Review of the Security and Emergency Planning Staff's Management of Background Investigations

Evaluation and Inspections Report I-2005-010
September 2005
Office of the Inspector General


Results of the Review


    In FY 2004, SEPS met federal regulatory requirements for adjudicating background investigations within 90 days in 99 percent of its highest priority cases (political appointees and attorneys) and in 85 percent of cases overall. SEPS also generally met Department needs for processing SCI clearances and providing clearance verifications. However, SEPS did not fully meet other important responsibilities related to policy and oversight. The Department’s personnel security policy, amended by more than 40 memorandums issued over the past 15 years, is inconsistent, outdated, and not widely and readily accessible. In addition, SEPS’s program of security compliance reviews and its enforcement authority are too limited to ensure that components with delegated authority comply with regulations and policy. Also, because SEPS relies on outdated technology to manage its own files and there is no Department-wide database of background investigation information, SEPS has limited ability to manage and oversee the background investigation process across the Department.

Workload and Priorities

From FY 2000 to FY 2004, portions of SEPS’s background investigation workload more than doubled, particularly in the areas of granting clearances and the initiation and adjudication of contractor background investigations (see Table 1). In response to the increasing background investigation caseload, PERSG designated four of its responsibilities as being its highest priorities: (1) adjudication of the background investigations and reinvestigations of political appointees and attorneys; (2) adjudication of requests for access to SCI material; (3) certification of clearances to other agencies; and (4) processing requests for waivers. As lesser priorities, SEPS adjudicates background investigations for other new employees, adjudicates reinvestigations for employees, adjudicates all contractor cases, and develops policy guidance.40

Table 1: SEPS’s Background Investigation (BI) and Reinvestigation (RI) Workload
FY 2000-2004
  FY
2000
FY
2001
FY
2002
FY
2003
FY
2004
Percentage
Change
2000-2004
Employees
    BI Initiations 1,286 1,675 2,382 2,004 1,784 38.7
    Waivers 558 876 1,081 1,224 1,142 104.7
    BI Adjudications 1,188 1,795 1,407 1,698 2,237 88.3
    Clearance Actions Taken 382 536 892 1,140 1,609 321.2
    RI Initiations 1,321 3,000 2,454 3,051 2,422 83.4
    RI Adjudications 1,508 1,421 1,743 2,266 1,983 31.5
Contractors
    BI Initiations 291 326 821 984 1,263 334.0
    BI Adjudications 446 421 579 784 1,033 131.6
    RI Initiations 21 8 25 24 12 -42.9
    RI Adjudications 17 14 14 25 24 41.2
    TOTAL ACTIONS 7,018 10,072 11,398 13,200 13,509 92.5
 Source: PERSG TRAQ

SEPS’s SCI clearance workload also increased dramatically from 2000 to 2004. PERSG retains the sole authority within the Department to grant SCI clearances and to confirm these clearances for personnel who require SCI access to other components or other federal agencies. Table 2 shows SEPS’s SCI clearance workload from calendar years 2000 through 2004.

Table 2: SEPS’s SCI Clearance Workload for
Calendar Years (CY) 2000-2004
 CY
2000
CY
2001
CY
2002
CY
2003
CY
2004
Percentage
Change
2000-2004
SCI Clearances Processed 1,251 2,196 2,457 3,129 3,113 148.8
SCI Clearances Verified 810 1,261 1,667 2,005 2,053 153.5
TOTAL ACTIONS 2,061 3,457 4,124 5,134 5,166 150.7
 Source: SEPS CRS

Adjudication Timeliness

We found that SEPS’s adjudication of background investigations was generally timely. We examined SEPS’s processing of 55,197 actions on background investigations for which it retained authority during the 5 fiscal years from FY 2000 through FY 2004 (see Table 1). The percentage of adjudications of initial background investigations for employees and contractors processed by SEPS within 90 days for each of the fiscal years is shown in Table 3. In FY 2004, SEPS adjudicated 85 percent of all employee background investigations within 90 days.

Table 3: SEPS Background Investigation Adjudications
Completed Within 90 Days
FY 2000-2004
Percentage completed in 90 days
 FY
2000
FY
2001
FY
2002
FY
2003
FY
2004
Employees 94 90 73 75 85
Contractors 83 81 60 73 96
 Source: PERSG TRAQ

In discussions with SEPS staff responsible for adjudications, we asked why some cases were not processed within 90 days. SEPS staff explained that some cases were delayed because SEPS lacked the staffing needed to perform all adjudications within the required time and that, in other cases, decisions were delayed pending the receipt of documentation or until issues related to the applicant’s suitability were resolved. For example, when a background investigation identified credit issues, a final decision on the adjudication might be delayed until the employee documented 3 months of on-time payments.

Staffing and Resources Not Increased Commensurate With Workload. As described in the background section, two previous external reports from the Webster Commission and the National Archives and Records Administration found significant shortfalls in SEPS staffing. SEPS requested additional staffing both before and after those reviews. Between FY 2000 and FY 2005, SEPS’s annual budget requests included additional staff and provided extensive performance and workload measures to justify the requests. For example, SEPS provided studies comparing its staffing levels to those of three other Department components with comparable adjudications responsibilities and to other components or agencies with comparable security responsibilities. As Table 4 shows, in 2001 SEPS had the smallest ratio of adjudications staff to background investigation caseload.41 Despite the recommendations from these reports, SEPS did not receive the requested additional resources, except for one additional position in the CRS.

Table 4: PERSG’s 2001 Comparison of Its Staffing Levels to
Three Department Components
 Caseload (Employees and Contractors) Adjudicators Average Cases Per Adjudicator
SEPS 33,000 9 3,667
BOP 51,143 17 3,008
DEA 22,700 26 873
INS* 41,000 47 872
 Source: PERSG

* On March 1, 2003, the Immigration and Naturalization Service (INS) was transferred to the Department of Homeland Security.

SEPS’s Workload Management. Despite its low staffing levels, SEPS has taken several steps to manage its increasing case workload more effectively. These steps include redirecting personnel assigned to other duties to adjudications, and identifying and focusing its available resources on its highest priority cases. Specifically, PERSG staff stated that they relied on a combination of staff redirected from other duties, overtime from adjudicators, and assistance from employees in other sections of SEPS with prior adjudicative experience. For example, because they had experience as adjudicators, the PERSG Chief for Policy, Training, and Oversight and a Security Specialist from this section were assigned, as needed, to process requests for SCI clearances and other adjudication cases. Also, the Operations Section scheduled one day a week when all PERSG staff devoted the entire day to adjudicating backlogged cases. The size of the adjudications backlog has diminished since October 2003 (see Table 5).

