This is the accessible text file for GAO report number GAO-09-488
entitled 'Personnel Security Clearances: An Outcome-Focused Strategy Is
Needed to Guide Implementation of the Reformed Clearance Process'
which was released on July 14, 2009.
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as part
of a longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
Report to Congressional Requesters:
United States Government Accountability Office:
GAO:
May 2009:
Personnel Security Clearances:
An Outcome-Focused Strategy Is Needed to Guide Implementation of the
Reformed Clearance Process:
Personnel Security Clearances:
GAO-09-488:
GAO Highlights:
Highlights of GAO-09-488, a report to congressional requesters.
Why GAO Did This Study:
Personnel security clearances are used to verify that national security
information—which in some cases could cause exceptionally grave damage
to national security if disclosed—is entrusted only to those who have
proven reliability and loyalty to the nation. In response to long-
standing problems with timeliness and backlogs, Congress mandated
clearance reforms as part of the Intelligence Reform and Terrorism
Prevention Act of 2004 (IRTPA), and since 2005 the Department of
Defense’s (DOD) clearance program has remained on GAO’s high-risk list
despite improvements in timeliness. In 2007, a Joint Reform Team, led
by the Office of Management and Budget (OMB), was established to
improve the clearance process across the government. GAO was asked to
review the extent to which reform efforts (1) align with key practices
for organizational transformations and (2) address identified factors
for reforming the personnel security clearance process. To assess these
objectives, GAO compared joint reform reports to key transformation
practices and essential factors for reform.
What GAO Found:
Initial joint reform efforts have, in part, aligned with key practices
for organizational transformation, such as having committed leadership
and a dedicated implementation team, but reports issued by the Joint
Reform Team do not provide a strategic framework that contains
important elements of successful transformation, including long-term
goals with related outcome-focused performance measures to show
progress, or identify obstacles to progress and possible remedies. To
communicate plans of the reform efforts, the Joint Reform Team issued
three reports, including an initial reform report in April 2008 that
presented a new 7-step process design, a December 2008 update, and a
March 2009 Enterprise Information Technology Strategy. Consistent with
practices that GAO has previously identified, the executive branch
established a Performance Accountability Council to achieve reform
goals, drive implementation, and oversee the reform. Membership on this
council currently includes senior executive leaders from 11 federal
agencies. Further, an executive order designates OMB’s Deputy Director
for Management as the chair of this council. However, it is difficult
to gauge progress of reform, or determine if corrective action is
needed, because the council, through the Joint Reform Team, has not
established a method for evaluating the progress of the reform efforts.
In the absence of a strategic framework that is outcome focused, with
clearly defined performance measures, the Joint Reform Team is not in a
position to demonstrate to decision makers the extent of progress that
it is making toward achieving its desired outcomes.
The personnel security clearance joint reform reports that GAO reviewed
collectively do begin to address essential factors for reforming the
security clearance process, which represents positive steps. GAO’s
prior work and IRTPA identified several factors key to reforming the
clearance process. These include (1) developing a sound requirements
determination process, (2) engaging in governmentwide reciprocity, (3)
building of quality into every step of the process, (4) consolidating
information technology, and (5) identifying and reporting long-term
funding requirements. However, the Joint Reform Team’s information
technology strategy does not yet define roles and responsibilities for
implementing a new automated capability which is intended to be a cross-
agency collaborative initiative. GAO’s prior work has stressed the
importance of defining these roles and responsibilities when initiating
cross-agency initiatives. Also, the joint reform reports do not contain
any information on initiatives that will require funding, determine how
much they will cost, or identify potential funding sources. Without
long-term funding requirements, decision makers in both the executive
and legislative branches will lack important information for comparing
and prioritizing proposals for reforming the clearance processes. The
reform effort’s success will be dependent upon the extent to which the
Joint Reform Team is able to fully address these key factors moving
forward.
What GAO Recommends:
GAO recommends that OMB establish a strategic framework that includes
outcome-focused performance measures, clear roles and responsibilities
for information technology implementation, and estimated long-term
costs. In commenting on this draft, OMB partially concurred with GAO’s
recommendation.
View [hyperlink, http://www.gao.gov/products/GAO-09-488] or key
components. For more information, contact Brenda S. Farrell at (202)
512-3604 or farrellb@gao.gov.
[End of section]
Contents:
Letter:
Background:
Initial Reform Efforts Have Partially Aligned with Key Practices but
Lack a Fully Developed Strategic Framework with Outcome-Focused
Performance Measures to Show Progress:
Joint Reform Reports Have Begun to Address Factors That Are Critical to
Reforming the Security Clearance Process:
Conclusions:
Recommendations for Executive Action:
Agency Comments and Our Evaluation:
Appendix I: Scope and Methodology:
Appendix II: Comments from the Department of Defense and the Director
of National Intelligence:
Appendix III: Comments from the Office of Personnel Management:
Appendix IV: GAO Contact and Staff Acknowledgments:
Related GAO Products:
Table:
Table 1: Summary of the Degree to Which Joint Reform Plans Address
Factors Critical to Reforming the Personnel Security Clearance Process:
Figures:
Figure 1: Key Events Related to the Security Clearance Reform Effort:
Figure 2: Transformed Suitability and Security Clearance Process
Design:
Figure 3: Governance of Security and Suitability Clearance Processes:
Abbreviations:
DOD: Department of Defense:
GPRA: Government Performance and Results Act of 1993:
IRTPA: Intelligence Reform and Terrorism Prevention Act of 2004:
OMB: Office of Management and Budget:
OPM: Office of Personnel Management:
ODNI: Office of Director of National Intelligence:
[End of section]
United States Government Accountability Office:
Washington, DC 20548:
May 19, 2009:
The Honorable Silvestre Reyes:
Chairman:
Permanent Select Committee on Intelligence:
House of Representatives:
The Honorable Anna G. Eshoo:
Chairwoman:
Subcommittee on Intelligence Community Management:
Permanent Select Committee on Intelligence:
House of Representatives:
Personnel security clearances are used to verify that national security
information--which in some cases could cause exceptionally grave damage
to U.S. national defense or foreign relations if disclosed--is
entrusted only to individuals who have proven reliability and loyalty
to the nation. Following the terrorist attacks on September 11, 2001,
the nation's defense and intelligence needs grew, prompting increased
demand for personnel with security clearances. According to officials
from the Joint Reform Team, about 2.4 million people--excluding some of
those with clearances who work in areas of national intelligence--
currently hold clearances, and the Office of Personnel Management (OPM)
conducted about 750,000 national security investigations in fiscal year
2008. We have previously reported on delays and backlogs in security
clearance processing, lack of reciprocity,[Footnote 1] and incomplete
investigations. As a result of these long-standing issues, we have
designated the Department of Defense's (DOD) personnel security
clearance program a high-risk area since 2005.[Footnote 2]
In response to concerns about delays in processing clearances and other
issues, Congress set goals and established requirements for improving
the clearance process in the Intelligence Reform and Terrorism
Prevention Act of 2004 (IRTPA).[Footnote 3] Those requirements include,
among other things, improving the timeliness of the clearance process,
achieving interagency reciprocity, establishing an integrated database
to track investigative and adjudicative information,[Footnote 4] and
evaluating available technology for investigations and adjudications.
While DOD and other executive branch agencies responsible for
investigating or adjudicating clearances for federal personnel,
military servicemembers, and government contractors have made
significant progress in improving timeliness and evaluating the use of
available technology in clearance processing, problems related to the
quality of security clearance investigations and adjudication
determinations, reciprocity of clearance determinations, and
information technology persist.
In 2007, the Joint Reform Team--which currently consists of cognizant
entities within the Office of Management and Budget (OMB), Office of
Personnel Management (OPM), Office of the Director of National
Intelligence (ODNI), and the Under Secretary of Defense (Intelligence)-
-was established by the Director of National Intelligence through a
Memorandum of Agreement to execute joint reform efforts to achieve
IRTPA timeliness goals and improve the processes related to granting
security clearances and determining suitability for government
employment.[Footnote 5] In its April 2008 report, the Joint Reform Team
called for an executive branch governance structure to ensure
accountability and sustain reform momentum. Subsequently, in June 2008,
Executive Order 13467 established a Suitability and Security Clearance
Performance Accountability Council, commonly known as the Performance
Accountability Council, to be the governmentwide governance structure
responsible for driving implementation and overseeing these reform
efforts. Furthermore, the order appointed the Deputy Director for
Management at OMB as the chair of the council and designated Executive
Agents for Suitability and Security.[Footnote 6] The Joint Reform Team
continues to work on the reform effort under the Performance
Accountability Council by providing progress reports, recommending
research priorities, and overseeing the development and implementation
of an information technology strategy, among other things. In addition
to its April 2008 report, the Joint Reform Team provided two other key
reports, which collectively communicate the reform effort's plans for
reforming the security clearance process. First, in December 2008, the
Joint Reform Team issued a report on the progress of the reform efforts
and provided further details on the plans to implement reforms. Most
recently, in March 2009, the Joint Reform Team finalized an Enterprise
Information Technology Strategy to support the reformed security and
suitability process and its associated milestones described in the
April and December reports. Figure 1 highlights key events related to
security clearance reform.
Figure 1: Key Events Related to the Security Clearance Reform Effort:
[Refer to PDF for image: illustration]
December 17, 2004:
Intelligence Reform and Terrorist Prevention Act passed.
January 2005:
Government Accountability Office places Department of Defense’s
clearance program on its high-risk list.
June 27, 2005:
Executive Order 13881 designates Office of Management and Budget the
single entity to ensure centralization, uniformity, and reciprocity of
security clearance policies.
November 2005:
Office of Management and Budget issues a plan for improving the
security clearance process.
June 25, 2007:
The Joint Reform Team is formed to recommend research priorities and
oversee the development and implementation of an information technology
strategy to reform the security clearance process.
April 30, 2008:
The Joint Reform Team issues a report on reforming the security
clearance and suitability process.
June 30, 2008:
Executive Order 13467 establishes the Performance Accountability
Council to drive implementation of the reform effort and designated the
Office of Management and Budget's Deputy Director for Management as
Chair.
December 18, 2008:
The Joint Reform Team issues a report outlining reform progress and
further plans.
March 17, 2009:
The Joint Reform Team issues an Enterprise Information Technology
Strategy to support the reformed security and suitability process.
Source: GAO analysis.
