L’ intervento dell’Autorità Giudiziaria

DHS policy requires that only Government and contractor personnel who are U.S. citizens shall be granted access to DHS systems processing sensitive information. However, at times there is a need to grant access to non-U.S. citizens. The Component Head or designee may grant access to DHS systems for non-DHS Government employees and/or non-U.S. citizens only when (1) the individual is a legal permanent resident of the United States or a citizen of Ireland, Israel, the Republic of the Philippines, or any nation on the Allied Nations List maintained by the Department of State, (2) all required security forms specified by the Government and any necessary background check have been satisfactorily completed, (3) a compelling reason exists for using this individual instead of a U.S. citizen, (4) the exception to the U.S. citizenship requirement is in the best interest of the U.S. Government, and (5) the DHS Chief Security Officer and the Chief Information Officer or their designees concur in approving access for the individual. DHS 4300A Attachment J provides an electronic form for requesting an exception to the U.S. citizenship requirement.

All personnel accessing DHS systems are required to have an appropriate security clearance and a valid need to know in order to access these systems. All DHS employees must have favorably adjudicated background investigations commensurate with the defined sensitivity level of the positions they hold. Determining the appropriate position sensitivity level is based on such factors as the type and degree of harm (e.g., disclosure of sensitive information, interruption of critical processing, computer fraud) the individual can cause through misuse of the computer system.

Another prudent safeguard is to ensure that individuals who support DHS systems are highly qualified technically and are adequately trained for the position they occupy. This can reduce the risk of unintentional actions. A major threat to an IT system can be the loss of key technical personnel. While unintentional acts and accidents cannot be eliminated, effective training can help to mitigate the possibility or frequency of unintentional user errors.

Position sensitivity levels for all Government positions involving the use, development,

operation, or maintenance of IT systems shall be designated, and risk levels for each contractor position shall be determined.

DHS Policy

a. Components shall designate the position sensitivity level for all Government positions that use, develop, operate, or maintain IT systems and shall determine risk levels for each contractor position.

b. Components shall ensure the incumbents of these positions have favorably adjudicated background investigations commensurate with the defined position sensitivity levels.

c. No Federal employee shall be granted access to DHS systems without having a favorably adjudicated Minimum Background Investigation (MBI) as defined in DHS MD 11050.2, Personnel Security and Suitability Program.

d. No contractor personnel shall be granted access to DHS systems without having a favorably adjudicated Background Investigation (BI) as defined in DHS MD11055, Suitability Screening Requirements for Contractor Employees.

e. Only U.S. Citizens shall be granted access to DHS systems processing sensitive information. An exception to the U.S. Citizenship requirement may be granted by the Component Head or designee with the concurrence of the Office of Security and the DHS CIO or their designees.

Responsibilities related to personnel issues are provided below.

Citizenship, Position Categorization, and Personnel Screening Responsibilities Component Head

• Requests exceptions to the DHS requirement for U.S. citizenship for non-U.S. citizens who require access to DHS systems processing sensitive information.

System Owners

• Designate the position sensitivity level for all in-house or contractor positions that use, develop, or operate IT systems.

Security Managers

• Ensure all personnel who use, develop, or operate DHS IT systems have a favorably adjudicated background investigation commensurate with the defined sensitivity level associated with their position.

4.1.1.1 Background Investigations for Government Employees

DHS employees will undergo the appropriate security investigations to obtain the needed clearances for their positions. The types of security investigations—from DHS MD 11050.2, Personnel Security Program—are summarized below. These are listed generally from least to most comprehensive.

National Agency Check and Inquiries and Credit (NACIC): Consists of a NAC,

employment/self-employment/unemployment coverage (five-years inquiry), education (five- years highest degree, inquiry), residence (three-years inquiry), reference contacts (inquiry), law enforcement checks (five-years inquiry), and credit check.

NAC with Law and Credit (NACLC): Consists of a NAC, law enforcement checks (five years—

inquiry or record), and credit search of national credit bureaus (seven years). This investigation will be utilized in conducting initial investigations for some contractor employees and for reinvestigating Federal and contract employees who need a security clearance at the CONFIDENTIAL or SECRET level.

Access National Agency Check and Inquiry: Consists of an NAC,

employment/self-employment/unemployment coverage (five-years inquiry), education (five-years highest degree, inquiry), residence (three-years inquiry), reference contacts inquiry, law enforcement checks and/or record (five-years inquiry).

Minimum Background Investigation (MBI): Consists of an NAC, personal interview with the individual, employment/self-employment/unemployment coverage (five-years inquiry),

education (five-years highest degree, inquiry), residence (three-years inquiry), reference contacts (inquiry), law enforcement checks (five-years inquiry), and credit check (seven-years inquiry).

Other than the personal interview, there are no source interviews conducted during this investigation. An MBI is the DHS minimum standard of investigation.

BI: Consists of an NAC, personal interviews with the individual and other sources, credit checks, law enforcement agency checks, residences, and employment, covering the most recent five years of the individual’s life or since his or her 18^th birthday, whichever is shorter, provided that at least two (2) years are covered. No investigation will be conducted prior to an

individual’s 16^th birthday.

Single Scope Background Investigation (SSBI): Consists of an NAC; a spouse or cohabitant NAC; personal subject interview; and citizenship, education, employment, residence, law enforcement, and record searches covering the most recent ten years of the individual’s life, or since his or her 18^th birthday, whichever is shorter. No investigation will be conducted for the period prior to the individual’s 16^th birthday.

SSBI-Periodic Reinvestigation: Consists of an NAC, personal subject interview, employment check (five years), education check (five years), residence check (current and/or most recent six-month duration), reference check, law enforcement checks (five years), former spouse (five years or since date of last investigation), and Financial Crimes Enforcement Network check.

4.1.1.2 Background Investigations for Contractor Personnel

The level of background investigation required for contractor personnel accessing DHS IT systems is dependent on the level of risk associated with each contractor position: high,

moderate, or low. The table below depicts the type of investigation required for each risk level.

TYPE OF

* Only Weapons-Carrying Contract Guards must complete the SF 85P-S in addition to SF 85P

** Eligible for access only to the moderate risk level.

The waiver allows the contractor employee to commence work before the required background investigation is completed. The waiver does not substitute for the required background investigation.