Personnel Security Briefing NAWCAD Industry Day Larry Paxton

Transcription

1 Personnel Security Briefing NAWCAD Industry Day Larry Paxton Personnel Security Management Office for Industry (PSMO-I) October 25,

2 Functions of the PSMO-I PSMO-I Mission Oversee personnel security within the National Industrial Security Program and expand Continuous Evaluation across the Department of Defense Interim eligibility determinations for access to classified information Analyze adverse information to drive down risk and assess trends Manage, integrate and communicate to provide real-time PCL guidance to government and Industry Execute Personnel Security Investigation for Industry funding Representation on Federal and Defense enterprise committees and working groups PSI Budget Execution Validate Need Submit for Investigation Investigate Adjudicate Maintain Risk Oversight Continuous Evaluation Incident Reports Periodic Reinvestigations Interim Suspensions Field Integration Determine Trust Interim Determinations Eligibility / Access Non-disclosure Agreements Training & Outreach Stakeholder Engagement Customer Engagement Consolidated Knowledge (Call) Center Standardize decisions and practices 2

3 Personnel Security Management Office for Industry and DoD-CE Cleared Population PCL Metrics Adverse Information Customer Service New Mission! 814k Cleared Contractors (Eligible) 740k Cleared Contractors (In Access) 220K e-qips Submitted 80K Interim Clearance Determinations 30k Overdue PRs 10k Incident Reports 40k RRU Requests 100k Knowledge Center Calls 1,112,000 CE Population 80k CE Alerts 16k Valid Alerts Note: All values represent averages per year 3

4 eqip Inventory PSI-I History and Events 45,000 Actual Inventory 40,000 Metering Due to PSI-I Shortfall 39,259 35,000 33,000 30,000 29,904 25,000 20,000 15,000 Continuing Resolution FY16 11,402 10,000 5,000 Continuing Resolution #1 Continuing Resolution #2 10, ,364 1,024 4

5 High Level PCL Process Overview Step 1 Step 2 Step 3 Step 4 FSO identifies need and initiates e-qip and instructs applicant to complete Once applicant completes e-qip, FSO reviews for completeness and releases to PSMO and submits efp PSMO-I reviews e-qip for issues and completeness Complete no issues? Revise and send back to FSO for corrections No Release to OPM Step 9 Step 8 Step 7 Issues? No DoDCAF Adjudicator reviews investigation results and vets the application against adjudicative guidelines OPM completes investigation Step 6 Step 5 PSMO-I receives AdvNAC and processed for Interim Secret/TS OPM schedules investigation Yes Grant final eligibility DoDCAF sends SOR to DOHA legal review Step 10 Step 11 Step 12 DOHA agrees with SOR, sends to FSO/Subject OR Subject responds to SOR and returns response to DOHA Administrative Determination or Official Hearing for final determination OR DOHA disagrees with SOR and recommends final eligibility If Subject fails to respond to SOR, DoDCAF will post Denial/Revocation Eligible for reapplication after 1 year 5

6 Implementation of Federal Investigative Standards Tiered Investigations Tiered Investigation Standards Why We Investigate Public Trust National Security Reason Suitability Access to Classified Information Position Low-Risk Moderate Risk High Risk Confidential Secret Top Secret SCI Position Sensitivity Non-Sensitive Non-Critical Sensitive Critical Sensitive Critical Sensitive Tiered Investigation Associated Tier 1 Tier 2 Tier 4 Tier 3 Tier 3 Tier 5 Tier 5 Current Type Investigation NACI MBI BI NACLC/ANACI SSBI Standard Form Used SF-85 SF-85P SF-86 Who Submits Three basic reasons for conducting background investigations National Security access to classified Suitability / Fitness for government employment Personal Identity Verification in support of credentialing Homeland Security Presidential Directive 12 (HSPD-12) Physical access to facilities and or logical access to systems Government Agencies (not NISP contractors) FSOs NISP 6

7 DoD Manual Apr 3, 2017 Procedures for the DoD Personnel Security Program Section 5: Investigative Requests Paragraph 5.3 Limitations and Restrictions for Submitting Investigations Sub-paragraph b(2). Limits on Investigations, page 26 DSS will not process a PSI request for an employee of, or a consultant to, a contractor when there is not a legitimate requirement for access to classified information in supporting a U.S. Government or foreign government requirement in accordance with DoD R and Volume 3 of DoDM CDSE website - Resources -Toolkits - Personnel Security - Personnel Security Policy Executive Services Directorate website - Issuance Types 7

8 Industry Personnel Clearance Process DSS NBIB DoDCAF Industry Personnel Clearance Timeliness T T3R T T5R Initiate (DSS) Advanced Products (NBIB) Interim Determination (DSS) Investigate (NBIB) Adjudicate (DoDCAF) (Source: National Security Oversight Reports August 2017) 8

9 T5R Submission Periodicity January 7, Notice of six year submission window for contractor periodic reinvestigations begin Tier 5 Periodic Reinvestigations (PRs) for industry personnel six years after the date of the previous investigation rather than at the five-year mark February 10, Change(s) to the January 6, 2017 guidance posted on concerning Tier 5 Periodic Reinvestigations (T5 PR) caveat programs for Special Access Programs (SAP) where the SAP policy, as of February 10, 2017, explicitly states a T5 PR is due every 5 years. (this will be considered a caveat program) Note: SCI is NOT considered an exception and should not be submitted to PSMO-I. Please no longer submit RRUs for caveat T5 PRs. DSS will be processing the T5 PR inventory by oldest to newest prior to investigation package expiration. Also, the expiration date for e-qips in JPAS was increased from 90 days to 120 days. Therefore, e-qips will not expire until they reach negative 30 day (-30). For new T5 PR Caveat requests, please include the following in the Special Handling Instructions : 1. Statement indicating the e-qip is in support of a caveat program (as identified in this new criteria) 2. GCA contact information April 7, PSMO-I is currently managing the investigation request inventory in order to stay within our budget authority, with priority being given to requests for initial clearances. This may result in Tier 5 Reinvestigations either terminating from the system or being rejected if a Special Access Program (SAP) Caveat is not identified as described in the February 10, 2017 guidance available on the DSS website. August 22, REMINDER: The Personnel Security Management Office for Industry (PSMO-I) is prioritizing the submission of initial T5 (Top Secret) and T3 (Secret) investigative requests to the National Background Investigations Bureau. PSMO-I is continuing to monitor industry periodic reinvestigations to ensure none expire from the system. Industry should continue to submit T3R investigation requests to PSMO-I, in addition to caveat program T5Rs per the April 7, 2017 guidance. DSS is asking that industry no longer submit Tier 5 PRs not meeting caveat, unless directed by DSS. 9

10 e-qip Rejections In light of current processing timelines, please keep in mind what you can do to reduce delays: o Ensure e-qip is actually required o Encourage the applicant to review information in the e- QIP for completeness and accuracy prior to submitting o FSO, conduct thorough review of e-qip for completeness prior to submission to PSMO-I o Use Click to Sign for all forms associated with the e-qip o Submit fingerprints electronically, when the request is released to PSMO-I HSPD-12 requests 14% Subject Information Discrepant 7% Common PSMO-I e-qip Reject Reasons Financial information 11% Employment verification 15% Spouse SSN 15% Cohab SSN 20% Common NBIB Investigation Request Reject Reasons Misc 7% Signature pages not received, contains errors, or wrong subject 25% Mailing Address Incomplete 10% Fingerprints Not Submitted / Expired 76% 10

11 Interim Determinations It is our mission to make interim determinations and ensure timely support to Industry personnel; getting trusted, cleared people to work as quickly as possible, and in the interest of national security. For an Interim to be granted, DoD policy now requires: A scheduled investigation with NBIB Favorable review of the SF-86 Fingerprint check Proof of U.S. citizenship Local Records Checks Common Interim Declinations Reasons: Financial Considerations Foreign Preference passport / ID card Foreign Influence family Drug Involvement Alcohol Consumption 11

