NISPOM Chapter 1 Basics General Requirements Reporting Responsibilities Steven Rivera, FSO July 10, 2013.

Slides:

Advertisements

Similar presentations

Adverse Information Adverse Information:

Advertisements

Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.

Managing a “Data Spill” Corrie Velez Technical Security Orlando, Florida March 14, 2012.

File Management Tips and Suggestions FISWG/NCMS Winter Training Event December 17 th, 2014 Dela Williams Facility Security Officer.

Annual Security Refresher Briefing. General Information Edmonds Enterprises Services (EES) and Logistics Applications Inc. (LAI) as Defense Contractors.

Defense Security Service Facility Clearance Branch (FCB)

Defense Security Service. DSS Update DSS Changing With A Changing Security Environment.

A Combat Support Agency 11 Tim Sullivan Chief of Security Defense Information Systems Agency 7 May 2009 Security Clearances A Combat Support Agency Defense.

F ACILITY S ECURITY Presented by: Dela Williams. 2.

Section Nine: Reporting Requirements Note: All classified markings contained within this presentation are for training purposes only.

The Department of Defense Intelligence Oversight Program

10/27/20111 Initial Security Indoctrination DoD. 10/27/20112 The protection of Government assets, people and property, both classified and controlled.

Section Four: Employee and Visitor Access Controls Note: All classified markings contained within this presentation are for training purposes only.

EORC CHAPTER 5 PROCESSING& REPORTING COMPLAINTS. EORC Overview Define protected communication Explain methods to address inappropriate behavior Explain.

NISPOM CHAPTER 3 SECURITY TRAINING AND BRIEFINGS

11 Karen Atkins 12 September 2013 The Importance of New Hire Orientation - FISWG.

DHS SECURITY INCIDENT REPORTING AND RESPONSE SECURITY INCIDENT REPORTING AND RESPONSE DHS managers, employees, and other authorized information users.

Physical and Cyber Attacks1. 2 Inspirational Quote Country in which there are precipitous cliffs with torrents running between, deep natural hollows,

Session 3 – Information Security Policies

Section Eight: Communication Security (COMSEC) Note: All classified markings contained within this presentation are for.

Section Ten: Security Violations and Deviations Note: All classified markings contained within this presentation are for training purposes only.

2 nd Steering Committee Meeting October 2008, Athens and Aegina.

Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.

OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil March 20, 2015 UNCLASSIFIED Industrial Security.

Cleared Employee Reporting Requirements. Reporting Regulations  Defense Security Service (DSS)  The National Industrial Security Program Operating Manual(NISPOM)1-300.

9/15/20151 Initial Security Indoctrination. 9/15/20152 Agenda Physical Security Personnel Security Information Security Information Assurance Public Release.

SECURITY BRIEFING (ANNUAL REFRESHER)

Defense Security Service New Rating Process Current as of 10/19/2011.

ISP Preparation Series 3- Chapter 6. NISPOM Chapter 6- Visits and Meetings  General- anticipate discussion  Classified visits- minimum and.

PERFORMING ON CLASSIFIED CONTRACTS.

OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil August 12, 2014 UNCLASSIFIED NISPOM Update.

1 Personnel Security 2007 Data Protection Seminar TMA Privacy Office HEALTH AFFAIRS TRICARE Management Activity.

Section Eleven: Threat Awareness and Defensive Measures Note: All classified markings contained within this presentation are for training purposes only.

THREAT AWARENESS. 1 What is “Threat”? Adversary with intent and capability to act against friendly interests. Other countries Business competitors Criminals.

Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.

1 Investigating Fraud & Abuse Violations in Medical Research Janet Rehnquist, Esq. Venable LLP th Street, NW Washington, DC

CENTRA T ECHNOLOGY, I NC. 1 5 Steps To Protect Your Company Katherine D. Mills CENTRA Technology, Inc. Insider Threat:

DEFENSE SECURITY SERVICE DSS Role in International Security.

LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.

1 SECURITY BRIEFING FOR ACCESSING CLASSIFIED INFORMATION.

Peter Sakaris CISSP Booz Allen Hamilton, 1299 Farnam Street Suite 1230, Omaha, NE Office The Insider Threat.

1. Module Rev.F1 2  The Integrated Safety Management System (ISMS) is a systematic, common sense approach to working safely. The objective of.

Prepared by Dept. of Information Technology & Telecommunications, November 19, 2015 Application Security Business Risk and Data Protection Gregory Neuhaus.

Sample only Order at Security Awareness Training A threat awareness briefing. A defensive security briefing. An overview of the.

Unit 3: Identifying and Safeguarding Vital Records Unit Introduction and Overview Unit objective:  Describe the elements of an effective vital records.

Creating an Insider Threat Program.

SECURITY BRIEFING A threat awareness briefing A defensive security briefing An overview of the security classification system Employee reporting obligations.

