Sunday, July 29, 2012

DoD Security Clearances and Contracts Guidebook Just Nominated for Award.

Red Bike Publishing and Jeffrey W. Bennett, ISP just received the following good news

"Congratulations, Jeffrey! Your book "DOD Security Clearances" has been nominated for a Military Writers Society of America award in the How To/Business genre. This nomination is in recognition of the reviewer's high opinion of your work."

Cheers everyone








Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . Jeff is an accomplished writer of non-fiction books, novels and periodicals. He also owns Red bike Publishing. Published books include: "Get Rich in a Niche-Insider's Guide to Self Publishing in a Specialized Industry" and "Commitment-A Novel". Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training" See Red Bike Publishing for print copies of: Army Leadership, The Ranger Handbook, The Army Physical Readiness Manual, Drill and Ceremonies, The ITAR,and The NISPOM

Wednesday, July 25, 2012

Industrial Security Professional Certification Training.

Try these questions. Scroll down for answers:


1. Destruction records must contain _____ and be kept for _____.
a. Date of destruction, two years 
b. SSN of destroyer, two years
c. Name of destroyer, one year
d. ID material destroyed, one year
e. Date of Classification, five years

2. Which types of door locking devices are approved for access to closed area entrance doors?
a. Key operated pad lock 
b. Handprint reader
c. Deadbolt key lock
d. Swipe card reader
e. All the above

3. During the accreditation cycle the _____ may grant an interim approval to operate the system.
a. FSO
b. ISSM
c. ISSO
d. CSA 
e. GCA

4. The _____ shall contain IS ID and location and a statement signed by ISSM certifying that IS
implements the requirements in the security plan.
a. SSP
b. IS Certification Report 
c. Master SSP
d. SPP
e. Security Classification Guide



Answers follow:



1. Destruction records must contain _____ and be kept for _____.
a. Date of destruction, two years (NISPOM 5-707)
b. SSN of destroyer, two years
c. Name of destroyer, one year
d. ID material destroyed, one year
e. Date of Classification, five years

2. Which types of door locking devices are approved for access to closed area entrance doors?
a. Key operated pad lock (NISPOM 5-8091e)
b. Handprint reader
c. Deadbolt key lock
d. Swipe card reader
e. All the above

3. During the accreditation cycle the _____ may grant an interim approval to operate the system.
a. FSO
b. ISSM
c. ISSO
d. CSA (NISPOM 8-202b)
e. GCA

4. The _____ shall contain IS ID and location and a statement signed by ISSM certifying that IS
implements the requirements in the security plan.
a. SSP
b. IS Certification Report (NISPOM 8-202g)
c. Master SSP
d. SPP
e. Security Classification Guide


Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . Jeff is an accomplished writer of non-fiction books, novels and periodicals. He also owns Red bike Publishing. Published books include: "Get Rich in a Niche-Insider's Guide to Self Publishing in a Specialized Industry" and "Commitment-A Novel". Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training" See Red Bike Publishing for print copies of: Army Leadership, The Ranger Handbook, The Army Physical Readiness Manual, Drill and Ceremonies, The ITAR,and The NISPOM

How Personnel Security Clearances are Granted

The Defense Industrial Security Clearance Office (DISCO) processes security clearances for organizations falling under the National Industrial Security Program (NISP). According to Executive Order 12968—Access to Classified Information, employees should not be granted access to classified information unless they possess a security clearance, have a need to know the classified information involved, received an initial security briefing and have signed a nondisclosure agreement.


The Facility SecurityOfficer (FSO) is a position that the defense contractor must appoint during the Facility Clearance (FCL) approval process. The FSO implements a security program to protect classified in information. They also request investigations for employees who require a security clearance. What this means is, all cleared contractors must appoint an FSO. It could be the business owner in a small organization or an employee with an additional duty. The primary qualifications of an FSO are to be a US Citizen and have a PCL at the same level as the FCL. It is possible for an FSO to be the sole employee in the company.
The contractor and Defense Security Services (DSS) have joint responsibilities with the Personnel Clearance (PCL) process as they do with the FCL process. When the FCL is being granted, key employees should complete a Questionnaire for National Security Positions, also known as Standard Form (SF 86). Part of the process includes ensuring that the applicants are US Citizens. They should submit the application to the FSO who then submits applications to DISCO. An investigation is conducted and the central adjudication facility (CAF) makes a security clearance determination. The determination is then entered into the Joint Personnel Adjudication (JPAS), the Department of Defense provided system where security clearance information is stored. Other government organizations may have different systems. Once entered into JPAS, the FSO can grant access based on need to know and the clearance level.
The SF 86 is where the applicant can affect the speed of the security clearance process. A properly filled out application form is the key. Incomplete or inaccurate information is the number one cause of clearance delays. Names, addresses, telephone numbers, and dates of birth for relatives should be gathered as background research. Fortunately the SF 86 form is online and requires only filling out once. When a clearance is up for renewal, the applicant can log in their SF 86 and make updates.
DSS and FSOs use JPAS to update personnel information. This system allows instantaneous updates of records as well as notification of access, denial or revocation of clearances. At the time of this writing, there are more than 89,000 users of JPAS and 23,000 are from defense contractors.
Not everyone investigated is guaranteed a security clearance. In some instances a clearance can be denied, revoked or suspended. The employee’s background is investigated thoroughly for the initial clearance and again every five to fifteen years while maintaining a clearance and depending on the required security clearance level. In the event that a security clearance is denied, suspended or revoked, DSS will also notify the FSO. The FSO will then deny access to classified material to that employee and update JPAS.


Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . Jeff is an accomplished writer of non-fiction books, novels and periodicals. He also owns Red bike Publishing. Published books include: "Get Rich in a Niche-Insider's Guide to Self Publishing in a Specialized Industry" and "Commitment-A Novel". Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training" See Red Bike Publishing for print copies of: Army Leadership, The Ranger Handbook, The Army Physical Readiness Manual, Drill and Ceremonies, The ITAR,and The NISPOM

Wednesday, July 4, 2012

FSO Training, NISPOM Training


NISPOM Training

NISPOM Training
Discover how to meet NISPOM requirements
Did you know that NISPOM requires cleared contractors to provide employees with:
Initial Security Briefings
Annual Security Awareness Training
Cleared contractors are required to brief their cleared employees upon hiring and provide training every year thereafter. It’s easy when there is a Facility Security Officer (FSO) on site. In that case the FSO is overhead and develops the training as part of their daily duties.
Does your business have time to focus on training requirements?
Defense contractors and cleared contractors with one to a few hundred employees may have FSOs designated in addition to regular duties. COOs, engineers, CFOs, HR and other professionals don’t have time to create and execute training while performing on contract.
That’s where Red Bike Publishing can help.
An FSO can spend several hours designing training. At $35.00 per manager work hour, that could end up costing at least $150.00, not including the costs associated with brining the FSO off a contract to perform out of scope work. Our low cost, high value training package allows you to concentrate on your core competencies while we provide your required training. Our NISPOM Training contains requirements for the Annual Security Awareness and Initial Security Training. Just download our slides and lead the discussion, the notes are already filled out and ready to read.
NISPOM Training $99.95
Add to Cart
FSOs have a huge responsibility to protect classified information. As such, these FSOs may be owners, engineers, human resources or appointed employees with other additional duties. If you are an appointed FSO with other duties, you might be just too involved running your company to create a training program.
Red Bike Publishing can help. We’ve created an easy to use presentation that you can download and deliver. Notes are available straight from the NISPOM. You can read them word for word or you can tailor the presentation to meet your organizational needs. Once complete, you’ll meet the National Industrial Security Program (NISPOM) and Defense Security Services (DSS) training requirements.
NISPOM Initial Security Training /Refresher Security Training
The main presentation is great for initial training or for refresher annual security awareness training required of all cleared employees. (NISPOM 3-103 and 3-104).
When you invest with this training program you will receive a link for the main presentation and a quarterly email link for the topical training. Topics include NISPOM requirements:
  • Threat Awareness
  • Defensive Training (foreign travel briefing)
  • Overview of the Security Classification System
  • Employee Reporting Obligations and Requirements
  • Safeguarding Classified Material
  • Marking Classified Material
  • Performing on Classified Contracts
  • Original Classification Authority
Sample presentations
The following are sample presentations that you can download. Since these are samples, they are just a small representation of the actual briefings you will receive.
Sample Defensive Security Briefing (email ready for cleared employees)
Sample Main Presentation (perfect for presentation at annual security awareness training and initial security awareness briefings)
Order now and receive the presentation and a quarterly presentation that you can email to cleared employees. This is a great way to keep your cleared employees trained throughout the year, not just annually.
$99.95
Receive an article about cleared contractor security metrics, security training and much more. Just fill in the information below and you’re on your way.


You focus on core competencies while we focus on ours
Cleared contractors have to follow NISPOM requirements to keep their security clearances. They have to keep their security clearances to perform on classified contracts. Wouldn’t it be nice to be able to let someone else take care of your training needs?
Again, the training you download addresses NISPOM required topics. All you have to do is deliver to cleared employees. You can read it word for word, tailor the information for your mission, or simply let employees read the presentation themselves. It’s that easy.
If you would like more information about NISPOM training send an email to editor@redbikepublishing.comwith your First Name and email address.

  
Success can be yours.
Download and present our training for your employees.
All the best
Jeff Bennett


View Cart


Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . Jeff is an accomplished writer of non-fiction books, novels and periodicals. He also owns Red bike Publishing. Published books include: "Get Rich in a Niche-Insider's Guide to Self Publishing in a Specialized Industry" and "Commitment-A Novel". Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training" See Red Bike Publishing for print copies of: Army Leadership, The Ranger Handbook, The Army Physical Readiness Manual, Drill and Ceremonies, The ITAR,and The NISPOM

How FSOs can Help Subcontractors Perform On Classified Contracts


Defense contractor?  So What. Cleared Contractor? What does it really mean? Just because an entity does business with the government or is cleared for classified work, doesn’t mean they are at the same level of performance as legacy organizations. It’s tempting to assume that every cleared contractor Facility Security Officer (FSO) as “appointed” by the National Industrial Security Program Operating Manual (NISPOM) attends professional organization meetings, are Industrial Security Professional (ISP) Certified and fully comprehend International Traffic In Arms Regulations (ITAR). But, it’s just not so.

Not all defense contractors are created equally. Cleared defense contractors may be approved to possess classified information on location with storage approval. Others may not have storage approval, but cleared to provide security clearances for classified performance at customer or other off site locations. Large defense contractors may have an entire staff devoted to the protection of classified information, physical security, operations security, contracts security, special access and etc. Small contractors may have similar responsibilities, but operate with just a few employees with one appointed as FSO.

With all the differences, let’s talk about common ground. Several cleared contractors can have contractual relationships. They can be bound in a relationship by classified contracts. For example, a cleared contractor can be a prime contractor with supporting sub contractors. In this example, Highup, Inc is in a contractual relationship with a government customer. HighUp, Inc. builds satellites, but subcontracts engineer support and payload providers. Box, Inc. provides specialty payload storage for Highup, Inc. and Engineerthis, Inc provides analysis and feasibility studies.

