SlideShare a Scribd company logo

Foca_sbatc

G
guest66dc5f
BusinessTechnology
1 of 26
Download to read offline
The DD254 & You Small Business Innovative Research (SBIR) Joyce K. Foca P-8A MMA Security Manager (301) 757-2961 joyce.foca@navy.mil
Remember… To do great important tasks, Three things are necessary….. 1. A Plan 2. Not quite enough time 3. Small Business Innovative Research
Why Are We Here? • To help you understand: • Access & Performance requirements of classified contracts – The Facility Clearance (FCL) process; • Personnel Security Clearances (PCL) – The Contract Security Classification Specification (DD254); – To explain your security responsibilities
Classified Information is: • Information determined to require protection in the interests of our national security. • Owned by, produced by or for, or under the control of the U.S. Government. • Determined to require protection against unauthorized disclosure • Is so designated (TS, S & C)
Facility Clearances • Don’t need an Facility Clearance (FCL) when submitting a proposal if classified access won’t occur prior to award • We can’t limit competition • Security Team submits Request for FCL on award • Getting a Facility Clearance (FCL) – Key Management Personnel (KMP) • Senior Management and Facility Security Officer (FSO) • Employees cannot have access until company has been granted an FCL – Difference between clearance and access • ‘Negotiators’ can be submitted simultaneously with KMPs
WHY DO YOU NEED A DD254? “The Official Response” “The security of the U.S. depends, in part, on the proper safeguarding of classified information released to industry. (The National Industrial Security Program) established by E.O 12829 to assure the safeguarding of classified information in the hands of U.S. industrial organizations, educational institutions, and all organizations and facilities (both prime and sub- contractors).” Arthur L. Money – Senior Civilian DoD Official Office of the Assistant Secretary of Defense-C3I “In other words....” To make sure 11M classified documents released to over 11,000 cleared facilities are protected! Classified Contracts impose access & performance limitations on Contractors
How do you do that? (DD254-Contract Security Classification Specification) •DD 254 – ONLY authorized means for providing security requirements and classification guidance to a contractor – “Commanding Officers shall ensure that a DD254 is incorporated into every classified contract.” – Any contract that requires or will require access to classified information, by a contractor in the performance of a contract – All phases of pre-contract activity through award » Solicitations; Bids; Quotations; Proposals Can ONLY be signed by a Contracting Officer’s Security – Representative (COSR)/Security COR
1. CLEARANCE AND SAFEGUARDING DEPARTMENT OF DEFENSE CONTRACT SECURITY CLASSIFICATION SPECIFICATION a. FACILITY CLEARANCE REQUIRED (The requirements of the DoD National Industrial Security Program a.LEVEL OF SAFEGUARDING REQUIRED Operating Manual apply to all security aspects of this effort.) 2. THIS SPECIFICATION IS FOR: (X and complete as applicable) 3. THIS SPECIFICATION IS: (X and complete as applicable) a. PRIME CONTRACT NUMBER a. ORIGINAL (Complete date in all cases) DATE (YYYYMMDD) b. SUBCONTRACT NUMBER b. REVISED (Supersedes Revision Number DATE (YYYYMMDD) all previous specs) c. SOLICITATION OR OTHER NUMBER DUE DATE (YYYYMMDD) c. FINAL (Complete Item 5 in all cases) DATE (YYYYMMDD) 4. IS THIS A FOLLOW-ON CONTRACT? YES NO. If YES, complete the following: _ _ (preceding contract number) is transferred to this follow-on contract. Classified material received or generated under 5. IS THIS A FINAL DD FORM 254? YES NO. If YES, complete the following: In response to the contractor's request dated retention of the identified classified material is authorized for the period of . 6. CONTRACTOR (Include Commercial and Government Entity (CAGE) Code) a. NAME, ADDRESS, AND ZIP CODE b. CAGE CODE c. COGNIZANT SECURITY OFFICE (Name, Address, and Zip Code) 7. SUBCONTRACTOR a. NAME, ADDRESS, AND ZIP CODE b. CAGE CODE c. COGNIZANT SECURITY OFFICE (Name, Address, and Zip Code)
11. IN PERFORMING THIS CONTRACT, THE CONTRACTOR WILL: 10. THIS CONTRACT WILL REQUIRE ACCESS TO: YES NO YES NO a. COMMUNICATIONS SECURITY (COMSEC) INFORMATION a. HAVE ACCESS TO CLASSIFIED INFORMATION ONLY AT ANOTHER CONTRACTOR'S FACILITY OR A GOVERNMENT ACTIVITY b. RESTRICTED DATA b. RECEIVE CLASSIFIED DOCUMENTS ONLY c. CRITICAL NUCLEAR WEAPON DESIGN INFORMATION c. RECEIVE AND GENERATE CLASSIFIED MATERIAL d. FORMERLY RESTRICTED DATA d. FABRICATE, MODIFY, OR STORE CLASSIFIED HARDWARE e. INTELLIGENCE INFORMATION: e. PERFORM SERVICES ONLY (1) SENSITIVE COMPARTMENT INFORMATION (SCI) f. HAVE ACCESS TO U.S. CLASSIFIED INFORMATION OUTSIDE THE U.S., PUERTO RICO, U.S. POSSESSIONS AND TRUST TERRITORIES (2) NON-SCI g. BE AUTHORIZED TO USE THE SERVICES OF DEFENSE TECHNICAL INFORMATION CENTER (DTIC) OR OTHER SECONDARY DISTRIBUTION CENTER f. SPECIAL ACCESS INFORMATION h. REQUIRE A COMSEC ACCOUNT g. NATO INFORMATION i. HAVE TEMPEST REQUIREMENTS h. FOREIGN GOVERNMENT INFORMATION j. HAVE OPERATIONS SECURITY (OPSEC) REQUIREMENTS i. LIMITED DISSEMINATION INFORMATION k. BE AUTHORIZED TO USE THE DEFENSE COURIER SERVICE j. FOR OFFICIAL USE ONLY INFORMATION l. OTHER (Specify). k. OTHER (Specify)
12. PUBLIC RELEASE. Any information (classified or unclassified) pertaining to this contract shall not be released for public dissemination except a provided by the Industrial Security Manual or unless it has been approved for public release by appropriate U.S. government authority. Proposed public releases shall be submitted for approval prior to release Direct Through (Specify): X to the Directorate for Freedom of Information and Security Review, Office of the Assistant Security of Defense (Public Affairs)* for review. *In the case of non-DoD User Agencies, requests for disclosure shall be submitted to that agency. 13. SECURITY GUIDANCE. The security classification guidance needed for this classified effort is identified below. If any difficulty is encountered in applying this guidance or if any other contributing factor indicates a need for changes in this guidance, the contractor is authorized and encouraged to provide recommended changes; to challenge the guidance or the classification assigned to any information or material furnished or generated under this contract; and to submit any questions for interpretation of this guidance to the official identified below. Pending final decision, the information involved shall be handled and protected at the highest level of classification assigned or recommended. (Fill in as appropriate for the classified effort. Attach, or forward under separate correspondence, any documents/guides/extracts referenced herein. Add additional pages as needed to provide complete guidance.) 14. ADDITIONAL SECURITY REQUIREMENTS. Requirements, in addition to NISPOM requirements, are established for this contract. (If Yes, identify the pertinent contractual clauses in the contract document itself, or provide an appropriate statement which identifies the YES NO X additional requirements. Provide a copy of the requirements to the cognizant security office. Use item 13 if additional space is needed.)
16. CERTIFICATION AND SIGNATURE. Security requirements stated herein are complete and adequate for safeguarding the classified information to be released or generated under this classified effort. All questions shall be referred to the official named below. a. TYPED NAME OF CERTIFYING OFFICIAL b. TITLE c. TELEPHONE (Include Area Code) CONTRACTING OFFICER’S SECURITY REPRESENTATIVE (COSR) d. ADDRESS (Include Zip Code) 17. REQUIRED DISTRIBUTION a. CONTRACTOR X b. SUBCONTRACTOR c. COGNIZANT SECURITY OFFICE FOR PRIME AND SUBCONTRACTOR X d. U.S. ACTIVITY RESPONSIBLE FOR OVERSEAS SECURITY ADMINISTRATION e. SIGNATURE e. ADMINISTRATIVE CONTRACTING OFFICER f. OTHERS AS NECESSARY X COR, COSR
What Does the DD254 Tell Us? A Contractor’s Need-To-Know A determination made by an authorized holder of classified information that a prospective recipient, in the interest of National Security, has a requirement for access to, knowledge, or possession of the classified information in order to perform tasks or services essential to the fulfillment of an official U.S. government program. Unauthorized disclosure: A communication or physical transfer of classified Information or controlled unclassified information to an unauthorized recipient. Unauthorized Recipient: An individual who is not cleared and/or does not have a need-to-know in order to perform their official duties.
What Does the DD254 Tell Us (con’t) • Classification Guidance – Security Classification Guides • Security Requirements – What level of information can be accessed for this effort – Where he can have access – Distribution Statements required on technical documents created by the contractor – Requirements not addressed in the NISPOM • (OPSEC, OSD requirements, SECNAV/Local Command Instructions.
QUESTIONS & ANSWERS
COOKIES….. • How will I get you to remember what you’ve learned today? • My grandson’s would say…..Bobchi, please read me a story…..
To help you remember….
He’s going to ask for…… A glass of milk…. …then he’ll want you to read him a story
When he sees the pictures… he’ll want paper and crayons… …he’ll draw a picture and want to hang it on your refrigerator…
So….. He’ll hang up his drawing, and stand back to look at it…… Looking at the refrigerator will remind him, he’s thirsty…
And chances are…. If he asks for a glass of milk… he’ll want a cookie to go with it! I’m not comparing contractors to mice but forming an analogy between contractors being given classified information and a mouse being given a cookie and wanting more and more……
The DD254 & You Background Information (more than you ever wanted to know about the DD254)
Background (continued) • Program Authority – E.O. 12829 - National Industrial Security Program – E.O. 12958 (as amended)- Classified National Security Information – DoD 5220.22-R – Industrial Security Program Regulation (ISR) – DoD 5220.22-M – National Industrial Security Program Manual (NISPOM) – DoD Federal Acquisition Regulation – DoD Defense Federal Acquisition Regulation Supplement – DoD 5400.7-R – DoD Freedom of Information Act Program
Background (continued) • Program Authority (continued) – SECNAV 5510.36 DON Information Security Program Instruction – SECNAV M-5510.36 – DON Information Security Program Manual – SECNAV 5510.30B – DON Personnel Security Program Instruction – SECNAV M-5510.30B – DON Personnel Security Program Manual – NAVSUP 4205.3B – Contracting Officer’s Representative – OPNAV 5239.1B – Navy Information Assurance (IA) Program
Background (continued) • Program Authority (continued) – OPNAV C5510.93F – Navy/Marine Corps Implementation of National Policy on Control of Compromising Emanations (TEMPEST) – OPNAV 3432.1 – Operations Security (OPSEC) • Contracting Officer’s Representative
COSR RESPONSIBILITIES • Review SOW – Ensure that access to or receipt and generation of classified information is required for contract performance. • Validate classification guidance – Coordinate review of the DD254 and classification guidance – Meet with the COR/TPOC to review the draft DD254 • Sign DD Form 254 – Issue a revised DD254 and other guidance as necessary – Resolve problems related to classified information provided to the contractor – Provide when necessary, in coordination with the COR/TPOC , additional security requirements, beyond those required by the .36, in the DD254, or the contract document itself.
COSR RESPONSIBILITIES • Initiate all requests for FCLs with DSS OCC • Verify the FCL and storage capability prior to release of classified information • Validate justification for Interim Top Secret FCLs • Validate & endorse requests from industry for LAAs • Certify and approve DTIC requests • Review requests for retention – After 2 year period – Provide disposition instructions or issue Final DD254 • Issue ‘task order’ DD254s, as appropriate • Review reports of security violations and compromises within industry and advise COR/TPOC

