Report | April 14, 2014

An Assessment of Contractor Personnel Security Clearance Processes in the Four Defense Intelligence Agencies

DODIG-2014-060

What We Did

Our objective was to assess: a) how, or if, substantiated investigations of misconduct were reported to Agency Clearance Adjudication Facilities (CAF) and to the DoD Consolidated Adjudication Facility (DODCAF); b) if the referred investigations had been adjudicated; and c) the results of those security adjudications.

What We Found

  • There was a lack of effective personnel security policy.
  • There was a lack of effective record keeping.
  • There was an avoidance of personnel security adjudication for contractor personnel involved in misconduct.
  • There was a lack of personnel security information sharing.
  • There was a lack of connectivity between the Defense Central Index of Investigations (DCII) and the Joint Personnel Adjudicative System (JPAS).

Our Recommendations and Management Responses

We recommend that the Under Secretary of Defense for Intelligence [USD(I)]: develop overarching policies governing operation of DCII and JPAS; expedite publishing new security policy; and advocate revising EO 12968 to require that personnel security clearance adjudicative and due process actions continue, even if the contractor employee no longer has access to classified information. USD(I) concurred with these recommendations. We redirected revision of one directive to Office of General Counsel, DoD.

We recommend that the Offices of Security of the Defense Intelligence Agency (DIA), National Geospatial-Intelligence Agency (NGA), National Reconnaissance Office (NRO), and National Security Agency (NSA), Offices of Security, develop formal procedures to ensure that reports of investigation into misconduct by contractor personnel are reported to the appropriate adjudicative organizations; and ensure that the appropriate security databases are populated with personnel security adjudicative determinations. The Agencies concurred with some of these recommendations and non-concurred with others. (See the report and Appendices D - G).

We recommend that the Directors of DIA, NGA, NRO, and NSA ensure IG reports of investigation into contractor misconduct are reported to DODCAF. The Agencies concurred with this recommendation.

Lastly, we recommend that the Director, Defense Human Resources Activity (DHRA), (1) work with the Genera l Services Administration to add the Excluded Parties List System/System for Award Management to the set of databases accessed by the Automated Continuing Evaluation System that the Defense Personnel Security Research Center developed; and, (2) develop software to automatically flag the personnel security adjudicative portion of JPAS that a DCII file exists on a specific Subject. The Defense Manpower Data Center manages both JPAS and DCII. DHRA did not concur with action 1, but did concur with action 2.