Search results
Results from the WOW.Com Content Network
A major component of the NISP is the NISP Operating Manual, also called NISPOM, or DoD 5220.22-M.The NISPOM establishes the standard procedures and requirements for all government contractors, with regards to classified information.
Investigative requirements for DoD clearances, which apply to most civilian contractor situations, are contained in the Personnel Security Program issuance known as DoD Regulation 5200.2-R, at part C3.4.2.
DIACAP defined a DoD-wide formal and standard set of activities, general tasks and a management structure process for the certification and accreditation (C&A) of a DoD IS which maintained the information assurance (IA) posture throughout the system's life cycle.
Security clearances can be issued by many United States of America government agencies, including the Department of Defense (DoD), the Department of State (DOS), the Department of Homeland Security (DHS), the Department of Energy (DoE), the Department of Justice (DoJ), the National Security Agency (NSA), and the Central Intelligence Agency (CIA).
The framework provides a model for contractors in the Defense Industrial Base to meet the security requirements from NIST SP 800-171 Rev 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations.
Its membership included technologists from the government and defense contractors as well as security officials from the DoD and intelligence community. The task force met between 1967 and 1969 and produced a classified report that was made available to organizations with appropriate security clearance beginning in 1970. [3]
The initial directive detailing the checks required was DoD Directive 5210.55, "Selection of DoD Military and Civilian Personnel and Contractor Employees for Assignment to Presidential Support Activities" issued on July 6, 1977. This was revised on 15 December 1998. [2]
In November 2013, the DoD put forward the new cybersecurity rule (78 Fed. Reg. 69373), which imposed certain requirements on contractors: compliance with certain NIST IT standards, mandatory reporting of cybersecurity incidents to the DoD, and a "flow-down" clause that applies the same requirements to subcontractors. [6]