<style type="text/css"> .no-show { display: none; } .disable-fade-in{ opacity: 1 !important; transform: none !important; visibility: visible !important; } </style>
Stories

Statements on Agency Accountability Board Findings Regarding CIA Computer Network Issue

January 14, 2015

Below please find a statement issued today by former Senator Evan Bayh, the chairman of an Agency Accountability Board that was convened last year to review CIA Office of Inspector General (OIG) findings regarding five individuals at CIA and to issue recommendations on possible accountability and any systemic issues identified.

In addition, please find below a statement issued today by CIA announcing that it has accepted the recommendations of the Agency Accountability Board.

A redacted version of the December 2014 Agency Accountability Board [PDF 12.0MB] report, along with a redacted version of the July 2014 CIA OIG [PDF 27.5MB] report, can be found at www.cia.gov/library/reports.

Statement By Senator Evan Bayh Regarding the Findings of the Agency Accountability Board

“In August 2014, CIA Director John Brennan asked me to chair an Agency Accountability Board (AAB) tasked with reviewing the conduct of five individuals found by the Office of Inspector General (OIG) to have acted improperly in accessing Senate data contained on a classified CIA computer network shared with the United States Senate for purposes of its Study of the former Detention and Interrogation Program. The Board was charged with making recommendations regarding possible individual discipline and any systemic changes needed. Comprised of myself, former White House Counsel Bob Bauer, and three senior career CIA officers, the Board completed its review in mid-December 2014, and transmitted its findings and recommendations to CIA.

“This morning, Mr. Bauer and I briefed Chairman Burr and Vice Chairman Feinstein of the Senate Select Committee on Intelligence (SSCI) regarding those unanimous findings and recommendations. It is my sincere hope that implementation of these recommendations will prevent future instances of the miscommunication and confusion that led to the controversy under review. A strong commitment to the separation of powers and vigorous bi-partisan oversight by SSCI is essential to our democracy. I am highly confident that my former colleagues and friends Chairman Burr and Vice Chairman Feinstein will continue to provide the able leadership essential to achieving these goals during this challenging time in our history.

“The Board found that no discipline was warranted for the five CIA personnel under review because they acted reasonably under the complex and unprecedented circumstances involved in investigating a potential security breach in the highly classified shared computer network, while also striving to maintain the sanctity of SSCI work product. Because there was no formal agreement -- or even clear common understanding -- governing the procedures to be followed in investigating a potential security incident in these circumstances, no course of action was free of potential complication or conflict. Although five non-deliberative SSCI emails were accessed in the course of the investigation into a possible security breach, the Board found that, while this was clearly inappropriate, it was a mistake that did not reflect  malfeasance, bad faith, or the intention to gain improper access to SSCI confidential, deliberative material. None of the five individuals under review by the Board was responsible for this mistake, and two of them, the most senior, had expressly counseled that care be taken to avoid accessing SSCI work product.

“Separately, the Board found that there was insufficient evidence to conclude that CIA personnel exhibited a lack of candor or that any of the individuals under review provided inaccurate information for inclusion in a crimes report CIA filed with the Justice Department.

“Finally, the Board proposed a number of systemic recommendations which CIA has accepted. First, for a computer network shared between two independent branches of government (or multiple agencies within the Executive branch), the CIA should at the outset ensure the existence of a formal, written agreement governing access to the network by all parties for any and all purposes, including the enforcement of security procedures. Second, in circumstances such as these involving a shared network, the Director should direct a quarterly review for issues that may warrant clarification, policymaker awareness, notification, or further policy guidance. Third, in such circumstances, the CIA’s Office of Security should address network security issues in a timely fashion, and conduct similar quarterly reviews. Fourth, if at all possible, CIA should avoid assigning both operational and legal oversight responsibility for a program to one officer. Fifth, in future matters of this kind, the CIA’s Office of Congressional Affairs should be involved from the outset. And, finally, with respect to the OIG, who conducted the initial investigation, the Board recommended that the OIG should keep complete records of interviews that would assist in evaluating the quality and thoroughness of testimony whenever such a question arises.”

Statement By CIA Regarding the Findings of
the Agency Accountability Board

“CIA today announced that it has accepted the recommendations of an Agency Accountability Board convened last year to review CIA Office of Inspector General (OIG) findings regarding five individuals at CIA and to issue recommendations on possible accountability and any systemic issues identified.

“The Board was chaired by former Senator and Senate Select Committee on Intelligence (SSCI) member Evan Bayh and was comprised of former White House Counsel Bob Bauer and three senior career CIA officials.  Last month, the Board completed its review and issued its recommendations to CIA leadership.

“In summary, the Board found that the five individuals previously cited by the OIG for improper access to the SSCI side of a CIA computer network had acted reasonably in an effort to investigate a potential security breach in that highly classified computer network, and determined that no disciplinary actions for the individuals were warranted.  CIA leadership, in consultation with the Director of National Intelligence, has accepted the recommendations on accountability.  The Board also made a handful of recommendations regarding systemic issues, which CIA leadership has accepted.”