Thursday, December 22, 2016

Determining Receiving Facility Security Clearance Level

Get your printed NISPOM at
This article continues the series covering the Self-Inspection Handbook For NISP Contractors and guidance found in the National Industrial Security Program Operating Manual (NISPOM) Incorporating Change 2.  

Those who possess classified information should determine security clearance and need to know before disclosing it. This is requirement for both cleared persons and cleared facilities. Where classified information is shipped from one CAGE code or facility to another, the shipper is responsible for ensuring the carrier and the receiving entity hare cleared appropriately and that the receiver is cleared and with the need to know to possess the classified information.

NISPOM 2-100
Is the facility clearance and safeguarding capability of the receiving facility determined prior to transmission of classified information?
2-100. … Contractors are eligible for custody (possession) of classified material if they have an FCL and storage capability approved by the CSA.
…b. FCLs will be registered centrally by the U.S. Government.

The cleared contractor possessing classified information is responsible for validating the appropriate personnel clearance level (PCL) and need to know before releasing classified information to that person. The same rational for shipping classified information from one cleared defense contractor (CDC) to another. The shipper should determine the proper clearance and need to know of the intended receiver. In other words validate facility clearance (FCL) level prior to shipping classified information.

This is performed through the Industrial Security Facilities Database (ISFD). According to the ISFD website, the ISFD provides users with a nationwide perspective on National Industrial Security Program related facilities, as well as facilities under DSS oversight in the DoD conventional AA&E program.

FSOs should have access to ISFD and other Defense Security Services databases in order to provide their employer with adequate security services.  See for more information.

Once registered an FSO or designated employee can access FCL information including clearance level, classified mailing addresses, and points of contact. Prior to sending classified information the sender can log in to ISFD, access the address, POC, and contact information, and coordinate the delivery and any inspection and receipting actions.

1. Demonstrate ability to log on to ISFD
2. Demonstrate proficiency with determining a CDC’s FCL

3. Demonstrate proficiency with finding a CDC’s address and POC information. 

 Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".

No comments: