Vocab 5 - NISP Reporting Requirements (Glossary)

Question 1

Access

Answer 1

The ability and opportunity to gain knowledge of classified information.

Question 2

Adverse Information

Answer 2

Any information that adversely reflects on the integrity or
character of a cleared employee, that suggest that his or her ability to safeguard classified information may be impaired, that his or her access to classified information clearly may
not be in the interest of national security, or that the individual constitutes as insider threat.

Question 3

Adjudicative Guidelines

Answer 3

Guidelines used to determine eligibility for access to classified information or assignment to sensitive duties. There are 13 adjudicative guidelines used to make eligibility determinations.

Question 4

Administrative Inquiry

Answer 4

A broad overview of the investigation that is underway. This
is the second step in reporting a security violation.

Question 5

Certificate Pertaining to Foreign Interest – SF 328

Answer 5

A 10-question survey designed to help identify the presence of FOCI in an organization, and provides the basis around which
the FOCI analysis process is organized. Completed using e-FCL.

Question 6

Central Intelligence Agency (CIA)

Answer 6

The Central Intelligence Agency was created in 1947 with the signing of the National Security Act by President Harry S. Truman. Director Central Intelligence serves as head of the United States intelligence community; act as the principal adviser to the President for intelligence matters related to national security; and serve as head of the CIA.

Question 7

Classified Contract

Answer 7

Any contract requiring access to classified information by a
contractor in the performance of the contract. (A contract may be a classified contract even though the contract document is not classified.) The requirements prescribed for a “classified contract” also are applicable to all phases of pre-contract activity, including solicitations (bids, quotations, and proposals), pre-contract negotiations, post-contract activity, or other Government Contracting Activity (GCA) program or project which requires access to classified information by a contractor.

Question 8

Classified Information

Answer 8

Official information that has been determined, pursuant to
Executive Order 12958 or any predecessor order, or pursuant to the Atomic Energy Act of 1954, to require protection against unauthorized disclosure in the interest of national security which has been designated.

Question 9

Classified Information Nondisclosure Agreement – SF 312

Answer 9

The SF 312 is a non disclosure agreement required under Executive Order 13292 to be signed by employees of the U.S. Federal Government or one of its contractors before they are granted access to classified information.

Question 10

Classified Visit

Answer 10

A visit during which a visitor will require, or is expected to require, access to classified information.

Question 11

Cleared Employees

Answer 11

All contractor employees granted Personnel Security Clearances (PCL) and all employees being processed for PCLs.

Question 12

Cognizant Security Agencies (CSAs)

Answer 12

Agencies of the Executive Branch that were authorized by Executive Order (EO) 12829 to establish an industrial security program to safeguard classified information under the jurisdiction of these agencies when disclosed or released to U.S. Industry. Those agencies are: The Department of Defense, Office of the Director of National Intelligence, Department of Energy, and the Nuclear Regulatory Commission. EO 13691 established the Department of Homeland Security as a CSA.

Question 13

Cognizant Security Office (CSO)

Answer 13

The organizational entity delegated by the head of a CSA to administer industrial security on behalf of the CSA.

Question 14

Communications Security (COMSEC)

Answer 14

Protective measures taken to deny unauthorized persons information derived from telecommunications of the U.S.
government relating to national security and to ensure the authenticity of such communications.

Question 15

Compromise

Answer 15

An unauthorized disclosure of information.

Question 16

CONFIDENTIAL

Answer 16

The classification level applied to information, the unauthorized disclosure of which reasonably could be expected to cause damage to the national security.

Question 17

Contractor

Answer 17

Any industrial, educational, commercial, or other entity that has been granted a Facility Clearance (FCL) by a CSA.

