Showing posts with label personnel security clearance. Show all posts
Showing posts with label personnel security clearance. Show all posts

Monday, March 4, 2013

Try these questions from Red Bike Publishing's Unofficial Guide to ISP Certification

Red Bike Publishing's Unofficial
Guide to ISP Certification

1.      All of the following must be included in the authorization letter for hand carrying classified material on a commercial aircraft EXCEPT:a.                 Traveler’s Social Security Numberb.                Description of traveler’s ID
c.                 Description of material being carried
d.                 Identify points of departure, destination, and known transfer point
e.                 Location and telephone number of CSA

2.      Contractors shall limit the number of PCL requests to:a.                 One third of the company
b.                KMPs and direct reports
c.                 That which is necessary to operate efficientlyd.                 Meet future requirements for classified contracts
e.                 That which is specifically outlined on the DD Form 254

3.      The _____ is responsible for providing overall policy direction for the NISP.
a.                 Nuclear Regulatory Commission
b.                Central Intelligence Agency
c.                 Defense Security Services
d.                 National Security Council
e.                 Secretary of Defense

4.      Among other requirements, the destruction records for TOP SECRET must contain the _____ and be kept for _____.
a.                 Date of destruction, two years b.                SSN of destroyer, two yearsc.                 Name of destroyer, one year
d.                 ID material destroyed, one year
e.                 Date of Classification, five years

5.      Which types of door locking devices are approved for access to closed area doors?
a.                 Key operated pad lock
b.                Handprint reader
c.                 Deadbolt key lock
d.                 Swipe card reader
e.                 All the above


Scroll down, but don't peek until you're ready. See how you do:



1.      All of the following must be included in the authorization letter for hand carrying classified material on a commercial aircraft EXCEPT:
a.                 Traveler’s Social Security Number (NISPOM 5-411)
b.                Description of traveler’s ID
c.                 Description of material being carried
d.                 Identify points of departure, destination, and known transfer point
e.                 Location and telephone number of CSA

2.      Contractors shall limit the number of PCL requests to:
a.                 One third of the company
b.                KMPs and direct reports
c.                 That which is necessary to operate efficiently (NISPOM 2-200d)
d.                 Meet future requirements for classified contracts
e.                 That which is specifically outlined on the DD Form 254

3.      The _____ is responsible for providing overall policy direction for the NISP.
a.                 Nuclear Regulatory Commission
b.                Central Intelligence Agency
c.                 Defense Security Services
d.                 National Security Council (NISPOM 1-101a)
e.                 Secretary of Defense

4.      Among other requirements, the destruction records for TOP SECRET must contain the _____ and be kept for _____.
a.                 Date of destruction, two years (NISPOM 5-707)
b.                SSN of destroyer, two years
c.                 Name of destroyer, one year
d.                 ID material destroyed, one year
e.                 Date of Classification, five years

5.      Which types of door locking devices are approved for access to closed area doors?
a.                 Key operated pad lock (NISPOM 5-801e)
b.                Handprint reader
c.                 Deadbolt key lock
d.                 Swipe card reader
e.                 All the above




Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . Jeff is an accomplished writer of non-fiction books, novels and periodicals. He also owns Red bike Publishing. Published books include: "Get Rich in a Niche-Insider's Guide to Self Publishing in a Specialized Industry" and "Commitment-A Novel". Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training" See Red Bike Publishing for print copies of: Army Leadership, The Ranger Handbook, The Army Physical Readiness Manual, Drill and Ceremonies, The ITAR,and The NISPOM
Posted by at No comments:
Labels: , , ,

Tuesday, December 18, 2012

Proscribed Regulations and a Sensible Security Assessment, Cleared Contractor Protection Measures


Cleared contractor facility security officers (FSO) and security specialists have a unique challenge. They protect classified information and have lots of guidance on how to do so. However, they also have to figure out how to best protect sensitive information based on competitive budget requirements. Some of the forces acting on the budget include NISPOM, ITAR and other regulatory requirements as well as actions required by a thorough risk assessment

The NISPOM is a proscriptive policy, meaning that FSOs and security specialists have a list of “to do” countermeasures to protect Government identified classified contract information. For example, a secret document should be stored in a GSA approved security container.

Other solutions that appear proscribed are standard practices. Some industry standards include access control, alarms and CCTV. One might think they were required based on the general acceptance and wide use. For example, the NISPOM states that SECRET should be stored in a GSA approved container. However, some might find it shocking that alarms are NOT required. It is important to distinguish the difference as non-proscribed countermeasures protect classified information, but the trade off is high cost and focus on the wrong protection measures.

Security is meant to provide the right amount of countermeasures at the right place. Blanket countermeasures are costly and burdensome; thereby abusing the intent of NISPOM.

