NISPOM Basics What You Need to Know!

Slides:

Advertisements

Similar presentations

Adverse Information Adverse Information:

Advertisements

Contract Security Classification Specification

Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.

United States Office of Personnel Management

How to Obtain and Keep a Security Clearance?. What Is A Security Clearance? A determination made by the government that you are stable and trustworthy,

File Management Tips and Suggestions FISWG/NCMS Winter Training Event December 17 th, 2014 Dela Williams Facility Security Officer.

Section Six: Foreign Ownership, Control, or Influence (FOCI)

SELF INSPECTIONS, Part 2 Okay, so now what do I do?

Defense Security Service Facility Clearance Branch (FCB)

Defense Security Service. DSS Update DSS Changing With A Changing Security Environment.

Helen MacDonald L-3 Communications.  Determination that company is eligible for access to classified information or award of classified contract at same.

NISPOM Update for JSAC Workshop

Clearance Processing Back To The Basics Presented By Mallory Howard

Section Nine: Reporting Requirements Note: All classified markings contained within this presentation are for training purposes only.

Conversation on the Chemical Facility Anti-Terrorism Standards (CFATS) and Critical Infrastructure Protection Chemical-Terrorism Vulnerability Information.

Section Four: Employee and Visitor Access Controls Note: All classified markings contained within this presentation are for training purposes only.

Joint Personnel Adjudication System (JPAS) Overview

NISPOM CHAPTER 3 SECURITY TRAINING AND BRIEFINGS

Form I-9 Process An Online Training for Supervisors and Designees Presented by Human Resources Revised November 2009.

Florida Industrial Security Workgroup Self-Inspections What are Self-Inspections Why should Self-Inspections be conducted When should Self-Inspections.

1 Creating a Joint Personnel Adjudication System (JPAS) Analysis Report Michael S. Campbell Industrial Security Specialist Defense Security Service San.

Section Eight: Communication Security (COMSEC) Note: All classified markings contained within this presentation are for.

Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.

ISP Preparation Series 1 – Chapter 6. NISPOM Chapter 6 – Visits & Meetings Section 1: Visits General (6-100)  When it is anticipated that classified.

Thank You for Joining Us, The Webinar Will Begin Shortly. The Fast Track to Facility Clearance Presented by: Cindy Brook While you are waiting please check.

OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil March 20, 2015 UNCLASSIFIED Industrial Security.

HIPAA PRIVACY AND SECURITY AWARENESS.

9/15/20151 Initial Security Indoctrination. 9/15/20152 Agenda Physical Security Personnel Security Information Security Information Assurance Public Release.

Defense Security Service New Rating Process Current as of 10/19/2011.

ISP Preparation Series 3- Chapter 6. NISPOM Chapter 6- Visits and Meetings  General- anticipate discussion  Classified visits- minimum and.

PERFORMING ON CLASSIFIED CONTRACTS.

OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil August 12, 2014 UNCLASSIFIED NISPOM Update.

Section Five: Security Inspections and Reviews Note: All classified markings contained within this presentation are for training purposes only.

NISPOM Update for NCMS November 2012

1 Personnel Security 2007 Data Protection Seminar TMA Privacy Office HEALTH AFFAIRS TRICARE Management Activity.

2012 STAAR ALT General Security Training Presented by: Campus Test Coordinator.

DEFENSE SECURITY SERVICE DSS Role in International Security.

1. Module Rev.F1 2  The Integrated Safety Management System (ISMS) is a systematic, common sense approach to working safely. The objective of.

Sample only Order at Security Awareness Training A threat awareness briefing. A defensive security briefing. An overview of the.

Creating an Insider Threat Program.

SECURITY BRIEFING A threat awareness briefing A defensive security briefing An overview of the security classification system Employee reporting obligations.

NISPOM Update for Dulles ISAC

NISPOM Chapter 1 Basics General Requirements Reporting Responsibilities Steven Rivera, FSO July 10, 2013.

Managing a “Data Spill”

How To Conduct An Administrative Inquiry (AI) Due To A Security Violation

Information Protection The Personnel Security Program (PSP) & Supervisors’ Responsibilities Mr. Connolly.

SAFEGUARDING CLASSIFIED INFORMATION.

