T2 B7 Dhs Fdr- Response To Commission Questions 662

.02/19/04

THU 10:41 FAX

^002

U.S. Department of Homeland Security Information Analysis and Infrastructure Protection Directorate Response to the 9/11 Commission's Questions for Intelligence Community Components 1. Please describe your organization's role in supporting counterterrorism activities prior to September 11,2001, and your agency's CT role today. The Department of Homeland Security was established on March 1,2003, and in it, the Information Analysis and Infrastructure Protection Directorate (IAIP) was set up to receive information and intelligence regarding terrorist threats to the homeland, map those threats against the nation's physical and cyber critical infrastructure and key assets, and issue timely warnings and preventive and protective measures to protect American lives and property. The IAIP combined the legacy capabilities of the Department of Energy's Office of Energy Assurance, the General Services Administration's Federal Computer Incident Reporting Center (FedCIRC), the Federal Bureau of Investigation's National Infrastructure Protection Center, the Department of Commerce's Critical Infrastructure Assurance Office, and the Department of Defense's National Communications System, with the mission requirement to leverage these existing capabilities, and to broaden and enhance them to provide information and services to the federal government, state and local officials, and the private sector. As an example of this broadening of legacy missions, IAIP maintains continual situational awareness of the nation and its borders through the Homeland Security |~-? \J. ^.j 7Operations Center (HSOC). HSOC currently houses 26 federal (both Intelligence and law enforcement) and local agencies, which provide a continual stream of information which is further analyzed or transmitted to the appropriate federal or local law enforcement agency for action. Today, IAIP is providing the full range of intelligence support to DHS leadership, mapping terrorist threats to the homeland against assessed vulnerabilities in order to protect against terrorist attacks, conducting independent analysis of terrorist threats to the homeland in the form of tailored, competitive and red team analysis, developing requirements for collection of intelligence and threat-related information, and coordinating information exchanges between the Department and state and local governments and the private sector. Please see attached Fact Sheet on IAIP, and its relationship to the Terrorist Threat Integration Center. 2. How do you decide between counterterrorism and other high priority intelligence collection and analysis activities? Who makes these decisions? How do you allocate resources in accordance with these priorities? As outlined in the Homeland Security Act, the Secretary of Homeland Security,

t/19/04

THU 10:42 FAX

Tom Ridge, ensures that the responsibilities of the Department, including those regarding information analysis and infrastructure protection, are carried out through the Under Secretary for Information Analysis and Infrastructure Protection, Frank Libutti. IAIP itself is not an intelligence collection agency, but has access to foreign and domestically collected intelligence and other information from throughout the government, as well as developing mechanisms to gain such information from state and local governments and the private sector. In addition, IAIP plays a leading role in developing unique collection requirements related to protecting the homeland from terrorist attacks, both for the elements within DHS which do have collection authority (e.g., the Coast Guard, Customs and Border Patrol, Immigration and Customs Enforcement, Transportation Security Administration, and the Secret Service), and for other USG elements involved in terrorism and homeland-security-related information collection.

El003

~T>K-'

^ /- (, n Lf\k •, .;
LAJP's analytic mission is uniquely focused on the Homeland. LAJP's responsibilities include those to: access, receive, and analyze intelligence, law enforcement information, and other information from agencies of the Federal Government, State and local government agencies, and private sector entities, and to integrate such information in order to identify and assess the nature and scope of terrorist threats to the homeland; detect and identify threats of terrorism against the United States; and understand such threats in light of actual and potential vulnerabilities of the homeland. These responsibilities are, in part, carried out ^• through IA officers located at the Terrorist Threat Integration Center. IAIP, along with all other key elements in our war on global terrorism, are full partners in the TTIC effort, with their assignees at TTIC reporting directly back to their own chains-ofcommand, communicating seamlessly with them, and retaining the authorities and responsibilities of their assigning element. In a very real sense, then, TTIC is nothing ^ ,., more or less than each of these crucial USG elements "doing business as" TTIC, that is, | ',. utilizing the TTIC as one way, but not the exclusive way, to carry out their unique J missions. The Assistant Secretary for Information Analysis, Patrick Hughes, has primary responsibility for developing collection requirements, including domestic collection requirements, for the Intelligence Community and other entities including, but not limited to, those directly involved in counterterrorism activities as part of their own missions. Those requirements are informed by the integration of the Office of Mbrmation Analysis (IA), headed by Assistant Secretary Hughes, with the Office of Infrastructure Protection (IP), headed by Assistant Secretary Robert Liscouski. Those offices constantly exchange information about threats, terrorist capabilities and planning, critical infrastructure vulnerabilities and protective measures in place to gauge the likelihood of success and potential impact of terrorist acts. This information exchange enables, for the first time, a real pro-active, risk mitigation strategyfemerge for our Nation, as opposed to what once was a primarily reactive strategy. In addition, IAIP is tasked to carry out comprehensive assessments of the

