The shift is part of an effort to identify potential security risks as they occur.
In a significant change to personnel security policy, agencies are being encouraged to enroll all applicants for security clearances into continuous vetting and eliminate periodic reinvestigations. The move is an effort to create a clearance system that’s agile and better able to identify risks as they occur, not at 5-year or 10-year intervals.
In the spring of 2018, the Office of the Director of National Intelligence announced Trusted Workforce 2.0—a comprehensive, interagency effort to redefine a “trusted worker” in the face of 21st century threats. Executive correspondence issued last month now lays out the framework for ending periodic reinvestigations in favor of continuous vetting of all cleared personnel.
“The goal is pretty simple,” said Brian Dunbar, assistant director, National Counterintelligence and Security Center, in an interview with ClearanceJobs: “To better support the mission with better vetting, faster investigation timelines and enhanced mobility.”
To that end, Trusted Workforce 2.0 has already accomplished the first, critical aspect of its mission, eliminating the security clearance backlog, which was at a high of 725,000 cases when Trusted Workforce 2.0 rolled out. With the backlog busted, focus has shifted to continuous vetting and updates to the federal investigative standards and adjudicative criteria.
“To me, the most important element of Trusted Workforce 2.0 is this: transitioning away from a traditional periodic reinvestigation to what we call continuous vetting, those individuals currently enrolled in continuous evaluation,” said Mark Frownfelter deputy assistant director at the National Counterintelligence and Security Center, Special Security Directorate.
The executive correspondence, “Transforming Federal Personnel Vetting: Measures to Expedite Reform and Further Reduce the Federal Government’s Background Investigation Inventory,” was signed by the Director of National Intelligence and the Director of the Office of Personnel Management on February 3. Departments and agencies have received additional guidance about the implementation of the EC, a policy shift one administration official described as one of the most significant changes to security clearance policy of the past two decades.
The EC lays out the minimum standards criteria for continuous vetting, and allows agencies in compliance with those criteria to move forward in eliminating periodic reinvestigations in favor of the continuous vetting model, a process that allows for a more efficient security clearance vetting process, but more significantly, a more secure one.
“It’s good from both a security and safety standpoint; we can intervene earlier,” noted Dunbar. “We can facilitate timely employee return from a personal crisis, for issues that under previous models wouldn’t be discovered until a [periodic reinvestigation].” Dunbar noted the system also helps the Defense Counterintelligence and Security Agency maintain its steady state inventory, reducing influxes of the reinvestigations.
‘Crawl, Walk, Run’
Dunbar noted the security clearance process is focused on a crawl, walk, run approach to implementing Workforce 2.0. Previously issued EC helped codify efficiencies to eliminate the backlog. February’s EC codifies the full implementation of continuous vetting. The run portion of Trusted Workforce 2.0 will come into fruition later this year, with the issuance of new federal investigative standards and adjudicative guidelines.
The elimination of periodic reinvestigations transitions security clearance eligibility from a date driven system, where the focus was on periodic reinvestigation or initial investigation dates, to a risk-based system. The focus will be less on whether or not applicants are “in scope” and instead, on when they were last enrolled, and what, if any issues, were present at that time.
“[Periodic reinvestigation] dates will become a thing of the past,” said Dunbar. “We’re moving to a mobility, transfer of trust scenario.” That system depends heavily on education and training, and represents a huge cultural change, noted Dunbar.
The good news, Office of the Director of National Intelligence officials note, is this policy takes a pull versus push approach—ODNI has worked across departments and agencies to establish needs and priorities. They’ve pulled in that feedback, and the result is an approach agencies are asking for and prepared to implement.
“What we’re anticipating, and what we’ve heard, particularly within the IC, is they believe they possess these capabilities,” said Dunbar. Once they’ve verified they meet the criteria with ODNI, they’re able to eliminate periodic reinvestigations and enroll candidates into continuous vetting. For that reason, Trusted Workforce 1.5—what the current EC is being dubbed—should result in rapid enrollment of new candidates into continuous vetting, just as Trusted Workforce 1.0 saw the rapid decline (and eventual elimination) of the clearance backlog.
The automated records checks, laid out in policy through Security Executive Agent Directive 6, are the lynchpin of current transformation activities, noted Dunbar. ODNI has been responsible for designing and building a national continuous evaluation system—a major technology undertaking, rolling in data across seven categories, and for 29 separate departments. ODNI is working in partnership with the Defense Department’s continuous evaluation program, and considers itself a service provider into the Defense continuous evaluation system.
SEAD 6 went into effect January 2018. In the two years since, ODNI has gathered information to help it improve the continuous vetting of personnel—lessons it’s incorporating into the recently released executive correspondence, which notes “revisions to investigative flags for financial delinquencies and traffic fine violations in certain cases.” Dunbar said this is a direct example of seeing what has been flagged in continuous vetting thus far, and that a $50 traffic violation may not be the best metric for trustworthiness.
“This is data driven policy development,” noted one senior official. “It’s a really exciting place to be in personnel security reform.”