1. In order to protect fragile intelligence resources and methods, SCI has been established as the SAP for:
a. NSA
b. GCA
c. DNI
d. CSA
e. GSA
2. Interim TOP SECRET FCLs or PCLs are valid for access to COMSEC at the ____ and ____ levels.
a. SECRET, TOP SECRET
b. TOP SECRET, CONFIDENTIAL
c. CONFIDENTIAL, FOUO
d. SECRET, FOUO
e. CONFIDENTIAL, SECRET
3. The COR establishes the COMSEC account and notifies the _____:
a. CSA
b. GCA
c. FSO
d. NSA
e. DIA
4. Contractors maintain TOP SECRET reproduction records for _____ years.
a. Two years
b. One year
c. Five years
d. Ten years
e. None of the above
5. Contractors are authorized to retain classified material received under contract for a period of _____ after completion of contract.
a. One year
b. Two years
c. Five years
d. 180 days
e. 90 days
Scroll down for answers....
1. In order to protect fragile intelligence resources and methods, SCI has been established as the SAP for:
c. DNI (NISPOM 9-302b)
2. Interim TOP SECRET FCLs or PCLs are valid for access to COMSEC at the ____ and ____ levels.
e. CONFIDENTIAL, SECRET (NISPOM 9-402c)
3. The COR establishes the COMSEC account and notifies the _____:
a. CSA (NISPOM 9-403b)
4. Contractors maintain TOP SECRET reproduction records for _____ years.
a. Two years (NISPOM 5-603)
5. Contractors are authorized to retain classified material received under contract for a period of _____ after completion of contract.
b. Two years (NISPOM 5-701)
Find way more questions in Red Bike Publishing's Unofficial Guide to ISP Certification
Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing .
He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures.
He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".
Information for the CIO, CSO, FSO, ISSO and other security professionals. Understanding NISPOM and ITAR compliance is tough. With over 12,000 cleared defense contractors, a majority of those don't have a security staff. We'll hope to help fill the gap. From security clearances to performing on classified contracts, you can find help here.
Tuesday, March 18, 2014
Facility Security Clearance Element
As a recap from the last article, we can apply the “Elements of Inspection” that are common to ALL cleared companies participating in the NISP. There are a few more elements that might be applied at unique cleared facilities, but facility security officers in those situations can adapt these articles to those specific needs. According to DSS’ The Self-Inspection Handbook for NISP Contractors, the five elements are:
(A) Facility Security Clearance (FCL)
(B) Access Authorizations
(C) Security Education
(D) FOCI
(E) Classification
A good place to start is the very beginning. This second article in the series will address how to integrate the Facility Security Clearance (FCL) into the overall security program designed to protect classified information.
Documentation is key.
Once a government contracting activity and/or prime contractor awards a contract, the defense contractor can begin preparing documentation to begin the facility security clearance (FCL) process. Proper documentation is required to get the FCL process started and must be maintained the entire time the defense contractor maintains their clearance. Defense Security Services is part of the clearance process and assist the defense contractor through the FCL process. As part of the FCL process, DSS works with the contractor to complete the required documents. Once the FCL is granted, DSS performs a vulnerability assessment and inspects NISPOM compliance (including required document maintenance).
Cleared defense contractors should keep all FCL related documents readily available both for reference and for future security audits. In an article on how to get an FCL, I outlined the requirements and explained the role of the following documents and actions the process follows in a very simplistic representation):
Just understanding what it takes to get the FCL process started lends to the importance of maintaining all original documents and updating as necessary. Some best practices include keeping these documents in a binder, folder or file for easy access and safe keeping. This administrative practice allows quick reference during security and certification reviews and protects the information for privacy and document configuration.
The following table is right out of The Self-Inspection Handbook for NISP Contractors:
(A) Facility Security Clearance (FCL)
(B) Access Authorizations
(C) Security Education
(D) FOCI
(E) Classification
A good place to start is the very beginning. This second article in the series will address how to integrate the Facility Security Clearance (FCL) into the overall security program designed to protect classified information.
Documentation is key.
Once a government contracting activity and/or prime contractor awards a contract, the defense contractor can begin preparing documentation to begin the facility security clearance (FCL) process. Proper documentation is required to get the FCL process started and must be maintained the entire time the defense contractor maintains their clearance. Defense Security Services is part of the clearance process and assist the defense contractor through the FCL process. As part of the FCL process, DSS works with the contractor to complete the required documents. Once the FCL is granted, DSS performs a vulnerability assessment and inspects NISPOM compliance (including required document maintenance).
