Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
White House backs 13 recommendations to improve security clearance process
Tuesday - 3/18/2014, 4:28pm EDT
Six months after 34-year-old IT contractor Aaron Alexis opened fire at the Washington Navy Yard killing 12 people, concerns about missed red flags in his background and gaps in the security clearance process are now turning into action.
The Obama administration released the findings of an interagency review of the federal security clearance process Tuesday. Among the 13 recommendations for shoring up the system are continuously evaluating clearance holders rather than relying on infrequent check-ups and improving investigators' access to state and local police records.
"The administration is committed to implementing these recommendations in a responsible and timely manner," said Beth Cobert, the Office of Management and Budget's deputy director for management, in a statement. "Ensuring the safety and security of our federal workers and our nation's most sensitive information is a priority, and we will work to make these improvements and find ways to further strengthen our systems."
Cobert also chairs the Suitability and Security Clearance Performance Accountability Council (PAC), which includes the Office of Personnel Management and the Office of the Director of National Intelligence. President Barack Obama tasked the PAC with leading the review process.
Among the council's recommendations:
Continuously evaluating clearance holders
The report pushes agencies to move toward a posture of continuously evaluating clearance holders, instead of relying solely on periodic reinvestigations. Currently, top-secret clearance holders are reinvestigated only every five years. Secret clearance holders are re-checked every 10 years and confidential clearance holders every 15 years.
"Lengthy periods between reinvestigations do not provide sufficient means to discover derogatory information that develops following the initial adjudication," the report stated. "Furthermore, resource constraints lead agencies to conduct fewer than the required number of reinvestigations."
The government faces a hefty backlog of these reinvestigations. About 22 percent of top-secret and secret clearance holders are overdue for a reinvestigation and no review has yet been requested by the agency, according to the report.
"This backlog poses unacceptable risk, leaving the U.S. government potentially uninformed as to behavior that poses a security or counterintelligence concern," the report stated.
The review proposes an "accelerated timeline" for developing and deploying a continuous evaluation solution across all agencies — first for top-secret clearance holders by this September and eventually the entire clearance-holder population by 2016.
Already, pilot projects are underway that incorporate automated credit checks, personnel records and even social media screenings. For example, the Defense Department recently sampled more than 3,300 Army service members, civilian employees and contractors using its Automated Continuous Evaluation System (ACES). That review turned up previously unreported derogatory information on more than 21 percent of the employees sampled and serious issues, such as domestic abuse or drug abuse, in 3 percent of the clearance holders surveyed.
Improving oversight and quality standards
In 2009, the Government Accountability Office reopened about 3,500 background investigations conducted by OPM and found 87 percent of them were missing proper documentation.
The problem, according to the review, is a lack of consistency in quality metrics.
For example, there is little guidance and no agreement on whether background investigations meet quality standards if they're missing key pieces of information. For example, should investigators conducting background checks — and the agencies ultimately signing off on them — accept cases that omit information investigators were unable to collect?
For the first time, the government will develop and issue governmentwide quality standards for background investigations by June. By October, the review council will begin collecting quality metrics from agencies on meeting these standards.
In the meantime, the report said it's "critical" that OPM continue conducting quality reviews of background checks, including randomly pulling out completed cases and recontacting sources.
OPM, along with a team of contractors it oversees, conducts some 90 percent of background investigations for federal agencies.
But the agency's stewardship of the security-clearance process has come under scrutiny.
Last fall, the Justice Department joined a whistleblower lawsuit against the background-check firm USIS, which holds a $2.4 billion contract with OPM, alleging the company had improperly signed off on hundreds of thousands of such investigations, in a practice known as "dumping" or "flushing" records. USIS, it turns out, had also performed Alexis' 2007 background investigation, but that check predates DoJ's allegations of misconduct and is not part of the lawsuit.
Last month, OPM Director Katherine Archuleta announced that final quality review of background investigations will now only be conducted by OPM employees. Prior to her order, USIS also performed final quality reviews under a separate contract with the agency. OPM officials later told a congressional committee investigating the matter that the company "misused" the secondary contract to "obtain information about OPM's oversight efforts and evade detection of its alleged fraudulent activities for more than four years."