Personnel Security (PERSEC) still remains a challenge for DISP Members

News-flash: You can get a $500,000 grant to establish your very own Trusted Workforce – click here.

Personnel Security (PERSEC) still remains a challenge for DISP Members.

The Defence Industry Security Program normally requires a security clearance at some level to work on defence projects and get access to sensitive information – but not at Entry Level.

We have discussed some of the existing deficiencies relating to AS4811 here.

But what can Governance, Risk and Compliance Teams do, to fully meet:

AS4811 Suitability Screening – The objective is to ensure the integrity, identity and credentials and to provide assurance that they are worthy of trust.

ISO/IEC 27001:2013 A.7.1 – To ensure that employees and contractors are suitable for the roles for which they are considered. “When an individual is hired for a specific information security role, organisations should make sure the candidate can be trusted to take on the role.”

ISM P10: “Only trusted and vetted personnel are granted access to systems, applications and data repositories” and Security Control 0434 “Personnel undergo appropriate employment screening, and where necessary hold an appropriate security clearance, before being granted access to a system and its resources.”

A security clearance is the official status given to someone that has been checked and vetted for the eligibility and suitability to access and work with security classified resources. It gives access to certain the know how & know why information, with the higher the clearance corresponding with higher national security sensitivity.

Whether your candidate is eligible and suitable to hold a security clearance is only determined after certain levels of assessments and background checks. These assessments are done to ensure that people entrusted with access to security classified information or resources are trustworthy.

As a part of the new DISP rules, a DISP member can sponsor their own workforce’s security clearance.

Now comes the two most common questions we hear about Security Clearances:

1. How can our candidates can get a Security Clearance?

A Security Clearance can only be processed through www.agsva.gov.au via DOSD. An individual cannot sponsor a clearance personally. The Security Officer is able to nominate people for clearances against a specific project and uses their own security designated position register.

2. How long does it take to get a security clearance?

Generally, the duration varies. Depending on the type of clearance required and traceability of the individual’s history it can take 4 weeks to over a year.

Clearance Subjects – we recommend that you:

  • Disclose all relevant and required information.
  • Cooperate in the collection of personal documentation and corroborating evidence.
  • Answer questions fully and honestly and
  • Provide accurate information and personal documentation.

Usually it is only Australian citizens with a verifiable background that are eligible for an Australian government security clearance. One will be asked to provide evidence of Australian Citizenship details. Additionally, people who have stayed more than 12 months outside of Australia must be verified from independent and reliable sources. These background checks are done inside the vetting process.

Some Clearance Subjects are expected to be assessed as suitable to obtain and maintain the highest-level clearance: a Positive Vetting (PV) security clearance.  Minimum mandatory check list for a PV clearance to establish person’s suitability include:

  • Verification of identity
  • Background checks
  • Financial probity checks
  • Referee checks
  • Digital footprint checks
  • Psychological Assessment
  • Security Interview

To consider whether the Clearance Subject is suitable to hold a security clearance, at any level, they need to possess and demonstrate an appropriate level of integrity and are not vulnerable to influence or coercion. The specific character traits are:

  • Honesty
  • Trustworthiness
  • Tolerance
  • Maturity
  • Loyalty
  • Resilience

Due to the time delays and the process itself. The employment contract conditions may include the terms –

“Subject to a security clearance being obtained and retained through ASGVA.”

Previously, one would wait few months to get receive an outcome and start work. However, time is of the essence in recruiting and there is a probability that the candidate won’t start because of the time or intrusion.

The table below indicates that the higher the clearance type, the higher the risk of the clearance subject not getting a clearance.  The stats are clear: Not everyone can get a national security clearance. And complex (adverse) cases add 5x delay onto the process.

DISP

 

What can a Security team and/or HR do to make sure that the candidate they choose will be able to get through the national security vetting process without delays?

Delays can be avoided by “Pre-Vetting” Candidates. In other words, anticipate a national security clearance outcome before it begins.

An easy way to do this is to add this phrase into the job ad “Must be willing to undergo a background suitability screening process through Cleardlife.”

Imagine it in this way: when a recruiter settles on the top three shortlisted candidates, they all go through the Cleardlife background investigation process, using official vetting officers. Cleardlife will deliver the overall result which acts as actionable intelligence, saving the risk of complex cases and time delays.

Now, when the company sponsors security clearance applications, HR and the Security Officer can have the peace of mind and confidence that the company has done what it can to reduce the risk of an adverse or unfavorable clearance decision and raise the companies PERSEC capability through a robust, scalable third party solution – at any clearance level.

We partner with you so that your company and the candidate does need to not need to unnecessarily ‘duplicate’ the screening process (ie. we won’t ask for ID verification etc).

 

It is important that all organisations in the Defence sector adequately screen their personnel, regardless of DISP. The guidance in the protective security documentation and the Australia Standards should help companies with reviewing recruitments and mitigating against issues in seeking Commonwealth security clearances. Different companies have different levels of experience in security, and some indeed may benefit from a suitability assessment service as promoted by Cleard Life.

Andrew Dowse AO
Director, Defence Research and Engagement (Edith Cowan University)
Former Head of ICT Operations and Strategic J6 (Department of Defence of Australia)
Former Director-General, Integrated Capability Development and Capability Plans (Department of Defence of Australia)
Former Director-General, Strategy and Planning (Royal Australian Air Force)

 

Talk to www.cleard.life about your pre-employment screening and help you make the right risk decisions. You can even get your first assessment (likened to a Baseline) valued at $169 for free.

News flash: Our Defence Industry may be considered part of the Critical Infrastructure of Australia and your company may now need to hunt for spies – read more here.

Leave a Reply

Your email address will not be published. Required fields are marked *