General Requirements
Reporting Responsibilities
Steven Rivera, FSO
July 10, 2013

• Facility Security Officer (FSO)
(NISPOM 1-201)
– Protection of classified information
(NISPOM 1-202)
– Highly recommended
– Tailored to local requirements
• Standard template available FISWG site
• Security Training and Briefings
(NISPOM 1-205)
– Advising all cleared employees
• Chapter 3
Energy | Environment | National Security | Health | Critical Infrastructure

• Government Reviews (NISPOM 1-206a)
– Every 12 to 24 months
• Contractor Reviews (NISPOM 1-206b)
• Self-inspections
• Defense Hotline (NISPOM 1-207)
The Pentagon
Washington, DC 20301-1900
Energy | Environment | National Security | Health | Critical Infrastructure

• Reporting events that have an impact (NISPOM 1-300)
– Facility Clearance
–
–
Personnel Security Clearance
Safeguarding
• Lost or compromised classified information
• NOTE: Consideration will need to be taken based on report sensitivity or level
• Reports submitted to the FBI (NISPOM 1-301)
– Actual, probable, or possible espionage, sabotage, terrorism, or subversive activities
• Reporting Requirements for Cyber Intrusions (ISL 2013-05) ISL 2010-02 cancelled
»
Activities, anomalies, or intrusions that are suspicious and may constitute a threat to the protection of classified information, information systems, or programs that are covered by the NISPOM
» Hacking, phishing, malware
Energy | Environment | National Security | Health | Critical Infrastructure

• Adverse Information
• Suspicious Contacts
• Change in Cleared Employee
Status
• Citizenship by Naturalization
• Employees desiring not to perform on Classified Work
• Change conditions affecting the Facility Clearance
– e-FCL update required
(mandatory)
• Change in Storage Capability
• Inability to Safeguard Classified
Material
• Security Equipment
Vulnerabilities
• Unauthorized Receipt of
Classified Material
• Employee Information in
Compromise Cases
• Disposition of Classified Material
Terminated From Accountability
• Foreign Classified Contracts
Energy | Environment | National Security | Health | Critical Infrastructure

ISL 2011-04
Adverse Information “Any information that adversely reflects on the integrity or character of a cleared employee, that suggests that his or her ability to safeguard classified information may be impaired, or that his or her access to classified information clearly may not be in the interest of national security.”
• Examples of adverse information:
• Security violation culpability
•
•
•
•
•
Use of illegal drugs/Excessive use of alcohol
Financial difficulties (excessive/recurring)
Serious mental or emotional problems
Criminal behavior
Overt loyalty to other countries other than the U.S.
Energy | Environment | National Security | Health | Critical Infrastructure

• Reports of Loss, Compromise, or Suspected Compromise (NISPOM 1-303)
– Preliminary Administrative Inquiry
• Who? What? Where? When? Why? How?
– Initial Report
• TS (within 24 hours)
• S (within 72 hours)
– Final Report
• Submitted to DSS within 15 days
• Individual Culpability Reports (NISPOM 1-304)
– Coordinate with DSS
• The violation involved a deliberate disregard of security requirements
• The violation involved gross negligence in the handling of classified material
• The violation involved was not deliberate in nature but involves a pattern of negligence or carelessness
• Reference Information Posted
– FISWG March 2012 & December 2012
Energy | Environment | National Security | Health | Critical Infrastructure

8
Energy | Environment | National Security | Health | Critical Infrastructure
© 2008 Science Applications International Corporation. All rights reserved. SAIC and the SAIC logo are registered trademarks of Science Applications International Corporation in the U.S. and/or other countries.