Somerset ISD Online Acceptable Use Policy. Somerset Independent School District Electronic Resources Acceptable Use Policy The purpose of this training.

Nassau Association of School Technologists

Training for Supervisors and Designees

I-9 Instructions and FAQs

Managing a Security Container

Cleared Employee Security Training

Obligations of Educational Agencies: Parents’ Bill of Rights

INSIDER THREAT AWARENESS

Derivative Classification Overview

Supplier Training Overview February 2018

Initial Security Indoctrination

The Organized FSO Getting Control of the Paperwork and the Chaos

Records Management Fundamentals

Lockheed Martin Canada’s SMB Mentoring Program

Spencer County Public Schools Responsible Use Policy for Technology and Related Devices Spencer County Public Schools has access to and use of the Internet.

AN OVERVIEW OF THE INDUSTRIAL SECURITY PROGRAM

Security Representative Associate

Defense Security Service Top 10 Vulnerabilities

Export Controls – Export Provisions in Research Agreements

OSU Controlled Substances Training Module for Researchers

State of florida tax information sharing Paula Barfield August 5, 2015

Presentation transcript:

NISPOM Basics What You Need to Know! FISWG NISPOM Basics What You Need to Know! Orlando, Florida July 20, 2016 Chris Deshotel Facility Security Officer

Overview The purpose of this briefing is to provide a quick “what you need to know,” chapter by chapter review of the NISPOM for new Facility Security Officers (FSOs) and Alternate FSO’s as well as Security personnel who may have secondary security responsibilities. Due to the allotted time and the necessity to cover chapters properly, the below chapters will not be covered: Chapter 4: Classification and Marking Chapter 6: Visits and Meetings Chapter 7: Subcontracting Chapter 8: Information System Security SAP and SCI will not be covered.

Lockheed Martin Overview 125,000 Employees Operating in over 70 Countries and 590+ Facilities 135 Cleared Facilities 33 AA, A, B 102 C, D, E

General Provisions and Requirements Chapter 1 General Provisions and Requirements

General Provisions & Requirements 1-206b - Contractor Reviews: “Contractors shall review their security system on a continuing basis and shall also conduct a formal self-inspection at intervals consistent with risk management principles”: Conforming Changes 2 (1-207b) requires an annual self-inspection that is certified by senior management Use the DSS Self-Inspections Checklist located on the DSS website Self-inspection report(s) must be made available during your DSS inspection Work with your DSS Representative on how/if they would like the findings reported: Provide checklist Presentation style

General Provisions & Requirements 1-302 - Reports to be Submitted to the CSA: What should be reported? 1-302a: Adverse Information: Only Adverse reports that are confirmed should be submitted JPAS Selections: 1-302b: Suspicious Contact Reports (SCR’s): “Contractors shall report efforts by any individual, regardless of nationality, to obtain illegal or unauthorized access to classified information or to compromise a cleared employee.” Allegiance to the United States Financial Considerations Handling Protected Information Foreign Influence Alcohol Consumption Outside Activities Foreign Preference Drug Involvement Use of Information Technology Systems Sexual Behavior Psychological Conditions Personal Conduct Criminal Conduct

General Provisions & Requirements 1-302 - Reports to be Submitted to the CSA (cont.): What should be reported? 1-302c: Change in Cleared Employee Status: Death, name change, termination, change in citizenship, change in the requirement to access classified KMP Changes 1-303 - Reports of Loss, Compromised, or Suspected Compromise: Process for violation: Report directly to the CSA Presume lost until an investigation determines otherwise

Chapter 2 Security Clearances

Security Clearances General FCL PCL Facility Security Clearances vs. Personnel Security Clearances FCL 2-100: Administrative determination that a company is eligible for access to classified information or contract 2-102: Contractor cannot apply for its own FCL – GSA or another cleared contractor may sponsor you for an FCL 2-109: Parent-Subsidiary Relationships – two Different entities, two different DD 254s PCL 2-104: PCLs Required in connection w/FCL. KMP’s = A Senior Management rep. and FSO must always be cleared to the FCL level 2-200b: Cognizant Security Agency (CSA) Database = JPAS. Contractors are responsible for ensuring the system of record (JPAS) is accurate Should you maintain a separate database to track your records, it should be compared regularly and frequently JPAS: It is prohibited to printout JPAS screens Verify KMP Designation Consultants: Requires a contract with a person, not a company.

