Has the company appointed a U.S. citizen employee, who is a senior official, as a key management personnel (KMP) who will serve as the Insider Threat Program Senior Official (ITPSO)?
1-202b, 1-202c, 2-104
Cleared Defense Contractors (CDC) should designate an employee to manage the Insider Threat Program (ITP). The contractor will designate an employee to establish and execute an insider threat program. The first step is to designate a “Senior Official” with the following qualifications:
1. U.S. citizen
2. Company Employee
3. Senior official within the company
4. Security Clearance at the same level as the facility clearance (FCL) to establish and execute an insider threat program
· If the FCL is TOP SECRET, then the ITPSO must also have a TOP SECRET clearance
5. Could be the FSO is not the designated official, the FSO is an integral member of the program
Some larger corporations may have separate legal entities. If the corporation desires one ITPSO to serve corporate wide, each cleared legal entity should each designate that person as their ITPSO.
Once the ITPSO is designated, the enterprise can begin to create an Insider Threat Program that will be endorsed by the ITPSO. The ITPSO should begin the next tasks to build the ITP team and develop the ITP and the required Insider Threat Training. These topics will be covered in future articles.
ITPSO is designated in writing and documentation is available for review
Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".