[House Hearing, 118 Congress]
[From the U.S. Government Publishing Office]


                           SECURITY AT STAKE:
                   AN EXAMINATION OF DOD'S STRUGGLING
                        BACKGROUND CHECK SYSTEM

=======================================================================

                                HEARING

                               BEFORE THE

                  SUBCOMMITTEE ON GOVERNMENT OPERATIONS 
                         AND THE FEDERAL WORKFORCE

                                 OF THE

                         COMMITTEE ON OVERSIGHT
                           AND ACCOUNTABILITY

                        HOUSE OF REPRESENTATIVES

                    ONE HUNDRED EIGHTEENTH CONGRESS

                             SECOND SESSION

                               __________

                             JUNE 26, 2024

                               __________

                           Serial No. 118-118

                               __________

  Printed for the use of the Committee on Oversight and Accountability
  
[GRAPHIC NOT AVAILABLE IN TIFF FORMAT]  


                       Available on: govinfo.gov
                         oversight.house.gov or
                             docs.house.gov
                             
                               __________

                   U.S. GOVERNMENT PUBLISHING OFFICE                    
56-066 PDF                  WASHINGTON : 2024                    
          
-----------------------------------------------------------------------------------                                 
                            
               COMMITTEE ON OVERSIGHT AND ACCOUNTABILITY

                    JAMES COMER, Kentucky, Chairman

Jim Jordan, Ohio                     Jamie Raskin, Maryland, Ranking 
Mike Turner, Ohio                        Minority Member
Paul Gosar, Arizona                  Eleanor Holmes Norton, District of 
Virginia Foxx, North Carolina            Columbia
Glenn Grothman, Wisconsin            Stephen F. Lynch, Massachusetts
Michael Cloud, Texas                 Gerald E. Connolly, Virginia
Gary Palmer, Alabama                 Raja Krishnamoorthi, Illinois
Clay Higgins, Louisiana              Ro Khanna, California
Pete Sessions, Texas                 Kweisi Mfume, Maryland
Andy Biggs, Arizona                  Alexandria Ocasio-Cortez, New York
Nancy Mace, South Carolina           Katie Porter, California
Jake LaTurner, Kansas                Cori Bush, Missouri
Pat Fallon, Texas                    Shontel Brown, Ohio
Byron Donalds, Florida               Melanie Stansbury, New Mexico
Scott Perry, Pennsylvania            Robert Garcia, California
William Timmons, South Carolina      Maxwell Frost, Florida
Tim Burchett, Tennessee              Summer Lee, Pennsylvania
Marjorie Taylor Greene, Georgia      Greg Casar, Texas
Lisa McClain, Michigan               Jasmine Crockett, Texas
Lauren Boebert, Colorado             Dan Goldman, New York
Russell Fry, South Carolina          Jared Moskowitz, Florida
Anna Paulina Luna, Florida           Rashida Tlaib, Michigan
Nick Langworthy, New York            Ayanna Pressley, Massachusetts
Eric Burlison, Missouri
Mike Waltz, Florida

                       Mark Marin, Staff Director
       Jessica Donlon, Deputy Staff Director and General Counsel
                      Bill Womack, Senior Advisor
                  James Rust, Chief Oversight Counsel
             Lisa Piraneo, Senior Professional Staff Member
       Jennifer Kamara, Government Accountability Office Detailee
              Benjamin Tardiff, Professional Staff Member
        Ellie McGowan, Staff Assistant and Administrative Clerk

                      Contact Number: 202-225-5074

                  Julie Tagen, Minority Staff Director
                      Contact Number: 202-225-5051
                                 ------                                

    Subcommittee on Government Operations and the Federal Workforce

                     Pete Sessions, Texas, Chairman
Gary Palmer, Alabama                 Kweisi Mfume, Maryland Ranking 
Clay Higgins, Louisiana                  Minority Member
Andy Biggs, Arizona                  Eleanor Holmes Norton, District of 
Byron Donalds, Florida                   Columbia
William Timmons, South Carolina      Maxwell Frost, Florida
Tim Burchett, Tennessee              Greg Casar, Texas
Marjorie Taylor Greene, Georgia      Gerald E. Connolly, Virginia
Lauren Boebert, Colorado             Melanie Stansbury, New Mexico
Russell Fry, South Carolina          Robert Garcia, California
Eric Burlison, Missouri              Summer Lee, Pennsylvania
Vacancy                              Jasmine Crockett, Texas
                                     Rashida Tlaib, Michigan
                        
                        C  O  N  T  E  N  T  S

                              ----------                              

                                                                   Page

Hearing held on June 26, 2024....................................     1

                               Witnesses

                              ----------                              

Mr. David Cattler, Director, Defense Counterintelligence and 
  Security Agency, U.S. Department of Defense
Oral Statement...................................................     5

Ms. Alissa Czyz, Director, Defense Capabilities Management, U.S. 
  Government Accountability Office
Oral Statement...................................................     8

Written opening statements and statements for the witnesses are 
  available on the U.S. House of Representatives Document 
  Repository at: docs.house.gov.

                           Index of Documents

                              ----------                              

  * Report, RAND, ``A Diverse and Trusted Workforce''; submitted 
  by Rep. Lee.

  * Report, RAND, ``Assessing Racial Bia in Security Clearance 
  Process''; submitted by Rep. Lee.

  * Report, CAIR, ``Twenty Years Too Many''; submitted by Rep. 
  Tlaib.

  * Transcript, Richard J. Langham - Planet Depos; submitted by 
  Rep. Tlaib.

  * Questions for the Record: to Mr. Cattler; submitted by Rep. 
  Sessions.

  * Questions for the Record: to Mr. Cattler; submitted by Rep. 
  Connolly.

  * Questions for the Record: to Mr. Cattler; submitted by Rep. 
  Lee.

  * Questions for the Record: to Ms. Czyz; submitted by Rep. 
  Sessions.

Documents are available at: docs.house.gov.

 
                           SECURITY AT STAKE:
                   AN EXAMINATION OF DOD'S STRUGGLING
                        BACKGROUND CHECK SYSTEM

                              ----------                              


                        Wednesday, June 26, 2024

                        House of Representatives

               Committee on Oversight and Accountability

                 Subcommittee on Government Operations

                       and the Federal Workforce

                                           Washington, D.C.