#19/04

THU 10:42 FAX

vulnerabilities of the key resources and critical infrastructure of the United States, to integrate relevant information, analyses, and vulnerability assessments in order to identify priorities for protective and support measures by the Department, other agencies of the Federal Government, State and local government agencies and authorities, the private sector, and other entities. IAIP disseminates, as appropriate, information collected and analyzed by elements of the Department within the Department, to other agencies of the Federal Government with responsibilities relating to homeland security, and to agencies of State and local governments and private sector entities with such responsibilities in order to assist in the deterrence, prevention, preemption of, and response to, terrorist attacks against the United States. Through its analysts assigned to TTIC, the IA Directorate ensures that information gathered by DHS reaches TTIC and informs its work and that TTlC's work directly supports DHS' unique mission to protect the Homeland, IAIP consults with State and local governments and private sector entities to ensure appropriate exchanges of information, including law enforcement-related information, relating to threats of terrorism against the United States. To the extent that this question seeks information about non-terrorism-related intelligence collection and analysis and the relative priority of such activities vis-avis counterterrorism activities, given lAIP's overriding statutory mission, the question is largely inapplicable to IAIP. IAIP has allocated the resources it received from the passage of the Homeland Security Act after extensive consultation by the leadership team, though some flexibility will be required as DHS continues to mature and develop an operational history of its own in order to determine how best to allocate resources to better meet mission requirements. 3. Which activities, if any, have been terminated in order to reallocate resources to CT efforts over the past five years? The Department of Homeland Security was established on March 1,2003. lAIP's resources were reallocated from the legacy agencies identified above. There has been no further reallocation to date. 4. How are your organization's priorities linked to guidance from the Secretary of Defense and/or the Director of Central Intelligence? Are your priorities solely directed by the cabinet secretary or agency head that leads your department or agency? The priorities for IAIP are set forth in the Homeland Security Act and by applicable Presidential Directives, and are administered by the Secretary for Homeland Security, Tom Ridge, and the Under Secretary for Information Analysis and Infrastructure

$004

719/04

THU 10:43 FAX

Protection, Frank Libutti. Within IAIP, the Office of Infonnation Analysis, headed by Assistant Secretary Patrick Hughes, communicates with the Central Intelligence Agency and other Intelligence Community entities under the direction of the DCI, along with numerous Department of Defense elements, in order to ensure that DHS' activities are informed by the broader counterterrorism and related priorities of the USG and, equally important, to ensure that priorities and requirements developed by IAIP and other DHS elements are appropriately integrated with collection activities of all other USG counterterrorism elements. IAIP, both at DHS Headquarters and through IAIP analysts physically located at TTIC, conducts its own, independent analysis, in the form of competitive, tailored and "red team." analysis, and utilizes the analytic resources of the Federal Bureau of Investigation, Central Intelligence Agency, Department of Defense, and other entities in this effort. As such, DHS and its leadership set forth priorities for the Department and the Office of Information Analysis works with its fellow members of the Intelligence Community, coordinating intelligence requirements. 5. What is your office's strategy to meet its responsibilities regarding counterterrorism? Among other things, IAIP is responsible for mapping terrorist planning, tactics and capability against our vulnerabilities. IAIP does this by independently analyzing all intelligence it receives and through constant and seamless communication with lAIP's assignees at the TTIC and throughout the intelligence, law-enforcement, and homeland security communities, in order to compile the most accurate domestic threat picture possible. As stated before, the work of the HSOC informs this mission, providing an unprecedented real time threat picture of the country. Warning products are then produced and disseminated to the federal government, state and local officials, and the private sector as is appropriate. IAIP implements its goal of protecting the homeland by enabling, developing, and sustaining the capability to continuously identify, assess, and prioritize current and future threats to the homeland and map those threats against vulnerabilities. IAIP also issues timely warnings and advisories containing preventive and protective measures for critical infrastructure owners-and operators, and provides actionable information to state and local officials and law enforcement to prevent and disrupt terrorist planning and activity. In addition to analysis and warning, IP is continuously assessing vulnerabilities within the nation's critical infrastructures and working State, local governments and the private sector to reduce these vulnerabilities. Together the integration of information and intelligence by IA and the vulnerability reduction efforts of IP enable focused national risk mitigation programs. These organized programs are in stark contrast to the Nation's previous capacity only to react to threats. This framework provides the basis from which to organize protective measures to secure America, and assists in coordinating the response and restoration of critical infrastructure functions should an incident take place.

1^1005

#19/04

THU 10:43 FAX

6. Please describe your agency's linkages to the following entities: Terrorist Threat Integration Center (TTIC); CIA Counterterrorist Center (CTC); DIA Joint Task Force for Counter-terrorism; FBI Counterterrorism Division; DHS Information Analysis and Infrastructure Protection Directorate (IAJP). As noted above, IAJP is a full partner in - in effecCa "part owner of' ~TI]0; our officers work day-in-day-out at TTIC, participating in processing and analyzing terrorist threat-related information, shaping and disseminating TTIC products, assessing gaps in available information, and ensuring that TTIC products reach appropriate DHS Headquarters elements, as well as appropriate state, local and private sector officials. The CIA, DOD, and FBI, as well as others, also are full partners in the TTIC joint venture, and, as a result, IAIP is closely linked to them through its work at TTIC. Additionally, IAIP, as a full member of the Intelligence Community, shares intelligence information not only with its component entities, but with other 1C members, including, but not limited to, those listed in the question above. This sharing of information involves regular meetings and exchanges of information. For example, the Office of Information Analysis and the FBI Counterterrorism Division meet weekly, and the Homeland Security Information Summary (HSIS) is briefed and distributed electronically by IA daily to selected members of the intelligence community. 7. Please characterize relations on Counterterrorism issues within the Intelligence Community prior to September 11,2001, and today. How has information sharing on CT issues changed, if at all? IAIP, of course, did not exist until March 2003. From our perspective, however, information sharing on Counterterrorism issues has increased greatly even since IAIP came into being. Not only are members of the 1C communicating well, including through frequent face-to-face and electronic meetings, vastly enhanced dissemination of information throughout not just the traditional "1C," but with the broader law enforcement and homeland security communities. New ways of doing business, including IAIP itself, as well as, of course, the TTIC, and the Terrorist Screening Center, are improving every day our ability not onlyto better develop a better threat picture but to act rapidly to reduce our vulnerabilities and to prevent threatened attacks against us. IAIP is currently assessing and analyzing threat information from all sources, including the 1C, and sharing the results at an unprecedented rate, at appropriate levels, with state and local homeland security officials and the private sector. 8. Please identify the responsible policy official for CT issues in the Intelligence Community from whom you take direction and guidance. Direction and guidance to IAIP are provided by the Secretary of Homeland Security, Tom Ridge, and the Under Secretary for IAIP, Frank Libutti, themselves

1^1006

r!»/U4

IfilOO?

guided by applicable statutes and Presidential directives. The Office of IA, as a member of the Intelligence Community, also is guided by directives and other guidance materials promulgated by the DCI. Communication between the IAIP Directorate and the rest of the Intelligence Community takes place between the analysts in the Office of Monrjation Analysis and their counterparts in the respective 1C organizations, including through our assignees physically located at TTIC and TSC, both at the analyst level and through the DHS Senior Representatives at both Centers, Mike Dunlavey and Rick Kopel, respectively, who are provided by the Department of Homeland Security.

fl9/04

THU 10:44 FAX

0008

FACT SHEET: DHS Directorate of Information Analysis and Infrastructure Protection Summary !

