Governance & Program Info

Biometric Identification & Entity Tracking — Governance

Cross-builder institution context and per-item ownership, due dates, status, and next actions for the governance-relevant checklist items in this builder.

← Back to checklist
Institution context
Program info
Applies across every builder in the app. Stored locally; nothing leaves the browser.
Checklist governance
Items (0 of 16 marked complete)
Annotate ownership, due date, status, and next action. Items on the left come from the builder's governance / compliance phases.
05 · Governance & Compliance
Align to DoDD 8521.01E (DoD Biometrics)
required
The directive governs the DoD biometrics enterprise including ABIS management, partner-nation sharing, and retention.
05 · Governance & Compliance
Align to DoDI 3300.04 (Biometric-Enabled Intelligence)
required
The instruction governs biometric-enabled intelligence (BEI) production and dissemination — relevant to any system that feeds intelligence products.
05 · Governance & Compliance
Confirm ABIS integration governance
required
Integration with ABIS / ABIS Next Generation is governed — ICD, ATO, and operational authority are prerequisites, not formalities.
05 · Governance & Compliance
Retention and destruction policy per source
requiredtrinidy
Retention timelines differ by originating source, classification, and population — all must be documented and technically enforced.
05 · Governance & Compliance
Privacy Act of 1974 applicability review
required
Any US-person collection triggers Privacy Act obligations — notice, access, amendment, and redress procedures.
05 · Governance & Compliance
Published SORN covering every population enrolled
required
System of Records Notice must be published in the Federal Register before US-person records are collected or retrieved by identifier.
05 · Governance & Compliance
Align to DoD 5400.11 DoD Privacy Program
required
DoD 5400.11 operationalizes the Privacy Act inside the Department. Biometric systems must have documented 5400.11 controls.
05 · Governance & Compliance
Incidental-collection handling procedure
required
When the operational population is primarily non-US but may incidentally include US persons, a documented handling procedure is required.
05 · Governance & Compliance
Align to E.O. 13526 classification marking
required
Every derived product — template, embedding, fused score, track file — must carry correct classification marking under E.O. 13526.
05 · Governance & Compliance
Align to ICD 710 classification and control markings
required
ICD 710 governs classification marking for intelligence products, which biometric-enabled intelligence falls under.
05 · Governance & Compliance
Partner-nation disclosure under CJCSI 5221.01D
requiredtrinidy
Commander-delegated authority to disclose classified military information to foreign governments — the authority document for coalition biometric sharing.
05 · Governance & Compliance
Bilateral biometric sharing agreements inventory
required
Every partner-nation biometric sharing agreement — Five Eyes, NATO, bilateral SOFAs — inventoried with current authorities and expiration.
05 · Governance & Compliance
Model documentation package per matcher
required
Purpose, training data, evaluation results (FRVT / IREX / in-house), known failure modes, demographic analysis, versioning.
05 · Governance & Compliance
Independent model validation
required
Second-line or external independent team validates matcher accuracy claims and bias analysis before production.
05 · Governance & Compliance
Immutable audit log of every match query and decision
requiredtrinidy
Query, candidate list, operator decision, rationale, model version, and classification marking logged for every interaction.
05 · Governance & Compliance
Reason-code / explainability output per decision
required
Per-modality similarity scores, contributing features, and confidence intervals surfaced to operators and audit.