Recommended

Starsight Defense Solution
Starsight Defense SolutionStarsight Defense Solution
Starsight Defense Solution
Spontane_IT
 
Golfphotos
GolfphotosGolfphotos
Golfphotos
guest66dc5f
 
Varun-Subtle_Security_flaws
Varun-Subtle_Security_flawsVarun-Subtle_Security_flaws
Varun-Subtle_Security_flaws
guest66dc5f
 
arma05-era
arma05-eraarma05-era
arma05-era
guest66dc5f
 
01_Day_1_Oxburgh
01_Day_1_Oxburgh01_Day_1_Oxburgh
01_Day_1_Oxburgh
guest66dc5f
 
Media and Public Health Law
Media and Public Health LawMedia and Public Health Law
Media and Public Health Law
guest66dc5f
 
05_Day_1_Lackner
05_Day_1_Lackner05_Day_1_Lackner
05_Day_1_Lackner
guest66dc5f
 
Daniel Buzby
Daniel BuzbyDaniel Buzby
Daniel Buzby
guest66dc5f
 

Recommended

Starsight Defense Solution
Starsight Defense SolutionStarsight Defense Solution
Starsight Defense Solution
Spontane_IT
 
Golfphotos
GolfphotosGolfphotos
Golfphotos
guest66dc5f
 
Varun-Subtle_Security_flaws
Varun-Subtle_Security_flawsVarun-Subtle_Security_flaws
Varun-Subtle_Security_flaws
guest66dc5f
 
arma05-era
arma05-eraarma05-era
arma05-era
guest66dc5f
 
01_Day_1_Oxburgh
01_Day_1_Oxburgh01_Day_1_Oxburgh
01_Day_1_Oxburgh
guest66dc5f
 
Media and Public Health Law
Media and Public Health LawMedia and Public Health Law
Media and Public Health Law
guest66dc5f
 
05_Day_1_Lackner
05_Day_1_Lackner05_Day_1_Lackner
05_Day_1_Lackner
guest66dc5f
 
Daniel Buzby
Daniel BuzbyDaniel Buzby
Daniel Buzby
guest66dc5f
 
Project Performance Evaluations
Project Performance EvaluationsProject Performance Evaluations
Project Performance Evaluations
svandegrift
 
micron technollogy 2004_10K
micron technollogy 2004_10Kmicron technollogy 2004_10K
micron technollogy 2004_10K
finance36
 
Mil std-100 g
Mil std-100 gMil std-100 g
Mil std-100 g
zaky_iben
 
micron technollogy 1999_10k
micron technollogy 1999_10kmicron technollogy 1999_10k
micron technollogy 1999_10k
finance36
 
Cloud computing contract checklist modified -- Procurement
Cloud computing contract checklist modified -- ProcurementCloud computing contract checklist modified -- Procurement
Cloud computing contract checklist modified -- Procurement
David Sweigert
 
micron technollogy 10k_2005
micron technollogy 10k_2005micron technollogy 10k_2005
micron technollogy 10k_2005
finance36
 
micron technollogy 10k_2006
micron technollogy 10k_2006micron technollogy 10k_2006
micron technollogy 10k_2006
finance36
 
Element Of Insurance Ca
Element Of Insurance CaElement Of Insurance Ca
Element Of Insurance Ca
clementraj
 
micron technollogy 2002_10K
micron technollogy 2002_10Kmicron technollogy 2002_10K
micron technollogy 2002_10K
finance36
 
micron technollogy 2000_10k
micron technollogy 2000_10kmicron technollogy 2000_10k
micron technollogy 2000_10k
finance36
 
Trade Secrets Lsi Talk 11 18
Trade Secrets Lsi Talk 11 18Trade Secrets Lsi Talk 11 18
Trade Secrets Lsi Talk 11 18
blyerla
 
micron technollogy 2003_10-K
micron technollogy 2003_10-Kmicron technollogy 2003_10-K
micron technollogy 2003_10-K
finance36
 
Risk allocation in offshore E&P projects
Risk allocation in offshore E&P projectsRisk allocation in offshore E&P projects
Risk allocation in offshore E&P projects
ClydeCoOffshore
 
Security In The Supply Chain
Security In The Supply ChainSecurity In The Supply Chain
Security In The Supply Chain
John Gilligan
 
micron technollogy 10KFY2007
micron technollogy 10KFY2007micron technollogy 10KFY2007
micron technollogy 10KFY2007
finance36
 