Assigning security measures without real risk or security assessment seemingly provides protection and makes us feel better.  Such actions result in construction or modifications of cleared facilities to create reinforced security fortresses built to withstand repeated break in attempts. However, the threat of these break-ins has not be established.

It makes sense to provide overwhelming physical security; if the security assessment requires it. However, there may be more pressing issues and real threats to address that compete with the same budget. Following the proscriptive measures of NISPOM may be the minimum and engaging tougher physical security measures may be the wrong course of action.

Suppose your risk assessment determines that the greatest threat to sensitive information is forgetful and irresponsible employees. Adding badge readers and alarms to negate the actions of a non existing threat of theft doesn’t address the insider issue.

However an aggressive procedure, policy and training program to focus on the real threat (bad habits) does help. For example, the real threat may be lack of understanding of protecting intellectual property. How do cleared employees work with, discuss, or demonstrate their technology through reports, tradeshows, patents or press release without inadvertently transferring technical information? An intellectual property identification, security training and compliance program would do more to protect the information than guns and guards.




Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . Jeff is an accomplished writer of non-fiction books, novels and periodicals. He also owns Red bike Publishing. Published books include: "Get Rich in a Niche-Insider's Guide to Self Publishing in a Specialized Industry" and "Commitment-A Novel". Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training" See Red Bike Publishing for print copies of: Army Leadership, The Ranger Handbook, The Army Physical Readiness Manual, Drill and Ceremonies, The ITAR,and The NISPOM
Posted by at No comments:
Labels: , , , , , , , , ,

Wednesday, July 4, 2012

The NISPOM and FSO Certification


National Industrial Security Program Operating Manual (NISPOM)

National Industrial Security Program Operating Manual (NISPOM)
The National Industrial Security Program Operating Manual (NISPOM) is Not Just For Security Managers; It’s for Everyone.
Large NISPOM
Add to Cart
Small NISPOM
Add to Cart
It’s not just for the FSO. Every Cleared employee should have a copy. Red Bike Publishing has published a book store quality NISPOM. A sleek new professionally designed cover adorns our product. This NISPOM includes updates from DSSand the Industrial Security Letters. Most companies print their own NISPOMs which sometimes yields poor quality and a hard to read product. Red Bike Publishing has added a professional edge to the NISPOM for about the same as it costs to print your own. Our publisher quality books have crisp writing that is refreshing to read. Your cleared employees may actually spend more time reading this.
Long gone is my big and bulky 3 ring binder.  This book (NISPOM) takes up a fraction of the room on your desk, and is portable enough to take to any security meeting. 
–Jackie Tippins, ISP
Red Bike Publishing understands that the NISPOM is available online. However, if you want to avoid paper jams, double sided printing, hole punching, and binding, consider getting our book store quality product for a professional appearance.
Purchase from Red Bike Publishing for full retail or Amazon.com for tremendous discounts.
NISPOM addresses a cleared contractor’s responsibilities:
  • Security Clearances
  • Required Training and Briefings
  • Classification and Markings
  • Safeguarding Classified Information
  • Visits and Meetings
  • Subcontracting
  • Information System Security
  • Special Requirements
  • International Security Requirements
  • and much more