Box, Inc. and Engineerthis, Inc. are small companies consisting of five or fewer employees. Box Inc. just got approved for a facility clearance and Engineerthis, Inc has had one for only a year. Both are performing well, but are struggling with security requirements. They both have “appointed” FSOs who have taken required Defense Security Service classes and FSO certification training. However, application of the NISP is still a mystery.

Highup, Inc can make a difference by providing guidance and assistance. Instead of leaving the two subcontractors to their own devices, the prime can help protect national security, proprietary information and keep technical information out of the public domain through coaching or spelling out requirements.

Here are several ways to do so:

1. Establish requirements in the contract. The prime contractor can simplify the subcontractors requirements by spelling out classified performance expectations in the statement of work and the DD Form 254. Specifically: Discuss the classification level of work, classified information and equipment as applicable. Describe where work will be performed and how to protect it while performed. Help the subcontractor understand their responsibilities per NISPOM. Spell out how classified information will be stored, transported, destroyed and discussed.

2. Invite the appointed FSO to NISPOM training. Many professional organizations have workshops; why shouldn’t contractor have own. Workshops are very good venues for discussion and demonstrating how to wrap and mail classified information, how to designate restricted areas or protect classified discussions. Don’t assume that everyone will already know how to do this.

3. Invite the appointed FSO to professional organization meetings and training. You may already be active members of a professional organization and can show a good return on investment that the other organizations may not be able to understand. The smaller organizations may feel there is no return on investment to give up research and development time to participate in a security function.  They may be able to provide a compelling reason for the others to join them.

It’s tempting to assume that everyone understands all requirements of performing business with the government and protecting classified information. However, it’s not always the case. When possible, go the extra mile to help an inexperience contractor to improve their understanding of working under NISPOM requirements.




Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . Jeff is an accomplished writer of non-fiction books, novels and periodicals. He also owns Red bike Publishing. Published books include: "Get Rich in a Niche-Insider's Guide to Self Publishing in a Specialized Industry" and "Commitment-A Novel". Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training" See Red Bike Publishing for print copies of: Army Leadership, The Ranger Handbook, The Army Physical Readiness Manual, Drill and Ceremonies, The ITAR,and The NISPOM

The NISPOM and FSO Certification


National Industrial Security Program Operating Manual (NISPOM)

National Industrial Security Program Operating Manual (NISPOM)
The National Industrial Security Program Operating Manual (NISPOM) is Not Just For Security Managers; It’s for Everyone.
Large NISPOM
Add to Cart
Small NISPOM
Add to Cart
It’s not just for the FSO. Every Cleared employee should have a copy. Red Bike Publishing has published a book store quality NISPOM. A sleek new professionally designed cover adorns our product. This NISPOM includes updates from DSSand the Industrial Security Letters. Most companies print their own NISPOMs which sometimes yields poor quality and a hard to read product. Red Bike Publishing has added a professional edge to the NISPOM for about the same as it costs to print your own. Our publisher quality books have crisp writing that is refreshing to read. Your cleared employees may actually spend more time reading this.
Long gone is my big and bulky 3 ring binder.  This book (NISPOM) takes up a fraction of the room on your desk, and is portable enough to take to any security meeting. 
–Jackie Tippins, ISP
Red Bike Publishing understands that the NISPOM is available online. However, if you want to avoid paper jams, double sided printing, hole punching, and binding, consider getting our book store quality product for a professional appearance.
Purchase from Red Bike Publishing for full retail or Amazon.com for tremendous discounts.
NISPOM addresses a cleared contractor’s responsibilities:
  • Security Clearances
  • Required Training and Briefings
  • Classification and Markings
  • Safeguarding Classified Information
  • Visits and Meetings
  • Subcontracting
  • Information System Security
  • Special Requirements
  • International Security Requirements
  • and much more

Please read before you finish your purchase…

You don’t need a PayPal account to purchase our books. Just select the add to cart and you will be led to the PayPal site where you can purchase with your personal or corporate credit card.
Now you have purchasing choices:
You can buy from Red Bike Publishing, or select the Amazon.com or other bookstore links.
If you choose to buy from us, you can pay by credit card or paypal by selecting the “Add to Cart” button:
1. Click the “Add to Cart” button.
2. You will be taken to PayPal’s website and should see this product listed. On this page you must login with your PayPal account OR press the “Continue” button to enter your credit or debit billing information. You do not need to have a PayPal account to register.
3. Please read carefully and follow all of PayPal’s instructions for completing your transaction.
4. After you finish your transaction, you will be directed back to the product. If the page does not load after 5 seconds, please click the provided redirect link given by PayPal.
5. If you have any problems with the transaction, please contact us immediately at editor@redbikepublishing.com
Other books you might consider for performing under classified contracts. The FSO certification library:
 Table of Contents:
CHAPTER 1. GENERAL PROVISIONS AND REQUIREMENTS
Section 1. Introduction
1-100. Purpose…………………………………………………………………………………………..1-1-1
1-101. Authority………………………………………………………………………………………..1-1-1
1-102. Scope……………………………………………………………………………………………..1-1-2
1-103. Agency Agreements ……………………………………………………………………….1-1-2
1-104. Security Cognizance……………………………………………………………………….1-1-2
1-105. Composition of Manual…………………………………………………………………..1-1-2
1-106. Manual Interpretations…………………………………………………………………….1-1-3
1-107. Waivers and Exceptions to this Manual …………………………………………..1-1-3
Section 2. General Requirements
1-200. General……………………………………………………………………………………………..1-2-1
1-201. Facility Security Officer (FSO) …………………………………………………………1-2-1
1-202. Standard Practice Procedures…………………………………………………………….1-2-1
1-203. One-Person Facilities………………………………………………………………………..1-2-1
1-204. Cooperation with Federal Agencies and Officially Credentialed
Representatives of Those Agencies………………………………………………………………1-2-1
1-205. Security Training and Briefings…………………………………………………………1-2-1
1-206. Security Reviews………………………………………………………………………………1-2-1
1-207. Hotlines…………………………………………………………………………………………….1-2-1
1-208. Classified Information Procedures Act (CIPA)………………………………….1-2-2
Section 3. Reporting Requirements
1-300. General…………………………………………………………………………………………..1-3-1
1-301. Reports to be Submitted to the FBI………………………………………………….1-3-1
1-302. Reports to be Submitted to the CSA………………………………………………..1-3-1
1-303. Reports of Loss, Compromise, or Suspected Compromise……………….1-3-2
1-304. Individual Culpability Reports…………………………………………………………1-3-3
CHAPTER 2. SECURITY CLEARANCES
Section 1. Facility Clearances
2-100. General…………………………………………………………………………………………..2-1-1
2-101. Reciprocity……………………………………………………………………………………..2-1-1
2
2-102. Eligibility Requirements………………………………………………………………….2-1-1
2-103. Processing the FCL…………………………………………………………………………2-1-1
2-104. PCLs Required in Connection with the FCL……………………………………2-1-1
2-105. PCLs Concurrent with the FCL……………………………………………………….2-1-1
2-106. Exclusion Procedures ……………………………………………………………………..2-1-1
2-107. InterimFCLs ………………………………………………………………………………….2-1-2
2-108. Multiple Facility Organizations (MFOs)………………………………………….2-1-2
2-109. Parent-Subsidiary Relationships………………………………………………………2-1-2
2-110. Termination of the FCL…………………………………………………………………..2-1-2
2-111. Records Maintenance ……………………………………………………………………..2-1-2
Section 2. Personnel Security Clearances
2-200. General…………………………………………………………………………………………..2-2-1
2-201. Investigative Requirements……………………………………………………………..2-2-1
2-202. Procedures for Completing the Electronic Version of the SF 86……….2-2-1
2-203. Common Adjudicative Standards ……………………………………………………2-2-2
2-204. Reciprocity……………………………………………………………………………………..2-2-2
2-205. Pre-employment Clearance Action………………………………………………….2-2-2
2-206. Contractor-Granted Clearances ……………………………………………………….2-2-2
2-207. Verification of U.S. Citizenship ………………………………………………………2-2-2
2-208. Acceptable Proof of Citizenship………………………………………………………2-2-2
2-209. Non-U.S. Citizens …………………………………………………………………………..2-2-3
2-210. Access Limitations of an LAA………………………………………………………..2-2-3
2-211. InterimPCLs ………………………………………………………………………………….2-2-3
2-212. Consultants …………………………………………………………………………………….2-2-3
Section 3. Foreign Ownership, Control, or Influence (FOCI)
2-300. Policy ……………………………………………………………………………………………….2-3-1
2-301. Factors………………………………………………………………………………………………2-3-1
2-302. Procedures………………………………………………………………………………………..2-3-2
2-303. FOCI Action Plans……………………………………………………………………………2-3-2
2-304. Citizenship of Persons Requiring PCLs…………………………………………….2-3-3
2-305. Qualifications of Trustees, Proxy Holders, and Outside Directors ……..2-3-4
2-306. GSC………………………………………………………………………………………………….2-3-4
2-307. TCP………………………………………………………………………………………………….2-3-4
2-308. Annual Review and Certification………………………………………………………2-3-4
2-309. Limited FCL …………………………………………………………………………………….2-3-5
2-310. Foreign Mergers, Acquisitions and Takeovers and the Committee on
Foreign Investment in the United States (CFIUS) ………………………………………..2-3-5
CHAPTER 3. SECURITY TRAINING AND BRIEFINGS
Section 1. Security Training and Briefings
3-100. General…………………………………………………………………………………………..3-1-1
3-101. Training Materials…………………………………………………………………………..3-1-1
3-102. FSO Training………………………………………………………………………………….3-1-1
3-103. Government-Provided Briefings ……………………………………………………..3-1-1
3-104. TemporaryHelp Suppliers………………………………………………………………3-1-1
3
3-105. Classified Information Nondisclosure Agreement (SF 312)……………..3-1-1
3-106. Initial Security Briefings………………………………………………………………….3-1-1
3-107. Refresher Training ………………………………………………………………………….3-1-1
3-108. Debriefings …………………………………………………………………………………….3-1-1
CHAPTER 4. CLASSIFICATION AND MARKING
Section 1. Classification
4-100. General……………………………………………………………………………………….. 4-1-1
4-101. Original Classification…………………………………………………………………. 4-1-1
4-102. Derivative Classification Responsibilities…………………………………….. 4-1-1
4-103. Security Classification Guidance …………………………………………………. 4-1-1
4-104. Challenges to Classification…………………………………………………………. 4-1-2
4-105. Contractor Developed Information ………………………………………………. 4-1-2
4-106. Classified Information Appearing in Public Media……………………….. 4-1-2
4-107. Downgrading or Declassifying Classified Information………………….. 4-1-3
Section 2. Marking Requirements
4-200. General…………………………………………………………………………………………..4-2-1
4-201. Marking Requirements for Information and Material……………………….4-2-1
4-202. Identification Markings …………………………………………………………………..4-2-1
4-203. Overall Markings ……………………………………………………………………………4-2-1
4-204. Page Markings………………………………………………………………………………..4-2-1
4-205. ComponentMarkings……………………………………………………………………..4-2-1
4-206. Portion Markings…………………………………………………………………………….4-2-1
4-207. Subject and Title Markings……………………………………………………………..4-2-2
4-208. Markings for Derivatively Classified Documents…………………………….4-2-2
4-209. Documents Generated Under Previous E.O.s…………………………………..4-2-3
4-210. Marking Special Types of Material………………………………………………….4-2-3
4-211. Marking Transmittal Documents …………………………………………………….4-2-3
4-212. Marking Wholly Unclassified Material……………………………………………4-2-3
4-213. Marking Compilations…………………………………………………………………….4-2-3
4-214. Marking Miscellaneous Material …………………………………………………….4-2-4
4-215. Marking Training Material………………………………………………………………4-2-4
4-216. Downgrading or Declassification Actions ……………………………………….4-2-4
4-217. Upgrading Action……………………………………………………………………………4-2-4
4-218. Inadvertent Release…………………………………………………………………………4-2-4
CHAPTER 5. SAFEGUARDING CLASSIFIED INFORMATION
Section 1. General Safeguarding Requirements
5-100. General……………………………………………………………………………………………..5-1-1
5-101. Safeguarding Oral Discussions………………………………………………………….5-1-1
5-102. End of Day Security Checks……………………………………………………………..5-1-1
5-103. Perimeter Controls…………………………………………………………………………….5-1-1
5-104. Emergency Procedures……………………………………………………………………..5-1-1
4
Section 2. Control and Accountability
5-200. Policy……………………………………………………………………………………………..5-2-1
5-201. Accountabilityfor TOP SECRET……………………………………………………5-2-1
5-202. Receiving Classified Material………………………………………………………….5-2-1
5-203. Generation of Classified Material ……………………………………………………5-2-1
Section 3. Storage and Storage Equipment
5-300. General……………………………………………………………………………………………..5-3-1
5-301. GSA Storage Equipment…………………………………………………………………..5-3-1
5-302. TOP SECRET Storage……………………………………………………………………..5-3-1
5-303. SECRET Storage ……………………………………………………………………………..5-3-1
5-304. CONFIDENTIAL Storage ……………………………………………………………….5-3-1
5-305. Restricted Areas………………………………………………………………………………..5-3-1
5-306. Closed Areas…………………………………………………………………………………….5-3-1
5-307. Supplemental Protection……………………………………………………………………5-3-2
5-308. Protection of Combinations to Security Containers, Cabinets, Vaults
and Closed Areas…………………………………………………………………………………………5-3-2
5-309. Changing Combinations……………………………………………………………………5-3-2
5-310. Supervision of Keys and Padlocks…………………………………………………….5-3-2
5-311. Repair of Approved Containers…………………………………………………………5-3-2
5-312. Supplanting Access Control Systems or Devices ………………………………5-3-3
5-313. Automated Access Control Systems………………………………………………….5-3-3
5-314. Electronic, Mechanical, or Electro-mechanical Devices…………………….5-3-4
Section 4. Transmission
5-400. General…………………………………………………………………………………………..5-4-1
5-401. Preparation and Receipting……………………………………………………………..5-4-1
5-402. TOP SECRET Transmission Outside a Facility……………………………….5-4-1
5-403. SECRET Transmission Outside a Facility……………………………………….5-4-1
5-404. CONFIDENTIAL Transmission Outside a Facility…………………………5-4-1
5-405. Transmission Outside the United States and Its Territorial Areas……..5-4-1
5-406. Addressing Classified Material………………………………………………………..5-4-2
5-407. Transmission Within a Facility………………………………………………………..5-4-2
5-408. SECRET Transmission by Commercial Carrier ………………………………5-4-2
5-409. CONFIDENTIAL Transmission by Commercial Carrier ………………..5-4-3
5-410. Use of Couriers, Handcarriers, and Escorts………………………………………5-4-3
5-411. Use of Commercial Passenger Aircraft for Transmitting
ClassifiedMaterial …………………………………………………………………………………….5-4-3
5-412. Use of Escorts for Classified Shipments…………………………………………..5-4-4
5-413. Functions of an Escort …………………………………………………………………….5-4-4
Section 5. Disclosure
5-500. General…………………………………………………………………………………………..5-5-1
5-501. Disclosure to Employees…………………………………………………………………5-5-1
5-502. Disclosure to Subcontractors …………………………………………………………..5-5-1
5-503. Disclosure between Parent and Subsidiaries…………………………………….5-5-1