Cleared defense contractors should keep all FCL related documents readily available both for reference and for future security audits. In an article on how to get an FCL, I outlined the requirements and explained the role of the following documents and actions the process follows in a very simplistic representation):
- The GCA or prime contractor provides a sponsorship memo
- The subject contractor applies for the clearance
- DSS, GCA or Prime Contractor and subject contractor address security clearance request documentation:
- Verify/Apply for CAGE Code
- Sign Department of Defense Security Agreement (DD Form 441)
- Complete a Certificate Pertaining to Foreign Interests (SF 328)
- Provide Organization Credentials (type of business, business structure, list of officer, etc)
- Identify Key Management Personnel for clearances
Just understanding what it takes to get the FCL process started lends to the importance of maintaining all original documents and updating as necessary. Some best practices include keeping these documents in a binder, folder or file for easy access and safe keeping. This administrative practice allows quick reference during security and certification reviews and protects the information for privacy and document configuration.
The following table is right out of The Self-Inspection Handbook for NISP Contractors:
A. FACILITY CLEARANCE
|
||||
NISPOM REF:
|
Question:
|
YES
|
NO
|
N/A
|
1-302g(3)
|
Have all changes (e.g. changes in ownership, operating name or address, Key Management Personnel (KMP) information, previously reported
FOCI information, or action to terminate business)
affecting the condition of the FCL been reported to your DSS IS Rep?
VALIDATION:
|
|
|
|
2-100c
|
Has the company’s FCL been used for advertising or promotional
purpose?
VALIDATION:
|
|
|
|
2-104
|
Are the senior management official, the FSO, and other KMP cleared as required in connection with the FCL?
VALIDATION:
|
|
|
|
2-106a-b
|
Have the proper exclusion actions been conducted for uncleared company officials?
RESOURCE: Temporary Exclusion
Resolution for KMP
Template under Key Management Personnel at:
http://www.cdse.edu/toolkits/fsos/personnel-clearances.html VALIDATION:
|
|
|
|
2-108
2-109
|
Are you familiar with the way your facility
is organized and
structured?
RESOURCE: Business Structure Job Aid under Facility
Clearance at:
http://www.cdse.edu/toolkits/fsos/facility- clearance.html
VALIDATION:
|
|
|
|
There are seven discussion areas in the, The Self-Inspection Handbook for NISP Contractors that address the FCL. These can all be verified based on maintaining the above documentation. Having the original FCL package and updating as necessary is the requirement. FSOs are expected to use the self-inspection handbook to verify that the enterprise is in compliance.
Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing .
He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures.
He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".Wednesday, March 12, 2014
NISPOM Security Programs Improved With 5 Elements
NISPOM |
By applying the five “Elements of Inspection” that are common to ALL cleared companies participating in theNISP, and the additional elements that might be applied at unique cleared facilities, facility security officers can control the opportunity a bit better. According to DSS’ The Self-Inspection Handbook for NISP Contractors, the five elements are:
(A) Facility Security Clearance (FCL)
(B) Access Authorizations
(C) Security Education
(D) FOCI
(E) Classification
Using the DSS publication as the intended guidebook, FSOs can glean important information and ideas for applying the elements to their own facilities. This guidance just doesn’t get the cleared contractor ready for the inspection, but when applied, it solidifies a sound and proven security program.
A goal is not usually a plan, it’s just a target. A goal might be to win the coveted DSS Cogswell Award, but without preparation, it’s just a hope; and hope’s no strategy. A driver just can’t just claim that they will travel to California from Washington, DC. They don’t just walk out to their car, point it toward the setting sun and say, “I declare I will be in LA by next Tuesday.” Without some sort of map or GPS, that western route will be fraught with obstacles and failure. A good plan will help them navigate those way points.
A strategy focused on the five elements is a great place to start. Each element is a way point that lets FSOs know where they are and what is needed to get to the next way point. Additionally, DSS will be following the same logic as they perform a vulnerability assessment on the cleared facilities. They will follow the same road map to determine the state of security as related to those elements.
Understanding the requirements of protecting classified information and applying the elements to the cleared facility is fundamental. In past, I’ve written articles about using these elements to determine cleared facility type, how to conduct targeted security training, how to use elements to build an ISP Certification exam study program and more. This next series of articles will address each element individually and give application that most FSOs can adopt.
Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".
Subscribe to:
Posts (Atom)