Thursday, June 21, 2012

Four Ways FSOs in Small Defense Contractors Can Improve Security Measures

The term Cleared Defense Contractor,might conjure images of large complexes, with a healthy security staff, plenty of closed areas, labs and conference rooms. However, there are many, many more contractors that are just a few employees with great ambition, drive and ideas. In some cases, smaller and less experienced defense contractors may not be as proficient in executing security responsibilities. Full time FSOs understand a little about the requirements of a DD Form 254 and how to protect ITAR controlled technical information. But, knowing how to interpret and apply the National Industrial Security Program Operating Manual (NISPOM) let alone the Federal Acquisitions Regulation it is something that takes time.

I travel to many defense contractors working on cutting edge research and development efforts. These defense contractors have been as large as thousands of employees and as small as three scientists in a converted school house. Think Apple in their garage years; state of the art development in primitive settings.
1.  Address Challenges
One contractor had just received a facility clearance and the FSO is the chief operating officer, another had just a few employees and also had a designated FSO. In spite of cutting edge research, neither could afford the luxury or overhead for a full time dedicated facility security officer. They relied on each other to learn the ropes.

However, they did understand how to protect their intellectual property. They also had to adapt to learn to protect classified information according to the DD Form 254, statement of work and National Industrial Security Program Operating Manual.

2.  Make Priorities
No different than with large defense contractors, priorities that drive small organizations are cost, performance and schedule. They want to turn a product over to their customers and want to make a profit. However the difference is the amount of effort they can afford to spent on protection

3.  Understand Risk Management/NISPOM Requirements
That’s why it’s critical for a leader to make decisions that spend resources on protecting absolutely what is necessary. These decisions should be made with a combination of a risk assessment model and NISPOM requirements. For example, the risk model may identify that there is a low crime rate. Classified information can be properly stored in a GSA approved security container locked in a central office. On the other hand, intellectual property may require stepped up security resources. The NISPOM instructs on minimum protection measures for classified, while the risk assessment identifies where the more aggressive security measures should exist.

4.  Delegate Responsibilities
The appointed FSO who also serves as a senior officer should consider delegating the administrative duties to someone more available. The security clearance requests, visit requests, classified storage and other NISPOM issues can be administered by junior employees while the “FSO” makes policy and final decisions regarding security programs.

Not all defense contractors are the same and classified contract requirements vary just as much. It’s up to the organization to implement security procedures that make sense and meet budget. Focusing efforts based on regulatory guidance AND risk management help do so in an effective and affordable way.

For more FSO, Risk Management and NISPOM Training tips, sign up for our newsletter and read DoD Security Clearances and Contracts Guidebook

Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . Jeff is an accomplished writer of non-fiction books, novels and periodicals. He also owns Red bike Publishing. Published books include: "Get Rich in a Niche-Insider's Guide to Self Publishing in a Specialized Industry" and "Commitment-A Novel". Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training" See Red Bike Publishing for print copies of: Army Leadership, The Ranger Handbook, The Army Physical Readiness Manual, Drill and Ceremonies, The ITAR,and The NISPOM

No comments: