NASA DESK GUIDE FOR SUITABILITY AND SECURITY CLEARANCE PROCESSING Version 2 Agency Human Resources Division NASA Headquarters SREF-3000-0003
(This page intentionally left blank.) Page 2 of 94
Status (Basic/Revision /Cancelled) NASA Desk Guide for Suitability and Security Clearance Processing Version 2 Document History Log Revision Date Basic 12/20/06 Basic Release Revision (Version 2) Description of Change 1/7/08 Changes Incorporated into Version 2: Added Document History Log. Section 2, References: updated with new references. Paragraph 3.1, New Hire Process Up to Submission of Investigative E-form Procedures: added new information to the Important note box. Paragraph 4.2, HSPD-12 Responsibilities: added information for Requestor and for PIV Representative. Section 7, National Security Clearance Level Determination: added note box with information on new policy regarding professional development for security personnel. Section 9, Background Investigation Level Determination: added an explanation that some of the charts used in this section, from NPR 1600.1, are being updated, but the corrected information is provided in this document. Figure 9-02, Background Investigation Levels with National Security Requirements: updated chart. Figure 9-03, Background Reinvestigation Levels with National Security Requirements: updated chart. Section 11, Suitability Adjudication: added appeal information. Appendix C, Step-by-Step Suitability Determination Instructions: replaced all Suitability Adjudication Worksheet screen shots with new screen shots for NASA Form 1761, Suitability Adjudication Worksheet. Appendix D, Standard Suitability Adjudication Worksheet: replaced screen shots with new NASA Form 1761 screen shots. Attachment 3, Personal Identification Verification (PIV) Card Issuer (PCI) Procedures: replaced with new directive. Page 3 of 94
(This page intentionally left blank.) Page 4 of 94
TABLE OF CONTENTS Page SECTION 1 INTRODUCTION...9 1.1 Purpose...9 1.2 Background...9 1.3 Applicability...9 1.4 About this Document...9 SECTION 2 REFERENCES...10 SECTION 3 PROCESS OVERVIEW...12 3.1 New Hire Process Up to Submission of Investigative E-form Procedures...15 3.2 Suitability/Security Adjudication Procedures...17 SECTION 4 RESPONSIBILITIES...18 4.1 General Responsibilities...18 4.2 HSPD-12 Responsibilities...19 SECTION 5 DOCUMENTING NATIONAL SECURITY AND PUBLIC TRUST DESIGNATIONS...21 SECTION 6 POSITION RISK FACTORS...22 6.1 Position Risk Designations...22 6.2 Mission Critical Space System Personnel Reliability Program (MCSSPRP)...23 6.3 IT Position Risk Designations...24 SECTION 7 NATIONAL SECURITY CLEARANCE LEVEL DETERMINATION...27 7.1 Special-Sensitive (SS)...27 7.2 Critical-Sensitive (CS)...28 7.3 Noncritical-Sensitive (NCS)...28 SECTION 8 CODING OF POSITION SENSITIVITY LEVEL DESIGNATION FOR NATIONAL SECURITY POSITIONS...29 8.1 Special-Sensitive (SS)...29 8.2 Critical-Sensitive (CS)...30 8.3 Noncritical-Sensitive (NCS)...30 SECTION 9 BACKGROUND INVESTIGATION LEVEL DETERMINATION...31 9.1 Background Investigation Levels No National Security Requirements...31 9.2 Background Investigation Levels National Security Requirements...32 9.3 How to Determine Investigation Level Required...33 Page 5 of 94
Page SECTION 10 E-QIP...35 SECTION 11 SUITABILITY ADJUDICATION...36 APPENDICES APPENDIX A ACRONYMS AND ABBREVIATIONS...37 APPENDIX B POSITION RISK DESIGNATION STEP-BY-STEP INSTRUCTIONS...39 APPENDIX C STEP-BY-STEP SUITABILITY DETERMINATION INSTRUCTIONS...51 APPENDIX D STANDARD SUITABILITY ADJUDICATION WORKSHEET...55 ATTACHMENTS ATTACHMENT 1 OFFICE OF PERSONNEL MANAGEMENT SUITABILITY GUIDELINES CHART...57 ATTACHMENT 2 OFFICE OF PERSONNEL MANAGEMENT ISSUE CHARACTERIZATION CHART...63 ATTACHMENT 3 PERSONAL IDENTIFICATION VERIFICATION (PIV) CARD ISSUER (PCI) PROCEDURES...71 Figure LIST OF FIGURES 3-01 Suitability and Security Clearance Process Flow Chart Part 1...13 3-02 Suitability and Security Clearance Process Flow Chart Part 2...14 6-01 Computer/ADP Risk Levels and Definitions...26 9-01 Background Investigation Levels with No National Security Requirements...31 9-02 Background Investigation Levels with National Security Requirements...32 9-03 Background Reinvestigation Levels with National Security Requirements...32 9-04 Examples of Background Investigation Levels Required...34 B-01 NASA Form 1722...39 Page 6 of 94
Figure Page B-02 Table to Identify Impact Level and Location to Record...40 B-03 Table to Identify Scope of Operations and Location to Record...40 B-04 Table to Identify Program Designation and Location to Record...41 B-05 Table to Identify Risk Points and Location to Record...41 B-06 Table to Identify Risk Level and Investigation and Location to Record...42 B-07 Uniqueness and Uniformity Descriptions...43 B-08 Location of Uniqueness and Uniformity Comments...44 B-09 Location of National Security and Access Type Designations...45 B-10 National Security Levels and Location of Comments Area...46 B-11 Computer/ADP Levels and Location of Comments Area...47 B-12 Examples of Position Designations and Related Investigations...48 B-13 Location of Final Designation and Minimum Investigation Fields...49 B-14 Location of Signature and Date Lines...50 C-01 Suitability Adjudication Worksheet Header Area...51 C-02 Derogatory Information Example...52 C-03 Applicant Suitability Example...52 C-04 Final Suitability Determination Example...53 Page 7 of 94
(This page intentionally left blank.) Page 8 of 94
SECTION 1 INTRODUCTION 1.1 Purpose The purpose of this desk guide is to provide guidance to National Aeronautics and Space Administration (NASA) Center Human Resources Offices (HROs) with regards to the HRO role in Suitability and Security Clearance processing. This guide enables NASA Center HROs to ensure the following: 1. Consistency when determining risk designations and security clearance levels for NASA positions. 2. Appropriate background investigations are conducted. 3. Consistency when determining suitability for Federal employment. 1.2 Background The need for this guide has increased as the rules and procedures for determining suitability and security issues have become more defined. In addition, Homeland Security Presidential Directive (HSPD)-12, Policy for a Common Identification Standard for Federal Employees and Contractors, directs that all Government agencies enhance facility and information system security. This guide was developed with Center participation to provide HRO personnel with a complete understanding of security and suitability as these issues relate to the Human Resources (HR) processes. 1.3 Applicability This desk guide is for use by NASA Center HRO personnel. While other departments may be mentioned, the instructions and procedures are specifically meant for HRO personnel. 1.4 About this Document This document is a compilation of regulations, processes, and other information HRO personnel can use in suitability and security clearance processing. Throughout this desk guide, there are references to helpful documents and additional information. If the reader is directed to an appendix or attachment, the reader should reference appendices or attachments included with this document, unless another document is specified. The following appendices and attachments are included in this document: Appendix A, Acronyms and Abbreviations Appendix B, Position Risk Designation Step-By-Step Instructions Appendix C, Step-By-Step Suitability Determination Instructions Appendix D, Standard Suitability Adjudication Worksheet Attachment 1, Office of Personnel Management Suitability Guidelines Chart Attachment 2, Office of Personnel Management Issue Characterization Chart Attachment 3, Personal Identification Verification (PIV) Card Issuer (PCI) Procedures Page 9 of 94
SECTION 2 REFERENCES Various regulations govern suitability and security clearances. The following references were used in the preparation of this desk guide: a. 5 Code of Federal Regulations (CFR) Part 731: Suitability b. 5 CFR Part 732: National Security Positions c. Executive Order 10450: Security Requirements for Government Employees d. Executive Order 12968: Access to Classified Information e. Executive Order 13434: National Security Professional Development f. Federal Information Processing Standards (FIPS) Publication (PUB) 201: Personal Identity Verification (PIV) of Federal Employees and Contractors, March 2006 g. Homeland Security Presidential Directive (HSPD)-12, Policy for a Common Identification Standard for Federal Employees and Contractors h. NASA Form 1761, Suitability Adjudication Worksheet i. NASA Interim Directive (NID) (NPR-1600.1): Personal Identity Verification Policy and Procedures, NM 1600-52 j. NASA Procedural Requirements (NPR) 1600.1, NASA Security Program Procedural Requirements k. Office of Human Capital Management (OHCM) Personnel Bulletin: 2004-32-VS, Human Resources Security Project, October 26, 2004 l. OHCM Personnel Bulletin: 2005-06-VS, Status of Human Resources Security Project, March 21, 2005 m. OHCM Personnel Bulletin: 2005-09-VS, Security Metrics, April 14, 2005 n. OHCM Personnel Bulletin: 2005-22-VS, Personnel Security and Suitability, July 14, 2005 o. OHCM Personnel Bulletin: 2005-39-VS, Review of Established and Occupied Position, November 29, 2005 p. OHCM Personnel Bulletin: 2005-45-CS, Personal Identity Verification (PIV) Card Issuance Procedures, December 16, 2005 Page 10 of 94
q. OHCM Personnel Bulletin: 2006-15-CS, Personnel Security Issues, Updates, and Reminders, March 20, 2006 r. Office of Security and Program Protection memo: Clarification regarding NIST FIPS 199 System Security Category Determination and OPM Position Risk Level Determination, May 25, 2005 Page 11 of 94