Please read before you finish your purchase…

You don’t need a PayPal account to purchase our books. Just select the add to cart and you will be led to the PayPal site where you can purchase with your personal or corporate credit card.
Now you have purchasing choices:
You can buy from Red Bike Publishing, or select the Amazon.com or other bookstore links.
If you choose to buy from us, you can pay by credit card or paypal by selecting the “Add to Cart” button:
1. Click the “Add to Cart” button.
2. You will be taken to PayPal’s website and should see this product listed. On this page you must login with your PayPal account OR press the “Continue” button to enter your credit or debit billing information. You do not need to have a PayPal account to register.
3. Please read carefully and follow all of PayPal’s instructions for completing your transaction.
4. After you finish your transaction, you will be directed back to the product. If the page does not load after 5 seconds, please click the provided redirect link given by PayPal.
5. If you have any problems with the transaction, please contact us immediately at editor@redbikepublishing.com
Other books you might consider for performing under classified contracts. The FSO certification library:
 Table of Contents:
CHAPTER 1. GENERAL PROVISIONS AND REQUIREMENTS
Section 1. Introduction
1-100. Purpose…………………………………………………………………………………………..1-1-1
1-101. Authority………………………………………………………………………………………..1-1-1
1-102. Scope……………………………………………………………………………………………..1-1-2
1-103. Agency Agreements ……………………………………………………………………….1-1-2
1-104. Security Cognizance……………………………………………………………………….1-1-2
1-105. Composition of Manual…………………………………………………………………..1-1-2
1-106. Manual Interpretations…………………………………………………………………….1-1-3
1-107. Waivers and Exceptions to this Manual …………………………………………..1-1-3
Section 2. General Requirements
1-200. General……………………………………………………………………………………………..1-2-1
1-201. Facility Security Officer (FSO) …………………………………………………………1-2-1
1-202. Standard Practice Procedures…………………………………………………………….1-2-1
1-203. One-Person Facilities………………………………………………………………………..1-2-1
1-204. Cooperation with Federal Agencies and Officially Credentialed
Representatives of Those Agencies………………………………………………………………1-2-1
1-205. Security Training and Briefings…………………………………………………………1-2-1
1-206. Security Reviews………………………………………………………………………………1-2-1
1-207. Hotlines…………………………………………………………………………………………….1-2-1
1-208. Classified Information Procedures Act (CIPA)………………………………….1-2-2
Section 3. Reporting Requirements
1-300. General…………………………………………………………………………………………..1-3-1
1-301. Reports to be Submitted to the FBI………………………………………………….1-3-1
1-302. Reports to be Submitted to the CSA………………………………………………..1-3-1
1-303. Reports of Loss, Compromise, or Suspected Compromise……………….1-3-2
1-304. Individual Culpability Reports…………………………………………………………1-3-3
CHAPTER 2. SECURITY CLEARANCES
Section 1. Facility Clearances
2-100. General…………………………………………………………………………………………..2-1-1
2-101. Reciprocity……………………………………………………………………………………..2-1-1
2
2-102. Eligibility Requirements………………………………………………………………….2-1-1
2-103. Processing the FCL…………………………………………………………………………2-1-1
2-104. PCLs Required in Connection with the FCL……………………………………2-1-1
2-105. PCLs Concurrent with the FCL……………………………………………………….2-1-1
2-106. Exclusion Procedures ……………………………………………………………………..2-1-1
2-107. InterimFCLs ………………………………………………………………………………….2-1-2
2-108. Multiple Facility Organizations (MFOs)………………………………………….2-1-2
2-109. Parent-Subsidiary Relationships………………………………………………………2-1-2
2-110. Termination of the FCL…………………………………………………………………..2-1-2
2-111. Records Maintenance ……………………………………………………………………..2-1-2
Section 2. Personnel Security Clearances
2-200. General…………………………………………………………………………………………..2-2-1
2-201. Investigative Requirements……………………………………………………………..2-2-1
2-202. Procedures for Completing the Electronic Version of the SF 86……….2-2-1
2-203. Common Adjudicative Standards ……………………………………………………2-2-2
2-204. Reciprocity……………………………………………………………………………………..2-2-2
2-205. Pre-employment Clearance Action………………………………………………….2-2-2
2-206. Contractor-Granted Clearances ……………………………………………………….2-2-2
2-207. Verification of U.S. Citizenship ………………………………………………………2-2-2
2-208. Acceptable Proof of Citizenship………………………………………………………2-2-2
2-209. Non-U.S. Citizens …………………………………………………………………………..2-2-3
2-210. Access Limitations of an LAA………………………………………………………..2-2-3
2-211. InterimPCLs ………………………………………………………………………………….2-2-3
2-212. Consultants …………………………………………………………………………………….2-2-3