A Clear Path to NIST & CMMC Compliance - 2022 Summit.pptx
A Clear Path to NIST & CMMC Compliance - 2022 Summit.pptxA Clear Path to NIST & CMMC Compliance - 2022 Summit.pptx
A Clear Path to NIST & CMMC Compliance - 2022 Summit.pptx
Jack Nichelson
 
Scs.pptx repaired
Scs.pptx repairedScs.pptx repaired
Scs.pptx repaired
Saransh Garg
 
NAME's Drafted Appendix - K
NAME's Drafted Appendix - KNAME's Drafted Appendix - K
NAME's Drafted Appendix - K
A-Square Technology Group/Nascent Applied Methods and Endeavors
 
2011 CTM Session 2: Terminology for Products
2011 CTM Session 2: Terminology for Products2011 CTM Session 2: Terminology for Products
2011 CTM Session 2: Terminology for Products
novacsi
 
micron technollogy 2001_10k
micron technollogy 2001_10kmicron technollogy 2001_10k
micron technollogy 2001_10k
finance36
 
Os Timed Original
Os Timed OriginalOs Timed Original
Os Timed Original
guest66dc5f
 
Control your entire house with your iPhone
Control your entire house with your iPhoneControl your entire house with your iPhone
Control your entire house with your iPhone
guest66dc5f
 

More Related Content

Similar to Foca_sbatc

Project Performance Evaluations
Project Performance EvaluationsProject Performance Evaluations
Project Performance Evaluations
svandegrift
 
micron technollogy 2004_10K
micron technollogy 2004_10Kmicron technollogy 2004_10K
micron technollogy 2004_10K
finance36
 
micron technollogy 1999_10k
micron technollogy 1999_10kmicron technollogy 1999_10k
micron technollogy 1999_10k
finance36
 
micron technollogy 10k_2005
micron technollogy 10k_2005micron technollogy 10k_2005
micron technollogy 10k_2005
finance36
 
micron technollogy 10k_2006
micron technollogy 10k_2006micron technollogy 10k_2006
micron technollogy 10k_2006
finance36
 
Element Of Insurance Ca
Element Of Insurance CaElement Of Insurance Ca
Element Of Insurance Ca
clementraj
 
micron technollogy 2002_10K
micron technollogy 2002_10Kmicron technollogy 2002_10K
micron technollogy 2002_10K
finance36
 
micron technollogy 2000_10k
micron technollogy 2000_10kmicron technollogy 2000_10k
micron technollogy 2000_10k
finance36
 
Trade Secrets Lsi Talk 11 18
Trade Secrets Lsi Talk 11 18Trade Secrets Lsi Talk 11 18
Trade Secrets Lsi Talk 11 18
blyerla
 
micron technollogy 2003_10-K
micron technollogy 2003_10-Kmicron technollogy 2003_10-K
micron technollogy 2003_10-K
finance36
 
Risk allocation in offshore E&P projects
Risk allocation in offshore E&P projectsRisk allocation in offshore E&P projects
Risk allocation in offshore E&P projects
ClydeCoOffshore
 
micron technollogy 10KFY2007
micron technollogy 10KFY2007micron technollogy 10KFY2007
micron technollogy 10KFY2007
finance36
 
A Clear Path to NIST & CMMC Compliance - 2022 Summit.pptx
A Clear Path to NIST & CMMC Compliance - 2022 Summit.pptxA Clear Path to NIST & CMMC Compliance - 2022 Summit.pptx
A Clear Path to NIST & CMMC Compliance - 2022 Summit.pptx
Jack Nichelson
 
micron technollogy 2001_10k
micron technollogy 2001_10kmicron technollogy 2001_10k
micron technollogy 2001_10k
finance36
 

Similar to Foca_sbatc (20)

Project Performance Evaluations
Project Performance EvaluationsProject Performance Evaluations
Project Performance Evaluations
 
micron technollogy 2004_10K
micron technollogy 2004_10Kmicron technollogy 2004_10K
micron technollogy 2004_10K
 
Mil std-100 g
Mil std-100 gMil std-100 g
Mil std-100 g
 
micron technollogy 1999_10k
micron technollogy 1999_10kmicron technollogy 1999_10k
micron technollogy 1999_10k
 
Cloud computing contract checklist modified -- Procurement
Cloud computing contract checklist modified -- ProcurementCloud computing contract checklist modified -- Procurement
Cloud computing contract checklist modified -- Procurement
 
micron technollogy 10k_2005
micron technollogy 10k_2005micron technollogy 10k_2005
micron technollogy 10k_2005
 
micron technollogy 10k_2006
micron technollogy 10k_2006micron technollogy 10k_2006
micron technollogy 10k_2006
 
Element Of Insurance Ca
Element Of Insurance CaElement Of Insurance Ca
Element Of Insurance Ca
 
micron technollogy 2002_10K
micron technollogy 2002_10Kmicron technollogy 2002_10K
micron technollogy 2002_10K
 
micron technollogy 2000_10k
micron technollogy 2000_10kmicron technollogy 2000_10k
micron technollogy 2000_10k
 
Trade Secrets Lsi Talk 11 18
Trade Secrets Lsi Talk 11 18Trade Secrets Lsi Talk 11 18
Trade Secrets Lsi Talk 11 18
 
micron technollogy 2003_10-K
micron technollogy 2003_10-Kmicron technollogy 2003_10-K
micron technollogy 2003_10-K
 
Risk allocation in offshore E&P projects
Risk allocation in offshore E&P projectsRisk allocation in offshore E&P projects
Risk allocation in offshore E&P projects
 
