officer can also help ensure successful communications.
• Security: Security policies, plans, and procedures are necessary to protect fusion center facilities, information, systems, and personnel. Other important ways fusion centers can help ensure security include appointment of designated security officers, provision of security training to their personnel, and access to security clearance information.
Outputs
Fusion center outputs represent the direct result of the use of center resources (inputs) to perform their day-to-day functions (processes). Fusion center outputs are often written products and intelligence or investigative services but also include the product of the ECs: supporting policies, plans, systems, and activities that enable the success of those products and services.
Intelligence and Information Products and Services
Fusion centers provide the most benefit and have the greatest impact when they provide timely, actionable information and intelligence that overlay national intelligence with locally gathered information. These products and services are designed to enhance customers’ situational awareness and support operational activity, ultimately informing decision making processes.
Investigative Case Support
Fusion centers provide the most benefit and have the greatest impact when they provide investigative case support that leverages access to information and systems, subject matter expertise, and apply analytic tradecraft to assist in the investigation of ongoing cases. Such investigations may pertain to all-crimes activity, not solely to terrorism.
Privacy, Civil Rights, and Civil Liberties Protections
Fusion centers provide the most benefit and have the greatest impact when they safeguard the nation while protecting the privacy, civil rights, and civil liberties (P/CRCL) of its citizens. To achieve these protections, fusion centers must build effective and robust P/CRCL policies and protections, including implementation of an approved privacy policy, compliance reviews, well-trained P/CRCL officers, and strong outreach to stakeholders.
Strategic Plans and Budgets
Fusion centers provide the most benefit and have the greatest impact when they develop strategic plans that enable more efficient and effective planning and allocation of capability resources which are sustained or enhanced over time. Strategic plans help fusion centers demonstrate their commitment to long-term success and endurance by defining and preparing for future
opportunities and uncertainties. Linking strategic priorities to operational budgets further enables long-term planning and helps to justify funding requests.
Communications Policies and Systems
Fusion centers provide the most benefit and have the greatest impact when their communications
Fusion centers provide the most benefit and have the greatest impact when their communications