EFCOG SSWG Security Policy Update

Slides:



Advertisements
Similar presentations
Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.
Advertisements

Data Ownership Responsibilities & Procedures
Congress and Contractor Personal Conflicts of Interest May 21, 2008 Jon Etherton Etherton and Associates, Inc.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Version 6.0 Approved by HIPAA Implementation Team April 14, HIPAA Learning Module The following is an educational Powerpoint presentation on the.
Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.
Information Systems Security Officer
1 NOTES This presentation is an outline of some of the most important aspects of DOE O 440.1B For completeness, copies of the Order should accompany this.
PPA 573 – Emergency Management and Homeland Security Lecture 4c – Planning, Training, and Exercising.
Departmental Initiative to Enhance Activity-level Work Planning and Control DOE and DOE Contractors Industrial Hygiene Meeting in Conjunction with the.
Network security policy: best practices
Capability Cliff Notes Series PHEP Capability 9—Medical Materiel Management and Distribution What Is It And How Will We Measure It?
EM - TRANSPORTATION. EM Office of Transportation - Organization & Responsibilities Basis of Organization & Responsibilities Basis of Organization & Responsibilities.
CUI Statistical: Collaborative Efforts of Federal Statistical Agencies Eve Powell-Griner National Center for Health Statistics.
IAEA International Atomic Energy Agency International Cooperation in Nuclear Security David Ek Office of Nuclear Security.
Postgraduate Educational Course in radiation protection and the Safety of Radiation sources PGEC Part IV The International System of Radiation Protection.
OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil March 20, 2015 UNCLASSIFIED Industrial Security.
Module 3 Develop the Plan Planning for Emergencies – For Small Business –
Stephen Dembek, Section Chief Export Controls and International Organizations Section Office of International Programs Contact Info: ,
A Proposed Risk Management Regulatory Framework Commissioner George Apostolakis Presented at the Organization of Agreement States 2012 Annual Meeting Milwaukee,
Unit 8:COOP Plan and Procedures  Explain purpose of a COOP plan  Propose an outline for a COOP plan  Identify procedures that can effectively support.
OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil August 12, 2014 UNCLASSIFIED NISPOM Update.
IAEA International Atomic Energy Agency IAEA Nuclear Security Programme Enhancing cybersecurity in nuclear infrastructure TWG-NPPIC – IAEA May 09 – A.
Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.
Update on Office of Packaging and Transportation Activities Ashok Kapoor Safety Engineer, OPT Contractors Transportation Managers Association Workshop,
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.
Information Sharing Challenges, Trends and Opportunities
Business Continuity Program Orientation (insert presentation date) (This presentation is a template that requires adjustments to meet your needs)
The Culture of Healthcare Privacy, Confidentiality, and Security Lecture d This material (Comp2_Unit9d) was developed by Oregon Health and Science University,
1. Module Rev.F1 2  The Integrated Safety Management System (ISMS) is a systematic, common sense approach to working safely. The objective of.
IAEA International Atomic Energy Agency School of Drafting Regulations – November 2014 Government and Regulatory Body Functions and Responsibilities IAEA.
NFPA 1600 Disaster/Emergency Management and Business Continuity Programs.
DOE ASSET MANAGEMENT PLAN
1 Privacy Plan of Action © HIPAA Pros 2002 All rights reserved.
SECURITY BRIEFING A threat awareness briefing A defensive security briefing An overview of the security classification system Employee reporting obligations.
IAEA International Atomic Energy Agency Milestones in the development of a national infrastructure for nuclear power The Nuclear Security dimension Technical.
Personal Property Management Workshop HRPP: Overview DOE Order 580.1A Roll-Out Overview: Why revise HRPP requirements in DOE Order 580.1? What are the.
IAEA International Atomic Energy Agency TM/WS TOPICAL ISSUES ON INFRASTRUCTURE DEVELOPMENT: MANAGING THE DEVELOPMENT OF NATIONAL INFRASTRUCTURE FOR NUCLEAR.
Information Security Office: Function, Alignment in the Organization, Goals, and Objectives Presentation to Sacramento PMO March 2011 Kevin Dickey.
SEC 420 Entire Course (UOP) SEC 420 Week 1 DQ 1 (UOP)  SEC 420 Week 1 Individual Assignment Responsibilities of Personal Protection Officers Paper 
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Overview July 2011 INMM Nuclear Security and Physical Protection Technical Division.
Organization and Implementation of a National Regulatory Program for the Control of Radiation Sources Program Performance Criteria.
INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.
November 19, 2002 – Congress passed the Homeland Security Act of 2002, creating a new cabinet-level agency DHS activated in early 2003 Original Mission.
CHAPTER 3 Management Systems. Learning Objectives Describe the basic business activities and tools necessary to implement successful industrial hygiene.
NRC’s 10 CFR Part 37 Program Review of Radioactive Source Security
Planning for Succession
Randall (Randy) Snyder, PT, MBA Division Director January 27, 2016
Data Security and Privacy Overview: NJDOE’s Approach to Cybersecurity
State Coordinator Intervention
NRC Update of Low Level Waste Emerging Issues
DOE NNSA CAS EFCOG/DOE CAS Effectiveness Task Team Sharon Steele Office of the Chief Defense Nuclear Safety (NA-511) November 16, 2016.
The ORR/RA Pre-Visit and Other Prior Planning Items May 2005 Revision
Establishing the Infrastructure for Radiation Safety Preparatory Actions and Initial Regulatory Activities.
NRC Cyber Security Regulatory Overview
Contractor Assurance Systems (CAS) Summit August 23, 2016
NERC Critical Infrastructure Protection Advisory Group (CIP AG)
County HIPAA Review All Rights Reserved 2002.
IS-700.A: National Incident Management System, An Introduction
HIPAA Security Standards Final Rule
To: EFCOG By: Piechowski Date: July 19, 2018
DOE Office of Security Policy, AU-51 July 2018
2018 Energy Facility Contractors Group (EFCOG) Safeguards and Security Working Group (SSWG) Meeting Opening Remarks Tuesday, July 17, 2018 Marc A. Brooks,
2018 EFCOG Safeguards & Security Working Group Annual Meeting
Stephen Porter Safeguards & Security Working Group
Classified Matter Channel (CMC)
Safeguards and Security (S&S) Quality Panels
Office of Health, Safety and Security
Presentation transcript:

