Saturday, January 22, 2011

Security Clearances and the FSO

The Facility Security Officer
You might be asking, why all the emphasis an FSO? Isn’t this book about security clearances? Yes it is. It’s all about security clearances and FSOs are a large part of the process. For those of you who own your own business and are trying to get or are in the process of obtaining an FCL and PCL, or are currently performing on classified contracts, your appointment of someone to perform as or your assumption of FSO duties should not be taken lightly. If you are an employee who needs a clearance, the FSO is on your team to initiate the clearance, answer questions about your clearance and is an integral part in the continuous evaluation process. The FSO is going to make or break your security clearance capability. Security clearances and FSOs go hand in hand; one does not go without the other.
Executive Order 12829 National Industrial Security Program
The US Government awards contracts, grants and licenses to defense contractors in the course of providing a product or service. The contracts, grants and licenses may be classified in nature. The NISP is designed to protect classified government information that is released to cleared contractors. The result is a partnership between the government and the cleared contractor and an agreement to protect the classified information at the level the government has determined it to be.
The NISP’s purpose is to safeguard classified information that has been or may be released to “…current, prospective, or former contractors, licensees, or grantees of United States agencies”. It provides guidance for safeguarding classified information, required security education topics and training programs.
The National Industrial Security Program Operating Manual and the Cleared Contractor
Every cleared contractor should have the National Industrial Security Program Operating Manual (NISPOM) readily available either in print or on their computer. Program managers, engineers, security all cleared employees should also possess the NIPOM as it is the guide providing rules, guidelines and procedures for preventing unauthorized disclosure of classified material. The NISPOM applies to authorized users of classified information and equips those working on classified contracts with critical instruction on how to implement the NISP within their organizations. It is up to the cleared contractor and DSS to work together in providing accurate interpretation of the NISPOM to the specific classified contract requirements. It is this interpretation that DSS will use while conducting annual security reviews.
The Secretary of Defense and the other identified agencies apply the concept of risk management while implementing the NISPOM. There are three factors necessary in determining risk. The first is the damage to national security that could be reasonably expected to result from unauthorized disclosure of classified material. The second factor is the existing or anticipated threat to disclosure of information. The third factor is the short and long term costs of the requirements, restrictions, and other safeguards. The second and third factors aren’t spelled out in the NISPOM, but are recognized as legitimate concerns that the FSO and DSS should be prepared to address.

No comments: