Security clearance process still a paperwork exercise

The process to issue federal security clearances has been partially automated, but it still remains "one large paper shuffle," requiring as much as a year and a half to obtain a clearance, according to a top information technology official.

The paper shuffle begins with the Joint Personnel Adjudication System operated by the Defense Security Service, which cannot bundle in digital format the SF-86 security clearance form and required fingerprints and signatures, said Ben Romero, chairman of the Intelligence Committee of the Information Technology Association of America. Romero testified Feb. 13 before the House Readiness Subcommittee of the Armed Services Committee.

Security clearance applicants must submit fingerprint ink cards, despite the fact that Defense Department has moved to capturing recruits' fingerprints digitally, a process some other federal agencies and most local law enforcement agencies already follow, Romero said.

The clearance process hits another technological speed bump at the Office of Personnel and Management, which took over clearance investigations for DSS in 2005. OPM manages clearance investigations with its Personnel Investigations Processing System, which Romero described as an antiquated mainframe computer system that is incapable of saving electronic attachments.

PIPS "forces continuation of labor-intensive paper handling that significantly delays the processing of clearances," Romero said. For example, PIPS performs case assignment, but once a case is assigned, it is printed out and mailed to investigators for processing. For paperwork management, OPM uses bar codes, which are manually keyed, printed and affixed to documents in the hard copy files, he added.

Several agencies, including the General Services Administration, compound the security clearance paperwork burden by ignoring OPM's mandate to electronically submit requests for clearances using the Electronic Questionnaires for Processing (e-QIP) system, Romero said. Instead the agencies require applicants to complete paper applications and include extraneous information, such as résumés, as part of the application. Romero estimated that 25 percent to 40 percent of all security clearance applications that OPM accepts are hard copy.

As a result, Romero told the subcommittee, that the average processing time for Secret clearances averaged 200 days in 2007, and the average time for processing Top Secret clearances was 300 days last year.

In a report sent to Congress on Feb. 15, OMB said 83 percent of federal agencies were using e-QIP in the first quarter of 2008, with Defense using it for submission of 77 percent of its clearance investigations and non-Defense agencies using it 95 percent of the time.

OPM said in the report that it had cut the end-to-end time for initial clearance investigations in the first quarter of 2008 to 188 days and the time for Top Secret re-investigations to 217 days.

The Government Accountability Office has classified the security clearance process as a high-risk program. Jack Edwards, GAO's acting director of Defense capabilities and management, told the subcommittee that "continuing delays in determining clearance eligibility can result in increased costs and risk to national security." Edwards said delays in renewing clearances for personnel performing classified work can lead to a heightened risk of unauthorized disclosure of classified information.

OPM has a difficult time managing clearances because Defense underestimates the number of clearance investigations it requires annually. The Office of Management and Budget requires this estimate to be within 5 percent of its estimate of the actual number of investigations conducted, but Edwards said that in the first half of 2006 Defense had exceeded its estimate by 59 percent.

Kathy Dillaman, associate director of OPM's Federal Investigative Services division, told the panel that by relying on a suite of automated information tools, OPM could process clearances in an end-to-end paperless system this year.

Romero told the subcommittee that OPM relies on document and fingerprint images, which he does not consider automation, but rather "nothing more than taking a picture of a document and is ineffective at capturing the data in the document for use in an information technology system."

Romero said the only way to break the security clearance logjam was to develop an Internet-based system that collects all information electronically and serves as the basis for an end-to-end digital process "that creates a record that can be amended by investigators, adjudicators and security officers for the life of that clearance."

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Sponsored by One Identity

    One Nation Under Guard: Securing User Identities Across State and Local Government

    In 2016, the government can expect even more sophisticated threats on the horizon, making it all the more imperative that agencies enforce proper identity and access management (IAM) practices. In order to better measure the current state of IAM at the state and local level, Government Business Council (GBC) conducted an in-depth research study of state and local employees.

  • Sponsored by Aquilent

    The Next Federal Evolution of Cloud

    This GBC report explains the evolution of cloud computing in federal government, and provides an outlook for the future of the cloud in government IT.

  • Sponsored by LTC Partners, administrators of the Federal Long Term Care Insurance Program

    Approaching the Brink of Federal Retirement

    Approximately 10,000 baby boomers are reaching retirement age per day, and a growing number of federal employees are preparing themselves for the next chapter of their lives. Learn how to tackle the challenges that today's workforce faces in laying the groundwork for a smooth and secure retirement.

  • Sponsored by Hewlett Packard Enterprise

    Cyber Defense 101: Arming the Next Generation of Government Employees

    Read this issue brief to learn about the sector's most potent challenges in the new cyber landscape and how government organizations are building a robust, threat-aware infrastructure

  • Sponsored by Aquilent

    GBC Issue Brief: Cultivating Digital Services in the Federal Landscape

    Read this GBC issue brief to learn more about the current state of digital services in the government, and how key players are pushing enhancements towards a user-centric approach.


When you download a report, your information may be shared with the underwriters of that document.