The security clearance backlog is no more, with case inventory well within historic figures. And as Trusted Workforce 2.0 moves forward, the government is counting on continuous vetting to help it set its path forward.
In the spring of 2018, the Office of the Director of National Intelligence announced Trusted Workforce 2.0 – its comprehensive, interagency effort to redefine a ‘trusted worker’ in the face of 21st century threats. Executive Correspondence (EC) issued last month now lays the framework for ending periodic reinvestigations in favor of continuous vetting of all cleared personnel.
“The goal is pretty simple,” said Brian Dunbar, assistant director, National Counterintelligence and Security Center, in an interview with ClearanceJobs. “To better support the mission with better vetting, faster investigation timelines and enhanced mobility.”
To that end, Trusted Workforce 2.0 has already accomplished the first, critical aspect of its mission – eliminating the security clearance backlog, which was at a high of 725,000 cases when Trusted Workforce 2.0 rolled out. With the backlog busted, focus has shifted to continuous vetting and updates to the federal investigative standards and adjudicative criteria.
“To me, the most important element of Trusted Workforce 2.0 is this – transitioning away from a traditional periodic reinvestigation to what we call continuous vetting, those individuals currently enrolled in continuous evaluation,” said Mark Frownfelter deputy assistant director National Counterintelligence and Security Center, Special Security Directorate.
The EC, “Transforming Federal Personnel Vetting: Measures to Expedite Reform and Further Reduce the Federal Government’s Background Investigation Inventory,” was signed by the Director of National Intelligence and the Director of the Office of Personnel Management February 3. Departments and agencies have received additional guidance about the implementation of the EC – a policy shift one administration official described as one of the most significant changes to security clearance policy of the past two decades.
The EC lays out the minimum standards are criteria for continuous vetting, and allows agencies in compliance with those criteria to move forward in eliminating PRs in favor of the continuous vetting model – a process that allows for a more efficient security clearance vetting process, but more significantly, a more secure one.
“It’s good from both a security and safety standpoint – we can intervene earlier,” noted Dunbar. “We can facilitate timely employee return from a personal crisis, for issues that under previous models wouldn’t be discovered until a PR.” Dunbar noted the system also helps the Defense Counterintelligence and Security Agency maintain its steady state inventory, reducing influxes of PRs.
Security Clearance Reform: Crawl, Walk, Run
Dunbar noted the security clearance process is focused on a crawl, run, walk approach to implementing Workforce 2.0. Previously issued EC helped codify efficiencies to eliminate the backlog. February’s EC codifies the full implementation of continuous vetting. The run portion of Trusted Workforce 2.0 will come into fruition later this year, with the issuance of new federal investigative standards and adjudicative guidelines.
The elimination of periodic reinvestigations transitions security clearance eligibility from a date driven system – where focus was on periodic reinvestigation or initial investigation dates – to a risk-based system. The focus will be less on whether or not applicants are ‘in scope’ – but rather, when were they last enrolled, and what, if any issues, were present at that time.
“PR dates will become a thing of the past,” said Dunbar. “We’re moving to a mobility, transfer of trust scenario.” That system depends heavily on education and training, and represents a huge cultural change, noted Dunbar.
The good news, ODNI officials note, is this policy takes a pull versus push approach – ODNI has worked across department and agencies to establish needs and priorities. They’ve pulled in that feedback, and the result is an approach agencies are asking for and prepared to implement.
“What we’re anticipating, and what we’ve heard – particularly within the IC, is they believe they possess these capabilities,” said Dunbar. Once they’ve verified they meet the criteria with ODNI, they’re able to eliminate PRs and enroll candidates into continuous vetting. For that reason, Trusted Workforce 1.5 – what the current EC is being dubbed – should result in rapid enrollment of new candidates into continuous vetting, just as Trusted Workforce 1.0 saw the rapid decline (and eventual elimination) of the clearance backlog.
The automated records checks, laid out in policy through Security Executive Agent Directive 6, are the lynchpin of current transformation activities, noted Dunbar. ODNI has been responsible for designing and building a national CE system – a major technology undertaking, rolling in data across seven categories, and for 29 separate departments. ODNI is working in partnership with DoD’s CE program, and considers itself a service provider into the DoD CE system.
SEAD 6 went into effect January 2018. In the two years since, ODNI has gathered information to help it improve the continuous vetting of personnel – lessons learned it’s incorporating into the recently released EC, which notes “revisions to investigative flags for financial delinquencies and traffic fine violations in certain cases.” Dunbar said this is a direct example of seeing what has been flagged in continuous vetting thus far, and that a $50 traffic violation may not be the best metric for trustworthiness.
“This is data driven policy development,” noted one senior official. “It’s a really exciting place to be in personnel security reform.”
Security Clearance Reform by the Numbers
There are really three key takeaways, noted Dunbar: Trusted Workforce 2.0 is real, is experiencing steady forward momentum (including the February EC), and the executive branch is poised to keep move into a future-minded approach to personnel security. In addition to those three takeaways, Dunbar highlighted the 1,3,5 approach being taken in Trusted Workforce 2.0.
One – The establishment of one personnel vetting model, which aligns guidelines and standards and provides characteristics of a trusted person. The underpinning of this personnel vetting model is changes to the federal investigative standards and adjudicative criteria.
Three – Is the reduction of the investigative tiers from 5 to 3. With the elimination of periodic reinvestigations, categories based on reinvestigation go away, and investigations are based solely on tiers of risk, not tiers of time.
Five – Is the creation of five specific vetting scenarios.
- Initial vetting: Moving ‘outsiders to insiders.’
- Continuous vetting: The ‘signature, transformative piece’ of Trusted Workforce 2.0. Continuous vetting allows for risks to be identified when they happen – not on a 5-or-10-year investigation timeline.
- Upgrade in trust: When an individual with a Secret clearance needs to move into a Top Secret clearance position, or an individual requires access to special access programs, conducting new vetting for the higher risk level.
- Transfer of trust: How quickly and efficiently to move from one agency to another. Typically referred to as reciprocity, which actually brings in a host of other criteria related to suitability.
- Reestablishment of trust: Vetting an individual who has left the ‘trusted workforce.’ Under the PR model, investigations would be considered ‘current’ if the individual attempted to ‘re-enter’ the system within two years. With PRs going away, reestablishment of trust won’t be based on an investigation date, but on what information is available in a continuous vetting system of record, and efficiently bringing those individuals back into the system.
“Trusted Workforce 2.0 is a repetitive process using a phased approach that’s been ongoing since 2018,” said Frownfelter. With the issuance of February’s EC, the program is at the walk phase, but it plans to be running by the end of 2020 and fully implemented by 2022.
The incremental – but pivotal – changes being made as a part of Trusted Workforce 2.0 have no plans to slow down. While a National Security Presidential Memorandum (NSPM) is expected to further modernize the personnel security effort and should be released sometime this year, “we don’t necessarily have to pause in our journey,” emphasized Dunbar.