Daniel - stock.adobe.com

UK security vetting IT system failing, says NAO

The National Audit Office is critical of the government’s project to centralise its security vetting process, as the IT system has been plagued by failures from the start and has led to serious delays

The government’s security vetting process is failing to complete cases on time, mainly due to a poor, centralised IT system, according to the National Audit Office (NAO).  

The project to centralise national security vetting began in November 2015, when the government decided to merge the Defence Business Services National Security Vetting (DBS NSV) and the Foreign and Commonwealth Services National Security Vetting (FCOS NSV).

The new UK Security Vetting (UKSV) project aimed to create a single vetting system which would be used across the board. However, according to the NAO, the decision to do so had not been based on a proper risk or benefits assessment.

“Government intended for there to be a single IT system, the National Security Vetting Solution [NSVS], accessible to both DBS and FCOS for vetting applications by August 2016,” the NAO report said. 

“The UKSV Programme Board had repeatedly noted that the introduction of a single IT system was a major risk to the establishment of UKSV. It considered the project to be under-resourced, underplanned and underfunded.”

As a result, when DBS implemented the new IT upgrade in October 2016, ahead of the official merger with NSVS, it resulted in “automated checks failing and personal data attached to cases needing to be recovered”.

“In its first week, 10 out of 13 essential functions of NSVS did not work properly. During its first four weeks, nearly 8,500 files containing personal data (attached to cases) were unreadable when accessed, and 93% of automated checks against the police national computer failed,” the report added.

“Officials had to reprocess failed checks manually, reload files and recover data, and conduct additional assurance checks.”

According to the report, the problems are still persisting. By January 2018, government departments began to raise concerns that there were significant delays in the vetting process, and by July 2018, there were still more than 25,000 open cases waiting to be processed.

The Cabinet Office, which is responsible for the vetting process, has estimated the delays to the vetting is costing £17m each year and that the IT system is still experiencing significant speed issues. 

Due to the issues, the Cabinet Office is planning for further reforms and has begun to develop a replacement system due to be in place by January 2020.

NAO head Amyas Morse said that considering the pressures already faced by government, “the last thing we need is a non-functioning vetting system”.  

“An effective system needs to be put in place urgently to ensure the government is able to use its staff effectively, giving them access to the right information, locations and equipment,” he said. 

Read more about government IT

Read more on IT for government and public sector

CIO
Security
Networking
Data Center
Data Management
Close