Presentation is loading. Please wait.

Presentation is loading. Please wait.

Florida Industrial Security Workgroup Self-Inspections What are Self-Inspections Why should Self-Inspections be conducted When should Self-Inspections.

Published byMyrtle McDowell Modified over 9 years ago

Similar presentations

Presentation on theme: "Florida Industrial Security Workgroup Self-Inspections What are Self-Inspections Why should Self-Inspections be conducted When should Self-Inspections."— Presentation transcript:

1 Florida Industrial Security Workgroup Self-Inspections What are Self-Inspections Why should Self-Inspections be conducted When should Self-Inspections be conducted What does the NISPOM say about Self-Inspections What are some tips for conducting Self-Inspections What are some Common Issues What qualifies as an enhancement for Self- Inspections

2 What Are Self-Inspections?

3  Self-inspections are security reviews of your program.  Self-inspections should be tailored to your program. The Self-Inspection handbook was designed to be used as a job aid and to help in complying with this requirement. The handbook was also developed to help assist in developing a viable self-inspection program tailored to the classified needs of your company.

4 Why Should Self-Inspections Be Conducted?

5  To be in compliance with NISPOM requirements  To assess your company’s security program  Improve the overall quality of your program  Help identify any issues/vulnerabilities you may not otherwise be aware of  To prepare for Audits  Opportunity to talk to employees one on one if possible

6 When Should Self-Inspections be Conducted?

7  Generally a formal self-inspections should be conducted mid way between security reviews/Audits  There is no rule on how often self-inspections should be conducted, however this should be a continuous process  Self-Inspections can be conducted as often as FSO feels necessary

8 What Does the NISPOM Say About Self- Inspections? NATIONAL INDUSTRIAL SECURITY PROGRAM OPERATING MANUAL February 2006 Incorporating Change 1 March 28, 2013 DoD 5220.22-M

9  1-206b: Contractors shall review their security system on a continuing basis and shall also conduct a formal self-inspection at intervals consistent with risk management principles  Risk management principles – The process should create value It should be an integral part of the organizational process It should factor into the overall decision making process It must explicitly address uncertainty It should be systematic and structured It should be based on the best available information It should be tailored to the project It must take into account human factors It should be transparent and all-inclusive It should be dynamic and adaptable to change It should be continuously monitored and improved upon as the project moves forward

10 What are Some Tips for Conducting Self- Inspections?

11  Make Notes on Inspection checklist  Interview cleared and uncleared employees  Be sure to include your AFSO and ISSO  Ensure to verify all documentation  Having all materials centrally located helps during Audit time  Conduct self-inspections as necessary, at a minimum two per year.  Get employees involved  Be sure to address any vulnerabilities that were found  Share your review with your DSS Rep, if there were any issues found work with your rep to find solutions before the audit

12 What are the Most Common Issues?

13  Company claims to have conducted multiple self-inspections but vulnerabilities are still found during Audit  ISSM has failed to conduct a comprehensive self-inspection of the accredited information systems  Local employees receive great security training but off-site employees rarely receive guidance  When interviewed for Audit it is clearly evident that employees are not provided with adequate training and education  Company does not keep DSS apprised of reportable information (i.e. company name change, KMP changes)  Not following updated NISP requirements

14 What Qualifies As An Enhancement? Yeah we got an enhancement!!

15 Category 5: Self Inspection - Effective documented self inspections designed to provide an on-going, continuous evaluation of the security program and promptly sharing the self inspection results with DSS, which encourages open dialogue of identified issues and possible resolutions prior to the DSS scheduled inspection.  Provide DSS with a detailed report of their self-inspections to include identifying threats or vulnerabilities  Collaborate with DSS to correct any issues prior to annual assessment  Proof of on-going and continuous evaluation of security program through multiple self-reviews  Self-review conducted by a cleared contractor outside of the corporate structure, i.e. prime contractor assisting a sub or a consultant with an applicable need-to-know (DD 254)  Establish an internal corporate review program conducted by another facility within the organization/corporate structure in addition to the required self-review

16 QUESTIONS????

Download ppt "Florida Industrial Security Workgroup Self-Inspections What are Self-Inspections Why should Self-Inspections be conducted When should Self-Inspections."

Similar presentations

1 Welcome Safety Regulatory Function Handbook April 2006.

1 Welcome Safety Regulatory Function Handbook April 2006.
Managing the Health and Safety of Contractors

Managing the Health and Safety of Contractors
Role of Senior Management

Role of Senior Management
Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.

Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.
RMS – a collaborative approach Presentation Lyn Dare & Stephen Larmour Authorisation & Audit Comcare.

RMS – a collaborative approach Presentation Lyn Dare & Stephen Larmour Authorisation & Audit Comcare.
Intentional Adulteration Phase 2 Workgroup 1.

Intentional Adulteration Phase 2 Workgroup 1.
Contractor Safety Management

Contractor Safety Management
DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.

DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.
Environmental Management Systems An Overview With Practical Applications.

Environmental Management Systems An Overview With Practical Applications.
EMS Auditing Definitions

EMS Auditing Definitions
Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.

Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.
1.2.1 > ISPS Module ISPS Code Responsibilities

1.2.1 > ISPS Module ISPS Code Responsibilities
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
TRAINING AND DRILLS. Training and Drills Ensure A comprehensive, coordinated, and documented program as an integral part of the emergency management program.

TRAINING AND DRILLS. Training and Drills Ensure A comprehensive, coordinated, and documented program as an integral part of the emergency management program.
Purpose of the Standards

Purpose of the Standards
Supplier Ethics: Program Checklist

Supplier Ethics: Program Checklist
FPSC Safety, LLC ISO 14001 4.5.4 AUDIT.

FPSC Safety, LLC ISO AUDIT.
1 IT Security Awareness, Training and Education Trends Dan Costello Policy Analyst OMB.

1 IT Security Awareness, Training and Education Trends Dan Costello Policy Analyst OMB.
Building a Compliance Risk Monitoring Program HCCA Compliance Institute New OrleansApril 19, 2005 Lois Dehls Cornell, Esq. Assistant Vice President, Deputy.

Building a Compliance Risk Monitoring Program HCCA Compliance Institute New OrleansApril 19, 2005 Lois Dehls Cornell, Esq. Assistant Vice President, Deputy.
ISO 9001 Auditor Training Rita D’Angelo AFDO San Diego, March, 2015

ISO 9001 Auditor Training Rita D’Angelo AFDO San Diego, March, 2015

Similar presentations

Ads by Google