5-504. Disclosure in an MFO…………………………………………………………………….5-5-1
5-505. Disclosureto DoD Activities…………………………………………………………..5-5-1
5-506. Disclosure to Federal Agencies ……………………………………………………….5-5-1
5
5-507. Disclosure of Classified Information to Foreign Persons ………………….5-5-1
5-508. Disclosure of Export Controlled Information to Foreign Persons……..5-5-1
5-509. Disclosure to Other Contractors ………………………………………………………5-5-1
5-510. Disclosure of Classified Information in Connection with Litigation….5-5-1
5-511. Disclosure to the Public…………………………………………………………………..5-5-1
Section 6. Reproduction
5-600. General…………………………………………………………………………………………..5-6-1
5-601. Limitations……………………………………………………………………………………..5-6-1
5-602. Marking Reproductions…………………………………………………………………..5-6-1
5-603. Records…………………………………………………………………………………………..5-6-1
Section 7. Disposition and Retention
5-700. General…………………………………………………………………………………………..5-7-1
5-701. Retention of Classified Material………………………………………………………5-7-1
5-702. Termination of Security Agreement ………………………………………………..5-7-1
5-703. Disposition of Classified Material Not Received Under a Specific
Contract…………………………………………………………………………………………………….5-7-1
5-704. Destruction……………………………………………………………………………………..5-7-1
5-705. Methods of Destruction…………………………………………………………………..5-7-1
5-706. Witness to Destruction…………………………………………………………………….5-7-2
5-707. Destruction Records………………………………………………………………………..5-7-2
5-708. Classified Waste……………………………………………………………………………..5-7-2
Section 8. Construction Requirements
5-800. General…………………………………………………………………………………………..5-8-1
5-801. Construction Requirements for Closed Areas…………………………………..5-8-1
5-802. Construction Requirements for Vaults …………………………………………….5-8-1
Section 9. Intrusion Detection Systems
5-900. General…………………………………………………………………………………………..5-9-1
5-901. CSA Approval………………………………………………………………………………..5-9-1
5-902. Central Monitoring Station ……………………………………………………………..5-9-1
5-903. Investigative Response to Alarms……………………………………………………5-9-1
5-904. Installation………………………………………………………………………………………5-9-2
5-905. Certificationof Compliance…………………………………………………………….5-9-2
5-906. Exceptional Cases …………………………………………………………………………..5-9-2
CHAPTER 6. VISITS and MEETINGS
Section 1. Visits
6-100. General…………………………………………………………………………………………..6-1-1
6-101. Classified Visits………………………………………………………………………………6-1-1
6-102. Need-to-Know Determination…………………………………………………………6-1-1
6-103. Visits by Government Representatives…………………………………………….6-1-1
6-104. Visit Authorization………………………………………………………………………….6-1-1
6-105. Long-TermVisitors ………………………………………………………………………..6-1-1
Section 2. Meetings
6-200. General…………………………………………………………………………………………..6-2-1
6-201. Government Sponsorship of Meetings…………………………………………….6-2-1
6
6-202. Disclosure Authority at Meetings…………………………………………………….6-2-2
6-203. Requests to Attend Classified Meetings…………………………………………..6-2-2
CHAPTER 7. SUBCONTRACTING
Section 1. Prime Contractor Responsibilities
7-100. General……………………………………………………………………………7-1-1
7-101. Responsibilities………………………………………………………………..7-1-1
7-102. Security Classification Guidance………………………………………..7-1-1
7-103. Responsibilities (Completion of the Subcontract)…………………7-1-2
7-104. Notification of Unsatisfactory Conditions……………………………7-1-2
CHAPTER 8. INFORMATION SYSTEM SECURITY
Section 1. Responsibilities and Duties
8-100. General ………………………………………………………………………………………………..8-1-1
8-101. Responsibilities…………………………………………………………………………………….8-1-1
8-102. Designated Accrediting/Approving Authority………………………………………8-1-1
8-103. IS Security Manager (ISSM)………………………………………………………………..8-1-1
8-104. Information System Security Officer(s) (ISSO) ……………………………………8-1-2
8-105. Users of IS……………………………………………………………………………………………8-1-3
Section 2. Certification and Accreditation
8-200.Overview…………………………………………………………………………………………..8-2-1
8-201.Certification Process………………………………………………………………………….8-2-1
8-202.Accreditation……………………………………………………………………………………..8-2-1
Section 3. Common Requirements
8-300. Introduction…………………………………………………………………………………….8-3-1
8-301. Clearing and Sanitization ………………………………………………………………..8-3-1
8-302. Examination of Hardware and Software………………………………………….8-3-1
8-303. Identification and Authentication Management ……………………………….8-3-1
8-304. Maintenance …………………………………………………………………………………..8-3-2
8-305. Malicious Code ………………………………………………………………………………8-3-2
8-306. Marking Hardware, Output, and Media …………………………………………..8-3-3
8-307. Personnel Security…………………………………………………………………………..8-3-3
8-308. Physical Security ……………………………………………………………..8-3-3
8-309. Protection of Media ………………………………………………………….8-3-3
8-310. Review of Output and Media……………………………………………..8-3-3
8-311. Configuration Management ……………………………………………….8-3-3
Section 4. Protection Measures
8-400. Protection Profiles…………………………………………………………………………..8-4-1
8-401. Level of Concern…………………………………………………………………………….8-4-1
8-402. Protection Level ……………………………………………………………………………..8-4-1
8-403. Protection Profiles…………………………………………………………………………..8-4-1
Section 5. Special Categories
8-500. Special Categories…………………………………………………………………………..8-5-1
8-501. Single-user, Stand-alone Systems ……………………………………………………8-5-1
7
8-502. Periods Processing ………………………………………………………………………….8-5-1
8-503. Pure Servers……………………………………………………………………………………8-5-1
8-504. Tactical, Embedded, Data-Acquisition, and Special-Purpose
Systems …………………………………………………………………………………………………….8-5-2
8-505. Systems with Group Authenticators ………………………………………………..8-5-2