EFCOG SSWG Security Policy Update Marc A. Brooks, CPP, CISSP Director, Office of Security Policy

Office of Security Policy Marc Brooks, Director Michelle Berger* Office of Security Policy (AU-51) Physical Security Systems Dave Golden, Topic Lead C. Amazeen* (Part-time) Material Control & Accountability D. Holmer, Topic Lead Information Security C. Piechowski, Team Lead L. Ruhnow, CMPC Lead Program Planning & Management N. Wright, Team Lead C. Hunter, Topic Lead Protection Program Operations Mark Hojnacke, Team Lead Protective Force R. Faiver, Topic Lead T. Jones* * Contractor

Mission Maintains DOE’s security integrity through the development and promulgation of safeguards and security policy for the protection of the National Security and other critical assets entrusted to the Department Central source within DOE for the development and analysis of safeguards and security policies and standards affecting facilities, nuclear materials, personnel and classified and controlled information

Key Functions Promulgates Program Planning and Management, Information Security, Classified Matter Protection and Control, Protection Program Operations, and Nuclear Material Control and Accountability Policy, as well as associated DOE Technical Standards, Handbooks, and Guides (see following slides) Develops associated legislative initiatives for modifications to United States Code, e.g., revision to Departmental arrest and use of force authorities for its protective forces Publishes related Code of Federal Regulations (CFR), e.g., 10 CFR Part 1016, Safeguarding of Restricted Data, 10 CFR Part 1046, Medical, Physical Readiness, Training, and Access Authorization Standards for Protective Force Personnel, and participates in the development/revision of 32 CFR Part 2004, National Industrial Security Program directive As the Office of Primary Interest for these DOE security policies, provides Safeguards and Security consultations on equivalencies and exemptions, policy clarifications, and terminations of safeguards requests Coordinates and ensures adherence to 10 CFR Part 1046 requirements for associated independent reviews of medical disqualification

Program Planning and Management Safeguards and Security Program Planning Security plans, security conditions (SECONS) Performance assurance, survey, self-assessment and review programs Safeguards and Security Program Management Operations Facility clearance program and importance ratings Facility clearance approval and interim / limited facility clearances Personnel security clearances and contractor facility clearances Suspension of facility clearances Foreign ownership, control, or influence program Safeguards and Security Awareness Control of Classified Visits Safeguards and Security Training Program DOE Tactical Doctrine Incidents of Security Concern (IOSC)

Information Security Classified Matter Protection and Control (CMPC) Classified information in all forms must be protected according to laws, regulations, policies and other requirements CMPC requirements address the full life cycle of physical objects that contain or reveal classified information, including: Reviewing, Classifying and Marking Classified Matter Accountability (chain of custody and inventory management) Two States of Classified Matter Classified Matter in Use Classified Matter in Storage Transmission and Receipt of Classified Information Protection of Foreign Government Information Disclosure of U.S. Classified Information to Foreign Governments Disclosure and Release of Classified Matter in Emergency Situations Destruction of Classified Matter

Protection Program Operations Combines the elements of Federal and contractor protective force operations along with physical security and security systems Federal protective force operations include executive protection and interstate nuclear material transportation Executive protection is provided by armed Special Agents of the Office of Special Operations who are Federal employees Nuclear couriers are provided by armed Federal Agents of the Office of Secure Transportation Armed contractor protective forces are employed to protect DOE sites including nuclear mission, strategic petroleum reserve, and administrative (e.g., DOE Headquarters) facilities Physical security elements include barriers (walls/fences), storage (e.g., vaults), and badging systems Security systems include intrusion detection sensors, access control, communication (e.g., radio and alarm control) and badging equipment

Nuclear Material Control & Accountability Provides performance objectives, metrics, and requirements for developing, implementing, and maintaining a MC&A program. Main program elements are: Program Management Material Control Material Measurement Material Accounting Physical Inventory Graded Safeguards Table Requires reporting of special nuclear material inventories to national database: Nuclear Materials Management & Safeguards System (NMMSS) United States meets International Atomic Energy Agency (IAEA) agreement