The Directorate of Information Analysis and Infrastructure Protection ('TAIP") of the Department of Homeland Security! (DHS) is firmly committed to carrying out each of the 19 responsibilities assigned to it in Section 201 of the Homeland Security Act. As indicated in the Reorganization Plan, submitted to Congress on November 22,2002, and graphically represented in the attached table,; the Office of Information Analysis ("IA") will carry out 16 of the 19 responsibilities (working together with the Office of Infrastructure Protection ("IP") on sevien of these). IP itself will carry out three of the 19. IA will carry out one of the 19 responsibilities -. identifying, detecting, and assessing terrorist threats to the homeland -- both through analysts at DHS Headquarters and through operating as one of the Terrorist Threat Integration Center ("TTIC") partners in collaboration with analysts from other key agencies. Although only a few months old, IAEP is moving forward to increase its' staff to carry out these statutory responsibilities, and will have 86 full time analysts by September 2003, and 113 by March 2004, lAIP's first anniversary. Among the key missions oif IA, which it is now carrying out and for which IA will continue to increase its capability, are: •

Providing the full range of intelligence support to senior DHS leadership, as do intelligence components of other departments and agencies;

•

With IP, mapping terrorist threats to the homeland against our assessed vulnerabilities in order to drive our efforts to protject against terrorist attacks;

•

Conducting independent analysis of terrorist threats to the homeland based on DHS' robust access to information and intelligence, including competitive analysis, tailored analysis, and "red teaming;"

•

Supporting the work of all of DHS' components, including the Directorates of Border and Transportation Security, Science and Technology, and Emergency Preparedness and Response. This analytic support will also be provided to DHS' decisionmakers under pending Bioshield legislation, if enacted;

"7

\ •

!'

Analyzing terrorist threats to the homeland, both at DHS Headquarters, and through IA analysts physically located at ljTIC; i • Developing requirements for the collection of intelligence and other information related to terrorist threats to the homeland for use by the Intelligence Community and U.S. law enforcement agencies; j •

Coordinating exchanges of terrorist threat-related information with state and local governments and the private sector; and I ii i I

ii

19/04

THU 10:44 FAX

1^009

• Managing the collection and processing of information into usable intelligence from DHS' inherited intelligence components, e.g., Customs, Coast Guard, Secret Service. To carry out these critical responsibilities, the President and Congress have provided DHS/IAIP with unique and powerful authorities and capabilities, outlined in greater detail below. A Unique Organization. IAIP is unique among federal agencies with intelligence and law enforcement functions iji terms of its combination of authority, responsibility, and access to information. Np other entity combines lAIP's: i

•

Robust, comprehensive, and independent access, mandated by the President and in the law, to information relevant to homeland security, whether raw or processed;

•

Mission and authority to obtain information and intelligence, including through DHS components, analyze that data, and take action to prevent, and respond to, terrorist attacks directed at the U.S. homeland; and

•

Ability to conduct its own, independent threat and other analysis and to leverage the analytic resources of the Federal Bureau of Investigation (FBI), Central Intelligence Agency (CIA), Department of Defense (DOD), TTIC, and other entities, to manage the protection of the homeland.

IAIP - Focus on the Homeland. lAIP's anti-terrorism mission is singularly focused on the protection of the American homeland against terrorist attack. This is unique among all intelligence, law enforcement, and military entities (such as CIA, FBI, and DOD), whose missions extend both worldwide, and to subject-matter areas and purposes well beyond anti-terrorism. This focus allows IAIP to concentrate its energy on protecting against threats at home, while working closely with other U.S. Government components with explicit overseas-focused, or both overseas- and domestic-focused, missions to ensure unity of purpose and effort against terrorist threats worldwide. Precisely because DHS/IAIP is domestically focused, it can concentrate its considerable authorities and capabilities on a critical mission that was fragmented prior to the President's proposal to create DHS: protecting against terrorist attacks at home. Central Role. Central to the success of this singular DHS mission is the coordination of the Office of Information Analysis ("IA) with the Office of Infrastructure Protection (8TP") to ensure that threat information is correlated with critical infrastructure vulnerabilities and protective programs. This correlation provides the essential context to determine the relevance and efficacy of threat information to the protection of critical infrastructure components and key assets. IAIP is the center of strategy coordination for all of DHS' Critical Infrastructure Protection efforts. Working through its Headquartersbased analysts, IA, in close collaboration and coordination with IP, will choreograph an interactive relationship between analysis of terrorist threats against the United States homeland, comprehensive vulnerability assessments, and domestic preventative and protective measures. The IA-IP partnership significantly reduces the potential for