Section 6. Protection Requirements
8-600. Introduction…………………………………………………………………………………….8-6-1
8-601. Alternate Power Source (Power)……………………………………………………..8-6-1
8-602. Audit Capability……………………………………………………………………………..8-6-1
8-603. Backup and Restoration of Data (Backup)……………………………………….8-6-1
8-604. Changes to data (Integrity)………………………………………………………………8-6-2
8-605. Data Transmission (Trans)………………………………………………………………8-6-2
8-606. Access Controls (Access)………………………………………………………………..8-6-2
8-607. Identification and Authentication (I&A) ………………………………………….8-6-3
8-608. Resource Control (ResrcCtrl) ………………………………………………………….8-6-3
8-609. Session Controls (SessCtrl)……………………………………………………………..8-6-3
8-610. Security Documentation (Doc)………………………………………………………..8-6-4
8-611. Separation of Function Requirements (Separation) ………………………….8-6-5
8-612. SystemRecovery (SR) ……………………………………………………………………8-6-5
8-613. System Assurance (SysAssur)…………………………………………………………8-6-5
8-614. Security Testing (Test) ……………………………………………………………………8-6-5
8-615. Disaster Recovery Planning…………………………………………………………….8-6-6
Section 7. Interconnected Systems
8.700. Interconnected Systems Management………………………………………………8-7-1
8-701. Controlled Interface (CI) Functions …………………………………………………8-7-1
8-702. Controller Interface Requirements…………………………………………………..8-7-2
8-703. Assurances for CIs ………………………………………………………………………….8-7-2
CHAPTER 9. SPECIAL REQUIREMENTS
Section 1. RD and FRD
9-100. General……………………………………………………………………………………………..9-1-1
9-101. Authority and Responsibilities…………………………………………………………..9-1-1
9-102. Unauthorized Disclosures …………………………………………………………………9-1-1
9-103. International Requirements……………………………………………………………….9-1-1
9-104. Personnel Security Clearances…………………………………………………………..9-1-1
9-105. Classification…………………………………………………………………………………….9-1-1
9-106. Declassification…………………………………………………………………………………9-1-2
9-107. Challenges to RD/FRD Classification……………………………………………….9-1-2
9-108. Marking ……………………………………………………………………………………………9-1-2
Section 2. DoD Critical Nuclear Weapon Design Information (CNWDI)
9-200. General……………………………………………………………………………………………..9-2-1
9-201. Background ………………………………………………………………………………………9-2-1
9-202. Briefings……………………………………………………………………………………………9-2-1
9-203. Markings…………………………………………………………………………………………..9-2-1
9-204. Subcontractors…………………………………………………………………………………..9-2-1
8
9-205. Transmission Outside the Facility………………………………………………………9-2-1
9-206. Records …………………………………………………………………………………………….9-2-1
9-207. Weapon Data…………………………………………………………………………………….9-2-1
Section 3. Intelligence Information
9-300. Background…………………………………………………………………………………….9-3-1
9-301. Definitions………………………………………………………………………………………9-3-1
9-302. Key Concepts …………………………………………………………………………………9-3-1
9-303. Control Markings Authorized for Intelligence Information………………9-3-2
9-304. Limitation on Dissemination of Classified Intelligence Information …9-3-2
9-305. Safeguarding Classified Intelligence Information…………………………….9-3-3
9-306. Inquiries………………………………………………………………………………………….9-3-3
Section 4. Communication Security (COMSEC)
9-400. General…………………………………………………………………………………………..9-4-1
9-401. Instructions……………………………………………………………………………………..9-4-1
9-402. Clearance and Access Requirements……………………………………………….9-4-1
9-403. Establishing a COMSEC Account…………………………………………………..9-4-1
9-404. COMSEC Briefing and Debriefing Requirements …………………………..9-4-1
9-405. CRYPTO Access Briefing and Debriefing Requirements………………..9-4-2
9-406. Destruction and Disposition of COMSEC Material …………………………9-4-2
9-407. Subcontracting COMSEC Work……………………………………………………..9-4-2
9-408. Unsolicited Proposals ……………………………………………………………………..9-4-2
CHAPTER 10. INTERNATIONAL SECURITY REQUIREMENTS
Section 1. General and Background Information
10-100. General …………………………………………………………………………………………10-1-1
10-101. Applicable Federal Laws ………………………………………………………………10-1-1
10-102. Bilateral Security Agreements……………………………………………………….10-1-1
Section 2. Disclosure of U.S. Information to Foreign Interests
10-200. Authorizationfor Disclosure………………………………………………………….10-2-1
10-201. Direct Commercial Arrangements………………………………………………….10-2-1
10-202. Contract Security Provisions………………………………………………………….10-2-1
Section 3. Foreign Government Information
10-300. General …………………………………………………………………………………………10-3-1
10-301. Contract Security Requirements ……………………………………………………10-3-1
10-302. Marking Foreign Government Classified Material ………………………..10-3-1
10-303. Foreign Government RESTRICTED Information and “In Confidence”
Information………………………………………………………………………………………………..10-3-1
10-304. Marking U.S. Documents Containing FGI…………………………………….10-3-1
10-305. Marking Documents Prepared For Foreign Governments……………..10-3-1
10-306. Storage and Control ………………………………………………………………………10-3-2
10-307. Disclosure and Use Limitations …………………………………………………….10-3-2
10-308. Transfer…………………………………………………………………………………………10-3-2
10-309. Reproduction ………………………………………………………………………………..10-3-2
10-310. Disposition ……………………………………………………………………………………10-3-2
10-311. Reporting of Improper Receipt of Foreign Government Material…..10-3-2
9
10-312. Subcontracting………………………………………………………………………………10-3-2
Section 4. International Transfers
10-400. General……………………………………………………………………………………… 10-4-1
10-401. International Transfers of Classified Material……………………………… 10-4-1
10-402. Transfers of Freight …………………………………………………………………… 10-4-1
10-403. Return of Material for Repair, Modification, or Maintenance……… 10-4-2