Current Security Directives Managed by AU-50 DATE DOE P 470.1B, Safeguards and Security Policy Feb 10, 2016 DOE O 142.3A, (MinChg) Unclassified Foreign Visits and Assignments Oct 14, 2010 DOE O 231.1B, Chg 1 Environment, Safety, and Health Reporting, (Attachment 5-Reporting Radioactive Sealed Source Information) Nov 28, 2012 DOE O 470.3C, Design Basis Threat (DBT) Nov 23, 2016 DOE O 470.4B, Safeguards and Security Program, Chg 2 (MinChg) Jan 17, 2017 DOE O 471.6, Information Security, adm. chg 2 May 21, 2015 DOE O 472.2, Personnel Security, chg 1 (pgchg) Jul 16, 2015 DOE O 473.3A, Protection Program Operations, Chg 1 (MinChg) Jan 2, 2018 DOE O 474.2, chg 4 (pgchg), Nuclear Material Control and Accountability Sep 13, 2016

AU-50 Technical Standards PUBLISHED STANDARDS DATE DOE-STD-1047-2008, Safety Functions and Other Features of Remotely Operated Weapon Systems (ROWS) Sep 03, 2008 DOE-STD-1192-2010, Security Risk Management Technical Standard Nov. 2017 DOE-STD-1193-2010, Safety Functions and Other Features of Lethal Activated Denial Systems Apr. 29, 2010 DOE-STD-1194-2011, Nuclear Materials Control and Accountability, chg 3 (under revision) Oct. 2, 2013 DOE-STD-1210-2012, Incidents of Security Concern Oct. 1, 2012 DOE-STD-1207-2012, Protection Program Defensive Planning for Fixed Facilities, chg 1 Jan. 9, 2013 DOE-HDBK-1213-2014, Protective Force Contingency Planning July 22, 2014 DOE-STD-1217-2016, Safeguards and Security Survey and Self-Assessment Planning, Conduct, and Reporting Feb 24, 2016 DOE-STD-1219-2016, Analysis and Evaluation of the Operability and Reliability of the Intrusion Detection and Assessment System May 13, 2016 DOE-HDBK-1223-2016,  Classified Matter Protection and Control Handbook Sep 13, 2016 DOE-STD-1225-2017, DOE Canine Performance Testing Protocol Standard Sep 19, 2017 DOE-STD-1231-2018, Preparation and Conduct of Protective Force Performance Testing Dec 19, 2018

AU-50 Proposed Standards and Handbooks Project Status DOE-HDBK-XXXX-YR Operations Security (OPSEC) Program Handbook (New) In Development (AU-51) DOE-STD-1217-2016, Safeguards and Security Survey and Self-Assessment Planning, Conduct, and Reporting (Update) DOE-HDBK-XXXX-YR, Facility Security Clearance (FCL) and Foreign Ownership, Control, or Influence (FOCI) New) DOE-STD-1194-2011, Nuclear Materials Control and Accountability (Update)

AU Directives Prioritization DOE Order 473.3A, Change 1, Protection Program Operations * NNSA Urgent (Full) – AU-50 DOE Order 471.5, Special Access Programs (Full) – AU1.2 DOE Order 474.2, Change 4, Nuclear Material Control and Accountability * NNSA Urgent (Full) – AU-50 DOE Order 470.3C, Design Basis Threat (Minor) – AU-50 DOE Order 470.5, Insider Threat Program (Full) – AU-1.2 DOE Order 472.2 Change 2, Personnel Security * NNSA of Interest (Full) – AU-50 DOE Order 470.4B, Change 2, Safeguards and Security Program (Minor) – AU-50 DOE Order 471.6, Change 2, Information Security * NNSA of Interest (Admin) – AU-50

MAPPRITE Policy Analysis Project Methodology for Analyzing and Prioritizing Policy Requirements and Increasing Their Effectiveness (MAPPRITE) This initiative seeks to provide a structured data collection for use in: Managing requirements Eliminating unnecessary spending on asset protection to maximize mission accomplishment Assuring protection of DOE’s assets against current risks MAPPRITE Goals Create a structure collection of DOE and external asset protection requirements Develop a systematic and repeatable methodology to evaluate whether policy and requirements are appropriate, comprehensive, effective, and efficient Apply the methodology to existing requirements MAPPRITE Points of Contact Carl Piechowski, Office of Security (DOE/AU) carl.piechowski@hq.doe.gov, 301-903-4053 John Leonard, Office of Security Operations & Programmatic Planning (DOE/NNSA), john.leonard@nnsa.doe.gov, 202-586-0737

Policy Information Resource (PIR) Tool PIR Tool allows users to find and download current safeguards and security requirements, associated DOE directives, Federal regulations and national policies, and contains a glossary and acronym definitions URL: https://pir.doe.gov

Questions? Marc A. Brooks Director, Office of Security Policy Marc.Brooks@hq.doe.gov 301 903-4291

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.