12 Incident Reports Out of more than 800,000 cleared contractors eligible for access to classified information, DSS receives fewer than 1,000 reports per month. That is less than one percent. For comparison, in the U.S. in 2016 there were 715 per 100,000 (7%) per capita arrests. AND, the NISP has more stringent reporting criteria including, financial debt, drug use, foreign influence and foreign preference, use of information technology, handling of protected information, etc. Complete Detailed Incident Report Provide as much information as possible when completing the incident report. Pro tip: refer to the questions on the SF-86 Remember: Failure to report adverse information could impact multiple locations since cleared employees frequently move between contracts/employers Low Incident Report Will be closed out in JPAS and CATS by PSMO-I. Medium Incident Report Will remain open in JPAS and CATS for adjudicative action by the DoD CAF. High Incident Report Will remain open in JPAS and CATS for immediate action by PSMO-I and the DoD CAF. Continue Business As Usual The PSMO Incident Report team triages all incoming incident reports on a daily basis. All Medium and High Tier incidents are automatically sent to the CAF for further action and are closed as soon as possible. 12

13 Adverse Information Critical to our National Security What is Adverse Information? Early intervention is the key to quick mitigation and resolution Failure to report adverse information may result in an acute or critical vulnerability if discovered during an assessment Why Submit? Who is at Risk? Any information that reflects on the integrity or character of a cleared employee Suggests their ability to safeguard classified information may be impaired or their access to classified information may not be in the interest of national security Cleared Employees Includes any individual with eligibility for access to classified information or in process for a security clearance When to Report? Immediately! Complete Detailed Adverse Information Report Who was involved? When did the incident happen? What was the incident? Where did the incident occur? Remember: Failure to report adverse information could impact multiple locations since cleared employees frequently move between contractors Conduct sufficient factfinding to ensure reports are not made based solely upon rumor or innuendo Provide as much information as possible when completing the report - refer to the questions on the SF86 Where to Submit? R E F E R E N C E S System of Record (Recommended) JPAS Critical to Our National Security Protect our national security Protect our warfighters Protect our nation s economic stability Protect industries competitive advantage in the marketplace Establish confidence in the cleared population Alternative Methods: Fax: (571) or PSMO-I.fax@dss.mil DoD Hotline ( or hotline@dodig.mil) DSS Website: Regulations (NISPOM 1-302, ISL , and ISL ): FSO Toolkit: Webinars (e.g. Adverse Information, Cyber, SCR): SF-86: 13

14 High Level RRU Process Overview PSMO-I reviews RRU to determine requested action. If the RRU can be processed/answered by PSMO-I, then appropriate action is taken by PSMO-I. If the RRU requires CAF action, it is sent to the DoD CAF via a CATS RRU. Reciprocity: The majority of Reciprocity requests are sent via Research RRU. The RRU is answered with a preformatted message indicating that the request has been forwarded for verification. If the Reciprocity is for the State Department, an is sent to the State Department POC. For all other Reciprocity requests: A Reciprocity case type is created in CATS. If appropriate, CVS is checked for possible Reciprocity. If there is an eligibility that can be used for Reciprocity, a CVS Notification form is uploaded to CATS and auto assigned to the DoD CAF for processing. If the CVS notification is negative and there is no indication of SCI eligibility or access, an agency specific fax will be sent for reciprocity information. If the CVS check is negative, and the RRU or JPAS reflect SCI eligibility or access, a Scattered Castles request is sent to the DoD CAF. The DoD CAF will conduct the SC check and if verified, will post the appropriate eligibility information in JPAS. If the SC check is negative, an agency specific fax will be sent for reciprocity information. Since Jan 19, 2017 PSMO-I has received a daily average of 70 Research, 35 Upgrade, and 38 Recertify RRU requests. There were a total of 510 Research RRU on Jan 19, 2017, with a high of 2,022 on March 2, Current inventory of Research RRU s as of 16 Oct 2017 is

15 When to Submit an RRU Change in Marital Status/Cohabitation ( Scheduled investigation only) Change in Marital Status/Cohabitation with Foreign National DSS requests a PR to be submitted but a PR is not required SCI No Longer Required SCI Request SSN Change LOJ with Previous Valid Eligibility No Determination Made with Previous Valid Eligibility Reciprocity Change of Employment Request Adjudication on Closed Investigation (provided the closed investigation is over 30 days) Cancel Scheduled Investigation (Subject No Longer Requires Access) PII Change (No Longer has DOD/Military associations) Request Adjudication on Closed Investigation (needs to move to a another DoD component for adj) Reopen "Discontinued" Investigation Upgrade/Downgrade Investigation Status of investigation/adjudication (outside standard timeframes) Cancel Scheduled Investigation (Employment Termination) Erroneous DOD/Military category Submit RRU Call KC Other Recertify Recertify Recertify Recertify Recertify Recertify Upgrade Upgrade Research Separate in JPAS Call DMDC 15