[End of figure]
Congressional oversight through hearings held by the Subcommittee on
Intelligence Community Management, House Permanent Select Committee on
Intelligence, in February and July 2008 has helped focus attention on
the need for security clearance reform.[Footnote 7] In addition, the
Chairman of the House Permanent Select Committee on Intelligence and
the Chairwoman of the Subcommittee on Intelligence Community Management
asked us to examine the ongoing reforms relative to key practices GAO
has used to evaluate other reform efforts, and to review the criteria
that the executive branch is using to assess the effectiveness of its
efforts. Specifically, in this report we address the following
questions: (1) To what extent are joint efforts to reform the personnel
security clearance process consistent with key practices--including
setting outcome-focused implementation goals to show progress--that GAO
has identified for successful organizational transformations? (2) To
what extent do the three security clearance joint reform reports
address essential factors for reforming the security clearance process?
To assess the extent to which efforts to reform the personnel security
clearance process are consistent with key practices that GAO has
identified for successful organizational transformations,[Footnote 8]
we collected and analyzed reports and documents related to the reform
effort. We also conducted interviews with relevant officials from the
Performance Accountability Council, the Joint Reform Team, and other
federal agencies involved in the reform effort. We then compared our
analysis of the reform efforts with key practices for organizational
transformations. To assess the extent to which security clearance
reform plans address essential factors for reforming the security
clearance process, we reviewed the April and December 2008 progress
reports and the March 2009 information technology strategy report,
[Footnote 9] which collectively communicate the reform plans developed
since the establishment of the Joint Reform Team in 2007. We then
conducted interviews to discuss those plans with agency officials from
the Performance Accountability Council, the Joint Reform Team, and
agencies affected by reform efforts. We also analyzed additional
guidance and executive branch policies, including executive orders and
recently issued federal investigative standards. Specifically, we
compared the reports to factors we previously identified[Footnote 10]
and two additional criteria established in IRTPA[Footnote 11] that are
essential to reforming the clearance process. We conducted this
performance audit from August 2008 through May 2009 in accordance with
generally accepted government auditing standards. Those standards
require that we plan and perform the audit to obtain sufficient,
appropriate evidence to provide a reasonable basis for our findings and
conclusions based on our audit objectives. We believe that the evidence
obtained provides a reasonable basis for our findings and conclusions
based on our audit objectives.
Background:
Since 1997, federal agencies have followed a common set of personnel
security investigative standards and adjudicative guidelines for
determining whether servicemembers, federal workers, private industry
personnel, and others are eligible to receive security clearances.
[Footnote 12] Security clearances are required for access to certain
national security information, which is classified at one of three
levels: top secret, secret, or confidential. The level of
classification
denotes the degree of protection required for information and the
amount of damage that unauthorized disclosure could reasonably cause
to national security. The degrees of expected damage that unauthorized
disclosure could reasonably be expected to cause are "exceptionally
grave damage" for top secret information, "serious damage" for secret
information, and "damage" for confidential information.[Footnote 13]
We have previously reported problems--including significant delays in
processing clearances--associated with DOD's security clearance
processes, and in 2005, 2007, and again in 2009, we identified not only
delays in completing the end-to-end clearance processing but also
incomplete investigative and adjudicative reports.[Footnote 14] More
recently, we reported that although the executive branch has met
current IRTPA timeliness requirements--under which adjudicative
agencies are to make a determination on at least 80 percent of all
applications for a security clearance within 120 days, on average,
after the date of receipt of the application--executive branch reports
to Congress do not capture the full range of time that OPM and DOD took
to make clearance determinations.[Footnote 15] Further, we found that
those reports provided decision makers little information on quality,
and that the majority of OPM-provided investigative reports, which DOD
adjudicators (agency employees who decide whether to grant a clearance
to an applicant based on the investigation and other information) used
to grant initial top secret clearances in July 2008, were missing
required documentation.[Footnote 16]
In June 2005, the President issued an executive order as part of the
administration's efforts to improve the security clearance process and
to implement the statutory clearance requirements in IRTPA.[Footnote
17] This order tasked the Director of OMB with a variety of functions
in order to ensure that agency processes relating to determining
eligibility for access to classified national security information were
appropriately uniform, centralized, efficient, effective, timely, and
reciprocal. Since 2005, OMB's former Deputy Director for Management has
taken several actions to improve the security clearance process. These
actions include establishing an interagency working group to improve
the reciprocal acceptance of clearances issued by other agencies and
taking a lead role in preparing a November 2005 plan to improve the
timeliness of personnel security clearance processes governmentwide.
The November 2005 plan included quarterly timeliness goals for initial
investigations of clearances from November 2005 through December 2006
and an action plan for improving the security clearance process to meet
the requirements of IRTPA, such as timeliness, reciprocity, and the
establishment of an integrated database to track investigative and
adjudicative information.
The Joint Reform Team submitted its first reform plan to the President
on April 30, 2008; the plan presented a proposed transformed security
clearance and suitability process. (See fig. 2.) The plan also
presented a new 7-step process for determining eligibility: (1)
validating the need for security or suitability investigation and
adjudication, (2) an electronic application, (3) automated records
checks, (4) electronic adjudication, (5) an enhanced subject interview,
(6) an expandable focused investigation, and (7) continuous evaluation
of persons with security clearances. The key differences between this
design and the current process are more extensive use of information
technology from beginning to end and a more customized approach to
investigations through in-depth personal interviews and targeted use of
human investigative resources.
Figure 2: Transformed Suitability and Security Clearance Process
Design:
[Refer to PDF for image: illustration]
Validate need:
Validate hiring and clearing request against mission needs.
eApplication:
Interactive tool with branching questions to develop information on
which to base evaluation.
Automated record checks (ARC):
Utilize both government and commercial data for investigations at all
tiers.
eAdjudication:
Automated electronic clearance decision applying well-defined business
rules to nonissue secret cases.
Enhanced subject interview:
In-depth subject interview based on application information and results
of ARCs.
Expandable focused investigation:
Target use of human investigative resources to focus on issue
resolution or mitigation.
Continuous evaluation:
Utilize ARCs annually for all Top Secret/Sensitive Compartmented
Information cleared personnel; no less than once every 5 years for
those with Secret clearance.
Source: Joint Reform Team.
[End of figure]
The Joint Reform Team's April 2008 plan also proposed a new executive
branch governance structure for coordinating security clearance and
suitability decisions, and on June 30, 2008, the President issued
Executive Order 13467 that established the Performance Accountability
Council. In accordance with Executive Order 13467, the Performance
Accountability Council is accountable to the President to achieve
reform goals, drive implementation, and oversee clearance reform. The
council comprises representatives from 11 executive agencies. (See fig.
3.) The Joint Reform Team--composed of staff from OPM, DOD, and ODNI--
is not formally part of the governance structure established by
Executive Order 13467 but in practice reports to the Performance
Accountability Council and is responsible for policy, process, and
information technology in accordance with the council's charter. In
addition, two subcommittees at the working level also report to the
council. The Training Subcommittee is developing training standards
that will be used to help align security and suitability processes, and
the Performance Measurement and Management Subcommittee is developing
performance metrics that the council will use to assess the timeliness
and quality of the investigative and adjudicative processes, among
other things. Following implementation of the performance metrics,
subcommittee members will continue to assess the metrics and update
them to inform policymakers on the reform process.
Figure 3: Governance of Security and Suitability Clearance Processes:
[Refer to PDF for image: illustration]
Top level:
Performance Accountability Council:
* Chair, Deputy Director for Management, Office of Management and
Budget;
* Composed of representatives from 11 federal agencies[A];
* Tasked with implementing and overseeing governmentwide security
clearance reform.
Suitability Executive Agent:
* Director of Office of Personnel Management;
* Responsible for developing and implementing uniform suitability
policies and procedures.
Security Executive Agent:
* Director of Office of Director of National Intelligence;
* Responsible for directing and overseeing investigations and
determinations of eligibility for access to classified and sensitive
information.
Second level (reporting to Performance Accountability Council):
Joint Reform Team:
* Composed of personnel from Department of Defense, Office of Director
of National Intelligence, Office of Management and Budget, and Office
of Personnel Management;
* Performs research and analysis on Policy, information technology, and
processes for the Performance Accountability Council;
* Recommends research priorities and oversees the development and
implementation of the information technology strategy.
Training Subcommittee:
* Co-Chairs, Office of Personnel Management/Department of Defense;
* Establish training standards for security and suitability
investigations and adjudications;
* Ensures that agencies train staff according to established standards.
Performance Measurement and Management Subcommittee:
* Co-Chairs, Director of National Intelligence/Office of Personnel
Management;
* Establish annual goals and progress metrics and prepare annual
performance reports;
* Monitor security clearance timeliness and quality.
Third level (direct relationship with Joint Reform Team):
Policy:
* Advise the executive agents on policies affecting the alignment of
investigations and adjudications.
Process:
* Recommend research priorities;
* Ensure sharing of best practices;
* Develop tools and techniques for enhancing investigations.
Information Technology:
* Establish enterprise information technology strategy;
* Oversee the development and implementation of end-to-end automated
system.
Source: GAO analysis of the Joint Reform Team data.
Note: The Joint Reform Team is not formally part of the governance
structure established by Executive Order 13467, but in practice reports
to the Performance Accountability Council.
[A] The 11 federal agencies represented on the Performance
Accountability Council are OMB, ODNI, OPM, DOD, the Department of
State, the Federal Bureau of Investigations, the Department of Homeland
Security, the Department of Energy, the Department of Health and Human
Services, the Department of Veterans Affairs, and the Department of the
Treasury.
[End of figure]
Initial Reform Efforts Have Partially Aligned with Key Practices but
Lack a Fully Developed Strategic Framework with Outcome-Focused
Performance Measures to Show Progress:
Although initial reform efforts have, in part, aligned with established
key practices for organizational transformation, it is difficult to
assess the progress of reform or determine if corrective action is
needed. In September 2002, GAO convened a forum to identify and discuss
practices and lessons learned from major private and public sector
organizational mergers, acquisitions, and transformations that can
serve as a guide as federal agencies transform their processes in
response to governance challenges.[Footnote 18] Consistent with some of
these key practices, the Performance Accountability Council's
membership currently includes senior executive leaders from 11 federal
agencies. However, because the reform efforts are missing important
elements of a strategic framework that are also consistent with the
Government Performance and Results Act of 1993 (GPRA), such as long-
term goals with related outcome-focused performance measures that show
progress or identify obstacles to progress and possible remedies, the
reform effort is not able to demonstrate incremental progress toward
strategic goals, and the effort runs the risk of losing momentum and
governmentwide buy-in.
