There is only one month until 2022 (Is it just me or did this year go by very fast?). It was a year with TONS of changes—DISS, new CFR instead of NISPOM, new self-inspection, new Security Reviews…so many changes and challenges. I say let’s wrap up this challenging year in a strong way! Back by popular demand…
Here is your own “Twelve Days of a FSOs Christmas” (or, whatever holiday you prefer. We are going with the classic song here, not mandating your holiday preference) Countdown Calendar to conclude your 2021 FSO Year in a way that improves the security posture of your organization.
On the first day of Christmas, my FSO gave to me…a completed self-inspection!
Make sure your self-inspection is done and uploaded to NISS. Most DCSA Reps prefer a “self-certification” memo or report signed by the SMO – not the entire Self-Inspection Handbook going into NISS. Extra bonus—use the new one!
On the second day of Christmas, my FSO gave to me…Annual Refreshers!
Make sure your records reflect that everyone has completed the Annual Security Refresher – including Insider Threat Training. This can be a sign-in sheet at an annual meeting or an Acknowledgement sheet. Don’t let 2021 go by without it!
On the third day of Christmas, my FSO gave to me… Extra Security Briefings!
Do any of your contracts have a NATO Requirement? You and other personnel have to complete a re-briefing
(or debriefing if the contract is over) annually. Do your personnel do derivative work? If so, that briefing is required every two years. Some contracts have an annual Anti-terrorism training. Make sure you are aware of, and completing, your extra training requirements. Don’t assume—check your DD254s!
On the fourth day of Christmas, my FSO gave to me…current personnel records!
Run a personnel report and confirm with HR – know who is still working on active contracts, who needs a PR, and who is 1099 personnel! Make sure they have the correct information (date of birth, NDAs) in your systems and in your records.
On the fifth day of Christmas, my FSO gave to me…ALL active accounts!
There are a lot of accounts to maintain for FSOs these days. There is DISS – where all KMPs need to have US Ac- cess at the same level as the organization and you need back-up account managers. FSOs need to have NCAISS logins and an active NISS account. The NISS facility profiles need to be updated with correct contact information, DD254s, and # of cleared personnel. Make sure all your ac- counts are working correctly and that you are logging in in a timely manner.
On the sixth day of Christmas, my FSO gave to me …Clean Security Records!
Ensure that you do not have any SF86s for investigations that have been adjudicated. You can offer them to the subjects before destroying them.
On the seventh day of Christmas, my FSO gave to me…Strong education!
If you are a new FSO, you know to complete all FSO Courses within six months of beginning FSO Work but CDSE has tons of other great training programs that can enhance what you know and what you bring to the program. Have at least ONE new training done before 2021 ends.
On the eighth day of Christmas, my FSO gave to me… Good communication!
When you send out company threat awareness and train- ing, are your company distribution lists updated to make sure new people are added or former personnel are deleted? It makes FSO life much easier when this is updated. Another area of communication is your DCSA Representative and Counter-Intelligence Special Agent (CISA) – do you have their numbers? Do you have their email address- es? Have you communicated with them this year? If not – it is not a bad idea. Make sure you are on their distribution lists if they regularly send out communications, up- dates, or newsletters.
On the ninth day of Christmas, my FSO gave to me…Update all the tracking!
FSOs have several things to track each year: Training, Foreign Travel, Personnel Rosters, and DD254 lists. FSO PRO has several samples of tracking spreadsheets for you to use but they do no good if they are not kept current. Go back through your folders, emails, and any other resources to make sure you have the latest information on record. DCSA Reps ask for a “Contracts List” during inspections. Get with your contracts manager and make sure you only have ACTIVE DD254s listed. Review the active DD254s for compliance and correctness and update where necessary. There are other good tracking areas…did you provide a random security briefing? Who attended? Are you talking with the personnel about security, even in passing? Make notes of it. Did you present the security goals to the company? Note it! It all counts and points the way to a better program.
On the tenth day of Christmas, my FSO gave to me… Update the leadership!
It is a good time to share the security metrics for the organization and any security “successes” over the previous year. Provide them with a “report card” for the program so they can see how they can support the security program. Keep your leadership engaged!
On the eleventh Day of Christmas, my FSO gave to me…Updated Inspection Folders!
It’s a good feeling to be ready for an inspection, even on short notice. The shortest notice we have ever received was nine days. For that reason, at FSO PRO, we keep the following folders for the organization updated:
• Request for Information, Articles of Incorporation, Bylaws, Operating Agreement
• Board Minutes, KMP List, Summary of services and critical technologies, DD441 and SF328
• DISS Subject Reports, Periodic Reinvestigation Reports
• Contracts list, all active classified Contracts (DD254s), subcontracts (issued by your organization) and NISS Validations for subcontractors (run before subDD254 was issued)
• Self-Inspection Memos, Contact Information, DD254s, annual Personnel Security Investigation projections
Briefings and Trainings
• Training Materials, all training acknowledgement forms, Privacy Statements, Debriefings Policies & Procedures
• Disciplinary Policy, Standard Practices and Procedures, other security-related policies Reports
• Adverse reports, security violations and suspicious contacts
• Independent Contractor lists/Consultant Certificates
• FSO Training, education and appointment records
• Insider Threat Program Training, Insider Threat Plan, Working Group meeting notes
“Next Level” Security Awareness
• Newsletters, community involvement, security memberships, security awareness events, monthly themes, conference attendance, etc.
On the twelfth day of Christmas, my FSO gave to me… A LOT OF GRATITUDE!
Teamwork makes the dream work. Whenever you get a good report – thank the person and cc their supervisor and management. When your DCSA Rep responds quickly – thank them and cc their field chief. Express gratitude to your leadership whenever they support your program and cc your DCSA Rep. Being a successful FSO requires great participation – give kudos and shout-outs for everything to ensure the best program possible!
And on that note…
The FSO PRO Team wants to thank all of you “FSO Superheroes”! In 2021, we increased our subscriber and FSO PRO Member list and have appreciated your feedback and recommendations. It may feel like just a compliance program, but together, we can save the world! Stay Classy(fied) Superheroes and may you have an amazing and blessed holiday season and a Happy New Year!
Need more explanation or assistance with any items mentioned this month?
Contact FSO PRO!
Looking for FSO Gifts? Check out the FSO PRO Shop!
* SVA Binders!
* Coffee Mugs!
* Membership Clubs!
* Training Videos!
* One Hour FSO Support!
* SVA Prep!
FSO PRO thanks all the FSOs out there for everything you do to keep the warfighter safe. Even the smallest task is designed to keep our nation’s information out of the hands of those who would do harm. We, as FSOs, are doing our part to stay vigilant and determined to protect those who protect us, even in our own small way.
That is why we say how awesome you are. And thank you.