Government security reform progresses.
Called the Overprint to the NISPOMSUP (National Industrial Security Program Operating Manual Supplement), the new manual supersedes all service-specific SAP security policy manuals. It also includes more than two dozen administrative security formats, which were developed in partnership with industry to further support standardization and efficiency.
The various security formats represent standard reporting and request-for-action formats that are included for such activities as program access approvals, refresher security training, and security briefing/debriefing acknowledgments.
The new unified policy manual recognizes variations in security requirements for acknowledged, unacknowledged, and waived programs but establishes uniform guidelines for each category.
The unified manual has been approved for use at the highest levels of the military establishment. It was recently signed and approved for use by Linton Wells, Ph.D., Deputy Under Secretary of Defense (Policy Support). After a key endorsement was obtained from Major General Frank Moore, USAF, executive secretary of the Defense Department SAP Oversight Committee, John Hamre, Ph.D., Deputy Secretary of Defense, directed its use without alteration of its security provisions on all new and, where appropriate, existing Department of Defense SAP contracts.
The document is available electronically on the Extranet for Security Professionals or directly from government Program Security Officers to properly cleared individuals on an as-needed basis. The Extranet address is http://isp.hpc.org (the site can also be reached via Security Management Online).
This development builds on the prior efforts of numerous commissions and studies that have been underway for more than a decade. The most recent study was the Report of the Commission on Protecting and Reducing Government Secrecy (1997), the so-called Moynihan Commission.
A significant outgrowth of the Moynihan Commission was the establishment of the Special Access Program Security Standards Working Group (SAPSSWG).
The working group is headed by Richard (Dick) Williams, CPP, director of special programs, Office of Deputy Under Secretary of Defense (Policy), and John Elliff, Ph.D., director of the Controlled Access Program Coordination Office of the Director of Central Intelligence.
The group includes senior government security officials from the State and Justice departments, the military services, NSA, CIA, NRO, OPM, Energy, DIA, DoD, ISOO, FEMA, and the White House Military Office. Several senior industry security representatives serve as advisors.
The group started out in mid-1997 and organized itself into several subcommittees: personnel security, process improvement, physical security, automated information system security, and security education and training. It has reviewed the recommendations outlined in the Moynihan Commission's report with a view toward introducing a greater degree of standardization for Special Access Programs policies consistent with security and cost constraints.
It was the efforts of the SAPSSWG members, with support from a wide range of government security industry groups such as the Contract SAP/SAR (special access required) Working Group, the Industrial Security Working Group, and the ASIS Government Security Committee, that led to the new DoD Overprint to the NISPOMSUP.
An additional result of the SAPSSWG's efforts has been the design and creation of a Committee for Special Access Program Process Improvement. The committee, which is headed by Eugene Boesch of the Air Force and supported by representatives from other government agencies and several industry representatives, was established to give government personnel and industry security practitioners a forum for discussing issues and solving problems experienced with Special Access Programs. The committee may be contacted by calling 800/488-9010.
Over the next several months those who are involved with Special Access Programs will hear more about the Overprint as the Defense Department implements it. Several issues need further review, such as access adjudication reciprocity and automated information systems (AIS) security, for example.
The government continues to welcome private industry suggestions for improvement on the issues mentioned and other topics as the next century approaches. The following industry leaders may be contacted with comments:
* Joseph Reynolds, CPP Chairman, Contractor SAP/SAR Working Group (603/885-5514)
* Cynthia P. Conlon, CPP Chairperson Industrial Security Working Group (310/393-0411 ext. 7201)
* Shawn S. Daley Chairman ASIS Government Security Committee (781/981-7112)
By Shawn S. Daley, director of security for MIT Lincoln Laboratory, chairman of the ASIS Government Security Committee, and industry advisor to the Special Access Program Security Standards Working Group.
|Printer friendly Cite/link Email Feedback|
|Title Annotation:||manual published by US Defense Department on security policy for Special Access Programs|
|Author:||Reynolds, Joseph; Conlon, Cynthia P.; Daley, Shawn S.|
|Date:||Aug 1, 1998|
|Previous Article:||Commercial Espionage: 79 Ways Competitors Can Get Any Business Secrets.|
|Next Article:||Document destruction.|