Key Practices for Large-Scale Transformations:
Planning and implementing a large-scale transformation such as
reforming the personnel security clearance process is not a simple
endeavor and requires the concentrated efforts of both leadership and
employees across government. Participants in a forum GAO convened in
2002 generally agreed on a number of practices that can serve as a
guide for organizational mergers, acquisitions, and transformations,
including committed leadership, a mission with strategic goals,
implementation goals and a timeline, and a formal communication
strategy. These key practices, among others, are as follows:
* Ensure that top leadership drives the transformation. Leadership must
set the direction, pace, and tone and provide a clear, consistent
rationale that brings everyone together behind a single mission.
* Dedicate an implementation team to manage the transformation process.
A strong and stable team is important to ensure that the transformation
receives the needed attention to be sustained and successful.
* Establish a coherent mission and integrated strategic goals to guide
the transformation. Together, these define the culture and serve as a
vehicle for employees to unite and rally around.
* Focus on a key set of principles and priorities at the outset of the
transformation. A clear set of principles and priorities serves as a
framework to help the organization create a new culture and drive
employee behaviors.
* Use the performance management system to define responsibility and
ensure accountability for change. This system shows how team, unit, and
individual performance can contribute to overall organizational
results.
* Set implementation goals and a timeline to build momentum and show
progress from day one. Goals and a timeline are essential because the
transformation could take years to complete.
* Establish a communication strategy to create shared expectations and
report related progress. The strategy must reach out to employees,
customers, and stakeholders and engage them in a two-way exchange.
* Involve employees to obtain their ideas and gain their ownership for
the transformation. Employee involvement strengthens the process and
allows employees to share their experiences and shape policies.
The Reform Effort Has Benefited from Committed Leadership and a
Dedicated Implementation Team, but Sustainment Is Key:
High-level leaders--including senior officials from OMB, DOD, OPM,
ODNI, and seven other federal agencies--have made a commitment to the
governmentwide security clearance reform efforts. In a February 2008
memo, the President directed OMB, OPM, ODNI, and DOD to submit an
initial security clearance reform proposal by April 30, 2008. Executive
Order 13467 further demonstrated leadership commitment to security
clearance reform by creating a governance structure--the Performance
Accountability Council. The council is accountable to the President to
achieve the goals of reform stated in Executive Order 13467, drive
implementation, and sustain reform momentum. The council's governance
structure is permanent, unless it is altered by a new executive order
or law. The Chair of the council provides direction and has control
over its functions and the authority to make final decisions and
appoint members. The council has met monthly since July 2008 to share
information and make decisions to drive the reform process, although,
as of this report's issue date, the chair position, which is held by
OMB's Deputy Director for Management, has remained vacant since January
2008, and no presidential appointee has yet been named. Without
continued committed leadership and sustained support from the new
administration, it will be difficult to complete the reform efforts and
sustain the interagency collaboration that is needed to move this
effort forward.
In addition to high-level leadership, the reform effort has benefited
from a dedicated implementation team to manage the transformation
process from the beginning. The Joint Reform Team--composed of staff
from multiple agencies, including OMB, DOD, OPM, and ODNI--is a
dedicated team that works full-time on security clearance reform.
[Footnote 19] The Joint Reform Team is responsible for day-to-day
management of the reform effort, and it produces the key reports to the
President that update the status of the efforts and lay out future
plans, such as the April and December 2008 reports and the March 2009
information technology strategy report. Within the reform team, four
senior executives--one from each agency--guide the effort to streamline
and modernize the security clearance process. Under the senior
executives are senior leaders who manage the reform effort on a daily
basis, including approximately 17 full-time staff members--some with
backgrounds in personnel security and others with DOD business
transformation experience--who work in the areas of policy, process
improvement, and information technology development. These staff
members are "on loan" from the parent agencies, and although the Joint
Reform Team currently does not have an end date, officials told us that
they expect the team to stay in place at least through 2010.
The Reform Effort Lacks a Strategic Framework That Includes Important
Elements of a Successful Transformation:
It is unclear how the planned transformation of the security clearance
process will identify success or how long the reform effort will take
because the effort lacks a strategic framework that includes important
elements of successful transformations such as a coherent mission
statement, long-term strategic goals, outcome-focused performance
measures, and a comprehensive communication strategy.
Mission and strategic goals: Neither the Joint Reform Team's April nor
December 2008 reports to the President define the mission or strategic
goals of the reform effort. In its April 2008 report, the Joint Reform
Team articulated principles for the reformed process: (1) more relevant
information is collected and validated at the beginning of the security
clearance process, (2) automation is used to make the process faster,
(3) field investigative activity is focused, (4) risk decisions rely on
modern analytic methods rather than practices that avoid risk, (5)
relevant data are better used for subsequent hiring and clearing
decisions, and (6) continuous evaluation techniques replace periodic
reinvestigations. These principles help explain the purpose of the
reformed 7-step clearance process, but they do not articulate a mission
statement that concisely summarizes the main purposes for the reform
effort's major functions and operations or strategic goals that
encompass the long-term outcomes that the governmentwide reform effort
is intended to achieve. Strategic goals explain what results are
expected and when to expect those results, should correspond to the
purposes set forth in an organization's mission statement, and develop
with greater specificity how the organization will carry out its
mission. Strategic goals cannot exist without a mission statement to
drive and tie them together.[Footnote 20]
In designing a new personnel security clearance system, GPRA may be a
useful resource for both the team designing the system and the
congressional committees overseeing the design and implementation. GPRA
provides a framework for strategic performance planning and reporting
intended to improve federal program effectiveness and hold agencies
accountable for achieving results. Agencies that effectively implement
GPRA's results-oriented framework clearly establish performance goals
for which they will be held accountable, measure progress toward those
goals, determine strategies and resources to effectively accomplish the
goals, use performance information to make the programmatic decisions
necessary to improve performance, and formally communicate results in
performance reports.
Furthermore, in a successful transformation effort, developing,
communicating, and constantly reinforcing the effort's mission and
strategic goals helps employees understand how their positions fit in
with the new organization and what they need to do differently to help
the new organization achieve success. When we asked leaders, staff
members, and stakeholders of the reform effort to define the reform
effort's strategic goals, they identified different goals, such as
IRTPA requirements and making the security clearance process more
timely, more cost-efficient, and higher quality. Moreover, strategic
goals are an integral part of the performance management systems for
leaders and employees. Although senior leaders from the Joint Reform
Team told us that their agencies respective performance management
systems assessed their performance according to the contributions they
make to the reform efforts, without a clear mission and strategic goals
to align with individual expectations, employees are not necessarily
held accountable for whether they are achieving desired results.
Timeline for implementation and outcome-focused performance measures:
Although the December 2008 report contains a timeline for
implementation of aspects of the reformed process through December 2009
and cites estimated operational dates for elements of the reformed
process through 2010, leaders of the Joint Reform Team acknowledged
that they are in the initial stages of reaching out to agencies across
the federal government, including the intelligence agencies, to
determine how and when the reformed process will be implemented
governmentwide. In addition, the reform effort currently lacks outcome-
focused performance measures to assess whether it is achieving the
desired results (i.e., its strategic goals). Consequently, the leaders
of the reform effort--as well as Congress and the administration--have
no way of measuring whether the reform effort is making progress toward
resolving long-standing problems with the security clearance process,
and the effort runs the risk of losing momentum. According to key
practices for transformations, implementation goals and a timeline are
essential to show progress from day one because transformations could
take many years to complete.
Although neither the Joint Reform Team nor the Performance
Accountability Council developed metrics to assess the progress of the
reform effort, the key reform reports discuss several metrics that the
council developed to evaluate factors like timeliness and quality once
the reformed process is implemented. The council is working to finalize
these metrics. Concerning timeliness, the reports describe the IRTPA
requirement to complete 90 percent of security clearance determinations
within an average of 60 days, to the extent practical, as their target.
According to the key reports, the Performance Accountability Council
established measures for end-to-end, initiation, investigation, and
adjudication times.[Footnote 21] Concerning quality, the reports
describe two measures that the council is developing. First, the
council developed a measure of investigative quality that tracks the
number of deficient investigative cases that adjudicators return for
further investigation. We have previously reported that deficient cases
alone are not a valid indicator of quality because adjudication
officials told us that they were reluctant to return incomplete
investigations as they anticipated this could lead to delays.[Footnote
22] Second, the reform effort plans to require adjudicators to complete
a survey about the quality of investigations. Clearly defined
timeliness and quality metrics can improve the security clearance
process by enhancing oversight of the time required to process security
clearances and the quality of the investigation and adjudicative
decisions. Further, in our May 2009 report on DOD's personnel
clearances, we recommended that OMB provide Congress with results of
metrics on comprehensive timeliness and the quality of investigations
and adjudications as part of the IRTPA-required annual reports on
personnel security clearances.[Footnote 23] Until the Performance
Accountability Council finishes developing metrics to evaluate
efficiency and effectiveness of the clearance process, Congress and the
council will be limited in their ability to effectively oversee the
reformed process and identify problems with delays in the processing of
clearances or inadequate quality.
Formal communication strategy and stakeholder involvement: The
Performance Accountability Council and Joint Reform Team have
communicated with executive branch agencies that request and grant
security clearances and suitability determinations, but they lack a
formal, comprehensive communication strategy that reaches out to their
stakeholders and engages them in the reform process. According to
transformation key practices, a two-way exchange between leadership,
employees, and stakeholders early and often helps build trust and
shared expectations. The Joint Reform Team used its April and December
2008 reports as its primary vehicles to communicate plans for the new
process with all stakeholders. In addition, the council holds monthly
meetings and updates high-level leadership from its 11 member agencies
on the progress of the reform efforts. Further, senior reform leaders
have communicated with stakeholders governmentwide through a series of
briefings that involve senior officials and personnel. Still, some
stakeholders at agencies not represented on the Joint Reform Team told
us that they are unclear how they will implement the new process. For
example, they were not sure how the reform would affect their day-to-
day operations or if they would be responsible for funding some of the
automated aspects of the reformed process. More recently, in January
2009, the Joint Reform Team held a governmentwide meeting to assess
agencies' ability to implement the new process. The Joint Reform Team
administered a questionnaire, which included questions regarding
federal agencies' ability to use existing information technology
systems to process clearances. Except for the January 2009 meeting and
questionnaire, the communication efforts have not promoted the kind of
two-way communication necessary to ensure the successful completion of
the transformation. Without a formal communication strategy for
reaching out to stakeholders, including a built-in mechanism for two-
way communication between those leading reform efforts and the
stakeholders, the reform effort risks undermining support for the
transformation by creating uncertainty and mistrust among stakeholders
about planned changes. In addition, the Joint Reform Team may not be
able to identify barriers or obstacles to achieving their goals and
identify mitigation strategies.
