Presentation is loading. Please wait.

Presentation is loading. Please wait.

Defense Security Service New Rating Process Current as of 10/19/2011.

Published byAgnes Owens Modified over 8 years ago

Similar presentations

Presentation on theme: "Defense Security Service New Rating Process Current as of 10/19/2011."— Presentation transcript:

1 Defense Security Service New Rating Process Current as of 10/19/2011

2 2  DSS recognized the importance of a standardized, objective approach to issuing security ratings as part of its security oversight role.  DSS is committed to your success and to the success of the National Industrial Security Program (NISP).  The new security rating process utilizes a calculation worksheet.  The worksheet is a DSS tool, designed to standardize and improve consistency.  Numerically based, quantifiable, and accounts for all aspects of a facility’s involvement in the NISP. New Security Rating Process

3 3  Uses a numerical based rating system  All facilities start with the same score (700)  Points are added for identified National Industrial Security Program (NISP) Enhancements by Category  Points are subtracted for findings by NISPOM reference  Serious and Administrative findings weighed separately  Points subtracted by NISPOM reference, not by number of occurrences  Accounts for size and complexity of a facility

4 4 New Security Rating Process  Each ratings matrix comes with a “scoring key” that is based on the facility category

5 5 New Security Rating Process  Serious finding is defined as non-compliance with a NISPOM requirement that may place or has placed classified information at risk to loss or compromise. Once a finding is determined to be serious, it is further categorized as either “Isolated”, “Systemic”, or “Repeat”.  Administrative finding is defined as non-compliance with a NISPOM requirement that does not place classified information at risk to loss or compromise.

6 6  A NISP enhancement directly relates to and enhances the protection of classified information beyond baseline NISPOM standards.  NISP enhancements will be validated during the inspection as having an effective impact on the overall security program which is usually accomplished through employee interviews and review of process/procedures.  We have established 13 NISP enhancement Categories, based on practical areas, to simplify and ensure field consistency.  Full credit for a NISP Enhancement (15 or 12 points depending on facility complexity) will be given if a facility completes any action/item in a given category. The facility will only receive a total of 15/12 points per category, regardless of how many NISP enhancements they have in a given category. New Security Rating Process

7 7  Category 1 Security Education (Events)  Category 2 Security Education (Products)  Category 3 Security Education (Staff Training)  Category 4 Security Education (Product Sharing)  Category 5 Self Inspection  Category 6 Physical Security/Controls  Category 7 CI Integration/Cyber Security  Category 8 Information Systems  Category 9 FOCI  Category 10 International  Category 11 Security Organization Membership  Category 12 Active Organization Participation  Category 13 Personnel Security NISP Enhancements

8 8 New Security Rating Process  DSS considers some factors as “red flag areas” and the rating calculation score may not be applicable.  EXAMPLES include:  Unmitigated or unreported FOCI  Uncleared persons in KMP positions requiring clearance  Intentional disregard of NISPOM regulations  Serious systemic findings w/potential loss/compromise  Any additional items which may result in invalidation of the FCL  Matrix score leading to marginal or unsatisfactory

9 9 Example- How It Works  Rating Matrix Company, Inc. Category C – Mid-Size Possessing Company Previous Rating: Commendable Recent Rating: Superior Findings: 2 Administrative NISP Enhancements: 9 Rating Calculation Score: 804

10 10 Security Rating Matrix Company, Inc

11 11 Rating Company, Inc Administrative Finding: Document Marking Deficiency (Corrected on the Spot) 2 Points Deducted Administrative Finding: An original SF312 was not forwarded to DISCO for retention 2 Points Deducted

12 12 Rating Company, Inc Category 2: Security Education (Products) Facility provides monthly security updates/reminders to employees through the monthly corporate newsletter. 12 Points Added

13 13 Rating Company, Inc Category 3: Security Education (Staff Training) FSO has CPP certification. Security staff training exceeds NISPOM requirements as all security personnel have completed all training requirements for FSO Program Management through the STEPP website and continuously complete additional educational courses. 12 Points Added

14 14 Rating Company, Inc Category 4: Security Education (Product/Information Sharing) The FSO has developed a Protégé/Mentorship relationship with all subcontractors they sponsor into the NISP by reaching out to the newly sponsored facility and providing whatever advice and assistance they require. The FSO often visits with the new facility to provide training and experience to the new FSO. Additionally, the company participated in beta testing a future DSS/CDSE course. 12 Points Added