Table 5: PERSG FY 2004 Adjudication Pending Caseload
Months Employee Cases Contractor Cases Total
Not Yet Screened by SEPS* Pending Adjudication Not Yet Screened by SEPS* Pending Adjudication
Oct. 2003 1,072 698 98 286 2,440
Nov. 2003 1,039 682 72 287 2,367
Dec. 2003 1,143 677 35 272 2,399
Jan. 2004 970 679 63 200 2,112
Feb. 2004 1,073 675 1,748
Mar. 2004 846 694 50 76 1,742
Apr. 2004 853 683 1,536
May 2004 933 703 58 169 2,032
June 2004 1,059 562 101 165 2,052
July 2004 1,112 570 95 98 1,973
Aug. 2004 968 547 89 91 1,786
Sept. 2004 1,005 545 98 98 1,881
PERCENTAGE CHANGE -6.3 -21.9 00 -65.7 -22.9
 Source: SEPS

*These cases refer to those that PERSG had not yet reviewed.

SEPS does not operate on a fee-for-service basis (i.e., the components do not directly reimburse SEPS for the cost of the services it provides). However, since 1992, Department components have contributed funding to enable SEPS to hire staff dedicated to managing reinvestigations. Of the nine adjudicator positions, five are assigned to reinvestigations and are paid for proportionally by the components. The components also contribute to a fund from which SEPS pays staff overtime for conducting adjudications. In FY 2004, the components agreed to contribute $22,000 to the overtime fund.42

Also, as described previously on pages 20 and 21, SEPS established priorities for the processing of cases. The priorities were (in order) political appointees, attorneys, other FBI investigations (i.e., not political or attorney positions), OPM national security information (NSI) investigations, other OPM investigations, employee reinvestigations, and contractors. Our review of the processing times for cases involving these categories of employees found that SEPS is processing the highest priority cases first (see Table 6).43 For example, based on records contained in TRAQ, we determined that SEPS processed over 99 percent of its highest priority cases (political appointees and attorneys) within 90 days.

Table 6: SEPS Adjudication Processing by Priority Level
  Percentage completed in 90 days
Adjudication Priorities
(Highest to Lowest)
FY
2000
FY
2001
FY
2002
FY
2003
FY
2004
Political appointees 100 100 100 100
Attorneys 99 99 99 99 100
FBI NSI investigations 100 88 94 92 96
OPM NSI investigations 92 91 85 74 79
Other OPM investigations 91 85 48 62 81
Employee reinvestigations 84 83 59 48 54
Contractors 83 81 60 73 96
 Source: PERSG TRAQ

To determine whether SEPS met OPM timeliness expectations, we reviewed FY 2004 correspondence between PERSG and the OPM Investigations Program Specialist assigned to the Department’s oversight. The OPM Specialist noted that SEPS’s performance (85 percent of adjudications completed in less than 90 days) and that of the Department as a whole (87 percent completed in less than 90 days) “exceed[ed] compliance expectations” and was “meeting” an “important goal.” We also reviewed a recent PERSG customer service survey and conducted an additional survey of 12 Security Programs Managers. All 12 indicated that they were generally satisfied with the service SEPS provided in processing background investigations and security clearances. Separately, in SEPS’s own customer service survey of Security Programs Managers, PERSG’s responsiveness in obtaining SCI access and certifying national security clearances to other components and agencies were the two highest rated elements.44

Overall, we believe that SEPS has taken reasonable steps to use the resources available to manage its case processing workload, and OPM and the components have been generally satisfied with SEPS’s performance. SEPS met regulatory timeliness requirements 85 percent of the time in FY 2004 for the background investigations for which it is directly responsible and is meeting Department needs by processing SCI clearances and clearance verifications as quickly as possible. In only 15 percent of the employee cases and 4 percent of the contractor cases did SEPS not meet OPM’s timeliness requirements. However, as we discuss in greater detail below, the Intelligence Reform Act and HSPD-12 directed changes that will, when implemented, require faster processing times and increase the number of case processing stages that SEPS must accomplish to complete background investigations.

Policy Guidance

The Department’s personnel security policy, amended by more than 40 memorandums issued over the past 15 years, is inconsistent, outdated, and not widely and readily accessible. SEPS, which is responsible for issuing policy and providing guidance for the Department, issued the last complete revision of the Department’s security policy, known as DOJ Order 2610.2A, in 1990. Although the basic order has not been updated, from 1990 through 2005 SEPS issued more than 40 memorandums that revised or supplemented the order. Because the changes have been issued in a piecemeal fashion, there is no single, consolidated document that contains all current guidance for component security officials and other Department employees to consult.

Despite the many revisions and supplements, the guidance has not been updated to reflect recent changes in the security environment, according to PERSG staff. For example, the guidance does not require the reinvestigation of all contractors, which SEPS has long considered necessary to ensure the Department’s security.45 In customer service surveys conducted by the OIG and SEPS, Security Programs Managers and adjudicators expressed frustration with having to work with outdated and confusing materials. In responses to our survey, for example, Security Programs Managers pointed out that SEPS’s memorandums often modify or correct prior memorandums, making it difficult to determine whether the order or one of the various memorandums is the correct guidance. In PERSG’s 2004 customer service survey, Security Programs Managers rated PERSG lowest in the area of policy guidance.

According to SEPS employees, SEPS has not consolidated the updates it has issued into a revised policy because its staff in the Policy, Training, and Oversight Section were dedicated to processing SEPS’s background investigation caseload. In December 2004, in response to an inquiry related to another OIG review, SEPS officials told us that they had begun consolidating and updating the existing guidance on employees. However, as of July 2005, the revised DOJ Order 2610.2A was still undergoing review. Moreover, SEPS had not worked on new requirements for contractors – and for visitors – since March 2005. Further, SEPS staff told us that the order cannot be finalized until OPM approves SEPS’s proposed minimum level of background investigation for hiring public trust employees. SEPS was also waiting for OMB guidance on implementation of HSPD-12 since this guidance may supersede SEPS’s proposed changes to both DOJ Order 2610.2A and contractor policy.

Limited Use of Technology. SEPS has not effectively used available technology to disseminate policy and guidance. We examined SEPS’s presence on the Department’s intranet and found that the Personnel Security page consisted solely of a list of tasks that PERSG handles. Although adjudicative guidelines were available on the SEPS site as an appendix to the Security Program Operating Manual and several relevant regulations and executive orders were listed on the Security Policies page, the Personnel Security page did not contain a link or cross-reference to this information. Further, that page did not provide Department personnel security policies, did not identify the names or dates of Department policies currently in effect, and did not provide answers to commonly asked questions. Because this information was not readily available on the intranet, PERSG and CRS staff provided guidance by answering case-specific questions from components or faxed copies of memorandums upon request.