Joint Reform Reports Have Begun to Address Factors That Are Critical to
Reforming the Security Clearance Process:
The joint reform reports--issued by the Joint Reform Team to the
President and signed by the former Deputy Director of Management at OMB
in his capacity as Chair of the Performance Accountability Council--
include plans that begin to address factors that are critical to
reforming the security clearance process. Our prior work identified
factors key to reforming the clearance process, and IRTPA identified
two additional criteria, that are also essential to reforming the
clearance process. These factors include (1) a sound requirements
determination process, (2) governmentwide reciprocity, (3) the building
of quality into every step of the process, (4) consolidated information
technology, and (5) the identification and reporting of long-term
funding requirements.[Footnote 24] Key reports from the Joint Reform
Team begin to address four of these essential factors for reform,
although they do not contain any information on roles and
responsibilities for the information technology strategy or long-term
funding requirements. Table 1 summarizes the results of our comparison
of the joint reform reports against these five factors for reform.
Table 1: Summary of the Degree to Which Joint Reform Plans Address
Factors Critical to Reforming the Personnel Security Clearance Process:
Factors critical to reform: Establish a sound requirement determination
process;
Completed: [Empty];
In process: [Check];
Not addressed: [Empty];
Summary of findings: The reports establish a process for eliminating
duplicative applications and investigations. The Joint Reform Team
estimated that this would be operational by 2010. However, the reports
do not provide a mechanism or requirement for federal agencies to
review their positions to help ensure their clearance levels and
numbers accurately reflect mission needs.
Factors critical to reform: Establish governmentwide reciprocity;
Completed: [Empty];
In process: [Check];
Not addressed: [Empty];
Summary of findings: One of the key reports specifies that employers or
agencies will check the appropriate databases to determine if
individuals selected for federal positions or to work as contractor
employees have qualifying clearances or open investigations that meet
current requirements. However, the measures established by the reports
for reciprocity are limited to ensuring that agencies rely on existing
questionnaires and investigations when available. Further, there are no
enforcement mechanisms to help ensure that agencies comply with
reciprocity requirements. Also, it is unclear how the intelligence
community plans to implement reciprocity.
Factors critical to reform: Build quality into every step of the
process;
Completed: [Empty];
In process: [Check];
Not addressed: [Empty];
Summary of findings: According to one of the key reports, most of the
phases of the reformed process design incorporate quality control
mechanisms. For example, the electronic adjudication phase will
incorporate an audit function for continuous assurance and quality
control of its results. It is unclear how quality will be incorporated
into the enhanced subject interview and expandable focused
investigation steps.
Factors critical to reform: Develop and consolidate information
technology;
Completed: [Empty];
In process: [Check];
Not addressed: [Empty];
Summary of findings: Through reform, the Joint Reform Team has
evaluated and incorporated new technology to automate the process. The
key reports provide a basic timeline for implementing a new automated
process. Further, at present, there are three separate database
platforms storing the majority of clearance information; however there
is the ability to access two of the systems from a single access point.
The Joint Reform Team developed an Enterprise Information Technology
Strategy to support the advancement of the reformed process, but it did
not define roles and responsibilities for the agencies involved in the
reform effort.
Factors critical to reform: Provide Congress with long-term funding
requirements;
Completed: [Empty];
In process: [Empty];
Not addressed: [Check];
Summary of findings: The reports do not detail what reform objectives
require funding, how much they will cost, or where funding will come
from. Furthermore, the reports do not estimate potential cost savings
resulting from the streamlined process. Senior reform leaders stated
that cost estimates have not been completed by the Joint Reform Team or
the agencies affected by reform as it is too early. Officials from DOD
and OPM noted that they would cover costs for major information
technology acquisitions.
Source: GAO analysis.
[End of table]
As table 1 shows, the reform reports show that the Joint Reform Team is
in the process of addressing four out of five of these factors critical
to reforming the security clearance process:
Establish a sound requirement determination process: The key reform
reports begin to address the need for agencies to request the
appropriate number of clearances at the appropriate levels; however,
the reports do not provide a mechanism for ensuring that the number and
level of clearances being requested reflect the mission needs of the
requesting agencies. By establishing an initial phase in the revised
clearance process by which agencies will validate that each application
and investigation they request is required to carry out their missions,
the reform team expects to eliminate duplicative applications and
investigations.[Footnote 25] If an existing federal employee or
contractor with an active security clearance accepts a position that
requires a clearance of the same level at a different federal agency,
the new agency is expected to first verify that the applicant has an
existing clearance. Additionally, the reports stress the importance for
agencies to request clearances at the appropriate clearance levels--
that is, confidential, secret, or top secret--for their positions.
However, we have previously reported, for example, that a growing
percentage of DOD requests for clearances are at the top secret
level.[Footnote 26] According to OPM, top secret clearances require
about 10 times more hours, in the current clearance process, to
investigate than secret or confidential clearances. Further, each
standard top secret investigation cost DOD $3,888 as part of the
current process. According to the Joint Reform Team, of the
approximately 2.4 million DOD civilians, military, and contractor
personnel who hold security clearances, approximately 387,000 of those
clearances are top secret.[Footnote 27] However, the reports do not
require the agencies to assess the numbers and levels of clearances
needed to fulfill their missions. Without a sound process for
determining security clearance requirements, clearance requests could
result in wasteful spending of government resources if clearances are
requested at levels that are not necessary to meet the needs of some
missions. Conversely, if agencies or military services do not request
enough clearances at the appropriate levels, they may not have enough
staff with sufficient clearances to manage their classified workloads.
Establish governmentwide reciprocity: One of the key reform reports
states that reciprocity--an agency's acceptance of a clearance and
access level granted by another department, agency, or military
service--will be measured by the number of agencies that ask newly
hired personnel, who already have security clearances, to complete
personnel security clearance questionnaires and then request new
investigations for those same personnel. IRTPA states that all security
clearance determinations shall be accepted by all agencies, with
limited exceptions when necessary for national security purposes.
According to one of the key reports, employers or agencies are to check
the appropriate databases to determine if individuals selected for
federal positions or to work as contractor employees already have
qualifying clearances or open investigations. However, the reports do
not contain any measures related to the reciprocal acceptance of
previous adjudications--which are the final determinations as to
whether to grant a clearance to an applicant.[Footnote 28] Furthermore,
the plans do not contain an enforcement mechanism to ensure that
agencies comply with reciprocity requirements, and no information
exists on who will monitor reciprocity or how noncompliant agencies
will be addressed. In addition, the key reform reports indicate that
the Performance Accountability Council is taking steps to make
investigations and adjudications more consistent across the government
by standardizing the training of investigators and adjudicators and
automating parts of the process. For example, the reports discuss the
development of core courses as well as a formalized certification for
investigators and adjudicators. According to senior leaders of the
reform effort, these steps will enable reciprocal acceptance of
clearance decisions governmentwide. However, the key reports do not
address plans to implement reciprocity among the intelligence agencies,
which require more information--such as a polygraph of the applicant as
part of an applicant's investigation--than agencies that are outside
the intelligence community. Officials told us that they are in the
initial phase of reaching out to intelligence agencies to address their
concerns. Until all federal agencies begin to practice reciprocity of
clearance investigations and adjudications--barring specific concerns-
-unnecessarily duplicative clearance investigations and adjudications
will continue to slow the investigative and adjudicative process for
all clearances and waste government resources.
Build quality into every step of the process: The key reform reports
are beginning to incorporate quality control mechanisms in certain
steps of the reformed 7-step security clearance process. For example,
one step in the reformed process is "e-Adjudication" which involves
automated electronic clearance decisions for applicants whose automated
records checks did not reveal any issues that require further
investigation before being forwarded to an adjudicator. According to
key reform reports, to build quality into e-Adjudication, DOD issued
guidance in November 2008 that required DOD adjudicators to
simultaneously adjudicate files electronically (or automated) and
manually (by a person reviewing an investigation file) as part of
initial implementation of electronic adjudication. This simultaneous
approach to adjudication is to evolve into a long-term program for
continuous assurance and quality control. However, it is unclear how
the reform team will incorporate quality into the other six steps of
the reformed process, such as the enhanced subject interview (step 5 in
the reformed process) in that the reform reports do not describe how
these interviews will be structured and monitored to ensure consistency
and quality control. Officials within various executive branch agencies
raised this as an area of concern, citing that the information gathered
during the interview and investigative portion of the process is
essential for making adjudicative decisions.
Develop and consolidate information technology: According to our
analysis of key reform reports, the reform effort is beginning to use
information technology to improve the clearance process. IRTPA requires
OMB to evaluate the use of available technology in security clearance
investigations and adjudications. To improve the security clearance
process, the Joint Reform Team conducted demonstration activities to
determine how to automate the process and has issued an Enterprise
Information Technology Strategy to support the advancement of the
reformed security and suitability process. This strategy provides a
framework for federal agencies to collaborate on leveraging existing
systems and capabilities currently in operation. In addition, this
strategy is intended to establish a new end-to-end governmentwide
capability to support the reformed 7-step security and suitability
process. Agencies requesting and investigating clearances are expected
to use this new automated application, adjudication, monitoring, and
record-check process, which the Joint Reform Team expects to improve
the timeliness of clearances governmentwide by the end of 2010,
according to key reports. The reform team is currently working with
individual agencies to assess their information technology capabilities
and assist with the development of agency information technology
implementation plans to determine how to transition all agencies to the
automated capability described in key reports. In addition, the Joint
Reform Team is in the process of weighing options for the architecture
of the future automated system that it is planning to implement
throughout government during 2009 and 2010.
However, the strategy does not define the roles and responsibilities
for the agencies involved in the reform effort. Our prior work has
stressed the importance of defining clear roles and responsibilities
before the implementation of information processing systems.[Footnote
29] Establishing clearly defined roles and responsibilities on a cross-
agency initiative helps to ensure that responsible agencies have a
clear understanding of what they are expected to contribute and produce
in support of the initiative. These roles and responsibilities for
cross-agency programs are generally documented in memorandums of
understanding between agencies. Because the Joint Reform Team has not
established clear roles and responsibilities for the agencies involved,
it will be difficult to hold agency leadership accountable and achieve
a joint vision.
