Summary of Findings and RecommendationsDownload complete PDF file here:http://www.defense.gov/pubs/pdfs/DOD-ProtectingTheForce-Web_Security_HR_13Jan10.pdf.
DoD programs, policies, processes, and procedures that address identification of indicators for violence are outdated, incomplete, and fail to include key indicators of potentially violent behaviors .
• Update training and education programs to help DoD personnel identify contributing factors and behavioral indicators of potentially violent actors .
• Coordinate with the FBI Behavioral Science Unit’s Military Violence unit to identify behavioral indicators that are specific to DoD personnel .
• Develop a risk assessment tool for commanders, supervisors, and professional support service providers to determine whether and when DoD personnel present risks for various types of violent behavior .
• Develop programs to educate DoD personnel about indicators that signal when individuals may commit violent acts or become radicalized .
Background checks on personnel entering the DoD workforce or gaining access to installations may be incomplete, too limited in scope, or not conducted at all .
• Evaluate background check policies and issue appropriate updates . • Review the appropriateness of the depth and scope of the National Agency Check with Local Agency
and Credit Check as minimum background investigation for DoD SECRET clearance .
• Educate commanders, supervisors, and legal advisors on how to detect and act on potentially adverse behaviors that could pose internal threats .
• Review current expedited processes for citizenship and clearances to ensure risk is sufficiently mitigated .
DoD standards for denying requests for recognition as an ecclesiastical endorser of chaplains may be inadequate .
Review the limitations on denying requests for recognition as ecclesiastical endorsers of chaplains .
The Department of Defense has limited ability to investigate Foreign National DoD military and civilian personnel who require access to DoD information systems and facilities in the U .S . and abroad .
Coordinate with the Department of State and Office of Personnel Management to establish and implement more rigorous standards and procedures for investigating Foreign National DoD personnel .
The policies and procedures governing assessment for pre- and post-deployment medical risks do not provide a comprehensive assessment of violence indicators .
• Assess whether pre- and post-deployment behavioral screening should include a comprehensive violence risk assessment .
• Review the need for additional post-deployment screening to assess long-term behavioral indicators that may point to progressive indicators of violence .
• Revise pre- and post-deployment behavioral screening to include behavioral indicators that a person may commit violent acts or become radicalized .
• Review policies governing sharing healthcare assessments with commanders and supervisors to allow information regarding individuals who may commit violent acts to become available to appropriate authorities .
The Services have programs and policies to address prevention and intervention for suicide, sexual assault, and family violence, but guidance concerning workplace violence and the potential for self- radicalization is insufficient .
• Revise current policies and procedures to address preventing violence toward others in the workplace .
• Integrate existing programs such as suicide, sexual assault, and family violence prevention with information on violence and self-radicalization to provide a comprehensive prevention and response program .
DoD policy regarding religious accommodation lacks the clarity necessary to help commanders distinguish appropriate religious practices from those that might indicate a potential for violence or self- radicalization .
Promptly establish standards and reporting procedures that clarify guidelines for religious accommodation .
Summary of Findings and Recommendations
DoD Instruction 5240 .6, Counterintelligence (CI) Awareness, Briefing, and Reporting Programs, does not thoroughly address emerging threats, including self-radicalization, which may contribute to an individual’s potential to commit violence .
Update DoD Instruction 5240 .6 to provide specific guidance to the Services, Combatant Commands, and appropriate agencies for counterintelligence awareness of the full spectrum of threat information particularly as it applies to behavioral indicators that could identify self-radicalization .
DoD and Service guidance does not provide for maintaining and transferring all relevant information about contributing factors and behavioral indicators throughout Service members’ careers .
• Review what additional information (e .g ., information about accession waivers, substance abuse, minor law enforcement infractions, conduct waivers) should be maintained throughout Service members’ careers as they change duty locations, deploy, and re-enlist .
• Develop supporting policies and procedures for commanders and supervisors to access this information .
There is no consolidated criminal investigation database available to all DoD law enforcement and criminal investigation organizations .
Establish a consolidated criminal investigation and law enforcement database such as the Defense Law Enforcement Exchange .