SECTION 3 PROCESS OVERVIEW This section contains the process flow charts for submission of investigative e-forms and suitability and security adjudication. Following the flow charts, specific procedures and additional information are included. The charts in this section are intended to show the suitability and security clearance process for new NASA Civil Servant employees only. Reinvestigations will be tracked and initiated by the Security Office. If derogatory information is discovered during an investigation, the investigation results will be forwarded to HR for suitability adjudication. Instructions and a worksheet to help with the suitability adjudication can be found in Appendix C, Step-By-Step Suitability Determination Instructions, and Appendix D, Standard Suitability Adjudication Worksheet. Note: To continually improve the suitability and security clearance process and comply with all regulations, these procedures may change. If they do, you will be notified. All notifications and updates should be kept with this desk guide to reference as needed. These procedures are recommended and were developed to reduce the length of time required for suitability and security clearance processing, as well as to reduce the number of times the investigative process changes hands between HRO and the Security Office. Ultimately, it is incumbent upon each Center HRO to work out a specific arrangement with the Center Security Office. The primary HRO concerns are as follows: 1. Form 1722 on positions are to be completed by HRO. 2. Applicant information is entered into the Workforce Transformation Tracking System (WTTS). 3. Initial and final suitability determinations are made solely by HRO. Page 12 of 94
Figure 3-01. Suitability and Security Clearance Process Flow Chart Part 1 Page 13 of 94
Resume here if HR ordered copies of ROI OPM Review Concludes Suitability/Security Adjudication 90-day Window ROI is returned to NASA from OPM Security Clearance required? No If no security clearance needed, ROI is sent to Center Security Office Center Security Office receives ROI Center Security Office reviews ROI Yes 30-day Window Yes Derogatory information? No If security clearance is needed, ROI is received by CAF CAF adjudicates for security clearance Security Office forwards ROI to HRO Security notifies HR of clean ROI HR conducts final suitability adjudication HR finds employee suitable Adjudication successful? Yes CAF sends ROI to Center Security Office No Employee Suitable? Yes CAF notifies Center HRO of unsuccessful security clearance adjudication OPM notified of unfavorable adjudication No HR takes steps to remove employee HR notifies OPM of suitability determination HR takes steps to remove employee or find a position that does not require a security clearance HR Returns ROI to Security Office End End Responsibilities HRO Supervisor CAF Security Office Applicant Figure 3-02. Suitability and Security Clearance Process Flow Chart Part 2 Page 14 of 94
These procedures encompass the flow charts in this section and include additional information and explanation on the process. Notice that these procedures are separated into two sections according to the separation of the flow charts. In some of the steps, additional background or explanatory information is provided in italics. 3.1 New Hire Process Up to Submission of Investigative E-form Procedures 1. Supervisor initiates a request to fill the position and creates a Position Description (PD). 2. Supervisor reviews the Program and PD and makes an initial Security Clearance and Position Risk Level determination. 3. HR Reviews the Program and PD; finalizes the Position Risk Designation and Security Clearance Level in coordination with the Supervisor. The NASA FM 1722 is in the process of being automated. It is anticipated that this information will flow automatically from WTTS into IdMAX, the new badging system. 4. The vacancy is advertised; a selection is made; and a letter is sent to the applicant stating employment is contingent upon favorable adjudication for suitability and, if necessary, a security clearance. 5. HR updates WTTS. As part of the new HSPD-12-compliant credentialing process, the HRO will take on the role of Sponsor for new employees. This role requires applicant information to be entered into the IdMAX system. If WTTS is being updated and used to its full capability, the transfer of information from WTTS to IdMAX will be completely hands off, eliminating the need for the HR Specialist to log into a separate system to enter applicant information. Because IdMAX is used to verify identity of an individual, it is imperative that applicant information be entered correctly and completely. For example, the full first name of the applicant must be entered into the first name field. Security cannot accurately verify identity with only the first initial. The name entered into WTTS must match the name presented on the I-9 documents. 6. HR determines if the applicant has an applicable Background Investigation on file with the Office of Personnel Management (OPM). A check is made via the OPM database. NASA must follow the principles of reciprocity. Your office must get access to the Personnel Investigation Processing System (PIPS) to see if an investigation is on file for an applicant. If an applicant has a background investigation on file that is of the correct level for the vacancy for which they applied, the HRO can contact the losing agency to determine reciprocity or NASA can request a copy of the results from OPM rather than pay for a new investigation. This could lead to a substantial cost savings for the Agency. 7. Is there an applicable Background Investigation on file? a. If no, HR initiates Electronic Questionnaires for Investigations Processing (e-qip) for the applicant. Proceed to step 8. b. If yes, HR orders copies of the Report of Investigation (ROI). Proceed to step 9. 8. Applicant fills out investigative e-form in e-qip. 9. Applicant provides two forms of identification. 10. HR verifies citizenship. The applicant name that is entered into WTTS must match the I-9 documents that are used to verify citizenship. If the documents and WTTS do not match, Security will not be able to validate the applicant s identity and the applicant therefore will not be able to receive a badge. 11. Security fingerprints the applicant and verifies identity based on I-9 documentation. 12. Security sends fingerprint results to HR for initial suitability determination. HR will need to electronically attach the fingerprint results to the investigative e-form to submit to OPM. 13. HR makes initial suitability determination based on initial review of investigative e-form, results from fingerprints, and Official Form (OF) 306. An applicant does not become an employee Page 15 of 94
until Entrance on Duty (EOD). Therefore, if the applicant is not suitable for Federal employment based on the initial suitability determination, the offer is rescinded. 14. Is the initial suitability determination favorable? a. If no, the offer is rescinded and the applicant s process ends. b. If yes, EOD. Important: EOD is the beginning of a 14-day window to complete the remaining steps in this part of the process. HR must submit investigative e-form to OPM within 14 days of EOD. Pre-appointment waiver rules include the following: a. Prior to completion of the required pre-appointment investigation, if clear justification exists to warrant a waiver, it may be authorized by Center Directors and the Assistant Administrator for Security and Program Protection to approve an emergency appointment or reassignment to a Critical-Sensitive or Noncritical-Sensitive position. b. Special-Sensitive positions must complete pre-appointment investigation. Pre-appointment investigation requirements shall NOT be waived for positions designated as Special-Sensitive. c. Critical-Sensitive positions need a waiver. d. Noncritical positions do not have to have a waiver. 15. Has HR ordered copies of the ROI from OPM for a Background Investigation on file? a. If yes, skip to paragraph 3.2, Suitability/Security Adjudication Procedures. b. If no, HR reviews investigative e-form for completeness. 16. Is a Security Clearance needed? a. If yes, HR codes the investigative e-form so the Central Adjudication Facility (CAF) receives the ROI. Proceed to step 17. The CAF is held to a 30-day window for adjudication and any delays by improper coding could result in disciplinary action against NASA by OPM. b. If no, HR codes investigative e-form so Center Security Office receives the ROI. Proceed to step 17. 17. HR submits investigative e-form to OPM. Proceed to paragraph 3.2, Suitability/Security Adjudication Procedures. Page 16 of 94
3.2 Suitability/Security Adjudication Procedures Important: The Suitability Adjudication part of the process can take no more than 90 days. In addition, if a Security Clearance is required, the CAF portion of the process can take no more than 30 of the 90 days. 1. ROI is returned to NASA from OPM. 2. Is a Security Clearance required? a. If yes, proceed to step 3. b. If no, proceed to step 7. 3. CAF receives the ROI. 4. CAF adjudicates for security clearance. 5. Is the adjudication successful? a. If yes, CAF sends the ROI to the Center Security Office. Then proceed to step 8. b. If no, CAF notifies the Center HRO of unsuccessful security clearance adjudication and CAF notifies OPM of unfavorable adjudication. Then proceed to step 6. 6. If CAF notifies HRO of unsuccessful adjudication, HR takes steps to remove the employee or find a position that does not require a security clearance. This process ends. 7. If no Security Clearance is required (per step 2 above), the ROI is sent to the Center Security Office. 8. The Center Security Office receives the ROI. 9. The Center Security Office reviews the ROI. 10. Is there derogatory information? a. If yes, the Security Office forwards the ROI to HRO. Then proceed to step 11. b. If no, Security notifies HR of a clean ROI. Then proceed to step 13. 11. HR conducts the final suitability adjudication. 12. Is the employee suitable? a. If yes, proceed to step 13. b. If no, HR takes steps to remove the employee. Then proceed to step 14. 13. HR finds the employee suitable. 14. HR notifies OPM of suitability determination. 15. HR returns ROI to Security Office. Page 17 of 94