Section 3. Foreign Ownership, Control, or Influence (FOCI)
2-300. Policy ……………………………………………………………………………………………….2-3-1
2-301. Factors………………………………………………………………………………………………2-3-1
2-302. Procedures………………………………………………………………………………………..2-3-2
2-303. FOCI Action Plans……………………………………………………………………………2-3-2
2-304. Citizenship of Persons Requiring PCLs…………………………………………….2-3-3
2-305. Qualifications of Trustees, Proxy Holders, and Outside Directors ……..2-3-4
2-306. GSC………………………………………………………………………………………………….2-3-4
2-307. TCP………………………………………………………………………………………………….2-3-4
2-308. Annual Review and Certification………………………………………………………2-3-4
2-309. Limited FCL …………………………………………………………………………………….2-3-5
2-310. Foreign Mergers, Acquisitions and Takeovers and the Committee on
Foreign Investment in the United States (CFIUS) ………………………………………..2-3-5
CHAPTER 3. SECURITY TRAINING AND BRIEFINGS
Section 1. Security Training and Briefings
3-100. General…………………………………………………………………………………………..3-1-1
3-101. Training Materials…………………………………………………………………………..3-1-1
3-102. FSO Training………………………………………………………………………………….3-1-1
3-103. Government-Provided Briefings ……………………………………………………..3-1-1
3-104. TemporaryHelp Suppliers………………………………………………………………3-1-1
3
3-105. Classified Information Nondisclosure Agreement (SF 312)……………..3-1-1
3-106. Initial Security Briefings………………………………………………………………….3-1-1
3-107. Refresher Training ………………………………………………………………………….3-1-1
3-108. Debriefings …………………………………………………………………………………….3-1-1
CHAPTER 4. CLASSIFICATION AND MARKING
Section 1. Classification
4-100. General……………………………………………………………………………………….. 4-1-1
4-101. Original Classification…………………………………………………………………. 4-1-1
4-102. Derivative Classification Responsibilities…………………………………….. 4-1-1
4-103. Security Classification Guidance …………………………………………………. 4-1-1
4-104. Challenges to Classification…………………………………………………………. 4-1-2
4-105. Contractor Developed Information ………………………………………………. 4-1-2
4-106. Classified Information Appearing in Public Media……………………….. 4-1-2
4-107. Downgrading or Declassifying Classified Information………………….. 4-1-3
Section 2. Marking Requirements
4-200. General…………………………………………………………………………………………..4-2-1
4-201. Marking Requirements for Information and Material……………………….4-2-1
4-202. Identification Markings …………………………………………………………………..4-2-1
4-203. Overall Markings ……………………………………………………………………………4-2-1
4-204. Page Markings………………………………………………………………………………..4-2-1
4-205. ComponentMarkings……………………………………………………………………..4-2-1
4-206. Portion Markings…………………………………………………………………………….4-2-1
4-207. Subject and Title Markings……………………………………………………………..4-2-2
4-208. Markings for Derivatively Classified Documents…………………………….4-2-2
4-209. Documents Generated Under Previous E.O.s…………………………………..4-2-3
4-210. Marking Special Types of Material………………………………………………….4-2-3
4-211. Marking Transmittal Documents …………………………………………………….4-2-3
4-212. Marking Wholly Unclassified Material……………………………………………4-2-3
4-213. Marking Compilations…………………………………………………………………….4-2-3
4-214. Marking Miscellaneous Material …………………………………………………….4-2-4
4-215. Marking Training Material………………………………………………………………4-2-4
4-216. Downgrading or Declassification Actions ……………………………………….4-2-4
4-217. Upgrading Action……………………………………………………………………………4-2-4
4-218. Inadvertent Release…………………………………………………………………………4-2-4
CHAPTER 5. SAFEGUARDING CLASSIFIED INFORMATION
Section 1. General Safeguarding Requirements
5-100. General……………………………………………………………………………………………..5-1-1
5-101. Safeguarding Oral Discussions………………………………………………………….5-1-1
5-102. End of Day Security Checks……………………………………………………………..5-1-1
5-103. Perimeter Controls…………………………………………………………………………….5-1-1
5-104. Emergency Procedures……………………………………………………………………..5-1-1
4
Section 2. Control and Accountability
5-200. Policy……………………………………………………………………………………………..5-2-1
5-201. Accountabilityfor TOP SECRET……………………………………………………5-2-1
5-202. Receiving Classified Material………………………………………………………….5-2-1
5-203. Generation of Classified Material ……………………………………………………5-2-1
Section 3. Storage and Storage Equipment
5-300. General……………………………………………………………………………………………..5-3-1
5-301. GSA Storage Equipment…………………………………………………………………..5-3-1
5-302. TOP SECRET Storage……………………………………………………………………..5-3-1
5-303. SECRET Storage ……………………………………………………………………………..5-3-1
5-304. CONFIDENTIAL Storage ……………………………………………………………….5-3-1
5-305. Restricted Areas………………………………………………………………………………..5-3-1
5-306. Closed Areas…………………………………………………………………………………….5-3-1
5-307. Supplemental Protection……………………………………………………………………5-3-2
5-308. Protection of Combinations to Security Containers, Cabinets, Vaults
