Inspections Report I-97-06

The purpose of our inspection was to assess procedures used by the Justice Management Division's Security and Emergency Planning Staff (SEPS) to oversee background investigations (BI) for Department of Justice (DOJ) employees. As SEPS' monitoring of BIs was identified as an area of significant concern in a prior Office of the Inspector General (OIG) inspection report (see Appendix I), one aspect of the current inspection was to evaluate the progress made by SEPS to address this weakness. We used information from the Executive Office for United States Attorneys (EOUSA) and the United States Attorneys' Offices (USAO) to test SEPS' monitoring of preappointment investigations, reinvestigations (RI), and National Security Information (NSI) clearances.

SEPS' Mechanisms for Monitoring

The 1992 OIG inspection report concluded that the automated system SEPS used at that time was inadequate to perform the monitoring of BIs. The report indicated that the system did not contain accurate, current, or sufficient information. As a result of the 1992 report, SEPS replaced the automated system with the Security Entry Tracking System (SETS). Because SETS also does not contain accurate, current, or sufficient information, SEPS is now going to replace SETS with a system called TRAQ.

Currently, SEPS maintains information on BIs in hard copy personnel security files, in SETS, and in an additional automated system called TRAQ. In the case of an EOUSA or USAO employee, SEPS establishes a security file when the employee has an approved waiver or, if no waiver is granted by SEPS, [ A waiver for a new employee is not granted by SEPS if the employee is an attorney (because then the waiver would be the responsibility of OAPM) or if the employee and the USAO determine that the employee will wait to defer entry on duty until the preappointment BI is adjudicated.] when the completed preappointment BI is received for adjudication. The security file contains hard copy documentation of the adjudication of preappointment BIs and RIs as well as of the granting of any NSI clearances. The security files are the foundation for SEPS' automated systems.

The SEPS runs reports from its two automated systems, SETS and TRAQ, to monitor BIs and RIs. Information in SETS is derived from the National Finance Center Database and allows SEPS and components to enter data related to BIs such as the date completed, the date adjudicated, the date a waiver was approved, and the date any NSI clearance was granted.

Since the 1992 OIG review, SEPS' Personnel Security Group has reorganized and changed management. An official in the Personnel Security Group indicated that SETS is unreliable, inaccurate, and does not allow SEPS to produce the reports that it needs. The SETS cannot be modified or corrected to provide the additional capabilities required. He indicated that SETS has failed because data was not correctly transferred when the data for SETS was originally downloaded. As a result of these problems with the existing automated system, SEPS is building an enhanced tracking system called TRAQ.

The TRAQ is a barcode system, used by SEPS since January 1995, that allows the Personnel Security Group staff to quickly locate personnel security files and monitor the status of BIs and RIs. The TRAQ system provides more information than does SETS and can generate reports not available on SETS. The SEPS official believes that TRAQ will solve the problems with SETS because the TRAQ system was developed for SEPS' specific needs. According to the SEPS official, the information in TRAQ will be reliable and accurate because SEPS is entering data into TRAQ that has been verified with information in the personnel security files as well as information obtained from the components. In addition, the report generation capabilities of TRAQ will also assist SEPS in monitoring the BI process.

The SEPS is currently in the process of verifying and transferring information from SETS into TRAQ. At the time of our review, SEPS had completed data entry and record correction for 50 out of 66 DOJ components, [ SEPS has delegated responsibility to the FBI, Drug Enforcement Administration, United States Marshals Service, and the Immigration and Naturalization Service for their respective preappointment investigations. These four components are not included in the total number.] but had not completed the entry of, nor verified, information for EOUSA and the USAOs' records being transferred into TRAQ. A SEPS official anticipates the TRAQ system to be fully operational by the spring of 1997. Until that time, SEPS will continue to monitor BIs using reports from SETS and TRAQ, verifying the information with the information contained in the security files.

RESULTS OF THE INSPECTION

Preappointment Investigations

We conducted a review of selected personnel security files at SEPS to determine whether preappointment investigations for employees at EOUSA and the USAOs are being initiated by the office and then adjudicated by SEPS. We also conducted site visits at four USAOs and reviewed the personnel files of all employees hired at these USAOs in fiscal year (FY) 1995 to determine whether the employees had received adjudicated preappointment BIs (see Appendix II).

