In the past decade, it has become clear that the U.S security clearance process is in a state of crisis. Security clearances are required by all federal employees or employees of cleared contractors with access to classified information – those who need it range from janitors to senior management, and as of 2017, 700,000 individuals were in the backlog for review.
If that sounds high, that’s because it is. Since 2014, the time for clearances to issue on receipt of paperwork has more than doubled, ranging from 8 months to more than a year, depending on the security level. In 2018, the National Background Investigations Bureau (NBIB) acknowledged the severe deficiencies in its process. And as of July this year, the Department of Defense (DoD) announced it would be taking over background investigations, only two years after this responsibility was handed to the NBIB.
Backlog issues in the clearance process have beleaguered the security establishment almost since its inception in the 1940s. In the late 2000s, the United States Office of Personnel Management (OPM) began to roll out end-to-end electronic management of clearance cases, and 2010 saw the backlog decrease substantially, with U.S organizations like the GAO removing it from a list of high-profile concerns.
But this was the calm before a storm of massive leaks, including three cybersecurity attacks on the OPM which took place between 2014 and 2015 which saw the theft of 21.5 million social security numbers in addition to other personally identifiable information. The leak of classified information by cleared individuals like Edward Snowden and Chelsea Manning, in addition to violent crimes on federal property by formerly cleared employees like Aaron Alexis, added to mounting concerns about the effectiveness of the clearance system.
Fast forward to the present, and former Deputy Director of the NBIB Merton Miller has written extensively about these issues and ideas for solving them. High on his list of concerns is the deprecated Personnel Investigations Processing System (PIPS), which has been used for years to process clearance cases. Now, at last, a new case management system is being discussed by stakeholders in line with Miller’s recommendations.
Managing in The Present
Until reforms are made – which could take at least a few years – cleared contractors who need to authorize their personnel are having a tricky time. So too are their new hires, left out in the cold. But right now, there are a few limited actions that can be taken by contractors, individuals and the government to get America’s broken security machine back on track.
- Collecting info – After being endorsed by a cleared contractor, an individual can improve the speed of his or her clearance by having the right information ready. The OPM provides a downloadable form (Standard Form 86—SF86), and by filling it out before officially submitting info via the e-QIP, individuals can reduce the chance of leaving anything out or needing to restart.
- Ensuring quality – Individuals should be absolutely sure that every blank they fill out is accurate to a tee. The NBIB is thorough in its investigations, which is why clearances take so long. The more accurate the info, the less likely an application will be rejected or delayed because of a single unclear detail that requires extra diligence.
- Following instructions – In the clearance process, individuals are asked “who they know”. The list of people known to an applicant may be consulted, and this takes time. Individuals may increase the time it takes to be cleared if they list relatives anywhere other than the special section for relatives on the SF86 under Section 17 and 18.
- Educate personnel – when seeking clearance for an employee, contractors should ensure that the employee understands the clearance process and best filing practices. Providing information sessions, resources, and copies of SF86 will help to expedite the clearance process while leaving anything to chance may compound it.
- Identify internal issues – while the bulk of time to clearance processing is the fault of case management issues on a federal level, stakeholders can only exacerbate the issue by delaying recommendations for personnel. By identifying impediments to the speed of clearance requests, they may also reduce time to clearance.
- Advocate reform – encouragingly, outspoken critics of the clearance process have succeeded in being heard, as in the case of Merton Miller. The IBM Center for The Business of Government and the National Academy of Public Administration held a roundtable on clearance procedures for industry leaders last November; participating in functions like these will help to ensure that stakeholder needs are accounted for in the future.
For the Country
- A better CMS – as mentioned earlier, a better CMS is on the horizon and will go a long way toward improving the clearance process. This CMS should – among other things – expand investigative resources by distributing them among multiple agencies, increase end-to-end efficiency, and make relevant information more easily accessible to everyone involved in an investigation.
- Data analysis – the analytics community has made great strides even in the short time since PIPS was first implemented. Not only can better analytical methods improve the review process, they can also help investigations at every step of the way, from background checks to interviews and credit reporting. These are industry-wide improvements that can start with the new CMS and incrementally improve clearance as time progresses.
- Improved culture – perhaps it is inevitable that clearance is viewed with contempt as a necessary evil by almost everyone who needs it. But this leads to complacency, delayed cooperation, and lax data security practices which trickle up and increase investigation length. Corporations, contractors, agencies, and individuals should become better informed about security needs to reduce cultural impediments to a more streamlined clearance process.
MathCraft Security Technologies offers a robust product line of NISPOM-compliant security applications for cleared contracts and enterprises. Our solutions are carefully engineered to improve security processes, giving Facility Security Officers (FSOs) and employees the comprehensive tools that they need to manage data, monitor visitors, and automate workflows. For ultimate convenience, they are also available on-premises or via the cloud.