Lawmakers and intelligence leaders are desperate to find a solution that would make a dent in a backlog of at least 700,000 unprocessed security clearances at the National Background Investigations Bureau (NBIB), but they might not like the latest idea the Defense Department is waving in their faces.
DoD has been exploring how it might resume responsibility for its own security clearances. The department in August finished a plan that describes how it might transfer security clearances for DoD personnel from the NBIB to the Defense Security Services (DSS).
But some lawmakers appear to be at least initially skeptical of DoD’s plan, especially as the Office of Personnel Management only stood up the NBIB about a year ago.
Members of the House Oversight and Government Reform Committee’s Government Operations Subcommittee plan to raise these concerns at a hearing Wednesday afternoon. While members are certainly looking for the backlog to go down, they question whether shifting existing resources out of the NBIB would undercut the work that OPM contractors are currently doing to pare back the government backlog.
“The ongoing reform effort could be slowed or abandoned altogether as DoD spends its institutional energy simply recreating what already exists at NBIB,” a draft statement from subcommittee Chairman Mark Meadows (R-N.C.) stated.
The 2016 National Defense Authorization Act tasked DoD to study the possibility of moving security clearances for its own employees out of OPM and the NBIB.
The NDAA mandate came shortly after the NBIB achieved initial operating capability last fall.
Since then, OPM awarded a contract to four vendors to support the work of federal investigators to do background investigations and begin addressing the backlog of cases.
It hired 400 new federal investigators in fiscal 2016 and about another 200 in 2017.
The National Counterintelligence and Security Center has also been working with the NBIB. It developed national training standards for adjudicators and released a series of long-awaited guidelines for using social media during background investigations.
Strengthening the periodic reinvestigation process with automated continuous evaluation will also help OPM control clearance backlogs, Bill Evanina, director of the NCSC at the Office of the Director of National Intelligence, wrote in his prepared testimony for the subcommittee.
“NCSC is … building an IT system that will conduct automated records checks, apply standard personnel security business rules, and generate alerts when security-relevant information is identified,” Evanina’s statement reads. “Our goal is to deploy a fully operational CE System by Fall 2018 that will be available for use by any Executive Branch agency.”
Meanwhile, NBIB has been testing e-Application, or e-App, the replacement to the beleaguered Electronic Questionnaires for Investigations Processing (e-QIP) system.
DoD has long been frustrated by OPM’s handling of the federal security clearance process. But Trey Hodgkins, senior vice president of the Information Technology Industry Council, has said that removing the defense community from the governmentwide security clearance system gives DoD further excuses to tailor the process to its own particular requirements.
The move would bifurcate the system, Hodgkins, who’s also expected to testify at the House oversight subcommittee’s hearing, told Federal News Radio last month.
Meadows plans to acknowledge DoD’s recent plan, but said the department hasn’t put forth a strong argument for why it should take over security investigations for its own personnel.
OPM had plenty of skeptics when it first announced its plans to stand up a new federal entity that would absorb the Federal Investigative Services (FIS), the organization that conducted about 95 percent of federal background checks.
A staunch critic of OPM’s track record with cybersecurity, former House Oversight and Government Reform Committee Chairman Jason Chaffetz (R-Utah) at the time said true security clearance reform would come when the administration overhauled the core systems that processed applications and stored the sensitive information associated with them.
“Simply creating a new government entity doesn’t solve the problem,” Chaffetz said back in January 2016. “The administration needs to undertake meaningful reforms to protect citizens’ most sensitive personal information. Protecting this information should be a core competency of OPM, the government’s human resources agency.”