Question 18

CSA Hotlines

Answer 18

Defense Hotline
The Pentagon
Washington, DC 20301-1900
(800) 424-9098

NRC Hotline 
U.S. Nuclear Regulatory Commission 
Office of the Inspector General 
Mail Stop TSD 28 
Washington, DC 20555-0001 
(800) 233-3497

DOE Hotline
Department of Energy 
Office of the Inspector General 
1000 Independence Avenue, SW
Room SD-031
Washington, DC 20585 
(202) 586-4073 
(800) 541-1625

DHS Hotline
Department of Homeland Security
Office of the Inspector General
Mail Stop 0305
245 Murray Lane SW
Washington, DC 20528
(800) 323-8603

DNI Hotline
Director of National Intelligence
Office of Inspector General
Washington, DC 20505
(703) 482-2650

Question 19

DD Form 254

Answer 19

(Department of Defense Contract Security Classification Specification) DD Form 254 provides to the cleared contractor, or cleared subcontractor the security requirements and the classification guidance that are necessary to perform on a specific classified contract.

Question 20

DD Form 441

Answer 20

(Department of Defense Security Agreement) A DoD Security Agreement that is entered into between a contractor who will have access to classified information, and the DoD in order to preserve and maintain the security of the U.S. through the
prevention of unauthorized disclosure of classified information.

Question 21

Defense Security Service (DSS)

Answer 21

The DSS (now known as the DSCA or Defense Counterintelligence and Security Agency) is an agency of the DoD located in Quantico, Virginia with field offices throughout the United States. The Under Secretary of Defense for Intelligence provides authority, direction and control over DSS (DSCA). DSS (DSCA) provides the military services, Defense Agencies, 31 federal agencies and approximately 13,500 cleared contractor facilities with security support services. DSS (DSCA) supports national security and the service members, secures the nation’s technological base, and oversees the protection of U.S. and foreign classified information in the hands of industry. DSS (*DSCA) accomplishes this mission by clearing industrial facilities, accrediting information systems, facilitating the personnel security clearance process, delivering security education, training, and certification and providing information technology services that support the industrial and personnel security missions of DoD and its partner agencies.

Question 22

Defense Security Service (DSS), Center for Development of Security Excellence (CDSE)

Answer 22

The Center for Development of Security Excellence (CDSE) is a nationally accredited, award-winning directorate within the DSS. CDSE provides security education, training, and certification products and services for the DoD and industry.

Question 23

Defense Security Service (DSS), Counterintelligence (CI) Office

Answer 23

Office within the DSS that provides counterintelligence support to DSS through CI reviews, assessments, analysis, and reports.

Question 24

Defense Security Service (DSS), Counterintelligence Special Agent (CISA)

Answer 24

Assists FSOs in identifying potential threats to U.S. technology and developing CI awareness and reporting by company employees.

Question 25

Defense Security Service (DSS), Facility Clearance Branch (FCB)

Answer 25

The DSS FCB processes contractors for FCLs based upon procurement need, issues FCLs, and monitors the contractor’s continued eligibility in the NISP.

Question 26

Defense Security Service (DSS), Foreign Ownership Control or Influence (FOCI) Operations Division

Answer 26

This office within the DSS works with the local Industrial Security Representative (IS Rep) to resolve issues that arise when a cleared facility or a facility being processed for a FCL is subject to FOCI.

Question 27

Defense Security Service (DSS), Industrial Security Representative (IS Rep)

Answer 27

Local representative from the DSS that provides advice and assistance to establish the security program and to ensure a facility is in compliance with the NISP.

Question 28

Defense Security Service (DSS), Information Systems Security Professional/Security Control Assessor (ISSP/SCA)

Answer 28

Local representative from the DSS, NISP Authorization
Office (NAO) that provides advice and assistance, visit to improve the security posture with regard to Information Systems and help facilitate the Assessment and Authorization
(A&A) process of Information Systems authorized to process classified information.

Question 29

Defense Security Service (DSS), National Industrial Security Program Authorization Office (NAO)

Answer 29

Office within the DSS that facilitates the Assessment and

Authorization (A&A) process for classified information systems at cleared contractor facilities.

Question 30

Defense Security Service (DSS), Personnel Security Management Office for Industry (PSMO-I)

Answer 30

An office within the DSS that processes requests for, and other actions related to PCLs for personnel from facilities participating in the NISP.

Question 31

Department of Defense Contract Security Classification Specification – DD Form 254

Answer 31

DD Form 254 provides to the cleared contractor, or cleared subcontractor the security requirements and the classification guidance that are necessary to perform on a specific classified contract.

Question 32

Department of Defense Security Agreement – DD 441

Answer 32

A DoD Security Agreement that is entered into between a contractor who will have access to classified information,
and the DoD in order to preserve and maintain the security of the U.S. through the prevention of unauthorized disclosure of classified information.

Question 33

Department of Defense System of Record

Answer 33

This is currently JPAS. In the future JPAS will be replaced by the Defense Information System for Security (DISS).

Question 34

Department of Homeland Security (DHS)

Answer 34

In response to the terrorist attacks of September 11, 2001, the Department of Homeland Security (DHS) was created by the
Homeland Security Act (HSA) under the administration of President George W. Bush. Their primary objective is to protect U.S. citizens and interests from terrorist attacks.

Question 35

e-FCL

Answer 35

DSS’s electronic system that all companies must use while in process for a Facility Clearance (FCL) or to report a changed condition.

Question 36

Eligibility

Answer 36

A certified adjudicator at the DoD Central Adjudication Facility (CAF) has made an adjudicative determination that an individual is eligible under national security standards for access to classified information equal to the level of their adjudicated investigation.

Question 37

Espionage

Answer 37

he act or practice of spying or of using spies to obtain secret intelligence. Overt, covert, or clandestine activity, usually used in conjunction with the country against which such an activity takes place (e.g., espionage against the United States (U.S.)).

Question 38

Executive Order (EO)

Answer 38

An order issued by the President to create a policy and regulate its administration within the Executive Branch.

Question 39

Facility

Answer 39

A plant, laboratory, office, college, university, or commercial structure with associated warehouses, storage areas, utilities, and components, that, when related by function and location, form an operating entity. A business or educational organization may consist of one or more facilities as defined herein. For the purposes of industrial security, the term does not include Government installations.

Question 40

Facility (Security) Clearance (FCL)

Answer 40

An Administrative determination that, from a security viewpoint, a company is eligible for access to classified information of a certain category (and all lower categories).

Question 41

Facility Security Officer (FSO)

Answer 41

A U.S. citizen employee, appointed by a contractor who will supervise and direct security measures necessary for implementing the NISPOM and other Federal security requirements for classified information.

Question 42

Federal Bureau of Investigation (FBI)

Answer 42

An intelligence-driven and threat-focused national security organization with both intelligence and law enforcement responsibilities—the principal investigative arm of the U.S. Department of Justice and a full member of the U.S. Intelligence Community.

Question 43

Foreign Interest

Answer 43

Any government, agency of a foreign government, or representative of a foreign government; any form of business enterprise or legal entity organized, chartered or incorporated under the laws of any country other than the United States or its territories, and any person who is not a citizen or national of the United States.

Question 44

Foreign National

Answer 44

Any person who is not a citizen or national of the United States.

Question 45

Foreign Ownership, Control or Influence (FOCI)

Answer 45

A state in which a contracting agency may find itself in, that may impede its ability to be granted a Facility Security
Clearance. The agency will be considered under FOCI if a foreign entity has control, direct or indirect and whether or not exercised, over decisions that affect the management or operation of the organization.

Question 46

Government Contracting Activity (GCA)

Answer 46

An element of an agency designated by the agency head and delegated broad authority regarding acquisition functions.

Question 47

Industrial Security

Answer 47

That portion of information security concerned with the protection of classified information in the custody of U.S. industry.

Question 48

Industrial Security Facilities Database (ISFD)

Answer 48

The ISFD, maintained by the DSS is a repository of information about DoD cleared contractor facilities. The ISFD has internal
users (with full access, such as the DSS IS Reps) and external users (with limited access).

