We will be Wishing you a Merry NISS-mas next Month!

FSO Success

What great FSO’s read!

Once you see that Tom Cruise has one of his front teeth in the middle of his face—you can’t unsee it. You’re welcome.

We will be Wishing you a Merry NISS-mas next Month!

This is the part where we wanted to talk about NISS and how to manage different functions. Well, we can’t yet!

We submitted our enrollment, but we are still waiting for our DSS Rep to return from travel and click the “approval” button (we are not actually sure if it is a button or not, but we do know we are waiting on that right now.)

What we can do is provide quick instructions for enrolling in NISS (see the end of this newsletter).

Not to worry though – this newsletter is called “FSO Success” so we have plenty to offer to keep your program thriving!

November 2018

What should FSO’s be doing
this month?

- - Register with NCAISS/ DSS Portal.
- - Watch the four-minute video on registering for NISS.
- - Login with DISS.
- - Make sure you can log-in to the STEPP.
- - Log into NISS if you can.
- - Email your DSS Rep if you need help!
- - Audit your personnel training records with new training.
- - Send out the 13 Adjudicative Guidelines questionnaire for the year to cleared personnel.
- - Do a “Report Card” on your program.
- - VOTE!!! (Not a NISPOM Requirement but a privilege as a United States Citizen!)
- Be Thankful for All that you have!

FSO PRO Performed Over 40 Inspections In 2018!!

True Story. We assembled dozens of binders, updated spreadsheets, typed up contract lists and traveled to sit one-on-one with MANY different DSS Representatives (at one office, DSS showed up with six people including the Field Chief… surprise!) since the beginning of 2018. Our Pain is your Gain! Regardless of how prepared you are – the Inspection or Security Vulnerability Assessment (SVA) is never a “good time”. It requires hours of review, preparation, and sitting for over half a day (or more) in a room where you are hoping you learned and retained everything you need to know in order to impress your DSS Rep and your company leadership. No one enjoys it per se, but here are some key points to make sure it goes well.

Never skip JPAS day.

How to Rock your Next Inspection – Part 1

(We learned a lot so it’s going take more than one newsletter to cover it. Here are the top 3!)

1. Remember your relationship with DSS is a Partnership! When I first got started, I was nervous about my DSS Rep because I thought they were there to play “gotcha!” if I did not have the NISPOM memorized. In truth, they should be helping you in every way possible: returning your calls and emails, answering questions, and giving you guidance. If they do – let the Field Chief know how great they are. Send an email praising them to the Field Chief. Encourage what you need from the Industry! If they do not return calls, complete actions, or answer emails, FSOs can call the Field Chief/office and prod that forward. I don’t personally do this because my DSS Reps are great (even when they are slow to press the “approve button” for NISS) but I have seen it done to great effect where something important was pending approval. They are human and get busy – as an FSO, you do have ways to make the relationship what you need. Just don’t be afraid to engage with them.

This is how our inspections go. The hand holding was awkward at first.

You should have handy in your contact list: • Your DSS Reps Name, email, and phone.

• Your DSS Field Office and Field Chief – name, email, and phone (cc them on any big or critical items).

• Your Counter Intelligence Special Agent (CISA) name, contact, and phone number (for any suspicious con- tact reports aka SCRs).

Don’t be jealous of my cellular telephone. Speed dial is set to DSS Rep. The future is now.

Don’t be a jerk with the CC Line. A few Dos & Don’ts about the “CC-ing” on emails to DSS: • When using the CC for any emails, the usual “business etiquette” rules apply.

• Indicate that you have cc’d someone and why.

• Don’t fill it up with dozens of names to create some useless round-robin responses. time for that!

• If you cc the field office chief when emailing your DSS Rep, say “I am cc’ing the field office chief just in case you are traveling and someone else can assist…” so it doesn’t look like you are trying to go over his/her head and get them reprimanded.

• If you cc your DSS Rep when emailing your CISA, say “I am cc-ing my DSS Rep so he/she is aware that I have reported this Suspicious Contact Report to you for our company’s Enhancements… “ so your DSS Rep will make note of that before your inspection. Why are we talking about this? Having a comfortable, on-going relationship with your Rep makes the SVA go much, much smoother and much more productive for future endeavors for your organization! Don’t wait until your SVA to “meet”!

DSS Reps are not as scary as they look. They are there to help.

2. Make sure the training is DONE! Seriously! We have said it again and again. There is nothing more awkward than when a DSS Rep asks for a training acknowledgement that is NOT in there. Prior to performing classified work – The NISPOM requires that ALL cleared personnel complete the following training before the FSO gives access to classified in JPAS. • Initial Security Briefing

• Insider Threat Briefing

• Security Procedures Specific to Employee Job Duties

• Threat Awareness

• Defensive Security

• Overview of Security Classification System

• Reporting Obligations and Requirements Failure to administer this training could result in Vulnerabilities against the organization during inspections. Repeated vulnerabilities could result in the government halting all classified work for the organization. As an FSO, you need to educate your company on that process again and again because everyone wants to hurry a new hire onto the job, but they have to do this first!

