SEMIANNUAL REPORT TO THE DIRECTOR, CENTRAL INTELLIGENCE AGENCY JULY - DECEMBER 2007

Approved for Release: 2018/12/17 C05496229 Central Intelligence Agency Inspector General SEMIANNUAL REPORT TO THE DIRECTOR, CENTRAL INTELLIGENCE AGENCY JULY - DECEMBER 2007 JOHN L. HELGERSON Inspector General "SECRET//N F RN//2 321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 CECRETHN F RN//2 321231 TABLE OF CONTENTS PAGE (U) A MESSAGE FROM THE INSPECTOR GENERAL 1 (U) STATUTORY REQUIREMENTS 6 (U) AUDITS 7 (U) AUDIT STAFF OVERVIEW 7 (U) COMPLETED AUDITS 8 (U) STATUS OF SIGNIFICANT RECOMMENDED ACTIONS OUTSTANDING FROM PREVIOUS SEMIANNUAL REPORTS 17 (U) SUMMARIES OF SELECTED CURRENT AUDITS 24 (U) INSPECTIONS 26 (U) INSPECTION STAFF OVERVIEW 26 (U) COMPLETED INSPECTIONS 27 (U) STATUS OF SIGNIFICANT RECOMMENDED ACTIONS OUTSTANDING FROM PREVIOUS SEMIANNUAL REPORTS 36 (U) SUMMARIES OF CURRENT INSPECTIONS 44 (U) INVESTIGATIONS 45 (U) INVESTIGATIONS STAFF OVERVIEW 45 (U) COMPLETED INVESTIGATIONS 47 (b)(3) �ECP.ET//N F RN//20321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 'Lorin:COT/ / NOPORN/ 20321231 (U) ANNEX SECTION (U) STATISTICAL OVERVIEW (U) COMPLETED AUDITS (U) CURRENT AUDITS (U) COMPLETED INSPECTIONS (U) CURRENT INSPECTIONS (U) COMPLETED INVESTIGATIONS (U) CURRENT INVESTIGATIONS Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 GLCRLT//N// (LI) A Message From the Inspector General (U/g4Gliefet During this semiannual reporting period, inspections undertaken by the Office of Inspector General (OIG) continued to focus on key issues that involved multiple directorates, as well as on major Agency components. The Inspection Staff completed six such reports. J,Sliciwerl A report on Agency-Wide Performance Against was the third in a series of examinations of major, cross-cutting issues facing the CIA; the Staff had completed inspections of Agency-wide performance on North Korea in June 2006 and on Russia in October 2006. The report contained positive findings regarding the performance of the National Clandestine Service (NCS) and Directorate of Science and Technology on HUM TNT and technical collection, the analysis of the Directorate of Intelligence (DI) and the work of the Director of National Intelligence Open Source Center exploiting open source materials.! _(.41.1P4127 The Staff also published an inspection report on Near East and South Asia (NE) Division in the NCS. The inspection found the Division is performing well in discharging an array of responsibilities associated with the two wars underway in its area of operations, customers are largely satisfied with NE reporting, and the Division has a robust asset validation system in place.] 1 CECRET//ra r RN//20321231 (b)(1) (b)(3) (b)(1) (b)(3) (b)(3) (b)(1) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 5CRtT/ 1 \ 47/20 2143t (U/444eteir In addition, the Staff published an inspection report on Application Services (APPS) in the Office of the Chief Information Officer. Among the strengths highlighted in the report are APPS' vision and strategy for improving the speed of product delivery and increasing customer satisfaction, and its productive relationship with its DI partner. Challenges include the absence of a detailed implementation plan to advance its vision; problematic interactions with partners, including the NCS; and difficulty staffing project management positions. 41441i, The Staffs inspection report on the Office of Russian and European Analysis found an organization performing admirably in covering its accounts and satisfying customers. It also found an effective, highly- regarded leadership team and a generally well-staffed work force with high morale. Initiatives for addressing areas for improvement uncovered in the inspection �1 � are already underway in the Office. .c,444roir7 The inspection report on the Agency's Targeting Discipline is a follow-up to a 2003 inspection. This report found that significant progress has been made since 2003 in developing the targeting discipline, especially in establishing suboccupational career tracks within each of the mission directorates and launching targeting training. Finally, the Staff's inspection of Training for New DI Analysts found that the DI� through its Sherman Kent School for Intelligence Analysis � makes available to new employees a wide array of training that is effectively preparing them for their duties. The Staff is in the process of wrapping up an inspection of Training for New NCS Officers as well. (1.1//f_alet;e, During this reporting period, the Inspection Staff began disseminating final inspection reports in electronic format to expedite their distribution and enhance their accessibility. (U/Clleigiet The Audit Staff completed the annual independent audit of the CIA's financial statements (for FY 2007). Although the auditors identified a number of material weaknesses in internal control and disclaimed an opinion on the financial statements, the audit found that the CIA continues efforts to improve reporting financial information in accordance with Federal requirements, and steps are being taken to strengthen key 2 (b)(3) (b)(5) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 CECRETHN F RN//2 321231 internal controls. The Staff also completed its FY 2007 annual independent evaluation of the CIA's information security program and practices required by the Federal Information Security Management Act. a In keeping with the standing request of the Congress that the OIG audit each covert action program no less frequently than every three years, the Office completed an audit of a compartmented covert action program (b)(1) (b)(3) (W/F-ett0) The Office participated in an Office of the Director of National Intelligence (ODNI) OIG audit to evaluate the process used to award indefinite-delivery/indefinite-quantity (IDIQ) contracts under the Contract Advisory and Assistance Services/Systems Engineering and Technical Assistance (CAAS/SETA) and External Analysis and Conferencing Support (CASES) Program. The Audit Staff determined that the CIA acquisition process used to award the IDIQ contracts under the ODNI CASES Program was fair and impartial. (b)(1) (b)(3) a The Audit Staff published an extensive report on project and contract management of construction and renovation projects The report offers several significant recommendations to improve project and contract management. The Staff also completed an audit' \ The Audit Staff also completed audits of eight field stations during this period. (U//Ealielgt- Audit reports during this period made recommendations to strengthen internal controls over program and project management, covert actions, information technology, financial management, and field station administration, Agency senior managers concurred in virtually all of the recommendations. (U/liac4iffr) The Investigations Staff continued to focus largely on investigating fraud and corruption matters during this reporting period. Such cases involved embezzlement, theft, contract fraud, conflicts of interest, acceptance of gratuities, money laundering, or conspiracy. One of these 3 `2,ECRETHN r RN//2 321231 (b)(1) (b)(3) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 drAA:i // investigations involves a former high-ranking official who is the subject of a 30-count indictment. Members of the Investigations Staff received an Achievement Award for Excellence in Investigations from the PCIE. This award recognized their investigative contributions to a public corruption case prosecuted successfully by the US Attorney's Office in San Diego. (11/1F-Gilarl7 A number of OIG investigations involved embezzlement of Agency funds by finance officers. In one case, a now former employee who pled guilty to theft of approximately was sentenced to two years of confinement and three years of probation, and was ordered to make restitution upon release from confinement. A second case, involving another now former employee, involves some and is nearing resolution in concert with the Department of Justice. Three other investigations are underway. (11//11;61rft") The OIG also continues to devote considerable investigative resources to reviewing the Agency's detention and interrogation activities associated with the conflicts in Iraq and Afghanistan and the international war on terrorism. This work, undertaken with the cooperation of the Departments of Justice and Defense, as appropriate, is examining the circumstances surrounding the movement, confinement, and, in some cases, alleged abuse of detainees. LS/Mr The Staff completed a report of investigation concerning the circumstances surrounding the rendition and detention of German citizen Khalid al-Masri. The report concluded that available intelligence information did not provide a sufficient basis to render al-Masri, and that his rendition and prolonged detention resulted from breakdowns in tradecraft and legal oversight and were unjustified. The report made a number of systemic recommendations and recommended that an Agency accountability board be established to review the performance of three individuals. Agency senior managers have acted on the recommendations. (5,441/241 The Staff also completed a Report of Investigation concerning an Agency contractor who physically abused detainees The (b)(1) Department of Justice declined prosecution in favor of administrative action (b)(3) by the Agency. (b)(1) (b)(3) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 -SiErC-FeE-T-fteleftletftterr (U//Ealele) At the conclusion of the reporting period, the Investigations Staff worked with the National Security Division of the Department of Justice to conduct a preliminary inquiry into the circumstances surrounding the destruction of tapes related to the Agency's detention and interrogation program. The findings of this inquiry led the Attorney General to direct that a criminal investigation be undertaken. Because OIG personnel reviewed the tapes in question some years ago and because I was involved in the preparation and review of the OIG report of May 2004 that described their observations, as well as having discussed the findings with US Government officials, I have recused myself from any involvement with the follow-on investigation. 5 /s/ John L. Helgerson 15 January 2008 Approved for Release: 2018/12/17 C05496229 � Approved for Release: 2018/12/17 C05496229 SECRET//N r R1.7/2 321231 (U) STATUTORY REQUIREMENTS (U) This report is submitted pursuant to section 17 of the CIA Act of 1949, as amended, which requires the Inspector General to provide to the Director, Central Intelligence Agency (D/CIA), not later than 31 January and 31 July of each year, a semiannual report summarizing the activities of the OIG for the immediately preceding six-month periods, ending 31 December and 30 June, respectively. (U) All audit activities of the OIG are carried out in accordance with generally accepted government auditing standards. All OIG inspection and investigation activities conform to standards promulgated by the President's Council on Integrity and Efficiency. (U) The OIG has had full and direct access to all Agency information relevant to the performance of its duties. (U) Subpoena Authority (U/LE...C.1�140) During this reporting period, the IC issued six subpoenas: two were issued in the course of an investigation of an allegation of time and attendance fraud, two were issued in furtherance of an investigation of allegations of voucher fraud and the theft of government property, and two were issued in conjunction with the joint CIA/ Department of Justice preliminary inquiry into the destruction of interrogation videotapes. (U) Legislative Proposals (U) The OIG has no proposals for legislative changes. 6 CECRETRN F PN//2n111T11 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 SECRET//N F RN//2 321231 (U) AUDITS (U) AUDIT STAFF OVERVIEW (UHDP.Trtel" The Audit Staff conducts performance and financial audits of CIA programs and activities. During this reporting period, the Audit Staff issued 14 audit reports containing 46 recommendations that addressed program and project management, covert action, financial management, information technology, and field station administration. .4.e7 The Audit Staff continues to pursue its program, as requested by the Congress, to audit each covert action (CA) program (or an aspect of each program) at least every third year and to provide the results of each audit to the Congress. This reporting period, the Staff completed one CA audit to determine the effectiveness of a compartmented CA program The Staff will complete two additional CA audits in early 2008. ey The Staff completed audits of construction and renovation project management at the and the annual review of the security of the CIA's information systems as required by the Federal Information Security Management Act, The Staff also completed audits of eight field stations. (11/4F-gerIT The Staff completed work on the statutory audit of the CIA's financial statements for FY 2007 and issued its report in November 2007. The report contains significant deficiencies of (b)(3) which are considered material weaknesses in internal control. The report also determined the status of prior years' audit recommendations and management's actions to resolve them. 7 CECRET//N F RN//20321231 (b)(1) (b)(3) (b)(1) (b)(3) (b)(1) (b)(3) (b)(3) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 3ECRETHN r RN//2 321231 (U) COMPLETED AUDITS (U/4.4;430)- 2007 Independent Evaluation of the Central Intelligence Agency Information Security Program and Practices Required by the Federal Information Security Management Act (FISMA) (2007-0012-AS, July 2007): FISMA requires Federal agencies to establish agency-wide, risk-based information security programs that include comprehensive information security policies and procedures; periodic risk assessments; information security training; periodic system testing and evaluation; and plans for remedial action, security incident response, and continuity of operations. In addition, FISMA requires an annual process of self- assessment and independent evaluation of an agency's information security program and practices. (U/LE.O.Witir Since March 2003, the OIG has issued five FISMA reports and 13 audit reports that contain recommendations to strengthen information security policy and practices. The CIA has taken measures to improve system inventory records, develop a process for preparing and tracking Plans of Action and Milestones, improve FISMA reporting, and ensure that continuity and contingency plans are in place for information systems. Because of previous coverage, the 2007 evaluation focused primarily on the status of compliance with our prior recommendations. (UH_F_CLIzier The CIA was unable to provide the OIG with data on how many of its systems have been accredited because there is no single source for certification and accreditation information. The Agency continues not to enforce mandatory training requirements for staff and contractors who use the Agency Data Network (ADN). The 2003 OIG FISMA report recommended that all CIA, contractor, and other US Government agency personnel who use national security systems for which the CIA has accrediting responsibility receive information security training. The CIA provides a broad range of information security training; however, approximately 30 percent of personnel with access to the ADN did not take the mandatory Agency 8 CECRETHN r RN//20321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 SECRET/Rd F RN//2 321231 Information Security Course (AISC) in 2006. The percentage of personnel not taking the AISC in 2006 is approximately the same as in 2004 and 2005. The 2007 evaluation made no new recommendations. (b)(1) (b)(3) (9,1 1(2006-0009-AS, August 2007): 9 CT/MET/RI r RN//20321231 (b)(1) (b)(3) (b)(1) (b)(3) (b)(5) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 SECRET//N r RN//2 321131 (b)(1) (b)(3) (b)(5) (U) 2007-0004-AS, September 2007): (b)(1) (b)(3) 10 CECRETHN RN//20321231 (b)(3 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 CECRET/ /N F RN/ /20321231 .c.9) Contract Award Process for the CASES Program (2006-0025-AS, September 2007): The audit was undertaken with the OIG of the Office of the Director of National Intelligence (ODNI), and the results were incorporated into an ODNI OIG report. In FY 2005, the ODNI and the CIA Director's Acquisition Team (DAT) began a program to consolidate requirements for consulting services under a multiple award indefinite delivery, indefinite quantity (IDIQ) contracting process. 11 SUCZ.FaiW4QPQP44747z-26.9.24e2A- (b)(1) (b)(3) (b)(51 (b)(1) (b)(3) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 CECRETHN r RN//2 321231 (U) The Audit Staff concluded that the CIA's acquisition process used to award the IDIQ contracts under the CASES Program was fair and impartial and generally in accordance with the Federal Acquisition Regulation (FAR), the CIA Contracting Manual, and the CASES source selection plan. The CASES acquisition plan, however, did not address performance-based contracting as required by the FAR. The ODNI OIG report addressed this finding and recommended that the Chief, ODNI Contracts amend the CASES acquisition plan to address the requirements for performance-based acquisitions in FAR 7.105, issue policy to implement performance- based acquisitions in the ODNI, and provide training to the contracting officers and COTRs on performance-based acquisitions. The Chief, ODNI Contracts concurred with the recommendation and is taking action to satisfy it. There were no recommendations directed to CIA personnel. (b)(1) (b)(3) Construction and Renovation Project Management (2006-0021-AS, October 2007): \ 12 CECRET/0.1 F RN//2 321231 (b)(1) (b)(3) (b)(5) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 // // (b)(1) (b)(3) (b)(5) 13 CECRET//N F RN//2 321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 (b (b (b 14 -CECRETRN r RN//20321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 (b)(1) (b)(3) (b)(5) (U//i.0.1rier7 Independent Auditor's Report on the Central Intelligence Agency Fiscal Year 2007 Financial Statements (2007-0002-AS, November 2007): The Accountability of Tax Dollars Act of 2002 requires that the CIA prepare and submit audited financial statements to the Congress and the Director, Office of Management and Budget (OMB). The audit determined whether the CIA's financial statements fairly presented the financial position, results of operations, changes in net position, and status of budgetary resources in accordance with accounting principles generally accepted in the United States. The audit considered the CIA's internal control over financial reporting and the CIA's compliance with certain provisions of applicable laws and regulations that could have a direct and material effect on the financial statements. The audit determined the status of prior years' audit recommendations and management's actions to resolve them. (U/LEaeCIT The Audit Staff disclaimed an opinion on the CIA's FY 2007 Consolidated Financial Statements due to significant limitations on the scope of the OIG's audit. Material internal control weaknesses precluded the audit team from obtaining reasonable assurance about the reliability of the statements. In addition, the audit noted three departures from accounting principles generally accepted in the United States. As a result of these limitations, the team could not apply all necessary auditing procedures to conduct an audit in accordance with generally accepted government auditing standards. 