and Closed Areas…………………………………………………………………………………………5-3-2
5-309. Changing Combinations……………………………………………………………………5-3-2
5-310. Supervision of Keys and Padlocks…………………………………………………….5-3-2
5-311. Repair of Approved Containers…………………………………………………………5-3-2
5-312. Supplanting Access Control Systems or Devices ………………………………5-3-3
5-313. Automated Access Control Systems………………………………………………….5-3-3
5-314. Electronic, Mechanical, or Electro-mechanical Devices…………………….5-3-4
Section 4. Transmission
5-400. General…………………………………………………………………………………………..5-4-1
5-401. Preparation and Receipting……………………………………………………………..5-4-1
5-402. TOP SECRET Transmission Outside a Facility……………………………….5-4-1
5-403. SECRET Transmission Outside a Facility……………………………………….5-4-1
5-404. CONFIDENTIAL Transmission Outside a Facility…………………………5-4-1
5-405. Transmission Outside the United States and Its Territorial Areas……..5-4-1
5-406. Addressing Classified Material………………………………………………………..5-4-2
5-407. Transmission Within a Facility………………………………………………………..5-4-2
5-408. SECRET Transmission by Commercial Carrier ………………………………5-4-2
5-409. CONFIDENTIAL Transmission by Commercial Carrier ………………..5-4-3
5-410. Use of Couriers, Handcarriers, and Escorts………………………………………5-4-3
5-411. Use of Commercial Passenger Aircraft for Transmitting
ClassifiedMaterial …………………………………………………………………………………….5-4-3
5-412. Use of Escorts for Classified Shipments…………………………………………..5-4-4
5-413. Functions of an Escort …………………………………………………………………….5-4-4
Section 5. Disclosure
5-500. General…………………………………………………………………………………………..5-5-1
5-501. Disclosure to Employees…………………………………………………………………5-5-1
5-502. Disclosure to Subcontractors …………………………………………………………..5-5-1
5-503. Disclosure between Parent and Subsidiaries…………………………………….5-5-1
5-504. Disclosure in an MFO…………………………………………………………………….5-5-1
5-505. Disclosureto DoD Activities…………………………………………………………..5-5-1
5-506. Disclosure to Federal Agencies ……………………………………………………….5-5-1
5
5-507. Disclosure of Classified Information to Foreign Persons ………………….5-5-1
5-508. Disclosure of Export Controlled Information to Foreign Persons……..5-5-1
5-509. Disclosure to Other Contractors ………………………………………………………5-5-1
5-510. Disclosure of Classified Information in Connection with Litigation….5-5-1
5-511. Disclosure to the Public…………………………………………………………………..5-5-1
Section 6. Reproduction
5-600. General…………………………………………………………………………………………..5-6-1
5-601. Limitations……………………………………………………………………………………..5-6-1
5-602. Marking Reproductions…………………………………………………………………..5-6-1
5-603. Records…………………………………………………………………………………………..5-6-1
Section 7. Disposition and Retention
5-700. General…………………………………………………………………………………………..5-7-1
5-701. Retention of Classified Material………………………………………………………5-7-1
5-702. Termination of Security Agreement ………………………………………………..5-7-1
5-703. Disposition of Classified Material Not Received Under a Specific
Contract…………………………………………………………………………………………………….5-7-1
5-704. Destruction……………………………………………………………………………………..5-7-1
5-705. Methods of Destruction…………………………………………………………………..5-7-1
5-706. Witness to Destruction…………………………………………………………………….5-7-2
5-707. Destruction Records………………………………………………………………………..5-7-2
5-708. Classified Waste……………………………………………………………………………..5-7-2
Section 8. Construction Requirements
5-800. General…………………………………………………………………………………………..5-8-1
5-801. Construction Requirements for Closed Areas…………………………………..5-8-1
5-802. Construction Requirements for Vaults …………………………………………….5-8-1
Section 9. Intrusion Detection Systems
5-900. General…………………………………………………………………………………………..5-9-1
5-901. CSA Approval………………………………………………………………………………..5-9-1
5-902. Central Monitoring Station ……………………………………………………………..5-9-1
5-903. Investigative Response to Alarms……………………………………………………5-9-1
5-904. Installation………………………………………………………………………………………5-9-2
5-905. Certificationof Compliance…………………………………………………………….5-9-2
5-906. Exceptional Cases …………………………………………………………………………..5-9-2
CHAPTER 6. VISITS and MEETINGS
Section 1. Visits
6-100. General…………………………………………………………………………………………..6-1-1
6-101. Classified Visits………………………………………………………………………………6-1-1
6-102. Need-to-Know Determination…………………………………………………………6-1-1
6-103. Visits by Government Representatives…………………………………………….6-1-1
6-104. Visit Authorization………………………………………………………………………….6-1-1
6-105. Long-TermVisitors ………………………………………………………………………..6-1-1
Section 2. Meetings
6-200. General…………………………………………………………………………………………..6-2-1
6-201. Government Sponsorship of Meetings…………………………………………….6-2-1
6
