What’s next for security clearance reform?

Progress has been made in efforts to overhaul the government’s security clearance processes, and more milestones are expected in 2022 according to an oversight report released this week.

A key goal of this effort, known as Trusted Workforce 2.0, is continuous vetting, a method that will involve enrolling employees into IT systems that will do automated record checks regularly, as opposed to periodic re-investigations of employees.

One critical enabler for this will be the development of the necessary IT infrastructure, according to a recent report from the Government Accountability Office.

A big piece of this is IT at the Defense Counterintelligence and Security Agency, which conducts the majority of background investigations, although some agencies do some or all of their own background checks.

Currently, the Department of Defense is developing capabilities for the National Background Investigation Services system.

Eventually, this system for governmentwide personnel vetting will have functionality for applicants to enter in data to start the investigation process; investigators to manage information; and agencies that are investigative service providers to conduct those automated record checks as part of continuous evaluation.

Key dates on the horizon include a plan to give agencies access to NBIS in FY 2022, after DOD finishes its pilot of NBIS capabilities.

DCSA also is aiming to incorporate all clearances into the Trusted Workforce 2.0 program by the end of 2023. Already, the DOD’s own defense and military personnel are part of the program.

For now, DCSA is still maintaining OPM legacy systems that it inherited when government-wide background investigation responsibilities moved to the Department of Defense after a 2015 cyber breach at OPM. Some of these legacy systems date back to the 1980s.

This and other necessary executive branch agencies’ supporting IT systems are the most important element of implementing the reform efforts, a program management officer for the interagency forum charged with the reforms, known as the Security, Suitability, and Credentialing Performance Accountability Council, told GAO in the report.

The interagency forum is already revising policies for investigative standards and adjudication, which guide requirements and criteria for background checks.

They’ll be released in the next calendar year, but not until the tech is there to allow agencies to get onboard with continuous vetting, the report says.

The interagency group is also developing policy in four areas, including measuring the performance of the vetting process and defining the requirements of five vetting scenarios, including initial vetting for new employees and continuous vetting.