Sign up for our newsletter
Leadership / Digital Transformation

Auditors Slam UK Security Vetting IT Failure

A poorly planned centralisation of security vetting processes by the government, intended to drive efficiency savings by merging IT systems, performance metrics and funding models, has ended up costing taxpayers £17 million extra annually.

That’s the conclusion of the National Audit Office (NAO) today, after an investigation into the creation of “United Kingdom Security Vetting” (UKSV).

This was set up to replace the MoD’s “Defence Business Services National Security Vetting” (DBS) and the FCO’s “National Security Vetting” (FCOS).

See also: New “100% UK Sovereign” UKCloud Service Takes Pot Shot at US CLOUD Act

In dryly damning 40-page report, the NAO said: “In November 2015 government announced that it would establish a single vetting provider in 2016, but this decision was not supported by an assessment of the expected benefits, costs and risks.”

White papers from our partners

More Expensive, More Staff Needed, Slower

Among the biggest issues were the creation of dysfunctional IT solution for the new, centralised security vetting entity.

The NAO said: “The risks associated with the merger of DBS and FCOS to create UKSV were consistently reported as high. The [UKSV programme] Board considered that there was a high risk that UKSV would inherit an IT project that was under-resourced, under-funded and unplanned.”

security vettingThe auditor added: “The National Security Vetting Solution (NSVS) IT upgrade was intended to create a single system accessible to both DBS and FCOS by August 2016, ahead of the merger. UKSV was created in January 2017, four months later than expected, and without NSVS fully implemented across both of [the former] sites.”

As a result, in its first week, 10 out of 13 essential functions of NSVS did not work properly.

“During its first four weeks, nearly 8,500 files containing personal data (attached to cases) were unreadable when accessed, and 93% of automated checks against the police national computer failed. Officials had to reprocess failed checks manually, reload files and recover data, and conduct additional assurance checks.”

Just two years after its launch, the government has decided to wash its hands of the combined IT system. In May 2018, Cabinet Office began developing a replacement for NSVS. It plans for the replacement to be in place by January 2020, the NAO said…

National security vetting allows individuals access to government information,
locations or equipment. In 2017-18, government considered more than 170,000 applications by civil servants, contractors and specialist staff such
as those in the armed forces.

More than 25,000 security vetting cases remained open by July.

 
This article is from the CBROnline archive: some formatting and images may not be present.

CBR Staff Writer

CBR Online legacy content.