Security Clearances 2-201d - Reinvestigation: Periodic Reinvestigation’s must be submitted by the investigation date, not the adjudication! 2-202a - SF-86 review by FSO: Notification must be made to the employee that the FSO (or designee) will review the SF-86 for completeness and accuracy 2-202b - SF-86 Retention: SF-86’s may only be retained during the clearance process. Once eligibility has been granted or denied, the retained documentation must be destroyed 2-208 - Acceptable Proof of Citizenship: I-9’s are not acceptable proof of citizenship

Security Clearances 2-212 - Consultants: Who is a consultant? A non-employee who requires access to classified and is under contract to provide professional or technical assistance: Remember, consultants are paid directly, sub’s are paid company wide What do you need? A signed Consultant agreement What you need to remember: Initial security briefing Annual refresher briefing Keep the documentation JPAS Category: Under the Category area in JPAS, it should be “Industry (Consultant) cage code

Security Training and Briefings Chapter 3 Security Training and Briefings

Security Training and Briefings 3-102 - FSO Training: What FSO training is required? FSO Program Management for Possessing Facilities: This will take some time, don’t wait If you are an AFSO and have been in that positon for more than one year, you must complete the course 3-105 - Classified Information Nondisclosure Agreement (SF-312): Do not forget to mail the form to PSMO Process is located on the FISWG website 3-106/3-107 - Initial Security Briefings / Refresher Training: Provide briefing PRIOR to employee gaining access to classified Must contain: Threat Awareness, Defensive Security, Security Classification Overview, Reporting Obligations & Requirements and Security Procedures & Duties pertaining to job responsibilities Refresher training is required annually

Security Training and Briefings 3-108 - Debriefings: Offsite Briefings: It is permissible to mail the debriefing to the employee

Safeguarding Classified Information Chapter 5 Safeguarding Classified Information

Safeguarding Classified Information 5-102 - End of the Day Security Checks: Is the classified secured? 5-103a - Subject to Inspection: Post your signs at your entry & exits 5-103b - Searches: Use random sampling technique Consult your legal department

Safeguarding Classified Information 5-200 (ISL 2006-01 #9 (5-200) - Information Management System: Utilize a system to track Secret and Confidential information: Commercial Off The Shelf (COTS) product Excel spreadsheet Where is your classified? You must be able to provide DSS with the What, When, and How: Example: Your systems says document “A” is here, where is it and what happened to it? 5-202 - Receiving Classified Material: Signed for by “authorized persons” Make sure your P.O. Box is current (not expired): Make it a point to check your P.O. Box twice monthly Make sure your Couriers carry a Courier Card and are properly trained

Safeguarding Classified Information 5-308 - Protection of Combinations to Security Containers, Cabinets, Vaults, and Closed Areas: 5-308a: Access: Access is kept to a minimum Access lists must be maintained If someone is listed as having access, they must be aware of the combination 5-308c: Combinations: Combinations shall be safeguarded in accordance with the highest classification of the stored material 5-308d: Combination Records: Marked as the highest level and kept in a container at that level

Safeguarding Classified Information 5-309 - Changing Combinations: 5-309: Changed by persons authorized access to the contents of the container, or by the FSO or his/her designee 5-309a: Initial use 5-309b: Termination of employees (Change in Duties) 5-309c: Compromise or suspected compromise 5-309d: At the FSO’s discretion COMSEC – Required every 2 years 5-900 - Intrusion Detection System: 5-902: Central Monitoring Station: If you have guard services that respond to alarms in a classified area, they are required to have a DD-254

Information System Security Chapter 8 Information System Security

Information Systems Security AIS Auditing Overview January 2016

Chapter 9 Special Requirements

Special Requirements 9-405 - CRYPTO Access Briefing and Debriefing Requirements: 9-405e: SD 572 Debriefings must be kept for three years 9-407 - Subcontracting COMSEC Work: Written approval from the GCA is required

International Security Requirements Chapter 10 International Security Requirements

International Security Requirements 10-706 - NATO Briefings: Maintain NATO debriefings for two years for NATO SECRET and CONFIDENTIAL and three years for COSMIC TOP SECRET 10-712b - NATO Combinations: NATO Containers must be changed annually

Questions?