We also examined the CRS section of the SEPS intranet and found that with the exception of the Security Program Operating Manual issued in May 2005, it contained only limited and outdated information. When we interviewed CRS staff in February 2005, they noted that they had requested that copies of the checklists used to conduct compliance reviews, the package of information sent to Security Programs Managers when a compliance review is announced, and training materials be posted on the web site.

PERSG’s 2004 customer service survey also identified shortcomings in online guidance. In particular, several components commented on SEPS’s failure to use the intranet effectively. For example, one component stated that “PERSG is behind the times when it comes to posting information to the DOJ intranet. It would be helpful if personnel security information was made available.”

Our interviews with SEPS staff identified three reasons for the delays in posting information. First, SEPS gave no priority to the posting of information on its web site. Second, SEPS did not clearly define internal responsibilities and approval processes for posting information. Third, SEPS officials did not follow up to ensure that approved information was posted to the web site.

In June 2005, we contacted an official from the Department’s Office of the Chief Information Officer (OCIO) to determine what the procedures for posting information on the web site were.46 An OCIO official stated that approved information submitted in the required format would be posted within a few days of receipt. In July 2005, we revisited the web site to determine whether SEPS had begun posting information. We found that the May 2005 Security Program Operating Manual had been posted. However, other information that CRS staff told us in February 2005 had been submitted for internal SEPS approval was still not on the web site.

SEPS’s Oversight of Components With Delegated Authority

SEPS has not implemented an effective oversight program to ensure that components with delegated authority to adjudicate background investigations comply with regulations and policy regarding personnel security. SEPS has delegated to 20 components the authority to perform adjudications and grant security clearances for employees or contractors, but SEPS remains responsible for conducting oversight to ensure that the components are carrying out their delegated authority in accordance with Department regulations. SEPS receives an annual statistical report from OPM on the Department’s performance in meeting the 90-day adjudication standard. However, SEPS’s primary method of overseeing components’ operations is the security compliance reviews conducted by CRS. The CRS reviews are limited both in number and in scope of the examination related to personnel security. Further, both SEPS and the components’ Security Programs Managers have limited authority to ensure that corrective actions are taken.

SEPS Conducts Few Security Compliance Reviews. Overall, SEPS inspects less than 1 percent of Department offices each year. According to the CRS Chief, SEPS’s internal goal is to conduct 60 security compliance reviews each year. However, with a staff of only three Security Specialists and an annual travel budget of $60,000, CRS has been unable to meet this goal. In the past 3 years, CRS has achieved its goal of conducting 60 reviews only once, completing an average of 39 compliance reviews each year (Table 7).47 At that rate, it would take SEPS approximately 75 to 90 years to inspect all of the Department’s estimated 3,000 to 3,500 offices.

Table 7: CRS Reviews Conducted in Calendar Years 2002-2004
Year Component Offices Reviewed
(Number of Reviews Conducted)
Total Reviews Percentage of Department Offices
2002 Civil Division (1), Office of Community Oriented Policing Services (1), Criminal Division (2), Civil Rights Division (1), DEA (19), Environmental and Natural Resources Division (1), EOUST (4), FBI (14), INS (6), Office of Justice Programs (1), OIG (1), Tax Division (1), USAO (4), USMS (5) 61 2.0
2003 ATF (1), Executive Office for Immigration Review (1), EOUST (1), FBI (3), JMD (1), USAO (8), USMS (4) 19 0.6
2004 ATF (4), BOP (1), Criminal Division (1), Community Relations Service (1), DEA (3), Executive Office for Immigration Review (3), EOUST (5), FBI (5), USAO (8), USMS (6) 37 1.2
 Source: CRS

Similar to the adjudication staffing studies discussed earlier, in 2002 a CRS Security Specialist conducted a study that compared the number of SEPS Security Specialists with the number of Security Specialists in other security compliance review offices within and outside the Department. According to the CRS comparison, in 2002 CRS had two Security Specialists to conduct reviews of the Department’s approximately 3,000 offices. In contrast, CRS’s data indicated that the FBI had 37 security staff to conduct reviews of its 500 offices and the DEA had 6 security staff to conduct reviews of its 100 offices. Those staffing levels provide a staff-to-workload ratio of 1,500 offices per Security Specialist for SEPS, as compared with 13.5 for the FBI and 16.7 for the DEA. CRS has gained one additional Security Specialist since 2002 and currently has three Security Specialists. However, this still leaves SEPS’s staff-to-workload ratio at 1,000 offices per Security Specialist.

SEPS also receives annual reports from OPM on component compliance with the regulatory requirement that adjudications be completed within 90 days. In response to the OPM reports, the CRS site visits, or other information, SEPS may request that OPM conduct an in-depth review of components’ management of background investigations. This occurs infrequently. According to SEPS, the most recent OPM review it requested was of the ATF when that component transferred from the Department of the Treasury to the Department of Justice.48 PERSG has the option of requesting OPM appraisals of the component programs more frequently, but told us that they recognized from the difficulty they experienced in obtaining a review of the ATF process that OPM has to balance these requests with its own heavy workload of investigations.

Personnel Security Issues Receive Minimal Attention. In addition to conducting few security compliance reviews, CRS also devotes little time to personnel security issues during each review. During the 2-day security review we participated in, CRS staff spent about 4 hours on personnel security issues. CRS staff confirmed that 3 to 4 hours per review was typical. That includes both time spent reviewing background investigation files before the site visit and time spent reviewing personnel security issues on site at the office under review.

Because components’ background investigation files are maintained centrally, prior to each site visit Security Specialists spend 2 to 3 hours reviewing background investigation files of select employees from the office that will be reviewed. We accompanied a Security Specialist on a file review to observe the procedure. The Security Specialist selected 30 personnel files (26 employees and 4 contractors) out of the approximately 150 employees assigned to the office under review. CRS reviews the files to determine whether investigations have been initiated and adjudicated within the timeframes required by regulations, waivers have been appropriately requested and approved, required reinvestigations have been initiated, required paperwork (such as nondisclosure agreements and security clearance justifications) have been placed in the file, and the requested clearance level is appropriate for the level of classified information accessed by the employee.

Component security officials in field offices have limited involvement in background investigations. Therefore, SEPS Security Specialists typically spend only about an hour on personnel security issues while on site. During that time they question security staff and other employees to determine how employees and their supervisors are notified of pending reinvestigations, whether training is provided on handling classified material, what information security staff and managers have on personnel clearance levels, and how background investigations of locally hired contractors and interns are conducted.

