Security Executive Blog

ISP Certification 1. The _____ or _____ may inspect and monitor contractor, licensee, grantee, and certificate holder programs and facilities. a. Secretary of Defense, NRC b. Secretary of Energy, Secretary of Defense c. Secretary of Energy, FBI d. Secretary of Defense, DSS e. Secretary of Energy, Chairman of NRC 2. The requirement for heads of agencies to enter into agreement with the Secretary of Defense as the Executive agent for the NISP is: a. Reference a b. Executive order 12958 c. NISPOM d. Reference c e. Reference d 3. The CSA shall forward the names of cleared and briefed employees who shall serve as FSO, COMSEC and alternate COMSEC custodians to the: a. COR, GCA  b. NSA c. DoD d. DIA e. DOE 4. “The transfer of articles and _____ and related technical data to a foreign person…constitutes an export”. a. Services  b. Books c. Tools d. Weapons e. Aircraft The Answers (scroll down...

Interview with Jennifer Maki, Counsel Government Group at FLUOR In August 2009, President Obama directed a broad-based interagency review of the U.S. export control system, with the goal of strengthening national security and competitiveness of key U.S. manufacturing and technology sectors. As a resu lt, the Administration launched the Export Control Reform Initiative (ECR Initiative), which will fundamentally reform the U.S. export control system.  Understanding requirements and implementing best practices for export compliance is essential for avoiding International Traffic in Arms Regulations ( ITAR ) violations. marcus evans spoke to Jennifer before the upcoming 3rd Annual Advanced ITAR Compliance Conference . In her presentation, Ms. Maki will discuss global agreements and advancements surrounding technical assessment agreements (TAA). She will also explain the impact of the ECR initiative on TAAs and the implications for the international trade industry. Je...

Operations Security (OPSEC) is a great tool to help protect sensitive information. The five step process is an outstanding resource and exercise to determine exactly what should be protected and how to do it. Understanding OPSEC and its application to a program, event or activity empowers the user to control information. Having said that, many organizations miss the mark on OPSEC and  security  training . Too many times OPSEC is nothing more than a “bumper sticker” slogan. Meaning, if we invoke the magic words, we’ll be fully protected. However, nothing could more harmful. Here’s a few examples of misguided OPSEC training from various security and OPSEC seminar and training venues. The word OPSEC was used many times, but the application and relevance never connected. In one event OPSEC meant to not throw away your plane tickets because a dumpster diver at going through your home garbage would know that you had recently  traveled   At another venue, attendee...