Presentation is loading. Please wait.

Presentation is loading. Please wait.

To: EFCOG By: Piechowski Date: July 19, 2018

Published byRafe Curtis Modified over 6 years ago

Similar presentations

Presentation on theme: "To: EFCOG By: Piechowski Date: July 19, 2018"— Presentation transcript:

1 To: EFCOG By: Piechowski Date: July 19, 2018
Methodology for Analyzing and Prioritizing Policy Requirements and Integrating Them for Effectiveness (MAPPRITE) To: EFCOG By: Piechowski Date: July 19, 2018

2 Introduction DOE enterprise-level initiative for asset protection policy and requirements “…existing fragmented system does not provide the strategic framework needed to support achievement of the Department’s mission.” (Deputy Secretary of Energy memorandum, Oversight of Departmental Requirements, 08/04/2016) Bill (Gates) is blown away that so many decisions are made without data. (Melinda Gates) Data and analysis rather than assumptions and guesswork Present - PIR - Future - MAPPRITE 4/5/2019

3 Purpose (Why) Mission-Oriented Achievement
Protection of DOE’s assets against defined risks Efficient asset protection expenditures 4/5/2019

4 Principal Goals (What)
Create an asset protection taxonomy (data set) The principles and process of categorizing requirements A structured set of information to enable data-driven decisions (Assets Objectives Requirements) Establish a methodology to: Assess whether requirements sufficiently address credible risks Identify opportunities to improve effectiveness and efficiency Systematically evaluate current DOE and external policies that contribute to protecting DOE assets. 4/5/2019

5 DOE S&S Policy Evolution
1990s: Detailed standards and criteria abandoned 2003: memoranda that supplemented, modified or superseded policy 2003 – 05: Directives and policy memoranda consolidated. Order and 7 manuals 2005 – 07: Streamlining of S&S directives - Zero-Based Review 2008 – 11: Secretary’s Safety and Security Reform Initiative - Manuals converted to Orders; - Removed repetition of requirements from other sources; - Emphasis on “what” versus “how” - Sharpened distinction between policy and operational management 2014: Memo from S-2 to S-1. Strategy of Reforms to Enhance Security, Independent Assessments, Safety and Health Functions 2016: S-2 memorandum, Oversight of Departmental Requirements 4/5/2019

6 AU-50 Directives DOE P 470.1B Safeguards and Security Policy
DOE O 142.3A Unclassified Foreign Visits and Assignments DOE O 470.3C Design Basis Threat (DBT) Order DOE O 470.4B Safeguards and Security Program, adm. chg 1 DOE O Information Security, adm. chg 2 DOE O Personnel Security, chg 1 (pg chg) DOE O 473.3A Protection Program Operations DOE O Nuclear Material Control and Accountability, Chg 4 (PgChg) 4/5/2019

7 Example Interdependencies
These directives are not managed by AU-50, but are examples of requirement sources that contribute to establishing an effective enterprise-wide protection strategy. O 151.1C Comprehensive Emergency Management System O Departmental of Energy Cyber Security Program O 227.1A Independent Oversight Program O Suitability, Position Sensitivity, Designations, and Related Personnel Matters O Insider Threat Program O Technical Security Program O Special Access Programs O Counterintelligence Program O 475.2B Identifying Classified Information O Control of Nuclear Weapon Data O 457.1A Nuclear Counterterrorism O A Radioactive Material Transportation Practices Manual O 461.1B Packaging and Transportation for Offsite Shipment of Materials of National Security Interest 4/5/2019

8 Context Summary 8 Office of Security (AU-50) Directives
500+ Drivers and References 3000+ Requirements Numerous Interdependencies Cyber security Emergency Management Insider Threat Etc. 4/5/2019

9 Stakeholders (Who) ** Policy developers; Security program planners and practitioners; Procurement; Sites and Laboratories ** 4/5/2019

10 Focus Team Concept (How)
Core Team DOE Senior Leadership, Boards and Councils Members AU – Initiative Lead NNSA Provide POC, SMEs and financial support Program(s) and Staff Office(s) Provide POCs, SMEs, and/or financial support Develops Strategy Planning Administration Program Offices Staff Offices Field Subject Expertise Planners Managers Practitioners Stakeholder Alliance Focus Teams IT / Architecture Asset ID / Definition Requirement Sources Protection Objectives Analysis Methodology End Results For Focus Teams Launch Support Wrap-up Data Set Technical Allocations 4/5/2019 Other…

11 Progress Established management structure and Core Team
Collaboration/coordination Market review/benchmarking System use cases and technology Asset data Stakeholders Alliance MAPPRITE Concept Demonstration 1 (MCD 1) 4/5/2019

12 Asset Identification and Characterization Process Summary
4/5/2019

13 Asset Identification and Characterization Process Summary
4/5/2019

14 Collections – Groups – Assets
Collections (Examples) Biological Agents & Select Agents and Toxins Firearms/Explosives Information – Classified Power Marketing Administration Resources Special Nuclear Material Groups (Examples) Information – Classified (Collection) C/NSI (Group) S/RD (Group) Assets

15 Asset Identification and Characterization Process Summary
Threshold Placement and Attributes Requirement Sources QC by Data Manager 4/5/2019

