A 2010 government audit warned that infractions by the contractor that cleared both Edward Snowden and Aaron Alexis for security clearance were causing "risk to national security."
U.S. Investigative Services, Inc. (USIS), which conducted and approved Edward Snowden and Aaron Alexis for security clearances after background checks, has a rather checkered past. From a 2010 audit on USIS' process for quality assurance on background investigations, the U.S. Office of Personnel Management (OPM) found multiple infractions.
Most notably, the report found that USIS' misconduct increased "the risk to national security."
Within the OPM, there's the Federal Investigations Service (FIS), which is responsible for background checks for federal employees and contractors. In 2009, FIS contracted these duties to three firms, one of them being USIS. The audit report is based on the activity from July to October of 2009.
For starters, the report noted that USIS "did not provide an OPM-approved training course to Investigative Technicians who conduct record checks." Additionally, KeyPoint Government Solutions, another firm that conducts background checks for security clearance purposes, was also cited for not properly training its staff.
According to the report, USIS failed to explain the oversight:
"USIS did not provide a reason as to why seven individuals had not been trained. One Record Searcher had received training offered at the local/field level; however, the training has not been approved by OPM. USIS also stated that they were currently being audited by OPM's Program Training Branch and that they have not received approval or rejection for their Record Search training."
The audit also found that USIS credited an investigator trainee with passing his final exam - even though he failed it (emphasis added):
"[O]ne USIS Investigator failed the New Investigator Training (NIT) final exam, but their training system showed that the Investigator passed the NIT course on the same date that the final exam was failed. No documentation was provided showing that the Investigator ever re-took and passed the NIT final exam."
Protocol states that "the absence of documentation to support that all Investigators are properly qualified increases the risk that there are Investigators who have not been properly trained and cleared to perform background investigations on behalf of FIS. Unqualified individuals working on background investigations can lead to the investigation and related Personally Identifiable Information being compromised."
Regarding "check rides," an exam that makes sure those seeking to fly airplanes are able to do so safely, the report found that USIS wasn't present to verify two of them. OPM explicitly mentions that even one missed check ride is a serious violation:
"Not completing the required check ride for each new Investigator at the completion of their field training process increases the risk that USIS will not be able to ensure the new investigator is efficient, capable, and/or reveal any weaknesses that may compromise their investigations. There is also an increased risk that the information contained in the new Investigator's Report of Investigation may be incorrect or falsified."
Concerning integrity of USIS, they "they did not forward misconduct issues to OPM within the required timeframe for 7 of the 40 Investigators reviewed. Details regarding the seven Investigators were provided to FIS separate from this report."
Additionally, OPM "reviewed all 40 Investigators with misconduct issues identified from October 1, 2008 to August 11, 2009 to determine if the information was properly referred...USIS stated that there is no formal procedure on when to record the times that the USIS Integrity Assurance Team receives a misconduct issue."
Yet, OPM listed the protocol of forwarding issues of misconduct, citing the requirement that "the Contractor shall immediately notify OPM" about misconduct issues:
"The Conformed Fieldwork Contract dated January 8, 2009, Section C ll. O. 6, states, 'in regard to notification of allegations of misconduct, the Contractor shall make such notification within one workday whenever possible but in no case exceed 3 workdays in doing so.'
"Section H3 also states: 'Any action or misconduct by a Contractor employee or subcontractor that might adversely affect (1) the integrity of an investigative product or OPM's automated system, (2) OPM's access to source information, (3) a subject or source's privacy rights, (4) the security of investigative material or OPM equipment or facilities, or (5) the individual's basic suitability to perform work under this contract, or (6) workplace safety, is of concern to OPM. If discovered by the Contractor, the Contractor shall immediately notify OPM of the individual's identity, the nature of the alleged negligence or misconduct, and any investigations that may require review and/or reopening.'
"The USIS Fieldwork Services Quality Assurance Surveillance Plan, Section B. 7, states, 'The USIS Integrity Assurance Team will notify OPM within 24 hours of any integrity issue developed by the field.'"
More disconcertingly, the audit noted that these delays are "increasing the risk to national security":
"If misconduct issues are not forwarded to OPM in accordance with established timelines, there is an increased risk that an unethical Investigator may be performing background investigations, thus increasing the risk to national security."
Snowden is accused of leaking state secrets to the public. Aaron Alexis opened fire on a military installation in the nation's capital.