SECTION 4 RESPONSIBILITIES 4.1 General Responsibilities The information contained in this section is taken from the Personnel Bulletins as listed in Section 2, References. The information extracted pertains to requirements as they relate to HROs. No personnel actions associated with recruitment, hiring, or position change shall take place without the appropriate prior assignment of position risk designation and position sensitivity level. No individual shall be issued a permanent NASA Civil Servant employee photo identification (ID) without, at a minimum, appropriate establishment of position sensitivity, risk designation, submission of required investigative e-form, and an initial favorable suitability determination. As part of the in-processing function for new employees, each Center HRO is responsible for: 1. Completing, reviewing, and submitting investigative e-form in a timely manner. 2. Providing, at the earliest possible time but no later than two (2) working days prior to EOD, the following information on each prospective employee to Security: Name Date of birth Place of birth (city, state, country) Social Security Number (SSN) Security will conduct an initial investigation (e.g., fingerprints) and, if any derogatory information is found, Security will forward the results to HRO to make an initial suitability determination. In unusual cases where it is not possible to provide such information within that time frame, the HRO will coordinate with Security to explain the circumstances and provide the information as quickly as possible. 3. Using e-qip to the maximum extent possible. All Standard Form (SF) 85, SF 85P, and SF 86 questionnaires shall be completed in e-qip. HROs will have a Submitting Office Number (SON). Please confirm that your office already has a SON. If not, PIPS Form 12 should be submitted to OPM to obtain one. HROs are assigned a SON by OPM to enable electronic submission of investigative forms and allow HRO personnel to inquire about case status. At this time, PIPS Form 12 is available at the OPM e-qip portal under the title, PIPS on the Portal. The completed form must be faxed. 4. Advising all new employees who do not indicate prior Federal service, at the time the offer of employment is made, on completing the appropriate investigative e-form. 5. Completing SF 75 for employees with prior Federal service to determine if the individual s current level of investigation is sufficient to meet the requirements of the position. If so, no additional investigative e-form needs to be generated; if not, appropriate e-form must be initiated. 6. Ensuring background investigations done by other agencies are accepted if they are of the appropriate level for the position, under the principles of reciprocity. 7. Assuring that new employees, or employees whose security requirements have changed, submit the appropriate investigative e-form. 8. Monitoring progress on completion of investigative e-form. Ideally, new employees will complete the e-form on or before EOD. In all but the most unusual circumstances, e-form Page 18 of 94
may be completed after EOD but must be completed in sufficient time to be reviewed and submitted to OPM within 14 days of EOD, as required by the CFR. 9. Ensuring that investigation level matches position requirements. 10. Reviewing completed e-form for any initial red flags, and consulting with Security personnel as necessary. 11. Ensuring that investigative e-form is coded correctly to ensure that the ROI is returned to the appropriate office (i.e., CAF or Center Security Office). 12. Transmitting investigative e-form to OPM. 13. Making suitability determinations in coordination with the selecting official. Where a manager makes a decision not in accordance with HR recommendations, the HR specialist will document the circumstances. 14. Ensuring that form 79A is completed with the notification of the adjudication determination and returned to OPM. 4.2 HSPD-12 Responsibilities The HSPD-12 directive that was signed by President George W. Bush mandates that each Federal Agency take more precautions in ensuring the safety of physical and logical assets. FIPS 201 specifically outlines the steps that each Agency must take to comply with HSPD-12. The process will verify the identity of all persons who access NASA facilities or systems and has several touch points with HR: Position Risk Designations Background Investigations Federal Employment Suitability Determinations o Initial Suitability o Final Suitability New Hire Sponsor Role NID (NPR-1600.1), Personal Identity Verification (PIV) Policy and Procedures, NM 1600-52, provides specific information on processes, roles, and responsibilities relating to NASA issuing federal credentials. The following roles and responsibilities were compiled from the NID, as well as other applicable sources, and summarize the responsibilities for HSPD-12 personnel. Position Risk Designations HSPD-12 mandates that, at a minimum, each Federal employee will have a National Agency Check and Inquiries (NACI) background investigation done. However, many NASA programs and projects have positions that warrant a higher level of background investigation. To ensure that NASA employees are investigated at the appropriate level, a Position Risk Designation must be determined and NASA Form (NF) 1722 should be on file to validate the designation. Each position must be reviewed to ensure that the correct level of background investigation has been done on the employee holding that position. For New Hires, this process should be completed prior to the vacancy being advertised. Background Investigations Once the correct level of background investigation is determined by the Position Risk Designation for New Hires or position changes, the HRO is responsible for the timely completion and submission of investigative e-form to OPM via the e-qip system. This will require the HRO to have a SON. Page 19 of 94
Federal Employment Suitability Determination The HRO has the responsibility to adjudicate each New Hire for Federal Employment Suitability. This includes an initial suitability determination prior to EOD, which is made with limited information, and the final suitability determination, which is made using the Report of Investigation from OPM. Requestor This individual is authorized to create the initial request for an applicant to receive a badge and to perform the initial entry of the applicant s demographic data into the system for the PIV badge request. The Requestor for NASA employees is the HRO, for contractors is the contractor organization, and for grantees is the grant provider. The Requestor may also be the Sponsor, but may not be the Enrollment Official, Issuance Official, or PIV Authorizer. New Hire Sponsor Role In working with the HSPD-12 Implementation team, the HRO has been designated the Sponsor for New Hires. As defined in FIPS 201, the Sponsor is the person who requests the issuance of a PIV credential to the Applicant. As Sponsors, the HRO will need to ensure that all necessary information is entered into WTTS. The data flow from WTTS into the new badging system, IdMAX, will start the badging process by supplying Security with needed information. PIV Card Applicant Representative In working with HSPD-12, an HR Specialist or Contracting Officers Technical Representative (COTR) acts as a Point of Contact (POC) for applicants in adhering to processes, providing documents, and obtaining badges. This position is also responsible for adhering to all applicable procedures and directives, is responsible for protecting personal privacy of all applicants, and acts as a POC for applicants denied a badge due to missing or incorrect information. In addition, this position may act on behalf of an applicant who is not available for performing required actions. Page 20 of 94
SECTION 5 DOCUMENTING NATIONAL SECURITY AND PUBLIC TRUST DESIGNATIONS Effective March 21, 2005, National Security and public trust designations are to be documented on NF 1722, NASA Position Designation Record. Centers may add supplemental information to the basic designation record as they deem necessary. Refer to NPR 1600.1, NASA Security Program Procedural Requirements, for additional information. Page 21 of 94
SECTION 6 POSITION RISK FACTORS Position Risk Designations determine the level of background investigation required for a person to hold a position. However, even if the Position Risk Designation is set at one risk level, if the position requires access to information or a facility that falls under National Security, the designation may be increased. Additionally, if other position factors such as Computer Category Positions are applicable, the designation may be increased. This section provides information on the various Position Risk Designations. The information contained in this section is taken from NPR 1600.1, NASA Security Program Procedural Requirements. The information extracted pertains to requirements as they relate to HROs. Refer to NPR 1600.1, NASA Security Program Procedural Requirements, for additional information. 6.1 Position Risk Designations Each position will be designated at a High, Moderate, or Low risk level depending on the position s potential for adverse impact to the integrity and efficiency of the Agency (5 CFR 731.106). The Center HRO, in coordination with the supervisor, is responsible for making these risk determinations. Any High Risk or Moderate Risk position is also considered to be a Public Trust position. The process for making risk determinations is outlined in Appendix M of NPR 1600.1, NASA Security Program Procedural Requirements. Refer to Appendix B, Position Risk Designation Step-By-Step Instructions. Note: If an employee is working part time in more than one position, the higher level Position Risk Designation takes precedence when determining the appropriate level of background investigation. There are three levels of risk: High Risk (HR), Moderate Risk (MR), and Low Risk (LR). 1. High Risk (HR): A position that has potential for exceptionally serious impact involving duties especially critical to the Agency or a program mission of the Agency with broad scope of policy or program authority such as: a. Policy development and implementation; b. Higher level management assignments; c. Independent spokespersons or non-management positions with authority for independent action; d. Significant involvement in life-critical or mission-critical systems; or e. Relatively high risk assignments associated with or directly involving the accounting, disbursement, or authorization of disbursement from systems of dollar amounts of $10 million per year or greater, or lesser amounts if the activities of the individual are not subject to technical review by higher authority to ensure the integrity of the system. Page 22 of 94
f. Positions in which the incumbent is responsible for the planning, direction, and implementation of a computer security program; has a major responsibility for the direction and control of risk analysis and/or threat assessment, planning, and design of the computer system, including the hardware and software; or, can access a system during the operation or maintenance in such a way, and with the relatively high risk for causing grave damage or realize a significant personal gain. 2. Moderate Risk (MR): A position that has the potential for moderate to serious impact involving duties of considerable importance to the Agency or a program mission of the Agency with significant program responsibilities and delivery of customer services to the public such as: a. Assistants to policy development and implementation; b. Mid-level management assignments; c. Non-management positions with authority for independent or semi-independent action; d. Delivery of service positions that demand public confidence or trust; or e. Positions with responsibility for the direction, planning, design, operation, or maintenance of a computer system and whose work is technically reviewed by a higher authority at the high risk level to ensure the integrity of the system. Such positions may include but are not limited to: 1) Access to and/or processing of proprietary data, Privacy Act of 1974, and Government-developed privileged information involving the award of contracts; 2) Accounting, disbursement, or authorization for disbursement from systems of dollar amounts of less than $10 million per year; or 3) Other positions as designated by the Agency head that involve degree of access to a system that creates a significant potential for damage or personal gain less than that in high risk positions. 3. Low Risk (LR): Positions that have the potential for impact involving duties of limited relation to the Agency mission with program responsibilities which affect the efficiency of the service. It also refers to those positions that do not fall within the definition of a high or moderate risk position. 6.2 Mission Critical Space System Personnel Reliability Program (MCSSPRP) If a position allows access to any mission-critical areas or is located in a mission-critical area, the position is categorized as Personnel Reliability Program (PRP). If the position also has access to National Security information, a security clearance may also be required. Refer to Section 8, Coding of Position Sensitivity Level Designation for National Security Positions, for additional information. 1. Those personnel occupying positions that involve unescorted access to mission-critical space systems areas, mission data, or mission-specific Information Technology (IT) systems including those activities related to access to and/or manipulation of command and control systems of all NASA space-assets (e.g., shuttle, International Space Station (ISS), NASA satellites, other exploration vehicles, etc.) where inappropriate actions could result in damage and/or loss of the asset and/or critical data, or result in the loss of life and/or serious injury. 2. Persons requiring unescorted access to Mission Essential Infrastructure (MEI) assets will be certified under the MCSSPRP. Page 23 of 94
6.3 IT Position Risk Designations If a position allows access to certain IT functions, the Position Risk Designation may be raised. Positions that are designated at the Moderate or High risk levels are deemed to be Public Trust positions. Note: If an employee is working part time in more than one position, the higher level Position Risk Designation takes precedence when determining the appropriate level of background investigation. Descriptions of the three IT positions are as follows: IT-1 Position - Any IT position whose duties, responsibilities, and authorities involve accessing information or system controls that if misused can reasonably be expected to cause exceptionally serious adverse impact. IT-2 Position - Any IT position whose duties, responsibilities, and authorities involve accessing information or systems that if misused can reasonably be expected to cause serious adverse impact or allow for great personal gain. IT-3 Position - Any other IT position whose duties, responsibilities, and authorities involve accessing information that if misused could reasonably be expected to have minimum adverse impact on the Agency s mission. Position risk-level determinations are inclusive of many factors, IT positions and/or access being an important factor. Provided below are categories of IT positions and/or specific duties that may influence the risk-level designation for each individual position. 1. In accordance with the Federal Information Systems Management Act (FISMA), the Office of Management and Budget (OMB) Circular A-130, and NPR 2810.1, NASA has established requirements and procedures to assure an adequate level of protection for NASA IT systems, which includes the appropriate security screening of all individuals having access to NASA IT systems: a. HIGH RISK or 6C positions include positions in which the incumbent is responsible for planning, directing, and implementing a computer security program; has major responsibility for directing, planning, and designing an IT system, including the hardware and software; or, can access a system with relatively high risk for causing grave damage or realizing a significant personal gain. High risk IT positions may include positions, which involve the following: 1) Development or administering Agency IT Security Programs, directing, controlling IT risk analysis and threat assessments, or conducting investigations; 2) Significant involvement in life-critical or mission-critical systems; (See section 3.5.6 [of the NPR 1600.1, NASA Security Program Procedural Requirements] for further requirements); 3) Privileged access to NASA IT Systems designated as High Risk systems; Page 24 of 94
4) Access to data or systems whose misuse can cause very serious adverse impact or result in significant personal gain; or 5) Assignments involving accounting, disbursement, or authorization of $10 million or more per year. b. MODERATE RISK or 5C positions include positions where the incumbent is responsible for directing, planning, designing, operating, or maintaining IT systems and whose work is technically reviewed by a higher authority (at the high risk level) to ensure the integrity of the system: Moderate risk IT positions may involve: 1) Systems design, operation, testing maintenance or monitoring which is under technical review of IT-1 and includes: a. Those that contain the primary copy of data whose cost to replace exceeds $1 million dollars; b. Those that control systems which affect personal safety and/or physical security, fire, or Hazmat warning safety systems; c. Privileged information on contract awards in excess of $10 million dollars; or d. Accounting disbursement or authorization of more than $1 million dollars but less than $10 million dollars per year. 2) Access to data or systems whose misuse can cause serious adverse impact or result in personal gain, which includes but is not limited to: a. Proprietary data; b. Privacy Act protected information; or c. Export Control Regulation, International Traffic in Arms Regulations (ITAR), and the Militarily Critical Technologies List (MCTL) information. 3) Limited privileged access to NASA IT Systems designated as Moderate Risk systems. c. LOW RISK or 1C positions are all IT system positions that do not fall in the categories above and includes all non-sensitive positions and all other positions involving IT Systems whose misuse has limited potential for adverse impact or sensitive data is protected with password and encryption. Low risk IT positions may involve: 1) General word processing; or 2) Systems containing no IT-1 or IT-2 level information or IT-1 or IT-2 level information that is protected from unauthorized access. 2. Specific requirements and criteria for designating Computer/Automated Data Processing (ADP) risk levels are contained in NPR 1600.1, Appendix M, Designation of Public Trust Positions and Investigation Requirements. Page 25 of 94
The following figure may help in determining the appropriate Computer/ADP risk levels: Figure 6-01. Computer/ADP Risk Levels and Definitions Page 26 of 94
SECTION 7 NATIONAL SECURITY CLEARANCE LEVEL DETERMINATION National security clearance levels are determined based on the level of access needed to classified information. After determining which sensitivity level the particular position requires, refer to Section 8, Coding of Position Sensitivity Level Designation for National Security Positions, to determine what level of background investigation needs to be conducted. The information contained in this section is taken from NPR 1600.1, NASA Security Program Procedural Requirements. The information extracted pertains to requirements as they relate to HROs. Refer to NPR 1600.1, NASA Security Program Procedural Requirements, for additional information. Overview Some positions at NASA will require the employee to obtain and maintain a Security Clearance. The determination of the need for a Security Clearance and the subsequent level of clearance will be made by the supervisor. HRO personnel are responsible for ensuring the appropriate background investigation is ordered based on position requirements. Note: A recent change was published requiring professional development for persons in national security positions. The policy, requirements, and responsibilities can be found in Executive Order 13434: National Security Professional Development. All positions with National Security duties and responsibilities must have a sensitivity-level designation to ensure the appropriate level of investigative screening is done to comply with Executive Order 10450: Security Requirements for Government Employees and Executive Order 12968: Access to Classified Information. As stated in 5 CFR Part 732, a sensitive position is defined as any position within a department or agency the occupant of which could bring about, by virtue of the nature of the position, a material adverse effect on the National Security. Consequently, sensitivity level designation is based on an assessment of the degree of damage that an individual could cause to National Security. Apply the sensitivity levels described in this part as an Adjustment in the Risk Designation System to arrive at a final designation. There are three sensitivity levels: Special-Sensitive, Critical-Sensitive, Noncritical-Sensitive. They are defined in the following paragraphs. 7.1 Special-Sensitive (SS) A Special-Sensitive position is any position that the NASA Administrator determines to be at a higher level than Critical-Sensitive due to special requirements that complement E.O. 10450 and E.O. 12698 (such as Director of Central Intelligence Directive [DCID] 6/4 that sets investigative requirements and access to Sensitive Compartmented Information [SCI] and other intelligence-related Special Sensitive information). Page 27 of 94
