NISPOM Fundamentals Training Protecting Classified Information

https://www.bennettinstitute.com/courses

NISPOM Fundamentals Webinar

Red Bike Publishing is now hosting a webinar with multiple installations. We used to host it at Udemy, but are hosting our own training.

Take NISPOM Classes one chapter at a time

Currently we have each of the NISPOM Chapters 1-8 available. Each lesson is 1 to 2.5 hour long consisting of lectures, presentations and graded quizzes. Soon I'll be loading the rest, but you can start training now.

Or all at once as we have bundled these courses.

We now have the NISPOM Fundamentals course ready to go. This course combines chapters 1-8 and is updated regularly with additional chapters and content. Register now and have access to all updates. As we update, we will be charging more depending on the amount of content. However, if you register now, this registration will include all future updates at no additional cost.

The fundamentals of NISPOM is $350.00. However, for the next few days, we offer them for the introductory price of $150.00

Here's the link to join.

https://bennettinstitute.com/courses/

Great way to train for:

• Newly cleared employees
• New Cleared Defense Contractor leadership
• New FSOs
• Those studying for certification (ISP, ISOC, etc)
• Students who want to learn more about NISPOM

We go through all the chapters and annexes.

• Classification
• Classified Processing on Information Systems
• Reporting requirements
• Closed areas
• International
• Classified meetings
• Protection
• Subcontracting
• and much more 
• It's all in one place

Register Here

My name is Jeffrey W. Bennett ISP, SAPPC, SFPC, ISOC. The acronyms after my name are DoD and other certifications I have received and are related to requirements for protecting classified information. For the past 20 years I have led security programs to protect classified information, served as an FSO, conducted risk assessments, and provided training for many, many security professionals.

I've taught this course over many years at the University of Alabama, Huntsville

I have also created a company called Red Bike Publishing (www.redbikepublishing.com) and have writing security books and training for the busy professional.

I want to help:

I've created a unique suite of training to increase your understand the NISPOM. We want to run it live with a select group and we choose you. 

The training can also be used to prepare for security roles and inspections. The training topics below include everything necessary for training the cleared employee workforce at the cleared defense contractor facility (CDC). Training topics also are part of the FSO certification program as well as resources for Industrial Professional (ISP) and Industrial Security Oversight Certification (ISOC).

All of our training is applicable for:

• Training cleared employees 
• Training Facility Security Officers and security personnel 
• Security certification such as ISP and ISOC

Warning:

This is not a guarantee that anyone can study and pass the security certification. We don't promise a magic bullet to certification or passing a DCSA audit. Not everyone will be able to earn an excellence in an audit or a perfect score on an exam.

However, with that said,

If you follow our guidance in our webinar and books, your chances of being prepared for audits or certifications exams will improve greatly.

You will be equipped to know NISPOM better than most and understand how to apply it to your business, audits, and certification exams. You can start just like I did by just studying the NISPOM and having the skills to pass exams and sail through security issues and audits; just as I have done.

This information is what others wish they had known. If they had had this information, they may have that certification or earned that promotion or even excelled at the DCSA audit.

Study with us:

The training topics will soon include what is required of all cleared employees as below:

• Initial training or for refresher annual security awareness training
• Insider Threat
• SF 312
• Derivative Classifier 

This information is what others wish they had known. If they had had this information, they may have a clearance by now.

If you are like me, one of the people who come straight to the end of the letter to find the offer, here you go. I'm offering you a little information to clarify the security clearance process. We just want to offer you something of value.

Register Here

Questions for SPeD, ISOC and ISP Certification

Get your copy @ www.redbikepublishing.com

These NISPOM based questions could be helpful in passing the NCMS ISP Certification and the DoD's SPeD Certification exams including the most recent Industrial Security Oversight Certification (ISOC).

Taking practice tests is a great way to prepare for an exam. Successful students in grade school and college study using guides and exam preparation questions based on the test subject material. This same successful methodology can also help prepare for professional exams like ISP Certification and SPeD Certification.

Practice tests augment certification exam preparation. Red Bike Publishing's Unofficial Study Guide features four complete test length practice exams based on NISPOM.

We've updated our manual for NISPOM Change 2.

The dispatching company security officer must provide the receiving security officer with _____ advance notice of the couriers expected date and time of arrival.

a. 48 hours

b. 72 hours

c. 24 hours

d. 12 hours

e. 86 hours


When completing the Request for Visit, the anticipated level of classified information involved include all the following EXCEPT:

a. TOP SECRET

b. SECRET

c. REGISTERED

d. RESTRICTED

e. UNCLASSIFIED


Which of the following are considered a CSA?

a. Department of Defense

b. Central Intelligence Agency

c. Department of Energy

d. The Nuclear Regulatory Commission

e. All the above


Scroll for answer:

The dispatching company security officer must provide the receiving security officer with _____ advance notice of the couriers expected date and time of arrival.

a. 48 hours

b. 72 hours

c. 24 hours (NISPOM 5-408d)

d. 12 hours

e. 86 hours



When completing the Request for Visit, the anticipated level of classified information involved include all the following EXCEPT:

a. TOP SECRET

b. SECRET

c. REGISTERED (NISPOM Appendix B4)

d. RESTRICTED

e. UNCLASSIFIED

Which of the following are considered a CSA?

a. Department of Defense

b. Central Intelligence Agency

c. Department of Energy

d. The Nuclear Regulatory Commission



e. All the above (NISPOM 1-104a)

So,  how did you do? These questions and more can be found in Red Bike Publishing's Unofficial Guide to ISP Certification,                                
DoD Security Clearance and Contracts Guidebook, as well as in NISPOM Training. Both resources provide excellent study material that may help with passing the ISP and SPeD certification exams.