15 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 GLCRLT//N// (b)(3) (b)(5) 16 CECRETHI`d F RN//2 321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 45,1-744-107 Field Station Audits (July - December 2007): The Audit Staff issued final reports for eight field station audits: The results of the audits, and the areas that needed improvement, were discussed with Chiefs of Stations, who took steps to address the OIG's findin�s. Issues that were addressed included: There were no significant recommendations. (U) STATUS OF SIGNIFICANT RECOMMENDED ACTIONS OUTSTANDING FROM PREVIOUS SEMIANNUAL REPORTS (U/LES)1444). CIA Management of Laptop Computers (2004-0020-AS, December 2005): 17 SECRET/Rd r R1\7/20321231 (b)(3) (b)(5) (b)(1)I (b)(3) (b)(3) (b)(3) (b)(5) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 -3ECRETHN r R14//2 321231 (U/dSlItiej (U/ /.Q3� (2004-0022-AS, April 2006): �siz-ncrit 2006): \ (2005-0011-AS, May * (U) When a recommendation remains unsatisfied for five consecutive reporting periods, the OIG ceases efforts to track its implementation. If the recommendation is significant the fifth report contains a statement setting forth the IG's view of the impact of the recommendation remaining unsatisfied. 18 CECRETHN r RN//2 321231 (b)(3) (b)(5) (b)(3 (b)(3) (b)(1) (b)(3) (b)(1) (b)(3) (b)(5) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 Li 4s1-74t11 2005-0017-AS une 2006): 19 (b)(1) (b)(3) (b)(5) (b)(3)1 (b)(3 (b)(1) (b)(3) (b)(5) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 -(..S4-4iter Information Security Practices in the Field (2005-0014-AS, December 2006): (U/LELII.143) Imprest Fund Credit Card Program (2005-0031-AS, March 2007): 20 CECRET/0.4 F RIW/20321231 (b)(1) (b)(3) (b)(5) (b)(3) (b)(5) (b)(3) (b)(5) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 5ECKET//140FOR 4//20321'i31 (b)(1) (b)(3) (b)(5) (U/L,LQetl) The Agency's Process for Obtaining Refunds or Credits for Unused Airline Tickets (2005-0030-AS, April 2007): (b)(3) (b)(5) (2005-0032-AS, April 2007): 21 eV'RETRN r RN//2032123? Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 (b)(1) (b)(3) (b)(5) .0481...Ter orist Watchlisting (2005-0016-AS, Tune 2007) I (b)(1) (b)(3) (b)(5) Iref 22 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 SECRET//N RN//20321231 (b)(1) (b)(3) (b)(5) (SH-14/4) Information Operations Network (2006-0001-AS, June 2007):1 (b)(1) (b)(3) (b)(5) 23 SECRET//N r RN//20321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 RN//2 32123 (b)(1) (b)(3) (b)(5) (U) SUMMARIES OF SELECTED CURRENT AUDITS (U//11:11443)- Joint Audit of the Use of CIA Special Authorities in Support of the National Geospatial-Intelligence Agency: The CIA and the National Geospatial-Intelligence Agency (NGA) Offices of Inspector General are conducting a joint audit of the use of CIA special authorities in support of the NGA. The audit objective is to evaluate the effectiveness of the policies, procedures, and controls over the use of CIA contracting authorities by the NGA National Cell. The audit fieldwork is completed. 24 CECRET//N r RN//2 321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 3ECRETHN F RN//2 321231 (U/gielet) Audit of Overseas Construction and Renovation Project Management: (U//11;144e) CIA's Operational Use of 13iometric Technology: The objectives of the audit are to determine whether the CIA's use of biometric technology provides sufficient data collection, data dissemination, and countermeasure capabilities to address CIA mission requirements and whether the technology is used in compliance with applicable laws and regulations. Audit fieldwork is underway. 4SA4NF") The primary objectives of the audit are to determine whether program activities are effective in meeting policy objectives, resources allocated to the program are properly managed and used for authorized purposes, and program activities are administered in compliance with applicable CIA regulations and US laws. Audit fieldwork is underway. (U// The National Clandestine Service Desktop Application he objectives of the audit are to determine whether the NCS desktop application development process is employing sound project management practices and if the system will meet the needs of its users. A draft report has been issued for comments. 25 SECRET//N r RN//2 321231 (b)(1) (b)(3) (b)(1) (b)(3) (b)(3) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 rel4F,T-H44eFeRtfitileftter (U) INSPECTIONS (U) INSPECTION STAFF OVERVIEW (U/LELITrier) The Inspection Staff is responsible for conducting inspections of CIA programs and operations to evaluate their efficiency and effectiveness and their compliance with law, Executive Orders, and regulations. (UHF-LAIC:3j During the current reporting period, the Staff completed inspections of Applications Services in the Office of the Chief Information Officer (CIO), Agency-Wide Performance Against the Near East and South Asia Division in the National Clandestine Service (NCS), the Office of Russian and European Analysis (OREA) in the Directorate of Intelligence (DI), the Agency's Targeting Discipline, and Training for New DI Analysts. The Staff is continuing its inspection of Training for New NCS Officers. In addition, the Staff commenced inspections of Administrative Support, Employee Onboarding, the Office of Medical Services in the Directorate of Support (DS), the Office of Special Activities in the Directorate of Science and Technology (DS&T), and the Special Activities Division in the NCS. (U/igeet7)" The Inspection Staff continues to conduct a two- week course for new