15 15 Rating Company, Inc Category 5: Self Inspection The facility conducts and records two self-inspections annually. One is completed by the FSO and security staff. The other is conducted as a peer to peer review with the FSO or other security staff member from another location conducting the review. 12 Points Added

16 16 Rating Company, Inc Category 6: Classified Material Controls The FSO and AFSO conduct semi-annual, 100% inventory of all classified holdings and maintains records of the inventories. Their information management system indefinitely reflects history of location and disposition for material in facility at all levels of classified (100% accountability). 12 Points Added

17 17 Rating Company, Inc Category 7: CI Integration All employees going on foreign travel for business are required to be briefed by the Security prior to departure and are debriefed upon return. 12 Points Added

18 18 Rating Company, Inc Category 11: Security Organization Membership The FSO and AFSO are both members of NCMS and a local ISAC. 12 Points Added

19 19 Rating Company, Inc Category 12: Active Security Organization Participation The FSO takes a positive leadership role in the local ISAC and was elected to be the corporate Co-Chairperson. 12 Points Added

20 20 Rating Company, Inc Category 13: Personnel Security The facility manages a corporate wide call center established to support questions and issues related to JPAS and EQIP from other branch/division offices throughout the country. 12 Points Added

21 21 Rating Company, Inc FINAL Score 804 = Superior

22 22 Rating Company, Inc

23 23 Questions?

Download ppt "Defense Security Service New Rating Process Current as of 10/19/2011."

Similar presentations

Ways to Improve the Hazard Management Process

Ways to Improve the Hazard Management Process
. . . a step-by-step guide to world-class internal auditing

. . . a step-by-step guide to world-class internal auditing
Short Service Worker Program

Short Service Worker Program
Radiopharmaceutical Production

Radiopharmaceutical Production
Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.

Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.
File Management Tips and Suggestions FISWG/NCMS Winter Training Event December 17 th, 2014 Dela Williams Facility Security Officer.

File Management Tips and Suggestions FISWG/NCMS Winter Training Event December 17 th, 2014 Dela Williams Facility Security Officer.
September 2013 DSS Security Rating Matrix Update.

September 2013 DSS Security Rating Matrix Update.
SELF INSPECTIONS, Part 2 Okay, so now what do I do?

SELF INSPECTIONS, Part 2 Okay, so now what do I do?
Defense Security Service Facility Clearance Branch (FCB)

Defense Security Service Facility Clearance Branch (FCB)
Defense Security Service. DSS Update DSS Changing With A Changing Security Environment.

Defense Security Service. DSS Update DSS Changing With A Changing Security Environment.
Presentation for the Management Study of the Code Enforcement Process City of Little Rock, Arkansas August 3, 2006.

Presentation for the Management Study of the Code Enforcement Process City of Little Rock, Arkansas August 3, 2006.
Responsible CarE® Process Safety Code David Sandidge Director, Responsible Care American Chemistry Council June 2010.

Responsible CarE® Process Safety Code David Sandidge Director, Responsible Care American Chemistry Council June 2010.
WSQA PEPD Mentor Training Session 1: Mentoring role and responsibilities.

WSQA PEPD Mentor Training Session 1: Mentoring role and responsibilities.
How a Large Company Used the Principles to Establish its Corporate Information Governance Robin Woolen, MBA, IGP President / Principal.

How a Large Company Used the Principles to Establish its Corporate Information Governance Robin Woolen, MBA, IGP President / Principal.
The Department of Defense Intelligence Oversight Program

The Department of Defense Intelligence Oversight Program
UNCLASSIFIED Foreign Ownership, Control, or Influence (FOCI) August 2009.

UNCLASSIFIED Foreign Ownership, Control, or Influence (FOCI) August 2009.
NISPOM CHAPTER 3 SECURITY TRAINING AND BRIEFINGS

NISPOM CHAPTER 3 SECURITY TRAINING AND BRIEFINGS
Justin Walsh FOCI Program Manager Industrial Security Field Operations.

Justin Walsh FOCI Program Manager Industrial Security Field Operations.
Environmental Management Systems An Overview With Practical Applications.

Environmental Management Systems An Overview With Practical Applications.
ODAA Update Agenda ODAA Business Management System (OBMS) Deployment

ODAA Update Agenda ODAA Business Management System (OBMS) Deployment

Similar presentations

Ads by Google