DoD guidance on establishing information sharing agreements with Federal, State, and local law enforcement and criminal investigation organizations does not mandate action or provide clear standards .
Require the Military Departments and Defense Agencies to establish formal information sharing agreements with allied and partner agencies; Federal, State, and local law enforcement; and criminal investigation agencies, with clearly established standards regarding scope and timeliness .
Policies governing communicating protected health information to other persons or agencies are adequate at the DoD-level, though they currently exist only as interim guidance . The Services, however, have not updated their policies to reflect this guidance .
Ensure Services update policies to reflect current DoD-level guidance on the release of protected health information .
Commanders and military healthcare providers do not have visibility on risk indicators of Service members who seek care from civilian medical entities .
Consider seeking adoption of policies and procedures to ensure thorough and timely dissemination of relevant Service member violence risk indicators from civilian entities to command and military medical personnel .
The Department of Defense does not have a comprehensive and coordinated policy for counterintelligence activities in cyberspace . There are numerous DoD and interagency organizations and offices involved in defense cyber activities .
Publish policy to ensure timely counterintelligence collection, investigations, and operations in cyberspace for identifying potential threats to DoD personnel, information, and facilities .
DoD policy governing prohibited activities is unclear and does not provide commanders and supervisors the guidance and authority to act on potential threats to good order and discipline .
Review prohibited activities and recommend necessary policy changes .
Authorities governing civilian personnel are insufficient to support commanders and supervisors as they attempt to identify indicators of violence or take actions to prevent violence .
Appendix C Summary of Findings and Recommendations
Review civilian personnel policies to determine whether additional authorities or policies would enhance visibility on indicators of possible violence and provide greater flexibility to address behaviors of concern .
• The Department of Defense has not issued an integrating force protection policy . • Senior DoD officials have issued DoD policy in several force protection-related subject areas such as
antiterrorism but these policies are not well integrated .
• Assign a senior DoD official responsibility for integrating force protection policy throughout the Department .
• Clarify geographic combatant commander and military department responsibilities for force protection . • Review force protection command and control relationships to ensure they are clear .
DoD force protection programs and policies are not focused on internal threats .
• Develop policy and procedures to integrate the currently disparate efforts to defend DoD resources and people against internal threats .
• Commission a multidisciplinary group to examine and evaluate existing threat assessment programs; examine other branches of government for successful programs and best practices to establish standards, training, reporting requirements /mechanisms, and procedures for assessing predictive indicators relating to pending violence .
• Provide commanders with a multidisciplinary capability, based on best practices such as the Navy’s Threat Management Unit, the Postal Service’s “Going Postal Program,” and Stanford University’s workplace violence program, focused on predicting and preventing insider attacks .
The Department of Defense’s commitment to support JTTFs is inadequate .
• Identify a single point of contact for functional management of the Department of Defense’s commitment to the JTTF program .
• Evaluate and revise, as appropriate, the governing memoranda of understanding between the FBI and different DoD entities involved with the JTTF to ensure consistent outcomes .
• Review the commitment of resources to the JTTFs and align the commitment based on priorities and requirements .
There is no formal guidance standardizing how to share Force Protection threat information across the Services or the Combatant Commands .
Direct the development of standard guidance regarding how military criminal investigative organizations and counterintelligence organizations will inform the operational chain of command .
The Department of Defense does not have direct access to a force protection threat reporting system for suspicious incident activity reports .
• Adopt a common force protection threat reporting system for documenting, storing, and exchanging threat information related to DoD personnel, facilities, and forces in transit .
• Appoint a single Executive Agent to implement, manage, and oversee this force protection threat reporting system .
There are no force protection processes or procedures to share real-time event information among commands, installations, and components .
Evaluate the requirement for creating systems, processes, policy, and tools to share near real-time, unclassified force protection information among military installations in CONUS to increase situational awareness and security response .
DoD installation access control systems and processes do not incorporate behavioral screening strategies and capabilities, and are not configured to detect an insider threat .
• Review best practices, including programs outside the U .S . Government, to determine whether elements of those programs could be adopted to augment access control protocols to detect persons who pose a threat .
• Review leading edge tools and technologies that augment physical inspection for protecting the force .
Appendix C Summary of Findings and Recommendations
The Department of Defense does not have a policy governing privately owned weapons .
Review the need for DoD privately owned weapons policy .
Services cannot share information on personnel and vehicles registered on installations, installation debarment lists, and other relevant information required to screen personnel and vehicles, and grant access .
• Develop timely information sharing capabilities among components including vehicle registration, installation debarment lists, and other access control information .
• Accelerate efforts to automate access control that will authenticate various identification media (e .g ., passports, CAC, drivers’ licenses, license plates) against authoritative databases .
• Obtain sufficient access to appropriate threat databases and disseminate information to local commanders to enable screening at CONUS and overseas installation access control points .
Services are not fully interoperable with all military and civilian emergency management stakeholders .
• Establish milestones for reaching full compliance with the Installation Emergency Management program .
• Assess the potential for accelerating the timeline for compliance with the Installation Emergency Management program .
There is no DoD policy implementing public law for a 911 capability on DoD installations . Failure to implement policy will deny the military community the same level of emergency response as those communities off base .
Develop policy that provides implementation guidance for Enhanced 911 services in accordance with applicable laws .
DoD policy does not currently take advantage of successful models for active shooter response for civilian and military law enforcement on DoD installations and facilities .
• Identify and incorporate civilian law enforcement best practices, to include response to the active shooter threat, into training certifications for civilian police and security guards .
• Include military law enforcement in the development of minimum training standards to ensure standard law enforcement practices throughout the Department of Defense .
• Incorporate the Department of Homeland Security best practices regarding workplace violence and active shooter awareness training into existing personal security awareness training contained in current Level 1 Antiterrorism Awareness training .
• Develop a case study based on the Fort Hood incident to be used in installation commander development and on-scene commander response programs .
Based on Joint Staff Integrated Vulnerability Assessments, many DoD installations lack mass notification capabilities .
Examine the feasibility of advancing the procurement and deployment of state-of-the-art mass warning systems and incorporate these technologies into emergency response plans .
Services have not widely deployed or integrated a Common Operational Picture capability into Installation Emergency Operations Centers per DoD direction .
• Examine the feasibility of accelerating the deployment of a state-of-the-art Common Operational Picture to support installation Emergency Operations Centers .
• Develop an operational approach that raises the Force Protection Condition in response to a scenario appropriately and returns to normal while considering both the nature of the threat and the implications for force recovery and healthcare readiness in the aftermath of the incident .
• Stakeholders in the DoD Installation Emergency Management program, including the Under Secretary of Defense for Policy; Under Secretary for Personnel and Readiness; Under Secretary of Defense for Intelligence; Under Secretary of Defense for Acquisition, Technology & Logistics; Assistant Secretary of Defense for Public Affairs; and Assistant Secretary of Defense for Networks
Appendix C Summary of Findings and Recommendations
and Information Integration/Chief Information Officer, have not yet synchronized their applicable programs, policies, processes, and procedures .
• Better synchronization and coordination would remove redundant planning requirements, identify seams in policy, focus programmed resources, and streamline procedures to achieve unity of effort in installation emergency management .
• Review responsibilities for synchronizing Office of the Secretary Defense programs, policies, and procedures related to installation emergency management .
• Establish policy requiring internal synchronizing of installation programs, plans, and response for emergency management .
Mutual Aid Agreements (MAAs) between DoD and civilian support agencies across the Services are not current .
Review Installation Emergency Management programs to ensure correct guidance on integrating tracking, exercising, and inspections of MAAs .
The Department of Defense has not produced guidance to develop family assistance plans for mass casualty and crisis response . As a result, Service-level planning lacks consistency and specificity, which leads to variation in the delivery of victim and family care .
• Develop guidance incorporating the core service elements of a Family Assistance Center as identified in the Pentagon AAR .
• Develop implementation guidance to establish requirements for a Family Assistance Center crisis and mass casualty response as integral components of Installation Emergency Management plans .
• Consider the Air Force’s Emergency Family Assistance Control Center and the Fort Hood Behavioral Health Campaign Plan as possible best practices when developing policy .
The lack of published guidance for religious support in mass casualty incidents hampers integration of religious support to installation emergency management plans .
• Consider modifying DoD and Service programs designed to promote, maintain, or restore health and well-being to offer each person the services of a chaplain or religious ministry professional .
• Develop policy for religious support in response to mass casualty incidents and integrate guidance with the Installation Emergency Management Program .
Inconsistencies among Service entry level chaplain training programs can result in inadequate preparation of new chaplains to provide religious support during a mass casualty incident .
Review mass casualty incident response training in the Chaplain Basic Officer Courses .
The Department of Defense has not yet published guidance regarding installation or unit memorial service entitlements based on the new Congressional authorization to ensure uniform application throughout the Department .
Develop standardized policy guidance on memorial service entitlements .
• DoD casualty affairs policy, Federal law, and DoD mortuary affairs guidance do not exist regarding injury or death of a private citizen with no DoD affiliation on a military installation within CONUS .
• There is no prescribed process to identify lead agencies for casualty notification and assistance or to provide care for the deceased, resulting in each case being handled in an ad-hoc manner .
• Review current policies regarding casualty reporting and assistance to the survivors of a private citizen with no DoD affiliation, who is injured or dies on a military installation within CONUS .
• Review current mortuary affairs policies relating to mortuary services for private citizens who become fatalities on a military installation within CONUS .
• DoD installations are not consistent in adequately planning for mental health support for domestic mass casualty incidents to meet needs of victims and families .
• At Fort Hood, advanced treatment protocols developed at our universities and centers were not available to the commander prior to the incident .
• Fort Hood developed a Behavioral Health plan that incorporated current practices including a “whole of community” approach, and a strategy for long-term behavioral healthcare not reflected in any DoD policy .
Appendix C Summary of Findings and Recommendations
• Update Mental Health Care clinical practice guidelines that address both combat and domestic incidents to ensure current and consistent preventive care .
• Review best practices inside and outside the Department of Defense to develop policies, programs, processes, and procedures to provide commanders tools required to protect the force in the aftermath of combat or mass casualty incidents .
• Consider the Air Force Instruction and the Fort Hood Behavioral Health Campaign Plan as possible sources for developing appropriate guidance .
• The Department of Defense does not have comprehensive policies that recognize, define, integrate, and synchronize monitoring and intervention efforts to assess and build healthcare provider readiness .
• The Department of Defense does not have readiness sustainment models, with requisite resources, for the health provider force that are similar to readiness sustainment models for combat and combat support forces .
• The demand for support from caregivers in general, and from mental healthcare providers in particular, is increasing and appears likely to continue to increase due to the stress on military personnel and their families from our high operational tempo and repeated assignments in combat areas .
Create a body of policies that:
• recognizes, defines, and synchronizes efforts to support and measure healthcare provider readiness in garrison and deployed settings;
• addresses individual assessment, fatigue prevention, non-retribution, and reduced stigma for those seeking care, and appropriate procedures for supporting clinical practice during healthcare provider recovery;
• requires DoD and Uniformed Services University of Health Sciences curricula, training materials, and personnel performance management systems to incorporate healthcare provider self-care skills and readiness concepts;
• develop mechanisms for collaborating with civilian resiliency resources . Finding 5.3
The lack of a readiness sustainment model for the health provider force, the unique stressors that healthcare providers experience, and the increasing demand for support combine to undermine force readiness—care for both warriors and healthcare providers .
• Develop integrated policies, processes, procedures, and properly resourced programs to sustain high quality care .
• Develop a deployment model that provides recovery and sustainment for healthcare providers comparable to that provided to the combat and combat support components of the force .
• Review the requirement for the Department of Defense to de-stigmatize healthcare providers who seek treatment for stress .
Senior caregivers are not consistently functioning as clinical peers and mentors to junior caregivers .
Review Senior Medical Corps Officer requirements to determine optimal roles, utilization, and assignments
Monday, January 18, 2010