inspectors and a seminar for team leaders before the start of each inspection cycle. The Staff also provides instructional seminars for OIG inspectors and research assistants during the course of each cycle. (UH.Fakiel) In addition, the Staff closed six inspections � Europe Division in the NCS, CIA University (CIAU), the Office of Near Eastern and South Asian Analysis in the DI, the Senior Analytic Service, and Research and Development in the CIA �that were open as of 1 July 2007, 26 SECRET/p..1 F RN//20321231 (b)(1) (b)(3) (b)(3) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 sTerrTht4eri-eR-147�7410424.244 (U) COMPLETED INSPECTIONS frciii-kfij Office of Russian and European Analysis (2007-0004-IN, October 2007): The Office of Russian and European Analysis (OREA) is performing admirably in covering all of its accounts and satisfying a broad range of US Government consumers (b)(1) (b)(3) In a recent review of OREA's analytic production, the DI's Product Evaluation Staff gave an overall positive assessment, as did the OIG inspection team regarding production in two selected topic areas (U/ 4.1434:fe) The majority of OREA employees appear happy to be working in OREA and hold their front office management in high regard. Overall, the Office appears to be well-staffed; ircait, Near East and South Asia Division (2007-0003-IN, November 2007): 27 C'ECRETRN F RN//20321231 (b)(1) (b)(3) (b)(3) (b)(5) (b)(3) (b)(5) (b)(3) (b)(1) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 CECRLT//N r R 4//2 321231 (b)(3) (b)(1) 28 SECPRTHN I' RN//2 321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 GLCRLT//N// (ULLEaterj" Regarding personnel management, the Division's assignment and promotion processes are a lightening rod of discontent, with substantial numbers of NE officers, including managers, perceiving them as unfair, lacking in transparency, and driven by favoritism. fl (b)(3) (b)(5) 29 SECRET/04 F 10\1//2 321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 GECRET// .T F RN//2 321231 pi/Seein Applications Services (2007-0001-IN, December 2007): As part of a major restructuring of Agency information technology (IT) directed by the then-Director of Central Intelligence, the CIO created Applications Services (APPS) in June 2001. The creation of APPS was consistent with one of the main goals of the IT restructuring� to centralize most IT services under the CIO. APPS' charter is to work with mission managers to develop computer applications that will enhance mission performance. (U/ /Feel Application Services has an articulated strategy to improve the speed of product delivery of mission-focused applications, increase customer satisfaction, reduce redundancy, and better manage performance, but the office has not laid out a sufficiently detailed plan to implement it. Implementation of this strategy is dependent on a stronger alignment between IT and the mission elements, and requires APPS to gain the cooperation of its customers and the concurrence of the Information Governance Board (IGB) �the body responsible for ensuring a corporate approach to IT decisionmaking. (U/,407-The ability of APPS to rapidly deliver mission- focused applications to Agency IT customers is also heavily dependent on its relationship with Global Communications Services (GCS) � the DS entity that manages applications hosting functions; this relationship has been strained in the past but has improved under current leadership. 30 CECRETHN F RN//20321231 (b)(5 (b)(5 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 DECRETH r RN//2 321231 (U/ALL)14e) The interactions APPS maintains with its customers have varied by directorate. The customer engagement model between the DI and APPS serves both well. APPS management has made closer interaction with the customer a strategic objective and has capitalized on the DI's outreach effort and contributed to a mutually beneficial partnership. The APPS-NCS customer engagement model is more problematic. NCS personnel have little confidence in APPS' ability to define, develop, and deliver effective IT solutions for NCS use. In addition, the program management approach taken with the NCS's program has had a negative impact on the interaction between APPS and the NCS. (U/bEettl) Staffing project management positions for difficult or high-risk programs has created a challenge for APPS � more than half of the staff vacancies within APPS are for project management positions. APPS lacks incentives to encourage employees to assume difficult or risky assignments, making staffing these positions more difficult. L Agency-Wide Performance Against 2007-0002-IN, December 200 31 crinprrriimr-vcc1yN7/20r1ngi (b)(1) (b)(3) (b)(3 (b)(5 (b)(5) (b)(1) (b)(3) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 SECRET//N r RN//2 321231 (b)(1) (b)(3) (b)(5) 32 5ECRT//N F RN//2 321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 GECRETHP4 r RN//2 321231 (b)(1) (b)(3) (b)(5) (UH-F-4444efr The Agency's Targeting Discipline (2007-0005-IN, December 2007): This inspection is a follow-up to the 2003 inspection of targeting analysis and focuses primarily on the recommendations made in that inspection report./ significant progress has been made since 2003 in developing the targeting discipline, especially in establishing suboccupational career tracks within each of the mission directorates and launching targeting training. Targeting officers are generally positive about their work and confident of its importance. 33 SECRET//?,1 F 111W/2 321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 SECRET//N F RN// 2 32123} (b)(1) (b)(3) (b)(5) 34 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 SECRET/in F RN//2 321231 (U/ Age{te) Training for New DI Analysts (2007-0006-IN, December 2007): The DI and its components make available to new analysts on the job a wide array of training that, in the aggregate, is effectively preparing them for their duties. The initial and more structured training is offered by the Directorate's Sherman Kent School for Intelligence Analysis, 35 (b)(3) (b)(5) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 (b)(3) (b)(5) (l) STATUS OF SIGNIFICANT RECOMMENDED ACTIONS OUTSTANDING FROM PREVIOUS SEMIANNUAL REPORTS (U//EOLIQ CIA University (2005-0002-IN, October 2005): The report's single significant recommendation requested that the CIAU/s Chief Learning Officer, in conjunction with stakeholders, develop a training plan�including investment requirements � that places appropriate emphasis on distance-learning through computer- based products and overseas training hubs; accommodates the training demands that will attend the projected influx of new employees; and meets the requirements of a National Intelligence 36 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 KN//2 3212 University. The recommendation also requested that the ADD/CIA review the CIAU plan with senior management and report the outcome of the review. The ADD/ CIA has reviewed the plan and CIAU is scheduled to brief the Corporate Governance Board in February 2008. Inspection Staff management has also received this briefing. These actions satisfy the recommendation, and the inspection is closed. (U/ /Self 07 Office of Near Eastern and South Asian Analysis (2005-0012-IN, June 2006): \ (U/aeletT Information Management Services (2005-0013-IN, June 2006): Two of the three significant recommendations remain open. One requests that the Chief, Information Management Staff (IMS) and the CIO produce a development and implementation plan for an effective corporate electronic records management system. IMS has produced a development and implementation plan, 37 SECRET//N F RN//2 321231 (b)(3) (b)(5) (b)(3) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 CECRET/Ri F RIW/3 321231 arel-letrr CIA CounterTerrorism Center (2005-0006-IN, October 2006). (b)(1) (b)(3) (b)(5) Cciii..1155 Agency-Wide Performance on Russia (2005-0011-IN, October 2006): 38 SECRETHNOFORN//20321231 (b)(1) (b)(3) (b)(5) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 // // (b)(1) (b)(3) (b)(5) 4-47411/4fr)" Office of Technical Collection (2006-0001-IN, December 2006):1 (b)(3) (b)(5) 39 6-1 .1//203z1za1 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 2006): (b)(3) (b)(5) (U/AleITICY) Office of Iraq Analysis (2006-00054N, December (b)(3) (b)(5) (U//IJJ Agency's Reliance on Contractors (2006-0003-IN, December 2006 (b)(3) (b)(5) 40 CECRET//N F RN//2 321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 cECRET//1`i F RN//2 321231 (b)(3) (b)(5) CIA Counterintell'Ience Center 2106-1114 March 2007 (U//144et7 Office of the Associate Director for Military Affairs (2006-0010-IN, April 2007): (b)(3) (b)(5) 41 SECRET//N r RN//20321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 SECRETHN F RN//2 321231 b)(3) b)(5) (571-7414P) \(2006-0007-IN, May 2007): 42 CECRETHN F RN//2 321231 (b)(1) (b)(3) (b)(1) (b)(3) (b)(5) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 11L,1 INOrtnuN//2u3z1zi1 (U// A enc Lan a e Ca abilities (2006-0008-IN, Ma 2007 (U/iSeetr Human Resources (2006-0006-IN Tune 20071. .LCH+tr (2006-0009-IN, Tune 2007):7 43 WorearsT471-141.�3Fefifet26511t�31. (b)(3) (b)(5) (b)(3) (b)(5) (b)(1) (b)(3) (b)(1) (b)(3) (b)(5) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 CECRET//N F RN//20321231 (U) SUMMARIES OF CURRENT INSPECTIONS (uuretro) Training for New NCS Officers: The ins ection examines aspects of NCS's certification training for new and Headquarters-based officers, and the impact of the training on the performance of NCS officers. (U/ /E1;43e) Administrative Support: The inspection focuses specifically on administrative support provided to the Agency by Mission Support Administrators and Special Assistants and examines factors that are critical to creating, sustaining, and overseeing an effective, productive administrative support capability. (UREGeCT3 Employee Onboarding: The inspection assesses how well the CIA integrates new officers and prepares them to succeed at their jobs and become fully engaged, productive employees of the Agency. (UREQ.1.1Q)- Office of Medical Services: The inspection focuses on mission fulfillment, customer and partner relationship management, and personnel and resource management. (U/ /leer') Office of Special Activities: The inspection focuses on mission fulfillment, customer and partner relationships, and management of personnel and resources. ic,/..aer) Special Activities Division: The inspection focuses on how effectively the Division fulfills its1 satisfies its customers and works with partners; and manages its personnel and resources. 44 SECLET,Gailaual41442.15 (b)(1) (b)(3) (b)(5) (b)(3 (b)(3) (b)(1) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 CECRET//t4 r RI4//20341.zii (U) INVESTIGATIONS (U) INVESTIGATIONS STAFF OVERVIEW (U/algelerT The Investigations Staff is statutorily authorized to receive and investigate complaints from any person concerning possible violations of laws, regulations, policies, and procedures, as well as allegations of waste, fraud, mismanagement, abuse of authority, and substantial dangers to public health and safety related to Agency programs and operations. Investigations are normally conducted unilaterally by OIG Special Agents, but other Federal investigative elements can be called upon when law enforcement authorities are necessary. The Staff also oversees the Agency's grievance system and conducts proactive initiatives aimed at detecting and preventing fraud, waste, and abuse. (URICIL.1430)- The Staff continued a number of resource- intensive investigations concerning irregularities in contracting and detention and interrogation activities. At the same time, the Staff conducted a range of other investigations, including allegations of fraud by employees and contractors, conflicts of interest, theft of US Government property, misappropriation of funds, and false statements and claims. Advancing the information technology arena remains a critical priority for the Staff, as it seeks to deploy hardware and software to organize, search, and voluminous records. (UHE.131449)- As a result of Staff investigations, three matters previously reported as referred to the Department of Justice (DoJ) for potential prosecution have been resolved. In a matter regarding the embezzlement of approximately of Agency funds, the former officer responsible for the embezzlement was sentenced in US District Court to 24 months of confinement, three years of supervised probation, and ordered to make restitution upon release from confinement. In another matter, regarding the theft