Review of New Hires at SEPS

For the SEPS file review, we obtained a list of all employees hired by EOUSA and the USAOs in FY 1995 to select a sample. Student volunteers were excluded from the sample because they do not receive a BI if they are not employed for more than six months. The sample was stratified into attorneys and support staff to obtain a representative sample of each group. We then used a statistical computer software program to generate our sample. From the 525 attorneys hired in FY 1995, we randomly selected an approximate 10 percent sample of 60 employees, and from the 695 support staff hired in FY 1995, we randomly selected an approximate 10 percent sample of 74 employees, for a total sample size of 134. We later determined during our file review that one member of our sample was a student volunteer who did not require a BI, seven were separated employees, [ According to the SEPS file room manager, files for separated employees are retained by SEPS for six months and then are destroyed. We determined that the files for these seven employees had been destroyed after the appropriate six months and were therefore unavailable for our review.] and two were contract employees, [ We determined that these two employees were contract employees, who have different BI requirements. ] resulting in a sample size of 124.

We reviewed the personnel security files and the data found in SETS and TRAQ for the 124 employees to assess the BI process and determine the request, completion, and adjudication dates for the preappointment BIs; the request and granting dates of the waivers; and the NSI clearance request and granting dates, when applicable.

During our file review, SEPS was unable to locate files for seven employees in our sample. SEPS officials verified that the seven employees are in fact currently employed at EOUSA or the USAOs. When we discussed the missing files with a SEPS official, he could not provide an explanation for why SEPS did not have security files for the seven active employees. He stated that SEPS' migration from SETS to TRAQ should ensure that SEPS has complete files for all active employees because SEPS is verifying information that will be entered into TRAQ from the personnel security files, SETS, and the component. Any missing files will be identified by this verification process. When SEPS identifies a missing file, SEPS creates a file and obtains the BI report from the FBI or the OPM.

From the file and automated systems review, we determined that SEPS had completed and adjudicated BIs for the remaining 117 employees in the sample whose security files we reviewed. Furthermore, all 117 employees had data records in SETS and TRAQ. In addition, we calculated the time involved for SEPS to process employment suitability paperwork from the completion of the BI to final adjudication. We determined that SEPS had reviewed and adjudicated the BIs that did not contain derogatory information within two weeks from the time SEPS received them.

We compared waiver dates for the 117 employees in our sample with their respective entered on duty dates provided by the EOUSA Personnel Staff to ensure that the employees received waivers [ According to EOUSA and SEPS officials, most EOUSA and USAO employees are brought on board with a waiver prior to completion of the preappointment BI. ] prior to starting work at the USAOs. [ SEPS grants waivers for EOUSA and USAO support staff only; OAPM grants waivers for EOUSA and USAO attorneys.] We found that only one employee in the sample had not received the appropriate waiver from SEPS prior to entering on duty. This employee's waiver was granted four days after she officially entered on duty. We interviewed an EOUSA Personnel Staff official who stated that this employee should not have entered on duty prior to receiving the waiver and that the USAO made an error in allowing the employee to enter on duty prior to receiving notification from the EOUSA Personnel Staff that the waiver had been granted. We believe that EOUSA needs to ensure that the USAOs do not allow employees to enter on duty prior to the USAOs' receiving notification of the waiver or adjudicated BI.

Review of New Hires at the USAOs

As part of our inspection, we conducted site visits at four USAOs. We reviewed the personnel files of all employees hired at these USAOs in FY 1995 -- 101 files total -- to determine whether the employees had received adjudicated preappointment BIs. For the ten USAO files in which we did not find documentation for an adjudicated BI, we subsequently reviewed the SEPS security files for the appropriate documentation.

During the course of the follow-up in the SEPS security files, we found that SEPS was unable to locate files for three of the ten employees. SEPS officials confirmed that these employees are active employees at the USAOs. We also identified one file for an active employee that contained no paperwork. We discussed these findings with a SEPS official, but he was not able to provide an explanation. As indicated previously, SEPS anticipates that the verification process during data entry into TRAQ will identify any missing files and allow SEPS to correct the problem.

