Monday, August 12, 2013

Public Trust and Security Clearances


Why Public Trust Positions?

Government employment requires hiring responsible people for judicious roles such as managing finances, overseeing processes, inspecting compliance, and protecting people and assets, among others. While many government jobs do not require a security clearance, certain sensitive positions—often ones for protection of national security—demand especially knowledgeable and responsible employees. Such positions are designated as “Public Trust Positions.”
How Public Trust Positions are Established

Employing agencies determine risk to designate the type of position: sensitive or non-sensitive. The risk could reflect both national security issues involving classified/sensitive information or activities that are not classified. In both cases, different types of background investigations are conducted.

For non-national security positions, background investigations are appropriate for the amount of risk associated with the position. For example, a designated position involves the protection of government funds. An accountant or comptroller behaving badly will cause a degree of risk as they manage the finances.

According to the SF 85P Questionnaire for Public Trust Positions, an appropriate background investigation is necessary to determine suitability or eligibility to work in public trust or sensitive positions. Applicants for and those already employed in the positions, are required to have the appropriate investigation based on the sensitivity level of the position.

Managers work with human resource personnel to identify, authorize, and designate positions as National Security and public trust positions. Then, they send the appropriate investigation request to the Office of Personnel Management (OPM) prior to but no later than 14 days after the appointment to the public trust position.
Public Trust Positions

The following job descriptions are just a few examples of those requiring an OPM investigation and for some obvious reasons:
Immigrations, customs, borders and port protection agents
Public safety and health workers
Federal police officers
Comptrollers
Contracts managers

One of the most ubiquitous positions is the protection of government information technology systems. Employees assigned computer systems for their daily work performance might fit this category.

Managers use the Position Designation of National Security and Public Trust Positions tool available atwww.OPM.gov to determine the appropriate risk level. The tool establishes risk level by the potential impact to the service if employee is not suitable. When the public trust position is outside of sensitive national security considerations (think CONFIDENTIAL, SECRET, TOP SECRET), then they select non-sensitive risk levels of low, moderate and high.
Suitability Criteria

You might already be familiar with the 13 criteria that security clearances are adjudicated against. However, the suitability factors for the three risk levels are similar in scope but not as detailed. They include the following eight criteria:
Misconduct or negligence in employment
Criminal or dishonest conduct
Material, intentional false statement, deception or fraud in examination or appointment
Refusal to furnish testimony as required for the investigation
Alcohol abuse of a nature and duration which suggests that the applicant or appointee would be prevented from performing the duties of the position in question, or would constitute a direct threat to the property or safety of others
Illegal use of narcotics, drugs, or other controlled substances, without evidence of substantial rehabilitation
Knowing and willful engagement in acts or activities designed to overthrow the US government by force
Any statutory or regulatory bar that prevents the lawful employment of the person involved in the position in question

Adjudication for non-classified positions still consider the “whole person” concept. The considerations are:
The NATURE OF THE POSITION for which the person is applying or in which the person is employed (How much responsibility will they have? How much is supervised? What is unsupervised. For example, the level of supervision may mitigate some of the risk. Conversely, limited supervision implies more risk.)
The nature and seriousness of the conduct
The circumstances surrounding the conduct
The time of the conduct
Contributing societal conditions
The absence or presence of rehabilitation or efforts toward rehabilitation
Types of Background Investigations



NATIONAL AGENCY CHECK AND INQUIRIES (NACI) Requests for investigation are submitted with the SF 85 (Questionnaire for Non Sensitive Positions) Minimum investigation required for non-sensitive/low risk positions. Coverage includes:
Employment/Self-employment/Unemployment Coverage (5 years Inquiry)
Education (5 years Highest Degree – Inquiry)
Residence (3 years – Inquiry)
Reference Contacts
Law Enforcement Checks (5 years- Inquiry)
National Agency Checks
Access to previous Federal investigations through:
OPM’s Security/Suitability Investigations Index (SII)
Defense Clearance and Investigations Index (DCII)
FBI Name Check
FBI National Criminal History Fingerprint Check
Credit Search of National Credit Bureaus (Optional)
Military Personnel Record Search (if applicable)
Citizenship Verification

MODERATE BACKGROUND INVESTIGATION (MBI) Requests for this investigation are submitted with SF 85P (Questionnaire for Public Trust Positions) and primarily conducted for Moderate Risk Public Trust (MRPT) positions. Coverage includes NACI requirements plus:
Reference Contacts
Law Enforcement Checks (5 years- Inquiry and/or Record)
Credit Search of National Credit Bureaus (7 years)