Security In The Supply Chain
Security In The Supply ChainSecurity In The Supply Chain
Security In The Supply Chain
 
micron technollogy 10KFY2007
micron technollogy 10KFY2007micron technollogy 10KFY2007
micron technollogy 10KFY2007
 
A Clear Path to NIST & CMMC Compliance - 2022 Summit.pptx
A Clear Path to NIST & CMMC Compliance - 2022 Summit.pptxA Clear Path to NIST & CMMC Compliance - 2022 Summit.pptx
A Clear Path to NIST & CMMC Compliance - 2022 Summit.pptx
 
Scs.pptx repaired
Scs.pptx repairedScs.pptx repaired
Scs.pptx repaired
 
NAME's Drafted Appendix - K
NAME's Drafted Appendix - KNAME's Drafted Appendix - K
NAME's Drafted Appendix - K
 
2011 CTM Session 2: Terminology for Products
2011 CTM Session 2: Terminology for Products2011 CTM Session 2: Terminology for Products
2011 CTM Session 2: Terminology for Products
 
micron technollogy 2001_10k
micron technollogy 2001_10kmicron technollogy 2001_10k
micron technollogy 2001_10k
 

More from guest66dc5f

Os Timed Original
Os Timed OriginalOs Timed Original
Os Timed Original
guest66dc5f
 
Control your entire house with your iPhone
Control your entire house with your iPhoneControl your entire house with your iPhone
Control your entire house with your iPhone
guest66dc5f
 
Awesome car collection
Awesome car collectionAwesome car collection
Awesome car collection
guest66dc5f
 
Sunil-Hacking_firefox
Sunil-Hacking_firefoxSunil-Hacking_firefox
Sunil-Hacking_firefox
guest66dc5f
 
Rahul-Analysis_of_Adversarial_Code
Rahul-Analysis_of_Adversarial_CodeRahul-Analysis_of_Adversarial_Code
Rahul-Analysis_of_Adversarial_Code
guest66dc5f
 
Chetan-Mining_Digital_Evidence_in_Microsoft_Windows
Chetan-Mining_Digital_Evidence_in_Microsoft_WindowsChetan-Mining_Digital_Evidence_in_Microsoft_Windows
Chetan-Mining_Digital_Evidence_in_Microsoft_Windows
guest66dc5f
 
WHITEPAPER-7_years_of_Indian_Cyber_Law
WHITEPAPER-7_years_of_Indian_Cyber_LawWHITEPAPER-7_years_of_Indian_Cyber_Law
WHITEPAPER-7_years_of_Indian_Cyber_Law
guest66dc5f
 
Rohas-7_years_of_indian_cyber_laws
Rohas-7_years_of_indian_cyber_lawsRohas-7_years_of_indian_cyber_laws
Rohas-7_years_of_indian_cyber_laws
guest66dc5f
 
Shreeraj-Hacking_Web_2
Shreeraj-Hacking_Web_2Shreeraj-Hacking_Web_2
Shreeraj-Hacking_Web_2
guest66dc5f
 
Dror-Crazy_toaster
Dror-Crazy_toasterDror-Crazy_toaster
Dror-Crazy_toaster
guest66dc5f
 
Ajit-Legiment_Techniques
Ajit-Legiment_TechniquesAjit-Legiment_Techniques
Ajit-Legiment_Techniques
guest66dc5f
 
longisland_golf_07
longisland_golf_07longisland_golf_07
longisland_golf_07
guest66dc5f
 
GolfLakeCity_002
GolfLakeCity_002GolfLakeCity_002
GolfLakeCity_002
guest66dc5f
 

More from guest66dc5f (20)

Os Timed Original
Os Timed OriginalOs Timed Original
Os Timed Original
 
Control your entire house with your iPhone
Control your entire house with your iPhoneControl your entire house with your iPhone
Control your entire house with your iPhone
 
Awesome car collection
Awesome car collectionAwesome car collection
Awesome car collection
 
Freaky car number plates
Freaky car number platesFreaky car number plates
Freaky car number plates
 
David-FPGA
David-FPGADavid-FPGA
David-FPGA
 
Sunil-Hacking_firefox
Sunil-Hacking_firefoxSunil-Hacking_firefox
Sunil-Hacking_firefox
 
Rahul-Analysis_of_Adversarial_Code
Rahul-Analysis_of_Adversarial_CodeRahul-Analysis_of_Adversarial_Code
Rahul-Analysis_of_Adversarial_Code
 
Chetan-Mining_Digital_Evidence_in_Microsoft_Windows
Chetan-Mining_Digital_Evidence_in_Microsoft_WindowsChetan-Mining_Digital_Evidence_in_Microsoft_Windows
Chetan-Mining_Digital_Evidence_in_Microsoft_Windows
 
WHITEPAPER-7_years_of_Indian_Cyber_Law
WHITEPAPER-7_years_of_Indian_Cyber_LawWHITEPAPER-7_years_of_Indian_Cyber_Law
WHITEPAPER-7_years_of_Indian_Cyber_Law
 
Rohas-7_years_of_indian_cyber_laws
Rohas-7_years_of_indian_cyber_lawsRohas-7_years_of_indian_cyber_laws
Rohas-7_years_of_indian_cyber_laws
 
David-FPGA
David-FPGADavid-FPGA
David-FPGA
 
Shreeraj-Hacking_Web_2
Shreeraj-Hacking_Web_2Shreeraj-Hacking_Web_2
Shreeraj-Hacking_Web_2
 