6-202. Disclosure Authority at Meetings…………………………………………………….6-2-2
6-203. Requests to Attend Classified Meetings…………………………………………..6-2-2
CHAPTER 7. SUBCONTRACTING
Section 1. Prime Contractor Responsibilities
7-100. General……………………………………………………………………………7-1-1
7-101. Responsibilities………………………………………………………………..7-1-1
7-102. Security Classification Guidance………………………………………..7-1-1
7-103. Responsibilities (Completion of the Subcontract)…………………7-1-2
7-104. Notification of Unsatisfactory Conditions……………………………7-1-2
CHAPTER 8. INFORMATION SYSTEM SECURITY
Section 1. Responsibilities and Duties
8-100. General ………………………………………………………………………………………………..8-1-1
8-101. Responsibilities…………………………………………………………………………………….8-1-1
8-102. Designated Accrediting/Approving Authority………………………………………8-1-1
8-103. IS Security Manager (ISSM)………………………………………………………………..8-1-1
8-104. Information System Security Officer(s) (ISSO) ……………………………………8-1-2
8-105. Users of IS……………………………………………………………………………………………8-1-3
Section 2. Certification and Accreditation
8-200.Overview…………………………………………………………………………………………..8-2-1
8-201.Certification Process………………………………………………………………………….8-2-1
8-202.Accreditation……………………………………………………………………………………..8-2-1
Section 3. Common Requirements
8-300. Introduction…………………………………………………………………………………….8-3-1
8-301. Clearing and Sanitization ………………………………………………………………..8-3-1
8-302. Examination of Hardware and Software………………………………………….8-3-1
8-303. Identification and Authentication Management ……………………………….8-3-1
8-304. Maintenance …………………………………………………………………………………..8-3-2
8-305. Malicious Code ………………………………………………………………………………8-3-2
8-306. Marking Hardware, Output, and Media …………………………………………..8-3-3
8-307. Personnel Security…………………………………………………………………………..8-3-3
8-308. Physical Security ……………………………………………………………..8-3-3
8-309. Protection of Media ………………………………………………………….8-3-3
8-310. Review of Output and Media……………………………………………..8-3-3
8-311. Configuration Management ……………………………………………….8-3-3
Section 4. Protection Measures
8-400. Protection Profiles…………………………………………………………………………..8-4-1
8-401. Level of Concern…………………………………………………………………………….8-4-1
8-402. Protection Level ……………………………………………………………………………..8-4-1
8-403. Protection Profiles…………………………………………………………………………..8-4-1
Section 5. Special Categories
8-500. Special Categories…………………………………………………………………………..8-5-1
8-501. Single-user, Stand-alone Systems ……………………………………………………8-5-1
7
8-502. Periods Processing ………………………………………………………………………….8-5-1
8-503. Pure Servers……………………………………………………………………………………8-5-1
8-504. Tactical, Embedded, Data-Acquisition, and Special-Purpose
Systems …………………………………………………………………………………………………….8-5-2
8-505. Systems with Group Authenticators ………………………………………………..8-5-2
Section 6. Protection Requirements
8-600. Introduction…………………………………………………………………………………….8-6-1
8-601. Alternate Power Source (Power)……………………………………………………..8-6-1
8-602. Audit Capability……………………………………………………………………………..8-6-1
8-603. Backup and Restoration of Data (Backup)……………………………………….8-6-1
8-604. Changes to data (Integrity)………………………………………………………………8-6-2
8-605. Data Transmission (Trans)………………………………………………………………8-6-2
8-606. Access Controls (Access)………………………………………………………………..8-6-2
8-607. Identification and Authentication (I&A) ………………………………………….8-6-3
8-608. Resource Control (ResrcCtrl) ………………………………………………………….8-6-3
8-609. Session Controls (SessCtrl)……………………………………………………………..8-6-3
8-610. Security Documentation (Doc)………………………………………………………..8-6-4
8-611. Separation of Function Requirements (Separation) ………………………….8-6-5
8-612. SystemRecovery (SR) ……………………………………………………………………8-6-5
8-613. System Assurance (SysAssur)…………………………………………………………8-6-5
8-614. Security Testing (Test) ……………………………………………………………………8-6-5
8-615. Disaster Recovery Planning…………………………………………………………….8-6-6
Section 7. Interconnected Systems
8.700. Interconnected Systems Management………………………………………………8-7-1
8-701. Controlled Interface (CI) Functions …………………………………………………8-7-1
8-702. Controller Interface Requirements…………………………………………………..8-7-2
8-703. Assurances for CIs ………………………………………………………………………….8-7-2
CHAPTER 9. SPECIAL REQUIREMENTS
Section 1. RD and FRD
9-100. General……………………………………………………………………………………………..9-1-1
9-101. Authority and Responsibilities…………………………………………………………..9-1-1
9-102. Unauthorized Disclosures …………………………………………………………………9-1-1
9-103. International Requirements……………………………………………………………….9-1-1
9-104. Personnel Security Clearances…………………………………………………………..9-1-1
9-105. Classification…………………………………………………………………………………….9-1-1
9-106. Declassification…………………………………………………………………………………9-1-2
