Wednesday, April 17, 2013

What FSOs can find in the new NISPOM Change 1

NISPOM With Change 1 Available at

Well, it’s here, just this side of six years after the release; Change 1 to the National Industrial Security Program Operating Manual. Over the recent three years there have been draft versions of NISPOM submitted, reviewed and resubmitted, but for the most part the NISPOM has remained unchanged. A testimony to an efficient product or policy? Could be. Too many higher level executive order and policy changes? Maybe.

Though there has not been a major re-write or even revision, Change 1 does incorporate some important considerations, to include both domestic and international concerns. As programs and research efforts expand globally, Facility security officers (FSO) should know how to protect it in house and train cleared employees to do the same; this includes new markings and storage requirements.

The major revision is in NISPOM Chapter 4, Classification Markings, Paragraph 1, Derivative Classification. Primarily, changes clarify the definition of derivative classification, the process of derivative classification and the training required.

The definition of derivative information is now more concise:

Contractor personnel make derivative classification decisions when they incorporate, paraphrase, restate, or generate in new form, information that is already classified; then mark the newly developed material consistently with the classification markings that apply to the source information.

And later clarified in Paragraph 4-102b:

Derivative classification includes the classification of information based on guidance, which may be either a source document or classification guide. The duplication or reproduction of existing classified information is not derivative classification.

But to better understand derivative classification, let’s compare it with original classification; at least for a baseline definition. Original classification occurs when information meets classification criteria as described in Executive Order 13526, “Classified National Security Information”. Classification is usually considered as events, programs or missions develop. The product of original classification is a security classification guide, classification markings and the DD Form 254.

Derivative classified information occurs when information is used that has already been determined classified and is provided in a new product such as report, item, or event. Information is already known to be classified. In this case a security classification guide or previously classified information is used to identify the existing classification level. The product of derivative classification are properly marked classified products.

A very simplistic way for contractors to apply this is to remember that contractors carry over classification markings on existing classified information. It’s the federal government’s responsibility to assign original classification. That means appointing an original classification authority to determine classification levels where none have previously existed.

Another timely clarification is that duplicating classified information by any means is not derivative classification. It’s just copying and creating another of the same. A new product or application using existing classification fits the description.

  • Writing a document using classified information from other classified sources; derivative.
  • Using classified specs identified in an SCG to create a product; derivative
  • A person in a designated government position determining classification levels based on criteria in EO 13526; original
  • Making copies of a classified document; copying

This clarification in NISPOM is necessary and just what FSOs need to complete their education and perform better under the NISP. Understanding roles and limitations leads to more informed cleared employees and a security program to provide excellent protection to classified information.

The new NISPOM with Change 1, March 28, 2013 is available at Red Bike Publishing. See it here. For more information on training cleared employees and working classified contracts see DoD Security Clearance and Contracts Guidebook.

Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . Jeff is an accomplished writer of non-fiction books, novels and periodicals. He also owns Red bike Publishing. Published books include: "Get Rich in a Niche-Insider's Guide to Self Publishing in a Specialized Industry" and "Commitment-A Novel". Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training" See Red Bike Publishing for print copies of: Army Leadership, The Ranger Handbook, The Army Physical Readiness Manual, Drill and Ceremonies, The ITAR,and The NISPOM

No comments: