The Pentagon may have issued top-secret clearances last year to as many as one-in-four applicants who had "significant derogatory information" in their backgrounds, including a record of foreign influence or criminal conduct, a little- noticed government audit says.
Flaws in the system for granting clearances to Defense Department staff and contractors pose a risk to national security, and the right tools to measure how well the process works are essential, said Rep. Anna G. Eshoo, California Democrat and chairman of a House intelligence subcommittee that oversees personnel and management issues.
"At present, we're basically operating on faith. This shouldn't be a faith-based process," Ms. Eshoo told The Washington Times.
Ms. Eshoo was responding to an audit published last month by the Government Accountability Office (GAO) warning one in four top-secret clearances issued by the Pentagon last year had no record of why officials had approved the applicant despite "significant derogatory information" that raised security concerns - most frequently about foreign influence or criminal conduct.
The audit also found that nearly nine in 10 new top-secret clearances last year were granted even though background investigation files on the applicant "were missing at least one type of documentation," most often employment verification.
The Pentagon granted more than 450,000 initial security clearances, and another 180,000 renewals, to military personnel, civilian employees and private contractors last year, based on the results of background investigations conducted by the U.S. Office of Personnel Management (OPM).
Auditors reached their conclusions by examining a random sample of 3,500 files on top-secret clearances granted in July last year.
GAO auditors said their report concentrated on top-secret clearances because people with them "have access to information that, if improperly disclosed, could cause exceptionally grave damage to national security."
The risks inherent in granting security clearances to the wrong people are illustrated by the case of Noureddine Malki, a naturalized U.S. citizen who worked as a contract translator for the U.S. military in Iraq. Last year, Malki was sentenced to 10 years in prison and stripped of his citizenship after pleading guilty of lying about his background, biography and even his name in his applications for citizenship and later a top-secret security clearance.
Prosecutors said Malki had taken home classified documents about the insurgency in Iraq, and had been in "unauthorized phone and e-mail contact ... with Sunni sheiks in the Sunni Triangle - individuals from whom the defendant admitted taking bribes," according to a Feb. 7, 2007, pretrial memorandum.
Retired Gen. James Clapper, undersecretary of defense for intelligence, accepted the GAO report and agreed to implement a series of reforms it recommended.
The audit, he said, "provide* an adequate assessment of the department's personnel security program."
Rebecca Allen, deputy director of security for the Pentagon, told The Times that the fact that the rationale for granting a clearance was not recorded did not mean a poor decision had been made. "This appears to be more an issue of documentation," she said.
"We're confident in our risk-management-based approach," she said, adding that adjudicators who decide whether to grant a clearance used "a whole-person concept. They consider favorable and unfavorable information from the past and the present and make decisions on a case-by-case basis."
She said the department had agreed to implement a series of reforms recommended by the audit, including issuing new guidance to investigators about the importance of "more consistently and properly documenting their decisions."
Kathy Dillaman, the OPM associate director in charge of background investigations, said the auditors adopted a "tick-the-box" approach in saying that 90 percent of files were missing documentation.
"Our investigators are trained to find the best sources of information [about applicants] and not just tick the box," she said. For example, she said, some companies would confirm only the dates of employment, in which case investigators would seek other ways to obtain details about a person's work record.
"It's not as black and white" as the audit made it out to be, she said. "There's a fair amount of discretion that has to be applied" by OPM's 6,300 investigators - three-quarters of whom are contractors. "You have to put some common sense in there," she said.
"In every case, a good decision can be made" based on the background investigations OPM passed to the Pentagon, she said, adding that every file was reviewed by experienced staff investigators before it was submitted as part of the agency's quality assurance program.
Ms. Eshoo, Rep. Silvestre Reyes, Texas Democrat and chairman of the House Permanent Select Committee on Intelligence, and Rep. Darrell Issa, California Republican, are pushing a bill that would mandate detailed annual reports to Congress on the clearance process.
"We can't afford to go on without a very, very strong handle on who is being allowed in and who should be kept out" of the nation's classified information systems, Ms. Eshoo said.