./19/04

THU 10:44 FAX

B010

intelligence gaps and communications failures. This linkage of information access and analysis on the one hand and vulnerabilities Analysis and protective measures on the other is what is entirely new, and unduplicated elsewhere, about the President's vision for DHS. ! i •; i Partnership with State and Local Governments and the Private Sector. Unlike other members of the Intelligence Community, including others represented at the TTIC, IA has both the authority and responsibility for providing Federally-collected and analyzed homeland security information to first responders and other state and local officials and, as appropriate, security managers and other key private sector contacts. Likewise, only IA, in coordination with IP, is in the position effectively to manage the collection from state and local governments, jand private sector officials, of the crucial homeland security-related information that may be, in the first instance, available only to those officials. DHS will work closely with pther U.S. Government agencies to coordinate relations with state, local, and private sector officials, including coordinating with FBI on contacts with state and local law enforcement. ;

: !

I

i

:

Beyond the unique IA-IP partnership] IA is also the central information nerve center of DHS' efforts to coordinate the protection of U.S. homeland security. IA will: M

i

.

•

Facilitate the creation of requirements, on behalf of the Secretary and DHS leadership, to other DHS components, and to the ^Intelligence Community, and law enforcement, informed by the integration' of homeland-security-related intelligence from all sources with vulnerability and risk assessments for critical infrastructure prepared by IP; , ;

•

Provide the full-range of intelligence support -- jbriefings, analytic products, including tailored analysis responding tp (specific inquiries, and other support - to the Secretary, DHS leadership, the Undersecretary for IAIP, and DHS' operational components, as well as the rest of DHS; j !

i i

:

i

!

'

i

•

Serve as the collection, processing, integration, analytic, and dissemination manager for DHS' information cdllectioin and operational components (Coast Guard, Secret Service, Transportation Security lAdministration, Immigration and Customs Enforcement, Customs and Border' Protection), turning the voluminous threat information collected every day at pur borders, ports, and airports, into usable and, in many cases, actionable intelligence; ! ;

•

Ensure (in coordination with FBI and others) that homeland security-related intelligence information is shared with pthers who need it, in the Federal, state, and local governments, as well as the private!sector; and 1 '• i • Support the Homeland Security Advispry System. lA's activities also will be in support of the Secretary's responsibility to administer the Homeland Security Advisory System, including independently analyzing information supporting decisions to raise or lower the national warning level.

i

•

[

|

! 3 U

•

'19/04

THU 10:45 FAX

Terrorism Threat Analysis: IA and TTIC In addition to mapping terrorism threats to the homeland, and carrying out its many other intelligence analytic functions, IA, as directed by the President and Congress, will identify, detect, and assess the nature and scope of terrorist threats to the homeland. Some of DHS' work in this area will be carried out in part by IA analysts who are full participants in the President's Terrorism Threat Integration Center (TTIC) initiative,! and physically located at TTIC. Other threat analysis will be carried out by IAD? analysts located at Headquarters, in close coordination with those located at TTIjC. ! ; •