IT Security Policy: Case Study March 2008 Copyright , All Rights Reserved.

C4ISR for the Military: Development and Implementation Presentation to the Security Network’s C4ISR, Robot Platforms, and Sensor Conference Greg Collins,

NISPOM Update for Dulles ISAC

Privacy Act United States Army (Managerial Training)

Managing a “Data Spill”

How To Conduct An Administrative Inquiry (AI) Due To A Security Violation

Information Protection The Personnel Security Program (PSP) & Supervisors’ Responsibilities Mr. Connolly.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

Information Security and Privacy in HRIS

FSO Resources, Tips, and Reporting Requirements – What you Need to Know HELEN MAC DONALD AMTIS, INC. AIT ENGINEERING AN OVERVIEW OF FSO RESOURCES, TOOLKITS,

Managing a Security Container

Cleared Employee Security Training

NISPOM Basics What You Need to Know!

CHAPTER 5 PROCESSING & REPORTING COMPLAINTS.

INSIDER THREAT AWARENESS

ANNUAL REFRESHER BRIEFING AUGUST 2016.

Derivative Classification Overview

Initial Security Indoctrination

“What is Adverse Information”?

AN OVERVIEW OF THE INDUSTRIAL SECURITY PROGRAM

Objectives Telecommunications and Network Physical and Personnel

Shame on you if you aren’t making required security reports

Presentation transcript:

NISPOM Chapter 1 Basics General Requirements Reporting Responsibilities Steven Rivera, FSO July 10, 2013

Energy | Environment | National Security | Health | Critical Infrastructure Need-to-Know Basics NISPOM Chapter 1 Facility Security Officer (FSO) (NISPOM 1-201) – Protection of classified information Standard Practice Procedures (NISPOM 1-202) – Highly recommended – Tailored to local requirements Standard template available FISWG site Security Training and Briefings (NISPOM 1-205) – Advising all cleared employees Chapter 3

Energy | Environment | National Security | Health | Critical Infrastructure Need-to-Know Basics NISPOM Chapter 1 Government Reviews (NISPOM 1-206a) – Every 12 to 24 months Contractor Reviews (NISPOM 1-206b) Self-inspections Defense Hotline (NISPOM 1-207) The Pentagon Washington, DC

Energy | Environment | National Security | Health | Critical Infrastructure Reporting Requirements Reporting events that have an impact (NISPOM 1-300) – Facility Clearance – Personnel Security Clearance – Safeguarding Lost or compromised classified information NOTE: Consideration will need to be taken based on report sensitivity or level Reports submitted to the FBI (NISPOM 1-301) – Actual, probable, or possible espionage, sabotage, terrorism, or subversive activities Reporting Requirements for Cyber Intrusions (ISL ) ISL cancelled »Activities, anomalies, or intrusions that are suspicious and may constitute a threat to the protection of classified information, information systems, or programs that are covered by the NISPOM »Hacking, phishing, malware

Energy | Environment | National Security | Health | Critical Infrastructure Reporting Requirements to the CSA (NISPOM 1-302) Adverse Information Suspicious Contacts Change in Cleared Employee Status Citizenship by Naturalization Employees desiring not to perform on Classified Work Change conditions affecting the Facility Clearance – e-FCL update required (mandatory) Change in Storage Capability Inability to Safeguard Classified Material Security Equipment Vulnerabilities Unauthorized Receipt of Classified Material Employee Information in Compromise Cases Disposition of Classified Material Terminated From Accountability Foreign Classified Contracts

Energy | Environment | National Security | Health | Critical Infrastructure Adverse Information ISL Adverse Information - “Any information that adversely reflects on the integrity or character of a cleared employee, that suggests that his or her ability to safeguard classified information may be impaired, or that his or her access to classified information clearly may not be in the interest of national security.” Examples of adverse information: Security violation culpability Use of illegal drugs/Excessive use of alcohol Financial difficulties (excessive/recurring) Serious mental or emotional problems Criminal behavior Overt loyalty to other countries other than the U.S.

Energy | Environment | National Security | Health | Critical Infrastructure Reporting Requirements Reports of Loss, Compromise, or Suspected Compromise (NISPOM 1-303) – Preliminary Administrative Inquiry Who? What? Where? When? Why? How? – Initial Report TS (within 24 hours) S (within 72 hours) – Final Report Submitted to DSS within 15 days Individual Culpability Reports (NISPOM 1-304) – Coordinate with DSS The violation involved a deliberate disregard of security requirements The violation involved gross negligence in the handling of classified material The violation involved was not deliberate in nature but involves a pattern of negligence or carelessness Reference Information Posted – FISWG March 2012 & December 2012

Energy | Environment | National Security | Health | Critical Infrastructure © 2008 Science Applications International Corporation. All rights reserved. SAIC and the SAIC logo are registered trademarks of Science Applications International Corporation in the U.S. and/or other countries. 8 Summary Questions?