On October 31, 2007, Ambassador McNamara, Program Manager for the Information Sharing Environment, established the Common Terrorism Information Sharing Standards (CTISS) program. The CTISS program allows for business process-driven, performance-based "common standards" for preparing terrorism information for maximum distribution and access, to enable the acquisition, access, retention, production, use, management, and sharing of terrorism information within the ISE. Two categories of common standards are formally identified under CTISS:
- Functional Standards - Functional standards set forth rules, conditions, guidelines, and characteristics of data and mission products supporting ISE business process areas.
- Technical Standards - Technical standards document specific technical methodologies and practices to design and implement information sharing capability into ISE systems.
- ISE-SAR Functional Standard, Version 1.5 (ISE-FS-200) Cover Document
- Technical Artifacts for ISE-FS-200 (ISE-SAR)
- Program Manager's Memorandum Update to ISE-SAR Functional Standard, Version 1.5
- ISE-SAR Functional Standard Fact Sheet
- ISE Administrative Memoranda #300 (CTISS Program)
- Common Terrorism Information Sharing Standards Program Manual
- FACT SHEET: Initial Suite of Technical Standards for the Information Sharing Environment Released to Address Information Assurance, Core Transport, and Identity and Access Management.
- ISE Guidance Technical Standard – Information Assurance, Version 1.0 (ISE-G-106)
- ISE Guidance Technical Standard – Core Transport, Version 1.0 (ISE-G-107)
- ISE Guidance Technical Standard – Identity and Access Management, Version 1.0 (ISE-G-108)
Consistent with Guideline 1 of the President's Memorandum of December 2005, Guidelines and Requirements in Support of the Information Sharing Environment, and the Implementing the Recommendations of the 9/11 Commission Act of 2007 (9/11 Commission Act), the Department of Homeland Security and the Department of Justice are responsible for making Common Terrorism Information Sharing Standards (CTISS) available for use by State, local, and tribal governments and the private sector, and requiring its use through grant guidance and other mechanisms, as appropriate.
Update to ISE-Suspicious Activity Reporting (SAR) Functional Standard Provides Greater Privacy and Civil Liberties Protections
On May 21, 2009, the Program Manager, Information Sharing Environment (PM-ISE), issued an update to the ISE-Suspicious Activity Reporting (SAR) Functional Standard (ISE-FS-200). The PM-ISE and its federal partners met with privacy and civil liberties advocates and state, local, and tribal law enforcement officials to better understand their concerns and suggestions for improving the Functional Standard. This updated Functional Standard directly addresses their concerns and incorporates their recommendations.
The ISE-SAR Functional Standard, Version 1.5 directly supports local efforts to fight terrorism-related crime, while at same time protecting the privacy and civil liberties of Americans. The ISE-SAR Functional Standard, Version 1.5:
- Refines the definition of Suspicious Activity as, “observed behavior reasonably indicative of pre-operational planning related to terrorism or other criminal activity.”
- Clarifies that the same constitutional standards that apply when conducting ordinary criminal investigations also apply to law enforcement and homeland security officers conducting SAR inquiries.
- Further emphasizes a behavior-focused approach to identify suspicious activity and requires that factors such as race, ethnicity, national origin, or religious affiliation should not be considered as factors that create suspicion (except if used as part of a specific suspect description).
- Refines the ISE-SAR Criteria Guidance to distinguish between those activities that are Defined Criminal Activity and those that are Potentially Criminal or Non-Criminal Activity requiring additional fact information during investigation.
- Clarifies those categories of activity which are generally First Amendment-protected activities should not be reported in a SAR or ISE-SAR absent articulable facts and circumstances that support the source agency’s suspicion that the behavior observed is reasonably indicative of criminal activity associated with terrorism.
- Updates the operational process descriptions to align the standard with the Nationwide SAR Initiative Concept of Operations, released in December 2008.
- For more information about the Nationwide SAR Initiative, visit the SAR Page
- Visit the NIEM website to access the IEPD Details, currently listed under the “What’s New” tab. (Effective January 30, 2009)
The ISE-SAR Functional Standard supports the Nationwide SAR Initiative by providing a standardized means for identifying, documenting, and sharing information regarding behavior reasonably indicative of terrorism-related criminal activity. The effective sharing of ISE-SAR enables the discovery of trends by analyzing information at a broader level than would typically be recognized within a single jurisdiction, State, or territory. Any patterns identified during ISE-SAR data analysis may be investigated in cooperation with the reporting agency, Joint Terrorism Task Force (JTTF), or the State or major urban area fusion center in accordance with departmental policies and procedures.
Initial Suite of Technical Standards Released – Information Assurance, Core Transport, and Identity and Access Management Framework
In accordance with ISE-AM-300, the PM-ISE issued an initial suite of technical standards under the CTISS program for implementing information technology
capabilities across the ISE. The ISE technical standards constitute those technical, voluntary consensus standards to be followed by ISE participants and
Implementation Agents, and applies to all agencies that support or interface with the ISE. The technical standards issued are as follows:
- Information Sharing Environment Guidance (ISE-G)-106 Technical Standard – Information Assurance, Version 1.0 was issued on 24 October 2008. ISE-G-106 consists of technical standards identified for providing information assurance (IA) services within the ISE Core. The governance and risk management processes for the ISE are critical to establishing and maintaining effective IA for the ISE.
- Information Sharing Environment Guidance (ISE-G)-107 Technical Standard – Core Transport, Version 1.0 was issued on 16 October 2008. ISE-G-107 consists of technical standards identified for providing core transport services. ISE Core Transport involves the underlying telecommunications and information technology infrastructure in the ISE Core which move information from one ISE Shared Space to another ISE Shared Space, to include email messages which may contain Controlled Unclassified Information (CUI) content.
- Information Sharing Environment Guidance (ISE-G)-108 Technical Standard – ISE Identity and Access Management (IdAM) Framework, Version 1.0 was issued on 19 December 2008. ISE-G-107 identifies and organizes those current IdAM standards, technologies, and operational principles that ISE participants are implementing or will implement to support both discovery and access to terrorism and homeland security information. It also provides common definitions and requirements to guide ISE participants on leveraging and integrating existing efforts toward a common identity and access management solution for the ISE.
Click here to access CTISS Artifacts including the ISE-FS-200 Version 1.5 Technical Artifact.
CTISS Help Desk
- Phone Support: 9 AM-8 PM (EST): 1-877-333-5111 or 703-726-1919
- Email Support: 9 AM-8 PM (EST): NISShelp@ijis.org
- Web: 24 hours a day, 7 days a week: http://it.ojp.gov/NISS/helpdesk/
Accessing and Using CTISS Publications
The CTISS provides major components to the ISE Enterprise Architecture Framework (EAF) and, more specifically, in the Data, Application and Service, and Technical Partitions of the EAF. The CTISS information and artifacts can be found here, which interfaces with the National Information Exchange Model (NIEM) Tools Registry.