Tuesday, November 1, 2011

FSO Security Staff Training

Category 3 of the NISP Enhancement continues with Security Education.
This category addresses internal security staff professionalization. Specifically, it measures whether or not security staff training exceeds NISPOM training and DSS FSO certification requirements to include obtaining on-going professional certifications and incorporating the knowledge through the organic security program. There are currently several certifications and training available to the security professional, including some recommendations by DSS:
  • Industrial Security Professional (ISP) FSOs could set the ISP Certification as a goal and encourage staff employees to achieve. When employees study for the ISP Certification, they learn: how to read and apply the NISPOM, the importance of forming professional relationships with cleared employees, how the cleared contractor and the DSS representatives interact, and much more. DSS also understands the importance of individuals who achieve the ISP Certification as well as the organizations that hire them. The FSO can display the certificate and refer to it during the annual inspection as continued ISP and FSO training
  • Certified Protection Professional (CPP)-The CPP certification is for those who have a broad range of security experience to meet complex security issues.  Holders of the CPP certification understand the threats that face the workplace, employees, product and the public. This has a significant application in the defense industry as industrial security professionals, security specialists and FSOs demonstrate their knowledge of physical security, personnel security, business management, security principles, information security, emergency procedures, investigations and legal aspects.
  •  SPeD Certification-This is Security Professional educational Development. DSS has developed this program as a means of training government security professionals. This test begins at the fundamental level and includes information, general, physical and other security disciplines. Additional certifications are available that address more advanced and specific security areas..  More information can be found @ http://www.dss.mil/seta/sped/sped_what.html
  • Computer Information Systems Security Professional (CISSP)-The Certified Information Systems Security Professional (CISSP) is sponsored by International Information Systems Security Certification Consortium or ISC2. For those working as an Information System Security Manager, Information System Security Officer, Chief Information Officer or other mid to senior level management positions in information security should consider the CISSP. The CISSP measures competency and experience in 10 key areas: Access Control, Application Security, Business Continuity and Disaster Recovery Planning, Cryptography, Information Security and Risk Management, Legal, Regulations, Compliance and Investigations, Operations Security, Physical (Environmental) Security, Security Architecture and Design and Telecommunications and Network Security.
  • The OPSEC Certification Program (OCP)-The OCP is for those who are actively engaged in identifying vulnerabilities of sensitive government activities and denying an adversary’s ability to collect information on the activities. In addition to the five years of experience, the candidate for the OCP  should have a four year degree and at least 48 hours of formal OPSEC training. The applicant submits a 10 page paper on the topic of OPSEC using one or more of the five OPSEC processes (identification of critical information; analysis of threats; analysis of vulnerabilities; assessment of risks; and the application of appropriate countermeasures). 

See pages 304 to 306 of DoD Security Clearance and Contracts Guidebook for more detailed information.

Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . Jeff is an accomplished writer of non-fiction books, novels and periodicals. He also owns Red bike Publishing. Published books include: "Get Rich in a Niche-Insider's Guide to Self Publishing in a Specialized Industry" and "Commitment-A Novel". Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training" See Red Bike Publishing for print copies of: Army Leadership, The Ranger Handbook, The Army Physical Readiness Manual, Drill and Ceremonies, The ITAR,and The NISPOM

No comments: