Continuous Evaluation
Overview
In his role as the Security Executive Agent (SecEA), the Director of National Intelligence (DNI) established the Continuous Evaluation Program within the National Counterintelligence and Security Center (NCSC). Continuous Evaluation (CE), a personnel security investigative process, is a key component of security clearance reform efforts to modernize personnel security practices and increase the timeliness of information reviewed between periodic reinvestigation cycles. The CE Program provides oversight, policy, and guidance to implement CE across the Executive Branch and operates the ODNI CE System (CES). The CES is an information technology (IT) system that conducts automated checks of security-relevant information, a capability that is the cornerstone of security clearance transformation efforts within the Trusted Workforce 2.0 framework and the move toward government-wide Continuous Vetting.
Security Clearance Reform
Current Status
Since IRTPA and E.O. 13467, the SecEA has instituted a variety of reform efforts to improve background investigation and adjudication timeliness, improve the quality of information used to make security clearance decisions, compile system-wide metrics, and assess and oversee personnel security program implementation across the executive branch. With increasing cybersecurity threats and incidents, and large classified information leaks coupled with background investigation backlogs, there will be the need to drive continuous and future security clearance reforms.
As the SecEA, the DNI is the champion for reform activities that include the issuance of guidance, training, oversight, and implementation assessment that are vital for standardizing and improving Executive Branch personnel security programs. The Director of the National Counterintelligence and Security Center (NCSC) serves in support of the DNI’s role as SecEA to develop, implement, oversee and integrate personnel security initiatives throughout the U.S. Government.
Recent reform activities have focused on the following:
- The 2010 Intelligence Authorization Act (IAA) requires the President to submit an annual report on security clearance determinations to Congress and directs this report to include the number of U.S. Government employees and contractors who hold a security clearance at each level. SecEA gathers performance metrics government-wide on the timeliness of personnel security investigations, adjudication and reciprocal actions.
- The SecEA issues Executive Correspondence and Security Executive Agent Directives (SEADs) as a primary means of disseminating national security policy and requirements in order to institutionalize reform initiatives, provide a foundation to government-wide personnel security policies, and conduct oversight of processes related to security clearances and sensitive national security positions.
- In 2012 the Federal Investigative Standards (FIS) were jointly issued by Security and Suitability Executive Agents. FIS is a critical security clearance reform initiative that established new federal investigative criteria to conduct background investigations to determine eligibility for logical and physical access, suitability for U.S. Government (USG) employment, eligibility for access to classified information or to hold a sensitive position, and fitness to perform work for or on behalf of the USG as a contractor employee.
- SecEA considers Agency Head requests for delegated authority, or modification of their existing authority, to conduct personnel security investigations and adjudications.
- Ensuring reciprocal recognition among the USG agencies for eligibility of access to classified information and eligibility to hold a sensitive position, including acting as the final authority to arbitrate and resolve disputes involving the reciprocity of investigations and eligibility determinations.
- Reducing the backlog of periodic reinvestigations (PR). The SecEA issued guidance directing agencies to prioritize out of scope background investigations and focus on their required PRs. The FY 16 Omnibus Appropriation, H.R. 2029-673 requires the DNI to develop a plan to eliminate the backlog of PRs.
- Expansion of eAdjudication (electronic adjudication) to other types of national security and suitability investigations offers the opportunity to improve clearance processing and permit adjudicators to focus on investigations presenting adjudicative issues.
- The Quality Assessment Standards (QAS) were approved by the PAC on 22 January 2015. The QAS Implementation Plan was approved 1 April 2016, which identified separate milestones for Departments and Agencies (D/As) that are only assessing the quality of background investigations (BIs) and those D/As that are responsible for conducting BIs and assessing their quality.
NITTF Policy & Legal
Executive Order (E.O.) 13587 (PDF) and the National Insider Threat Policy (PDF) directed the NITTF to develop a Government-wide policy for the deterrence, detection, and mitigation of insider threats, and, in coordination with appropriate agencies, develop minimum standards and guidance for implementation of the insider threat program’s Government-wide policy, both of which were signed by the President on 21 November 2012. The NITTF continually monitors these two foundational and dynamic documents, in collaboration with departments and agencies (D/A), to ensure they are meeting D/A needs as they develop and implement their insider threat programs.
NITTF promotes interdisciplinary and interprofessional collaboration across the executive branch of the U.S. Government with the Committee on National Security Systems and the National Institute of Standards and Technology publications on a range of related issues including continuous evaluation, privileged users, and privacy and civil liberties. The NITTF also ensures National Policy is aligned with D/A policy.
NITTF Core Documents
- Executive Order (E.O.) 13587: Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information (PDF)
- National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs (PDF)
- Summary of Federal Citations for the National Insider Threat Task Force (PDF)
Committee on National Security Systems (CNSS) Documents
- Committee on National Security Systems Directive (CNSSD) No. 504 - Directive on Protecting National Security Systems (NSS) from Insider Threat *
- Committee on National Security Systems Instruction (CNNSI) No. 1015 - Enterprise Audit Management Instruction for National Security Systems (NSS) (PDF)
- Committee on National Security Systems Instruction (CNNSI) No. 4009 – National Information Assurance (IA) Glossary (PDF)
Additional Insider Threat Related Documents
* This material is For Official Use Only, and has not been approved for public release. Please contact the NITTF if you have an official need for this item.
Security Clearance Reform - Overview
The Intelligence Reform and Terrorism Prevention Act of 2004 (IRTPA) called for improvements in the U.S. Government’s security clearance processes. The Director of National Intelligence (DNI) and the Undersecretary of Defense for Intelligence co-authored a charter to establish a Joint IC/DoD Security Clearance Reform Team that convened on 18 June 2007. Additionally, Executive Order (E.O.) 13467, Reforming Processes Related to Suitability for Government Employees, Fitness for Contractor Employees, and Eligibility for Access to National Security Information, and Executive Order 13764 amended and clarified several personnel security-related statutory and executive authorities when creating the DNI’s Security Executive Agent (SecEA) role. The SecEA is a key figure with Security Clearance Reform and is a Principal member on the Suitability and Security Clearance Performance Accountability Council (PAC). Chaired by Office of Management and Budget, the PAC is the principal interagency forum for ensuring the alignment of security clearance and suitability processes across the Executive Branch.
Mission
Lead and support the U.S. Government’s counterintelligence (CI) and security activities critical to protecting our nation; provide CI outreach to U.S. private sector entities at risk of foreign intelligence penetration; and issue public warnings regarding intelligence threats to the U.S.
Vision
NCSC is the nation’s premier source for counterintelligence and security expertise and a trusted mission partner in protecting America against foreign and other adversarial threats.
Strategic Goals
- Goal 1: Advance our Knowledge of, and our Ability to Counter Foreign and Other Adversarial Threats and Incidents
- Goal 2: Protect U.S. Critical Infrastructure, Facilities, Classified Networks, Sensitive Information, and Personnel
- Goal 3: Advance our Counterintelligence and Security Mission and Optimize Enterprise Capabilities through Partnerships
- Goal 4: Strengthen our Effectiveness through Stakeholder Engagement, Governance, and Advocacy
- Goal 5: Achieve our Mission through Organizational Excellence