Nothing is more awkward than your training being incomplete. Nothing.

Pay Attention to Specialized Contract-Specific Training

Contract Specific Training Required by NISPOM – this is typically outlined in the DD254, PWS, or SOW and needs to be completed during the on-boarding phase: • NATO (has to be renewed annually)

• COMSEC

• SCI Briefings for those who work in a SCIF (usually given by the government customer, but records need to be maintained at HQ)

• CNSWDI & Restricted Data

• Courier Briefings

• Derivative Training (required every 2 years)

• Foreign Travel (both business and leisure) Debriefing Contract-Specific Training NOT required by NISPOM – While not required by NISPOM, certain contracts require various training – usually outlined in the DD254, PWS, or SOW – that need to be completed during the on-boarding phase: • PII Training (requires training certificate)
• Cyber Challenge Training (requires training certificate)
• Anti-Terrorism Level 1 (requires training certificate)

Yeah, whatever, Bill. You still owe me 20 quid.

Best Practice Training for Uncleared Personnel

Not required by NISPOM, but HIGHLY Recommended by DSS:

• Insider Threat Indicators

• PII Training

• Cyber Challenge Training

• Active Shooter Training

• Physical Security for the facility

3. Make sure your FSO Annual Requirements Are Done! Defense Security Service gives you a whole year to cover down on these items. If you have not done it yet, there are still over 60 days left in the year. Get it done! On-going: Self-Reporting by Cleared Personnel

Topics include Thirteen Adjudicative Guidelines

1. Allegiance to the U.S.

2. Foreign Influence/Foreign Travel

3. Foreign Preference

4. Sexual Behavior

5. Personal Conduct

6. Financial Considerations

7. Alcohol Consumption

8. Drug Involvement

9. Psychological Conditions

10. Criminal Conduct

11. Handling Protected Information

12. Outside Activities

13. Use of Information Technology

SCRS – Suspicious Contact Reporting

For FSO duties, put off your procrastination until another day.

Any changes to any of the 13 adjudicative areas must be reported to the FSO in a timely manner so that the FSO can help mitigate any negative impact to your clearance. DSS values all SCRs and considers any to be an enhancement to the program.

Note: FSO PRO provides cleared personnel with a yes/no questionnaire regarding these topics. If you would like to get your personnel to answer this prior to the end of 2018 – ask this guy for a copy!

Annual Refresher Briefing – Review of ALL of the above with an acknowledgment for records.
• One training with an acknowledgement document.
• The records are required by NISPOM and reviewed during inspections.
• Failure to administer this training could result in Vulnerabilities against the organization during inspections. Self-Inspection.
• A comprehensive review by the FSO of the entire security program.
• This may include interviews with personnel.
• This needs to be updated in NISS* …. You know, if you have access. FREE WAYS FSO PRO CAN HELP!

Want an annual “Report Card” to check your progress and see what is pending? Or maybe you did EVERYTHING and want the “Report Card” to show to your leadership? Ask this guy!

Yeah, whatever, Bill. You still owe me 20 quid.

*Speaking of NISS. Here is what everyone NOT in NISS yet should do: 1) Establish an Account in the NCAISS: https://ncaiss.dss.mil/dss-cac-login/cert/login – register with your token if you haven’t yet.

2) Click Create/modify requests

3) Request/Manage NISS Access

4) Fill in NISS User Access – choose “Security Staff” for your set up.

5) Enter CAGE (always required)

6) Select role (always required)

7) Delete any you don’t need

8) Click Confirm

9) Click Confirm

10) Click OK and it will tell you if it was successfully submitted.

11) You will receive approval from the DSS Rep. (This is the part that we are waiting on …)

12) Then – you will log in again and see the NISS application under “My applications” and can use the system!

Looking for FSO Gifts? Check out the FSO PRO Shop!

*SVA Binders!

*Coffee Mugs!

*Membership Clubs!

*Training Videos!

*One Hour FSO Support!

*SVA Prep!

Need more explanation or assistance with any items mentioned this month? Contact FSO PRO!

Terms This Month:

SMO = Security Management Office. Everyone affiliated with your JPAS records.

JPAS = Joint Personnel Adjudicative System. FSOs system of record for personnel clearances.

NISP Enhancements – 10 Categories developed by DSS of above-the-baseline standards of events, education and best security practices that can lead to a positive security impact for your organization.

DMDC = Defense Manpower Data Center: who you call for issues with JPAS: 800-467-5526.

PSMO = Personnel Security Management Office: who you talk to about personnel security concerns: 888-282-7682.

CDSE = Center for Development of Security Excellence: www.cdse.edu – where you learn!

FSO PRO thanks all the FSOs out there for everything you do to keep the warfighter safe. Even the smallest task is designed to keep our nation’s information out of the hands of those who would do harm. We, as FSOs, are doing our part to stay vigilant and determined to protect those who protect us, even in our own small way.

That is why we say how awesome you are. And thank you.

Leave a Comment Cancel reply

Need help remembering your FSO requirements? Sign up for monthly text reminders for JPAS login and other DSS due-outs!