Presentation is loading. Please wait.

Presentation is loading. Please wait.

December 2013 Michael Campbell ViaSat, Inc..  NISPOM Requirements  Interpretation ◦ Category Level ◦ Business Best Practices  Available Tools  Pre-Inspection.

Published byVernon Griffith Modified over 9 years ago

Similar presentations

Presentation on theme: "December 2013 Michael Campbell ViaSat, Inc..  NISPOM Requirements  Interpretation ◦ Category Level ◦ Business Best Practices  Available Tools  Pre-Inspection."— Presentation transcript:

1 December 2013 Michael Campbell ViaSat, Inc.

2  NISPOM Requirements  Interpretation ◦ Category Level ◦ Business Best Practices  Available Tools  Pre-Inspection  Self-Inspection  Post-Inspection  Communication  Preparation for formal assessment

3 RISK Asset Threat Vulnerability RISK Asset Threat Vulnera bility RISK Asset Threat Vulnera bility RISK Asset Threat Vulnera bility RISK Asset Threat Vulnera bility

4  NISPOM 1-206 (b) ◦ Contractors shall review their security system on a continuing basis and shall also conduct a formal self- inspection at intervals consistent with risk management principles.

5  What category is your facility? ◦ AA: Multi-Week assessment ◦ A: Large and complex facility with many programs, contracts, holdings, etc. ◦ B: First category requiring a team of Rep’s for the formal assessment ◦ C: Largest facility that allows 1 Rep assessments ◦ D: Smallest category with safeguarding ◦ E: Contracts and cleared personnel (no safegaurding)

6  Know your company  Know your product lines  Know your corporate structure  Know your PM’s  KNOW YOUR COMPANY

7  MS Project  SharePoint  Gantt Charts  SIMS  Self-Inspection Handbook for NISP Contractors

8 2011 Marking Vulnerability Trends 2010 Marking Vulnerability Trends

9  Programmatic?  Traditional?  Unannounced?  Assisted?  HAVE YOU HAD ANY “RED FLAGS”

10  Adopt the “verify and validate” mindset  Create your inspection binder  Review your SPP  Explain the process of vulnerability assessments following your employee interviews (this may be their first)  Ask open ended questions (ALWAYS)

11  When will you begin?  How long do you plan to take?  Who will you interview?  To whom and how will you communicate the results?  Do you plan on keeping metrics?

12  Stick to your plan  Use your tools how you planned  Record as much as possible (you’ll make sense of your notes later)  Interview

13  Create ◦ Create a report format  Analyze ◦ Review findings ◦ Compile metrics ◦ Record vulnerabilities  Prepare ◦ Complete your report ◦ Determine who will review it  Communicate ◦ Alert your Rep and FCIS of your results

14  Have you communicated with them?  Do they know your company?  Do they know your programs?  What can you do to assist them?

15

16  Review your facility binder ◦ Is it organized? ◦ Are all of your forms up to date? ◦ Does it have examples of the forms you use? ◦ Does it have your Sec Ed information? ◦ Do you have a copy of your self-inspection report in it?

17  Do you know your Rep and FCIS yet?  Do you know when your assessment is planned for?  Do you know what strategy will be utilized?  Do you know your facility’s Category?  Do your employees know when they’ll see suits in the building?

18 OLD NEW Security Rating Calculation Worksheet Rating Calculation (Complete areas in yellow) *Note:For rating calculation purposes, treat multiple occurrences under the same NISPOM reference as one vulnerability. Place or select "X" for each enhancement that applies to the program. Select CAT: Starting Score  700 NISP Enhancement 0 Other Red Flags Category 1: Security Education (Events) Yes/No? Category 2: Security Education (Products) Category 3: Security Education (Staff Training) Category 4: Security Education (Community Information Sharing) Category 5: Contractor Self Review Category 6: Class Material Control Category 7: CI Category 8: Information Systems Category 9: FOCI Category 10: International Category 11: Community Membership Category 12: (↑) Active Participation Category 13: Personnel Security Vulnerabilities (Non-A/C) by Reference* Other Acute/Critical by Reference* Other FINAL SCORE  Rating: 599 & Below=Unsatisfactory 600 - 649=Marginal 650 - 749=Satisfactory 750 - 799=Commendable 800 & Above=Superior Facility Data Information CAGE Code: Company: Assessment Date: Field Office: Team Assessment:

19  Know your vulnerabilities  Re-Review the red flags ◦ FOCI ◦ KMP ◦ Deliberate disregard of NISPOM or SPP ◦ Unmitigated loss or compromise ◦ Processing on an unaccredited information system  Enhancements must be EFFECTIVE

20  Entrance: ◦ Summarize your facility and the work that is accomplished ◦ Quickly review your self-inspection ◦ Provide your Rep with a copy of your briefing and NISP enhancements (their jobs are to trust, but verify) ◦ Keep it short and precise  Exit: ◦ Take notes ◦ Ask questions

21

22 Michael Campbell Security Manager Email: michael.campbell@viasat.com Phone: (760) 476-2123

Download ppt "December 2013 Michael Campbell ViaSat, Inc..  NISPOM Requirements  Interpretation ◦ Category Level ◦ Business Best Practices  Available Tools  Pre-Inspection."

Similar presentations

Ways to Improve the Hazard Management Process

Ways to Improve the Hazard Management Process
Museum Presentation Intermuseum Conservation Association.

Museum Presentation Intermuseum Conservation Association.
FEMA Approval of Local Hazard Mitigation Plans

FEMA Approval of Local Hazard Mitigation Plans
Effective Contract Management Planning

Effective Contract Management Planning
Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.

Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.
About K12 Systems, Inc. – Induction Summer 2014 K12 Systems recognized a need in school districts for a new way to manage electronic gradebooks. Web-based.

About K12 Systems, Inc. – Induction Summer 2014 K12 Systems recognized a need in school districts for a new way to manage electronic gradebooks. Web-based.
File Management Tips and Suggestions FISWG/NCMS Winter Training Event December 17 th, 2014 Dela Williams Facility Security Officer.

File Management Tips and Suggestions FISWG/NCMS Winter Training Event December 17 th, 2014 Dela Williams Facility Security Officer.
Defense Security Service Facility Clearance Branch (FCB)

Defense Security Service Facility Clearance Branch (FCB)
August 15, 2012 Fontana Unified School District Superintendent, Cali Olsen-Binks Associate Superintendent, Oscar Dueñas Director, Human Resources, Mark.

August 15, 2012 Fontana Unified School District Superintendent, Cali Olsen-Binks Associate Superintendent, Oscar Dueñas Director, Human Resources, Mark.
Periodic Department Review A System of Affirmation LaMont Rouse Executive Director of Assessment, Accreditation & Compliance.

Periodic Department Review A System of Affirmation LaMont Rouse Executive Director of Assessment, Accreditation & Compliance.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 © 2002 Carnegie.

Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
What Should You Do If OSHA Knocks Mark McDaniel, INSafe Consultant.

What Should You Do If OSHA Knocks Mark McDaniel, INSafe Consultant.
Responsible CarE® Employee health and Safety Code David Sandidge Director, Responsible Care American Chemistry Council June 2010.

Responsible CarE® Employee health and Safety Code David Sandidge Director, Responsible Care American Chemistry Council June 2010.
Florida Industrial Security Workgroup Self-Inspections What are Self-Inspections Why should Self-Inspections be conducted When should Self-Inspections.

Florida Industrial Security Workgroup Self-Inspections What are Self-Inspections Why should Self-Inspections be conducted When should Self-Inspections.
Practical Tips and Tools For Effectively Managing Worker’s Compensation Cases.

Practical Tips and Tools For Effectively Managing Worker’s Compensation Cases.
1 Creating a Joint Personnel Adjudication System (JPAS) Analysis Report Michael S. Campbell Industrial Security Specialist Defense Security Service San.

1 Creating a Joint Personnel Adjudication System (JPAS) Analysis Report Michael S. Campbell Industrial Security Specialist Defense Security Service San.
Employee Orientation and Training

Employee Orientation and Training
Chapter 13 Staffing System Administration McGraw-Hill/Irwin Copyright © 2009 by The McGraw-Hill Companies, Inc., All Rights Reserved.

Chapter 13 Staffing System Administration McGraw-Hill/Irwin Copyright © 2009 by The McGraw-Hill Companies, Inc., All Rights Reserved.
Incident Reporting Procedure

Incident Reporting Procedure
1 Module #6 – Business Retention & Expansion. 2 Why Existing Businesses are Important:  Recruitment has limitations  Over time, they create more new.

1 Module #6 – Business Retention & Expansion. 2 Why Existing Businesses are Important:  Recruitment has limitations  Over time, they create more new.

Similar presentations

Ads by Google