Interview: The FBI's CIO Talks About Getting Results
Learning from past mistakes, Zalmai Azmi says the bureau is cultivating better relationships with IT vendors and doing more centralized planning, while still trying to make up for lost time.
On a courtyard wall inside the FBI's massive concrete and glass headquarters building in Washington, D.C., a quote reads: "The most effective weapon against crime is cooperation." Uttered by former Director J. Edgar Hoover, today those words fit well the FBI's expanded mission of fighting terrorism. On May 18, CIO Zalmai Azmi spoke with InformationWeek's Larry Greenemeier about the role technology is playing in the FBI's dramatic post-9/11 transformation, and how the bureau's IT approach has had to change to foster greater cooperation.
InformationWeek: Although you weren't with the FBI prior to 9/11, can you discuss how the bureau's mission has changed since then and the impact of this changing mission on IT strategy?
Azmi: I noticed that we were more oriented toward criminal cases: the crime happens, and then we investigate. After 9/11, the mission changed to prevention. So now we have to be proactive, not to let something happen. That has a big impact on information technology, which means we have to do predictive analysis. We have to collect information in order to develop scenarios for how we're going to prevent future terrorist attacks or even cybersecurity attacks. This is a lot more difficult than investigative mode, where, once something happens, half of the scenario is over. In preventative mode, nothing's happened, so you have to do thorough analysis, and you have a lot of 'what-if' scenarios. For that you need really good technology.
InformationWeek: Director Robert Mueller in February gave you total control of the FBI's IT budget. How did this come about and what impact will this have on future FBI IT projects?
Azmi: We did an inventory of all our IT assets throughout the FBI to find out all of the things we had (applications, databases, networks, etc.). Then we went out there and tried to find out who owns these things. We found that one of the reasons we have stovepipes is because different technology was being developed by different agencies within the bureau. If we want to be effective, we have to actually take control of the budget and bring these systems together in alignment with an enterprise architecture, with a long-range plan that involves what we want to do in 2011, and invest from here. We couldn't do that with the current budget the CIO has, so we had to centralize the information technology budget. We made a presentation to the director: How much money was used for development, who owned it, how they were spending it, and where we were going? The actual implementation of this centralization of the budget won't happen until 2006. It's going to take a little time to transition the funding and the resources from those operational divisions and from the other entities into my environment.
InformationWeek: What else can you say about the consolidation of IT resources and the expected increase in the Office of the CIO's budget?
Azmi: The consolidation doesn't mean that my budget now doubles, and I have the same mission. My mission is larger as well. One of my missions is that I have to keep the infrastructure of the enterprise always available and always going, and there's a lot of investment in that. Everyone takes it for granted [that] when they pick up the phone there's a dial tone. The other part of the IT operation within the FBI is the operational information technology. That's what we're using in investigations. When (Director Mueller) came on board, they gave him a tour of the headquarters, prior to 9/11. In a huge room behind our security desk, he saw the rows of servers: Dells, HPs, IBMs. Every division had its own IT budget, network, and brand of computers and software. People minimize the effort of Trilogy, but it's huge. The area we need to concentrate on now is legacy systems.
InformationWeek: Do you feel the FBI's IT objectives have been handicapped by the bureau getting a relatively late start in applying IT to its mission?
Azmi: No, I really don't think so. I'm not tied to an old architecture or technologies. The bigger challenge is, how quickly can we get technology out to our end users? We're looking at 700-plus locations. If anything is a setback, it's the time it takes to get the technology to our end users.
InformationWeek: Over the past couple of years, the FBI has initiated several IT-management reforms, including an enterprise architecture, governance boards, and a strategic IT plan. What's the guiding philosophy for these reforms, and are you applying any practices picked up from earlier in your career?
Azmi: There are certain success factors for any IT organization. You have to have a plan, that's the first thing, and that's what we call our strategic plan. We want to go somewhere. Once you have that, then you have to have your building blocks or the blueprint for how you're going to implement your strategic plan, which is our enterprise architecture. You can't build a house without having a blueprint. Once you have these things, you want to look at governance boards. There has to be checks and balances. The last thing that I would talk about is investment management. If you come to us and say, 'I need widget Y,' I'll ask you, 'Why do you need widget Y? How does it fit into your mission? How does it fit into the FBI's mission? How does it fit into DOJ's mission? How does it fit into the President's Management Agenda?' I also can go into my portfolio management and see if I have widget Y. If I don't have widget Y, I'll come back and say, 'You made a good point, now let's build a business case.' That's how we're going through our investment-management process. There are a number of different reviews that happen to make sure that it's done properly, something we didn't have in the past.
InformationWeek: None of these reforms were in place when the Virtual Case File system was planned and executed. What impact has VCF had on the way the FBI works with technology vendors and IT service providers?
Azmi: It has changed our views of how we should do contract management and how we should deal with prospective partners. If [a vendor] doesn't know what's coming down the pike, they cannot prepare for it. I don't want to give you a 1,000-page requirements document and say, by the way, in 12 months go make the VCF. In the last eight months, we have responded to about 200 inquiries from vendors. We're looking to develop those partnerships that we lacked previously. A lot has changed. We realize that we have to have a very close partnership relationship and coordination activity with the private sector because the private sector is the developer of the latest and greatest information technology.
InformationWeek: Will this cut the time it will take to develop and deploy technology, because a lot of the work will already be done?
Azmi: I say 'Yes' reluctantly, because there's more involved in it. I'm going to give you [IT vendor] a preview of what I'm trying to do so now it will cut down on the amount of time to prepare a proposal. You look at your arsenal of tools, and you come back and say, 'I think I'm going to suggest this to the FBI.' Also, it will help to know on the other side what some of our policies and procedures are. We need contractors to have top-secret clearances. That will help you to get your workforce in shape to come in here.
InformationWeek: Does VCF affect your thinking in terms of how contracts will be structured?
Azmi: Absolutely. One of the things we don't want to do is do another giant contract of four years. It just doesn't make any sense.
InformationWeek: What exactly is Sentinel?
Azmi: Sentinel will be the first implementation of a service-oriented architecture for the bureau. Sentinel is my flagship moving forward and paving the path for me in delivering capabilities. With every service I deliver with Sentinel, I'll be looking at my legacy systems and retiring applications. It's going to deliver case-management capabilities (like VCF was supposed to), but it's going to do a lot more for the FBI enterprise.
InformationWeek: How is the initial approach to Sentinel different than the approach to VCF?
Azmi: There's a lot of preparation that's going on in Sentinel that didn't go into VCF because we were: (snapping his fingers three times in quick succession) '9/11, let's get it done.' I want to make sure that the readers know that Sentinel is not a one-for-one replacement for VCF. It offers a lot more capabilities. This is a tool that will help us with the transformation of the bureau and prepare us for our mission. With VCF we were trying to adapt our business processes to the technology.
InformationWeek: If there was a big push after 9/11 to put VCF together, and it's not available now, four years later, why isn't there that same sense of urgency?
Azmi: The sense of urgency is there. That's one of the reasons why we're going to be very careful. Before 9/11 we couldn't connect the dots. Now we have some interim capabilities in place already, such as the Investigative Data Warehouse. The key now is to do a proper transition from the legacy system to the new system. Right now we extract data from our legacy systems three or four times a day to feed IDW; I don't want to do that.
InformationWeek: You've been CIO since May 6, 2004, (and acting CIO since December 2003). That's the longest tenure of any CIO since 9/11. To what do you attribute your longevity and how long do you see yourself in this role?
Azmi: Director Mueller has been very supportive of my activities and the actions I've taken so far. Information technology is one of his top 10 priorities. I am a CIO who has a chair at the table, discussing the mission of this organization. You have support from the top down. If you don't have the right support, then it's pretty much time for you to go because you're not going to be effective. There's a turnover in private and public sector of four to six years. I don't look at it that way. I will stay at the job as long as it takes. I serve at the pleasure of the director.
[Interop ITX 2017] State Of DevOps ReportThe DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.