Posts

Showing posts from December, 2011

Putting it all together-The Impact of the Influential FSO

FSOs should understand more than just the technical aspects of administering a security program.  Understanding how to mark, safeguard and disseminate classified information is important. However, the FSO should reach beyond the description of implementing a security program to safeguard classified material. The position also requires: 1.  Assessing risks to the classified material 2.  Interpreting safeguarding requirements 3.  Communicating and incorporating a culture of compliance within the organization 4.  Projecting the impact of classified contracts on the enterprise. To do this, the FSO should possess the vision and skills to see where the security program needs to go, how to get there and encourage a security vision from the senior executive level downward. Without the proper influence, the FSO is may not be able to run a program to protect classified material Effective tools include: • Helping form...

Appointing the Right FSO

The Cleared Contractor appoints a Facility Security Officer (FSO) to protect the work on classified contracts and provide important administrative functions to maintain the security clearanc e of the business and cleared employees. However, the FSO can be much more impacting by applying understanding of four important functions: 1.  How to protect classified information as it relates to the cleared contract, organizational growth, enterprise goals, and NISPOM guidance 2.  How to conduct a risk analysis 3.  Demonstrate cost, benefits and impact of supporting a classified contract under the NISPOM requirements and sustain an environment of cooperation and compliance within the enterprise. 4.  Influence and compel the senior leaders to make good decisions, support compliance and integrate security into the corporate culture. After all, good industrial security practices protect against damage to national security, but cou...

4 Practice Questions to Prepare You for Industrial Security Professional ISP Certification

Image
Thinking about getting security certification? Consider ISP Certification The following questions are from ISP Certification-The Industrial Security Professional Exam Study Manual 107. What method of justification should a contractor submit to attend a classified meeting? a. List the classified contract involved b. Cite the clearance level c. Give company CAGE code d. Submit job position e. List qualifications 108. Contractors may keep classified information generated under IR&D provided: a. Their contract is still active b. The originating program manager is still employed c. The FSO catalogs the information d. Adequate storage capability exists e. The contractor maintains facilities on Government property 109. Executive Order 12829 requires heads of agencies to enter into agreement with: a. FSO b. Foreign Governments c. Secretary of Defense d. Department of Labor e. Department of Energy 110. How do you mark unclassified material to simulate SECRET? a. EX...

6 Great Reasons to Mark Classified Information

Image
Classification markings are applied to the top and bottom, front and back of classified items. Markings are also found in internal pages, paragraphs and other locations inside documents, books, manuals and other paper based products. Here are the top reasons for marking classified information: Warn and inform a user that an item is indeed classified or sensitive Conveys what exactly needs protection  Identifies levels of classification or sensitivity Provides vital information and instruction on when to downgrade or declassify the material Gives sources and reason for classifying the item Warns of special access, control, dissemination or safeguarding requirements Find out more in DoD Security and Contracts Guidebook -What You Need to Know About Your Need to Know Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . Jeff is an accomplished writer of non-fiction books, novels and periodicals. He also owns Red...

3 Effective Ways to Go Above and Beyond with Category 7 of the NISP Enhancement

Category 7 of the NISP Enhancement is:  Counterintelligence Integration/Cyber Security provides a tool that cleared contractors can use to demonstrate exceeding NISPOM requirements. Injecting this into the security program also enhances security by bringing to light types and frequency of suspicious contacts. 1.       The purposeful execution of Foreign travel pre-briefings-When employees travel to a foreign country, they may be targeted to provide sensitive information. A threat and/or defensive briefing should be provided to all cleared employees per NISPOM Chapter 3 ( NISPOM Training ). The briefings should be documented with signatures, dates and contents of briefings for presentation to Defense Security Services (DSS) industrial security representatives. 2.     Conducting debriefings once the employees return from foreign travel. It is a tool to follow-up with the threat or defensive security briefing presented prior to the foreign tra...

Four Powerful Ways FSOs Can Employ in Creating a Security Conscious Enterprise

1.  Influence at all levels-A key trait an FSO should demonstrate is the ability to work within organizational structures to gain executive, manager and work force cooperation. An FSO can train and write policy but without the enterprise’s full cooperation, will find it difficult to enforce. 2.  Integrate security at all levels-A well integrated security plan ensures that all business units within an enterprise notify the FSO of any change in disposition of cleared employees or classified contracts. This integrated system will trigger the contracts, program manager, business development and other units to coordinate with and keep the FSO informed of expired, current, and future contract opportunities and responsibilities. 3.  Be fiscally responsible-An important task that an FSO faces is the successful implementation of the security program while supporting the company’s primary mission; to make money while successfully performing on classified contracts. Security eff...

Why the US Government Assigns Classification Levels and the DoD Contractor Responsibilities

The US Government has designed policy to ensure that classified material is protected at the level designated to prevent unauthorized disclosure. Classified information is marked by an original classification authority (OCA) with CONFIDENTIAL, SECRET or TOP SECRET and cleared contractors should protectect it at the appropriate level. TOP SECRET has more restrictions than SECRET and SECRET has more restrictions than CONFIDENTIAL. Each must be protected according to the classification markings. For example, unauthorized disclosure of CONFIDENTIAL information could reasonably be expected cause damage; SECRET could reasonably be expected to cause serious damage; and TOP SECRET could reasonably be expected to cause exceptionally grave damage to national security. The OCA provides classification level information through the DD Form 254, security classification guide and through classification markings. When the classification level is determined, all related classified inf...