Of the files we reviewed at the USAOs, we found that 100 employees had received adjudicated BIs, but we did not find evidence of an adjudicated BI for one employee. However, we found that, according to TRAQ, the OPM had completed the BI for this employee, and a SEPS official stated that the BI had been adjudicated. We reported to SEPS that we did not find documentation in its security file to support that the BI had been adjudicated, and SEPS obtained the appropriate documentation for the file.

We calculated the time required for SEPS to process the suitability paperwork for the 100 new hires with adjudicated BIs, from the completion of the BI to final adjudication. We found 24 instances in which it appeared that SEPS took an unreasonable amount of time, between 3 and 10 months, to adjudicate the BIs. Upon further examination at SEPS, we determined that most of these 24 files contained reports of derogatory information that required resolution prior to adjudication. However, we identified three cases in which there was no indication of derogatory information to explain the delayed adjudication. A SEPS official did not have an explanation for this finding other than to state that sometimes BI files are overlooked when SEPS has a large volume of files to review for adjudication. According to the SEPS official, TRAQ will allow SEPS to generate periodic reports that will provide the status of BIs and RIs in process.

From the review of the sample of 124 security files at SEPS as well as the review of 101 files from the four USAOs we visited, we determined that overall the preappointment investigations for FY 1995 hires were initiated by the office and then adjudicated by SEPS in a reasonable period of time. In addition, the new employees received waivers prior to entering on duty. We believe that SEPS has made significant progress in its management of the preappointment BI process since the 1992 OIG review.

Although our findings regarding preappointment BIs were generally positive, we are concerned that SEPS could not locate files for several active employees. The hard copy security file provides the foundation for SEPS' two automated systems. Without the security file, SEPS cannot ascertain that these employees received adjudicated BIs or verify that these employees received waivers prior to entering on duty. Given the state of transition of the two automated systems, we believe that the security files are the primary record and should be maintained accurately.

RECOMMENDATION

The Inspections Division recommends that the Assistant Attorney General for Administration:

1.Instruct SEPS to verify that personnel security files have been established and maintained for each EOUSA and USAO employee.

Reinvestigations

At the four USAOs we visited, we reviewed the files of all 81 employees due for reinvestigation in FY 1995 as reported by SEPS to determine whether the RI had been initiated. At one site, we found that not all employees due for reinvestigation had submitted the required paperwork to initiate the process. The administrative staff at the USAO stated that these employees did not consider the RI paperwork a high priority. The administrative staff at the other three sites we visited also reported difficulties with employees' completing the RI paperwork. However, the RIs for these three offices had been initiated. We believe that EOUSA should inform all employees of the importance of completing RI paperwork in a timely manner.

Once RI paperwork has been completed, the USAO forwards it to the EOUSA Security Programs Staff, who initiates the RI. USAO staff at all four sites indicated that once an RI is initiated, the USAO does not always receive notification that the RI has been completed and adjudicated. Administrative staff at the four USAOs stated that the USAOs do not usually follow-up on the status of the RIs once the paperwork has been submitted to EOUSA. EOUSA should provide notification to the USAOs of the adjudicated RI.

We reviewed the USAOs' personnel files of the employees whose RIs were initiated to determine whether the RIs had been adjudicated by SEPS. For the files at the USAOs in which we did not find documentation for an adjudicated RI, we subsequently reviewed the SEPS files for the appropriate documentation. Of the 81 total files we reviewed, we found that all RIs had been completed and adjudicated or that the file had documentation to support that the RI was still in process due to the resolution of derogatory information. We determined that SEPS had adjudicated the RIs and in a timely manner.

We also analyzed the lists SEPS provided to EOUSA of all employees due for reinvestigation in FY 1995 and FY 1996. We compared the two lists to determine which RIs were not initiated in FY 1995 and identified a backlog of 2,445 RIs. Of the 2,445 employees, we found that 1,199, or 49 percent, last received a BI seven or more years ago:

· 21 employees last received a BI 14 or more years ago;

· 87 employees last received a BI 11-13 years ago;

· 260 employees last received a BI 9-10 years ago; and

· 831 employees last received a BI 7-8 years ago.

We also determined that 53 employees did not have RIs initiated in FY 1995 although they possess NSI clearances. We found the number of employees with NSI clearances and outstanding RIs to be inconsistent with SEPS' guidelines that employees with NSI clearances are one of the top priorities for RIs. When we discussed this with a SEPS official, he indicated that these instances would be identified the following year when the RI list was generated. However, we believe that RIs for employees with NSI clearances should be monitored more aggressively.

We are concerned that a substantial number of employees have not received RIs in seven or more years and that employees with NSI clearances are not being reinvestigated as required. While we are aware that there is insufficient funding to allow for all RIs to be initiated each fiscal year when due, we believe that there are clear priorities for which employees should be reinvestigated and that SEPS is not ensuring that RIs are initiated for these employees.

During the inspection, we learned from SEPS and EOUSA officials that although SEPS provides written guidance on prioritizing RIs, SEPS does not actually prioritize the RI list. EOUSA determines specifically which employees at the USAOs will be reinvestigated, and SEPS does not review the list of employees selected for RIs. The SEPS does not know which RIs actually have been initiated by EOUSA until the RIs have been completed and submitted to SEPS for adjudication. When SEPS runs the RI report the following fiscal year, the Personnel Security Group could determine which RIs had not been initiated the previous year. We believe EOUSA's strategy for designating which employees are initiated for RIs and criteria for allocating the RI resources needs to be revised. In its efforts to allocate RI resources among its district offices, higher priority RIs are sometimes overlooked in district offices that have a disproportionate number of RIs due. Consequently, RIs are not being initiated for employees who have been overdue for a considerable period of time and for employees who have NSI clearances.

We concluded that SEPS is not monitoring RIs sufficiently. For the EOUSA and USAO employees in FY 1995, SEPS did not ensure that RIs had been initiated for employees who are priorities for RIs. We believe that SEPS should monitor more closely which employees have RIs initiated and which employees receive RIs to ensure that employees who are priorities for RIs receive them.

Also during our review, we found that in FY 1996 SEPS granted NSI clearances to four employees with expired BIs who did not have the requisite RIs. We found the granting of NSI clearances to employees with expired BIs to be inconsistent with the requirement of a current BI for NSI clearance approval. The SEPS official stated that these NSI clearances were granted because they were urgent situations. SEPS requires that the employee sign a non-disclosure agreement and that the RI be initiated within 30 days. If the RI is not initiated within that time, SEPS will cancel the NSI clearance. When we followed up on the status of the RIs, we found that SEPS' records indicated that two RIs were subsequently initiated and adjudicated, one RI was not done because the clearance was no longer necessary and was cancelled, and one clearance was granted in 1995 based on a BI done in the latter part of 1989. We found that SEPS was tracking these cases to ensure that RIs are initiated for employees granted NSI clearances who have expired BIs.

RECOMMENDATIONS

The Inspections Division recommends that the Director, Executive Office for United States Attorneys:

2.Instruct the United States Attorneys to inform employees selected for reinvestigation of the importance of the reinvestigation program and ensure that those employees complete their RI paperwork as required.

3.Instruct the Security Programs Staff to allocate RI resources among the USAOs in a manner that ensures the highest priority employees receive reinvestigations.

The Inspections Division recommends that the Assistant Attorney General for Administration:

4.Instruct SEPS to ensure that RIs are initiated, completed, and adjudicated for the highest priority employees as consistent with the annual guidelines for prioritizing reinvestigations.

National Security Information Clearances

In our examination of the sample of 117 new EOUSA and USAO employees hired in FY 1995, we reviewed the files and automated systems to determine which employees in the sample had been granted access to NSI. We determined that only six employees had received NSI clearances. We found documentation of the NSI clearance approval in the security files for all six. However, we found that one employee was not recorded in SETS as having an NSI clearance. We notified SEPS of this discrepancy, and SEPS corrected the data in SETS.

At the four USAOs we visited, we obtained lists of the position sensitivity level for staff and lists of all staff with NSI access. We also reviewed lists from EOUSA and SEPS of the employees with NSI access at the respective USAOs. The EOUSA Security Programs Staff informed us that it obtains lists of employees with NSI access from SETS. During the inspection, we learned that SEPS also runs its lists from SETS, and we found that the lists from EOUSA and SEPS were, therefore, the same.

We found that two of the USAOs we visited rely on lists provided by EOUSA to monitor which employees have NSI access. The other two USAOs maintain their own lists derived from the notification letters for NSI clearances that are sent to the employees. We compared the latter two USAOs' lists with lists from EOUSA. We noted many discrepancies between the USAOs' lists and EOUSA's lists. For example, we found cases in which the USAO's list included employees whose NSI clearances had been cancelled and cases in which the USAO's list did not include all employees who actually had clearances.

For the approximately 225 employees at the four USAOs reported as having NSI access, we reviewed documentation from either the USAO's personnel staff or the USAO's District Office Security Manager to verify that NSI clearances had been granted by SEPS. We learned that SEPS notifies the EOUSA Security Programs Staff when an NSI clearance is granted by electronic mail and letter, and EOUSA subsequently notifies the USAO and the employee. We found that three of the USAOs could not provide documentation to verify that some employees had been granted clearances for NSI access. The USAOs reported that they did not always receive notification of the NSI clearance, they did not maintain notification letters in a central location, or they misfiled or misplaced the copies of the letters.

We also reviewed the security files at SEPS for the approximately 225 employees at the four USAOs reported as having NSI access. We confirmed NSI clearance approval from SEPS for 212 employees at the four USAOs. However, as the USAOs reported different information than that provided by SEPS and EOUSA, we were unable to determine the total number of USAO employees who have NSI clearances.

We also found two instances in which information in SETS indicated an NSI clearance but there was no documentation in the respective security file. In addition, we found four instances in which SETS did not reflect the current NSI clearance for which there was documentation in the file. We notified SEPS of these discrepancies, and SEPS corrected the problems.

Our inspection revealed that SEPS monitors which employees have NSI clearances through SETS. We found that SETS generally contains accurate data regarding NSI clearances, although we found some errors. Given that SEPS, EOUSA, and the USAOs currently rely on lists generated from SETS to monitor NSI clearances, we believe that it is imperative that SETS contain accurate information. The migration to TRAQ may remedy the discrepancies in data if information from the personnel security files, SETS, and the component is properly maintained.

Finally, we believe it is the responsibility of each USAO to monitor which USAO employees have been granted NSI clearances and maintain supporting documentation. Maintaining accurate records regarding employees with NSI clearances is essential to the handling and safeguarding of classified information.

RECOMMENDATION

The Inspections Division recommends that the Director, Executive Office for United States Attorneys:

5.Ensure that the United States Attorneys maintain accurate records regarding employees who have NSI clearances.

APPENDIX I

SCOPE AND METHODOLOGY

This inspection was initiated as a follow-up review to a 1992 OIG inspection, Control and Monitoring of Background Investigations by the Security and Emergency Planning Staff. The 1992 report contained several recommendations regarding SEPS' oversight of BIs for Department employees. Specifically, the multi-component review found that SEPS' control and monitoring was not adequate; some employees had been in sensitive positions for extensive periods of time without the required adjudicated preappointment investigations; and a large number of DOJ employees had not received required RIs. In addition, the review found that SEPS could not account for a significant number of personnel security files.

Our current inspection assessed procedures used by SEPS to oversee BIs for DOJ employees, including the progress SEPS has made since the 1992 review. We selected EOUSA and reviewed information gathered from EOUSA and the USAOs to test the status of SEPS' oversight of BIs, RIs, and NSI clearances.

We reviewed Executive Orders pertaining to personnel security as well as DOJ and component policy and procedures for obtaining preappointment background investigations, RIs, and National Security Information clearances. We interviewed officials in the Personnel Security Group at SEPS including the Assistant Director, the Supervisory Security Specialist, and several Security Specialists. We also interviewed officials in the Office of Attorney Personnel Management, the EOUSA Security Programs Staff, and the EOUSA Personnel Staff. On-site work included a review of over 300 selected personnel security files at SEPS; a review of SEPS' two automated tracking systems, SETS and TRAQ; and visits to four selected USAOs--the Northern District of Illinois, the Southern District of Florida, the Eastern District of Louisiana, and the Northern District of California.

APPENDIX II

SEPS' MONITORING RESPONSIBILITIES

Preappointment Investigations

Executive Order (E.O.) 10450, Security Requirements for Government Employment, charges the head of each department as responsible for establishing and maintaining an effective program to ensure that the employment and retention of any civilian officer or employee with the department or agency is clearly consistent with the interests of national security. Guidelines in the Federal Personnel Manual, Chapter 732, state that as part of the compliance with E.O. 10450, the head of each department is responsible for designating position sensitivity for the department's positions; initiating required preappointment BIs; and operating a periodic RI program.

The DOJ Order 2600.2B, Security Programs and Responsibilities, states that the DOJ's compliance with E.O. 10450 is accomplished through the DOJ Personnel Security program. Under the Order, the Department Security Officer (DSO) is responsible to the Assistant Attorney General for Administration "for the development, supervision, and administration of DOJ security programs. . . ." The DSO operates the Personnel Security program through the Personnel Security Group of SEPS.

The DOJ Order 2610.2A, Employment Security Regulations, specifies the personnel security program's requirements for designation of DOJ positions in terms of suitability and sensitivity and enumerates the preappointment investigation requirements for DOJ positions. As set forth in the Order, all positions in DOJ are to be designated as Special-Sensitive, Critical-Sensitive, Noncritical-Sensitive, or Non-Sensitive. Position sensitivity reflects the level of information to which the employee may be permitted access. Special-Sensitive positions may necessitate access to Top Secret NSI and require a preappointment Special Background Investigation (SBI). Critical-Sensitive positions may necessitate access to Secret or Confidential NSI and require a full-field preappointment BI. Noncritical-Sensitive positions may necessitate access to some sensitive materials but do not involve access to NSI; these positions require, at the minimum, a preappointment Limited Background Investigation (LBI). Non-Sensitive positions do not involve access to any sensitive materials and require, at the minimum, a National Agency Check and Inquiries (NACI) investigation. [ As defined in DOJ Order 2610.2A, the SBI, full-field BI, LBI, and NACI investigations differ in the content and extent of the investigation. ] Even if access for NSI is not needed at the time an employee enters on duty, employees in Special-Sensitive, Critical-Sensitive, and Noncritical-Sensitive positions always receive the BI corresponding to position sensitivity. [ EOUSA's District Office Security Handbook states that positions within USAOs are normally designated as Special-Sensitive.]

The DSO is responsible for ensuring that each DOJ employee receives the appropriate preappointment investigation for the applicable position sensitivity and that the investigation has been adjudicated. DOJ Order 2610.2A requires that no employee be permitted to enter on duty or be given a tentative entry on duty date until after the completion and favorable evaluation of the requisite investigation by the appropriate personnel processing official and the DSO. The Order states that "Special-Sensitive, Critical-Sensitive and Noncritical Sensitive positions will be filled only by persons concerning whom the prerequisite preappointment investigation has been conducted which will permit a determination as to whether or not the employment or retention in employment of the individual is clearly consistent with the interests of national security and the efficiency of service." In addition, "All Non-Sensitive positions will be filled only by persons concerning whom a NACI has been conducted and favorably adjudicated." The DSO is the final authority for granting employment security approvals and E.O. 10450 Clearances to all DOJ employees. SEPS is responsible for adjudicating the preappointment BIs for the Department's Offices, Boards, and Divisions, including EOUSA and USAO employees. Adjudication involves the review and approval of the BI, including the resolution of any questionable or derogatory information.

The DOJ Order 2610.2A allows for exception to the preappointment investigation requirement. The DSO can grant a waiver to allow an employee to enter on duty prior to the completion of the preappointment investigation. A waiver can be granted only after a favorable review of the results of Federal Bureau of Investigation (FBI) name and fingerprint checks, the results of preappointment vouchering of former employers and reference checks, and a statement that the preappointment BI has been initiated. Under the DSO, SEPS grants waivers for EOUSA and USAO support staff. The Office of Attorney Personnel Management (OAPM) [ OAPM, under the Justice Management Division, is responsible for the personnel actions for all non-Presidentially appointed DOJ attorneys. OAPM coordinates and approves attorney hirings and makes the determination for employment suitability for new attorneys.] grants waivers for all Assistant United States Attorneys (AUSA). Under DOJ Order 2610.2A, EOUSA is responsible for ensuring that all EOUSA and USAO employees have received waivers prior to entering on duty.