16 Stakeholders Alliance
MAPPRITE Stakeholder Alliance Specification Alliance formed to advocate, develop and guide the strategies to promote assessment and improvement of asset protection policy and requirements. (Highest Priority Goal #1) Named points of contact (POCs) to represent major DOE/NNSA stakeholder organizations regarding overall strategy, planning, administration, and execution. Individual participation in defining, launching, supporting, and concluding the work of focus teams. POCs provide primary interface to DOE/NNSA Chief Security Officers, Program Offices and Staff Offices. POCs provide interface, as directed, with their program specific DRB, FMC and LOB representatives. Advance common, shared and valued vision for the MAPPRITE initiative in accordance with the MAPPRITE Communication Plan. Provides sustained support for defining and developing essential MAPPRITE products. Engage subject matter experts (SMEs), programmatic and technical representatives as needed to assist in developing, reviewing and advancing essential MAPPRITE products. (Highest Priority Goal #2) Identify and gain participation from program office, field site, contractor and laboratory SMEs. Identify potential organizations, processes or systems for benchmarking. Engage MA to facilitate MAPPRITE execution, adopting the tenets of collaborative policy analysis and development. Coordinate site visits (identify stakeholders and facilitate communications). Coordinate and finalize input from stakeholders. * Examples of essential MAPPRITE products include: asset catalog; it architecture; it system; list of requirement sources; comprehensive sets of requirements; protection objectives; database or other repository of requirements aligned to asset-objectives sets; analysis methodology; completed analysis reports. Department-wide representation Focus and awareness Active participation Access to SMEs Coordinate input Review draft products 4/5/2019

17 MCD 1 Asset: RD Matter Objectives: Sample completed Requirements:
37 Potential DOE source documents 18 Potential National source documents Several hundred pages Next: QA Review for subjectivity, Consistency, Applicability Identify requirements for IDS alarm times Analysis 4/5/2019

18 Requested Actions and Discussion
Be informed about MAPPRITE Engage with Stakeholder Alliance Awareness and Communications Review and help finalize asset summary? Coming next - Objectives

Download ppt "To: EFCOG By: Piechowski Date: July 19, 2018"

Similar presentations

How Will it Help Me Do My Job?

How Will it Help Me Do My Job?
The Department of Energy Enterprise Risk Management Model

The Department of Energy Enterprise Risk Management Model
Principles of Standards and Measures

Principles of Standards and Measures
Auditing, Assurance and Governance in Local Government

Auditing, Assurance and Governance in Local Government
Briefing to the Commission to Review the Effectiveness of the National Energy Laboratories (CRENEL) Joseph McBrearty, Deputy Director for Field Operations.

Briefing to the Commission to Review the Effectiveness of the National Energy Laboratories (CRENEL) Joseph McBrearty, Deputy Director for Field Operations.
A Presentation on the Management and Curriculum Audit for the Guam Public School System April 14, 2009.

A Presentation on the Management and Curriculum Audit for the Guam Public School System April 14, 2009.
ENVIRONMENTAL UNIT IN AN ICS STRUCTURE. EU Mission Statement The Environmental Unit is established to provide technical and scientific expertise and capabilities.

ENVIRONMENTAL UNIT IN AN ICS STRUCTURE. EU Mission Statement The Environmental Unit is established to provide technical and scientific expertise and capabilities.
SEM Planning Model.

SEM Planning Model.
1 LBNL Enterprise Computing (EC) January 2003 LBNL Enterprise Computing.

1 LBNL Enterprise Computing (EC) January 2003 LBNL Enterprise Computing.
Purpose of the Standards

Purpose of the Standards
LEVERAGING THE ENTERPRISE INFORMATION ENVIRONMENT Louise Edmonds Senior Manager Information Management ACT Health.

LEVERAGING THE ENTERPRISE INFORMATION ENVIRONMENT Louise Edmonds Senior Manager Information Management ACT Health.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
THE REGIONAL MUNICIPALITY OF YORK Information Technology Strategy & 5 Year Plan.

THE REGIONAL MUNICIPALITY OF YORK Information Technology Strategy & 5 Year Plan.
Do it pro bono. Strategic Scorecard Service Grant The Strategy Management Practice is presented by Wells Fargo. The design of the Strategic Scorecard Service.

Do it pro bono. Strategic Scorecard Service Grant The Strategy Management Practice is presented by Wells Fargo. The design of the Strategic Scorecard Service.
Organize to improve Data Quality Data Quality?. © 2012 GS1 To fully exploit and utilize the data available, a strategic approach to data governance at.

Organize to improve Data Quality Data Quality?. © 2012 GS1 To fully exploit and utilize the data available, a strategic approach to data governance at.
NIST Special Publication Revision 1

NIST Special Publication Revision 1
IAEA International Atomic Energy Agency Reviewing Management System and the Interface with Nuclear Security (IRRS Modules 4 and 12) BASIC IRRS TRAINING.

IAEA International Atomic Energy Agency Reviewing Management System and the Interface with Nuclear Security (IRRS Modules 4 and 12) BASIC IRRS TRAINING.
BPK Strategic Planning: Briefing for Denpasar Regional Office Leadership Team Craig Anderson Ahmed Fajarprana August 11-12, 2005.

BPK Strategic Planning: Briefing for Denpasar Regional Office Leadership Team Craig Anderson Ahmed Fajarprana August 11-12, 2005.
United States Department of Agriculture Food Safety and Inspection Service 1 National Advisory Committee on Meat and Poultry Inspection August 8-9, 2007.

United States Department of Agriculture Food Safety and Inspection Service 1 National Advisory Committee on Meat and Poultry Inspection August 8-9, 2007.
Private & Confidential1 (SIA) 13 Enterprise Risk Management The Standard should be read in the conjunction with the Preface to the Standards on Internal.

Private & Confidential1 (SIA) 13 Enterprise Risk Management The Standard should be read in the conjunction with the "Preface to the Standards on Internal.

Similar presentations

Ads by Google