    The Subcommittee met, pursuant to notice, at 2:09 p.m., in 
room 2154, Rayburn House Office Building, Hon. Pete Sessions 
[Chairman of the Subcommittee] presiding.
    Present: Representatives Sessions, Palmer, Higgins, Biggs, 
Timmons, Burchett, Mfume, Norton, Frost, Connolly, Lee, and 
Tlaib.
    Mr. Sessions. The hearing of the Subcommittee on Government 
Operations and Federal Workforce will come to order, and I 
would like to welcome everyone to this important hearing today.
    Without objection, the Chair may declare a recess at any 
time, and I recognize myself the purpose of making an opening 
statement.
    First of all, let me thank the witnesses who are here 
today. I spent time with them yesterday or the day before to 
speak with them about the importance of not only what we are 
doing here today, but the overall importance to the Nation and 
national security. Today's hearing is with the Department of 
Defense's National Background Investigative System, and we are 
going to not only gain a full update of that, but we are going 
to receive some information that will allow us to get closer to 
the actual operations underneath of what is happening. A high-
quality security clearance process is vital to the security of 
the United States of America, and as we have seen over the 
years, when sensitive information gets into wrong hands, the 
result is far reaching, compromising both the safety of the 
country as well as the lives of the citizens. So, today's 
discussion is a very important one.
    In 2015, the Office of Personnel Management--OPM--announced 
that it had suffered a significant cyberattack, one that 
exposed the personal information of over a million people. In 
fact, over 21 million people who completed forms for security 
clearance investigations and had submitted fingerprints had 
their personal information stolen by hackers. The massive 
breach led to the security clearance process shifting from 
where it was at OPM to the Department of Defense where it 
currently resides. However, we know that what happened there is 
that DOD was taking on an issue that was flawed and had to 
start from the beginning. They had to start with reforming the 
Federal personnel vetting system and also the mechanics behind 
that. Hopefully today's hearing will help us understand not 
just why, but how we can further our confidence that they are 
headed the right way.
    DOD now conducts 95 percent of all background 
investigations for over a hundred agencies, most of the 
personnel vetting for the entire Federal workforce. In 2016, 
DOD, through its Defense Counterintelligence and Security 
Agency or DCSA, began crafting the idea of a new innovative 
personnel vetting information technology system. That system is 
called National Background Investigative Services System, or 
NBIS. This product was supposed to be a one-stop-shop system 
covering all phases of personnel vetting--electronic forms, 
managing investigations, recording decisions--and making sure 
that became available not only to them, but also the users. 
However, at this point, after all that planning, the system is 
only being used for initial application portion of the vetting 
process. In other words, this system is only able to handle the 
first planned capacity that it was supposed to initiate back in 
2016. We are now in 2024.
    Initially, DOD said the system would be fully operational 
in 2019. That deadline has long passed. Next, they said the 
system would be fully up and running at the end of Fiscal Year 
2024. We are about halfway there right now this year. However, 
recently, users were instructed in a large process that was 
virtually a town hall meeting, were instructed to stop using 
the system completely for the time being and to revert to the 
older system, which was supposed to be phased out by fall of 
this year. Even more troublesome, DOD has not thoroughly 
planned for the cybersecurity of both systems, potentially 
exposing millions to the threat of another attack.
    Like so many matters this Subcommittee addresses, today's 
discussion is not a partisan one. The gentleman from Maryland 
and I tend to see virtually the same way national security, the 
money that is spent by taxpayers that has been appropriated by 
this Congress, and the need to make sure that he and I continue 
to work together to see things, where it deals with national 
security, similarly. I think my colleagues across the aisle 
also agree that these issues--ongoing delays with the rollout 
of an effective and efficient personnel vetting system--are 
important to every single person, including the security of 
this great Nation. So, I think that we will all agree that 
today's discussion is not a bureaucratic formality, but a 
necessity. We must work together, and this is an issue that I 
discussed with both of our witnesses yesterday. By the way, we 
took pictures a minute ago. One noted, ``well, I wonder what 
the after-meeting picture will look like.'' So, the before 
meeting picture was most professional. I will tell you so will 
the after because you will be dealt with professionally in this 
Subcommittee, not just by Members on my side, but also Members 
on Mr. Mfume's side.
    So, today we are pleased to hear from David Cattler, the 
Director of the Defense Counterintelligence and Security 
Agency; and Alissa Czyz, Director of the Defense Capabilities 
Management from the GAO, Government Accountability Office. I 
look forward to working with each one of you today, and our 
work is not done today, but today is an update, and I want to 
thank each of you. And I would like to yield such time as the 
distinguished gentleman from Maryland would choose. The 
gentleman, Mr. Mfume, is recognized.
    Mr. Mfume. Thank you very much, Mr. Chairman, and I clearly 
echo your comments with respect to the way this Committee has 
operated in this last Congress. Both you and I try to find a 
common path, and where we disagree or diverge, we recognize 
that we retain that right, but the decorum of the Committee, 
the purpose of the Committee, the findings of the Committee, 
and the oversight of the Committee is something we absolutely 
and totally agree upon. So, I am happy to be here at this 
particular point for this hearing, which, as you said, means a 
lot to all of us, and when it comes to national security, we 
try as best we can to speak with one voice.
    This Subcommittee, Mr. Chairman, has been focused laser-
like on ensuring that our Federal Government effectively 
executes the essential services and the essential functions 
that our national security demands while safely guarding, at 
the same time, all of the American interests against all of the 
possible threats. As our Nation faces malign actors, we need a 
talented, very reliable and trustworthy Federal workforce now, 
actually more than ever before, to protect our fragile 
democracy.
    A rigorous and timely personnel vetting system minimizes 
the risk of unauthorized disclosures and classified 
information. Unfortunately, the information technology system 
supporting the national background check process has attracted 
our attention today precisely because efforts to modernize it 
have been so inefficient, impeding other efforts to update the 
clearance process and to fill sensitive positions of trust 
within our government.
    As far back as 2008, the Federal Government formed the 
Security Sustainability and Credentialing Performance 
Accountability Council, also known as the PAC, to address 
longstanding problems with timeliness with effectiveness and 
the overall process for granting security clearances. However, 
as I indicated before, inadequacies persisted, leading to the 
Government Accounting Office to add the governmentwide 
personnel security clearing process to its High-Risk List 6 
years ago in 2018.
    The system had skyrocketing processing times, which 
created, as we know, a towering backlog of qualified 
individuals who could not start serving in national security 
roles because of a backlog. Subsequently, the PAC launched the 
Trusted Workforce, or TW 2.0, initiative to fundamentally 
overhaul the Federal personnel vetting system and to take on 
backlogs and other issues. While that initiative takes 
noteworthy steps, Mr. Chairman, toward meeting the demand of 
our national security workforce, the underlying personnel 
vetting IT system called the National Background Investigation 
Service, or NBIS, may, in fact, hinder the success and the 
successful delivery of TW 2.0's mission.
    NBIS was originally created to replace outdated and 
decades-old legacy office. That office was within Personnel 
Management. IT systems in 2019, however, have fallen short in 
many respects of their laudable mission and fallen short of 
meeting, quite frankly, their expectations. A 2023 GAO report 
ordered by this Congress found that after $654 million spent 
and 8 years of development, along with $835 million spent on 
maintenance of the system that NBIS is meant to replace, DOD 
still lacks--still lacks--a reliable schedule and cost estimate 
for fully developing NBIS. Now that the full deployment of NBIS 
has blown past--way past--its original projected deadline of 
2019, TW 2.0 is left floating in the wind.
    According to a GAO report in January of this year, of 31 
surveyed Federal agencies, more than 50 percent do not trust 
each other's security clearance, vetting process, or anything 
else, and that more 50 percent feel the need to compete--or 
complete, I should say--on their own duplicating efforts, 
which, in turn, then prolongs the hiring efforts. While the 
Defense Counterintelligence and Security Agency has made some 
improvements and has introduced new NBIS capabilities since 
taking over that process in 2020, it quite simply still is not 
enough to be able to retain, attract, and secure high-quality 
employees. Extensive wait times force talented agency recruits 
to pursue employment outside of the government when their 
security clearance stretches for months and sometimes years, 
and can you really blame them for wanting to wait and to hang 
around for things to change? On the other side of the coin, 
inadequate security clearance processes may allow the wrong 
people to access sensitive government materials, thereby 
endangering, directly or indirectly, national security.
    So, today we face a global threat landscape populated by 
even more dangerous adversaries, as we know. The bottom line is 
that our government security clearance process cannot keep up 
with the challenges we face at home and abroad if we do not 
address shortcomings within basic IT systems. So, I want to 
thank our two witnesses for participating in today's hearing. 
Like you, Mr. Chairman, I look forward to learning more about 
how DOD plans to remedy this issue and how we as Members of 
this Subcommittee can collaborate on efforts needed to put the 
NBIS project back on track. And with that, Mr. Chairman, I 
yield back the balance of my time.
    Mr. Sessions. The gentleman yields back his time. I really 
want to thank both of our witnesses who are here today. Both of 
them spent a great deal of time with me and the staff yesterday 
or the day before as we spoke about their preparation, our 
expectations, our performance, and the things that they would 
be doing. And I think you capsulized the need very well, and I 
want to thank the gentleman.
    So, I am pleased to welcome our two witnesses. Mr. Cattler 
serves as Director of the Defense Counterintelligence and 
Security Agency. In this role, he was selected because of his 
demonstrated not just background, but his commitment to the 
national defense and national security of this great Nation, 
and I believe he was chosen properly. Mr. Cattler is 
responsible for leading the efforts to protect America's 
trusted workforce, trusted workspace, and classified 
information, and I want to thank him for being here. Ms. Alissa 
Czyz serves as the Director in the Defense Capabilities and 
Management team at the Government Accountability Office. In her 
role, she oversees reviews on the personnel security clearance 
processes, artificial intelligence, intelligence 
infrastructure, and DOD approach to business transformation. 
Let me say this. I was impressed with her depth of knowledge, 
her ability to effectively communicate and to share that 
information so that others, including Mr. Cattler, would know 
what he is getting into.
    Thank you, each of you, for joining us today. I would now 
like to ask both of you to stand and rise. So, pursuant to 
Committee Rule 9(g), the witnesses will please stand and raise 
their right hand.
    Do you solemnly swear or affirm that the testimony you are 
about to give is the truth, the whole truth, and nothing but 
the truth, so help you God?
    [A chorus of ayes.]
    Mr. Sessions. Let the record reflect that both the 
witnesses answered in the affirmative. I want to thank both of 
you and ask that you take your seat.
    We appreciate you being here today. Let me remind the 
witnesses that we have read your testimony attempted to be 
prepared for you, and it will appear in full in the Committee 
hearing record. As I told both of you when we spoke, while we 
have oral statements of 5 minutes, I am going to be, as I 
always am, lax on that and want you to take the time to get 
things done on your oral presentation, notwithstanding that may 
change a bit as we get into questions and answers. I need you 
to make sure that you are passing the information to this 
Committee and did not believe it could be effectively done in 5 
minutes. So, the distinguished gentleman will have to put up 
with my review of that, but I would like for us to learn what 
they have to say, and I am delighted that they are here.
    Just to remind you, please press the button on the 
microphone in front of you so it is on and all Members can hear 
you when you speak. The light in front of you will also turn 
red and green, and I think you will figure out the rest of it.
    I now would like to acknowledge and welcome the 
distinguished Director Cattler for his opening statements. The 
gentleman is now recognized.