7.2 Critical-Sensitive (CS) A Critical-Sensitive position is any position with potential for exceptional or grave damage to the National Security. Critical-Sensitive positions involve any of the following: Access to Top Secret classified information; Development or approval of war plans, or plans or particulars of future, major, or special operations of war, or critical and extremely important items of war; National Security policy-making or policy-determining positions; Investigative duties; Issuance of personnel security clearances; Duty on personnel security boards; and Any other positions related to National Security requiring the same degree of trust. 7.3 Noncritical-Sensitive (NCS) A Noncritical-Sensitive position is any position with potential for significant or serious damage to the National Security. Noncritical-Sensitive positions involve any of the following: Access to Secret or Confidential classified information, or Duties that may directly or indirectly adversely affect the National Security operations of the agency or the government. Note: The designation of Non-Sensitive is not shown in the table [Figure 9-04, Examples of Background Investigation Levels Required] because a Non-Sensitive position is the same as a Low Risk position; both require the same level of investigation: a NACI. Sensitivity level designations override Public Trust (i.e., HR and MR) designations due to the national interest or security. However, the basic risk level of a position needs to be determined first. If National Security duties and responsibilities are no longer a part of a position, the position reverts to its Public Trust designation. Additionally, if the Public Trust risk level designation requires a higher level of investigation than the National Security sensitivity level, the higher level of investigation must be conducted. For example, if the basic position description is HR, but the position requires Secret access, the position would have an adjusted designation of Noncritical-Sensitive because of the Secret access. The investigation required would be a Background Investigation (BI) for the HR position, and not an Access National Agency Check with Inquiries (ANACI) for the Noncritical-Sensitive designation due to Secret access. The higher level of investigation prevails because of the more intensive screening required of an HR position, a BI investigation being a higher level of investigation than an ANACI. Page 28 of 94
SECTION 8 CODING OF POSITION SENSITIVITY LEVEL DESIGNATION FOR NATIONAL SECURITY POSITIONS After using Section 7, National Security Clearance Level Determination, to determine which sensitivity level the particular position requires, use this section to determine what level of background investigation needs to be conducted. For instance, if the position is defined as in paragraph 7.2, Critical-Sensitive, the level of background investigation required can be found in paragraph 8.2, Critical-Sensitive. The information contained in this section is taken from NPR 1600.1, NASA Security Program Procedural Requirements. The information extracted pertains to requirements as they relate to HROs. Refer to NPR 1600.1, NASA Security Program Procedural Requirements, for additional information. Overview The proper coding of position sensitivity for National Security positions is required on Optional Form 8, Position Description, or NF 692, Position Description, and optional on the SF 50 and 52 (See 5 CFR part 732). NASA managers and supervisors must use the following codes whenever establishing position sensitivity for access to Classified National Security Information (CNSI): National Security Position Sensitivity Level Codes: Special-Sensitive: 4 Critical-Sensitive: 3 Noncritical-Sensitive: 2 Center HROs are responsible for managing a Risk Designation System in accordance with 5 CFR 731-106(a). They shall coordinate, in a timely manner, with managers, supervisors, and the Center Chief of Security (CCS) to accomplish designation of positions requiring access to CNSI. After the appropriate position sensitivity determination has been assigned, the Center HRO or Security Office shall initiate the appropriate investigation. 8.1 Special-Sensitive (SS) Positions requiring access to any of the levels of classified information outlined below shall be designated Special-Sensitive. Individuals in or selected for these positions must undergo a Single Scope Background Investigation (SSBI), using SF 86, and be favorably adjudicated prior to being granted access to: a. Top Secret (TS) SCI b. NASA Special Access Program Page 29 of 94
8.2 Critical-Sensitive (CS) Positions requiring access to any of the levels of classified information outlined below shall be designated Critical-Sensitive. Individuals in or selected for these positions must undergo an SSBI, using SF 86, and be favorably adjudicated prior to being granted access to: a. Top Secret (TS) b. NATO Top Secret 8.3 Noncritical-Sensitive (NCS) Positions requiring access to any of the levels of classified information outlined below shall be designated Noncritical-Sensitive. Individuals in or selected for these positions must undergo, at a minimum, an ANACI, using SF 86, and be favorably adjudicated prior to being granted access. Exceptions to classified access investigative requirements for these positions shall be made only as provided for in section 2.6 above [Refer to NPR 1600.1, NASA Security Program Procedural Requirements.] a. Secret or Confidential b. NATO Secret/Confidential Pre-appointment investigation requirements shall NOT be waived for positions designated Special-Sensitive. Pre-appointment waivers may be authorized by Center Directors and the Assistant Administrator for Security and Program Protection to approve an emergency appointment or reassignment to a Critical- Sensitive or Noncritical-Sensitive position prior to completion of the required pre-appointment investigation only when clear justification exists to warrant the waiver. Page 30 of 94
SECTION 9 BACKGROUND INVESTIGATION LEVEL DETERMINATION The background investigation level is an OPM-designated requirement based on position risk factors, not on National Security. This section specifically addresses position risk. The information contained in this section is taken from NPR 1600.1, NASA Security Program Procedural Requirements. The information extracted pertains to requirements as they relate to HROs. Refer to NPR 1600.1, NASA Security Program Procedural Requirements, for additional information. Some of the charts pertaining to this section are currently being updated in NPR 1600.1. Those outdated charts are not being used here; corrected information is provided in this document. The level of risk and/or sensitivity associated with a position will determine the level of background investigation that is required for the employee filling that position. At a minimum, a NACI investigation must be completed for all Federal employees. 9.1 Background Investigation Levels No National Security Requirements For positions with no National Security requirements, use the chart below to determine the appropriate level of background investigation required: RISK LEVEL LOW Risk MODERATE Risk [Public Trust Position] HIGH Risk [Public Trust Position] PRP [Public Trust Position] MINIMUM REQUIRED INVESTIGATION NACI - National Agency Check and Inquiries MBI - Minimum Background Investigation BI - Background Investigation NACI National Agency Check and Inquiries Figure 9-01. Background Investigation Levels with No National Security Requirements Page 31 of 94
9.2 Background Investigation Levels National Security Requirements For positions with National Security Requirements, use the following chart to determine the level of background investigation required for an initial investigation: WHICH INVESTIGATION TO REQUEST If the requirement is for And the person has this access Based on this investigation Then the investigation required is Using standard CONFIDENTIAL None None ANACI A SECRET; L CONF, SLc; L Out of Date Investigation ANACI TOP SECRET, SCI; Q None None SSBI None; CONF, SEC; L current or out of date NACLC TS, SCI; Q out of date SSBI SSBI-PR C Figure 9-02. Background Investigation Levels with National Security Requirements Reinvestigations will be tracked and initiated by the Security Office. For positions with National Security requirements, the following chart is used to determine the level of background investigation required for a reinvestigation: REINVESTIGATION REQUIREMENTS If the requirement is for And the age of the investigation is Type required if there has been a break in service of CONFIDENTIAL 0 to 14 yrs. 11 mos. 0-23 months 24 months or more 15 yrs. or more None (NOTE 1) NACLC Page 32 of 94
REINVESTIGATION REQUIREMENTS If the requirement is for And the age of the investigation is Type required if there has been a break in service of SECRET; L 0 to 9 yrs. 11 mos. None (NOTE 1) TOP SECRET, SCI; Q 10 yrs. or more SSBI-PR 0 to 4 yrs. 11 mos. None (NOTE 1) SSBI 5 yrs. or more SSBI-PR NOTE 1: As a minimum, review an updated Standard Form 86 and applicable records. A reinvestigation (NACLC or SSBI-PR) is not required unless the review indicates the person shall no longer satisfy the standards of EO 12968. Figure 9-03. Background Reinvestigation Levels with National Security Requirements 9.3 How to Determine Investigation Level Required Sensitivity level designations override Public Trust (i.e., HR and MR) designations due to the national interest or security. However, the basic risk level of a position needs to be determined first. If National Security duties and responsibilities are no longer a part of a position, the position then reverts to its Public Trust designation. Additionally, if the Public Trust risk level designation requires a higher level of investigation than the National Security sensitivity level, the higher level of investigation must be conducted. For example, if the basic position designation is HR, but the position requires Secret access, the position would have an adjusted designation of Noncritical-Sensitive because of the Secret access. The investigation required would be a BI for the HR position, and not an ANACI for the Noncritical-Sensitive designation due to Secret access. The higher level of investigation prevails because of the more intensive screening required of an HR position, a BI investigation being a higher level of investigation than an ANACI. In all cases, if a position requires one level of clearance and National Security requirements indicate a different level of clearance, the highest level identified must be used for that position. The following figure shows five examples: Page 33 of 94
Figure 9-04. Examples of Background Investigation Levels Required Page 34 of 94
SECTION 10 E-QIP Please confirm that your office already has a SON. If not, PIPS Form 12 should be submitted to OPM to obtain one. HROs are assigned a SON by OPM to enable electronic submission of investigative e-forms and allow HRO personnel to inquire about case status. At this time, PIPS Form 12 is available at the OPM e-qip portal under the title, PIPS on the Portal. The completed form must be faxed. Per OPM guidance, effective April 1, 2006, all Agencies must use e-qip to submit investigative e-forms. OPM will provide Center HROs with a SON upon request to allow HROs to submit SF 85/SF 85P/SF 86 to OPM via the e-qip system. The SON is assigned to the HRO to allow HRO personnel to submit investigative e-form to OPM. You must use a valid SON to identify yourself as an HR person and to allow OPM to receive the submission. Step-by-step instructions on entering and submitting investigative e-form via e-qip can be found on the OPM e-qip portal. Note: To access the portal, you must have a user name and password. Please notify the designated e-qip contact to have an account created. Page 35 of 94
SECTION 11 SUITABILITY ADJUDICATION OHCM Personnel Bulletin: 2005-22-VS, Personnel Security and Suitability, mandated that all Center HROs will conduct suitability determinations. This includes initial (prior to EOD) and final suitability adjudication. Training is available from several OPM-approved vendors. While initial suitability determinations must be made with limited information (e.g., results of fingerprint check, SF 306, initial review of SF 85/ SF 85P/SF 86, etc.), final suitability determinations should be made using all available information including the ROI received from OPM. ROIs will be sent to the Center Security Office either directly from OPM or from the CAF if a security clearance is needed. After review, if any derogatory information exists, the Security Office will forward the ROI to the HRO. Upon the receipt of the ROI from Security, HR Specialists will adjudicate the information using the Suitability guidelines as set forth in 5 CFR 731.202 by OPM. Note: The background investigation level of the suitability adjudicator must be at least the same level as the ROI being reviewed (e.g., If you are reviewing an ROI for an MBI, you must have at least an MBI.). The OPM suitability guidelines, Issue Characterization Chart, Step-by-step suitability determination instructions, and the NASA suitability worksheet can be found in this document. Appeals Per guidelines outlined in 5CFR 731.501, Appeal to the Merit Systems Protection Board, if an applicant is determined to be unsuitable for employment, that individual may appeal the determination through the Merit Systems Protection Board appeals process. Upon evaluation, the Board either affirms the determination or remands the case to OPM or the appropriate agency. The Board s determination is final and cannot be appealed again. Page 36 of 94
APPENDIX A ACRONYMS AND ABBREVIATIONS Acronyms that are used in this desk guide are identified upon first use in this document. Thereafter, the acronym is used. In cases where the first or only instance of the use of an acronym is in a table or graphic, it may not be spelled out on first reference. Since many acronyms and abbreviations have multiple meanings, the following list includes those used in this guide and the applicable meaning: ACRONYM/ ABBREVIATION ADP ANACI BI CAF CCS CFR CNSI COTR CS DCID e-qip EOD FIPS FISMA HR HR HRO HSPD ID ISS IT ITAR LR MBI MCSSPRP MCTL MEI MR NACI NASA NCS NF NID NIST NPR OF MEANING Automated Data Processing Access National Agency Check with Inquiries Background Investigation Central Adjudication Facility Center Chief of Security Code of Federal Regulations Classified National Security Information Contracting Officers Technical Representative Critical-Sensitive Director of Central Intelligence Directive Electronic Questionnaires for Investigations Processing Entrance on Duty Federal Information Processing Standards Federal Information Systems Management Act High Risk Human Resources Human Resources Office Homeland Security Presidential Directive identification International Space Station Information Technology International Traffic in Arms Regulations Low Risk Minimum Background Investigation Mission Critical Space System Personnel Reliability Program Military Critical Technologies List Mission Essential Infrastructure Moderate Risk National Agency Check and Inquiries National Aeronautics and Space Administration Noncritical-Sensitive NASA Form NASA Interim Directive National Institute of Standards and Technology NASA Procedural Requirements Official Form Page 37 of 94
ACRONYM/ ABBREVIATION OHCM OMB OPM PCI PD PIPS PIV POC PRP PUB ROI SCI SF SON SS SSBI SSN TS WTTS MEANING Office of Human Capital Management Office of Management and Budget Office of Personnel Management PIV Card Issuer Position Description Personnel Investigation Processing System Personal Identification Verification Point of Contact Personnel Reliability Program Publication Report of Investigation Sensitive Compartmented Information Standard Form Submitting Office Number Special-Sensitive Single Scope Background Investigation Social Security Number Top Secret Workforce Transformation Tracking System Page 38 of 94
APPENDIX B POSITION RISK DESIGNATION STEP-BY-STEP INSTRUCTIONS This appendix contains step-by-step instructions to assist in determining Position Risk/Access Designation and the associated investigation required. Getting Started You will need the following items to complete NF 1722: NPR 1600.1, Appendix M, Designation of Public Trust Positions and Investigation Requirements Position Description Input from the Supervisor of the position, including Position Description (PD) and security clearance needs Procedure: 1. Fill out the header information at the top of NF 1722 to include: a. Agency Center b. Program c. Position, Title, Series, & Grade d. Position Description Number The following figure shows the location of these fields on NF 1722: Figure B-01. NASA Form 1722 Page 39 of 94
NASA Desk Guide for Suitability and Security Clearance Processing Version 2 2. Locate Table 1 in the NPR 1600.1, Appendix M. Using the definitions on Table 1, identify the level of Impact (i.e., Major, Substantial, Moderate, or Limited) of the program and record it on NF 1722. The following figure shows Table 1 and the location of the field on NF 1722: Figure B-02. Table to Identify Impact Level and Location to Record 3. Using the definitions on Table 1, identify the Scope of Operations (e.g., Worldwide, Governmentwide, MultiAgency, or Agency) of the position and record it on NF 1722, as shown in the following figure: Figure B-03. Table to Identify Scope of Operations and Location to Record Page 40 of 94
4. Using Table 1, identify the final Program Designation (i.e., Major, Substantial, Moderate, or Limited) and record it on NF 1722 as shown in the following figure: Figure B-04. Table to Identify Program Designation and Location to Record 5. Using Table 2, identify the Risk Points associated with the position in each Risk Factor. Record the points and total on NF 1722 as shown in the following figure: Figure B-05. Table to Identify Risk Points and Location to Record Page 41 of 94
6. Using Table 3, locate the applicable Program Designation and Position Risk Points. Then locate the intersection of these two elements. Record the Unadjusted Risk Level and the Minimum Investigation on the NF 1722 as shown in the following figure: Figure B-06. Table to Identify Risk Level and Investigation and Location to Record Page 42 of 94
7. Evaluate the position to determine if there are any adjustments needed for uniqueness and uniformity. Some positions, by the very nature of the duties and responsibilities of the program or the position, may require designation at a certain level of risk. Final adjustment in the designation process must take into account unique factors specific to positions and the organizational need for uniformity of operations. Adjustments serve to raise the risk level designation of a position or convert the designation from a risk level to a sensitivity level. As a consequence, the level of investigation is often raised. Use the descriptions in the following chart to determine if adjustments should be made: Uniqueness. Some factors that can cause a uniqueness adjustment, that are unique and are not fully accounted for in the program or position designation system, are listed here: Special investigative or criminal justice duties. Positions requiring possession and use of a firearm. Significant public health duties. Significant public safety duties. Access to or control of highly sensitive but unclassified information. Access to sensitive financial records. Potential for realizing significant personal gain. Control of an automated monetary system (such as key access entry). Few-of-a-kind positions with special duties (such as Special Assistant to Agency Head). Support positions with no responsibilities for preparation or implementation of Public Trust program policies and plans but involving regular contact with, and ongoing knowledge of, all or most of such material (such as Budget Analyst, Special Assistant). Any of the criteria appearing in 5 CFR 732 or E.O. 12968. Computer-ADP; any of the criteria under OMB Circular A-130 or Federal Information Security Act (FISMA) of 2002. Any other factors the Agency thinks relevant (these must be documented). Uniformity. There may be a clearly indicated need for uniformity in position designations, because of authority level or program designation level; two examples that can cause adjustment are listed here: The NASA Administrator may adjust position designations at the same authority level to assure uniformity within the Agency (for example, managers of major Agency programs at the same level of authority may be designated at the same level of risk). If the NASA Administrator determines the designation levels of programs override and negate any specific risk considerations associated with individual positions within NASA or a NASA program, he/she may designate all positions within a program at the risk level required to protect the integrity and best promote the efficiency of the service. Figure B-07. Uniqueness and Uniformity Descriptions Page 43 of 94
8. Make any necessary adjustments based on uniqueness and uniformity characteristics. Record on NF 1722 as shown in the following figure: Figure B-08. Location of Uniqueness and Uniformity Comments Page 44 of 94
9. Determine if the position is a National Security position and what type of access is required. Note that you will need input from the Supervisor and/or Security to determine this. Record this information in the NF 1722 as shown in the following figure: Figure B-09. Location of National Security and Access Type Designations Page 45 of 94
10. For National Security positions, determine the Risk, Sensitivity, and Access levels for the position and record it in the Comments area of NF 1722 as shown in the following figure: Figure B-10. National Security Levels and Location of Comments Area Page 46 of 94
11. For Computer/ADP positions, determine the adjusted Risk level and record it in the Comments area of NF 1722 as shown in the following figure: Figure B-11. Computer/ADP Levels and Location of Comments Area Page 47 of 94
12. For the final designation, determine if there are any adjustments required. a. If there are no adjustments, your Final Designation is the same as the information on NF 1722 in Section III, Position Designation, on the Unadjusted Risk Level and Minimum Investigation lines. OR b. If there are adjustments, the highest level of Risk and Investigation must be used as the final designation. The following figure shows five examples: BI is a higher level background investigation than an ANACI and therefore must be used as the final, minimum investigation. Figure B-12. Examples of Position Designations and Related Investigations Note: If an employee is working part time in more than one position, the higher level position risk determination takes precedence when determining the appropriate level of background investigation. Page 48 of 94
13. Enter the resulting information in the Final Designation and Minimum Investigation fields on NF 1722 as shown in the following figure: Figure B-13. Location of Final Designation and Minimum Investigation Fields Page 49 of 94
14. Print and sign your name and indicate the date on the appropriate lines on NF 1722 as shown in the following figure: Figure B-14. Location of Signature and Date Lines Page 50 of 94
APPENDIX C STEP-BY-STEP SUITABILITY DETERMINATION INSTRUCTIONS This appendix contains step-by-step instructions to assist in determining suitability. The instructions provide details for filling out NF 1761, Suitability Adjudication Worksheet. Procedure: 1. On the Suitability Adjudication Worksheet, fill out the header information as shown in the following figure: Figure C-01. Suitability Adjudication Worksheet Header Area 2. Review the ROI and document each item of derogatory information on the Suitability Adjudication Worksheet, ensuring the following items are addressed: List each piece of derogatory information as a separate item. List date of arrest or incident. Write a description of the incident use specific words from the ROI do not embellish or add color. List corresponding Suitability Factors from 5 CFR 731.202. Refer to Attachment 1, Office of Personnel Management Suitability Guidelines Chart. List any Additional Considerations from 5 CFR 731.202. Refer to Attachment 1, Office of Personnel Management Suitability Guidelines Chart. Page 51 of 94
List First and Second Ranking according to Issue Characterization Chart. Refer to Attachment 2, Office of Personnel Management Issue Characterization Chart. The following figure shows an example of a derogatory item listed on the worksheet (Note that the Control Date for this example is listed in the header information as June 28, 2006): Figure C-02. Derogatory Information Example 3. On the Suitability Adjudication Worksheet, in the Adjudicator s Analysis of Issues section, record a short analysis of the issues, ensuring you adhere to the following: Be specific. Use wording directly from the ROI. Do not embellish or add color. 4. Click to select the box beside the appropriate description as shown in the following example: Figure C-03. Applicant Suitability Example Page 52 of 94
5. The adjudicator makes the final Suitability Determination and the decision is approved by his/her supervisor as shown in the following example: Figure C-04. Final Suitability Determination Example Page 53 of 94
(This page intentionally left blank.) Page 54 of 94
APPENDIX D STANDARD SUITABILITY ADJUDICATION WORKSHEET Page 55 of 94
Page 56 of 94
ATTACHMENT 1 OFFICE OF PERSONNEL MANAGEMENT SUITABILITY GUIDELINES CHART Page 57 of 94
(This page intentionally left blank.) Page 58 of 94
Page 59 of 94
Page 60 of 94
Page 61 of 94
(This page intentionally left blank.) Page 62 of 94
ATTACHMENT 2 OFFICE OF PERSONNEL MANAGEMENT ISSUE CHARACTERIZATION CHART Page 63 of 94
(This page intentionally left blank.) Page 64 of 94
1. Intoxicants A Drunk Drunk and disorderly Liquor law violation (use or possession by minor) 2. Drug Use A Infrequent use or possession of marijuana Possession of marijuana paraphernalia Arrested or charged with possession of marijuana 3. Financial Responsibility A Bad check Infrequent, irregular, but deliberate delinquency in meeting financial obligations Issue Characterization Chart B Drinking and driving Driving under influence Driving while intoxicated B Regular use or possession of marijuana Infrequent use or possession of other controlled substances Possession of drug paraphernalia Cultivating marijuana for personal use B Non-support Judgement, tax lien or other default with no attempt at restitution Illegal gambling Eviction 4. Criminal and Immoral Conduct A 5. Honesty A Non-material, intentional false statement or deception or fraud in examination or appointment B Indecent exposure Solicitation Voyeurism, peeping tom Mailing, selling, or displaying obscene material Obscene phone call Indecent proposal B Altering Breaking & entering Forgery Fraud Possession of stolen property Black market activities (non-profit) Petty larceny Minor stealing or petty theft Shoplifting Page 65 of 94 C Illegal manufacturing Illegal sale C Transfer of controlled substance Possession for sale or resale Prescription fraud or forgery Sale of controlled substance Unlawful dispensing of prescription drugs Smuggling contraband drugs Into prison Regular use of controlled substances other then marijuana C Pattern of irresponsibility as reflected in - credit history - disregard for debts - abuse of fiduciary trust C Carnal knowledge Sodomy Prostitution Bigamy or polygamy Pimping or pandering Keeping house of ill repute Contributing to delinquency of or corrupting morals or minor Sexual harassment Other sexual misconduct with impact on job C Bribery Embezzlement Grand larceny Grand theft Mail theft Burglary Robbery (unarmed) Perjury False impersonation (e.g., impersonating a law D Pattern of excessive use as reflected in: - convictions - job performance - employment gaps - inability to function responsibly - medical treatment or poor health D Pattern of use or excessive use as reflected in 1D above. manufacturing addiction importing trafficking cultivating for sale D Pattern of irresponsibility in 3C, plus - continuing, major, valid liabilities D Pattern of misconduct as reflected in conviction records Child molestation Sexual assault Statutory rape Incest Bestiality D Pattern of dishonesty as reflected in - disregard for truth - conviction records - abuse of trust, or - employment records Blackmail Counterfeiting Extortion Armed robbery
Abuse of property False statement Filing false instrument Failure to file income tax return enforcement officer) Interstate transportation of stolen goods Black market activities (with intent to profit) Income tax evasion Receiving stolen property Material, intentional false statement or deception or fraud in examination or appointment* Deliberate misrepresentation, falsification, or omission of material fact** * 731.202 (b)(3) applies Use solely for falsification in the competitive examination/appointment process ** 731.202 (b)(2) applies Use for falsification outside the competitive examining process 6. Disruptive or Violent Behavior B A Disorderly conduct Disturbing the peace Making a threat Resisting arrest Abusive language Unlawful assembly Assault Damaging property Destroying property Hit & run Vandalism Criminal or malicious mischief Harassment Cruelty to animals Hindering prosecution Eluding police 7. Employment Misconduct, Negligence* A Attitude Personality Conflict B Insubordination Absenteeism or attendance problem Rules or regulation violation C Assault & battery Battery Manslaughter (involuntary) C D Pattern of violence as reflected in - conviction records - disregard for life or property - civil actions - employment records, or - medical records Aggravated assault Assault with deadly weapon Assault with intent to commit rape Kidnapping or abduction Murder Rape Arson Threat or assault upon public official Manslaughter (voluntary) Child abuse D Pattern of unemployability Based on misconduct or negligence as reflected in employment history * Other issues (use or possession or intoxicants, controlled substances and marijuana, financial responsibility, criminal immoral conduct, honesty, disruptive or violent behavior, etc.) which lead to termination or forced resignation are raised one level for adjudication purposes. For example, petty theft, a B issue by itself, becomes a C issue if it is determined to be the reason for termination or forced resignation from employment. 8. Firearms and Weapons A Possession of an unregistered firearm B Possession of a prohibited weapon Possession of illegal ammunition Carrying deadly weapon Unlawful Discharge of firearms C Carrying concealed weapon or firearm Brandishing firearm Possession of firearm by felon Possession of loaded firearm Possession of explosives D Improper or illegal sale or transportation of firearms or explosives Illegal manufacture of firearms or explosives 9. Miscellaneous A Vagrancy Loitering B Traffic violations greater than A, but less than C C Vehicular homicide Refusal to furnish testimony D Hatch Act violation Mutilation or destruction of Page 66 of 94
Trespassing Minor traffic violation (traffic violations not required to be admitted on OF306 or other application material/qsp will not be considered issues) Contempt of court Driving motor vehicle without owner s consent Possession of instrument of crime by 5 CFR 5.4 Tampering with a witness Harboring a fugitive public records Engaging in riots or civil disorders Striking against the Government Desertion NOTE: For conduct not listed in this chart, attempt to find a like or related issue, and use the characterization of the listed issue. If unlisted conduct does not equate with a listed issue, but seems to relate more appropriately to a level where no issues are identified (such as level A for issue 4), identify the issue at the level. Criminal offenses shown as attempted or accessory to are characterized by the base charge (e.g., Attempted Burglary equals Burglary). Characterize the seriousness of the issue by the conduct it self rather than its outcome (e.g., assault may warrant actual characterization as a D issue rather than a B if the details show serious injury inflicted on the victim, etc). Any uncertainty about an issue should be resolved by an experienced Adjudicator. The ranking of probation/parole violations is determined by the nature of the issue leading to the violation. For example, a probation/parole violation for driving while intoxicated is adjudicated at level B while a violation for assault with a deadly weapon is adjudicated at level D. 10. Statutory Debarment The following issues require AUTOMATIC debarment from Federal employment for the period specified below. The legal authority for debarment must be consulted prior to taking debarment action. Issue Debarment Period Legal Authority Illegally receiving, seeking, promising or offering compensation for services in matters affecting the Government Indefinite 18 U.S.C. 203 Current, habitual use of intoxicating beverages to excess NTE 3 years 5 U.S.C. 7352 Evidence of disloyalty: advocates or is a knowing member of an organization that advocates the overthrow of our constitutional form of government Indefinite 5 U.S.C. 7311; 18 U.S.C. 1918 Participation in a strike against the Government Indefinite 5 U.S.C. 7311; 18 U.S.C. 1918 Willful and unlawful concealment, removal, mutilation or destruction (or attempts) of public records and materials Inciting, organizing, promoting, encouraging, engaging or aiding others to engage in riots or civil disorders Indefinite 5 years from the date the conviction becomes final 18 U.S.C. 2071 (b) 5 U.S.C. 7313 Interference by an officer or member of the armed forces with elections Indefinite 5 U.S.C. 593 Unlawful approval of bond or sureties by a postmaster Theft or unlawful concealment of money or other property of value from a bank or safe in, or adjacent to, a bank which is a Federal Reserve member or is insured by the Federal Deposit Insurance Corporation (FDIC) Indefinite (from employment as postmaster only) Indefinite (from positions of national bank examiner only) 18 U.S.C. 1732 18 U.S.C. 655 Unlawful trading in public property by collections or disbursing officer Indefinite 18 U.S.C. 1901 Unauthorized disclosure of information by a farm credit examiner Indefinite (from employment as a farm credit examiner only) 18 U.S.C. 1907 Unauthorized disclosure of information by a National Indefinite (from employment as 18 U.S.C. 1908 Page 67 of 94
Agricultural Credit Corporation (NACC) examiner an NACC examiner only) Committing treason against the United States Indefinite 18 U.S.C. 2381 Inciting, assisting or participating in any rebellion or insurrection against the United States Indefinite 18 U.S.C. 2383 Knowingly and willfully advocating, abetting, advising or teaching the overthrow of the United States Government or any political subdivision of the United States Activities intended to impair the loyalty, morale and discipline of the United States Armed Forces Conviction for misdemeanor crime (under Federal or State law) of domestic violence (use or attempted use of physical force, or the threatened use of a deadly weapon, committed by current or former spouse, parent, or guardian of the victim, by a person with whom the victim shares a child in common, by a person who is cohabiting or who has cohabited with the victim as a spouse, parent, or guardian, or by a person similarly situated to a spouse, parent, or guardian of the victim). Any individual who has been found guilty of, or has entered a plea of nolo contendere or guilty to any offense under Federal, State, or tribal law involving crimes of violence, sexual assault, molestation, exploitation, contact or prostitution; or crimes against persons. Knowing and willful failure to register under Section 3 of the Military Selective Service Act (50 U.S.C. App. 453) 5 years from the date of the conviction 5 years from the date of the conviction Indefinite from any positions requiring the individual to ship, transport, possess, or receive firearms or ammunition Indefinite from any position involving regular contact with, or control over, Indian children Indefinite (only from positions in executive agencies) 18 U.S.C. 2385 18 U.S.C. 2387 PL 104-208 Omnibus Consolidated Appropriations Act of 1997 (amended the Gun Control Act of 1968) PL 101-630, Indian Child Protection and Family Violence Act, dated November 28, 1990, contains minimum standards. Refer also to Department of Interior or Health and Human Services agency regulations, as appropriate. 5 U.S.C. 3328 Applies to men born after December 31, 1959, who are or were required to register and who are not registered, or did not register before the requirement terminated or became inapplicable to the individual. Processing guidance can be found at 5 CFR 300. 11. Loyalty and Security Any SUITABILITY issue indicating evidence of disloyalty or terrorism that does NOT require statutory debarment will be adjudicated at level D. Homosexuality, in and of itself, while not a suitability issue, may be a security issue and must be addressed completely, when indications are present of possible susceptibility to coercion or blackmail. Cohabitation, adultery, illegitimate children, etc. are rarely suitability issues but, in certain circumstances, may be security issues. Previous instances of security violations, clearance denials or revocations are included. Any other issue not listed elsewhere may be a suitability issue considered in security adjudication. (Examples are judgment, reliability, and dependability issues) 12. Qualifications (including health) Lack of required knowledge, skills, and abilities Page 68 of 94
Inability to perform or poor performance which is not due to negligence or misconduct: Physical health issues; and Mental, emotional, psychological, or psychiatric issues which do not include other issues listed in this Appendix. 13. Issues Relating to Associates Issues listed in this chart that relate to an associate of the person under investigation. 14. Issues Relating to Relatives Issues listed in this chart that relate to a relative of the person under investigation. Use issue codes 13 or 14 only when the issue has a bearing on the suitability or security determination of the person under investigation. Bribery of public officials and witnesses, and graft in connection with public service matters may also serve as a basis for debarment. Some misconduct requires removal form Federal employment, but no automatic debarment. (See 5 CFR 735) SUITABILITY UPGRADE considers that multiple issues raise more serious questions about suitability FREQUENCY UPGRADE ACTION 2 ISSUES IN 0-36 MONTHS RAISE BOTH ISSUES ONCE (e.g., A to B ) RAISE ALL ISSUES TWICE 3 OR MORE ISSUES IN 0-36 MONTHS (e.g., A to C ) DOWNGRADE (CONVERSION) OF ISSUES - considers issues over 36 months old to be less serious ISSUE PERIOD IN WHICH ISSUE OCCURRED 0-36 MO 37-72 MO 73-108 MO B B A NON-ISSUE CONVERTS C TO C B A D D C B Note: Any issues over 108 months are considered to be non-issues. Page 69 of 94
DEBARMENT ACTION (only OPM may impose the maximum 3 year period of debarment. Agencies may impose up to one year and may use the chart to determine if referral to OPM for a longer bar is warranted) ISSUE RECENCY 0-12 MO 13-24 MO 25-36 MO C 24 MO DEBAR 18 MO DEBAR 12 MO DEBAR* D 36 MO DEBAR 24 MO DEBAR 18 MO DEBAR* * OPM would rarely take action on a case in which less than a 24 month bar remains. Debarment action will only be taken on C issue cases when careful assessment of the jobrelatedness of the specific issue(s) involved warrants such action. The disqualifying nature of the conduct in D issue cases usually warrants debarment action. The debarment period begins on the date of the final decision letter or 120 days after the control date, whichever is closer to the control date. IN REMOVAL DECISION, CONSIDER IMPOSING MAXIMUM DEBARMENT RATHER THAN RELYING ON THE DEBARMENT PERIODS STATED IN THE CHART. DETERMINING RECENCY OF ISSUES(S) The following control dates by type of case are used in determining the recency of issue(s) for issue conversion or upgrade purposes: TYPE OF CASE Civil Service Register or Outside Register Applicant Filing Directly with Agency CONTROL DATE Date document (i.e., OF 306, etc.) containing conduct information was first considered by Personnel Office. (If referred to OPM-FIPC-SAS, use the date of referral or objection/passover) Investigated Applicant Date subject signed investigative data form. Appointee or Employee Date subject signed investigative date form. (However, if falsification/fraud of a material fact is discovered, use date conduct first identified as an issue. In addition, when determining debarment length at the final decision stage, consider imposing the maximum debarment rather than relying on the debarment periods calculated with the control date.) When new actionable issues arise subsequent to the original control date, the control date becomes the date of occurrence of the most recent actionable conduct. The control date for cases involving an applicant whose previous application was canceled because of pending charges is the date of referral of the current or most recent application. If two or more applications are received for suitability determination, the control date for the case is the earliest referral date. Page 70 of 94
ATTACHMENT 3 PERSONAL IDENTIFICATION VERIFICATION (PIV) CARD ISSUER (PCI) PROCEDURES Page 71 of 94
(This page intentionally left blank.) Page 72 of 94
Page 73 of 94
Page 74 of 94
Page 75 of 94
Page 76 of 94
Page 77 of 94
Page 78 of 94
Page 79 of 94
Page 80 of 94
Page 81 of 94
Page 82 of 94
Page 83 of 94
Page 84 of 94
Page 85 of 94
Page 86 of 94
Page 87 of 94
Page 88 of 94
Page 89 of 94
Page 90 of 94
Page 91 of 94
Page 92 of 94
Page 93 of 94
(This page intentionally left blank.) National Aeronautics and Space Administration Headquarters 300 E Street, SW Washington, DC 20546 www.nasa.gov SREF-3000-0003 Page 94 of 94