of government property from an overseas location by an Agency contractor, the now-former contractor was sentenced to five months of incarceration, 45 SECRET//N F RP.1//2 321231 (b)(3 (b)(3) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 -5Lterrr`76tt five months of house arrest three years of supervised release, and was ordered to pay Jin restitution. In a related matter, a co-defendant has entered a guilty plea in the Northern District of Florida and awaits sentencing. Finally, a former independent contractor, who entered a guilty plea in the Northern District of California for falsifying background investigation reports on potential employees, was sentenced to make restitution of more than and to serve two years probation. As appropriate, the Staff issues Employee Bulletins to keep the Agency population alert to the issues, and consequences, of such activities. (U/ /Q The Staff's workload continues to expand. The nature of investigations faced by the Staff has broadened significantly in the past several years and includes, among other subjects, investigations of deaths, child pornography, significant thefts of money and property, contracting irregularities, and conflicts of interest. To keep pace with the growing breadth of demands, the Staff is using a broad range of investigative techniques. (U//BBeC3) Members of the Staff received the President's Council on Integrity and Efficiency Group Achievement Award for Excellence in Investigations, as a result of their investigative contributions to the successful prosecutive efforts by the US Attorney's Office in San Diego concerning public corruption. Additionally, the Inspector General presented Agency Seal Medals to two Assistant US Attorneys who prosecuted the case of former Agency independent contractor David Passaro for the unauthorized and brutal assault that contributed to the death of a detainee in Afghanistan. (U! /Q) The Staff continues to oversee the Agency-wide grievance system, which seeks to resolve grievances at the lowest possible level in the organization. In addition to sponsoring a yearly grievance counselor workshop for component and directorate grievance officers, the Staff hosts regular meetings of grievance officers to share issues of common interest, and it conducts 46 =M7illereft14/.74e03i+ii1� (b)(3) (b)(3) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 -Siscgra-0411,12.4431 mandatory training for all new grievance officers. This training, together with the emphasis on resolution at the lowest possible level, continues to contribute to effective and timely grievance resolution. (U) COMPLETED INVESTIGATIONS (5,41-11417 The Rendition and Detention of Khalid al-Masri (2004-7601-IG): The Staff completed an investigation into the circumstances concerning the January 2004 rendition and detention of German citizen Khalid al-Masri. DoJ declined prosecution in favor of administrative action by the Agency. Based on the investigative findings, the OIG recommended that an Agency Accountability Board (AAB) review the performance of three Agency officers. I 47 4ECRET//N F RN//20321231 (b)(3) (b)(5) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 (b)(1) (b)(3) 4s4414F)�Abuse of Detainees (2004-7619-IG): The Staff completed an investigation in July 2007 concerning an Agency contractor who abused detainees\ (b)(1) (b)(3) (U/LF..c>e0) Theft of US Government Property (2005-7867-IG): The Staff completed an investigation that established that an officer stole government laptop computers. DoJ declined prosecution in favor of administrative action by the Agency. The OIG's Report of Investigation recommended that appropriate administrative action be taken with respect to the officer's conduct and that a thorough review of the relevant component's inventory and accountability process for laptop computers be implemented to ensure that proper controls are in place to prevent loss and theft. In response to the recommendations, the component addressed the accountability issues involving the officer. The component also made several substantive changes to improve the accountability process for laptop computers. These actions satisfy the recommendations, and the investigation is closed. (U/ALQ.1444)�Embezzlement of Agency Funds (2006-82584G): In a matter reported previously regarding the embezzlement of approximately pf Agency funds, the former officer responsible for the embezzlement was sentenced in US District Court to 24 months of confinement, three years of supervised probation, and will be required to make restitution upon release. 48 SECRET//N F RP1//20321231 (b)(3) Approved for Release: 2018/12/17 C05496229 (b)(3) Approved for Release: 2018/12/17 C05496229 OLCRETHN RN//2 321231 (URIC;444�3) False Claims and False Statements (2004-7535-IG): In a previously reported matter, a former Agency contractor who pled guilty to fabricatin security background reports and submitting false claims of as sentenced to make restitution and to serve two years probation. (U//L3) Fabricated Document (2005-8041-IG): The Staff completed an investigation that found a former contractor fabricated a document /This document was used by the contractor to cause the named individual to be terminated by an employer and prevented from being hired by another. The former contractor pled guilty in US District Court to one count of knowingly transferring a counterfeit official insignia and was sentenced to two months home detention, two years probation, and psychological and medical testing. The former contractor is prevented from seeking or obtaining any security clearance for a period of five years. (U/A.Vietll Theft of US Government Property (2006-83694G): The Staff completed an investigation of the theft of CIA properb4 Five grand jury subpoenas were issued, two search warrants executed, and two consent searches conducted. One subject pled guilty to two counts of theft and has been sentenced to five months in prison, five months home confinement, and three years probation; he also must make restitution of to the US Government. A grand jury has indicted a second subject. DoJ declined prosecution of a third subject. 