IA "Doing Business As" TTIC

I

I

\n IA officers will be located at TTIC, working day-in-day-out, pa

in processing and analyzing terrorist tiireat-jelated information, developing, shaping, and disseminating TTIC products, assessing gaps in the available information, and ensuring that TTIC products reach appropriate DHS jHeadquarters elements, as well as appropriate state, local, and private sector officials. lAjanalysts Assigned to TTIC will ensure that information gathered by DHS (from its bwiii collectors as well as state and local governments and the private sector) reaches TTIC and informs its work and, equally important, that TTlC's work directly supports DHS' unique mission to protect the homeland. IA analysts at TTIC are there, ii significant part, to carry out DHS' mission. The threat information integration and: analysis that is the beginning, not the end, of DHS' protective mission, will most effectively be; carried out, as Congressional and other reviews have recommended, when all jterrojism threat-related activities of the U.S. Government work together seamlessly. This includes counter-terrorism activities directed against threats overseas, as well as criminal investigation and prosecution activities, which the President and Congress did not, and, as a matter of effective government and common sense, should not, direct be carried out exclusively by DHS. Leveraging Co-Located Resources* With the early fall 2004 co-location of TTIC (including the IA analysts working for DHS there), with CIA's Counterterrorist Center, and the FBI's Counterterrorism Division, DHS will be able to leverage the presence of its personnel at this combined facility to: reduce transmission and coordination time for critical information; and facilitate comprehensive assessment of not only domestic threats but also foreign-based threats that may ultimately impact thejhomeland. As provided by Congress and the President, authorities and capabilities to deter and disrupt terrorist threats, particularly overseas, are shared among a number of departments and agencies and such activities often must be undertaken in concert with state, local, and foreign governments. Recent experience has shown that terrorist groups may attempt to coordinate multiple attacks, both overseas and within the United States! and that threats that appear to be directed overseas may actually be directed towards the homeland, and vice versa. Robust and Independent Access to Intelligence

,719/04

THU 10:45 FAX

To carry out portions of its mission performed by IA analysts physically located at TTIC and those at DHS Headquarters, IA will have robust, comprehensive, and independent access, mandated by the President and in the law, to information relevant to homeland security, whether raw or processed. LA's access is not an "either" IA at TTIC "or" IA at DHS Headquarters issue. IA will have the'mandated access to, and the physical electronic means to receive information, independent of its participation in the TTIC. DHS' robust access to homeland security information - provided by the President, by Congress, and by written agreement between the Secretary, Director of Central Intelligence, and Attorney General - is in no way limited to those IA officers physically working at TTIC. A copy of the Memorandum of Understanding between the Intelligence Community, Federal Law Enforceinent Agencies, an(j tne Department of Homeland Security Concerning Information SharingJ dated March 4,2003 ("the MOU") is attached hereto. ; ' : • Leveraging Federal, State and Local Information, and DHS/IP In carrying out their analysis, IA analysts at DHS Headquarters not only will have access to all relevant information from U.S^ intelligence and law enforcement agencies and from officials in state and local governments andi the private sector, but they will be able to reach out, via the IA analysts located at TTICJ to leverage their expertise and direct contacts to the overall U.S. counterterrorism operational and analytic efforts colocated there. DHS/IP will rely upon the analysis produced by LA, to help determine priorities for protective and support measures and provide them to federal, state, and local government agencies and authorities, and to private sjector entities. In support of its mission, DHS/IP will drive, through and with lA, reduirements to the Intelligence Community, law enforcement, and other parts of DHS, to ensure that vulnerabilities and threats are correlated and appropriate protective actioins are defined and implemented. \:

IA's Independent Analytic Work

j

'•• ' \n addition to the critical role, outlined above' of mappin

vulnerabilities against threats to the homeland, IA als,o will conduct other analysis distinct from that hi which IA analysts participate at TTIC, including: •

Tailored Analysis. LA Headquarters-based analysts will routinely be tasked to take a different "cut" at a similar universe of information as that analyzed at TTIC. For example, TTIC may reach a conclusion about a g aoeral terrorist threat to the United States, while DHS Headquarters may want a mor; targeted and specific analysis directed at how such a threat might affect ajpartieular sector of the U.S. infrastructure, Such threat analysis would be different;than that performed at TTIC, but crucial to the overall DHS mission and to our homeland Security, Similar tailored analytic products are systematically used by the leaders of other Ini elligence Community member Departments and Agencies based on each agency s individual mission.

