Friday, October 26, 2012

SETA and Annual Security Refresher Training

In the National Industrial Security Program Operating Manual (NISPOM) world, cleared contractors know to perform training to better equip cleared employees to protect classified information. This training comes under many different names and programs; annual security awareness training, annual refresher training, initial security training and required security briefings among others.  Some of the phrases are interchangeable. For example, where the NISPOM requires annual security refresher training, FSOs may conduct “annual refresher training” or similarly worded training events.

The point is, regardless of the event title, cleared contractors should conduct training to standards listed in NISPOM Chapter 3 and defend the training with proper documentation. The training execution is left to the contractor as long as the required elements are in place. As a refresher, these elements are:
1.       Reinforce topics provided during the initial security briefing
a.     A threat awareness briefing.
b.    A defensive security briefing.
c.     An overview of the security classification system.
d.     Employee reporting obligations and requirements.
e.     Security procedures and duties applicable to the employee's job.

2.    Keep cleared employees informed of appropriate changes in security regulations.

Here is another effective and easy to implement training tool.
Employed effectively outside of NISPOM circles, Security Education Training and Awareness (SETA) is training format used primarily in IT and non DoD formats. This is a simple and easy to implement training format that can be applied to NISPOM training.
Concerning the role of providing training, the facilitator should ask the question? “What skills do I have to offer?”  In other words, how does the trainer put together a training program to educate engineers, human resources, program managers and other cleared employees? How do they marry up the need to provide skills, develop processes and put Administrative, Technical, and Functional controls in place to implement a good security program?
Think SETA and employ it enterprise wide:
1.      Security-The program developed and implemented to protect classified information
2.    Education- Determine what information the enterprise requires to support the security program
3.    Training – Apply that education. Determine what matters to make enterprise successful at protecting the classified information
4.    Awareness- What regulations and policies (national and company levels) does the enterprise need to know?
The end state is to incorporate all of this into the NISPOM required training. The training should include all elements identified in the NISPOM and applied to all the business unit needs. One size doesn’t fit all where training is concerned. The NISPOM requirements are a guide and allow the flexibility of tailoring the training to meet individual and enterprise needs. Employing SETA principles can lead to a more productive training session.

See more about training requirements in our books Insider's Guide to Security Clearances and DoD Security Clearances and Contracts Guidebook.

Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . Jeff is an accomplished writer of non-fiction books, novels and periodicals. He also owns Red bike Publishing. Published books include: "Get Rich in a Niche-Insider's Guide to Self Publishing in a Specialized Industry" and "Commitment-A Novel". Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training" See Red Bike Publishing for print copies of: Army Leadership, The Ranger Handbook, The Army Physical Readiness Manual, Drill and Ceremonies, The ITAR,and The NISPOM

No comments: