280 likes | 299 Views
Join Cindy Brook in this webinar to learn about the key steps and best practices for obtaining a facility clearance. Don't miss out on this valuable opportunity!
E N D
Thank You for Joining Us, The Webinar Will Begin Shortly. The Fast Track to Facility Clearance Presented by: Cindy Brook While you are waiting please check out the Upcoming Webinars on www.GiveMe5.com.
Before we begin … just a few notes: • During the presentation lines will be muted so only presenters can be heard. • While you are listening please also put your phone on mute • Do NOT put your phone on hold – please hang up and call back • If having trouble viewing the presentation – please close out and log in using a different browser • If your slides are not moving please refresh or log out & then log back in • If you have any questions during the presentation, please feel free to enter them into the discussion box on the bottom left of your screen
The Fast Track to a Facility Clearance Cindy Brook 21 January 2015 This document contains Binary Group, Inc. Proprietary and Confidential Business Information and is intended solely for the use and information of the client to whom it is addressed. It may not be duplicated or published without the written consent of Binary Group.
Women Impacting Public Policy (WIPP) is a nonprofit, membership organization working to increase the economic power and public policy clout of women entrepreneurs by providing essential business skills education, leadership opportunities for business and personal growth, and a seat at the table among policymakers in Washington, D.C. WIPP was founded in 2001 and is recognized as a national, nonpartisan voice for women business owners, advocating on behalf of its coalition of 4.7 million businesswomen including 78 business organizations. WIPP identifies important trends and opportunities and provides a collaborative model for the public and private sectors to advance the economic empowerment of women. www.WIPP.org
Give Me 5 • National program from WIPP & American Express OPEN designed to educate women business owners on how to apply for and secure federal procurement opportunities. • Give Me 5 works to increase the representation of Women Business Owners that win government contracts. We provide accessible business education tools to assist both new and experienced federal contractors. • Women Business Owners could gain more than $4 billion in annual revenues if the 5% contracting goal set by Congress was reached.
The Fast Track to a Facility Clearance Cindy Brook 21 January 2015 This document contains Binary Group, Inc. Proprietary and Confidential Business Information and is intended solely for the use and information of the client to whom it is addressed. It may not be duplicated or published without the written consent of Binary Group.
Agenda • Terminology • Where Do We Start? • Key Steps • The First Visit • Best Practices • Pitfalls Binary Group, Inc. Proprietary and Confidential Information
Terminology • NISP - The National Industrial Security Program is the nominal authority (in the United States) for managing the needs of private industry to access classified information. • The NISP was established in 1993 by Executive Order 12829. • The NISP recognizes four different Cognizant Security Agencies (CSA), all of which have equal authority: • Department of Defense • The DoD is the CSA for approximately 26 other Federal Agencies • Delegated responsibilities to Defense Security Services (DSS) • Department of Energy • Central Intelligence Agency • Nuclear Regulatory Commission • NISPOM – National Industrial Security Program Operating Manual, or DoD 5220.22-M • The NISPOM establishes the standard procedures and requirements for all government contractors, with regards to classified information. Binary Group, Inc. Proprietary and Confidential Information
Terminology (cont.) • Facility Clearance (FCL)- a determination by the federal government that it would be in the interest of national security for a particular company or organization to access classified information. Levels of clearance include: Confidential, Secret, & Top Secret, as well as other authorizations such as “Safeguarding”. • Interim FCL - An interim FCL is granted on a temporary basis pending completion of the personnel security eligibility determinations for the key management personnel (KMP), and can only be granted if KMP requiring to be cleared in conjunction with the facility clearance receive at least an interim personnel clearance at the level required. (other mitigating factors exist) • Personnel Security Clearance – After the completion of an investigation, a final determination will be made by the federal government that it would be in the interest of national security for this person to access classified information. Levels of clearance include: Confidential, Secret, & Top Secret, as well as other special classifications such as SCI, NATO, etc. • Prime (or Prime Contractor) - In Government contracting, this term is used to indicate that your company or organization was awarded the contract. If you have Subcontractors, you are referred to as the Prime, in a Prime/Sub relationship. • Sub (or Subcontractor) - a business or person that carries • out work for a company as part of a larger project. Binary Group, Inc. Proprietary and Confidential Information
Terminology (cont.) • CAGE Code - The Commercial and Government Entity Code is a unique identifier assigned to suppliers to various government or defense agencies, as well as to government agencies themselves and also various organizations. • Clearance Levels • Confidential, Secret, Top Secret • Facility will be cleared to one of these levels based on the requirements in the Government’s Request for Proposal (RFP)/Contract • DD254 – The method used to provide offerors/contractors with security classification guidance, and it must be provided with all classified contracts.* • Special Classifications (can only be applied to personnel, not facilities) • SCI, CNWDI, NATO, Restricted Data, FGI, Q & L (DOE) • Blog Article: http://www.binarygroup.com/blog/article/about_special_classification_levels_for_facilities • Safeguarding – A term used to indicate that a contractor is responsible for the custody of classified information or classified information is under their control at their facility. • SCIF - Sensitive Compartmented Information Facility - is an enclosed area within a building that is used to process Sensitive Compartmented Information (SCI) types of classified information *Note: Special Access Programs may also be required Binary Group, Inc. Proprietary and Confidential Information
Where Do We Start? • Opportunity Exists * • If your company will Prime • To view classified material the KO will sponsor your company for a Facility Clearance • If your company will Sub • The Prime is responsible for sponsoring your company • However, the Prime is only allowed to do so once the contract has been awarded • Why Get a Facility Clearance? • All companies awarded a contract with a security clearance are required to be cleared by the Government – Prime or Sub • Once cleared, it could make your business more attractive to Federal buyers • How long will it take? • According to DSS, currently it is taking on average 137 days to issue a final Secret/Confidential FCL, 151 days to issue a final Top Secret FCL, and 98 days to issue an Interim FCL. *Note: This assumes that your company already has the required CAGE Code for doing business with the Government Binary Group, Inc. Proprietary and Confidential Information
Where Do We Start? (cont.) • Does it cost anything? • The Government does not charge a company • For obtaining a facility clearance • For obtaining personnel clearances • Internal costs to consider • You will need to choose someone from your company to be the Facility Security Officer (FSO) • FSO attends conferences, training & seminars for educational purposes that cost money • There will be some cost associated with educating your personnel • Time is Money • Obtaining a clearance takes time, whether it is your facility or personnel clearances Binary Group, Inc. Proprietary and Confidential Information
Key Steps • Once sponsored, DSS will receive the request • Your FSO will also need to complete training • Some training is required immediately to access Government systems, while other training must be completed within 1 year of the assignment to the role of FSO • Some training must be refreshed once per year • DSS Representative (Rep) will be assigned to your company • Your FSO should handle all interactions with the DSS Rep • They will call the FSO, introduce themselves, provide all of the initial forms for the FSO to complete, help them with starting personnel clearances, etc. • During this call they will schedule their first visit to your facility Binary Group, Inc. Proprietary and Confidential Information
Key Steps (cont.) • Prior to the first visit your FSO will be required to complete all of the forms and prepare your company as instructed by the DSS Rep • The following will also be required: • Organizational Documentation/Information • Articles of Incorporation, Stock Records, Minutes of Board Meetings, and Corporate by-laws • Federal Tax ID Number • Key Management Personnel List • Brief summary of your company's primary business or services • Email, Fax, and complete address information for the last ten years — include the last four number extension on your zip code • Proof of US Citizenship for prospective FSO Binary Group, Inc. Proprietary and Confidential Information
Key Steps (cont.) • The following will also be required (cont.): • Additional Items • Personnel Security Clearance for KMPs • KMPs are Key Management Personnel – Each KMP is required to hold a clearance at the same level as the Facility, unless they are excluded • Fingerprints – as part of the Personnel Security Clearance process, Fingerprints are required. • DSS Facility Process Forms • DD Form 441 • DoD Security Agreement – Agreement between your organization and the US Government that details the security responsibilities of both the cleared organization and the US Government. Binary Group, Inc. Proprietary and Confidential Information
Key Steps (cont.) • The following will also be required (cont.): • Additional Items Required (cont.) • DD Form 441-1 • This is an attachment to the DD Form 441 that lists cleared divisions or branch offices that are included or covered by the provisions of the organizations Security Agreement and Certificate Pertaining to Foreign Interest. • FOCI - SF 328 Certificate Pertaining to Foreign Interest • The Certificate Pertaining to Foreign Interest is used to report your organization's foreign involvement. • Hold a company meeting, prepare everyone • You will need to make some changes once you receive clearance • Address the changes, advise that you expect your facility will be cleared, any new security policies, and who the FSO will be Binary Group, Inc. Proprietary and Confidential Information
Key Steps (cont.) • Technology Control Plan (TCP) • If you have any personnel that are not US Citizens (cleared or uncleared): • You are exporting information by the US Department of State’s definition • You need to review the International Traffic in Arms Regulations (ITAR) • https://www.pmddtc.state.gov/regulations_laws/itar.html • Once you receive your FCL, you will need to develop a Technology Control Plan • Your FSO should notify your DSS Rep prior to their visit to prepare for this Binary Group, Inc. Proprietary and Confidential Information
Key Steps (cont.) • Safeguarding • Your FSO should notify the DSS Rep of this requirement • Your FSO should review all requirements pertaining to placing a GSA Safe and Safeguarding • Training courses exist and your FSO will be required to take them within 1 year of assignment • However, these courses can provide necessary instruction/answers for the company • SCIF - Sensitive Compartmented Information Facility • Your FSO should notify the DSS Rep of this requirement • Check the locks, do they meet the Government’s requirements for building a SCIF? • Again, your FSO will need to take the same additional training courses as Safeguarding Binary Group, Inc. Proprietary and Confidential Information
The First Visit • Ensure all paperwork has been completed and all requested documents are available prior to the visit as instructed by DSS • The more organized you are, the visit will seem less intrusive • Don’t be alarmed if your DSS Rep brings someone with them • All KMPs must be on-site on the day of the visit to meet your DSS Rep • The DSS Rep will want to discuss your business with your KMPs • It is wise to prepare them for this discussion • If anyone will be “excluded”, make sure that everyone understands what the “exclusion” means as classified work comes in • DSS will ask how you intend to handle this Binary Group, Inc. Proprietary and Confidential Information
The First Visit (cont.) • The Rep will provide instructions about your facility • Security • Visitor logs • Badges/Keys • Developing Indoctrination Paperwork for Personnel • Keeping Personnel Files • Technology Control Plan (if applicable) • Other procedures and education for personnel as applicable Binary Group, Inc. Proprietary and Confidential Information
The First Visit (cont.) • Safeguarding • If you will have a GSA Safe or plan to obtain one: • Your FSO will need to discuss with the DSS Rep the location of the safe • They will also advise them on developing specific procedures and following them according to Government requirements • If you already have the safe, the rep will want to inspect it • If you don’t have it yet, they will schedule a time to come back and inspect it once you obtain one • SCIF • Your FSO will need to walk them through the SCIF • They need to: • Demo the lock • How many people will have access and who • Discuss all of the features you intend to have in the SCIF • Computers? • Classified Conference Rooms/Meeting Rooms? • Working Areas? • DSS Rep will discuss with you the procedures you should follow once your facility is cleared Binary Group, Inc. Proprietary and Confidential Information
Best Practices • Name an Alternate/Assistant FSO • Illnesses, vacations, etc. happen and access to the Government systems are difficult to obtain • Support your FSO • They need ongoing training & attending events (one per year) • They need to provide refresher training to your staff • They will need to complete self-inspection audits of your company, which require your support • A Strong security program provides confidence to both customers and employees • This is a very close knit community, don’t underestimate them Binary Group, Inc. Proprietary and Confidential Information
Best Practices (cont.) • Foreign Ownership, Control & Influence (FOCI) - “I thought I couldn’t get a Facility Clearance” • Simple answer - a company under FOCI is typically not eligible for an FCL • However, a company may be granted an FCL if the risk of the FOCI can be mitigated in conformity with the national interest (process called FOCI Migration) • What does this mean? • It is a process whereby unauthorized access to classified information is prevented • The Government uses various security measures, safeguards, and restrictions to prevent unauthorized access • A determination can only be made by going through the process Binary Group, Inc. Proprietary and Confidential Information
Best Practices (cont.) • Maintaining a clearance • Your company must have an active classified contract at the level you were granted a FCL • 12 months without a contract = Loss of FCL • 12 months with active contracts at a lower level of classification = a downgrade to FCL • Be prepared for a Government audit either once a year or once every 18 months • Schedule will depend on if you hold classified materials or not • How well you do in your security program can also affect how often your are audited • If you ever suspect an employee is sharing classified material, do not try to handle it yourself • The Government has a special office for this and they will work with you, report it immediately to the FBI Binary Group, Inc. Proprietary and Confidential Information
Pitfalls • If KMPs change • There are systems that must be updated for your FCL • Any new KMPs must be cleared to the highest level of the Facility • If your company moves, you must notify your DSS Rep • Awarded a new contract that changes the level of clearance or requires Safeguarding? • Contact your DSS Rep Immediately Binary Group, Inc. Proprietary and Confidential Information
Q & A http://www.binarygroup.com/blog/author/cindy_brook Binary Group, Inc. Proprietary and Confidential Information
Thank You For Participating Following this call you will receive links to the podcast of this session. For questions, please contact Lin Stuart at Lstuart@wipp.org
Get Involved! • Join a policy issue committee and learn how policy can impact your business growth • Make your voice heard - become a member of our national Instant Impact Advocacy Team • Participate in our educational series – unlimited opportunities for you and your staff • Receive weekly policy updates and briefings • 1-888-488-WIPP • www.wipp.org • Questions? Contact WIPP Staff • Program & Education Coordinator: Lin Stuart▪ LStuart@wipp.org ▪ (415) 434-4314 • Membership Coordinator: Lynn Bunim ▪ LBunim@wipp.org ▪ (415) 434-4314