The Order states that investigations of candidates for attorney positions will be conducted by the FBI. Investigations for support staff positions at EOUSA and the USAOs are conducted by the Office of Personnel Management (OPM).

Reinvestigations

The E.O. 10450 requires that each department maintain a periodic RI program. Further, Executive Order 12968, Access to Classified Information, stipulates that "Employees who are eligible for access to classified information shall be the subject of periodic reinvestigations. . . ." E.O. 12968 states that RIs shall be conducted with the same priority as initial investigations. DOJ Order 2610.2A states that the incumbent of every position within the DOJ shall be required to undergo a RI five years after his or her appointment and at least once each succeeding five years. The Order specifies the type of RI required based on position sensitivity. As part of the responsibilities delegated in DOJ Order 2600.2B, the DSO is responsible for operating the DOJ's RI program.

Under the DSO, SEPS oversees the RI program for EOUSA and the USAOs. Each fiscal year, SEPS provides EOUSA with a list of employees due for reinvestigation. With the list, the DSO issues a memorandum on the RI program that includes an explanation of how the components should prioritize which employees receive RIs. According to the DSO's memorandum, the first priority for RIs are employees whose BIs are five years or older who have demonstrated serious performance problems or whose conduct has resulted in an arrest. The second priority for RIs are employees who have access to NSI information whose BIs are five years or older.

Each fiscal year, DOJ components are appropriated specific funds for RIs. For example, in FY 1995 EOUSA was allocated $1,998,700 for RIs in EOUSA and the USAOs. However, SEPS officials stated that the components are not allocated enough funds to initiate all the RIs that are technically due. Thus, each year DOJ components are responsible for prioritizing which employees receive RIs based on the guidance in the DSO's memorandum.

National Security Information Clearances

The E.O. 12968 states that "Eligibility determinations for access to classified information shall be based on information concerning the applicant or employee that is acquired through the investigation conducted pursuant to this order or otherwise available to security officials. . . . " E.O. 12968 also states that "access to classified information shall be granted only to employees. . . for whom an appropriate investigation has been completed." DOJ Order 2610.2A delegates responsibility to the DSO or his designee to "make trustworthiness determinations for eligibility for access to classified information" in cases where positions are sensitive and require access to NSI. The DSO is responsible for monitoring which employees are granted access to NSI.

Requests for Top Secret, Secret, or Confidential NSI clearances are made by the employee's agency to the DSO on an as needed basis. Under the DSO, SEPS reviews the initial suitability BI and any supplemental information on the employee regarding personnel security when making the determination to grant an NSI clearance. SEPS also ensures that an employee has a current adjudicated BI prior to receiving an NSI clearance.

APPENDIX V

OFFICE OF THE INSPECTOR GENERAL'S ANALYSIS
OF MANAGEMENTS' RESPONSES

On March 5, 1997, the Inspections Division sent copies of the draft report to the Executive Office for United States Attorneys and the Justice Management Division. Our analyses of the responses from the components follow.

1. Recommendation 1 - Resolved-Open. We agree with the corrective action. Please inform us when JMD completes the audit of the files.

2. Recommendation 2 - Resolved-Open. We agree with the proposed corrective action. Please provide us with documentation indicating that EOUSA has instructed the United States Attorneys to inform employees selected for reinvestigation of the importance of the reinvestigation program and ensure that those employees complete their RI paperwork as required.

3. Recommendation 3 - Resolved-Open. We agree with the proposed corrective action. Please provide us with documentation indicating that EOUSA has directed the reallocation of reinvestigation resources to ensure that the highest priority employees receive reinvestigations.

4. Recommendation 4 - Resolved-Open. We agree with the proposed corrective action. Please provide us with documentation that JMD has notified the components regarding the reinvestigations program.

5. Recommendation 5 - Resolved-Open. We agree with the proposed corrective action. Please provide us with documentation indicating that EOUSA has implemented programs to ensure that the United States Attorneys maintain accurate records regarding employees who have NSI clearances.

#####