                       STATEMENT OF DAVID CATTLER

                                DIRECTOR

            DEFENSE COUNTERINTELLIGENCE AND SECURITY AGENCY

                       U.S. DEPARTMENT OF DEFENSE

    Mr. Cattler. Thank you. Chairman Sessions, Ranking Member 
Mfume, and distinguished Members of the Committee, I am truly 
honored and grateful for the privilege to testify before you 
today. I thank you for the urgency and for the attention you 
are giving to the Trusted Workforce 2.0 policy initiatives and 
to the National Background Investigation Services or NBIS 
program. I will act with the same urgency to ensure that DCSA 
is responsible and accountable in both what we say and what we 
deliver.
    I appreciate this opportunity as well to testify with Ms. 
Czyz at this hearing. The Government Accountability Office has 
conducted several reviews of the NBIS program between both 2021 
and 2023, including a recent report on cybersecurity that was 
published last week and another report assessing technical 
controls for background investigation systems that will be 
published later this year in 2024. The GAO identified areas 
where DCSA and the Department of Defense needed to improve.
    Even before I became DCSA's Director 93 days ago, I closely 
studied these reports and noted GAO's concerns. These 
recommendations do guide my focus and my direction as the 
Director of DCSA. I have directed that we renew our focus on 
these recommendations and that we close the action items 
presented within them as soon as we can. This includes the 
recommendations from the GAO cybersecurity report even before 
it was completed.
    In early May, after only about a month as Director, I 
hosted Ms. Czyz and several of her colleagues to understand 
GAO's methodology and analysis to determine any additional 
concerns they might have beyond those described in their 
reports and, frankly, to understand how my Agency interacted 
with GAO. I am committed to building a culture of 
accountability at DCSA that was lacking in the program. Simply 
and directly, the delay in fielding NBIS is unacceptable to 
everyone. Oversight from GAO and Congress are important parts 
of this ecosystem of accountability. As we move forward, we 
will be guided by what is in the best interest of national 
security and what is in the best interest of the taxpayer.
    DCSA is the largest security agency in the Federal 
Government. Its purpose is to provide integrated security 
services that protect America's trusted workforce and cleared 
workspaces. We perform five primary missions for the Department 
of Defense and the broader Federal Government: personnel 
security, industrial security, counterintelligence and insider 
threat, and security training. I am here today before you to 
focus on our personnel security mission.
    DCSA is the Federal Government's largest investigative 
services provider, providing vetting services for 95 percent of 
the Federal Government. Last year, DCSA's personnel security 
mission conducted 2.7 million investigations, or 10,700 
investigations, per day. We delivered 668,000 adjudicated 
decisions based on those investigations, and we performed the 
continuous vetting of over 3.8 million people in the trusted 
workforce. DCSA is also the primary implementer of the Trusted 
Workforce 2.0, or TW 2.0 Program, which is a personnel vetting 
reform initiative the White House's Performance Accountability 
Council, or PAC, launched after the OPM breach in 2016.
    The NBIS program supports the TW 2.0 reform effort as a 
Federal IT system for end-to-end personnel vetting. When 
complete, NBIS will deliver robust data security, enhanced 
customer experience, and integrate data access across the whole 
of government and cleared industry. Some efforts implementing 
Trusted Workforce 2.0 are going well, but we have faced 
challenges delivering NBIS to meet the expected timelines for 
Trusted Workforce 2.0 implementation.
    TW 2.0 sets an ambitious vision to change the personnel 
vetting operating model for the Federal Government, with the 
goal to detect and mitigate workforce risks and to expedite the 
entry of new employees into the Federal workforce. As the 
primary investigative service provider and the Agency with a 
task to deliver NBIS, DCSA is an enthusiastic partner and 
collaborator with DOD stakeholders and PAC members driving this 
TW 2.0 vision.
    We have made notable progress with NBIS and without NBIS. 
For case initiation, we transitioned our customer base of 115 
Federal agencies and more than 10,000 industry companies to the 
new entry point via a piece of NBIS called the electronic 
application, or eApp, to submit an investigation request. The 
eApp interface automates key aspects of the process and 
streamlines the submission process for the user, and I am proud 
to give you the update now that the eApp system is fully 
operational, again, effective today, and restored fully as the 
front end for all users. Our continuous vetting services to 
replace periodic reviews are driving down risk as well in the 
trusted workforce. Our CV services are being used across the 
Department of Defense and more than 90 non-DOD entities with 
more than 3.8 million personnel enrolled. The program is 
preparing to expand to a wider Federal population this summer. 
Also, rapid reciprocity decisions increase workforce mobility 
within and into the Department of Defense. Reciprocity 
timeliness remains at all-day lows for transfers into the DOD. 
In 2020, reciprocity transfers took 65 days. I am proud to say 
we are now down to only 1 to 3 days today.
    We recognize that IT modernization is hard and, in the 
past, the NBIS program also made some decisions that made that 
process harder for ourselves and for the user community. As a 
result, NBIS faced a series of problems. In addition to the 
issues raised by the GAO, we found from further internal 
analysis and other DOD assessments of the NBIS program, other 
key problems across a variety of aspects including oversight, 
software development.
    I am missing a page. Apologies, Mr. Chairman and Ranking 
Member.
    We feel an urgency to move quickly because we are behind 
the expected delivery schedule and because the Nation needs 
NBIS to support the personnel vetting mission. However, we also 
need to move forward at a responsible pace to ensure that we 
understand the problems and are addressing them. With the help 
of our partners in the Department and the GAO, we developed a 
recovery plan to fix these problems, including NBIS' cost, its 
delivery schedule, and its overall performance. An outcome of 
the recovery plan is initial 18-month capability roadmap for 
NBIS development. This roadmap was developed with our oversight 
agencies and other stakeholders. It addresses TW 2.0 technical 
requirements and secures resource alignment across the DOD. We 
have multiple cross-agency teams working daily preparing to 
meet the milestones in this roadmap, engaging with oversight 
for approval and with our customers as we move forward with 
improvements. To be clear, NBIS development will extend beyond 
the next 18 months, but I am confident with this path forward 
to reset the program.
    By the end of June, DCSA, working with our oversight 
partners in DOD, is staffing for signature the following 
documents: an updated capability needs statement and user 
agreement; requirements, governance, charter, and related 
process document; and a program capability roadmap for digital 
transformation that will be vetted with all critical 
stakeholders. These documents will provide clarity on program 
requirements to inform the NBIS capability roadmap and an 
updated lifecycle cost estimate for the program.
    DCSA has also onboarded new leadership to implement the 
roadmap coming out of this recovery period. We have not just 
myself, but also a new NBIS program manager and a new program 
executive officer for my Agency. The NBIS program leadership 
have a plan in place to restructure and upskill the team to add 
technical, agile, and acquisition expertise and skills.
    The NBIS program leadership also has evaluated and aligned 
a disciplined contracting strategy to support the way forward. 
By the beginning of October, we will have an updated 
independent cost estimate to assist with a reliable funding 
profile to both stabilize and sustain the program. We will 
continue to engage with customers and partners to ensure that 
their feedback is incorporated into the design and the 
configuration of capability development and configuration 
management as we implement this new capability roadmap.
    And to aid my strategic guidance into ensure internal 
accountability, I have also directed my Agency's Inspector 
General to audit the NBIS program. The DCSA IG will collect all 
historical documentation to support this assessment with a 
specific focus on the fiscal years between 2021 and 2024, when 
my Agency took direct responsibility. I will ensure he has the 
full cooperation of the DCSA workforce and full access to all 
DCSA records to conduct his investigation. Taken together, this 
will improve our visibility of the program, allow us to craft 
lessons learned, and to further enable us to achieve our goals 
to deliver NBIS.
    So, to conclude, DCSA will move forward with a program that 
instills confidence, a program that delivers capabilities to 
uphold this mission without fail. We have embraced 
collaboration with our oversight partners, the GAO, DOD, PAC 
members, the mission owners, and I would add Congress as well. 
Together, we will take NBIS on a sustainable pathway forward to 
protect the trusted workforce, to protect the Nation, and to 
ensure the public's trust. I am confident in our path forward, 
and I do expect to be held accountable. I look forward to your 
questions. Thank you.
    Ms. Sessions. Mrs. Czyz, we are delighted that you are 
here. The gentlewoman's recognized.