IRTPA also requires OPM to establish an integrated database that tracks
investigation and adjudication information, and authorizes the
appropriation of necessary funding for that database's implementation.
However, at present, no single database exists, and the key reports
that we reviewed do not discuss any plans for meeting the single
database requirement. Executive branch agencies currently use three
separate database platforms (the Joint Personnel Adjudication System,
Clearance Verification System, and Scattered Castles)[Footnote 30] to
house clearance information. The Joint Reform Team's December 2008
report discusses plans to improve access to records through the
Clearance Verification System in order to enhance the reciprocity of
investigations and clearance determinations. However, it is not
possible, according to senior reform leaders, to determine the total
number of personnel with security clearances through any one of these
platforms. The platforms are intended to allow security professionals
to search for information on individuals who have clearances, but not
to aggregate data on the total number of clearance holders. Further,
some officials we spoke with expressed concerns about the potential
security risks involved in the event of the unauthorized disclosure of
names and other sensitive information about cleared intelligence agency
personnel contained in Scattered Castles. Currently the Joint Reform
Team is working with intelligence agencies to develop a solution that
aligns with IRTPA while addressing those agencies' concerns. However,
this outreach is in its early stages, and according to reform team
members, it will take time to develop an information technology
solution for sharing information between classified and unclassified
databases.
Provide Congress with long-term funding requirements: Although senior
reform leaders have stated that primary reform costs will be paid by
DOD and OPM, key reform reports do not contain any information
regarding the Joint Reform Team's plans to identify what initiatives
require funding, specify how much funding will be required, specify
when funding will be needed and how it will be budgeted, or estimate
any potential cost savings that could result from the reformed system.
Further, some agencies have expressed concern that they will be
responsible for funding elements of reform from within their budgets,
yet these organizations do not know what they may have to fund or where
the money will come from. Without long-term funding requirements,
leaders of the reform effort will be unable to compare and prioritize
alternative proposals for reforming the clearance processes. Further,
the omission of long-term funding requirements limits the ability of
decision makers in the executive branch to carry out their budgetary
development and oversight functions and limits Congress's ability to
oversee the reform process and fully assess appropriation requests.
This is especially critical given the long-term fiscal constraints that
the nation faces. In particular, federal agencies may be faced with
tough future budgetary trade-offs for competing demands for resources
within the department.
Conclusions:
The ongoing governmentwide security clearance reform effort involves
the transformation and integration of multiple processes and policies,
as well as the development of a new automated system, to make the
security clearance process more efficient and effective. Under the
leadership of OMB, the Joint Reform Team has taken several actions to
improve the security clearance process during the past year. Further,
the April 2008, December 2008, and March 2009 reform reports
collectively are a step forward. However, the Joint Reform Team will be
limited in its ability to demonstrate progress without a strategic
framework that can serve as a roadmap by identifying intended outcomes
of the reform, key outcome-based performance measures with which to
measure progress, and any costs associated with the reformed process.
With an outcome-based strategic framework in place that includes two-
way communication with stakeholders, the degree of ultimate success of
the reform effort depends on the extent to which the Joint Reform Team
is able to fully address, among other things, ensuring the numbers and
levels of investigations reflect agencies' missions, achieving
reciprocity, identifying funding requirements, developing and
implementing an information technology strategy, and making other much-
needed improvements to the clearance process as the reforms move
forward. The security clearance reform process has already been
underway for several years, and various agencies involved have created
and revised several plans for improvement. Although the high-level
leadership and governance structure of the current reform effort
distinguish it from previous efforts, without a strategic framework
that fully addresses the long-standing security clearance problems and
incorporates key practices for transformation--including the ability to
demonstrate progress leading to desired results--the effort is at risk
of losing momentum and not being fully implemented.
Recommendation for Executive Action:
To further align the reform effort with key practices for
organizational transformations and better address the long-standing
problems, we recommend that the OMB Deputy Director of Management in
the capacity as Chair of the Performance Accountability Council, ensure
that the appropriate entities--such as the Performance Accountability
Council, its subcommittees, or the Joint Reform Team--take the
following action:
Establish a strategic framework for the joint reform effort to include:
* a mission and strategic goals;
* the progress of the reform effort toward meeting its goals and
addressing long-standing problems with the security clearance process;
* a formal, comprehensive communication strategy that includes
consistency of message and encourages two-way communication between the
Performance Accountability Council and key stakeholders;
* clear roles and responsibilities for the implementation of the
information technology strategy, for example, by establishing
memorandums of understanding delineating the roles and responsibilities
of all agencies responsible for developing and implementing components
of the information technology strategy; and:
* long-term funding requirements for security clearance reform,
including estimates of potential cost savings from the reformed
process, to be provided to decision makers in Congress and the
executive branch.
Agency Comments and Our Evaluation:
In oral comments on a draft of this report, OMB stated that it
partially concurred with our recommendation to establish a strategic
framework for the joint reform effort and that the views contained in
written agency comments on our draft report provided to us jointly by
DOD and ODNI were in alignment with those of OMB. In those written
comments, DOD and ODNI also partially concurred with our recommendation
to establish a strategic framework for the joint reform effort. While
DOD and ODNI stated that many observations in our report provided a
fair assessment of the current state of clearance reform, they also
stated that our review appears to draw overly broad conclusions from
limited evidence and noted their view that our report did not take into
account that some important components of reform remain in different
stages of development and will therefore follow a phased implementation
plan. To address our objectives during the course of our review, we
collected and analyzed reports and documents related to the reform
effort produced by the Joint Reform Team and the Performance
Accountability Council, and conducted interviews with relevant
officials from the Joint Reform Team, Performance Accountability
Council, and other agencies in the federal government involved in the
reform effort. We than compared our analysis of the reform effort to
GAO's previously issued key practices for organizational
transformations. We agree that components of the reform are in
different stages of development and in places specifically
characterized efforts as being in their initial stages. The combined
DOD and ODNI official comments are reprinted in appendix II.
Additionally, DOD and ODNI commented on the specific elements of the
strategic framework that we included as part of our recommendation.
* Mission and strategic goals: DOD and ODNI stated that we had faulted
the reform effort for failing to define its mission or strategic goals
in the April and December 2008 reports and that we had implied that the
effort had none. They added that their July 2007 Terms of Reference--a
memorandum from the Director of National Intelligence to the Under
Secretary of Defense for Intelligence and the Deputy Director of
National Intelligence for Policy, Plans, and Requirements--articulated
the aims of the reform effort. These aims were to achieve comprehensive
reform of the end-to-end security clearance process delivering high-
assurance security clearances fairly, efficiently, and at the lowest
reasonable cost to the federal government. DOD and ODNI also stated
that the reform effort aims were reiterated and supported by additional
detail in the April and December 2008 reports. While this statement
could serve to communicate the reform effort's strategic goals, we
continue to note that the reform team has not communicated strategic
goals in its publicly issued joint reform reports that collectively
communicate the reform plans. Further, as we discussed in our report,
members of the Joint Reform Team and others involved in the reform
effort did not consistently identify the same goals of the reform
effort. Accordingly, we believe that the mission and strategic goals of
the reform effort should be clearly identified and stated as part of
the strategic framework as the reform effort moves forward.
* Outcome-focused performance measures: In their comments, DOD and ODNI
agreed that the reform effort must contain outcome-focused performance
measures, but added that these metrics must evolve as the process
improvements and new capabilities are developed and implemented because
the effort is iterative and in phased development. They also stated
that our report claims a lack of metrics to assess the progress of the
reform effort, and disagreed with us that it will be difficult to
measure whether the reform effort is making progress, stating that the
December 2008 report details key milestones and an implementation
timeline that the Performance Accountability Council will oversee to
monitor and drive progress. While we are encouraged that DOD and ODNI
agree that outcome-focused performance measures are needed, we continue
to believe that these metrics should be identified now. We acknowledge
that the reform effort is iterative and that the reform team has
developed timelines for implementation. We agree that timelines and
milestones are useful. However, we also continue to believe that
outcome-focused performance measures are a critical tool that in
addition to timelines can be used to guide the reform effort and allow
overseers to determine when the reform effort has accomplished it goals
and purpose. Further, performance measures can help the leaders assess
if the effort is getting off track or not moving toward accomplishing
its goals so that the leaders can take corrective actions, which is
important during an iterative or phased development effort such as the
reform effort.
* Comprehensive communication strategy: In response to our finding that
the reform effort lacks a formal, comprehensive communication strategy,
DOD and ODNI agreed with us that communication is essential. They
acknowledged that the reform effort has not had a formal, written
communication strategy, but added that the leadership of the reform
effort has aggressively pursued strategic communication opportunities
at each phase of the reform effort and continues to do so. They
encouraged us to give full consideration to extensive and repeated
efforts undertaken by several individuals involved in the process. We
do state in our report that leaders of the reform team have made
multiple efforts to communicate with stakeholders about the reform
effort. Furthermore, we also agree with DOD and ODNI statements in
their agency comments that stakeholders may be resistant to change.
During our interviews with agency officials we heard some of that
resistance voiced. Therefore, we continue to believe it is essential
that the Joint Reform Team develop a formal communication strategy to
ensure that information is consistently and accurately provided to
stakeholders, including federal agencies governmentwide that will be
implementing the reformed process.
* Information technology implementation roles and responsibilities: DOD
and ODNI stated that information technology has always been used in the
clearance process, and that the reform effort's approach to improving
the use of information technology is to leverage existing systems and
capabilities, where applicable, and develop new tools where necessary.
We agree and state that the Joint Reform Team is currently working with
individual agencies to assess their information technology
capabilities, and that the reform team is in the process of weighing
options for the architecture of the future automated system that it is
planning to implement during 2009 and 2010. DOD and ODNI agreed with
our report that clearly defined roles and responsibilities are key to
the success of cross-agency information technology initiatives. They
asserted that considerable work has already been done, but added that
even clearer roles and responsibilities will be identified moving
forward. Regarding our finding that at present no single database
exists in accordance with IRTPA that requires OPM to establish an
integrated database that tracks investigations and adjudication
information, DOD and ODNI stated that the reform effort continues its
iterative implementation of improvements to systems that improve access
to information that agencies need.
