Learning to use DISS has been interesting—in that pull your hair out, shake your fist to the sky kind of way!
By now, you have all (hopefully) completed your NISS PSI Survey and started using DISS. You, like us, have probably found that there is a lot of clean up to do. If that is the case, here is contact information that can help:
Phone: The Knowledge and Application Center: 724-738-5090 (plan to sit on hold for a while, I like to fold laundry or re-read “War and Peace.”
Another idea while waiting on hold with the government, it’s also a good time to do your annual clean up for your security records.
Such as? Glad you asked!
Make sure your Facility Information is current in NISS. In addition to the PSI Survey (which has been extended to April 8th), the government has launched instructions to check your Facility Profile in NISS and request changes. This is as good a time as any to do that! You are in there anyway! Ask for the instructions if you don’t have them!
Helpful hint: you may have to “submit” more than once for it to go through. We don’t know why, but that has been our experience.
Now is a great time for a trip to Cabo some of the traditional cleaning activities – purging, tossing, organizing – for your FSO files.
Here are a few ideas to help you keep what is necessary and protect what is valuable.
Audit personnel files:
a) Training Records
You know when you send out the Annual Refresher of the Insider Threat training and everyone responds im-
mediately and gets it done? Yeah, we don’t either.
The problem is, after a few “courtesy reminders” it is easy to move on with life and forget that there a few slackers training acknowledgements that are still due.
Training acknowledgements are very important, so now is a good time to find out if anyone is still pending and bring down the hammer follow up to get it done.
A LOT of organizations do their annual performance reviews in the Spring. If you are having trouble getting employees to complete the government-required training promptly, you can use this as a recourse action to make it more important to the employee. Or, better yet (because who likes to be the bad guy?) give kudos to quick responders for a nice bump to their performance reviews.
NISPOM prohibits the keeping of SF86s of clearance candidates after they have received the final adjudication. While you are auditing the personnel files, make sure you delete or shred any SF86s. Note: it is a nice thing to do to check with the candidate first to ask if they would like a copy. This helps them with future questionnaires and confirms to them that you are getting rid of their very personal information.
c) Report gaps
This is a good time to check in with your “Insider Threat” working group: IT, Finance, & HR, to see if there are any indicators for Insider Threats. Are you noticing that you are low on foreign travel debriefings or other essential self-reporting? Maybe it is time to plan a reminder for personnel.
d) Old records
Clearly an Insider Threat. (But seriously, be safe out there.)
Do you need to keep training records/spreadsheets from 2002? DCSA typically looks at records from SVA (Inspection) to SVA. If you have all your information electronically, move it to an archive folder or delete it. If you have hard copies, a shredder works fine.
e) Master List
Finally, list everything you need to do regarding your security program and start prioritizing items before the year gets away from you.
Experts tell us to pick the top three from that list and focus on those immediately until they are completed. Our favorite subject matter ex- pert (SME) calls this “Worst First”.
Yes, the SME here is our Mom, but she is pretty right most of the time. She also recommends that we take probiotics, eat our vegetables, hide a scoop of collagen in our coffee, wear our masks, spray fresh produce with vinegar, and pray daily.
We are not arguing with any of that!
Extra Credit: If you have “possessing” facilities re- member: during periods of system inactivity (e.g. hibernation) or when a facility plans to stop work for an extended
period of time (e.g. virus shutdowns), an audit variance may be authorized. When requesting an audit variance, Industry must have a SOP that specifies how the system will be protected in a dormant state. The SOP will include a process for protecting the system through the use of physical security controls, technical controls, and immediate updates upon return to service. Be sure to coordinate with your DCSA Rep if you have items to safeguard!
4/20 Reminders: Update on CBD Oil
It has not changed yet, but the government does have a new policy regarding the purchase and use of CBD Oil. UNTIL that guidance comes out – it is the same as previously posted: DOD CAF’s current legal position is that ownership of marijuana stocks is considered involvement in drug-related activities and would be a “reportable incident” under the Continuous Evaluation process. Also, the same goes for CBD oil use. They both need to be reported for now.
Note: This information came from two separate DCSA Reps in the Capital Region. Always confirm information with your own DCSA Rep and provide guidance to your cleared personnel.
Need more DISS instructions, explanations, or one-on-one assistance with any items mentioned this month?
Join the FSO PRO Members Club!
FSO PRO thanks all the FSOs out there for everything you do to keep the warfighter safe. Even the smallest task is designed to keep our nation’s information out of the hands of those who would do harm. We, as FSOs, are doing our part to stay vigilant and determined to protect those who protect us, even in our own small way.
That is why we say how awesome you are. And thank you.