Defense Security Service New Rating Process Current as of 10/19/2011.

Slides:

Advertisements

Similar presentations

Ways to Improve the Hazard Management Process

Advertisements

. . . a step-by-step guide to world-class internal auditing

Short Service Worker Program

Radiopharmaceutical Production

Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.

File Management Tips and Suggestions FISWG/NCMS Winter Training Event December 17 th, 2014 Dela Williams Facility Security Officer.

September 2013 DSS Security Rating Matrix Update.

SELF INSPECTIONS, Part 2 Okay, so now what do I do?

Defense Security Service Facility Clearance Branch (FCB)

Defense Security Service. DSS Update DSS Changing With A Changing Security Environment.

Presentation for the Management Study of the Code Enforcement Process City of Little Rock, Arkansas August 3, 2006.

Responsible CarE® Process Safety Code David Sandidge Director, Responsible Care American Chemistry Council June 2010.

WSQA PEPD Mentor Training Session 1: Mentoring role and responsibilities.

How a Large Company Used the Principles to Establish its Corporate Information Governance Robin Woolen, MBA, IGP President / Principal.

The Department of Defense Intelligence Oversight Program

UNCLASSIFIED Foreign Ownership, Control, or Influence (FOCI) August 2009.

NISPOM CHAPTER 3 SECURITY TRAINING AND BRIEFINGS

Justin Walsh FOCI Program Manager Industrial Security Field Operations.

Environmental Management Systems An Overview With Practical Applications.

ODAA Update Agenda ODAA Business Management System (OBMS) Deployment

AKCESS Akcess, Inc. And The National Medical Association Make A Difference.

Overview 4Core Technology Group, Inc. is a woman/ veteran owned full-service IT and Cyber Security firm based in Historic Petersburg, Virginia. Founded.

Florida Industrial Security Workgroup Self-Inspections What are Self-Inspections Why should Self-Inspections be conducted When should Self-Inspections.

1 MEASURING THE EFFECTIVENESS OF THE NATION’S FOODSERVICE AND RETAIL FOOD PROTECTION SYSTEM.

1 Creating a Joint Personnel Adjudication System (JPAS) Analysis Report Michael S. Campbell Industrial Security Specialist Defense Security Service San.

OH&S Management System

European Aviation Safety Agency

Personnel Security Management Office for Industry

** Deckplate training for Navy Sailors **.  On Thursday, 9 July, the Office of Personnel Management (OPM) announced a cyber incident exposed the federal.

2013 DSS Rating Matrix & NISP Enhancements for Your Security Program

Thank You for Joining Us, The Webinar Will Begin Shortly. The Fast Track to Facility Clearance Presented by: Cindy Brook While you are waiting please check.

Southeast Region Chapter 2004 Summer Training Meeting Louisville, KentuckyThursday, August 19, 2004 COMMISSIONING ??? COMMISSIONING 101.

1 Module 4: Post-Award Administration of Sponsored Projects (Part 1) Office of Research and Sponsored Programs The University of Mississippi 100 Barr Hall.

Paid Feeding Assistants Guidance Training CFR §483.35(h), F373.

1 Records Inventory & Data Classification Workshop Data Classification Project Note: This is an example of one agency’s approach to meeting the state records.

ISP Preparation Series 3- Chapter 6. NISPOM Chapter 6- Visits and Meetings  General- anticipate discussion  Classified visits- minimum and.

Section Five: Security Inspections and Reviews Note: All classified markings contained within this presentation are for training purposes only.

IAWP Awards Training August Recognition of Excellence The IAWP awards program recognizes outstanding workforce professionals on the chapter/international.

Uncovering the Hidden Liabilities in Your Office MASFAA Conference 2008 November 19, 2008 Kimberly TibbettsJean Ricker VP for ComplianceFinancial Aid Manager.

December 2013 Michael Campbell ViaSat, Inc..  NISPOM Requirements  Interpretation ◦ Category Level ◦ Business Best Practices  Available Tools  Pre-Inspection.

