FSO PRO Security Compliance Solutions

Y’all Ready for NISS??


These guys are obviously excited about NISS... Almost as excited as you are.

(cue stadium music)
As promised by DSS, the soft launch of NISS is indeed going to happen “Fall 2017”. They have moved away from the TBD and provided bona fde dates for kick-of AND full migration to the new system. Here are the launch dates for YOU. They provided launch dates for government personnel too but hey – they have their own newsletters. This one is for FSO Superheroes!

Here are the key dates for your calendar.

Not registered? Click that link! Go NISS yourself, NOW! (Over the top? Sorry about that)

• Users must have accounts in NCAISS – this is also known as the “DSS Portal”. You must have a PKI to register (the same one you utilize for JPAS) and you register here. You can – and should – do this now if you have not yet.

October 5: NISS Sof Launch Begins (Industry)
• NISS is available and live, but is not the system of record
• ISFD and e-FCL remain systems of record and are used for all official business – so don’t close out or stop
using those accounts!
• Users can register for NISS accounts in NCAISS at this time.
• Users can familiarize themselves with the system. At the end of the Soft Launch period, all NISS Soft Launch data will be purged except for user account and role information – so DON’T spend hours moving all your company data into the system.

Studies* show that coffee out of this mug tastes 29%
more delicious. You should get one. Or five.

October 30: NISS Full Operational Capability Deployment
• NISS becomes the system of record for facility clearance information, including submission of Initial FCL and Change Condition Packages
• Data from the Soft Launch is purged, and a full migration of ISFD and e-FCL data to NISS will occur
• ISFD and e-FCL are no longer available

All NISS Soft Launch data will be purged except for user account and role information—so DON’T spend hours moving all your company data into the system.

You totally have this. And if you have a queston, call FSO PRO

NISS—You Got This!

That’s it! During the month of October, you and your Senior Management will no doubt receive countless reminders about getting this done. If you stick with the schedule above, you can tell any of the powers that be: “I am all over it!”

(And feel free to forward this newsletters to any of your teammates if they ask you – “Hey, what’s this NISS thing again?”)

Section C of the Self Inspection: Security Education

“If You Have a Moment, Would You Like to Hear About Our Government-Required Training?”

That is how I feel each year when I send out the Annual Refresher Briefngs – like some sort of unwanted sales rep! Folks are busy, they have done this before, they just did a training with someone else, blah, blah, blah.

Not only is the NISPOM-required training important – it is a government regulaton that cleared personnel complete it AND that the cleared facility keeps records of it. EVERY. YEAR.

I can promise you this, when you are sitting with an auditor (DSS, ISO if you have that, Contracting…) and they say “show me Bob’s Annual Refresher from last year” and you cannot locate it – it is a VERY uncomfortable feeling. (One
job, Bob! Classic Bob…)

Here are some tips for how you can ensure your training is complete for your cleared personnel:
• Make a chart with all your cleared personnel and all their required training. You can request a free copy of one we often use by asking this guy.
• Review the training in NISPOM 3
• Initial Overview
• Annual Refresher
• Annual Insider Threat
• Debriefing
• Now locate Special Briefings, if any, on your DD254 and in the contract Statement of Work (SOW)
• CyberChallenge, etc.
• Combine the NISPOM 3 requirements as much as you can. We blend the initial, annual training, Insider Threat into one with a very extensive acknowledgement sheet to ensure we cover all required topics.
• Audit your personnel records to make sure you are not missing anything! (Bob??! Where’s your training, Bob??)
• Send “courtesy reminders”, send notes to their supervisors – keep at them untl you get 100% of all the required
training. (I will come to your house, Bob! Classic Bob…)

Susan from HR is stronger than she looks…

Ideas to make training fun and creative:

1. Competition – get your groups (programs, departments, etc.) to see who can get it done first. I will tell you right now – HR and Finance take that seriously!
2. Have an “event” training. Do it all at once with a company pot-luck or barbecue.
3. Give it a theme and promote it for weeks with posters, candy, and reminders.
4. Have prizes! Yes, you should not have to bribe anyone to do their job but if it cuts down on your reminders, it may be worth a Starbucks card or two.
5. Go to CDSE for ways to update your training or use the posters, handouts, and video shorts to add to your education program.

As the rest of the world watches the leaves change, contractors watch the dawn of a New Fiscal Year!

Now that your finance and proposal teams (and you!) have had near nervous breakdowns over the re-competes and new
awards, your organizaton may be kicking of a new Fiscal Year award or contnuing one from the previous year.

FSOs can support this by:
• Updating Annual “perm cert” VARs in JPAS with new period-of-performance (POP) dates.
• Updating Annual Training requirements that are contract specific.
• Indoctrinating new personnel and getting them re-badged and read-on to the same contract again.
• Updating personnel training rosters and personnel security folders.
• Providing new metrics to your Senior Management.

Question of the Month: What does “Loss of Jurisdiction” mean for a person’s record in JPAS? “Loss of Jurisdiction” in the easiest terms means that at some point – mid-investigation – something “stopped” the investigation because something was missing or not provided. Usually, it means that fingerprints were not electronically submitted in the required time frame but it could also mean that additional information was needed and never provided.

Regardless of the “why”, it also means, as far as JPAS goes, no “Access” can be granted for classified work.

How do you fix it? You will need to re-initiate their SF86 questionnaire (eQIP) and have them re-submit their information and fingerprints for review and processing.

What is the timeline? FSOs HATE this question because no mater how many caveats you offer, Managers will go “You told me 89 days!!” or something like that. Here is the truth: it takes just as long as any other Interim process or longer depending on what information is missing. For the best guidance of how to proceed with each case, contact the DSS Knowledge Center at 888-282-7682.

Exit mobile version