Dror-Crazy_toaster
Dror-Crazy_toasterDror-Crazy_toaster
Dror-Crazy_toaster
 
Ajit-Legiment_Techniques
Ajit-Legiment_TechniquesAjit-Legiment_Techniques
Ajit-Legiment_Techniques
 
CostofWarinIraq
CostofWarinIraqCostofWarinIraq
CostofWarinIraq
 
NR-golf-sept07
NR-golf-sept07NR-golf-sept07
NR-golf-sept07
 
NR-golf-sept07
NR-golf-sept07NR-golf-sept07
NR-golf-sept07
 
golf
golfgolf
golf
 
longisland_golf_07
longisland_golf_07longisland_golf_07
longisland_golf_07
 
GolfLakeCity_002
GolfLakeCity_002GolfLakeCity_002
GolfLakeCity_002
 

Recently uploaded

Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
pujan9679
 
KALYANI 💋 Call Girl 9827461493 Call Girls in Escort service book now
KALYANI 💋 Call Girl 9827461493 Call Girls in Escort service book nowKALYANI 💋 Call Girl 9827461493 Call Girls in Escort service book now
KALYANI 💋 Call Girl 9827461493 Call Girls in Escort service book now
kapoorjyoti4444
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
uneakwhite
 
obat aborsi bandung wa 081336238223 jual obat aborsi cytotec asli di bandung9...
obat aborsi bandung wa 081336238223 jual obat aborsi cytotec asli di bandung9...obat aborsi bandung wa 081336238223 jual obat aborsi cytotec asli di bandung9...
obat aborsi bandung wa 081336238223 jual obat aborsi cytotec asli di bandung9...
yulianti213969
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
allensay1
 
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All TimeCall 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
gargpaaro
 
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book nowPARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
kapoorjyoti4444
 

Recently uploaded (20)

WheelTug Short Pitch Deck 2024 | Byond Insights
WheelTug Short Pitch Deck 2024 | Byond InsightsWheelTug Short Pitch Deck 2024 | Byond Insights
WheelTug Short Pitch Deck 2024 | Byond Insights
 
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
Berhampur Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Berhampur Call Girl Just Call 8084732287 Top Class Call Girl Service AvailableBerhampur Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Berhampur Call Girl Just Call 8084732287 Top Class Call Girl Service Available
 
Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
Chennai Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Av...
 
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
 
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
 
Bangalore Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Service Avai...
Bangalore Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Service Avai...Bangalore Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Service Avai...
Bangalore Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Service Avai...
 
Cuttack Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Cuttack Call Girl Just Call 8084732287 Top Class Call Girl Service AvailableCuttack Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Cuttack Call Girl Just Call 8084732287 Top Class Call Girl Service Available
 
Buy gmail accounts.pdf buy Old Gmail Accounts
Buy gmail accounts.pdf buy Old Gmail AccountsBuy gmail accounts.pdf buy Old Gmail Accounts
Buy gmail accounts.pdf buy Old Gmail Accounts
 
KALYANI 💋 Call Girl 9827461493 Call Girls in Escort service book now
KALYANI 💋 Call Girl 9827461493 Call Girls in Escort service book nowKALYANI 💋 Call Girl 9827461493 Call Girls in Escort service book now
KALYANI 💋 Call Girl 9827461493 Call Girls in Escort service book now
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
 
obat aborsi bandung wa 081336238223 jual obat aborsi cytotec asli di bandung9...
obat aborsi bandung wa 081336238223 jual obat aborsi cytotec asli di bandung9...obat aborsi bandung wa 081336238223 jual obat aborsi cytotec asli di bandung9...
obat aborsi bandung wa 081336238223 jual obat aborsi cytotec asli di bandung9...
 
Cannabis Legalization World Map: 2024 Updated
Cannabis Legalization World Map: 2024 UpdatedCannabis Legalization World Map: 2024 Updated
Cannabis Legalization World Map: 2024 Updated
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
Ooty Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Avail...
Ooty Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Avail...Ooty Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Avail...
Ooty Call Gril 80022//12248 Only For Sex And High Profile Best Gril Sex Avail...
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
 
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All TimeCall 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
 
Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165
Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165
Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165
 
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book nowPARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
PARK STREET 💋 Call Girl 9827461493 Call Girls in Escort service book now
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
 

