Top-secret security reviews don't pass muster, report says

In reviewing requests for top-secret security clearances, the Defense Department has failed to consistently document important information on applicants, including data on their personal finances, according to a new report from the General Accounting Office. Personnel security specialists at the Defense Department did not document important risk factors, including unexplained wealth, personal conduct and foreign influence in one-third of the employee security clearance requests they reviewed during fiscal 2000. "As a result, DoD has been unable to demonstrate that it fully considered all significant adverse conditions that might call into question an individual's ability to adequately safeguard classified information in granting eligibility for top secret clearances," said the report, "DoD Personnel: More Consistency Needed in Determining Eligibility for Top Secret Security Clearances" (GAO-01-465). GAO also found that in one-sixth of the cases studied, Defense reviewers granted clearance to applicants in the absence of personal information that may have indicated a risk to national security. After a Defense employee or contractor submits a security clearance request, the government or a federal contractor conducts a security investigation and sends the results to an adjudication facility, where a personnel security specialist reviews the findings. With security clearances, employees can gain access to highly classified information ranging from data on nuclear weapons systems to the identity of intelligence agents. Defense officials have not provided security specialists with clear guidance or required proper training in reviewing top-secret clearance requests, said GAO. The department also needs to implement uniform quality assurance controls to identify problem areas that require additional guidance or training, according to the report. GAO estimated that in 12 percent of the cases it studied, issues related to an applicant's personal finances, including large credit card debts, bankruptcies and unexplained wealth posed a risk to national security, but went undocumented by Defense security specialists. Information such as prior arrests and frequent travel to foreign countries was also not noted. Defense officials concurred with GAO's findings, and said the department plans to look at revised guidelines on the security clearance review process by September 2001. Defense expects the revised guidance to help reviewers document important background information more consistently. Defense also plans to implement a peer review process for security specialists and create a team that will conduct three reviews per year of adjudication facilities. In 1997, President Clinton approved federal guidelines establishing a common set of standards for investigating and reviewing requests for security clearances. The guidelines were issued in response to Executive Order 12968, which said security policies must ensure consistent, cost-effective and efficient protection of classified information. According to GAO, 80 federal employees and contractors were convicted of espionage between 1982 and 1999, 68 of them Defense employees. A 1999 GAO study (GAO/NSIAD-00-12) also identified weaknesses in Defense security clearance investigations.
Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
FROM OUR SPONSORS
JOIN THE DISCUSSION
Close [ x ] More from GovExec
 
 

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

    Download
  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download

When you download a report, your information may be shared with the underwriters of that document.