E-QIP

Last updated June 09, 2023

e-QIP (Electronic Questionnaires for Investigations Processing) is a secure website managed by OPM that is designed to automate the common security questionnaires used to process federal background investigations. e-QIP was created in 2003 as part of the larger e-Clearance initiative designed to speed up the process of federal background investigations conducted by OPM's Federal Investigative Services (FIS). e-QIP is a front end data collection tool that has automated the SF-86, questionnaire for national security investigations as well as the SF-85P, the questionnaire for public trust positions.^[1] e-QIP allows applicants for federal jobs to enter, edit and submit their investigation data over a secure internet connection to their sponsoring agency for review and approval.

Security clearance requirements

An individual cannot apply for a security clearance. A cleared federal contractor or government entity must sponsor the individual. Additionally, the sponsored applicant must either (a) be an employee of or consultant for that cleared contractor, or (b) have received and accepted a written offer of employment from the cleared contractor, or (c) be a member of the United States Armed Forces, or (d) authorized federal employee. In the event of the applicant’s having an employment offer, that offer must also indicate that the applicant’s employment will begin within 30 days of receiving clearance.

A cleared contractor's Facility Security Officer (FSO) starts the process in two ways. First the FSO sends an investigation request through the Joint Personnel Adjudication System (JPAS). Second, the FSO has the employee complete a clearance application in the Electronic Questionnaires for Investigations Processing (e-QIP). After review and approval of that information, the FSO submits the completed e-QIP to the Defense Industrial Security Clearance Office (DISCO) for review. Once DISCO approves the information, it is sent on to Office of Personnel Management (OPM), which conducts the actual investigation and sends the findings back to DISCO. DISCO then either gives clearance, or forwards the results to Defense Office of Hearings and Appeals (DOHA) for further action.

e-QIP security breach

In March 2014, a breach of security for the e-QIP system was detected. Press reports in July of that year attributed the exploit to "Chinese Hackers", James Clapper later confirmed this suspicion.^[2]^[3] More than a year later, it was revealed that sensitive records for millions of federal workers and contractors was improperly accessed, and the OPM shut down the system for security work.^[4]^[5]

Press reports suggest the information was retrieved using stolen credentials of an employee of KeyPoint Government Solutions, a privately owned provider of background check services for the government.^[6]^[7] An OPM audit of KeyPoint's security practices found shortcomings in their practices.^[8]

External links

Official website

Related Research Articles

A security clearance is a status granted to individuals allowing them access to classified information or to restricted areas, after completion of a thorough background check. The term "security clearance" is also sometimes used in private organizations that have a formal process to vet employees for access to sensitive information. A clearance by itself is normally not sufficient to gain access; the organization must also determine that the cleared individual needs to know specific information. No individual is supposed to be granted automatic access to classified information solely because of rank, position, or a security clearance.

A background check is a process a person or company uses to verify that an individual is who they claim to be, and this provides an opportunity to check and confirm the validity of someone's criminal record, education, employment history, and other activities from their past. The frequency, purpose, and legitimacy of background checks vary among countries, industries, and individuals. An employment background check typically takes place when someone applies for a job, but it can also happen at any time the employer deems necessary. A variety of methods are used to complete these checks including comprehensive database search and personal references.

The United States Office of Personnel Management (OPM) is an independent agency of the United States government that manages the US civilian service. The agency provides federal human resources policy, oversight, and support, and tends to healthcare (FEHB), life insurance (FEGLI), and retirement benefits for federal government employees, retirees, and their dependents.

The competitive service is a part of the United States federal government civil service. Applicants for jobs in the competitive civil service must compete with other applicants in open competition under the merit system administered by the Office of Personnel Management, unlike applicants in the excepted service and Senior Executive Service. There are several hiring authorities for the competitive service, including "traditional" competitive examining, as well as expedited procedures such as Direct Hire Authority and the Veterans Employment Opportunities Act.

<span class="mw-page-title-main">Defense Counterintelligence and Security Agency</span> Agency in the U.S. Department of Defense

The Defense Counterintelligence and Security Agency (DCSA) is a federal security and defense agency of the United States Department of Defense (DoD) that reports to the Under Secretary of Defense for Intelligence. DCSA is the largest counterintelligence and security agency in the federal government and is responsible for providing personnel vetting, critical technology protection, counterintelligence, training, education and certification. DCSA services over 100 federal entities, oversees 10,000 cleared companies, and conducts approximately 2 million background investigations each year.

A Foreign Service officer (FSO) is a commissioned member of the United States Foreign Service. Foreign Service officers formulate and implement the foreign policy of the United States. FSOs spend most of their careers overseas as members of U.S. embassies, consulates, and other diplomatic missions, though some receive assignments to serve at combatant commands, Congress, and educational institutions such as the various U.S. service academies.

Q clearance or Q access authorization is the U.S. Department of Energy (DOE) security clearance required to access Top Secret Restricted Data, Formerly Restricted Data, and National Security Information, as well as Secret Restricted Data. Restricted Data (RD) is defined in the Atomic Energy Act of 1954 and covers nuclear weapons and related materials. The lower-level L clearance is sufficient for access to Secret Formerly Restricted Data (FRD) and National Security Information, as well as Confidential Restricted Data, Formerly Restricted Data, and National Security Information. Access to Restricted Data is only granted on a need-to-know basis to personnel with appropriate clearances.

A Single Scope Background Investigation (SSBI) is a type of United States security clearance investigation. It involves investigators or agents interviewing past employers, coworkers and other individuals associated with the subject of the SSBI. It is governed by the U.S. Intelligence Community Policy Guidance Number 704.1.

National Agency Check with Local Agency and Credit Checks (NACLC) is a type of background check required in the United States for granting of security clearances.

The United States federal civil service is the civilian workforce of the United States federal government's departments and agencies. The federal civil service was established in 1871. U.S. state and local government entities often have comparable civil service systems that are modeled on the national system, in varying degrees.

<span class="mw-page-title-main">Whistleblower protection in the United States</span>

A whistleblower is a person who exposes any kind of information or activity that is deemed illegal, unethical, or not correct within an organization that is either private or public. The Whistleblower Protection Act was made into federal law in the United States in 1989.

NASA v. Nelson, 562 U.S. 134 (2011), is a decision by the Supreme Court of the United States holding that NASA's background checks of contract employees did not violate any constitutional privacy right.

USIS (US Investigation Services) was a US corporation that provided security-based information and service solutions to both government and corporate customers, in the United States and abroad. Its corporate headquarters were in Falls Church, Virginia, in Greater Washington, D.C. Training took place in Boyers, Pennsylvania. USIS was a part of Altegrity Inc., a company headquartered in the Falls Church area that was owned by Providence Equity Partners.

In the United Kingdom, government policy requires that staff undergo security vetting in order to gain access to government information.

The Intelligence Authorization Act for Fiscal Year 2014 is a U.S. public law that authorizes appropriations for fiscal year 2014 for intelligence activities of the U.S. government. The law authorizes there to be funding for intelligence agencies such as the Central Intelligence Agency or the National Security Agency, but a separate appropriations bill would also have to pass in order for those agencies to receive any money.

The Office of Personnel Management data breach was a 2015 data breach targeting Standard Form 86 (SF-86) U.S. government security clearance records retained by the United States Office of Personnel Management (OPM). One of the largest breaches of government data in U.S. history, the attack was carried out by an advanced persistent threat based in China, widely believed to be the Jiangsu State Security Department, a subsidiary of China's Ministry of State Security spy agency.

The US Department of Commerce Office of Security is a division of the United States Department of Commerce (DOC) that works to provide security services for facilities of the department. Its aim is to provide policies, programs, and oversight as it collaborates with facility managers to mitigate terrorism risks to DOC personnel and facilities, program managers to mitigate espionage risks to DOC personnel, information, and facilities, and Department and Bureau leadership to increase emergency preparedness for DOC operations.

Standard Form 86 is a U.S. government questionnaire that individuals complete in order for the government to collect information for "conducting background investigations, reinvestigations, and continuous evaluations of persons under consideration for, or retention of, national security positions." SF 86 is distinguished from SF 85, which is used for public trust or lower-risk positions. The form is required to be completed by military personnel, government contractors, and government employees in order to receive a requisite security clearance. Information demanded in the form include any colleges or universities attended over the past three years, an account of the last ten years of the individual's employment, ties to foreign nationals and governments, overseas travel, a list of past residences, etc.

The Jiangsu State Security Department is a provincial bureau of the Chinese Ministry of State Security in Jiangsu which serves as the coastal province's intelligence service and secret police. They are involved extensively in espionage against the United States, and aviation-related industrial espionage, operating the hacking group TURBINE PANDA, also known as APT26. They are most well known for their alleged responsibility for the high-profile 2015 hack of the United States Office of Personnel Management, stealing the personal details of over 20 million U.S. federal employees.

References

↑ See, for example the kinds of questions in https://www.ors.od.nih.gov/ser/dpsac/badge/Documents/SF85%20Instructions%20for%20Completing4-6-09COLOR(16)BlocksOnlyNoHeader.pdf
↑ "Chinese Hackers Pursue Key Data on U.S. Workers". New York Times. 2014-07-09.
↑ Chabrow, Eric (2014-07-10). "U.S. Government Personnel Network Breached". govinfosecurity.com.
↑ Levine, Mike (2015-06-29). "In Wake Of Hack, OPM Shutters System For Federal Background Checks". ABC News.
↑ "OPM Reopens Online Federal Background Check System". NBC News.
↑ Levine, Mike; Date, Jack. "Feds Eye Link to Private Contractor in Massive Government Hack". ABC News. Retrieved 2016-03-02.
↑ Levine, Mike (2015-06-24). "Contractor Linked to OPM Hack Says 'Not Responsible,' As Questions Persist". ABC News.
↑ Lyngaas, Sean (2016-02-18). "IG details OPM contractor's security flaws". FCW. Retrieved 2016-03-02.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] See, for example the kinds of questions in https://www.ors.od.nih.gov/ser/dpsac/badge/Documents/SF85%20Instructions%20for%20Completing4-6-09COLOR(16)BlocksOnlyNoHeader.pdf

[2] "Chinese Hackers Pursue Key Data on U.S. Workers". New York Times. 2014-07-09.

[3] Chabrow, Eric (2014-07-10). "U.S. Government Personnel Network Breached". govinfosecurity.com.

[4] Levine, Mike (2015-06-29). "In Wake Of Hack, OPM Shutters System For Federal Background Checks". ABC News.

[5] "OPM Reopens Online Federal Background Check System". NBC News.

[6] Levine, Mike; Date, Jack. "Feds Eye Link to Private Contractor in Massive Government Hack". ABC News. Retrieved 2016-03-02.

[7] Levine, Mike (2015-06-24). "Contractor Linked to OPM Hack Says 'Not Responsible,' As Questions Persist". ABC News.

[8] Lyngaas, Sean (2016-02-18). "IG details OPM contractor's security flaws". FCW. Retrieved 2016-03-02.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]