9-107. Challenges to RD/FRD Classification……………………………………………….9-1-2
9-108. Marking ……………………………………………………………………………………………9-1-2
Section 2. DoD Critical Nuclear Weapon Design Information (CNWDI)
9-200. General……………………………………………………………………………………………..9-2-1
9-201. Background ………………………………………………………………………………………9-2-1
9-202. Briefings……………………………………………………………………………………………9-2-1
9-203. Markings…………………………………………………………………………………………..9-2-1
9-204. Subcontractors…………………………………………………………………………………..9-2-1
8
9-205. Transmission Outside the Facility………………………………………………………9-2-1
9-206. Records …………………………………………………………………………………………….9-2-1
9-207. Weapon Data…………………………………………………………………………………….9-2-1
Section 3. Intelligence Information
9-300. Background…………………………………………………………………………………….9-3-1
9-301. Definitions………………………………………………………………………………………9-3-1
9-302. Key Concepts …………………………………………………………………………………9-3-1
9-303. Control Markings Authorized for Intelligence Information………………9-3-2
9-304. Limitation on Dissemination of Classified Intelligence Information …9-3-2
9-305. Safeguarding Classified Intelligence Information…………………………….9-3-3
9-306. Inquiries………………………………………………………………………………………….9-3-3
Section 4. Communication Security (COMSEC)
9-400. General…………………………………………………………………………………………..9-4-1
9-401. Instructions……………………………………………………………………………………..9-4-1
9-402. Clearance and Access Requirements……………………………………………….9-4-1
9-403. Establishing a COMSEC Account…………………………………………………..9-4-1
9-404. COMSEC Briefing and Debriefing Requirements …………………………..9-4-1
9-405. CRYPTO Access Briefing and Debriefing Requirements………………..9-4-2
9-406. Destruction and Disposition of COMSEC Material …………………………9-4-2
9-407. Subcontracting COMSEC Work……………………………………………………..9-4-2
9-408. Unsolicited Proposals ……………………………………………………………………..9-4-2
CHAPTER 10. INTERNATIONAL SECURITY REQUIREMENTS
Section 1. General and Background Information
10-100. General …………………………………………………………………………………………10-1-1
10-101. Applicable Federal Laws ………………………………………………………………10-1-1
10-102. Bilateral Security Agreements……………………………………………………….10-1-1
Section 2. Disclosure of U.S. Information to Foreign Interests
10-200. Authorizationfor Disclosure………………………………………………………….10-2-1
10-201. Direct Commercial Arrangements………………………………………………….10-2-1
10-202. Contract Security Provisions………………………………………………………….10-2-1
Section 3. Foreign Government Information
10-300. General …………………………………………………………………………………………10-3-1
10-301. Contract Security Requirements ……………………………………………………10-3-1
10-302. Marking Foreign Government Classified Material ………………………..10-3-1
10-303. Foreign Government RESTRICTED Information and “In Confidence”
Information………………………………………………………………………………………………..10-3-1
10-304. Marking U.S. Documents Containing FGI…………………………………….10-3-1
10-305. Marking Documents Prepared For Foreign Governments……………..10-3-1
10-306. Storage and Control ………………………………………………………………………10-3-2
10-307. Disclosure and Use Limitations …………………………………………………….10-3-2
10-308. Transfer…………………………………………………………………………………………10-3-2
10-309. Reproduction ………………………………………………………………………………..10-3-2
10-310. Disposition ……………………………………………………………………………………10-3-2
10-311. Reporting of Improper Receipt of Foreign Government Material…..10-3-2
9
10-312. Subcontracting………………………………………………………………………………10-3-2
Section 4. International Transfers
10-400. General……………………………………………………………………………………… 10-4-1
10-401. International Transfers of Classified Material……………………………… 10-4-1
10-402. Transfers of Freight …………………………………………………………………… 10-4-1
10-403. Return of Material for Repair, Modification, or Maintenance……… 10-4-2
10-404. Use of Freight Forwarders …………………………………………………………. 10-4-2
10-405. Handcarrying Classified Material ………………………………………………. 10-4-2
10-406. Classified Material Receipts ………………………………………………………. 10-4-3
10-407. Contractor Preparations for International Transfers Pursuant to
Commercial and User Agency Sales ………………………………………………………. 10-4-3
10-408. Transfers of Technical Data Pursuant to an ITAR Exemption…….. 10-4-3
Section 5. International Visits and Control of Foreign Nationals
10-500. General………………………………………………………………………………………….10-5-1
10-501. International Visits…………………………………………………………………………10-5-1
10-502. Types and Purpose of International Visits ………………………………………10-5-1
10-503. Emergency Visits…………………………………………………………………………..10-5-1
10-504. Requests for Recurring Visits…………………………………………………………10-5-1
10-505. Amendments…………………………………………………………………………………10-5-1
10-506. Visits Abroad by U.S. Contractors …………………………………………………10-5-1
10-507. Visits by ForeignNationals to U.S. Contractor Facilities ………………..10-5-2