The security compliance review reports that we examined identified a limited number of problems related to administrative personnel security. The 20 reports issued in FY 2003 contained a total of 4 findings (direct violations of federal regulations) and no observations (vulnerabilities not directly covered by federal regulations) related to personnel security.49 The findings were: (1) required reinvestigations had not been initiated for some employees; (2) an employee was in a sensitive position without a completed and favorably adjudicated background investigation on file; (3) employees who did not need access to national security information had been given national security clearances; and (4) memorandums requesting security clearances lacked accurate need-to-know justifications. CRS staff stated that the deficiencies cited in the FY 2003 reports are typical of what they found in more recent site visits.

Security Specialists do not review the quality of the adjudication or investigation of employees’ and contractors’ background investigations or reinvestigations, nor do any other personnel in SEPS. CRS staff explained that they do not examine files for substantive issues or to determine whether there are investigations or disciplinary actions pending, as such in-depth reviews would mean less time for higher priority physical and information technology security oversight. Instead, Security Specialists ensure only that the required paperwork (e.g., signed disclosure forms for cleared employees) is included in employees’ files and that reinvestigations are timely.50

When asked whether they were concerned that no personnel at SEPS perform any qualitative reviews of components’ adjudications, SEPS officials confirmed that they were. They stated that it is not currently possible for SEPS to ensure that components effectively identify national security concerns during adjudications. However, SEPS officials noted that other case processing and security oversight issues remained a higher priority.

CRS Has Limited Authority to Correct Problems. CRS has no formal authority to compel a component to correct a security violation.51 The six current and former CRS Security Specialists we interviewed all commented that because of this limitation, CRS must carefully decide which compliance issues it pursues aggressively. For example, CRS found that the ATF obtains national security clearances for all its Special Agents, including those who work in offices that do not handle classified information. Nor does the ATF periodically review whether these security clearances are necessary.52 CRS informed us that this practice is not consistent with security regulations and therefore must be reported as a finding.53 CRS told us that it had reported this deficiency during prior reviews of ATF field offices, and on the site visit we observed, we noted that the Security Specialist again raised the issue. However, neither CRS nor the ATF Security Programs Manager had the authority to compel the ATF to either limit the number of clearances or obtain a waiver of the requirement that clearances be given only to those who must handle classified information. CRS staff stated that they will continue to report this issue, but that CRS’s priority is resolving more immediate physical security risks.

While component Security Programs Managers provide assistance to CRS, both in identifying security weaknesses and addressing CRS’s site visit findings and observations, their authority is also limited. DOJ Order 2600.2C assigns Security Programs Managers 11 separate areas of responsibility for ensuring the security of their respective components, but it provides no specific instructions on the measures Security Programs Managers can take to enforce security requirements. In our survey of Security Programs Managers, several explained that they were unable to implement a CRS finding because there was a component policy that the Security Programs Manager could not change (such as some components’ policies of obtaining national security clearances for all law enforcement officers).

PERSG Has Limited Authority to Correct Problems. Just as CRS has no formal authority to require components to comply with personnel security regulations, PERSG has no formal authority to require individuals to comply with personnel security regulations. Because SEPS cannot effectively identify and track all the Department employees who are overdue for reinvestigation, it cannot perform effective oversight to ensure compliance with that requirement.

In its management of component background investigations, PERSG is responsible for ensuring that personnel submit the paperwork to initiate their background reinvestigations in a timely manner. To facilitate compliance for the 27,000 employees and 7,000 contractors for whom SEPS has retained authority, SEPS provides each component’s Security Programs Manager with a list of personnel whose reinvestigations must be initiated by the end of the fiscal year. SEPS maintains records of personnel who have not submitted the necessary reinvestigation paperwork in a timely manner (PERSG refers to these cases as the “backlog”), and forwards the backlog lists to the Security Programs Managers to follow up with the individuals. SEPS also provides a list to the OIG of personnel for whom it has not received the necessary reinvestigation paperwork.54

We asked SEPS staff and the Security Programs Managers about how backlogged cases are handled and, more specifically, how noncompliance is addressed for personnel with security clearances and for personnel in public trust positions. For personnel with security clearances, SEPS staff stated that personnel generally comply with SEPS’s requests for reinvestigation paperwork because SEPS can administratively withdraw clearances for failure to submit the paperwork.55 Security Programs Managers in our survey confirm that they do obtain paperwork from personnel who require access to classified information. In contrast, for personnel in public trust positions, which do not require a security clearance, SEPS staff stated that they have no sanctions comparable to the administrative withdrawal of a clearance. To obtain compliance, they send a memorandum to the OIG reporting personnel overdue for reinvestigation, and may also involve the Security Programs Managers. Security Programs Managers can initiate disciplinary procedures for noncompliance, but stated that it is a lengthy process. Both SEPS and the Security Programs Managers stated that they do eventually obtain compliance.

Incorrect SEPS Data on EOUSA Reinvestigations. To confirm that overdue individuals are eventually submitting their paperwork, we reviewed TRAQ data to identify personnel more than 1 year overdue for reinvestigation as of March 2005. According to the TRAQ data, there were 399 Department personnel who were more than 1 year overdue for reinvestigation, of whom 357 were EOUSA employees. SEPS explained that this data was erroneous because EOUSA initiates its own reinvestigations and does not report the initiations to SEPS. Consequently, the individuals continue to be shown in TRAQ as overdue for reinvestigation.

Because SEPS did not have complete and accurate data in TRAQ on the specific number of individuals in the Department that were more than 1 year overdue for reinvestigation, in May 2005 we requested information on a sample of 28 overdue cases to determine how many were actually overdue and how many were erroneous entries in which reinvestigations were not reported by the component. Of the 28 sample cases, 14 were erroneous entries that either had a reinvestigation initiated or in which the employee did not require reinvestigation for other reasons (such as that they were no longer employed by the component). Of the 14 cases in which the employee was actually overdue for reinvestigation, we found that half – including all the individuals holding NSI clearances – were less than 2 years overdue, but some public trust employees had been overdue for longer periods, including one individual who was more than 10 years overdue for reinvestigation. Overall, our analysis indicated that processing delays accounted for approximately half of the backlogged EOUSA cases. Nonetheless, even accounting for the erroneous EOUSA entries, most of the backlogged cases involved EOUSA employees.56

Because SEPS cannot independently identify when EOUSA initiates reinvestigations, it provides an annual status report to EOUSA showing the individuals overdue for reinvestigation and requests that EOUSA initiate appropriate action. The status reports we reviewed did not specifically request that EOUSA provide a response, and the PERSG Chief of Operations told us that EOUSA often does not respond directly to the status reports. Consequently, SEPS often only learns that a reinvestigation has been initiated when EOUSA forwards the results of the OPM field investigation.

The Department does not have a centralized database containing information on the status of background investigations and reinvestigations that can be accessed and updated by SEPS staff, the components for which it retains authority (such as EOUSA), or components with delegated authority. As we will discuss in greater detail beginning on page 40, SEPS’s inability to monitor and manage overdue reinvestigations is one example of the limitations of the Department’s current technological resources.

The Department’s Resource Requests for SEPS

Despite efforts to increase SEPS’s staff and secure funding for technology improvements, the Department has not received increased appropriations for SEPS. In its FY 2005 budget submission, SEPS requested three additional PERSG positions, six additional compliance review security specialists, $2,000,000 to replace the TRAQ database, and $105,000 in additional travel money for CRS site visits. SEPS’s budget submission tied the need for additional funding directly to the Department’s counter-intelligence priority and the importance of ensuring that the Department hire and retain only trustworthy personnel. The request noted that PERSG staff had worked more than 500 hours of overtime since October 1, 2002, but that PERSG was still backlogged. The request explained that the existing PERSG file tracking system, TRAQ, was at the end of its life cycle and at full capacity, and that a new Department-wide system was needed to enable SEPS to adequately monitor the Department’s personnel security program. The budget submission noted the Department’s growing presence overseas and the need to ensure that the Department’s most vulnerable facilities be reviewed at least every 5 years.

The Department supported the budget request, and the Office of Management and Budget approved the personnel requests and $1,500,000 for the new database. Funding for these items was included in the appropriations bill approved by the House, but it was not included in the final version of the appropriations bill passed by Congress for FY 2005. PERSG has reduced its backlog since the budget submission, but as previously noted, it is not able to meet regulatory timeliness requirements at its current staffing level. Moreover, as discussed below, with the implementation of HSPD 12 and the Intelligence Reform Act, SEPS will face an increased workload, more stringent timeliness requirements, and an expanded oversight role.

SEPS’s File Tracking System

The file tracking system SEPS uses is outdated, at full capacity, and does not include needed capabilities. PERSG staff told us that they selected the system, an inventory management program called TRAQ, because it had a barcode-scanning capability that allowed PERSG to track the physical location of each personnel security file. Currently, PERSG’s TRAQ system contains information on approximately 27,000 Department employees and 7,000 contractors. This represents approximately one-fourth of the Department’s employees and an unknown percentage of its contractors. TRAQ contains no information on the approximately 76,000 employees who work in the components with delegated adjudicative authority.

Because TRAQ was designed to be an inventory management system, SEPS has modified the TRAQ software extensively to accomplish its internal case monitoring tasks. SEPS regularly obtains management reports from TRAQ to set adjudication priorities, identify personnel due for reinvestigation, evaluate security clearance levels, and monitor its adjudicative backlog. However, according to SEPS’s technical staff, TRAQ does not provide needed capabilities and cannot be modified further. In a briefing prepared for the budget director on SEPS’s justification for its FY 2006 budget request, SEPS staff stated that the TRAQ vendor told SEPS it has pushed the system well beyond its limits and capacity and is at risk of losing data due to system crashes. SEPS staff further stated, “The application will eventually fail due [to] the amount of records the system is trying to manipulate.” TRAQ’s specific limitations include:

  • TRAQ cannot be modified to support continuity of operations. SEPS staff stated that because the system does not support scanned images, the paper files must be retrieved for each step in the background investigation process. We determined that in FY 2004, there were 13,509 transactions recorded in TRAQ for which paper files were needed. SEPS informed us that there were an additional 5,166 transactions on SCI clearances and clearance certifications, which are kept in separate paper files and not recorded in TRAQ.57 Four file room clerks are needed to manage the paper copies of the files. (See Tables 1 and 2 for workload statistics.) Further, all of SEPS’s paper files are maintained in one location. Because electronic copies have not been made, the loss of the paper records would severely disrupt case processing and clearance verification. For example, if a bioterrorist attack precluded access to the building housing the records, SEPS would lose access to a significant portion of the documents supporting the adjudication of employees’ background investigations and other suitability issues.58

  • TRAQ crashes and file corruptions occur frequently. Because the system is outdated and operating over its intended capacity, system crashes and file corruption are a common occurrence. SEPS did not keep a log of the frequency or duration of system malfunctions, but the SEPS technical staff we interviewed stated that, at times, system crashes occurred several times a day. Because SEPS has modified the system beyond its intended capabilities, it is no longer fully supported by the vendor. As a result, SEPS technical staff must troubleshoot TRAQ and maintain electronic and hard copy backups.

  • TRAQ has no internal quality control features. TRAQ lacks the quality control capabilities typically built into databases to ensure data accuracy. For example, TRAQ does not recognize when processing dates for cases are not sequential. Because the software lacks internal quality controls, SEPS pays a contractor to review the data entry for accuracy.

  • TRAQ is accessible only to SEPS personnel. Personnel security staff from the components cannot directly access TRAQ. As a consequence, they cannot obtain case processing status or verify clearances without faxing requests or telephoning SEPS adjudicators for updates. In their responses to the PERSG customer service survey and our survey of Security Programs Managers, a number of components stated that they want to access status information on particular cases without having to call PERSG.

  • TRAQ’s report-generating capabilities are limited. PERSG staff told us that TRAQ cannot easily generate ad hoc reports or reports that can be shared with components or other external agencies. Advanced programming skills are necessary to create new reports from TRAQ, and the layout cannot be modified to improve clarity. SEPS staff must export data from TRAQ into Microsoft Access to generate reports it routinely shares with the components, such as reports on cases pending adjudication or requiring reinvestigation, and individuals who have been hired on waivers.

No Centralized Background Investigation Database

The Department has no centralized personnel security database that SEPS can use to monitor the background investigation status of all Department employees. Instead, components maintain information on the background investigations of their personnel in separate systems that are not interoperable or accessible to SEPS. Some components keep their records in Oracle databases, while others maintain their records in Microsoft Access databases or Excel spreadsheets. Further, these systems do not track the same information regarding the background investigation process steps to enable comparison across components.

Based on our review of SEPS’s budget requests and our discussions with SEPS staff regarding their oversight program, we identified a number of areas in which the lack of a centralized database impedes SEPS’s ability to conduct oversight of the components’ background investigation processes:

  • SEPS cannot systematically monitor compliance with prehiring requirements. Components must initiate a background investigation and complete a waiver before personnel can enter on duty. SEPS monitors compliance with this requirement for its own workload by downloading biweekly National Finance Center data and comparing it to background investigations. While SEPS has this tool available for monitoring compliance in the components for which it has retained authority, it is not able to conduct comparable tests to monitor compliance in the components with delegated authority.