16 Continuous Evaluation What Per E.O , as amended, Continuous evaluation (CE) means a vetting process to review the background of an individual who has been determined to be eligible for access to classified information or to hold a sensitive position at any time during the period of eligibility. CE leverages a set of automated record checks and business rules to assist in the on-going assessment of an individual s continued eligibility. CE is intended to complement continuous vetting efforts. Who/ When Individuals with: DoD affiliation Eligible for Access Signed SF-86 dated 2010 or later Why Recommendations from the reviews of the Washington Navy Yard shooting: Implement Continuous Evaluation Establish a DoD Insider Threat Management & Analysis Center (DITMAC) Centralize Authority, Accountability & Programmatic Integration Under a Single Principal Staff Assistant Resource & Expedite Deployment of the Identify Management Enterprise Services Architecture (IMESA) How Automated Records Checks to address the following standards: Terrorism Foreign Travel Suspicious Financial Activity Criminal Activity Credit Public Records Eligibility 16

17 Stay in Touch with PSMO DSS Knowledge Center (888) , Option #2 Submit an RRU Via JPAS Fax requested documents only (571) or Policy PSMO-I PSMO-I Homepage DSS Facebook Page DSS Twitter AskPSMO-I Webinar PSMO-I Outreach Contact your local NCMS chapter for upcoming training events in which PSMO will present 17

18 For Further Assistance DMDC Contact Center Phone: Menu Options: 1 DISS 3 JPAS 4 e-qip DoD CAF Call Center Phone: (SSOs and FSOs ONLY) Website: Menu Options: 5 Industry DIA Industry Personnel Security (SEC-3B) Address: Department of Defense Consolidated Adjudications Facility, Suite # th Street Fort George G. Meade, MD DIActrAdjudications@dodiis.mil DOHA Phone: dohastatus@ssdgc.osd.mil 5 SWFT 6 DCII 7 PerSec/General Questions 8 STEPP/ISFD/FCL 18

19 Questions??? 19

20 20

21 DISS Scope The Defense Information System for Security (DISS) is a family of systems that will serve as the system of record for comprehensive personnel security, suitability and credential management of all DoD military, civilian, and contractor personnel. The DISS family of systems is comprised of two components: the Case Adjudication Tracking System (CATS) and the Joint Verification System (JVS). Once fully deployed, the DISS family of systems will replace the Joint Personnel Adjudication System (JPAS). DISS is undergoing a phased deployment. 21

22 DISS Deployment 22

23 Top-Level Critical Tasks & Milestones for DISS Deployment Sep 2017 May 2018 Sep 17 Oct 17 Nov 17 Dec 17 Jan 18 Feb 18 Mar 18 Apr 18 May 18 Jun 18 Infrastructure Build-Out Hierarchy User Provisioning Testing / Training: MILDEPS, DoD CAF, Industry Application Deployment End User Support MILDEPS 10/17 Release For MILDEPS 12/11/17 Release For MILDEPS 12/17 Release x For MILDEPS 2/18 Industry 3/18 Industry Working Group Training (3/18) Industry Deployment (5/18) 23

24 DISS Deployment Phases Sep 17 Oct 17 Nov 17 Dec 17 Jan 18 Feb 18 Mar 18 Apr 18 May 18 Jun 18 Phase 1 Migration to Single Adjudicative System Migrate off the multiple adjudicative systems and core enterprise services into DISS Phase 2 DISS Enterprise Subject Management Migrate subject management capabilities and additional enterprise services into DISS Legacy CATS/CATS Portals will be taken offline Phase 3 Establishment of a Single System of Record Completes the rollout of the DISS enterprise services JPAS will be taken offline 24

25 Questions??? 25