One way to be a world class Facility
Security Officer at a cleared defense contractor facility is to provide
value to the enterprise. The National Industrial Security Program Operating
Manual (NISPOM) describes the FSO as responsible for developing and
implementing a security program to protect classified information. But is that
all FSOs are supposed to do? How about providing more value to the enterprise
by assisting other business units based on skills FSOs develop and demonstrate
beyond NISPOM.
FSOs are highly trained through FSO and NISPOM training. FSOs can better their bonefides with the Industrial
Security Professional (ISP) Certification
For example, in fortune 500 companies, the Chief Security
Officer or other similar title is responsible for IT security, physical
security, loss prevention and etc. So, are these roles covered adequately in
your enterprise? It’s not so clear cut at defense contractor facilities. There
is so much more that can be done and the enterprise will be grateful for the
assistance.
So, how
do FSOs get to the point where the
enterprise respects critical skills and desire their service, advice and
assistance?
First of all, FSO responsibilities should be part of
enterprise DNA. In other words, the FSO is part of the winning team that is the
enterprise and not just another stove piped department. For example, what
skills do FSOs possess that can assist HR in protecting personal identifiable
information? How can FSOs advise business development in getting foreign
business or partnering with uncleared defense contractors?
To function effectively in the corporate culture the FSO
should implement policies that are championed or accepted by other departments.
Human resources may include in their policy the progressing levels of
discipline that NISPOM requires. Safety may put into policy the care and
maintenance of egress and entry doors that are also used to protect classified
information. Likewise, security policy could include areas that impact other
business units.
NISPOM
and security clearances? They’ve got it. Cleared
employees know how to protect
classified information. What about the other stuff?
Other areas that concern the enterprise are the protection
of unclassified efforts. High value items, trade secrets, proprietary
information, and research and development efforts. Where the FSO understands
NISPOM, ITAR and other regulations, there is little guidance on protecting raw
data and other proprietary information.
Here are three ways FSOs can provide more value outside of
NISPOM:
- Help HR develop program to protect PII and be compliant with the Health Insurance Portability and Accountability Act of 1996 -HIPAA
- Put controls in place to enforce need to know of company trade secrets, intellectual property and proprietary information
- Develop a public release process to prevent accidental spillage of technical information
- Assist business development with protecting company information while presenting capabilities briefings.
FSOs are highly trained through FSO certification and NISPOM training to protect classified information. However as such, they should use transferable skills and initiative and look for ways to contribute to the enterprise that go outside of NISPOM. Doing so adds value and protects the enterprise.
For more information on adding value to your organization, read DoD Security Clearance and Contracts Guidebook
Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . Jeff is an accomplished writer of non-fiction books, novels and periodicals. He also owns Red bike Publishing. Published books include: "Get Rich in a Niche-Insider's Guide to Self Publishing in a Specialized Industry" and "Commitment-A Novel". Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training" See Red Bike Publishing for print copies of: Army Leadership, The Ranger Handbook, The Army Physical Readiness Manual, Drill and Ceremonies, The ITAR,and The NISPOM
No comments:
Post a Comment