According to reader comments and emails to the author, many who have bought this book used our techniques to augment their preparation have performed very well on certification exams.

                                           

Check out our newest resource, on line testing. Simulates testing environments for the ISOC and ISP.

For practice purposes, download the electronic version of the NISPOM and use it to help search the answers to the provided test questions. Use a timer to count down 120 minutes for each practice exam.
Register for the exam here:  https://www.classmarker.com/online-test/start/?quiz=jdm5dbdb6cb9c613

You can find additional certification training and resources at http://www.redbikepublishing.com/ispcertification/

NISPOM link 

https://www.esd.whs.mil/portals/54/documents/dd/issuances/dodm/522022m.pdf

Just select the “edit” tab and then “find”. Then type the key word or phrase from the test question to help find the answers.

Sample screen shot:

Consider visiting Red Bike Publishing for training that you can download and present to cleared employees as well as present to DSS during the annual review.

 Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".

Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".
--> --> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".

NISPOM Based ISP Certification Practice Questions

Taking practice tests is the best way to prepare for an exam. Successful students in grade school and college study using guides and exam preparation questions based on the test subject material. This same successful methodology can also help prepare for professional exams like ISP Certification and SPeD Certification. DSS has study material and tests available for those who enrol, NCMS has test study material as well.
Practice tests augment certification exam preparation. Red Bike Publishing's Unofficial Study Guide features four complete test length practice exams based on NISPOM. It could help you pass the ISP and SPeD certification exams.
Try these questions to see how you do:

1.      Classified working papers generated by contractors in preparation of finished project shall be:

a.            Dated when created

b.            Marked with overall classification and annotated “WORKING PAPERS”

c.             Stored separately from finished documents

d.            A and b 

e.             All the above

2.      What type of security reviews shall be conducted on cleared facilities?

a.            Periodic

b.            Aperiodic

c.             Annual

d.            Semi-Annual

e.             Monthly

3.      Contractors are required to report:

a.            Events that have an impact on FCLs

b.            Events that have an impact on PCLs

c.             Events that have an impact on ability to safeguard classified information.

d.            All of the above (NISPOM 1-302)

e.             B and c

Scroll down for answers:

1.      Classified working papers generated by contractors in preparation of finished project shall be:

a.            Dated when created

b.            Marked with overall classification and annotated “WORKING PAPERS”

c.             Stored separately from finished documents

d.            A and b (NISPOM 5-203b)

e.             All the above

2.      What type of security reviews shall be conducted on cleared facilities?

a.            Periodic

b.            Aperiodic (NISPOM 1-206a)

c.             Annual

d.            Semi-Annual

e.             Monthly

3.      Contractors are required to report:

a.            Events that have an impact on FCLs

b.            Events that have an impact on PCLs

c.             Events that have an impact on ability to safeguard classified information.

d.            All of the above (NISPOM 1-302)

e.             B and c

According to reader comments and emails to the author, many who have bought this book, the ISP Test Tips, and used our techniques to augment their preparation have performed very well on the exam. So how did you do? These questions and more can be found in Red Bike Publishing's Unofficial Guide to ISP Certification,  DoD Security Clearance and Contracts Guidebook, as well as in NISPOM Training. Both resources provide excellent study material that may help with passing the ISP and SPeD certification exams. 

DoD Security Professionals and Certification

 

 

Happy New Year DoD security and risk management professionals.

A new year, a new beginning; a great motto and motivational phrase. As such, this is the time of year to reflect upon your accomplishments and develop goals. Some of these goals impact only you, but may actually impact your organization. If your goals include professional certification and education, then use this article as a roadmap to get you there.

You may be aware of the many available certifications and this article addresses two prominent ones; Industrial Security Professional (ISP) ® and the Security Professional Education Development (SPeD) certifications. Both certifications are great ways to demonstrate professional competence that brings credit to the certified professional and the organization they support.

The ISP ® certification

The ISP ® certification is sponsored by NCMS and is based on the DoD, 5220.22-M, National Industrial Security Program Operating Manual (NISPOM), 2006, With Change 1. It is an open book exam available online. Those wishing to take the exam should coordinate with NCMS for the taking the test. This coordination will include addressing pre-requisites, applying for, determining a test date, finding a proctor, and taking the exam. NCMS also has a study program and mentors to help you through the process.