10-508. Control of Access by On-Site Foreign Nationals…………………………….10-5-2
10-509. TCP………………………………………………………………………………………………10-5-3
10-510. Security and Export Control Violations Involving Foreign Nationals10-5-3
Section 6. Contractor Operations Abroad.
10-600. General …………………………………………………………………………………………10-6-1
10-601. Access by Contractor Employees Assigned Outside the
United States ……………………………………………………………………………………………..10-6-1
10-602. Storage, Custody, and Control of Classified Information Abroad
by Employees of a U.S. Contractor…………………………………………………………….10-6-1
10-603. Transmission of Classified Material to Employees Abroad……………10-6-1
10-604. Security Briefings………………………………………………………………………….10-6-2
Section 7. NATO Information Security Requirements
10-700. General………………………………………………………………………………………….10-7-1
10-701. Classification Levels ……………………………………………………………………..10-7-1
10-702. NATO RESTRICTED………………………………………………………………….10-7-1
10-703. NATO Contracts……………………………………………………………………………10-7-1
10-704. NATO Facility Security Clearance Certificate………………………………..10-7-1
10-705. PCL Requirements………………………………………………………………………..10-7-1
10-706. NATO Briefings……………………………………………………………………………10-7-1
10-707. Access to NATO Classified Information by Foreign Nationals……….10-7-1
10-708. Subcontracting for NATO Contracts ……………………………………………..10-7-1
10-709. Preparing and Marking NATO Documents……………………………………10-7-1
10-710. Classification Guidance …………………………………………………………………10-7-2
10-711. Further Distribution……………………………………………………………………….10-7-2
10-712. Storage of NATO Documents ……………………………………………………….10-7-2
10
10-713. International Transmission …………………………………………………………….10-7-2
10-714. Handcarrying…………………………………………………………………………………10-7-3
10-715. Reproduction…………………………………………………………………………………10-7-3
10-716. Disposition…………………………………………………………………………………….10-7-3
10-717. Accountability Records………………………………………………………………….10-7-3
10-718. Security Violations and Loss, Compromise, or Possible
Compromise………………………………………………………………………………………………10-7-3
10-719. Extracting from NATO Documents……………………………………………….10-7-3
10-720. Release of U.S. Information to NATO …………………………………………..10-7-4
10-721. Visits …………………………………………………………………………………………….10-7-4
CHAPTER 11. MISCELLANEOUS INFORMATION
Section 1. TEMPEST
11-100. General……………………………………………………………………………………… 11-1-1
11-101. TEMPEST Requirements………………………………………………………….. 11-1-1
11-102. Cost…………………………………………………………………………………………… 11-1-1
Section 2. Defense Technical Information Center (DTIC)
11-200. General …………………………………………………………………………………………11-2-1
11-201. User Community…………………………………………………………………………..11-2-1
11-202. Registration Process………………………………………………………………………11-2-1
11-203. Safeguarding Requirements…………………………………………………………..11-2-1
11-204. DTIC Downgrading or Declassification Notices……………………………11-2-1
11-205. Questions Concerning Reference Material…………………………………….11-2-1
11-206. Subcontracts………………………………………………………………………………….11-2-1
Section 3. Independent Research and Development (IR&D) Efforts
11-300. General …………………………………………………………………………………………11-3-1
11-301. Information Generated Under an IR&D Effort that Incorporates
Classified Information………………………………………………………………………………..11-3-1
11-302. Classification Guidance…………………………………………………………………11-3-1
11-303. Preparation of Security Guidance ………………………………………………….11-3-1
11-304. Retention of Classified Documents Generated Under IR&D Efforts11-3-1
APPENDICES
Appendix A. Cognizant Security Office Information………………………………………………………………………A-l
Appendix B. International Visits Standard Request for Visit Format (RFV)…………………………………. B-l
Appendix C. Definitions …………………………………………………………………………………………………………….. C-l
SUPPLEMENTS TO THE NISPOM
NISPOM Supplement…………………………………………………………………………………………..DoD 5220.22-M-Sup 1
View Cart
Large NISPOM $19.95
8.5 x 11”
230 Pages
ISBN:978098162060857
Red Bike Publishing
Add to Cart
Small NISPOM $15.95
6 x 9”
238 Pages
ISBN:978098162060826
Red Bike Publishing
Add to Cart



Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . Jeff is an accomplished writer of non-fiction books, novels and periodicals. He also owns Red bike Publishing. Published books include: "Get Rich in a Niche-Insider's Guide to Self Publishing in a Specialized Industry" and "Commitment-A Novel". Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training" See Red Bike Publishing for print copies of: Army Leadership, The Ranger Handbook, The Army Physical Readiness Manual, Drill and Ceremonies, The ITAR,and The NISPOM
Posted by at No comments:
Labels: , , , , , , , , ,
Subscribe to: Posts (Atom)