•

Competitive Analysis. LAP analysts located at Headquarters will also conduct competitive terrorism threat analysis to that takirig pi;ace at TTIC. For example, the

yi9/04

THU 10:46 FAX

Secretary may want an independent look at a particular conclusion reached by analysts - including IA analysts - at TTIC. Such :ompetitive analysis not only is sound practice, but it has been for decades a cornerstone of U.S. Intelligence Community analytic efforts. Red-Teaming. lA's tailored and, at times, comp btitive terrorism threat analysis, will take another form as well: "red teaming." lA's arialysts will not only look independently at threat data from a traditional analytical perspective, i.e., "connecting the dots," but will also undertake "red team" anal; reis. In this mode, analysts will view the United States from the perspective of;th«i terrorists, seeking to discern and predict the methods, means and targets of the terri >ristB. The analysis produced as part of this red teaming will then be utilized to uncbve r weaknesses, and to set priorities for long-term protective action and target hardeni ig. TTIC's Mission TTIC is an interagency joint venture: of its partners. The TTIC members include, but are not limited to, the Department of Justice/FBIj DHS, CIA, National Security Agency, National Imagery and Mapping Agency, Peiense Intelligence Agency, and the Department of State. Through the input and participj tion of these partners, TTIC will merge and analyze terrorist threat-related informatiorj, collected domestically and abroad, in order to form the most comprehensive possible thr jat picture, and disseminate such information to appropriate recipients. TTIC, through its structure, will draw on the particular expertise of its participating members - such as DHS' focus on homeland security and CIA's focus on terrorism information; collected overseas - thereby ensuring that the terrorist analytic product takes advantage of, land incorporates, the specialized perspectives of relevant federal agencies, hi addition! TTIC will have access to, and will aggressively seek to analyze, information from state and local entities, as well as voluntarily provided data from the private sector. TIJIC will work with appropriate partners to ensure that TTIC's products reach not 6rJy federal customers, but also state and local, as well as private sector, partners. TTIC will provide comprehensive, all-source terrorist threat analysis and assessments to U.S. national leadership. It will also play a lead role, along with other organizations, in overseeing a national terrorist threa tasking and requirements system. In addition, TTIC will maintain an up-to-date database of known and suspected terrorists accessible to appropriate officials. A copy of Direct* r of Central Intelligence Directive 2/4, concerning TTIC, is attached hereto.

i!013

,/19/04

THU 10:46 FAX

Statutory Function"

®014

Component Performed, in

•• j

;

IA

Part, at TTIC? NO NO NO NO NO

1A IA

NO NO

IA

NO

IA

NO

IA

NO

IA/IP

NO

IA/IP

NO

IA/IP

NO

IA/IP

NO

IA/IP

NO

IA

NO

IA

NO

IA/IP IA

NO YES

Vulnerabilities Assessment • National Plan to Secure Infrastructure : •' • Recommend Infrastracture Protective Measures ' "Map" threats against vulnerabilities • i Ensure timely and efficient access to DHS 6f all ; homeland security information '•..'•• ; ; Administer the Homeland Security Advisory System Make recommendations for homeland security •. •. : ; . information sharing policies j '•• i ; • i Disseminate information analyzed by DHS to other federal, state, and local government entities and the private sector ,i .• ~. ; Consult with appropriate federal Intelligence ; Community and law enforcement officials to establis collection priorities and strategies and represent DHi in "requirements" processes ; ; '•'".:'•

IP IP IP

Consult with state and local governments and the private sector to ensure appropriate exchanges of terrorist threat-related information 1 'J. Ensure that information received is protecte'd from unauthorized disclosure and handled and used only i >r the performance of official duties I ! ,..;•• Request additional information from other federal, s ite, local government agencies and the private sector Establish and use secure information technology '. • infrastructure ' ^ ' Ensure that information systems/databaises lire ; ; compatible with one another and other federal agent es and treat information in accordance with applicable Federal privacy law j . , Coordinate training and other support to DlIS and 6' ler agencies to identify and share information ! '••,.'', Coordinate with 1C elements and federal, gjiatej arid local law enforcement agencies "as appropriate" ; Provide intelligence analysis and other support to th rest of DHS ..'. • ; ' i i Perform such other duties as the Secretary inay prt>V de Identify, Detect, and Assess Terrorist Threats to ; : Homeland ' ,; ;

i

< !.

:

.

IA/IP

'

' This chart is intended only to describe in general terms lAff'S-divlsion of Ik or with regard to functions assigned DHS by the nd all other federal Departments and Agencies, remain responsible, with regard to their own work and information in t&eir poiseesi&r for many of these same functions, e.g., protecting information against unauthorized disclosure. :| :

i

i

"',• •

:|v ^!: ' ! •: •'• i-7^!.

; i : l : ' !* =