Question 49

Industrial Security Letters (ISL)

Answer 49

Documents that provide detailed operational guidance and notification of changes to or clarification of existing policies or requirements to the NISPOM.

Question 50

Information Security

Answer 50

The result of any system of administrative policies and
procedures for identifying, controlling, and protecting from unauthorized disclosure; information the protection of which is authorized by executive order.

Question 51

Information Security Oversight Office (ISOO)

Answer 51

Office responsible for implementing and monitoring the NISP and for issuing implementing directives that shall be binding on agencies.

Question 52

Information Systems

Answer 52

An assembly of computer hardware, software, and firmware
configured for the purpose of automating the functions of calculating, computing, sequencing, storing, retrieving, displaying, communicating, or otherwise manipulating
data, information and textual material.

Question 53

Information System Security Manager (ISSM)

Answer 53

An individual appointed by a contractor with oversight responsibility for the development, implementation, and
evaluation of the facility’s Information System Security Program. The ISSM must be trained to a level commensurate with the complexity of the facility’s Information Systems.

Question 54

Information System Security Officer (ISSO)

Answer 54

An ISSO may be appointed by the ISSM in facilities with multiple accredited Information Systems. The ISSM will determine the responsibilities to be assigned to the ISSO in accordance with NISPOM Chapter 8.

Question 55

Individual Culpability

Answer 55

An individual responsible for a security violation plus evidence
of deliberate disregard, gross negligence and a pattern of negligence or carelessness.

Question 56

Insider Threat

Answer 56

The likelihood, risk, or potential that an insider will use his or her authorized access, wittingly or unwittingly, to do harm to the national security of the United States. Insider threats may include harm to contractor or program information, to
the extent that the information impacts the contractor or agency’s obligations to protect classified national security information.

Question 57

Intrusion Detection System (IDS)

Answer 57

A device or software application that monitors a network or systems for malicious activity or policy violations.

Question 58

Joint Personnel Access System (JPAS)

Answer 58

The current DoD system of record. In the future JPAS will be replaced by the Defense Information System for Security (DISS).

Question 59

Key Management Personnel (KMP)

Answer 59

Key management personnel are Senior Management Officials (SMO) who have the authority to directly or indirectly plan and control business operations. KMPs require an eligibility determination before a facility is granted a FCL.

Question 60

Limited Access Authorization (LAA)

Answer 60

Security access authorization to CONFIDENTIAL, or SECRET information granted to non-U. S. citizens requiring such
limited access in the course of their regular duties.

Question 61

Loss

Answer 61

Classified information that is or was outside the custodian’s control and the classified information cannot be located or its disposition cannot be determined.

Question 62

National Industrial Security Program (NISP)

Answer 62

NISP was established by Executive Order 12829 for the protection of classified information released or disclosed to industry in connection with classified contracts. The NISP applies standards for the protection of classified information released or disclosed to contractors of all federal executive branch departments and agencies. Requirements of the NISP are stated in the National Industrial Security Program Operating Manual (NISPOM), DoD 5220.22-M.

Question 63

National Industrial Security Program Operating Manual (NISPOM) – DoD 5200.22M

Answer 63

A manual issued in accordance with the NISP that prescribes the requirements, restrictions, and other safeguards to prevent unauthorized disclosure of classified information.

Question 64

National Security Agency (NSA)

Answer 64

Provides information assurance services and information and signals intelligence.

Question 65

National Security Council (NSC)

Answer 65

A governing entity responsible for providing overall policy direction for the NISP.

Question 66

National Security Threat

Answer 66

An entity capable of aggression or harm to the United States.

Question 67

Naturalization

Answer 67

A process by which U.S. citizenship is granted to a foreign citizen or national after he or she fulfills the requirements established by Congress in the Immigration and Nationality Act (INA).