Federal Aviation Administration Presented to: By: Date: Oversight Throughout the Supply Chain: Is It Adequate? DOT OIG Audit: Assessment of FAA's Risk-Based.

“Safety Self-Inspection of the Workplace – An Integral Element of Integrated Safety Management” Prepared by: M. E. “Rick” Du Bose Mgr, Safety & Occupational.

DEFENSE SECURITY SERVICE DSS Role in International Security.

1. Module Rev.F1 2  The Integrated Safety Management System (ISMS) is a systematic, common sense approach to working safely. The objective of.

CEO-FSO A Case Study in Challenges July Oh Sensei, Why Are There No Simple Security Solutions? 2 NISPOM Madness STEPP Training Insider Threats Outsider.

Sample only Order at Security Awareness Training A threat awareness briefing. A defensive security briefing. An overview of the.

Creating an Insider Threat Program.

SECURITY BRIEFING A threat awareness briefing A defensive security briefing An overview of the security classification system Employee reporting obligations.

Environmental Officer Course Introduction Fort Wainwright, Alaska Environmental Officer Course 2011 Name//office/phone/ address UNCLASSIFIED 12/24/2015.

NISPOM Chapter 1 Basics General Requirements Reporting Responsibilities Steven Rivera, FSO July 10, 2013.

Establishing and Maintaining Effective Safety Committees.

How To Conduct An Administrative Inquiry (AI) Due To A Security Violation

Department of Defense Voluntary Protection Programs Center of Excellence Development, Validation, Implementation and Enhancement for a Voluntary Protection.

DIANE MOULTON EOIR TECHNOLOGIES, INC. FEBRUARY 23, 2016 Enhancing Your Way Up the SVA Ladder.

OH&S Management System

Florida Association of Legal Support Specialists, Inc.

Managing a Security Container

Operational Reviews at the National Cemetery Administration (NCA)

Why participate in Accreditation?

NISPOM Basics What You Need to Know!

OH&S Management System

Derivative Classification Overview

Defense Security Service Facility Sponsorship Process for a sponsor and sponsored company October, 2017 Presented by: Jeremy Hargis Defense Security.

AAHRPP Accreditation Welcome to the University of Georgia’s presentation for accreditation of the human research protection program (HRPP). This presentation.

DSS Security Ratings Matrix

[INSERT APPLICABLE REGIONAL ENTITY NAME/LOGO]

RECORDS AND INFORMATION

AN OVERVIEW OF THE INDUSTRIAL SECURITY PROGRAM

TRTR Briefing September 2013

Defense Security Service Top 10 Vulnerabilities

Presentation transcript:

Defense Security Service New Rating Process Current as of 10/19/2011

2  DSS recognized the importance of a standardized, objective approach to issuing security ratings as part of its security oversight role.  DSS is committed to your success and to the success of the National Industrial Security Program (NISP).  The new security rating process utilizes a calculation worksheet.  The worksheet is a DSS tool, designed to standardize and improve consistency.  Numerically based, quantifiable, and accounts for all aspects of a facility’s involvement in the NISP. New Security Rating Process

3  Uses a numerical based rating system  All facilities start with the same score (700)  Points are added for identified National Industrial Security Program (NISP) Enhancements by Category  Points are subtracted for findings by NISPOM reference  Serious and Administrative findings weighed separately  Points subtracted by NISPOM reference, not by number of occurrences  Accounts for size and complexity of a facility

4 New Security Rating Process  Each ratings matrix comes with a “scoring key” that is based on the facility category

5 New Security Rating Process  Serious finding is defined as non-compliance with a NISPOM requirement that may place or has placed classified information at risk to loss or compromise. Once a finding is determined to be serious, it is further categorized as either “Isolated”, “Systemic”, or “Repeat”.  Administrative finding is defined as non-compliance with a NISPOM requirement that does not place classified information at risk to loss or compromise.

