The Defense Security Service was unable to conduct security reviews at about 60 percent of cleared facilities in fiscal year 2016, according to a Government Accountability Office report released in May.
The DSS is responsible for vetting the security of more than 12,000 contractor facilities, in a similar fashion to the task of vetting the personal security clearances that government employees and contractors undergo, according to Nextgov.com.
Just like investigating individuals’ trustworthiness for clearance, the DSS investigates companies’ foreign ties and risky past behavior when determining their access to classified information.
“DSS recently declared that the United States is facing the most significant foreign intelligence threat it has ever encountered,” the GAO report stated. The agency announced in 2017 that it would implement a new monitoring approach “to address emerging threats at facilities in the program.”
A current approach is to schedule security reviews on a 90-day workplan starting with certain facilities, such as those with mitigation agreements for foreign influence or classified information systems, the report stated. The new approach is to use national intelligence and the Department of Defense’s list of critical technologies and programs to create a security review priority list based on a facilities, assets and the threats to those assets.
Elements of the new approach to security reviews reveals that DSS is stepping away from a one-size-fits-all approach and into creating customized security plans for contractor facilities, Nextgov.com reported.
However, the GAO report identified some shortcomings. It found that DSS has neglected to address immediate challenges that are critical to piloting this new approach, such as determining necessary resources, because it hasn’t identified roles and responsibilities.
DSS also hasn’t established “how it will collaborate with stakeholders—government contracting activities, the government intelligence community, other government agencies, and contractors—under the new approach,” the report stated. “Federal Internal Control Standards establish the importance of coordinating with stakeholders, including clearly defining roles and responsibilities.”
Assessing the new approach’s effectiveness will be difficult until these areas are addressed, the report stated.
How Facility Clearance Works
Facilities obtain clearance by being sponsored by a government contracting activity or another company that already has clearance, according to the DSS website. A company representative must take part in a phone survey, followed by a facility visit by a DSS representative.
A facility cannot be cleared unless key management personnel also obtain security clearance. The DSS Industrial Security representative helps identify those who must be cleared and those that may be excluded.
© 2018 Millionairium and Keep Your Clearance. Authorization to post is granted, with the stipulation that Millionairium and Griffith, Young & Lass are credited as sole source. Linking to other sites from this document is strictly prohibited, with the exception of herein imbedded links.