The Obama administration is reforming the background investigation organizational and security structure as a result of the 90-Day Suitability and Security Review, to examine reforms in the federal background investigations process, the White House said Friday.
The government will establish a new government-wide service provider for background investigations to absorb and replace elements of the U.S. Office of Personnel Management (OPM) that conduct investigations currently. This new National Background Investigations Bureau (NBIB) will replace OPM’s Federal Investigative Services (FIS), which presently performs investigations for over 100 federal agencies, 95 percent of the total investigations government-wide. FIS’ work consists of over 600,000 security clearance investigations and 400,000 suitability investigations per year.
The Suitability and Security Review was convened following the OPM data hacks in 2015 (Defense Daily, June 17). It was conducted by the interagency Performance Accountability Council (PAC), which is chaired by the Office of Management and Budget (OMB). The PAC consists of the Director of National Intelligence (DNI) and Director of the OPM, in respective roles as Security and Suitability Executive Agents of the PAC, and also the Departments of Defense (DoD), Treasury, Homeland Security, State, Justice, Energy, the Federal Bureau of Investigation (FBI), and others.
“This new government-wide service provider for background investigations will be housed within the OPM. Its mission will be to provide effective, efficient, and secure background investigations for the federal government,” the administration said in a joint blog post by James Clapper, DNI; Beth Cobert, Acting Director of OPM; Marcel Lettre, Under Secretary of Defense for Intelligence at the Defense Department; Tony Scott, U.S. Chief Information Officer; and J. Michael Daniel, Special Assistant to the President and Cybersecurity Coordinator at the National Security Council.
The NBIB will report to the OPM director, but the head of the new bureau will be presidentially-appointed and a full member of the PAC, the White House said in a fact sheet accompanying the announcement Friday.
“NBIB will receive policy direction and guidance from and be accountable to the PAC and its customer agencies for providing continuous improvements to the investigative process,” the White House said.
The fact sheet also noted the bureau will have a dedicated senior privacy office “to advance privacy-by-design as the new entity is stood up and new IT systems are developed.” A group of interagency personnel will help stand up the new entity and be part of its ongoing management.
The officials highlighted that unlike the previous structure, “the Department of Defense will assume the responsibility for the design, development, security, and operation of the background investigations IT systems for the NBIB.”
The change in approach is meant to leverage the Department’s “significant national security, IT, and cybersecurity expertise, incorporating security into the fundamental design of the systems, strengthening the security of the data environment, and providing robust privacy protections,” the White House said.
The administration intends to support the work through an addition of $95 million inserted into the president’s fiscal year 2017 budget, dedicated to the development of the IT capabilities.
The review also directs the PAC to establish an interagency cybersecurity advisory group to provide advice and counsel on system development and threat mitigation.
The White House said although the current PAC and Executive Agent governance structure established under Executive Order 13467 will remain, the administration intends to issue new guidance to clarify the existing role in the enterprise and assign new responsibilities where gaps may exist.
One example of new guidance is that the White House will establish a Crediting Executive Agent “with responsibility for policy and oversight of credentialing matters that parallels the respective authorities and responsibilities of the Security and Stability Executive Agents.” The responsibility is currently spread out across several agencies, the White House said.
While the organizational changes will take time to implement, the administration is establishing a transition team headquartered in Washington, D.C., to develop and implement a plan to stand-up the NBIB, ensure the transition timeline aligns with business needs, transition management of FIS IT systems to the Defense Department, migrate the existing mission, functions, personnel, and support structure of OPM FIS to NBIB, and provide continuity of service to customer agencies during the transition.
The White House also announced that to ensure the NBIB is successful, the PAC will monitor performance to identify and drive enterprise-level process enhancements, make recommendations for changes to executive branch guidance and authorities to resolve overlaps or close policy gaps, and institute a data-driven transparent policy-making process.