* Long-term funding requirements: Regarding our finding that key reform
reports do not contain long-term funding requirements, DOD and ODNI
concurred that there is much more work to be done in this area, and
stated their intention to plan for and address additional funding
requirements, as required.
DOD and ODNI also provided technical comments, which we have
incorporated in the report as appropriate.
In addition, OPM provided written comments on a draft of this report,
which are reprinted in appendix III, and technical comments, which we
have incorporated in the report as appropriate. As part of its written
comments, OPM stated that it met the timeliness goals of security
clearance investigations set by IRTPA. Although timeliness was not the
focus of this review, we acknowledge this in our report. OPM also noted
that the suitability and security process should be aligned where
appropriate, and stated that the governance structure established by
Executive Order 13467 and the reform initiatives discussed in this
report are under review by the new administration. OPM, therefore,
concluded that while our findings and recommendations merit
consideration, it would not be productive to address the concerns about
the "past management of the reform process."
As agreed with your offices, unless you publicly announce the contents
of this report earlier, we plan no further distribution until 30 days
from the report date. At that time, we will send copies of this report
to the Director of the Office of Management and Budget, the Secretary
of Defense, the Director of the Office of the Director of National
Intelligence, and the Director of the Office of Personnel Management.
In addition, the report will be available at no charge on the GAO Web
site at [hyperlink, http://www.gao.gov].
If you or your staff have any questions on the information discussed in
this report, please contact me at (202) 512-3604 or farrellb@gao.gov.
Contact points for our Offices of Congressional Relations and Public
Affairs may be found on the last page of this report. GAO staff who
made key contributions to this report are listed in appendix IV.
Signed by:
Brenda S. Farrell, Director:
Defense Capabilities and Management:
[End of section]
Appendix I: Scope and Methodology:
Scope:
The scope of our work included governmentwide reform efforts that were
initiated by the Joint Reform Team. These reform efforts will affect
the suitability and security clearance investigation and adjudication
decisions of all federal employees, including military servicemembers
and federal contractors from private industry.
Methodology:
To determine the extent to which efforts to reform the personnel
security clearance process are consistent with key practices that GAO
has identified for organizational transformations, we collected and
analyzed reports and documents related to the reform effort produced by
the Joint Reform Team and the Performance Accountability Council.
Specifically we reviewed documents regarding the structure of the
Performance Accountability Council, including the charter and
membership documentation. We reviewed key legislation and executive
policies, including the Intelligence Reform and Terrorist Prevention
Act of 2004 and Executive Order 13467. Additionally, we reviewed key
reports on the reform effort such as the Joint Reform Team's April and
December 2008 progress reports and its March 2009 Enterprise
Information Technology Strategy report. Together, these documents
communicate the reform plans developed since the establishment of the
Joint Reform Team in 2007. In addition to the document analysis, we
conducted interviews with relevant officials from the Performance
Accountability Council, Joint Reform Team, and other federal agencies
involved in the reform effort, such as the Departments of Homeland
Security, Veterans Affairs, Treasury, and Energy. On the Joint Reform
Team and the Performance Accountability Council, we interviewed
individuals from all four of the agencies leading the reform effort,
including DNI, OPM, OMB, and DOD and we also interviewed officials from
the team's three areas of policy, process improvement, and information
technology. We also compared GAO's previously issued key practices to
our analysis of the reform efforts, including documentary and
testimonial evidence, to determine the extent to which those practices
are being incorporated into the reform efforts.
To determine the extent to which the Joint Reform Team's key security
clearance reports address factors essential to reforming the security
clearance process, we collected and analyzed reports and documents
related to the reform effort produced by the Joint Reform Team and the
Performance Accountability Council. Specifically we reviewed documents
regarding the structure of the Performance Accountability Council,
including the charter and membership documentation. We reviewed key
legislation and executive policies, including the Intelligence Reform
and Terrorist Prevention Act of 2004 and Executive Order 13467.
Additionally, we reviewed key reports on the reform effort such as the
Joint Reform Team's April and December 2008 progress reports and its
March 2009 information technology strategy report. Together, these
documents communicate the reform plans developed since the
establishment of the Joint Reform Team in 2007. In addition to the
document analysis, we conducted interviews with relevant officials from
the Performance Accountability Council, Joint Reform Team, and other
federal agencies involved in the reform effort, such as the Departments
of Homeland Security, Veterans Affairs, Treasury, and Energy. On the
Joint Reform Team and the Performance Accountability Council, we
interviewed individuals from all four of the agencies leading the
reform effort, including DNI, OPM, OMB, and DOD and we also interviewed
officials from the team's three areas of policy, process improvement,
and information technology. Finally, we interviewed officials from
DOD's Personnel Security Research Center. We then developed a list of
factors critical to reforming the security clearance process by
leveraging the factors we previously identified[Footnote 31] and two
additional criteria that we derived from IRTPA.[Footnote 32] We
compared our analysis of the key reform reports and testimonial
information collected to the problems essential to reforming the
clearance process that we identified.
We conducted this performance audit from August 2008 through May 2009
in accordance with generally accepted government auditing standards.
Those standards require that we plan and perform the audit to obtain
sufficient, appropriate evidence to provide a reasonable basis for our
findings and conclusions based on our audit objectives. We believe that
the evidence obtained provides a reasonable basis for our findings and
conclusions based on our audit objectives.
[End of section]
Appendix II: Comments from the Department of Defense and the Director
of National Intelligence:
May 11, 2009:
Ms. Brenda S. Farrell:
Director, Defense Capabilities and Management:
U.S. Government Accountability Office:
441 G Street. N.W.
Washington DC 20548:
Dear Ms. Farrell:
This is the joint Department of Defense (DoD) and Director of National
Intelligence (DNI) response to the GAO draft report 09-488. "Personnel
Security Clearances: An Outcome-Focused Strategy is Needed to Guide
Implementation of the Reformed Clearance Process," dated April 24,
2009. (GAO Code 351263). Detail comments on the report recommendations
arc enclosed.
We recognize that many observations in the report are a fair assessment
of the current state of clearance reform, but note some areas where the
report appears to draw overly broad conclusions from limited evidence.
We note that the report does not take into account that some important
components of reform remain in different stages of development and
therefore will follow a phased implementation plan.
We appreciate the support of GAO as DoD and DNI, together with our
other Federal partners. further improve the overall security clearance
process. and look forward to continuing our partnership in achieving
our shared goals.
Sincerely,
Signed by:
Elizabeth A. McGrath:
Assistant Deputy Chief Management Officer:
Department of Defense:
Signed by:
John P. Fitzpatrick:
Acting Assistant Deputy Director of National Intelligence for Security:
Enclosure: As stated:
[End of letter]
GAO Draft Report Dated April 24, 2009:
GAO-09-488 (GAO CODE 351263):
"Personnel, Security Clearances: An Outcome-Focused Strategy is Needed
to Guide Implementation of the Reformed Clearance Process"
Department Of Defense And Director Of National Intelligence Comments To
The Gao Recommendations:
Recommendation 1: To further align the reform effort with key practices
for organizational transformations and better address the long-standing
problems, we recommend that the OMB Deputy Director of Management in
the capacity as Chair of the Performance Accountability Council, ensure
that the appropriate entities such as the Performance Accountability
Council, its subcommittees, or the Joint Reform Team--take the
following actions:
Establish a strategic framework for the joint reform effort to include:
* A mission and strategic goals;
* Outcome-focused performance measures to continually evaluate the
progress of the reform effort toward meeting its goals and addressing
long-standing problems with the security clearance process;
* A formal, comprehensive communication strategy that includes
consistency of message and encourages two-way communication between the
Performance Accountability Council and key stakeholders;
* Clear roles and responsibilities for the implementation of the
information technology strategy, for example, be establishing
memorandums of understanding delineating the roles and responsibilities
of all agencies responsible for developing and implementing components
of the information technology strategy; and;
* Long-term funding requirements for security clearance reform,
including estimates of potential cost savings From the reformed process
and provide them to decision makers in Congress and the executive
branch.
DOD and DNI Response: Partially concur.
Mission Statement and Strategic Goals:
The GAO faults the reform effort for failing to define its mission or
strategic goals in the April and December 2008 reports, implying that
the effort had none. However, the aims of the reform effort-to "achieve
comprehensive reform of the end-to-end security clearance process
delivering high-assurance security clearances, fairly, efficiently and
at the lowest reasonable cost to the federal government"-were
articulated in the July 2007 Terms of Reference, and were reiterated
and supported by additional detail in the April and December 2008
reports.
Outcome-Focused Performance Measures:
We agree that the reform effort must contain outcome-focused
performance measures, but we believe that these metrics must evolve as
the process improvements and new capabilities are developed and
implemented. The Performance Accountability Council (PAC) formed a
standing Performance Measurement and Management subcommittee (PM&M)
whose primary responsibility is to develop standardized measures for
timeliness, investigative and adjudicative quality and reciprocity.
However, because the reform effort is an iterative, phased development
process, some measures of reform's effectiveness cannot be completely
developed or collected until the process and capability improvements
have reached maturity. That said, the timeliness metrics in the
Intelligence Reform and Terrorism Prevention Act of 2004 are still in
effect, and progress toward reaching those goals will continue to be
reported to Congress.
The report claims a lack of metrics to assess the progress of the
reform effort. We do not agree that it will be difficult to measure
whether the reform effort is making progress. The December 2008 report
details key milestones and an implementation timeline which the
Performance Accountability Council will oversee to monitor and drive
progress in both the development of new capabilities and the adoption
of new practices by agencies.
We agree with the report that the number of deficient investigations
returned to OPM should not be the sole measure of investigative
quality. This is precisely why the PAC's Performance Measurement and
Management subcommittee is developing a suite of tools to identify,
collect and report the root causes of deficient investigations, not
solely the number of deficient investigations returned to OPM.
Comprehensive Communication Strategy:
We agree that communication is essential for the success of all reform
efforts. The leadership of the reform effort has aggressively pursued
strategic communication opportunities at each phase of the reform
effort, and continues to do so. While it is true that the communication
strategy is not contained in a formal, written plan, strategic
communication has been employed from the project's inception. The
strategy employs different vehicles to convey relevant information to
both government and industry stakeholders. The reform effort's periodic
reports are one (but not the sole) means of communication. We encourage
GAO to give full consideration to the extensive and repeated efforts
undertaken by (at various times) Reform Champions, the Joint Reform
Team Leadership or sub-teams, the PAC and its subcommittees, different
ad hoc working groups; and individual Joint Reform Team members.
The report attributes the risk of failure to the lack of a written
communications strategy, citing that some stakeholders may be unclear
or concerned about implementation. 'these stakeholder observations
could also be attributed to other factors. such as resistance to change
and agencies organizational "ownership" of the status quo, which are
certainly present in the environment but not factored in GAO analysis.
Information Technology Implementation Roles and Responsibilities:
The report notes that the reform effort is beginning to use information
technology to improve the clearance process. We note that information
technology has always been used in the clearance process, and that the
reform effort's approach to improving the use of information technology
is to leverage existing systems and capabilities where applicable, and
develop new tools where necessary.
We agree with the report that clearly-defined roles and
responsibilities are critical to the success of cross-agency
information technology initiatives, and assert that considerable work
has been done to date to identify and clarify those roles. The Joint
Reform learn performed analysis of information technology in use in
personnel security processes across the federal space to identify best
of breed capabilities that would be candidates for inclusion in the
information technology strategy. As the Joint Reform Team works with
agencies to assess their information technology capabilities and
develop implementation plans, even clearer roles and responsibilities
will be identified and documented.
Regarding IRTPA's single database requirement, the reform effort
continues its iterative implementation of improvements to systems that
improve access to information agencies need. These improvements include
greater access to suitability data and to reach multiple organizations'
data from a single access point, Additionally, the effort is addressing
the complex issues regarding sharing information from classified
systems on data systems that cannot contain classified information.
Long-Term Funding Requirements:
We concur there is much more work to be done in this area. We will
continue to plan for and address additional funding requirements, as
required.
[End of section]
Appendix III: Comments from the Office of Personnel Management:
United States Office Of Personnel Management:
The Director:
Washington, DC 20415:
"Our mission is to ensure the Federal Government has an effective
civilian workforce"
[hyperlink, http://www.opm.gov]
[hyperlink, http://www.usajobs.gov]
May 11, 2009:
Ms. Brenda S. Farrell:
Director, Defense Capabilities and Management:
General Accountability Office:
Washington, DC 20548
Dear Ms. Farrell:
Thank you for the opportunity to comment on GAO's proposed report
entitled Personnel Security Clearances: An Outcome-Focused Strategy is
Needed to Guide Implementation of the Reformed Clearance Process (GAO-
09-488). The report discusses GAO's assessment of the work of the
"Suitability and Security Clearance Performance Accountability Council"
(also referred to as the "PAC") and the "Joint Reform Team" ("JRT").
The PAC was established on June 30, 2008 by Executive Order 13467. The
purpose of the PAC was, among other things, to ensure agencies
implement the suitability and security clearance reforms of the
Director of OPM (the Suitability Executive Agent) and the Director of
National Intelligence (the new Security Executive Agent).
OPM has a critical interest in both the suitability and security
clearance processes. By statute and regulation, OPM conducts
suitability background investigations for the competitive civil service
and the career Senior Executive Service (SE S); prescribes suitability
standards and procedures; and makes final suitability determinations.
With respect to excepted service appointments, agencies may enter into
agreements with OPM to conduct required investigations.
OPM also has significant responsibility in connection with the security
clearance process. By long-standing executive order, OPM has had
primary responsibility for conducting security clearance investigations
for competitive service employees, maintaining an index of
investigations, and reporting on agencies' compliance with personnel
security requirements. As with suitability investigations, agencies may
enter agreements to have OPM conduct security clearance investigations
for their excepted service employees. OPM has issued substantive
regulations and guidance establishing the appropriate level of a
security clearance investigation based on a position's national
security sensitivity, and establishing privacy requirements for
investigations. OPM also can and does conduct the background
investigations required to permit agencies to issue security clearances
to employees of contractors who perform work for Federal agencies.
Further, in 2003, Congress authorized a transfer to OPM of the
personnel investigation functions then being conducted by the
Department of Defense (DoD) to OPM. effective February 2005. As a
result, OPM now conducts security clearance investigations for military
personnel, Defense Department civilians, and Defense contractors. As
described in my letter responding to a separate GAO report, "DOD
PERSONNEL CLEARANCES: Comprehensive Timeliness Reporting, Complete
Clearance Documentation, and Quality Measures are Needed to Further
Improve the Clearance Process" (GAO-09-400) (hereafter "DOD Personnel
Clearances"), the transfer of responsibility to OPM has resulted in the
elimination of a backlog of pending background investigations; further,
OPM has met all of the timeliness goals for security clearance
investigations set by the Intelligence Reform and Terrorism Prevention
Act of 2004 (IRTPA), often ahead of statutory deadlines.
The examination of whether an individual is suitable for Federal
employment is, of course, distinct from the process for determining
whether an individual should be entrusted with classified information.
"There are certain basic assessments that must be made with respect to
all Federal employees. For example, all competitive service and career
SES must be examined to determine their "suitability" for Federal
employment generally, as well as for the position that they seek. On
the other hand, not every Federal employee is required to possess a
security clearance. Further, although the factors used to determine
"suitability" and those relevant to the granting of a security
clearance can overlap, the determination whether an individual should
be granted a security clearance may require particularly intrusive
inquiries into matters that might not be relevant to the suitability
determination.
OPM believes that it is important not to conflate the suitability and
security clearance processes. Nonetheless, it recognizes that there are
areas of commonality between the two and agrees that both processes
should be administered efficiently and aligned where appropriate. the
means by which these goals are accomplished, however-whether through
the governance structure established by Executive Order 13467 (and
studied by the GAO) or in some other fashion is currently under review
by the new Administration, as are the reform initiatives discussed in
the draft report. This review may result in a new governance structure
and/or new goals and standards. For that reason, while the critiques
discussed in GAO's report will certainly merit consideration going
forward, I do not believe that it would be productive at this time to
address with greater specificity the concerns it expresses about the
past management of the reform process.
Attached as you requested are technical comments prepared by OPM staff
in response to the draft report. Please note that OPM has already
issued a separate response to GAO's related draft report, DOD PERSONNEL
CLEARANCES. Some of the comments made in response to observations
contained in that draft report are pertinent here, as well
We appreciate the opportunity to respond to your report and look
forward to working with GAO in the future.
Sincerely,
Signed by:
John Berry:
Director:
Attachment:
[End of section]
Appendix IV: GAO Contact and Staff Acknowledgments:
GAO Contact:
Brenda S. Farrell, (202) 512-3604 or farrellb@gao.gov:
Acknowledgments:
In addition to the contact named above, David Moser (Assistant
Director), Lori Atkinson, David M. Adams, Sara Cradic, Susan Ditto,
Cindy Gilbert, Greg Marchand, Shannin O'Neill, and Sarah Veale made key
contributions to this report.
[End of section]
Related GAO Products:
DOD Personnel Clearances: Comprehensive Timeliness Reporting, Complete
Clearance Documentation, and Quality Measures Are Needed to Further
Improve the Clearance Process. [hyperlink,
http://www.gao.gov/products/GAO-09-400]. Washington, D.C.: May 19,
2009.
High-Risk Series: An Update. [hyperlink,
http://www.gao.gov/products/GAO-09-271]. Washington, D.C.: January
2009.
DOD Personnel Clearances: Preliminary Observations about Timeliness and
Quality. [hyperlink, http://www.gao.gov/products/GAO-09-261R].
Washington, D.C.: December 19, 2008.
Personnel Security Clearance: Preliminary Observations on Joint Reform
Efforts to Improve the Governmentwide Clearance Eligibility Process.
[hyperlink, http://www.gao.gov/products/GAO-08-1050T]. Washington,
D.C.: July 30, 2008.
Personnel Clearances: Key Factors for Reforming the Security Clearance
Process. [hyperlink, http://www.gao.gov/products/GAO-08-776T].
Washington, D.C.: May 22, 2008.
Employee Security: Implementation of Identification Cards and DOD's
Personnel Security Clearance Program Need Improvement. [hyperlink,
http://www.gao.gov/products/GAO-08-551T]. Washington, D.C.: April 9,
2008.
Personnel Clearances: Key Factors to Consider in Efforts to Reform
Security Clearance Processes. [hyperlink,
http://www.gao.gov/products/GAO-08-352T]. Washington, D.C.: February
27, 2008.
DOD Personnel Clearances: Improved Annual Reporting Would Enable More
Informed Congressional Oversight. [hyperlink,
http://www.gao.gov/products/GAO-08-350]. Washington, D.C.: February 13,
2008.
DOD Personnel Clearances: Delays and Inadequate Documentation Found For
Industry Personnel. [hyperlink,
http://www.gao.gov/products/GAO-07-842T]. Washington, D.C.: May 17,
2007.
DOD Personnel Clearances: Additional OMB Actions Are Needed to Improve
the Security Clearance Process. [hyperlink,
http://www.gao.gov/products/GAO-06-1070]. Washington, D.C.: September
28, 2006.
DOD Personnel Clearances: Questions and Answers for the Record
Following the Second in a Series of Hearings on Fixing the Security
Clearance Process. [hyperlink,
http://www.gao.gov/products/GAO-06-693R]. Washington, D.C.: June 14,
2006.
DOD Personnel Clearances: New Concerns Slow Processing of Clearances
for Industry Personnel. [hyperlink,
http://www.gao.gov/products/GAO-06-748T]. Washington, D.C.: May 17,
2006.
DOD Personnel Clearances: Funding Challenges and Other Impediments Slow
Clearances for Industry Personnel. [hyperlink,
http://www.gao.gov/products/GAO-06-747T]. Washington, D.C.: May 17,
2006.
DOD Personnel Clearances: Government Plan Addresses Some Long-standing
Problems with DOD's Program, But Concerns Remain. [hyperlink,
http://www.gao.gov/products/GAO-06-233T]. Washington, D.C.: November 9,
2005.
Industrial Security: DOD Cannot Ensure Its Oversight of Contractors
under Foreign Influence Is Sufficient. [hyperlink,
http://www.gao.gov/products/GAO-05-681]. Washington, D.C.: July 15,
2005.
[End of section]
Footnotes:
[1] Reciprocity is an agency's acceptance of a background investigation
or clearance determination completed by another authorized
investigative or adjudicative agency.
[2] GAO, High-Risk Series: An Update, [hyperlink,
http://www.gao.gov/products/GAO-05-207] (Washington, D.C.: January
2005); High-Risk Series: An Update, [hyperlink,
http://www.gao.gov/products/GAO-07-310] (Washington, D.C.: January
2007); and High-Risk Series: An Update, [hyperlink,
http://www.gao.gov/products/GAO-09-271] (Washington, D.C.: January
2009).
[3] Pub. L. No. 108-458, § 3001 (2004).
[4] The security clearance process currently consists of six phases:
requirements setting, application submission, investigation,
adjudication, appeal, and renewal.
[5] Determinations of suitability for government employment in
positions in the competitive service and for career appointment in the
Senior Executive Service include consideration of aspects of an
individual's character or conduct that may have an impact on the
integrity or efficiency of their service. Exec. Order No. 13467,
Reforming Processes Related to Suitability for Government Employment,
Fitness for Contractor Employees, and Eligibility for Access to
Classified National Security Information, at § 1.2(l) (June 30, 2008)
(citing 5 C.F.R. Part 731).
[6] The Director of OPM was designated as the Executive Agent for
Suitability, and the Director of National Intelligence was designated
Executive Agent for Security.
[7] In the past two years, GAO has also testified on concerns with the
timeliness of the security clearance process, among other things,
before (1) the Subcommittee on Oversight of Government Management, the
Federal Workforce, and the District of Columbia of the Senate Committee
on Homeland Security and Governmental Affairs, (2) the Subcommittee on
Government Management, Organization, and Procurement, House Committee
on Oversight and Government Reform, and (3) the Subcommittee on
Readiness, House Committee on Armed Services.
[8] GAO, Highlights of a GAO Forum: Mergers and Transformation: Lessons
Learned for a Department of Homeland Security and Other Federal
Agencies, [hyperlink, http://www.gao.gov/products/GAO-03-293SP]
(Washington, D.C.: Nov. 14, 2002), and Results- Oriented Cultures:
Implementation Steps to Assist Mergers and Organizational
Transformations, [hyperlink, http://www.gao.gov/products/GAO-03-669]
(Washington, D.C.: July 2, 2003).
[9] Joint Security and Suitability Reform Team, Security and
Suitability Process Reform Initial Report (Washington, D.C., Apr. 30,
2008); Security and Suitability Process Reform (Washington, D.C., Dec.
17, 2008); Enterprise Information Technology Strategy (Washington,
D.C., Mar. 17, 2008).
[10] GAO, Personnel Clearances: Key Factors to Consider in Efforts to
Reform Security Clearance Processes, [hyperlink,
http://www.gao.gov/products/GAO-08-352T] (Washington, D.C.: Feb. 27,
2008).
[11] Pub. L. No. 108-458, § 3001.
[12] Memorandum from Samuel Berger, Assistant to the President for
National Security Affairs, to George J. Tenet and John P. White, Co-
Chairmen, Security Policy Board, Implementation of Executive Order
12968, Mar. 24, 1997. This memorandum approves the adjudication
guidelines, temporary eligibility standards, and investigative
standards required by Exec. Order No. 12968, Access to Classified
Information (Aug. 2, 1995). The standards were later published in 32
C.F.R. Part 147. New federal investigative standards were issued by the
Security and Suitability Executive Agents on December 13, 2008. The new
federal investigative standards have not been implemented yet.
[13] 5 C.F.R. § 1312.4 (2009).
[14] GAO, DOD Personnel Clearances: Comprehensive Timeliness Reporting,
Complete Clearance Documentation, and Quality Measures Are Needed to
Further Improve the Clearance Process, [hyperlink,
http://www.gao.gov/products/GAO-09-400] (Washington, D.C.: May 19,
2009); [hyperlink, http://www.gao.gov/products/GAO-09-271]; [hyperlink,
http://www.gao.gov/products/GAO-07-310]; and [hyperlink,
http://www.gao.gov/products/GAO-05-207].
[15] IRTPA (Pub. L. No. 108-458, § 3001(g) (2004)) currently requires
that the 120-day average period for clearance determinations include no
longer than 90 days for the investigation and 30 days for the
adjudication. IRTPA also requires the executive branch to implement a
plan by December 17, 2009, under which adjudicative agencies, to the
extent practical, must make a determination on at least 90 percent of
all applications for a security clearance within 60 days, on average,
after the date of receipt of the application, with no longer than 40
days allotted for the investigation and 20 days allotted for the
adjudication.
[16] [hyperlink, http://www.gao.gov/products/GAO-09-400], and GAO, DOD
Personnel Clearances: Preliminary Observations about Timeliness and
Quality, [hyperlink, http://www.gao.gov/products/GAO-09-261R]
(Washington, D.C.: Dec. 19, 2008).
[17] Exec. Order No. 13381, Strengthening Processes Relating to
Determining Eligibility for Access to Classified National Security
Information (June 27, 2005). This order was revoked by Exec. Order No.
13467, Reforming Processes Related to Suitability for Government
Employment, Fitness for Contractor Employees, and Eligibility for
Access to Classified National Security Information (June 30, 2008).
[18] [hyperlink, http://www.gao.gov/products/GAO-03-293SP] and
[hyperlink, http://www.gao.gov/products/GAO-03-669].
[19] According to the Joint Reform Team, over 70 personnel from DOD,
OPM, and ODNI currently support its initiatives (including full and
part-time support).
[20] GAO, Agencies' Strategic Plans Under GPRA: Key Questions to
Facilitate Congressional Review, [hyperlink,
http://www.gao.gov/products/GAO/GGD-10.1.16] (Washington, D.C.: May
1997).
[21] The December 2008 report defines the following timeliness
measures: end-to-end is the time from the date of the submission by the
applicant to the date of the adjudicative decision; initiation is the
time from the date of submission by the applicant to the receipt date
of all information/forms (e.g., fingerprint cards) required to conduct
an investigation by the investigative service provider; investigation
is the time from the receipt date of the completed package (forms,
releases, fingerprints, etc.) to the date the adjudicative unit
receives the complete investigative product; and adjudication is the
time from the receipt date of the final report of investigation to the
date of the adjudicative decision.
[22] GAO, DOD Personnel: Inadequate Personnel Security Investigations
Pose National Security Risks, [hyperlink,
http://www.gao.gov/products/GAO/NSIAD-00-12] (Washington, D.C.: Oct.
27, 1999), and DOD Personnel Clearances: Government Plan Addresses Some
Long-standing Problems with DOD's Program, But Concerns Remain,
[hyperlink, http://www.gao.gov/products/GAO-06-233T] (Washington, D.C.:
Nov. 9, 2005).
[23] [hyperlink, http://www.gao.gov/products/GAO-09-400].
[24] Establishing a sound requirement determination process, building
quality into every step of the process, and providing Congress with
long-term funding-requirements are identified in our previous work. See
[hyperlink, http://www.gao.gov/products/GAO-08-352T]. We previously
identified having a valid set of metrics to evaluate efficiency and
effectiveness as an additional factor, which is addressed in this
report as part of our discussion of key practices for government
transformations. Establishing governmentwide reciprocity and developing
and consolidating information technology are derived from sections
3001(d) and (f) of IRTPA.
[25] OPM conducts security clearance investigations for most federal
agencies except for some intelligence agencies, such as the Central
Intelligence Agency, and some other agencies, such as the Federal
Bureau of Investigations, which conduct their own investigations.
[26] GAO, DOD Personnel Clearances: Additional Steps Can Be Taken to
Reduce Backlogs and Delays in Determining Security Clearance
Eligibility for Industry Personnel, [hyperlink,
http://www.gao.gov/products/GAO-04-632] (Washington, D.C.: May 26,
2004).
[27] These numbers are as of March 17, 2009, and are approximate. In
addition, they do not include the number of clearance holders for part
of the intelligence community.
[28] Each agency requesting a clearance investigation is responsible
for making its own adjudicative decision.
[29] GAO, Information Technology: Customs Automated Commercial
Environment Program Progressing, But Need for Management Improvements
Continues, [hyperlink, http://www.gao.gov/products/GAO-05-267]
(Washington, D.C.: Mar. 14, 2005).
[30] The Joint Personnel Adjudication System is used by DOD (not
including DOD's intelligence agencies), Clearance Verification System
is used by OPM (including all agencies for which OPM is responsible for
investigations), and Scattered Castles is used by the intelligence
agencies.
[31] GAO, Personnel Clearances: Key Factors to Consider in Efforts to
Reform Security Clearance Processes, [hyperlink,
http://www.gao.gov/products/GAO-08-352T] (Washington, D.C.: Feb. 27,
2008).
[32] Pub. L. No. 108-458 (2004).
[End of section]
GAO's Mission:
The Government Accountability Office, the audit, evaluation and
investigative arm of Congress, exists to support Congress in meeting
its constitutional responsibilities and to help improve the performance
and accountability of the federal government for the American people.
GAO examines the use of public funds; evaluates federal programs and
policies; and provides analyses, recommendations, and other assistance
to help Congress make informed oversight, policy, and funding
decisions. GAO's commitment to good government is reflected in its core
values of accountability, integrity, and reliability.
Obtaining Copies of GAO Reports and Testimony:
The fastest and easiest way to obtain copies of GAO documents at no
cost is through GAO's Web site [hyperlink, http://www.gao.gov]. Each
weekday, GAO posts newly released reports, testimony, and
correspondence on its Web site. To have GAO e-mail you a list of newly
posted products every afternoon, go to [hyperlink, http://www.gao.gov]
and select "E-mail Updates."
Order by Phone:
The price of each GAO publication reflects GAO’s actual cost of
production and distribution and depends on the number of pages in the
publication and whether the publication is printed in color or black and
white. Pricing and ordering information is posted on GAO’s Web site,
[hyperlink, http://www.gao.gov/ordering.htm].
Place orders by calling (202) 512-6000, toll free (866) 801-7077, or
TDD (202) 512-2537.
Orders may be paid for using American Express, Discover Card,
MasterCard, Visa, check, or money order. Call for additional
information.
To Report Fraud, Waste, and Abuse in Federal Programs:
Contact:
Web site: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm]:
E-mail: fraudnet@gao.gov:
Automated answering system: (800) 424-5454 or (202) 512-7470:
Congressional Relations:
Ralph Dawn, Managing Director, dawnr@gao.gov:
(202) 512-4400:
U.S. Government Accountability Office:
441 G Street NW, Room 7125:
Washington, D.C. 20548:
Public Affairs:
Chuck Young, Managing Director, youngc1@gao.gov:
(202) 512-4800:
U.S. Government Accountability Office:
441 G Street NW, Room 7149:
Washington, D.C. 20548: