Security clearance process deemed 'high-risk' by GAO

Shutterstock image (by Bruce Rolff): eyes in a binary tunnel. 

The Government Accountability Office has added the governmentwide security clearance process to its list of government programs most in need of reform.

The GAO high-risk list is updated every two years, but GAO chief Gene Dodaro announced he was adding security clearances to the list immediately " to bring attention to policymakers of the need for action sooner, rather than later."

As of September 2017, the backlog of security clearance applications exceeded 700,000. And a December GAO audit reported many agencies have yet to implement years-old recommendations to improve clearance processes.

GAO highlighted several persistent challenges that drove the decision to deem the process "high risk."

In addition to the massive backlog, GAO cited a lack of long-term goals to decrease its size, delays in clearance processing and milestones for reform efforts, plus the lack of milestones to measure the quality of background investigations.

In the wake of the breach of Office of Personnel Management records, the National Background Investigative Bureau was launched at OPM, with resources coming from the Pentagon to establish a secure IT system.

In its announcement, GAO cited the Pentagon's concerns about the development of the new IT system -- which was built by the Defense Information Systems Agency and which NBIB plans to begin transitioning to later in 2018. The watchdog agency also cited concerns about links to legacy systems at OPM. In a December 2017 report, GAO auditors noted that "vulnerabilities in OPM's legacy systems pose risks to the security of the new system and could delay its implementation."

GAO also expressed concern about the lack of metrics to track progress on security clearance and background investigation reform. Under the Obama administration, the process was tracked under a governmentwide performance goal supervised by a board that included leaders from the White House, OPM, the intelligence community, the Office of Management and Budget and the Defense Department. The Trump administration plans to launch its Cross-Agency Priority Goals, required under law, with its next budget proposal, which expected in February.

This is not the first time the personnel security clearance process has found itself on the high-risk list. In 2005, GAO added the process to the list, but removed it in 2011.

Sen. Mark Warner (D-Va.) described the clearance process as "broken," "a disservice to the people who support critical national security functions, as well as "a disservice to the American people."

Warner, the top Democrat on the Intelligence Committee, also sent a letter to OMB Director Mick Mulvaney requesting that the White House's fiscal year 2019 budget include funding to improve the government-wide clearance process.

Ranking Member of the House Oversight and Government Reform Committee Elijah Cummings (D-Md.) said GAO's decision "confirms what I have been warning about for months: serious deficiencies in our nation's security clearance processes represent an urgent and grave risk to our national security, not only with respect to systemic challenges, but also with respect to specific individuals who should not have access to our nation's most highly guarded secrets."

Cummings also lamented that, due to the slow process, "interim" clearances were extended to at least 165 individuals who later had their requests denied.

The Securely Expediting Clearance through Reporting Transparency (SECRET) Act, introduced in July by Reps. Steve Knight (R-Calif.) and Gerry Connolly (D-Va.), would require NBIB to submit a quarterly report on the size of the clearance application backlog. The bill passed the House, and awaits a vote on the Senate side.

In an end-of-year report, the Council of the Inspectors General on Integrity and Efficiency proposed that watchdogs work across agency lines to make help whittle down the application backlog.

About the Author

Chase Gunter is a former FCW staff writer.


  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

  • IT Modernization
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    VA plans 'strategic review' of $16B software program

    New Veterans Affairs chief Denis McDonough announced a "strategic review" of the agency's Electronic Health Record Modernization program of up to 12 weeks.

Stay Connected