recommended reading

Bill would require agencies to recognize security clearances governmentwide

A bipartisan bill introduced on Thursday directs agencies to ensure that approved security clearances for federal employees and contractors apply governmentwide.

The legislation, sponsored by Sens. Daniel Akaka, D-Hawaii, and George Voinovich, R-Ohio, amends the portion of the 2004 Intelligence Reform and Terrorism Prevention Act that deals with the security clearance process. It mandates the creation of a performance accountability council to oversee the reduction of the government's security clearance backlog and extends reporting requirements.

A provision in the bill would direct agencies to adhere to "reciprocal recognition of clearances that allow access to classified information granted by all other agencies and departments." Many federal agencies traditionally have used their own security clearance standards and do not necessarily accept background checks other executive branch agencies perform. The intelligence reform law also includes a provision related to reciprocal recognition of security clearances among agencies.

The Akaka-Voinovich bill is similar to a June 2008 executive order from President George W. Bush that aimed to streamline the background checks on federal employees and contractors needing special security clearance to access classified information. The order also included a requirement that clearances apply governmentwide and established a performance accountability council.

A Senate Democratic committee aide said that the Akaka-Voinovich bill is aimed at codifying some of the executive order's provisions, including the establishment of the council. As for reciprocal recognition of security clearances among agencies, the legislation "reemphasizes" that requirement. "We were getting the sense that not everyone was following the intent, as we saw it, of what reciprocal recognition was," the staffer said.

The Defense Department issues the majority of security clearances for employees and contractors to access sensitive information, and the process long has been inefficient and riddled with error. The Government Accountability Office in 2005 placed the security clearance backlog on its list of federal programs most vulnerable to waste, fraud and abuse and it has remained there since then. In its most recent report on high-risk programs and agencies, released in January, GAO praised the government for making "significant progress" on reducing the backlog, but also noted that timeliness alone "does not provide a complete picture of the clearance process." GAO criticized the executive branch's annual reports to Congress on the clearance process for lacking sufficient data on quality.

The 2004 intelligence reform law required agencies by Dec. 17, 2009, to complete 90 percent of security clearances within 60 days. In September, Office of Personnel Management Director John Berry told Congress that the government is on track to reduce the average length of time required to process security clearance applications by the end of 2009. He also vowed that by the end of 2010 the issue would be removed from GAO's high-risk list.

The Akaka-Voinovich bill also calls on the Office of Management Budget director to submit an information technology strategy to Congress within 120 days of the legislation's enactment for expediting the security clearance process. In addition, agencies would have to continue reporting to Congress on their progress in improving the security clearance process until two years after GAO removes the program from the high-risk list, or 2017, whichever arrives first. Currently, the reporting requirement runs through 2011.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download

When you download a report, your information may be shared with the underwriters of that document.