10-404. Use of Freight Forwarders …………………………………………………………. 10-4-2
10-405. Handcarrying Classified Material ………………………………………………. 10-4-2
10-406. Classified Material Receipts ………………………………………………………. 10-4-3
10-407. Contractor Preparations for International Transfers Pursuant to
Commercial and User Agency Sales ………………………………………………………. 10-4-3
10-408. Transfers of Technical Data Pursuant to an ITAR Exemption…….. 10-4-3
Section 5. International Visits and Control of Foreign Nationals
10-500. General………………………………………………………………………………………….10-5-1
10-501. International Visits…………………………………………………………………………10-5-1
10-502. Types and Purpose of International Visits ………………………………………10-5-1
10-503. Emergency Visits…………………………………………………………………………..10-5-1
10-504. Requests for Recurring Visits…………………………………………………………10-5-1
10-505. Amendments…………………………………………………………………………………10-5-1
10-506. Visits Abroad by U.S. Contractors …………………………………………………10-5-1
10-507. Visits by ForeignNationals to U.S. Contractor Facilities ………………..10-5-2
10-508. Control of Access by On-Site Foreign Nationals…………………………….10-5-2
10-509. TCP………………………………………………………………………………………………10-5-3
10-510. Security and Export Control Violations Involving Foreign Nationals10-5-3
Section 6. Contractor Operations Abroad.
10-600. General …………………………………………………………………………………………10-6-1
10-601. Access by Contractor Employees Assigned Outside the
United States ……………………………………………………………………………………………..10-6-1
10-602. Storage, Custody, and Control of Classified Information Abroad
by Employees of a U.S. Contractor…………………………………………………………….10-6-1
10-603. Transmission of Classified Material to Employees Abroad……………10-6-1
10-604. Security Briefings………………………………………………………………………….10-6-2
Section 7. NATO Information Security Requirements
10-700. General………………………………………………………………………………………….10-7-1
10-701. Classification Levels ……………………………………………………………………..10-7-1
10-702. NATO RESTRICTED………………………………………………………………….10-7-1
10-703. NATO Contracts……………………………………………………………………………10-7-1
10-704. NATO Facility Security Clearance Certificate………………………………..10-7-1
10-705. PCL Requirements………………………………………………………………………..10-7-1
10-706. NATO Briefings……………………………………………………………………………10-7-1
10-707. Access to NATO Classified Information by Foreign Nationals……….10-7-1
10-708. Subcontracting for NATO Contracts ……………………………………………..10-7-1
10-709. Preparing and Marking NATO Documents……………………………………10-7-1
10-710. Classification Guidance …………………………………………………………………10-7-2
10-711. Further Distribution……………………………………………………………………….10-7-2
10-712. Storage of NATO Documents ……………………………………………………….10-7-2
10
10-713. International Transmission …………………………………………………………….10-7-2
10-714. Handcarrying…………………………………………………………………………………10-7-3
10-715. Reproduction…………………………………………………………………………………10-7-3
10-716. Disposition…………………………………………………………………………………….10-7-3
10-717. Accountability Records………………………………………………………………….10-7-3
10-718. Security Violations and Loss, Compromise, or Possible
Compromise………………………………………………………………………………………………10-7-3
10-719. Extracting from NATO Documents……………………………………………….10-7-3
10-720. Release of U.S. Information to NATO …………………………………………..10-7-4
10-721. Visits …………………………………………………………………………………………….10-7-4
CHAPTER 11. MISCELLANEOUS INFORMATION
Section 1. TEMPEST
11-100. General……………………………………………………………………………………… 11-1-1
11-101. TEMPEST Requirements………………………………………………………….. 11-1-1
11-102. Cost…………………………………………………………………………………………… 11-1-1
Section 2. Defense Technical Information Center (DTIC)
11-200. General …………………………………………………………………………………………11-2-1
11-201. User Community…………………………………………………………………………..11-2-1
11-202. Registration Process………………………………………………………………………11-2-1
11-203. Safeguarding Requirements…………………………………………………………..11-2-1
11-204. DTIC Downgrading or Declassification Notices……………………………11-2-1
11-205. Questions Concerning Reference Material…………………………………….11-2-1
11-206. Subcontracts………………………………………………………………………………….11-2-1
Section 3. Independent Research and Development (IR&D) Efforts
11-300. General …………………………………………………………………………………………11-3-1
11-301. Information Generated Under an IR&D Effort that Incorporates
Classified Information………………………………………………………………………………..11-3-1
11-302. Classification Guidance…………………………………………………………………11-3-1
11-303. Preparation of Security Guidance ………………………………………………….11-3-1
11-304. Retention of Classified Documents Generated Under IR&D Efforts11-3-1
APPENDICES
Appendix A. Cognizant Security Office Information………………………………………………………………………A-l
Appendix B. International Visits Standard Request for Visit Format (RFV)…………………………………. B-l
Appendix C. Definitions …………………………………………………………………………………………………………….. C-l
SUPPLEMENTS TO THE NISPOM
NISPOM Supplement…………………………………………………………………………………………..DoD 5220.22-M-Sup 1
View Cart
Large NISPOM $19.95
8.5 x 11”
230 Pages
ISBN:978098162060857
Red Bike Publishing
Add to Cart
Small NISPOM $15.95
6 x 9”
238 Pages
ISBN:978098162060826
Red Bike Publishing
Add to Cart



Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . Jeff is an accomplished writer of non-fiction books, novels and periodicals. He also owns Red bike Publishing. Published books include: "Get Rich in a Niche-Insider's Guide to Self Publishing in a Specialized Industry" and "Commitment-A Novel". Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training" See Red Bike Publishing for print copies of: Army Leadership, The Ranger Handbook, The Army Physical Readiness Manual, Drill and Ceremonies, The ITAR,and The NISPOM