Security clearance process still a paperwork exercise

The process to issue federal security clearances has been partially automated, but it still remains "one large paper shuffle," requiring as much as a year and a half to obtain a clearance, according to a top information technology official.

The paper shuffle begins with the Joint Personnel Adjudication System operated by the Defense Security Service, which cannot bundle in digital format the SF-86 security clearance form and required fingerprints and signatures, said Ben Romero, chairman of the Intelligence Committee of the Information Technology Association of America. Romero testified Feb. 13 before the House Readiness Subcommittee of the Armed Services Committee.

Security clearance applicants must submit fingerprint ink cards, despite the fact that Defense Department has moved to capturing recruits' fingerprints digitally, a process some other federal agencies and most local law enforcement agencies already follow, Romero said.

The clearance process hits another technological speed bump at the Office of Personnel and Management, which took over clearance investigations for DSS in 2005. OPM manages clearance investigations with its Personnel Investigations Processing System, which Romero described as an antiquated mainframe computer system that is incapable of saving electronic attachments.

PIPS "forces continuation of labor-intensive paper handling that significantly delays the processing of clearances," Romero said. For example, PIPS performs case assignment, but once a case is assigned, it is printed out and mailed to investigators for processing. For paperwork management, OPM uses bar codes, which are manually keyed, printed and affixed to documents in the hard copy files, he added.

Several agencies, including the General Services Administration, compound the security clearance paperwork burden by ignoring OPM's mandate to electronically submit requests for clearances using the Electronic Questionnaires for Processing (e-QIP) system, Romero said. Instead the agencies require applicants to complete paper applications and include extraneous information, such as résumés, as part of the application. Romero estimated that 25 percent to 40 percent of all security clearance applications that OPM accepts are hard copy.

As a result, Romero told the subcommittee, that the average processing time for Secret clearances averaged 200 days in 2007, and the average time for processing Top Secret clearances was 300 days last year.

In a report sent to Congress on Feb. 15, OMB said 83 percent of federal agencies were using e-QIP in the first quarter of 2008, with Defense using it for submission of 77 percent of its clearance investigations and non-Defense agencies using it 95 percent of the time.

OPM said in the report that it had cut the end-to-end time for initial clearance investigations in the first quarter of 2008 to 188 days and the time for Top Secret re-investigations to 217 days.

The Government Accountability Office has classified the security clearance process as a high-risk program. Jack Edwards, GAO's acting director of Defense capabilities and management, told the subcommittee that "continuing delays in determining clearance eligibility can result in increased costs and risk to national security." Edwards said delays in renewing clearances for personnel performing classified work can lead to a heightened risk of unauthorized disclosure of classified information.

OPM has a difficult time managing clearances because Defense underestimates the number of clearance investigations it requires annually. The Office of Management and Budget requires this estimate to be within 5 percent of its estimate of the actual number of investigations conducted, but Edwards said that in the first half of 2006 Defense had exceeded its estimate by 59 percent.

Kathy Dillaman, associate director of OPM's Federal Investigative Services division, told the panel that by relying on a suite of automated information tools, OPM could process clearances in an end-to-end paperless system this year.

Romero told the subcommittee that OPM relies on document and fingerprint images, which he does not consider automation, but rather "nothing more than taking a picture of a document and is ineffective at capturing the data in the document for use in an information technology system."

Romero said the only way to break the security clearance logjam was to develop an Internet-based system that collects all information electronically and serves as the basis for an end-to-end digital process "that creates a record that can be amended by investigators, adjudicators and security officers for the life of that clearance."

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.


When you download a report, your information may be shared with the underwriters of that document.