Foca_sbatc

  • 1. The DD254 & You Small Business Innovative Research (SBIR) Joyce K. Foca P-8A MMA Security Manager (301) 757-2961 joyce.foca@navy.mil
  • 2. Remember… To do great important tasks, Three things are necessary….. 1. A Plan 2. Not quite enough time 3. Small Business Innovative Research
  • 3. Why Are We Here? • To help you understand: • Access & Performance requirements of classified contracts – The Facility Clearance (FCL) process; • Personnel Security Clearances (PCL) – The Contract Security Classification Specification (DD254); – To explain your security responsibilities
  • 4. Classified Information is: • Information determined to require protection in the interests of our national security. • Owned by, produced by or for, or under the control of the U.S. Government. • Determined to require protection against unauthorized disclosure • Is so designated (TS, S & C)
  • 5. Facility Clearances • Don’t need an Facility Clearance (FCL) when submitting a proposal if classified access won’t occur prior to award • We can’t limit competition • Security Team submits Request for FCL on award • Getting a Facility Clearance (FCL) – Key Management Personnel (KMP) • Senior Management and Facility Security Officer (FSO) • Employees cannot have access until company has been granted an FCL – Difference between clearance and access • ‘Negotiators’ can be submitted simultaneously with KMPs
  • 6. WHY DO YOU NEED A DD254? “The Official Response” “The security of the U.S. depends, in part, on the proper safeguarding of classified information released to industry. (The National Industrial Security Program) established by E.O 12829 to assure the safeguarding of classified information in the hands of U.S. industrial organizations, educational institutions, and all organizations and facilities (both prime and sub- contractors).” Arthur L. Money – Senior Civilian DoD Official Office of the Assistant Secretary of Defense-C3I “In other words....” To make sure 11M classified documents released to over 11,000 cleared facilities are protected! Classified Contracts impose access & performance limitations on Contractors
  • 7. How do you do that? (DD254-Contract Security Classification Specification) •DD 254 – ONLY authorized means for providing security requirements and classification guidance to a contractor – “Commanding Officers shall ensure that a DD254 is incorporated into every classified contract.” – Any contract that requires or will require access to classified information, by a contractor in the performance of a contract – All phases of pre-contract activity through award » Solicitations; Bids; Quotations; Proposals Can ONLY be signed by a Contracting Officer’s Security – Representative (COSR)/Security COR
  • 8. 1. CLEARANCE AND SAFEGUARDING DEPARTMENT OF DEFENSE CONTRACT SECURITY CLASSIFICATION SPECIFICATION a. FACILITY CLEARANCE REQUIRED (The requirements of the DoD National Industrial Security Program a.LEVEL OF SAFEGUARDING REQUIRED Operating Manual apply to all security aspects of this effort.) 2. THIS SPECIFICATION IS FOR: (X and complete as applicable) 3. THIS SPECIFICATION IS: (X and complete as applicable) a. PRIME CONTRACT NUMBER a. ORIGINAL (Complete date in all cases) DATE (YYYYMMDD) b. SUBCONTRACT NUMBER b. REVISED (Supersedes Revision Number DATE (YYYYMMDD) all previous specs) c. SOLICITATION OR OTHER NUMBER DUE DATE (YYYYMMDD) c. FINAL (Complete Item 5 in all cases) DATE (YYYYMMDD) 4. IS THIS A FOLLOW-ON CONTRACT? YES NO. If YES, complete the following: _ _ (preceding contract number) is transferred to this follow-on contract. Classified material received or generated under 5. IS THIS A FINAL DD FORM 254? YES NO. If YES, complete the following: In response to the contractor's request dated retention of the identified classified material is authorized for the period of . 6. CONTRACTOR (Include Commercial and Government Entity (CAGE) Code) a. NAME, ADDRESS, AND ZIP CODE b. CAGE CODE c. COGNIZANT SECURITY OFFICE (Name, Address, and Zip Code) 7. SUBCONTRACTOR a. NAME, ADDRESS, AND ZIP CODE b. CAGE CODE c. COGNIZANT SECURITY OFFICE (Name, Address, and Zip Code)
  • 9. 11. IN PERFORMING THIS CONTRACT, THE CONTRACTOR WILL: 10. THIS CONTRACT WILL REQUIRE ACCESS TO: YES NO YES NO a. COMMUNICATIONS SECURITY (COMSEC) INFORMATION a. HAVE ACCESS TO CLASSIFIED INFORMATION ONLY AT ANOTHER CONTRACTOR'S FACILITY OR A GOVERNMENT ACTIVITY b. RESTRICTED DATA b. RECEIVE CLASSIFIED DOCUMENTS ONLY c. CRITICAL NUCLEAR WEAPON DESIGN INFORMATION c. RECEIVE AND GENERATE CLASSIFIED MATERIAL d. FORMERLY RESTRICTED DATA d. FABRICATE, MODIFY, OR STORE CLASSIFIED HARDWARE e. INTELLIGENCE INFORMATION: e. PERFORM SERVICES ONLY (1) SENSITIVE COMPARTMENT INFORMATION (SCI) f. HAVE ACCESS TO U.S. CLASSIFIED INFORMATION OUTSIDE THE U.S., PUERTO RICO, U.S. POSSESSIONS AND TRUST TERRITORIES (2) NON-SCI g. BE AUTHORIZED TO USE THE SERVICES OF DEFENSE TECHNICAL INFORMATION CENTER (DTIC) OR OTHER SECONDARY DISTRIBUTION CENTER f. SPECIAL ACCESS INFORMATION h. REQUIRE A COMSEC ACCOUNT g. NATO INFORMATION i. HAVE TEMPEST REQUIREMENTS h. FOREIGN GOVERNMENT INFORMATION j. HAVE OPERATIONS SECURITY (OPSEC) REQUIREMENTS i. LIMITED DISSEMINATION INFORMATION k. BE AUTHORIZED TO USE THE DEFENSE COURIER SERVICE j. FOR OFFICIAL USE ONLY INFORMATION l. OTHER (Specify). k. OTHER (Specify)
  • 10. 12. PUBLIC RELEASE. Any information (classified or unclassified) pertaining to this contract shall not be released for public dissemination except a provided by the Industrial Security Manual or unless it has been approved for public release by appropriate U.S. government authority. Proposed public releases shall be submitted for approval prior to release Direct Through (Specify): X to the Directorate for Freedom of Information and Security Review, Office of the Assistant Security of Defense (Public Affairs)* for review. *In the case of non-DoD User Agencies, requests for disclosure shall be submitted to that agency. 13. SECURITY GUIDANCE. The security classification guidance needed for this classified effort is identified below. If any difficulty is encountered in applying this guidance or if any other contributing factor indicates a need for changes in this guidance, the contractor is authorized and encouraged to provide recommended changes; to challenge the guidance or the classification assigned to any information or material furnished or generated under this contract; and to submit any questions for interpretation of this guidance to the official identified below. Pending final decision, the information involved shall be handled and protected at the highest level of classification assigned or recommended. (Fill in as appropriate for the classified effort. Attach, or forward under separate correspondence, any documents/guides/extracts referenced herein. Add additional pages as needed to provide complete guidance.) 14. ADDITIONAL SECURITY REQUIREMENTS. Requirements, in addition to NISPOM requirements, are established for this contract. (If Yes, identify the pertinent contractual clauses in the contract document itself, or provide an appropriate statement which identifies the YES NO X additional requirements. Provide a copy of the requirements to the cognizant security office. Use item 13 if additional space is needed.)
  • 11. 16. CERTIFICATION AND SIGNATURE. Security requirements stated herein are complete and adequate for safeguarding the classified information to be released or generated under this classified effort. All questions shall be referred to the official named below. a. TYPED NAME OF CERTIFYING OFFICIAL b. TITLE c. TELEPHONE (Include Area Code) CONTRACTING OFFICER’S SECURITY REPRESENTATIVE (COSR) d. ADDRESS (Include Zip Code) 17. REQUIRED DISTRIBUTION a. CONTRACTOR X b. SUBCONTRACTOR c. COGNIZANT SECURITY OFFICE FOR PRIME AND SUBCONTRACTOR X d. U.S. ACTIVITY RESPONSIBLE FOR OVERSEAS SECURITY ADMINISTRATION e. SIGNATURE e. ADMINISTRATIVE CONTRACTING OFFICER f. OTHERS AS NECESSARY X COR, COSR
  • 12. What Does the DD254 Tell Us? A Contractor’s Need-To-Know A determination made by an authorized holder of classified information that a prospective recipient, in the interest of National Security, has a requirement for access to, knowledge, or possession of the classified information in order to perform tasks or services essential to the fulfillment of an official U.S. government program. Unauthorized disclosure: A communication or physical transfer of classified Information or controlled unclassified information to an unauthorized recipient. Unauthorized Recipient: An individual who is not cleared and/or does not have a need-to-know in order to perform their official duties.
  • 13. What Does the DD254 Tell Us (con’t) • Classification Guidance – Security Classification Guides • Security Requirements – What level of information can be accessed for this effort – Where he can have access – Distribution Statements required on technical documents created by the contractor – Requirements not addressed in the NISPOM • (OPSEC, OSD requirements, SECNAV/Local Command Instructions.
  • 15. COOKIES….. • How will I get you to remember what you’ve learned today? • My grandson’s would say…..Bobchi, please read me a story…..
  • 16. To help you remember….
  • 17. He’s going to ask for…… A glass of milk…. …then he’ll want you to read him a story
  • 18. When he sees the pictures… he’ll want paper and crayons… …he’ll draw a picture and want to hang it on your refrigerator…
  • 19. So….. He’ll hang up his drawing, and stand back to look at it…… Looking at the refrigerator will remind him, he’s thirsty…
  • 20. And chances are…. If he asks for a glass of milk… he’ll want a cookie to go with it! I’m not comparing contractors to mice but forming an analogy between contractors being given classified information and a mouse being given a cookie and wanting more and more……
  • 21. The DD254 & You Background Information (more than you ever wanted to know about the DD254)
  • 22. Background (continued) • Program Authority – E.O. 12829 - National Industrial Security Program – E.O. 12958 (as amended)- Classified National Security Information – DoD 5220.22-R – Industrial Security Program Regulation (ISR) – DoD 5220.22-M – National Industrial Security Program Manual (NISPOM) – DoD Federal Acquisition Regulation – DoD Defense Federal Acquisition Regulation Supplement – DoD 5400.7-R – DoD Freedom of Information Act Program
  • 23. Background (continued) • Program Authority (continued) – SECNAV 5510.36 DON Information Security Program Instruction – SECNAV M-5510.36 – DON Information Security Program Manual – SECNAV 5510.30B – DON Personnel Security Program Instruction – SECNAV M-5510.30B – DON Personnel Security Program Manual – NAVSUP 4205.3B – Contracting Officer’s Representative – OPNAV 5239.1B – Navy Information Assurance (IA) Program
  • 24. Background (continued) • Program Authority (continued) – OPNAV C5510.93F – Navy/Marine Corps Implementation of National Policy on Control of Compromising Emanations (TEMPEST) – OPNAV 3432.1 – Operations Security (OPSEC) • Contracting Officer’s Representative
  • 25. COSR RESPONSIBILITIES • Review SOW – Ensure that access to or receipt and generation of classified information is required for contract performance. • Validate classification guidance – Coordinate review of the DD254 and classification guidance – Meet with the COR/TPOC to review the draft DD254 • Sign DD Form 254 – Issue a revised DD254 and other guidance as necessary – Resolve problems related to classified information provided to the contractor – Provide when necessary, in coordination with the COR/TPOC , additional security requirements, beyond those required by the .36, in the DD254, or the contract document itself.
  • 26. COSR RESPONSIBILITIES • Initiate all requests for FCLs with DSS OCC • Verify the FCL and storage capability prior to release of classified information • Validate justification for Interim Top Secret FCLs • Validate & endorse requests from industry for LAAs • Certify and approve DTIC requests • Review requests for retention – After 2 year period – Provide disposition instructions or issue Final DD254 • Issue ‘task order’ DD254s, as appropriate • Review reports of security violations and compromises within industry and advise COR/TPOC