6  A NISP enhancement directly relates to and enhances the protection of classified information beyond baseline NISPOM standards.  NISP enhancements will be validated during the inspection as having an effective impact on the overall security program which is usually accomplished through employee interviews and review of process/procedures.  We have established 13 NISP enhancement Categories, based on practical areas, to simplify and ensure field consistency.  Full credit for a NISP Enhancement (15 or 12 points depending on facility complexity) will be given if a facility completes any action/item in a given category. The facility will only receive a total of 15/12 points per category, regardless of how many NISP enhancements they have in a given category. New Security Rating Process

7  Category 1 Security Education (Events)  Category 2 Security Education (Products)  Category 3 Security Education (Staff Training)  Category 4 Security Education (Product Sharing)  Category 5 Self Inspection  Category 6 Physical Security/Controls  Category 7 CI Integration/Cyber Security  Category 8 Information Systems  Category 9 FOCI  Category 10 International  Category 11 Security Organization Membership  Category 12 Active Organization Participation  Category 13 Personnel Security NISP Enhancements

8 New Security Rating Process  DSS considers some factors as “red flag areas” and the rating calculation score may not be applicable.  EXAMPLES include:  Unmitigated or unreported FOCI  Uncleared persons in KMP positions requiring clearance  Intentional disregard of NISPOM regulations  Serious systemic findings w/potential loss/compromise  Any additional items which may result in invalidation of the FCL  Matrix score leading to marginal or unsatisfactory

9 Example- How It Works  Rating Matrix Company, Inc. Category C – Mid-Size Possessing Company Previous Rating: Commendable Recent Rating: Superior Findings: 2 Administrative NISP Enhancements: 9 Rating Calculation Score: 804

10 Security Rating Matrix Company, Inc

11 Rating Company, Inc Administrative Finding: Document Marking Deficiency (Corrected on the Spot) 2 Points Deducted Administrative Finding: An original SF312 was not forwarded to DISCO for retention 2 Points Deducted

12 Rating Company, Inc Category 2: Security Education (Products) Facility provides monthly security updates/reminders to employees through the monthly corporate newsletter. 12 Points Added

13 Rating Company, Inc Category 3: Security Education (Staff Training) FSO has CPP certification. Security staff training exceeds NISPOM requirements as all security personnel have completed all training requirements for FSO Program Management through the STEPP website and continuously complete additional educational courses. 12 Points Added

14 Rating Company, Inc Category 4: Security Education (Product/Information Sharing) The FSO has developed a Protégé/Mentorship relationship with all subcontractors they sponsor into the NISP by reaching out to the newly sponsored facility and providing whatever advice and assistance they require. The FSO often visits with the new facility to provide training and experience to the new FSO. Additionally, the company participated in beta testing a future DSS/CDSE course. 12 Points Added

15 Rating Company, Inc Category 5: Self Inspection The facility conducts and records two self-inspections annually. One is completed by the FSO and security staff. The other is conducted as a peer to peer review with the FSO or other security staff member from another location conducting the review. 12 Points Added

16 Rating Company, Inc Category 6: Classified Material Controls The FSO and AFSO conduct semi-annual, 100% inventory of all classified holdings and maintains records of the inventories. Their information management system indefinitely reflects history of location and disposition for material in facility at all levels of classified (100% accountability). 12 Points Added

17 Rating Company, Inc Category 7: CI Integration All employees going on foreign travel for business are required to be briefed by the Security prior to departure and are debriefed upon return. 12 Points Added

18 Rating Company, Inc Category 11: Security Organization Membership The FSO and AFSO are both members of NCMS and a local ISAC. 12 Points Added

19 Rating Company, Inc Category 12: Active Security Organization Participation The FSO takes a positive leadership role in the local ISAC and was elected to be the corporate Co-Chairperson. 12 Points Added

20 Rating Company, Inc Category 13: Personnel Security The facility manages a corporate wide call center established to support questions and issues related to JPAS and EQIP from other branch/division offices throughout the country. 12 Points Added

21 Rating Company, Inc FINAL Score 804 = Superior

22 Rating Company, Inc

23 Questions?