  • SEPS cannot systematically monitor compliance with reinvestigation requirements. Because EOUSA initiates its own reinvestigations, SEPS cannot determine which reinvestigations EOUSA has initiated until it receives the paperwork, often more than a year later. SEPS therefore cannot identify EOUSA personnel who have not completed reinvestigation requirements. SEPS also cannot systematically monitor compliance with reinvestigation requirements in the components with delegated authority, such as timely initiation of reinvestigations and timely adjudication of completed reinvestigations, because those components initiate and adjudicate their own reinvestigations.

  • SEPS cannot conduct random reviews of the completeness of component field investigations. CRS staff must notify components in advance to obtain rosters and paper copies of the files, and does not review the substance of the adjudicator’s decision.

  • SEPS cannot verify that components are conducting required training on the handling of classified information. All components are required to ensure that personnel with security clearances are given initial training and refresher briefings. Security Programs Managers we surveyed reported they use a variety of tracking mechanisms, from databases to paper files, to ensure that components’ employees receive initial and refresher briefings as required. However, not all Security Programs Managers from components with field offices conducted direct oversight of field office practices.

  • SEPS cannot determine electronically whether components annually certify the need for access to classified information. SEPS uses a paper questionnaire to verify that personnel in the components that SEPS manages have justified the need to retain security clearances, and oversight of component compliance with this requirement is limited to the sites CRS visits.

As described previously, TRAQ was not designed as a case management database and cannot be further expanded to provide SEPS with additional capabilities it needs to effectively oversee the components’ background investigation processes. SEPS’s compliance reviews cover only a small fraction of Department personnel each year. A Department-wide database with imaging capability could reduce the risks inherent in a paper-based system and enable SEPS to better oversee components’ background investigations programs.

Because this review focused on SEPS, we did not examine whether the components’ tracking systems are similarly limited in their capabilities to provide oversight of their internal processes. In our discussions with component Security Programs Managers and SEPS staff, however, we were informed that the DEA is the only component that currently maintains electronic copies of its background investigation files. Therefore, a Department-wide database with imaging capability could provide a security benefit to components with delegated authority, as well as to SEPS.

SEPS has identified the need for a Department-wide database and has requested resources to develop one. The Department concurred with SEPS’s request, and in FY 2005, requested at least $2 million to replace TRAQ with a Department-wide system. However, the funding was not included in the FY 2005 Appropriations Act passed by Congress.

In its FY 2006 budget request, SEPS has again sought requested funding for a Department-wide database, stating that a new Department-wide personnel security database would: (1) allow the Department to re-engineer its background investigation process to comply with the e-Gov initiative; (2) improve timeliness by electronically initiating, receiving, monitoring, and storing background investigations, reinvestigations, and security clearances; (3) improve communication and information sharing within the Department; (4) eliminate duplicate investigations, thereby saving time and money for Department components; (5) enable better enforcement of personnel security standards, and (6) support better oversight at the Department level.

    New standards for background investigations contained in the Intelligence Reform Act and HSPD-12 will significantly increase SEPS’ requirements for processing and oversight of background investigations. Meeting the new timeliness standards in the Intelligence Reform Act will require SEPS to significantly expedite background investigation adjudications. In addition, HSPD-12 established additional processing requirements for contractors that will increase SEPS’s workload. SEPS will also be required to provide additional oversight of components with delegated authority to ensure that they comply with the standards.

Timeliness Requirements of the Intelligence Reform Act

The Intelligence Reform Act imposes progressively tighter timeliness requirements for adjudications and field investigations that will overwhelm SEPS’s limited capabilities. To meet the new timeliness standards, SEPS will have to expedite adjudications significantly. SEPS also must increase its oversight of the timeliness of field investigations conducted by the FBI and the ATF to ensure that they meet the new standards. At present, we believe that SEPS is not well positioned to meet these challenges.

Adjudications. Currently, the only formal timeliness requirement is that adjudications of background investigations and reinvestigations are to be completed within 90 days.59 The Intelligence Reform Act shortened these timeliness requirements. By the end of 2006, 80 percent of adjudications must be completed within an average of 30 days, and by the end of 2009, 90 percent of adjudications must be completed within an average of 20 days.

To meet the new timeliness standards, SEPS will have to greatly reduce the time it takes to complete adjudications. For example, according to data in TRAQ, in FY 2004 SEPS completed 59 percent of its adjudications of employees’ NSI background investigations within 30 days, and completed 46 percent of its adjudications within 20 days (see Table 8). Thus, to meet the December 2006 timeliness standard of 80 percent in 30 days, SEPS will have to greatly increase the number of adjudications it completes within that time. Meeting the standard for adjudications of employee reinvestigations and contractor background investigations will require even greater increases. In FY 2004, SEPS adjudicated only 31 percent of employee reinvestigations and only 21 percent of contractor background investigations within 20 days.

Table 8: How SEPS FY 2004 Adjudication Performance Compares to
Intelligence Reform Act Timeliness Requirements*
  Percentage of SEPS
Adjudications Completed
  within
90 Days
within
30 Days
within
20 Days
Standards
    Current 2005 100
    December 2006 80
    December 2009 90
SEPS Adjudications in FY 2004
    Employee NSI Background Investigations 87 59 46
    Employer NSI Reinvestigations 60 39 31
    Contractor NSI Background Investigations 93 43 21
 Source: SEPS TRAQ

* For personnel with Secret or Top Secret clearances

Field Investigations. As of July 2005, there were no regulatory requirements regarding the timeliness of field investigations on background investigations. The Intelligence Reform Act requires that, by December 2006, 80 percent of field investigations be completed within 90 days. By December 2009, 90 percent of field investigations must be completed within 40 days. As with adjudications, meeting the new standards will require that field investigations be significantly accelerated from current performance levels.

The FBI and OPM conduct the field investigations on those cases for which SEPS retains adjudication authority. In FY 2004, the FBI took an average of 197 days to complete a field investigation for SEPS. The FBI completed approximately 25 percent of its NSI investigations within 90 days and less than 10 percent within 40 days in FY 2004 (see Table 9). Although OPM’s actions are not within the control of the Department of Justice, we noted that the time it takes OPM to conduct field investigations for SEPS will also have to be significantly reduced to meet the new standards. In FY 2004, OPM’s highest priority cases took an average of 100 days, and its routine cases took an average of 324 days.60

Table 9: How FBI FY 2004 Field Investigation Performance Compares to Intelligence Reform Act Timeliness Requirements*
  Percentage of NSI
Field Investigations Completed by FBI
  within
90 Days
within
40 Days
Standards
    December 2006 80
    December 2009 90
FBI Performance in FY 2004
    Employee NSI Background Investigations 24 8
 Source: SEPS TRAQ

* For personnel with Secret or Top Secret clearances

Oversight Implications of Timeliness Standards. Given its currently available methods of oversight, SEPS is not well positioned to meet the standards of the Intelligence Reform Act. The Act will require SEPS to ensure that the FBI and the ATF (the two Department components with authority to conduct field investigations) meet timeliness standards for those investigations. SEPS does not currently review the timeliness of these field investigations, since there were no regulatory timeliness requirements before the Act. The new timeliness standards will also apply to the adjudications conducted by Department components with the delegated authority to carry out those actions.

Our review of SEPS’s oversight of components with delegated authority found that its primary oversight of components’ timeliness in adjudications is accomplished through OPM, which provides SEPS with an annual report on the Department’s overall compliance with the 90-day adjudication standard, broken down by component. SEPS may then address any concerns OPM raised about timeliness with the component directly.61 In addition, CRS examines the timeliness of the case processing in the particular files they select for review prior to field visits. However, as CRS has been conducting an average of less than 40 site visits each year, the information gained by those reviews was limited and anecdotal.

To conduct effective oversight of the components’ compliance with the new requirements, SEPS will require additional data, beyond the annual compliance numbers provided by OPM, that will enable it to track cases as they progress to completion. As described above, the Department does not presently have the databases and other technological infrastructure to allow SEPS to effectively monitor and analyze the components’ performance at processing background investigations.

Other Background Investigation Processing. Our review of the required timeframes established by the Intelligence Reform Act found that, as the law is written, no additional time is allowed for aspects of the background investigation process that are not included in the field investigation or adjudication phases. For example, there are three categories of cases for which an additional review is conducted between completion of the field investigation and SEPS’s adjudication: (1) political appointees undergoing confirmation, whose files are reviewed by the Senate; (2) attorneys, whose files are reviewed by the Office of Attorney Recruitment and Management; and (3) non-attorney personnel at the U.S. Attorneys’ Offices, whose files are reviewed by EOUSA.

Even in cases in which there is no additional review before the files are transmitted to SEPS, it can take several weeks to physically transmit the paper case files between the investigative and adjudication offices. Table 10 shows the average time lapse between when field investigations were completed and when the case files reached SEPS for adjudication during the last 5 fiscal years. In some cases, the time needed for additional reviews between the field investigation and the adjudication would make difficult, or preclude, meeting the timeframes of the Intelligence Reform Act.

Table 10: Average Days Between Field Investigation Completion
and SEPS’s Receipt*
Field Investigation Reviewed
Before Forwarding to SEPS
FY
2000
FY
2001
FY
2002
FY
2003
FY
2004
    Senate-confirmed political appointees 145 89 101 50
    Attorneys 52 37 48 73 43
    EOUSA cases 185 165 199 161 129
Field Investigation Sent Directly to SEPS 40 38 26 19 10
 Source: SEPS TRAQ

* For all employees

Requirements of HSPD-12

HSPD-12, issued by the President in August 2004 and scheduled to be implemented in stages beginning October 27, 2005, will expand SEPS’s oversight responsibilities to include monitoring identification card recertifications for all employees and contractors, and checking hiring practices for contractors who are investigated and hired locally. The directive establishes minimum government-wide background investigation requirements for entry on duty and requires an identification card recertification process every 5 years for employees and contractors. Although the Department and SEPS had not fully decided how to implement the Directive during our fieldwork, we can describe the impact of HSPD 12 requirements on SEPS’s oversight responsibilities.

Pre-Employment Background Checks. HSPD-12 requires that agencies conduct several background checks in order to issue official identification cards to employees. The minimum National Agency Checks required are the Security/Suitability Investigations Index, Defense Clearance Investigation Index, FBI Name Check, and the FBI National Criminal History Fingerprint check. In addition, HSPD-12 requires that written inquiries be sent to verify past employment, education, residences, and references. It also requires a check of law enforcement databases for addresses where the applicant has lived. This background investigation is called the NACI (National Agency Checks with Inquiries). As initially issued, HSPD-12 required that all steps of the investigation except the paper inquiries be completed before employees could be issued identification cards. In FY 2004, this process took an average of 89 days to complete, according to information that OPM provided to SEPS regarding the NACI process.

In May 2005, Department officials from SEPS and the OCIO involved in implementation of HSPD-12 raised concerns about the length of time necessary to complete the NACI process. They were particularly concerned about delays encountered in the FBI Name Check process.62 In August 2005, OMB amended the guidance on the directive to state that if the results of the National Agency Checks were not received within five days, only completion of a favorable fingerprint check would be required prior to issuance of a building access identification card.

Identification Card Recertifications. HSPD-12 requires that background checks be verified every 5 years in order to renew each employee’s identification card. As described to us by OCIO staff, the recertification will not require a new NACI check. Instead, the office that issues the identification card will check the employee’s personnel security record to verify that an HSPD-12 certification was completed when the identification card was originally issued. As long as the check of the employee’s personnel record does not reveal any other prohibiting factors, the card may be recertified.

One potential increase in SEPS’s reinvestigation workload could occur because the timeframes established by HSPD-12 for renewing identification cards do not coincide with existing OPM requirements for background reinvestigations. HSPD-12 guidelines require that identification cards be renewed no more than 5 years after issuance, whereas OPM’s standards consider a reinvestigation to be current if it is initiated within 5 years after the previous background investigation was completed. Therefore, an employee’s HSPD-12 identification card must be recertified before SEPS is required to complete a reinvestigation. SEPS officials told us that the possibility of requiring a reinvestigation before an HSPD-12 identification card is renewed had not been ruled out as of July 2005. However, if SEPS conducts these actions separately, the number of cases SEPS will have to track and manage each year will increase.63 Conversely, if the decision is made to conduct reinvestigations early so that they are completed concurrent with the HSPD-12 recertification, that would effectively shorten the reinvestigation cycle, which would in turn result in an increase in the number of reinvestigations that SEPS would have to conduct each year.