49 SECRET/Pl. EN//20321231 (b)(3) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 GECRLT//N// (U) STATISTICAL OVERVIEW (U) Audit Staff (U//..EPiier During the period 1 July to 31 December 2007, the Audit Staff issued 14 reports containing 46 recommendations to strengthen internal controls over program management, covert actions, financial management, information technology, and field station administration. (UR.E.01.4e) The Audit Staff had 17 audits ongoing at the end of the reporting period. (U) Inspection Staff (U//Baiie) During the last six months of 2007, the Inspection �Staff completed six inspections. At the end of the reporting period, the Staff also had six ongoing inspections. In addition, the Staff closed six inspections. (U) Investigations Staff (U/A,Vett7 The Investigations Staff completed work on 22 matters of various types during this reporting period. Of this number, three cases were of sufficient significance to be the subject of a final report. (UR,,F..gerli During this period, the IC formally referred nine matters to DoJ based upon a reasonable belief that violations of Federal criminal law may have been committed. (URI...0.14er As of 31 December 2007, 166 matters were in various stages of review by the Investigations Staff. cur-DFT/fmn-Prinl\ / "111191 'VU Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 SECRET/RN- r RN//20321231 (U) COMPLETED AUDITS 1 July - 31 December 2007 (U) Financial Management (U) Independent Auditor's Report on the Central Intelligence Agency Fiscal Year 2007 Financial Statements (2007-0002-AS) (U) Information Technology (U/A,EQ,Wer 2007 Independent Evaluation of the CIA's Information Security Program and Practices Required by the Federal Information Security Management Act (FISMA) (2007-0012-AS) (U) Operations (U) (2007-0004-AS) \ (2006-0009-AS) (U) Procurement (U//1.1;a4e) Contract Award Process for the CASES Program (2006-0025-AS) Construction and Renovation Project Management (2006-0021-AS) CECRETHN r R .I//20321231 (b)(3) (b)(1) (b)(3) (b)(1) (b)(3) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 SECRET//N// (U) Field Activities (2006-0020-AS) (.81 F�(2007-0008-AS) ($111 (2006-0027-AS) (2006-0019-AS) (2006-0015-AS) (2006-0028-AS) (2006-0016-AS) 2007-0007-AS) GECRETH r RN//2 321231 (b)(1) (b)(3) (b)(1) (b)(3) (b)(1) (b)(3) (b)(1) (b)(3) (b)(1) (b)(3) (b)(1) (b)(3) (b)(1) (b)(3) (b)(1) (b)(3) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 3ECRETHN F 141t4//2 32123} (U) CURRENT AUDITS 31 December 2007 (U) Information Technology (UHF..cleTe7 Continuity and Contingency Planning for Critical CIA Information Systems (u/LEnwe) The National Clandestine Service Desktop Application (U//e) CIA's Operational Use of Biometric Technology (U) Operations (b)(1) (b)(3) (U) Procurement Jr Domestic Living Quarters Allowance Program (b)(1) (b)(3) (U//E.O.Teles)- Office of Technical Collection Contract Team (Uffidairley Joint Audit of the Use of CIA Special Authorities in Support of the National Geospatial-Intelligence Agency iECRETHN r RN//20321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 3ECRET//N F RN// 20321231 (URIefittl Audit of Overseas Construction and Renovation Project Management (U) Field Activities (b)(1) (b)(3) (PI csor fevr SECRET//N r RN//20321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 CECRETHN F RN//20321231 (U) COMPLETED INSPECTIONS 1 July - 31 December 2007 (U/410.140)- Applications Services (2007-0001-IN) (IV /10.Wer Agency-Wide Performance Against 7(2007-0002-IN) /.F.Caele) Near East and South Asia Division (2007-0003-IN) (U//1.WkWe) Office of Russian and European Analysis (2007-0004-IN) (U//..F.Qeerj The Agency's Targeting Discipline (2007-0005-IN) (U/LEfeleell Training for New DI Analysts (2007-0006-IN) (U) CURRENT INSPECTIONS 31 December 2007 (U//101.10.)- Training for New NCS Officers (U//111140, Administrative Support (U//10440)- Employee Onboarding (U/44411101 Office of Medical Services (U/Z.E.044e7 Office of Special Activities (17/1044e) Special Activities Division SECRET//N F RN//2 321231 (b)(1) (b)(3) Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 (U) COMPLETED INVESTIGATIONS 1 July - 31 December 2007 4S474Ntr) The Rendition and Detention of Khalid al-Masri (2004-76014G) feS). Abuse of Detainees (2004-7619-IG) ft%) Alleged Detainee Abuse (2004-76774G.) (U/ /1.0.13e)- Alleged Extortion/Embezzlement (2004-7709-IG*) .4ir`i' Alleged Detainee Abuse (2005-7859-IG*) JrirAlleged Detainee Abuse (2005-7860-IG*) (U/LF.larier Theft of US Government Property (2005-7867-IG) (U/i-Eraldel Possible Hatch Act Violation (2005-7884-IG*) (2006-8291-IG*) (U//Foa&CIT Alleged Illegal Transportation of Firearms (2006-8358-IG*) * (U) These investigations resulted in a Disposition Memorandum rather than a Report of Investigation. GEeRET//t4 F 1111//2 3212'1 (b)(1) (b)(3) (b)(1) (b)(3) Approved for Release: 2018/12/17 C05496229 � Approved for Release: 2018/12/17 C05496229 SECRET//1): F RN/72 321231 (U/RaTekt Alleged Inaccurate Medical Report and Care (2006-8368-IG*) (URFIGel Possible Conflict of Interest (2006-8375-IG*) (UREQ43e1 Allegations of Contract Irregularities (2006-8398-IG*) (LT//laTee) Alleged Conflict of Interest (2006-8465-IG*) (U/ Ecik+e) Allegation of Ethical Violations in Contracting (2006-8474-IG*) (U/LEBTaAlleged Time and Attendance Abuse (2006-8484-IG*) (1.7/1.01.10)- Alleged Conflict of Interest and Nepotism (2007-8491-IG*) (U//aartitIT�Alleged Purchase of Gifts for Staff from Liaison Funds (2007-8517-IG*) .6gCS.FAX-741413PORN//2 321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 DI (U) CURRENT INVESTIGATIONS As of 31 December 2007 (U) Category Number of cases (U/a1)140)" Grievances Management and Supervision - Grievance 2 Other - Grievance 3 Retirement/Separation 1 (INEOWIT General Investigations Criminal and Prohibited Acts Conflicts of Interest 18 Embezzlement 2 False Claims - Other 9 False Claims/Statements/Vouchers 8 False Claims - Time & Attendance 24 False Claims - TBD 4 Firearms 2 Megaprojects 3 Misconduct - Employee 4 Misconduct - Management 3 Procurement Fraud 19 Regulatory Violations 6 Retaliation 2 Theft/Misuse of Government Property 8 Other - Administrative/Criminal 34 Unauthorized Operation 1 Unsubstantiated Allegations 13 (U/aDletl) Total Ongoing Cases 166 CECRETHN F RN//20321231 Approved for Release: 2018/12/17 C05496229 Approved for Release: 2018/12/17 C05496229 5-ErrErttlefliefete (b)(3) Approved for Release: 2018/12/17 C05496229