                        STATEMENT OF ALISSA CZYZ

                                DIRECTOR

                    DEFENSE CAPABILITIES MANAGEMENT

                 U.S. GOVERNMENT ACCOUNTABILITY OFFICE

    Ms. Czyz. Chairman Sessions, Ranking Member Mfume, and 
Members of the Subcommittee, I am pleased to be here today to 
discuss GAO's on personnel vetting and, specifically, the 
National Background Investigation Services System, or NBIS for 
short. As you know, the U.S. Government relies on over 4 
million personnel with security clearances to provide critical 
public services. Personnel vetting processes help ensure a 
trusted Federal and contractor workforce, but the government 
has struggled with managing personnel vetting for decades. In 
fact, this issue first appeared on GAO's High-Risk List in 
2005. After some improvements, it came off in 2011, but we had 
to add it back onto the list, as the Chairman noted, in 2018 
due, in part, to challenges with IT systems.
    My statement today focuses on the progress and challenges 
with NBIS, which underpins the government's efforts to reform 
personnel vetting. I will focus my statement on three key 
areas--NBIS' schedule, cost, and cybersecurity--and I am happy 
to go into more detail during Q and A.
    First, with respect to schedule, DOD is years late in 
delivering a fully functional modern IT system intended to 
support all phases of personnel vetting. As you know, 
cybersecurity incidents in 2015 compromised OPM systems 
containing data on over 22 million Federal employees and 
contractors. DOD was given the responsibility for a new IT 
system after this breach and began developing NBIS in late 
2016. DOD had originally planned for NBIS to be fully 
functional in 2019, and then August 2022, and then December 
2023. And today, while some capabilities have been deployed, 
NBIS is still under development. In the meantime, DOD has had 
to maintain legacy IT systems, including ensuring their 
cybersecurity.
    Second, with respect to costs, undertaking a major IT 
program is expensive. Last year, we reported that DOD had spent 
over a half billion dollars on developing NBIS and would spend 
another $700 million through 2027. It had also spent over $800 
million to maintain legacy systems while it develops NBIS. 
These numbers have most certainly increased since the time of 
our review. With delays in schedule come increased costs. These 
issues are not new. GAO first sounded the alarm about NBIS in 
2021. We reported then that DOD did not have a reliable 
schedule for the NBIS program and risked missing milestones. In 
2023, we re-looked at NBIS' schedule and found that it still 
did not meet our published best practices for a reliable 
schedule. We recommended to DOD in 2021 that it takes steps to 
improve its schedule. DOD did not. In 2023, we raised this as a 
matter for congressional consideration to require DOD to do so. 
We also found that DOD may be unable to accurately project NBIS 
costs. We suggested Congress also require DOD to follow our 
best practices for developing a reliable cost estimate.
    Finally, with respect to cybersecurity, DOD must get this 
right. We cannot have another breach like we did in 2015. Until 
NBIS is fully functional, DOD must ensure the cybersecurity of 
both the new systems it is developing as well as the legacy 
systems. In a report we released last week, we made 13 
recommendations to DOD to enhance cybersecurity of these 
systems. However, not all is without hope. The government's 
personnel vetting reform effort, called Trusted Workforce 2.0, 
has the potential to significantly improve security clearances 
by offering continuous vetting instead of conducting 
investigations on employees once every several years. NBIS is 
the linchpin to this reform effort. While DOD was not always 
listening, we are encouraged with the recent leadership 
changes, particularly at the Defense Counterintelligence and 
Security Agency, which manages NBIS.
    As DOD gets NBIS back on track, I cannot emphasize enough 
that it needs to embrace key program management principles like 
having a reliable schedule and cost estimate. Without these, 
the program will continue to suffer setbacks. In summary, NBIS 
simply cannot fail. Having fully functional and secure IT 
systems to conduct personnel vetting is paramount to keeping 
our Nation safe.
    Chairman Sessions, Ranking Member Mfume, and Members of the 
Subcommittee, this concludes my prepared remarks, and I would 
be happy to address your questions.
    Mr. Sessions. Thank you very much. Both witnesses have 
given us back their time. Now I would like to go first to the 
distinguished gentleman from South Carolina, Mr. Timmons. You 
are recognized for 5 minutes.
    Mr. Timmons. Thank you, Mr. Chairman. Good afternoon. Thank 
you to the witnesses for being here today.
    I am going to jump right into the issue of continuous 
vetting. Continuous vetting is supposed to be one of the major 
reforms in Federal personnel vetting. Mr. Cattler, is every 
member of the military, civilian workforce, and contractor with 
a security clearance currently subject to continuous vetting, 
and if not, when will this be the case?
    Mr. Cattler. Congressman, yes, I believe they are all 
enrolled currently.
    Mr. Timmons. That is good news. OK. Well, did not expect 
that answer. I appreciate that.
    Ms. Czyz. Could I jump in real quick?
    Mr. Timmons. Yes, Ms. Czyz, please.
    Ms. Czyz. So, it is true that they are all enrolled at this 
point, those with security clearances, but it is our 
understanding that not all of them are undergoing continuous 
vetting at this time. There is varying degrees of when CV is 
going to be implemented. So, ``enrolled'' means that they are 
ready to undergo vetting. It does not necessarily mean they are 
undergoing the entire continuous vetting process, which is 
several checks. Some of them may be getting a few checks, some 
of them may be getting no checks, and some may be getting more. 
So, that is our understanding.
    Mr. Timmons. Thank you for the clarification. How do you 
prioritize which individuals will have additional scrutiny? Mr. 
Cattler, is that an ongoing process, I mean if they are 
enrolled but they are not currently receiving the additional 
vetting?
    Mr. Cattler. Yes, sir. That is both. We are doing it and it 
is an ongoing process, and we take a look at how long they have 
been cleared for. We also take a look at the nature of the 
positions that they are in when we do that prioritization.
    Mr. Timmons. OK. Thank you. The track record of the NBIS 
system raises concerns about what exactly has been going on at 
DCSA since it was formed. Mr. Cattler, what kind of review are 
you planning with respect to personnel vetting, and how can we 
be sure that no bad actors have gotten through the cracks in 
past years?
    Mr. Cattler. Well, Congressman, I think I would answer you 
in two main ways. One is, again, I am on day 93 in the job, and 
I have asked for a zero-based review. I had begun that even 
before I interviewed for the job, and then certainly in the 
time I have been in. Take a look at what our business processes 
are and how we are structured. And, this is in part why I also 
said in my statement for the record that we did identify a 
number of leadership issues about internal accountability, 
compliance with internal controls, for example, reliability of 
data that was reported up about the status of the program.
    But the other thing we do is a tremendous amount of quality 
control checks on the cases that we do reviews on. We are 
adjudicating essentially for suitability, further decisions 
that are then taken by the operational partners, the agencies 
that use our adjudications to determine who should actually 
have access to certain material. And so, we take a look at are 
we accurate and complete, but we then also have to work with 
other partners to determine when we have had someone, let us 
say, that has gone bad. Simply, what was the cause? Did we miss 
something? Was their behavior different? What changed over time 
to have that break in trust?
    Mr. Timmons. And while we are going to be asking questions 
that will address shortcomings, I do want to say that I am 
probably the only person up here that has gone through a 
security clearance review in the last year and a half, so I 
will say it was extremely professional. It took a little longer 
than I would have thought, but they did a very thorough job, 
and I felt like they did a very good job.
    I also want to talk briefly about the costs associated with 
the Trusted Workforce 2.0. This program was initiated in 2018 
and was aimed to ``better support agencies' missions by 
reducing the time required to bring new hires on board, enable 
mobility in the Federal workforce, and improving insight into 
workforce behaviors.'' However, as made clear by the testimony 
today that is not necessarily the case. It has been 6 years 
since the launch of the program, and yet we have seen no 
necessarily positive results. The security clearance system is 
still extremely backlogged, and, as already mentioned, 
dangerous individuals continue to slip through the cracks.
    We have to do more. DOD is responsible for the costs 
associated with the development and continued maintenance of 
the NBIS system. Between 2017 and 2022, DOD spent approximately 
$654 million on the development of that system. We are $35 
trillion in debt, and we add a trillion dollars in debt every 
hundred days, so, I mean, that seems like an enormous amount of 
money for a program that it just seems like it is more than we 
necessarily should need to spend on this.
    I would like to hear from both witnesses what their 
estimates are of how long it takes from the time an agency 
sponsors somebody for a clearance to the time they get a 
clearance. Mr. Cattler?
    Mr. Cattler. Thank you, Congressman, for both parts of the 
question. First, let me say on the money and the time here, I 
completely agree with you. It is unacceptable how we have 
gotten to where we are, and we need to turn this thing around. 
I am trying to move deliberately, not overly slowly, because I 
think I share the same sense of urgency that you are 
communicating. We are 8-and-a-half years into a 3-year program. 
We spent $1.345 billion on a $700 million program that was 
begun in 2016. That is why I also have a sense of urgency, but 
at the same time, I recognize that we have got to catch our 
breath and make sure we get it straight before we move forward. 
That is why we just did this 90-day review and why we are 
laying out this better 18-month roadmap that all the 
stakeholders have contributed to and will agree on.
    On performance, if I track the fastest 90 percent of cases, 
if I take a Tier 3 security clearance or a secret, it now takes 
92 days, and a Tier 5 or a top-secret clearance takes 188 days. 
Those are a 7-month improvement for a Tier 5 investigation, and 
a 1-month improvement for a Tier 3 investigation over where we 
have been in the past at the peak of that backlog. The time is 
slower than the target due to surge in demand. Frankly, we have 
more applications now, between ten thousand and 11 thousand new 
applications for investigations per week, and that has added up 
to quite a number of cases that the team has to process.
    Mr. Timmons. Thank you. I am over time. It seems like we 
are moving in the right direction. I appreciate all your hard 
work. Mr. Chairman, I yield back.
    Mr. Sessions. The gentleman yields back his time. Thank you 
very much. The gentleman, Mr. Mfume, is recognized for his 
time.
    Mr. Mfume. Thank you, Mr. Chairman. Mr. Cattler, I want to 
talk about that $1.3 billion, but before I do that, you 
indicated that you are going to have an updated cost estimate 
by October. Is that correct?
    Mr. Cattler. Yes, Mr. Ranking Member, that is correct.
    Mr. Mfume. And rather than to read about it, can you make 
sure that Members of this Committee get that as soon as it is 
released?
    Mr. Cattler. Yes, sir. I will do everything I can to get it 
back to you.
    Mr. Mfume. And, you know, you just got in the position, so 
we just cannot nail you to the cross for everything that has 
gone on. I think what you will find is Members of this 
Committee prepared to extend to you the benefit of the doubt, 
but that is a lot of money, $1.3 billion into a program that 
costs maybe half of that or should have cost half that amount. 
Can you talk about how far you are into this review, 
particularly as it relates to redundancies in the spending over 
the past 3 or 4 years? So, I am talking about contractors, 
redundancies in contracts that were underperforming, and 
whether or not those are some of the things that you are 
looking at.
    Mr. Cattler. Again, thank you for your question. This is a 
very important part of how we have approached this last 90 
days.
    Mr. Mfume. Mm-hmm.
    Mr. Cattler. We looked at three strategic baskets of 
issues, first personnel. Did we have the right people in the 
right place with the right qualifications to tackle this work? 
Was their training up to date? Do they have the right skills? 
We have had a lot of advice on who else to hire, who else to 
bring in, for example, user experience experts, people that can 
help us a little bit more with data architecture. We have sent 
our people out for Agile training. We have had over 140 receive 
updated training in Agile methods for software development, and 
we sent some of the program management staff over to the 
Defense Acquisition University as well for further training on 
program management-related skills.
    The second basket we looked at was procurement and our 
contract structure. Did we have the right framework? Did we 
have the right priorities? This balance, sir, as you have 
highlighted, between doing new system development and legacy 
system sustainment is critical to the path we need to take 
forward. Of that $1.35 billion, we spent more than $800 million 
of that, yes, on new software development, but the remainder of 
it did go to legacy system sustainment. So, we need to 
prioritize the retirement of the legacy software systems with 
the thought of how much they cost and, ideally, eliminate, 
sunset the programs that cost the most at the earliest 
opportunity if the technology will allow us to do so. And that 
is one of the things the program manager and our contract staff 
are taking a look at.
    And then finally, oversight is another key piece that we 
looked at, and not this form of oversight per se, although, 
again, I am happy to be here. We also looked at the 
relationship between myself and the GAO; myself, my Agency, and 
the Office of the Secretary of Defense; and my office, my 
Agency back with the Performance Accountability Council about 
transparency and accuracy.
    Mr. Mfume. And let me go back to this subject of continuous 
vetting. I said in my opening remarks, not only was I fearful 
that good people were not being allowed in, but that bad actors 
had slipped in. So, this continuous vetting, which I understand 
now is more than just enrollment, it is like do you drive? Yes, 
I have a car. Have you driven in the last year? No, I have not. 
I am very much concerned about how you go about prioritizing 
the continuous vetting. So, should I assume that the people 
with the highest clearance are not only enrolled, but are being 
continuously vetted?
    Mr. Cattler. Yes, sir, but again, as Ms. Czyz says, it may 
vary based on where they are because, again, they are all 
eligible, they are all enrolled, but the extent of the 
monitoring may vary. I have statistics here that I could give 
you for Fiscal Year 24, Ranking Member, if you would like, 
about the performance of CV.
    Mr. Mfume. Yes. I would rather you give them to me as part 
of your written testimony. I do not have much time here, but I 
do want to go back to the GAO here and to ask, you talked about 
your real recommendations to the Agency would be to deal with 
their scheduling, their costs, their cybersecurity issues. 
Could you take this last minute and speak about that please?
    Ms. Czyz. Yes, I would be happy to, and we are looking 
forward to seeing the new roadmap and plans, but I will say 
that we have reviewed multiple NBIS roadmaps over the years, 
and none of them had reliable schedules. In fact, when we did a 
review in 2021, it was unreliable. In our 2023 report, when we 
re-looked at the new roadmap and new schedule, it was actually 
worse than the 2021. So, it is great that new plans are being 
formed, but it is essential that you follow best practices for 
integrated master schedules to get the plan right, or else we 
are just going to keep repeating this over and over.
    I would also like to mention on the cost estimate, very, 
very encouraged to hear that DCSA is going to pursue an 
independent cost estimate. That was one of the recommendations 
we had according to our best practices, too. I mean, the point 
about already spending over a billion, a billion-and-a-half 
dollars on the program for several more years, just keep in 
mind those estimates were unreliable, too. So, it could have 
been more, so we do not know, right? We are at a point now, Mr. 
Cattler is here. He is new. He is putting great things in 
place. We really appreciate that he invited us down. He has 
read all of our reports. He takes them seriously. But our best 
advice would be to just, please, you know, it is great to move 
forward, but make sure we have got these key program management 
principles in place, and the same with cyber, too. Kind of the 
main message of our cyber report last week with the 13 
recommendations is there was limited oversight of cybersecurity 
within DCSA, so strengthening oversight of cybersecurity is 
essential as well.
    Mr. Mfume. Thank you very much, Mr. Chairman. My time has 
expired. I would hope that perhaps in 6 months or so, we can 
reconvene all over again and do a review of where we are, where 
we started, which is today, and where we will be 6 months later 
just to have some contrast and some comparison.
    Mr. Sessions. The gentleman yields back his time. Thank you 
very much. As a matter of fact, we have talked about that and 
would aim for October.
    Mr. Mfume. Good.
    Mr. Sessions. Thank you very much. This distinguished 
gentleman from Arizona, Mr. Biggs, is recognized.
    Mr. Biggs. Thank you, Mr. Chairman. Thank our witnesses for 
being here. Ms. Czyz, I want to make sure I am clear on this. 
From 2017 to 2022, it was $654 million, from 2022 to 2027, it 
is anticipated to be $700 million for NBIS, and then just in a 
legacy system, that $800 million, that is to date during this 
same period?
    Ms. Czyz. It is actually only from Fiscal Year 2020 to 
2022. That was the only information available at our last 
review, so it is much more actually than that.
    Mr. Biggs. For the legacy.
    Ms. Czyz. For the legacy systems, yes.
    Mr. Biggs. So, I would ask Mr. Cattler if you can get that 
information for us so we would know. You have it? Oh, well 
then, Mr. Cattler.
    Mr. Cattler. Thank you, Congressman Biggs. DOD has spent 
approximately 825 million on NBIS system development since 
2016. That money was spent to build the end-to-end vetting 
system to replace the legacy systems, and that total of $825 
million was executed under budgetary authorities by both DCSA 
and DSA before.
    Mr. Biggs. OK. And that is separate than the $1.35.
    Mr. Cattler. The total is $1.35 because the remaining 40 
percent, which is about $575 million----
    Mr. Biggs. OK.
    Mr. Cattler [continuing]. Was spent on sustaining legacy 
systems to deliver the personnel vetting systems to DOD and 
Federal agencies between fiscal 2021 and fiscal 2023, with the 
bulk of the $575 spent on supporting legacy BI systems, which 
we call BIS.
    Mr. Biggs. Does that track with what you know, Ms. Czyz?
    Ms. Czyz. Our number is a little bit higher than that. In 
addition to that $500 million-ish that Mr. Cattler mentioned, 
there are also costs to OPM because the legacy systems still 
reside on their network, and so they still have to maintain 
that infrastructure even though DCSA is in charge of those 
legacy systems. So, we have that at a little bit over $250 
million more than DCSA stated.
    Mr. Biggs. Right. I see. And then, and Ms. Czyz, you used 
the term ``unreliable schedule,'' and you mentioned it, 
receiving unreliable schedules. Tell us what a reliable 
schedule would look like, please.
    Ms. Czyz. Right. So, we have four key practices that we are 
looking for that we assess integrated master schedules on. 
Comprehensiveness. So, we looked at the schedule, and we could 
not see that all activities were in the schedule. So, it is 
kind of like building a house but not remembering that you have 
got to get the permits, right? You have got to get electricity. 
You have got to get plumbing. All the tasks need to be in the 
schedule. Control is the second key practice. The schedule, 
when we reviewed it, was missing status dates for tasks, and we 
could not compare actual progress with a baseline. Credibility 
is the third key practice. This is being able to trace events 
to each other and have a risk analysis. There was no risk 
analysis in the schedule. And then well-constructed logical 
sequencing. We could not consistently find sequencing between 
different activities. So, in fact, none of those key practices 
were met. They were all judged as minimally met in 2023. They 
need to be all substantially met to have a reliable schedule.
    Mr. Biggs. So, I mean, with the logical sequence, you are 
talking about putting the roof on before you put the walls in.
    Ms. Czyz. Yes. Good analogy.
    Mr. Biggs. OK. And, Mr. Cattler, I know you have only been 
on 93 days. I want to give you a chance to respond. I am not 
blaming you, but in your written testimony, you said the 
analysis of the NBIS program identified several key problems, 
including in oversight, software development methodologies, 
acquisition strategy, team competencies, and leadership, and 
Ms. Czyz has identified some additional problems. And it leaves 
this question actually as I read it, I kind of jotted this 
down, actually, three questions. Why, what caused the problems, 
how do you cure them, and is there anything that you have found 
going right because, I mean, these are pretty comprehensive and 
broad. So, what is going right?
    Mr. Cattler. Well, thank you, Congressman. Let me start 
there maybe----
    Mr. Biggs. Yes.
    Mr. Cattler [continuing]. What is going right.
    Mr. Biggs. Yes.
    Mr. Cattler. I think that, first, what is going right now 
in terms of strategic performance is that we are, in fact, 
delivering those 2.8 million investigations a year and 10,700 a 
day, and we are satisfying that CV function, obviously, in 
order to get that done. We have delivered eApp as a key element 
of NBIS, as I said, just fully restored again today. And the 
reciprocity work, again, under Trusted Workforce is also, I 
think, a big deal in terms of overall performance delivery.
    In terms of who is to blame and who is at fault, what I 
would say is I think the investigation so far has indicated 
that there is plenty of blame to go around. We had many issues 