Security Professional Education Development (SPeD)

SPeD certification is a Department of Defense that is available to those working in the NISP. This includes contractors directly supporting DoD organizations. There are three core certifications available. They are Security Fundamentals, Professional Certification, Security Asset Protection Professional Certification, and Security Program Integration Professional Certification. You can find more information at www.cdse.edu

Certification Preparation

Fortunately both certifications require planning and coordination. In other words, it’s impossible to show up unannounced and take the exams. The level of test coordination requires months of advance planning to become vetted by the certification organizations. The vetting simply determines whether or not candidates possess the experience, skill level, and education stated as pre-requisites. The lead time from initial coordination to actual test execution can take up to a year. For procrastinators, this testing coordination process can be the trigger necessary to begin an intensive studying effort to prepare for the tests. So, coordinating a test date can propel a candidate to begin their study prep.

There are many ways to prepare for certification. Each certification has its own internal study program. The NCMS offers ISP ® certification as well as for incorporating into the SPeD certification preparation. Defense Security Services has an education program complete with online courses that focus on the NISPOM topics for ISP ® certification and other DoD level security topics appropriate for the SPeD certification.

There are also books and training appropriate for both certifications available at Red Bike Publishing. In addition to print versions of the NISPOM and ITAR. DoD Security Clearance and Contracts Guide Book is covers protecting classified information as addressed in the NISPOM. It takes the NISPOM and applies it to notional contract requirements and is a great resource for DoD and contractor security professionals. Additionally, Red Bike Publishing’s Unofficial Guide for ISP Certification has 440 NISPOM based questions.

Red Bike Publishing also has NISP security training that can be used to prepare for ISP ® and SPeD certification. These include Annual Security Awareness Training for Possessing and Non-Possessing Facilities, Derivative Classifier Training, SF 312 Training, and more.  These training programs review most National Industrial Security Program (NISP) topics.

Happy New Year and best of success developing and meeting all of your personal and professional goals.

FSOs and End of Day Security Checks

This section continues our discussion of the DSS’ The Self-Inspection Handbook for NISP Contractors. Now we are in Section M Classified Storage. So, here is the question:

5-102a Is there a system of security checks at the close of each working day to ensure that classified material is secured? 

Security checks help, period. However, they are only as good as the purpose they serve. Many times these checks are just a list of mundane actions forced on an employee to complete before they go home. Many times the checks are performed by employees on a duty roster pulling the job for a week at a time leaving at various times of the day. 

The real intent is to ensure classified information is locked up and inaccessible by uncleared personnel and those without need to know. Desktops, trash bins, printers, copiers are checked to ensure classified information has not been left unsecured.

GSA approved security containers are checked and initialed to ensure they are closed and locked properly. Closed area locks are checked as well as security alarms. The list goes on to ensure all situations where classified information has previously been available  has been secured and compromise has been mitigated. 

Now, security checks are important and so is the responsible party doing the checking. Often, any employee with a clearance is given the "duty". However, diligence should be made to ensure the checks are made at the right time. 

Here's a little hint at inherent, but rarely pondered danger. 

The end of day checks should be performed at the end of the duty day and not the end of the day for the employee on duty.

Did you get the play on words? 

The danger with a duty roster in many cases is that some employees performing the end of the day checks may not normally stay until the end of the duty day. Where the employee might leave at 3 pm, other employees might not leave until 5 pm. The two hour time difference is simply not providing the proper mitigation.

Within that two hours, an employee could reenter a closed area, open a security container, have a classified meeting, and etc. Life goes on after the designated end of day checker goes home.

Out side the box ideas: 

1. Have employees performing the duty alter their work schedule accordingly. Make sure that someone is covering down on the end of day checks at the end of the day.
Some even go so far as to put safety and housekeeping information as well.

2. Have a last call for classified information. If the normal duty day ends at 5 pm, ensure all classified information is secured by 4:45. Of course there are emergencies and case by case issues that can be dealt with upon request.

3. Assign end of day checks to only employees who leave at the end of the day. Build in additional "beginning of the day" performance measures for employees who arrive earlier in the day.

Another common problem is using the end of day check for safety and house cleaning. Re-think a separate check list for those issues. Employees should be focusing efforts on securing classified information, not ensuring the coffee pot is turned off.

Hang on to those end of day check lists. DSS will want to see them during the review. Be sure to check for them during your self-inspection.

We've covered this discussion in depth in 2012 and 2013 posts.  As a reminder here are the links for further discussion of this important issue:

http://dodsecurity.blogspot.com/2013/03/traditional-security-tools-in-unique.html

http://dodsecurity.blogspot.com/2010/11/storing-classified-information-keeps.html#links

Though not required by NISPOM, government forms are available on line for use or just to serve as model in the strengthening of security programs. Companies are free to use these forms or create their own. The government forms are available online. One such form is the Activity Security Check List, Standard Form 701. Again, unless the contract or Government agency requires the use of a specific format, the company is free to adapt their own version.

Consider visiting Red Bike Publishing for training that you can download and present to cleared employees as well as present to DSS during the annual review.

GSA Security Container Magnets
http://www.redbikepublishing.com/book/magnet/

Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".