DCSA rolling out continuous vetting to a million more feds

"DCSA plays a critical role in executing Trusted Workforce 2.0 objectives as the largest provider of personnel vetting services," Heather Green said.

The Defense Counterintelligence and Security Agency says continuous vetting has made “monumental” changes to the security clearance process. Now it’s time to start rolling the system out to a million more people.

As part of the government’s Trusted Workforce 2.0 initiative, DCSA is starting to implement continuous vetting for feds and contractors who don’t need clearances, but do work in public trust positions. The goal is to bring about a million employees — ranging from police officers to nurses to custodial staff working in sensitive locations — under the CV umbrella within the next year.

Just like with the security clearance investigation and adjudication process for clearance holders, continuous vetting will replace the traditional method of conducting periodic reinvestigations every five to ten years. DCSA started the rollout to the “non-sensitive public trust” population in August, beginning with a handful of agencies that have signed up to be early adopters.

In the early stages, the program will monitor what officials deem to be “high value” data sources and alert agencies for signs of potential insider threats in four broad categories: criminal activity, violent extremism, terrorism, and ‘unlawful subversive activity’. More comprehensive monitoring, including for red flags on things like employees’ financial circumstances, will come later.

“DCSA plays a critical role in executing Trusted Workforce 2.0 objectives as the largest provider of personnel vetting services and enterprise information technology capabilities for the federal government. This puts us on track to conduct a phased enrollment of our non-sensitive public trust population, which will provide the full enrollment capability for customer agencies by the end of the fiscal year 2025,” Heather Green, the agency’s principal deputy assistant director for adjudication and vetting services, told reporters. “At that point, all agencies will be able to enroll their non-sensitive public trust populations into CV, and that will provide them alert management, real-time threat analysis, and reporting capabilities that they do not have currently.”

Agencies need to prepare for latest CV transition

By this point, federal agencies are already pretty familiar with continuous vetting. As part of Trusted Workforce 2.0, DCSA started implementing CV for security clearance holders nearly three years ago, and 3.8 million cleared personnel are already enrolled.

Still, Green said agencies have some work to do to prepare to move the public trust workforce into the CV realm.

“First and foremost, they need to ensure that they have the appropriate agreements in place with DCSA as their service provider — we work directly with all agencies to make sure that they have an agreement in place to enroll their population, and then they’re prepared to pay for the service,” she said. “They also need to identify their population, so we highly encourage all agencies to start looking through and identifying their populations that need to be enrolled. We have an onboarding checklist that we provide them as soon as they express interest in subscribing to the service.”

Some aspects of the implementation — including requirements for employees to self-report potentially derogatory information about themselves — will vary agency-by-agency. But whether it’s self-reported or detected by DCSA’s monitoring tools, a potentially negative life event won’t necessarily have immediate employment consequences.

“The continuous vetting program is really not a ‘gotcha’ program. We want to make sure that we identify any potential derogatory information early, and that we provide support in order to resolve any issues early and often, before things fester and become a larger insider threat issue,” Green said. “For example, if you’re having issues with finances, and potentially it’s because of medical bills, we want to make sure that we’re aware of what those issues are. We can help with employee assistance program support, things like credit rehabilitation. There’s a lot of programs out there that we can provide to our personnel to make sure we get ahead of any potential concerns.”

Possible improvements in time-to-hire

The new continuous vetting process has helped the government reduce its overall processing times for security clearances in the national security workforce. As recently as 2018, it took about 200 days to evaluate people seeking secret-level clearances and more than 400 days on average for people seeking top-secret clearance.

Under new governmentwide goals set last year, the vetting process is supposed to take 40 days for secret clearances, 75 days for top secret, and 25 days for public trust positions. Green said the introduction of CV for the public trust population should go a long way toward reducing vetting time and overall time-to-hire, but wasn’t able to predict specific figures.

And many of the biggest questions about the long-term future of continuous vetting — and the broader trusted workforce initiative — are bound up in the long-delayed implementation of the National Background Investigation System, DCSA’s new IT system for managing security and suitability determinations. NBIS was supposed to be deployed in 2019. This summer, DoD announced a new 18-month roadmap for the program.

In the meantime, DCSA has figured out how to implement continuous vetting without NBIS, said Mark Livingston, the agency’s assistant director for personnel security.

“Our [continuous vetting] system is fully operational. We’re meeting the mission now; NBIS is just going to make it better in the future, and that end-to-end IT system will be enhanced over time,” he said. “We are fully functional and meeting mission today, we’re just expecting NBIS to make it better in the near future.”

He said that’s also true of the broader trusted workforce efforts — which have managed to plow ahead without the new software infrastructure.

“To put it into scope or comparison, what 9/11 did to aviation safety and security and what COVID did to the workplace — Trusted Workforce is doing that to the national security workforce. It is monumental. These are shifts in the tectonic plates that are just huge, new, and innovative.”

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories

    GettyImages/Federal News Networkretirement

    Federal retirement backlog no longer top challenge for OPM, but IG says customer service issues remain

    Read more