in various places within the program----
    Mr. Biggs. Before I run out of time because you get to 
answer past my 5 minutes. I do not get to ask questions past my 
5 minutes. So, my question is, because you talked about culture 
of accountability, ecosystem of accountability, and you just 
said there is plenty of blame to go around. How do you mesh the 
blame to go around with the ecosystem of accountability, I 
mean, because you talked about hiring new people and getting 
the right people and everything. You did not talk about maybe 
letting go of some people who should not be there.
    Mr. Cattler. Yes, Congressman. We have had some people move 
on. We have, even in the time that I have been on board, have 
had to make some of those changes internally to the team. I 
think it is fair to say, too, that the dynamic of communication 
internally and external is fundamentally different now since 
the end of March. I have worked with my colleagues that are 
involved in my oversight now for more than 2 two decades, know 
them very well professionally and personally. We are locked arm 
in arm on this. And I feel like I should also say to you that 
while it is not my fault, it is my responsibility to be sure 
that DCSA delivers on this set of requirements. It is critical 
that we do so.
    Mr. Biggs. Well, thank you. Thanks, Mr. Cattler. My time 
has expired. Thank you, Mr. Chairman, for indulging me.
    Mr. Sessions. The gentleman yields back his time. Thank you 
very much. The distinguished gentlewoman from Washington, DC, 
Ms. Norton, is recognized.
    Ms. Norton. My first question is for Ms. Czyz. Efforts to 
modernize the information technology system at the root of the 
U.S. Federal personnel vetting process is years behind schedule 
and well over budget. In August 2023, the Government 
Accountability Office released a report that found DOD's 
development of that system, known as SBIS, lacked accurate cost 
projections and failed to meet seven out of seven schedule and 
cost estimate best practices. Ms. Czyz, why is an accurate cost 
estimate important to a project like SBIS development?
    Ms. Czyz. Right. Well, thank you, ma'am. It is a key 
program management principle. Without being able to accurately 
project costs, you are at risk of cost overruns and you cannot 
manage costs. We have four key practices for a cost estimate. 
It needs to be reliable--I am sorry--accurate, comprehensive, 
credible, and well-documented. We found that DCSA's cost 
estimate minimally met three of these practices and did not 
meet the credible practice at all. It was not credible. We are 
encouraged to hear that they are going to do an independent 
cost estimate. That is key to doing that, but to be able to 
drive the program, we are years behind now, we are spending 
more than what was anticipated, but we cannot really even rely 
on those numbers. So, having an accurate cost estimate is key.
    Ms. Norton. Mr. Cattler, GAO's report also found that DOD 
spent around $654 million since 2016 to develop NBIS. DOD also 
spent $835 million to maintain the OPM legacy information 
technology systems from fiscal years 2020 through 2022. In its 
August 2023 report, GAO recommended that Congress consider 
requiring DOD to develop a reliable cost estimate and program 
schedule for NBIS development. Mr. Cattler, has your Agency 
taken steps to develop the issues with cost estimate and 
programs scheduled related to NBIS development, or does 
Congress need to enact legislation to get DOD to follow best 
practices?
    Mr. Cattler. Well, thank you Congresswoman. I believe that 
we are well on the track to have the reliability in our 
internally generated cost estimate. It will go through many 
reviews within DOD and the interagency, for example, led by the 
Performance Accountability Council, among others. And as I have 
stated my statement for the record, we will also contract out 
an independent cost estimate after we have an approved plan to 
be sure that that outside scrutiny tracks with what we judge it 
will cost moving forward.
    Ms. Norton. Well, Mr. Cattler, how does DOD plan to pay for 
any and all next steps needed to complete development of NBIS? 
Do you plan to request additional funding from Congress?
    Mr. Cattler. Congresswoman, I am not yet in a position to 
tell you how much all of that will cost and how we would 
program for it until I have the final plan and approval. But, I 
can tell you that we have already programmed for ongoing NBIS-
related work for development and sustainment, both of the NBIS 
and of legacy software, through fiscal 2030 in our current 
plans.
    Ms. Norton. Mr. Cattler, can I get a promise from you here 
today that you and your staff will meet regularly, perhaps 
monthly, with Oversight staff to ensure the Defense Security 
Cooperation Agency is taking action to address all outstanding 
GAO recommendations and getting the NBIS system and Trusted 
Workforce 2.0 back on track?
    Mr. Cattler. Congresswoman, I commit to you that I will be 
open and transparent, I will push information to you, and I 
will be fully responsive to any request Congress has on any-
time basis.
    Ms. Norton. Ms. Czyz, can Congress count on you and your 
team to assist us in this essential oversight?
    Ms. Czyz. Absolutely. GAO's role is to provide Congress 
with information to aid your oversight. We have been doing that 
for many, many years in personnel vetting. We very much 
appreciate this hearing today that does provide visibility on 
the work and move the ball forward, and we are absolutely 
committed to continuing our oversight in this area.
    Ms. Norton. Thank you, and I yield back.
    Mr. Sessions. The gentlewoman yields back her time. Thank 
you very much. The distinguished gentleman from Louisiana, Mr. 
Higgins, you are recognized.
    Mr. Higgins. Thank you, Mr. Chairman. Mr. Cattler, Ms. 
Czyz, thank you for being here. Mr. Cattler, am I pronouncing 
your name correctly, sir? It occurred to me we did not get it 
right.
    Mr. Cattler. Yes, Congressman, ``Cattler.''
    Mr. Higgins. OK. Mr. Cattler, my father always said, 
ultimately, it is always one guy. It is one guy, and today you 
are the one guy. But we recognize the fact you have been on the 
job since March, so we are certainly prepared to give a fellow 
a chance to make necessary corrections and changes within his 
authority to correct some malfunction within the Federal 
Government. Let me say it is a Federal Government that is 
spending $3 trillion a year that it does not have, so I am one 
of those conservative voices that is--you know, call me crazy--
but sounding an alarm, the amount of money that we are spending 
in our country that we do not have. We are borrowing this 
money, 100 percent of it. So, you have a small slice of that, 
and it is what we are addressing today, but I appreciate your 
attitude because you seem to be focused on actually fixing what 
has gone wrong within your particular Agency.
    So, let me just, for the benefit of Americans watching, 
that Americans have to deal with a lot of acronyms in 
Washington, DC. You work for the Department of Defense. The DOD 
is defense, Counterintelligence Security Agency--that is the 
DCSA--and primarily what we are discussing today is a failure 
to roll out a program called the National Background 
Investigative Services, a new state-of-the-art IT system that 
will help your Agency to handle the workload of dealing with 95 
percent of the background checks and vetting that American 
Government requires across the Federal Government. Was that an 
accurate summary of the task you have in front of you, sir?
    Mr. Cattler. Yes, sir.
    Mr. Higgins. OK. And the NBIS program is years overdue and 
many millions of dollars, at minimal, over budget. So, what we 
are asking of you today is, will you deliver the product? If we 
set aside the cost overruns and the budget issues, and the 
fact, again, that this is a government that is addicted to 
spending money that we do not have as a Nation, we set that 
aside, could we at least get some product delivered? And you 
appear to be saying, yes, sir/yes, ma'am, I am going to get it 
done. Am I hearing you correctly?
    Mr. Cattler. Yes, sir. I and my team will get it done.
    Mr. Higgins. Excellent. So, the good lady seated next to 
you represents the Government Accountability Office, and they 
have made recommendations that historically have not been 
followed. Now, the GAO, we give them the responsibility to 
advise Congress and look into this matter, and say what can be 
done, and give official recommendations, and historically, that 
is not always followed, including in your Agency. But now that 
you are in charge, does DCSA intend to follow GAO 
recommendations?
    Mr. Cattler. Yes, sir. We have already reverted to 
following GAO recommendations, and I and the leadership team 
will continue to ensure that we do.
    Mr. Higgins. Excellent. I do not claim to be an expert in 
your field, but I get the feeling that you claim to be an 
expert in your field, and congratulations, but you have a hell 
of a job in front of you to fix this thing. This Committee is 
going to count on you to measure up. When I was in the Army in 
1989, I went through an original, a small security clearance. I 
was an MP in the Army. We required a little bit of a security 
clearance. I was surprised to hear that the Army had sent 
people I went to high school with. There was no computers. 
There was no IT system. There was no $1.2 billion to do it. 
They sent human beings to talk to the people I went to high 
school with. I recall being glad they did not speak to the 
people I went to college with.
    [Laughter.]
    Mr. Higgins. So, America is less focused on some failure to 
comply with your budget than we are with the failure to deliver 
the product that America requires. And I believe I am hearing 
you accurately, good sir, saying that you are going to follow 
the recommendations of the Federal Government organization that 
is responsible to give you recommendations, and you are going 
to drive forward with that mission. So, I look forward to a 
report later this year. I thank you each for being here. Mr. 
Chairman, my time has expired.
    Mr. Sessions. The gentleman yields back his time. Thank you 
very much. The distinguished gentleman from Virginia, Mr. 
Connolly----
    Mr. Mfume. Mr. Frost.
    Mr. Sessions. Excuse me. The gentleman, Mr. Frost. Thank 
you very much.
    Mr. Frost. Thank you so much, Mr. Chairman. Some estimates 
indicate roughly 4 million Americans currently have a security 
clearance. The Defense Counterintelligence and Security 
Agency--DCSA--which administers the governmentwide vetting 
process, identified more than 115 Federal agencies and roughly 
13,000 industry organizations that touch the NBIS. DCSA is in 
charge of developing NBIS, the IT infrastructure at the core of 
the personnel vetting system reforms. DCSA is also in charge of 
maintaining the legacy IT systems while it gets NBIS fully 
functioning, and, unfortunately, DCSA has to spend millions of 
dollars maintaining the old system as NBIS fails further behind 
schedule. The Deputy Director for Management at OMB, an Agency 
trying to help us get this back on track, came before this 
Committee and told us that continuous vetting should be covered 
for the entire clearance population in ``the coming months.'' 
Well, the coming months have come and gone, and so, Mr. 
Cattler, can you provide a timetable for when DCSA will be able 
to retire the legacy IT systems?
    Mr. Cattler. Congressman, at this point, I cannot until my 