Question 68

Need-to-Know (NTK)

Answer 68

A determination made by an authorized holder of classified
information that a prospective recipient has a requirement for access to, knowledge, or possession of the classified information to perform tasks or services essential to the
fulfillment of a classified contract or program.

Question 69

Personnel Security Clearance (PCL)

Answer 69

An administrative determination that an individual is eligible, from a security point of view, for access to classified information of the same or lower category as the level of the personnel clearance being granted.

Question 70

Preliminary investigation

Answer 70

The purpose of the preliminary inquiry is to secure the
classified information, quickly gather all the facts, and determine if the classified information was subject to loss, compromise, or suspected compromise.

Question 71

Prime Contractor

Answer 71

The contractor who receives a prime contract from a GCA.

Question 72

Sabotage

Answer 72

The willful destruction of government property with the intent to cause injury, destruction, defective production of national defense, or war materials by either an act of commission or omission.

Question 73

SECRET

Answer 73

The classification level applied to information, the unauthorized disclosure of which reasonably could be expected to cause serious damage to national security.

Question 74

Security Classification Guide

Answer 74

A document issued by an authorized original classifier
that identifies the elements of information regarding a specific subject that must be classified and prescribes the level and duration of classified and appropriate declassification instructions. Classification guides for contractors are referenced in the Contract Security Classification Specification (DD Form 254) and provided by the GCA.

Question 75

Security Violation

Answer 75

A failure to comply with the policy and procedures established by the NISPOM that reasonably could result in the loss or compromise of classified information.

Question 76

Security Vulnerability Assessment (SVA)

Answer 76

A review of a contractor security program done by a Defense Security Service Industrial Security Representative. The SVA can be done individually or as a team.

Question 77

SF 312

Answer 77

The Classified Information Nondisclosure Agreement is a non disclosure agreement required under Executive Order 13292 to be signed by employees of the U.S. Federal Government or one of its contractors before they are granted access to
classified information.

Question 78

SF 328

Answer 78

A 10-question survey designed to help identify the presence of FOCI in an organization, and provides the basis around which the FOCI analysis process is organized. Completed using e-FCL.

Question 79

Special Access Program (SAP)

Answer 79

Any program that is established to control access, distribution, and to provide protection for particularly sensitive classified information beyond that normally required for TOP SERCRET, SECRET, or CONFIDENTIAL information. A SAP can be created or continued only as authorized by a senior agency official delegated such authority pursuant to the NISPOM.

Question 80

Standard Practice Procedures (SPP)

Answer 80

A document(s) prepared by a contractor that implements the applicable requirements of the NISPOM for the contractor’s operations and involvement with classified information at the contractor’s facility.

Question 81

Subversive Activities

Answer 81

Subversive activities are willful acts that are intended to be
detrimental to the best interests of the government and that do not fall into the categories of treason, sedition, sabotage, or espionage.

Question 82

Suspected Compromise

Answer 82

Occurs whenever identifiable classified information has been
made available to unauthorized individual(s) who may have gained access to the information.

Question 83

Suspicious Contact

Answer 83

Efforts by any individual, regardless of nationality, to obtain illegal or unauthorized access to classified information or to compromise a cleared employee, all contacts by cleared employees with known or suspected intelligence officers from any country, or any contact which suggests the employee concerned may be the target of an attempted exploitation by the intelligence services of another country.

Question 84

Terrorism

Answer 84

The calculated use of violence or threat of violence to inculcate fear; intended to coerce or to intimidate governments or societies in the pursuit of goals that are generally political, religious, or ideological.

Question 85

TOP SECRET

Answer 85

The classification level applied to information, the unauthorized disclosure of which reasonably could be expected to cause exceptionally grave damage to the national security.

Question 86

Transmission

Answer 86

The sending of information from one place to another by audio, microwave, laser, or other non-connective methods, as well as by cable, wire, or other connective medium; information or data transmitted electronically. Transmission also includes movement involving the actual transfer of custody and responsibility for a document or other classified material from one authorized addressee to another.