Skip to main content

Year 2000 Computing Challenge: FBI Needs to Complete Business Continuity Plans

AIMD-00-11 Published: Oct 22, 1999. Publicly Released: Oct 22, 1999.
Jump To:
Skip to Highlights

Highlights

Pursuant to a congressional request, GAO provided information on the Federal Bureau of Investigation's (FBI) plans and controls for year 2000 business continuity planning, focusing on: (1) the status of and plans for completing the FBI's contingency planning for continuity of operations; and (2) whether the FBI's contingency planning efforts satisfy the key processes in GAO's year 2000 business continuity and contingency planning guide.

Recommendations

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Justice The Attorney General should direct the Department of Justice's Year 2000 Program Office to clarify the department's expectations for Year 2000 business continuity planning for all Justice bureaus, emphasizing the need for these plans and discussing Office of Management and Budget's adoption of GAO's guidance as a federal standard.
Closed – Implemented
In response to the report, Justice convened a meeting of its component bureaus, which GAO attended and facilitated. The purpose of the meeting was to specify the requirement for, and explain the importance of, Year 2000 business continuity plans.
Department of Justice The Attorney General should direct the Director, FBI, to establish and implement a plan for the timely development and testing of effective headquarters and field office year 2000 business continuity plans, including incremental milestones for completing all relevant key processes in GAO's guide associated with business impact analysis, plan development, and plan testing.
Closed – Implemented
The FBI Year 2000 Program Management Office developed a plan for developing and testing business continuity plans. The plan required FBI headquarters and field offices to develop and test business continuity plans by November 1, 1999, and December 15, 1999, respectively.
Department of Justice The Attorney General should direct the Director, FBI, to establish and implement effective controls and structures for managing year 2000 business continuity planning, including each of the relevant key processes addressed in GAO's year 2000 continuity planning guide and discussed in this report as not yet being satisfied.
Closed – Implemented
The FBI's actions were limited to business continuity plan testing. Specifically, the FBI tested its headquarters business continuity plans on November 18, 1999 and December 2, 1999. In addition, the FBI also conducted joint testing of headquarters and field offices' business continuity plans on December 8-9, 1999.

Full Report

Office of Public Affairs

Topics

Computer securityMission critical systemsContingency plansContinuity of operationsInformation resources managementSoftware verification and validationStrategic information systems planningSystems conversionsY2KRisk management