BACKGROUND INVESTIGATION (BI) Requests for this investigation are submitted with SF 85P. The BI is primarily conducted for High-Risk Public Trust positions. Coverage includes MBI requirements plus the following variables:
Personal Subject Interview
Education (2 years/verification of degree)
Residence (3 years)
Law Enforcement Checks (5 years)
National Agency Checks
Credit Search of National Credit Bureaus

Public Trust positions require persons with not only the right job skills, but a high degree of trustworthiness. Agencies determine whether the positions are sensitive or non-sensitive and if non-sensitive, determine the risk level of low, moderate or high. The higher the risk level, the more impacting employee misbehavior can be. Depending on the risk level, the appropriate investigation is initiated.





 Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".

Hey FSO's-Try these ISP Certification Questions...

 1.      Employees sign certificates stating that they have been given a NATO security briefing. Certificates for NATO SECRET are maintained for:
a.            3 years
b.            2 years
c.             5 years
d.            6 years
e.             4 years
2.      For international transfers of classified material, follow-up action is sent through CSA if a signed receipt is not returned within:
a.            30 days
b.            15 days
c.             45 days
d.            3 days
e.             10 days
3.      An emergency visit request is usually submitted within _____ calendar days of proposed visit.
a.            21
b.            4
c.             15
d.            7
e.            36










 Scroll down for answers:



1.      Employees sign certificates stating that they have been given a NATO security briefing. Certificates for NATO SECRET are maintained for:
a.            3 years
b.            2 years (NISPOM 10-706)
c.             5 years
d.            6 years
e.             4 years
2.      For international transfers of classified material, follow-up action is sent through CSA if a signed receipt is not returned within:
a.            30 days
b.            15 days
c.             45 days (NISPOM 10-406)
d.            3 days
e.             10 days
3.      An emergency visit request is usually submitted within _____ calendar days of proposed visit.
a.            21
b.            4
c.             15
d.            7 (NISPOM 10-503)

e.            36




Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".

Wednesday, August 7, 2013

ITAR Free? ITAR light? Export Reform

Get your copy at www.redbikepublishing.com

Export Reform Update,
Panel Remarks to the U.S. Department of Commerce Bureau of Industry and Security Update Conference, were given on July 24, 2013.

These remarks hi-lighted the export compliance communities concerns with present day policies.
In the remarks current polices were addressed as "onerous" and "confusing" reflecting consumer and customer expression and experience. To address the communities, a task force was convened to focus on four areas:
* Licensing policies and procedures
* Control lists
* Information technology
* Export enforcement


In an effort to clarify licensing policies and procedures and to work the 80k license requests per year, the task force focused on reform in three phases. The first phase is complete as the task force addressed the munitions lists, recalibrated and harmonized definitions and regulations, updated licensing procedures, created an Export Enforcement Coordination Center, and built a consolidated licensing database.

Now the task force is working on phase II which involves implementing work identified in Phase I. So far, the ITAR will reflect changes beginning in January 2014. The United States Munitions List (USML) will undoubtedly reflect new definitions and requirement to meet new technology advances. This will include moving items with less military application to the Department of Commerce's Commerce Control List (CCL). Both USML and the CCL will maintain equal export controls, but will be handled by different jurisdictions (Department of State for USML and Department of Commerce for CCL).

The intent in Phase II is to also neck down what qualifies as export controls. Instead of an across the board technology, the license application process with help the requester identify items that truly meet protection requirements by keeping certain technologies from foreign exploitation and releasing technologies that should remain in the public domain.

Phase III involves creating a single export control entity and consolidating enforcement.

While the federal government works on streamlining export requirements, the task of industry is to ensure compliance. While the legal representation works to understand new policy, the task of the workforce remains constant.

Regardless of USML or CCL jurisdiction, regardless of streamlined processes, the fundamentals must be addressed; to identify and protect proprietary information, intellectual property, government information, processes, services and anything else that meets the definition of a USML or CCL item.

Subject matter experts consisting of engineers, program employees, security and others should convene enterprise task forces to identify qualifying items. Once identified they should be documented in a program information guide for use to prevent export violations. The enterprise should also develop a specific policy to review sales, speeches, presentations, contractual language, web pages and any media that could possibly present export controlled items, information and services.

The government is working to provide the left and right limits of export in an increasingly global world. Though the limits may move, the fundamentals remain consistent; industry must identify and protect sensitive technologies and keep them out of the public domain.





Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".