Oversight of Contractors. Our review of the SEPS oversight program found that it will have to be expanded if it is to cover components’ compliance with all HSPD-12 requirements regarding contractors. Staff from SEPS and the OCIO confirmed that HSPD-12 requirements will extend to certain contractors who are currently investigated and hired at the local level without centralized oversight. At present, SEPS obtains no case processing information on contractors hired locally by components. CRS security staff told us that when they visit a site that has locally-hired contractors, they request a roster and check the files kept on site. CRS will also talk to the General Services Administration about shared contract staff, such as janitors.64 The lack of a central Department-wide database prevents SEPS from easily identifying whether contractors from sites it has not visited have received the proper background check or even whether they are still employed.



Footnotes

  1. PERSG places less emphasis on the adjudication of these routine investigations because waivers are granted for more than half of the new employees the Department hires to fill positions other than law enforcement officer positions. The waivers allow the employees to begin work before their background investigations are complete.

  2. SEPS must also process the SCI clearances of all Department components. In CY 2004, there were 5,166 cases, as shown in Table 2.

  3. SEPS is compensated directly only for its costs incurred; money that is not used is returned to the components. Actual costs were not available for FY 2004. Total overtime costs have never exceeded the initial overtime fund contributions. SEPS does not track adjudication overtime separately from other overtime.

  4. Contractor cases were sometimes processed faster than other higher priority cases because, although cases are generally processed according to priority, SEPS also reviews field investigations as they are received to identify cases for which there are no potentially derogatory issues and adjudicates those cases as quickly as possible. Because over 90 percent of contractors are hired for lower risk positions with limited background checks that result in no derogatory information, those cases can be quickly adjudicated.

  5. There are no regulatory timeliness requirements for these processes, but they are often time-sensitive. SEPS reported that it currently has two employees who manage clearance certifications as a collateral duty, one for 65 percent of duties, and one for 25 percent.

  6. SEPS has taken initial steps to draft a reinvestigation policy for all Department contractors, but inadequate staffing and potential changes in federal standards under HSPD-12 have delayed the drafting. SEPS had already identified a need for a review of contractor reinvestigation guidance when we interviewed SEPS officials in March 2004.

  7. A 2005 Departmental restructuring transferred the e-Gov staff from the Department’s library to the OCIO. The e-Gov staff is responsible for posting information from the Offices, Boards, and Divisions on the intranet. Individual offices are responsible for approving content prior to submitting documents to be posted; the e Gov staff converts that content to a format appropriate for posting, and ensures that information is also accessible to disabled users. Many of the larger components or offices have the ability to post information directly, without contacting the e-Gov staff for assistance.

  8. During 2002, SEPS staff conducted inspections of overseas offices. Because most overseas offices are housed within an embassy in which the Department of State retains responsibility for physical security and security conditions are identical for Department components in the embassy, SEPS was able to conduct multiple component reviews at most locations and expedite each review. The number of reviews was lower in 2003 because SEPS was tasked by Congress to conduct physical security surveys of Department offices in buildings operated by the General Services Administration nationwide in order to assess the buildings’ physical security vulnerabilities. In response to the congressional mandate, CRS conducted 137 physical security building inspections.

  9. OPM found the ATF capable of conducting its own field investigations and adjudications for its staff and contractors.

  10. In contrast, the 20 reports issued in FY 2003 contained a total of 2 findings and 78 observations related to physical security. CRS staff stated that because there are few federal or Department standards on physical security, important security issues are often addressed in observations.

  11. Reinvestigations are considered timely if the initiation paperwork is submitted by the end of the fiscal year in which the reinvestigation is due.

  12. For example, although CRS requests that components either implement changes required by their findings or report why the changes could not be implemented, of the 20 reports issued in FY 2003, 11 components responded within the requested 60 days, 4 components responded after 60 days (ranging from 2 to 7 months after the due date), and 4 components did not respond to CRS at all.

  13. A waiver of the periodic review may be granted if the component can show a continuing need for all employees to be cleared. For example, SEPS granted the FBI a waiver because it demonstrated such a need.

  14. Under 28 C.F.R. § 17.12(d), each component head must “continuously review the requirements for personnel access to classified information as a part of the continuous need-to-know evaluation, and initiate action to administratively withdraw or reduce the level of access authorized, as appropriate.” SEPS interprets this regulation to require at least an annual review of employee security clearances to verify that the employee still requires access.

  15. SEPS also monitors and reports to Security Programs Managers and the OIG cases in which it believes an employee has entered on duty without the necessary waiver and initiation of a background investigation. SEPS informed us that some of these cases are due to a component’s slow reporting, but in other cases background investigations have not been initiated. For FY 2003 through FY 2005, these cases generally numbered fewer than 20 per year.

  16. Administrative withdrawals of national security clearances can occur for a variety of reasons, including a component’s determination that an employee no longer needs access to classified information.

  17. EOUSA employees represent 89 percent of the backlog (357 of 399 cases in FY 2004), and only 54 percent of the employees for whom SEPS has retained authority (14,535 employees of 26,906). If half of the apparent backlog represents a delay in reporting, 81 percent (179 of 221) of the backlog would be EOUSA employees.

  18. The 5,166 SCI clearance and clearance verifications took place in calendar year 2004.

  19. SEPS could reconstruct the adjudicative decisions and personnel security files from backup copies of TRAQ and copies of material obtained from the investigating agencies, personnel and internal affairs offices and other sources, but the process would be time-consuming.

  20. See 5 C.F.R. § 732.302(b).

  21. The FBI’s field investigations for SEPS averaged 197 days in FY 2004.

  22. Correspondence an OPM Investigations Program Specialist e-mailed to PERSG concerning FY 2004 indicated that OPM was generally satisfied with the Department’s timeliness. (E-mail October 27, 2004, subject “Adjudication”; e-mail August 13, 2004, “Another Achievement for DOJ.”)

  23. According to the Section Chief of the FBI National Name Check Program, the FBI Name Check can take extended period of time because of a number of factors, including the steady increase in the number of routine and expedited requests that have resulted from government-wide changes to security, citizenship, and visa application policies; understaffing in the FBI’s National Name Check Program office that processes the name check requests; and the need for a manual review of case files that are identified by the FBI database as possible hits.

  24. According to TRAQ, about 2,400 employees were reinvestigated in each of the last 5 years.

  25. Prior OIG reports found that these contractors’ employment status cannot be easily verified because they are not always paid through the centralized National Finance Center payroll system. See “Background Investigations Conducted by the United States Marshals Service,” OIG Evaluation and Inspections Division Report I 2005-002, February 2005. A May 2005 OIG Audit report indicated concern that the USMS could not document the background investigations of over half its locally hired contractors. See “United States Marshals Service's Use of Independent Contractors as Guards,” Audit Report 05-24, May 2005.



Previous Page Back to Table of Contents Next Page