As we await the official executive order transferring the clearance process from the Office of Personnel Management (OPM) to the Department of Defense (DoD), it’s clear that some big changes are on the horizon. While a lot of the brass tacks are still uncertain, the backlog and security breaches of recent years have lit a fire under congress, DoD, and OPM to get things right this time. As stated by a DSS official yesterday, Defense Secretary James Mattis has taken a direct hand in re-evaluating the clearance process from top to bottom. Obscene security clearance wait times and a backlog of over 600,000 investigations are the protruding nails waiting for Sec. Mattis’ hammer. But we may soon see long-held norms go by the wayside in a process that has been largely unchanged since the 1940’s.
Here are a few recent or upcoming changes that will be impacting security officers and clearance holders.
1. Continuous evaluation is here and it’s watching you
There are already 1.2 Million clearance holders enrolled in continuous evaluation (CE), with the plan of all clearance holders eventually being in the system. As the name suggests, the system is continually vetting cleared employees using data streams from credit bureaus and criminal records. The idea is that the system will incorporate more and more data streams as time goes on, including social media. Already in FY 2018, the system has reported over 41,000 alerts and caught significant, unreported security concerns on the part of employees. Now that cleared professionals will be under the microscope regularly, reporting any arrests, financial struggles, or other concerns to your FSO will be even more essential.
2. The End of Periodic Reinvestigations
As CE takes a greater and greater role, the goal is to eventually eliminate the need for periodic reinvestigations of all cleared personnel. An investigation would only be triggered when the continuous evaluation system finds a red flag that bears a full investigation. The elimination of PRs would vastly free-up investigator hours for first-time clearance holders. In order to maintain security, however, annual employer or subject interviews are being considered as system safeguards.
3. agency name shake ups
The bowl of alphabet soup that is the federal government has gotten another ladle-ful of acronyms. According to the DSS (Defense Security Service) website:
The Defense Vetting Directorate (DVD) is a newly established directorate of the Defense Security Service (DSS). The DVD will integrate the National Background Investigations Bureau (NBIB) and the DoD Consolidated Adjudication Facility (DoD CAF) into the DSS as directed by legislative and presidential directives. The DVD will establish a holistic end-to-end personnel vetting enterprise by re-aligning existing DSS vetting functions in conjunction with the transfer of NBIB and the DoD CAF.
Likewise, the DSS Personnel Security Management Office for Industry (PSMO-I) now has a snazzier acronym: VROC. This stands for “Vetting Risk Operations Center” and is the hub in charge of the continuous evaluation program. You can read the full explanation of VROC’s duties here.
4. Changes to adjudicative and investigative guidelines
It’s very likely that the longstanding 13 adjudicative guidelines may become a thing of the past. The spirit of the guidelines will likely stay very similar, but the wording and number may shift as the DoD is thinking critically about literally every aspect of the security clearance process. A DSS official also noted that the investigative guidelines and even the traditional 5 tiers of investigations may change in name or number.
5. “Rocket Vetting” and e-adjudication
There are not a lot of details on this, but rocket vetting would consist of taking only 30 days for low-risk secret clearance investigations and adjudications. Along with this comes the possibility of e-adjudication and lowering the risk thresholds for low-risk clearances and personnel. This is a way to try to cut down the backlog and direct resources towards higher-risk candidates and clearances.
6. A risk-management approach and business-level technology
This is probably the most exciting change, if it can be executed well. The DoD is trying to take a different approach to how it measures and manages risk. Instead of red-flagging someone in JPAS for a minor concern that then makes an employer reject them, technology and attitudes would be more critical about where measured risks are and are not helpful to national security. Sue Gordon of ODNI said just last week that they are trying to work on standardizing guidelines for risk across the board so all agencies are on the same page.
Likewise, employing up-to-date technology, both in vetting and in the background investigations process, could catch potential concerns and reduce error and wait times. This is reflected in the development and ongoing improvement of the new DISS system and the desire for simple things like a single customer service phone number, or the option to chat online with customer service – just as you’d be able to with any large business.