plan is approved and we have confidence in the estimate for 
both the program management schedule as well as the cost.
    Mr. Frost. OK. Cannot. I mean, this is not the first time 
Congress has sought transparency on implementation as it 
relates to NBIS, and the thing that goes hand in hand with 
transparency is accountability. So, it would be great to get a 
timetable as soon as you all are able to provide one to the 
Committee.
    Mr. Frost. The OMB deputy director also pointed to a 
shortage of technical talent. Mr. Cattler, have you at least 
acquired sufficient technical talent so we can operate the NBIS 
for the full clearance population?
    Mr. Cattler. Congressman, I am confident that we have the 
internal talent in our workforce to perform the personnel 
security mission, and we continue to retain them and hire new. 
We are also bringing on additional personnel relevant to the 
development of the NBIS program as we further understand where 
our key expertise gaps are.
    Mr. Frost. OK. Ms. Czyz, has Mr. Cattler articulated to you 
any lessons learned from the past challenges with NBIS?
    Ms. Czyz. Well, Mr. Cattler has been in his role about 3 
months now----
    Mr. Frost. Mm-hmm.
    Ms. Czyz [continuing]. And I would say maybe even 6 weeks 
into that role, he did invite us down to Quantico, and we went 
through all of our GAO reports. We presented the key findings 
and recommendations. He had read them all. He could even quote 
pieces of them back to us. He was, I think, committed and 
demonstrated a commitment to understanding our concerns. He 
asked us point blank how his Agency had interacted with GAO in 
the past, and that he was committed to having a collaborative 
relationship and implementing our recommendations. So, I think 
we are very encouraged by his early leadership here. He has got 
a lot ahead of him definitely, and, hopefully, he can use our 
past work to guide him and so we do not have a repeat of what 
has happened over the past 8 years.
    Mr. Frost. That is really good to hear. NBIS delays are 
serious business. Over the last decade, the number of clearance 
positions has grown more than tenfold while the number of 
candidates remain stagnant. In 2023, the NSA announced its 
largest hiring surge in 30 years. The FBI requested $63 million 
from Congress to hire 192 new cyber professionals to protect 
American IT infrastructure against foreign threats, and all 
these positions obviously require security clearance. The 
Federal Performance Accountability Council's 4th quarter report 
for Fiscal Year 2023 mentions system and IT outages as reasons 
for continued clearance delays. Mr. Cattler, have you 
identified what the causes of these IT outages were?
    Mr. Cattler. Congressman, yes. In the time that I have been 
the Director, we have had outages due to issues with 
communications connectivity, but we have also had issues 
related to failure to follow proper procedures and internal 
controls. So, to address these two at least, we have looked at 
alternative communications providers. We are working with DISA 
on that in order to move to different DOD-provided systems, for 
example----
    Mr. Frost. Mm-hmm.
    Mr. Cattler [continuing]. And different commercial 
telecommunications providers. And we are also taking, in some 
cases, punitive action against some of our employees and 
contractors----
    Mr. Frost. Mm-hmm.
    Mr. Cattler [continuing]. To be sure that they understand 
and they feel a penalty for failure to comply with those 
established internal controls, especially, as you have said, 
they may, in fact, lead to a system outage that could cause 
loss of data as a potential worst outcome, but I hesitate to 
say a minimum, but at a minimum, certainly short of loss of 
data, a significant delay in somebody being able to even file 
an application for security clearance.
    Mr. Frost. Are you reviewing and changing any of the 
standard operating procedures around this?
    Mr. Cattler. Congressman, yes. We are constantly looking at 
what our standing operating procedures are and the internal 
controls, and this, as well, will be part of the IG review that 
I have asked my IG to perform.
    Mr. Frost. Perfect. Thank you both for all the work that 
you do. I yield back.
    Mr. Sessions. The gentleman yields back his time. Thank you 
very much. The distinguished gentleman of Tennessee, Mr. 
Burchett, is recognized.
    Mr. Burchett. Thank you, Mr. Chairman. Ms. Czyz, I got that 
name right? That is a cool name. I dig that. That is really 
cool. As the 435th most powerful Member of Congress, I get to 
ask my questions last. Usually as I like to state, there is 
usually a custodian in front of me sweeping up about the time I 
get up on the mic, so I apologize if these questions have been 
asked. I have trouble hearing. My wife says it is selective, 
but my doctor says otherwise, so if you all have asked these 
questions before, just act like this is the best question you 
ever had. And, Mr. Cattler, if you would look at her and go, 
wow, that is a really great question, I would really appreciate 
that. It would be good for the folks back home.
    The status of the National Background Investigation 
Services system, where would you say that is at?
    Mr. Cattler. Congressman, it is unacceptably late----
    Mr. Burchett. OK.
    Mr. Cattler [continuing]. And we have underdeveloped the 
required capabilities to meet our policy deliverables.
    Mr. Burchett. OK. It was supposed to be fully operational 
by 2019? Is that correct? I know you have inherited this mess, 
so.
    Mr. Cattler. Yes, Congressman, that is correct.
    Mr. Burchett. Thank you, brother. And the projection of 
when it will be fully operational?
    Mr. Cattler. Congressman, we are programmed out through 
2030.
    Mr. Burchett. OK.
    Mr. Cattler. We aim in the current plan to have the legacy 
system sunset no later than fiscal 2028.
    Mr. Burchett. The GAO, they issued this report, as you know 
I am sure, regarding the Defense Counterintelligence Security 
Agency's issue with cybersecurity. Do you feel like they have 
dropped the ball on this thing, or do you feel like they have 
got a good grip on it now?
    Mr. Cattler. Congressman, I do not think GAO has dropped 
any balls. I think their cybersecurity report is of similar 
high quality to the previous reviews of NBIS.
    Mr. Burchett. OK. Ms. Czyz, I am not sure if I am supposed 
to be asking you this or not. I thought I was asking you that 
and he was answering, so I am not sure. How can we have 
confidence in this Agency, and is there an investigation into 
what vulnerabilities have existed since it was taken over in 
2018?
    Ms. Czyz. I think with new leadership, we are encouraged 
that DCSA can get NBIS back on track, but they have got to go 
back to key management principles, the basics, right? 
Developing a reliable schedule and cost estimate for the 
program, enhancing oversight, and particularly with 
cybersecurity, based on a report that we released last week, 
these are key fundamental program management principles. And in 
the past, the program has been so focused on moving out to 
deliver capabilities, that they had told us that it was an 
administrative burden and a waste of time, frankly, to develop 
a schedule or a cost estimate. They did not need to do that. 
They did not need to follow best practices. Well, now they are 
years and years late and behind schedule, and over cost, too.
    We think that the tone is different this time from the top 
and are encouraged, but as they kind re-baseline again, we 
would really encourage them to take a look at our 
recommendations to make sure that they are implemented so that 
they are on a path to success.
    Mr. Burchett. So, do you think we have fixed these 
vulnerabilities, or do you think we ought to pull the plug on 
the program before it becomes worse?
    Ms. Czyz. The cybersecurity report we released last week, 
the fundamental cause of the issues was lack of oversight of 
cybersecurity, lack of documentation of key practices and 
processes. If you can strengthen oversight, I think that will 
go a long way. We do have an ongoing review right now that Mr. 
Cattler referenced. We are actually going in and testing the 
controls of the systems to look at vulnerabilities, so we do 
not have that information yet. We will have that later this 
year. It will be a nonpublic report, of course, but enhancing 
oversight of cybersecurity is key.
    Mr. Burchett. Mr. Cattler, what do you expect you all are 
going to spend on the National Background Information System as 
it moves forward?
    Mr. Cattler. Congressman, I need to get an approved plan 
from the DOD----
    Mr. Burchett. Right.
    Mr. Cattler [continuing]. And from my oversight officials, 
and then I can do the internal tally of how much it will cost, 
and then I will confirm that through the independent cost 
estimate. I would have to get back to you on what the specific 
number is.
    Mr. Burchett. I would appreciate that.
    Mr. Burchett. Is that normal operating procedure? Is that 
the way it usually works? That is not one of these trick 
questions a lot of my colleagues ask. I am just asking you 
that.
    Mr. Cattler. No, Congressman, it is not, and it is also 
part of the reason why I say it is unacceptable that I find the 
NBIS program in my Agency in the situation that it is in. If we 
had followed the proper protocols and leadership had demanded 
the oversight and internal accountability that Ms. Czyz and her 
colleagues at GO highlighted in their reports, I think you 
could make a fair argument that we would not be where we are.
    Mr. Burchett. OK. Thank you, Mr. Chairman. Thank you all 
very much.
    Mr. Sessions. The gentleman yields back his time. Thank you 
very much. The gentlewoman, Ms. Lee.
    Ms. Lee. Thank you, Mr. Chair. Since 2017, the Department 
has managed to spend over a half a billion dollars on 
developing a new personnel vetting system, NBIS, with little to 
show for it. We have no idea when the project will be done as 
well as no idea how much more money DOD anticipates spending. 
To quote GAO's report, DOD's estimate is minimally accurate, 
minimally comprehensive, not credible, and minimally well-
documented. Ms. Czyz, when did DOD first estimate that NBIS 
system would be fully operational?
    Ms. Czyz. 2019.
    Ms. Lee. So, that same year, but that did not happen. Ms. 
Czyz, briefly, what went wrong and what did DOD do next?
    Ms. Czyz. Well, as we have reported, the NBIS program did 
not have a reliable schedule so they could not accurately 
project when they would hit key milestones. They actually moved 
their target many times. 2019 was the first target date for 
full functionality. It then moved to 2022, it moved to 2023, it 
moved to 2024, and now it will likely be years later. But the 
key underlying cause of those shifts was not realizing all the 
tasks that needed to be done to deliver that full 
functionality, so just a basic program management principle of 
having a reliable schedule to plan from.
    Ms. Lee. So, it was not until after DOD already missed 
their own deadline that they publicly reassessed and changed 
the timeline to then 2023. Mr. Cattler, it is now June 2024. 
Can NBIS currently perform all the necessary functions DOD 
needs from it?
    Mr. Cattler. Congresswoman, NBIS and the legacy systems 
together perform all the functions that are required, but NBIS 
alone does not.
    Ms. Lee. So, no. So, DOD is years over schedule, over 
budget, and the country still does not have enough cleared 
staff to perform the work it needs. DOD has the largest budget 
in our government yet seems to continue to make the biggest 
mistakes lost in multimillion dollar planes, failed audits, and 
this mess of a security clearance system.
    In addition to highlighting DOD's uncanny ability to fumble 
millions of dollars, I also want to take some time to pay 
attention to the extent to which racial biases may affect the 
security clearance process and may contribute to the 
underrepresentation of BIPOC staffers in the national security 
workforce. In 2022 and 2023, the RAND Corporation conducted 
research assessing whether racial disparities exist in the 
clearance process.
    I asked unanimous consent to enter these two reports into 
the record. I am going to take that as a yes.
    Mr. Sessions. Without objection.
    Ms. Lee. Thank you so much.
    Ms. Lee. Mr. Cattler, in its study Rand observed that 
several societal factors, such as financial challenges and 
student debt, disproportionately affect minorities and may lead 
to increased perceptions of risk without considering historic 
context. How is DOD working to ensure that these risks are 
fairly considered in the security process? Specifically, what 
measures are in place to prevent these systemic issues from 
unjustly impacting clearance decisions?
    Mr. Cattler. Congresswoman, we work with the director of 
National Intelligence as she performs her functions as a 
security executive agent on the adjudication guidelines. We 
also take a hard look when we do our quality control to be sure 
that we have rung out any bias. As we identify it, we do make 
changes in those procedures, and we also hold our people 
accountable if they make errors or even act inappropriately to 
deny someone a security clearance based on one of the factors 
you have highlighted.
    Ms. Lee. Thank you. Mr. Cattler, human judgment is a 
significant component of the security clearance process. What 
specific training programs does DOD have in place to help 
investigators recognize and mitigate their own implicit biases?
    Mr. Cattler. Congresswoman, I have to get back to you with 
a specific list, but I can tell you generally that we do 
provide bias training for all of our adjudicators with the 
recognition that it is a subjective process.
    Ms. Lee. Mr. Cattler, again, as DOD increasingly relies on 
automation and machine learning for continuous vetting, how are 
you ensuring that these technologies do not perpetuate or 
exacerbate existing racial biases? For instance, what 
safeguards are in place to monitor incorrect algorithmic biases 
in the clearance process?
    Mr. Cattler. Congresswoman, pieces of this are addressed, 
again, through the adjudication guideline review process and 
also the training that we are providing to all of our 
employees, including those that are working on those algorithms 
and the verification of their success.
    Ms. Lee. Finally, Mr. Cattler, transparency and 
accountability are vital. Can you commit to conducting 
independent assessments of security clearance applications to 
identify any racial biases that may have influenced outcomes, 
and will you make these findings public to ensure 
accountability and foster trust in the process?
    Mr. Cattler. Yes, Congresswoman, I do.
    Ms. Lee. Thank you so much. I thank you both for your time, 
and I yield back.
    Mr. Sessions. The gentlewoman yields back her time. Thank 
you very much. We will go to Ms. Tlaib. The gentlewoman is 
recognized.
    Ms. Tlaib. Thank you, Mr. Chair. Thank you so much, 
Director, for joining us today, and I think it is great that 
you are even here even early in your position as a new person. 
So, I know my colleagues have, I think, done a really good job 
going through the issues regarding NBIS already, so I am not 
going to repeat what has already been said. But I want to bring 
up an opportunity and put a marker down for my colleagues here 
in Committee and what I do here regarding security clearances 
with my residents.
    What we are seeing right now, and folks might see it 
separate, but this is happening to Americans in my district, 
the no-fly list. And I know they kept saying both of you cannot 
respond to this, but I think it is really important, Mr. Chair, 
that here in Washington, we again and again try to address 
critical issues that are impacting our residents. But the list 
that right now is being used discriminates against American 
Muslims en masse, with little to no legal recourse for 
countless wrongfully included Americans.
    It has been a little over a year since CARE released 
analysis of the FBI's ``terrorism screening data base'' that 
found 98 percent of the names included were Muslim names. For 
the record, if I can submit the report, Mr. Chair.
    Mr. Sessions. Without objection.
    Ms. Tlaib. And one of the things I want to also put into 
the record and read is also a transcribed deposition of the FBI 
of April 16, 2024, Mr. Chair. Without objection? Yes, OK. 
Great. Thank you.
    Ms. Tlaib. So, let me just go over this, and this is 
important, Mr. Chair, because I think this would intrigue you. 
On page 199, when the plaintiffs' attorneys questioned the FBI 
about the effectiveness of the Watch List, the question was, 
``Federal law enforcement officers also encounter people on the 
Watch List, correct?'' ``Yes,'' the FBI answers. And then, 
Chairman Sessions, they go on to say, ``Does the FBI know of 
any Federal law enforcement encounter with a person on the 
Watch List that has led to a terrorism-related arrest?'' And 
then they go on to say, ``So, I do not know of any instances 
where local law enforcement was notified of the presence of an 
individual on the Watch List and then made an arrest based on 
that.''
    Why this is important, again, this deposition was done, 
this is over a 21-year span of the program, had not arrest, a 
single person on the terrorism-related charges because of the 
so-called Watch List of Americans. Meanwhile, I have residents, 
even one of my local mayors, being harassed and wrongfully 
profiled at airports, detained for hours. Their phones are 
removed, Chairman. Phones. Canadian PM called me asking my team 
for help for innocent families that are also, again, no longer 
able to fly because of this Watch List. These are American 
citizens. They have rights and deserve some dignity as the rest 
of us.
    And this is important because people think, well, it is 
just Muslims. It may be Muslims today, Mr. Chair, but I do not 
see any reason that this should again be partisan because, 
after all, the FBI can get away with doing this to any group of 
American citizens. Today it may be Muslims, but, again, it 
could be another group that they target. So, it is great again 
that we are talking about this specific security clearance 
issue, but, Mr. Chair, if I may please, we should talk about 
and hear more about this Watch List of Americans and bring the 
FBI before this Committee to discuss it. Thank you so much, and 
I yield.
    Mr. Sessions. The gentlewoman yields back her time. Thank 
you very much. I do not need to respond to the gentlewoman now, 
but I would encourage her to please come sit down with Mr. 
Mfume and myself and would remind her that we have thousands of 
people who are here in this country who are watched, and two of 
them were in Boston. They were the Boston bombers. We knew that 
they were in this country, and we knew. All I am suggesting to 
you is we would welcome that discussion, Mr. Mfume and myself. 
I am sure would be pleased to listen to you, and thank you very 
much.
    We are now evidently on a vote. I have not had a chance to 
have my 5 minutes, doubtful that I will use that. I had an 
opportunity over the last days to speak with both of you for 
almost an hour, perhaps maybe more than that.
    I want to go back to Ms. Czyz, who made a statement which I 
consider to be extraordinarily important to this entire matter, 
and that was regardless of the timeframe, regardless of the 
money, it has got to be done correctly. I am paraphrasing. Mr. 
Cattler, can you please respond directly back to that because, 
as we were earlier greeting each other, I said to you I was 
concerned about the architecture. You said that architecture is 
something, Congressman Sessions, and we have that person here.
    Well, I assume that the experts--I used to do this at the 
organization up in New Jersey where we would do architecture 
things--they determine the best outcome. Can you tell us are 
you going to do, as you have heard Ms. Czyz say, get this done 
and have it done correctly? Obviously your testimony is within 
time, within the money. Are you going to get it done properly?
    Mr. Cattler. Congressman, we will get it done properly. I 
do not feel undue pressure to move quickly because, as I have 
said, it is important that we get it right, and if that takes a 
little bit of time to do, then I think that is appropriate and 
acceptable. But at the same time, I am also mindful, as Members 
of this Committee have highlighted just in this hearing, that 
we are 8-and-a-half years into a 3-year program. We are $1.345 
billion spent on about a $700 million program, and every penny 
counts. The taxpayers are not just entitled to and expecting 
that we deliver the software with the capability that is 
required, but they know that we need it because they are 
entrusting--I have entrusted some of my most important personal 
data over the course of my more than 30-year career to the 
government. My own Agency vetted me and validated me for my 
clearance while I served at NATO.
    So, what we are trying to balance are those two things: 
getting it done right and taking the time to do so, but also 
recognizing that we are well behind, and it is unacceptable. 
So, we are trying to move with an appropriate sense of urgency, 
but we are doing so responsibly. But I have confidence in my 
team, in our partners, and in our oversight that we are working 
well together, and that we will fix this and deliver the 
capability that the American taxpayers need, deserve, and are 
paying for.
    Mr. Sessions. Thank you. Mr. Mfume, what I would agree on 
the statement, I am sure he will have a chance to affirm that, 
but get it done right. Getting it done right, we have not 
pushed you to a timeframe, to a money allocation, but you have 
done that as a responsible manager, and you will be held 
accountable to that, and I appreciate you very much. Mr. Mfume, 
would you like to say anything before we go we go?
    Mr. Mfume. Well, Mr. Chairman, I just want to thank----
    Mr. Sessions. The gentleman is recognized.
    Mr. Mfume [continuing]. Both witnesses again for their 
testimony, both their oral testimony as well as what is 
written. I look forward to receiving any additional documents 
or information, and I look forward to reconvening in October so 
that we may have some sense of where we are today juxtaposed 
against where we find ourselves then. And I would invite, on 
behalf of the chairman and myself obviously, both of you to 
sort of be ready to come back to see us again. Thank you both.
    Mr. Sessions. Thank you very much. In closing, I want to 
thank our witnesses, the distinguished gentleman from Maryland. 
And I want to also say that, without objection, all Members 
will have 5 legislative days within which to submit materials 
and additional written questions for the witnesses which will 
be forwarded to the witnesses if we have those questions.
    Mr. Sessions. If there is no further business, without 
objection, the Subcommittee stands adjourned. I want to thank 
the witnesses very much.
    [Whereupon, at 3:36 p.m., the Subcommittee was adjourned.]

                                 [all]