CrimTrac to outsource IT management

The operator of some of Australia’s most sensitive and critical national law enforcement systems is set to hand many of these responsibilities over to the private sector under a new outsourcing deal.

CrimTrac acts as the information intermediary between Australia’s state-based policing services and operates national databases of collected DNA profiles, ballistics, fingerprints and other biometrics, as well as child pornography and cybercrime intelligence.

It employs roughly 220 staff supporting the information needs of 55,000 state and federal police users.

Historically CrimTrac has developed and managed systems in-house. It has also manned the client service desk, client connections and messaging layers between national and state-based systems that facilitate secure information sharing.

The agency has led major IT projects and overseen business-as-usual operations while limiting outsourcing to infrastructure services like server, storage and network management.

But CrimTrac recently approached the market to send a greater bundle of these services to the private sector.

The agency wants to outsource design, project management and business-as-usual operation of its top-secret systems to “allow agency personnel to be re-tasked to higher value governance, strategy and contracts management activities”.

The outsourcing drive comes as CrimTrac has been given the green light to go ahead with an expansion of its national fingerprints database to take in new forms of biometrics – which Victorian Police Commissioner Ken Lay has described as representing a “very significant expenditure of public funds”.

The new biometrics system will link up identities with profiles such as faces, palm prints, voice recognition, scars, bodily marks and tattoos.

Despite the sensitive nature of the data it holds, an agency spokesperson defended the  outsourcing agenda and its privacy implications.

“CrimTrac engages with the private sector for its IT service management and a range of projects to ensure appropriate product analysis, market testing and to secure hi-tech solutions," she said.

“Infrastructure and systems managed by CrimTrac have strict security and contractual arrangements in line with commonwealth and police requirements and appropriate risk assessments are undertaken."

CrimTrac also confirmed that staff working on the system will need to hold “relevant security clearances” and that “system access is restricted accordingly”.

The new deal will replace the agency's current IT management deal. CrimTrac signed a $25 million contract for the “design and implementation of CrimTrac's enterprise computing grade mission critical ICT environment” with Logica in 2009, which expired in March this year.