fbpx
Wikipedia

National Industrial Security Program

January 01, 1970

The National Industrial Security Program, or NISP, is the nominal authority in the United States for managing the needs of private industry to access classified information.[1]

The NISP was established in 1993 by Executive Order 12829.[2] The National Security Council nominally sets policy for the NISP, while the Director of the Information Security Oversight Office is nominally the authority for implementation. Under the ISOO, the Secretary of Defense is nominally the Executive Agent, but the NISP recognizes four different Cognizant Security Agencies, all of which have equal authority: the Department of Defense, the Department of Energy, the Central Intelligence Agency, and the Nuclear Regulatory Commission.[3]

Defense Counterintelligence and Security Agency administers the NISP on behalf of the Department of Defense and 34 other federal agencies.

NISP Operating Manual (DoD 5220.22-M) edit

A major component of the NISP is the NISP Operating Manual, also called NISPOM, or DoD 5220.22-M. The NISPOM establishes the standard procedures and requirements for all government contractors, with regards to classified information. As of 2017, the current NISPOM edition is dated 28 Feb 2006. Chapters and selected sections of this edition are:[4]

Data sanitization edit

DoD 5220.22-M is sometimes cited as a standard for sanitization to counter data remanence. The NISPOM actually covers the entire field of government–industrial security, of which data sanitization is a very small part (about two paragraphs in a 141-page document).[5] Furthermore, the NISPOM does not actually specify any particular method. Standards for sanitization are left up to the Cognizant Security Authority. The Defense Security Service provides a Clearing and Sanitization Matrix (C&SM) which does specify methods.[6] As of the June 2007 edition of the DSS C&SM, overwriting is no longer acceptable for sanitization of magnetic media; only degaussing or physical destruction is acceptable.[7]

References edit

  1. ^ Manual reissues DoD 5220.22-M, "National Industrial Security Program Operating. 2006. CiteSeerX 10.1.1.180.8813.
  2. ^ "Executive Order 12829". FAS website. Retrieved 2007-04-01.
  3. ^ (PDF). DSS. Archived from the original (PDF) on 2006-04-20. Retrieved 2007-04-01. (59 KB)
  4. ^ "Download NISPOM". DSS. Retrieved 2010-11-10.
  5. ^ DoD (2006-02-28). "National Industrial Security Program Operating Manual (NISPOM)" (PDF). DSS. pp. 8–3–1. Retrieved 2013-03-07. (1.92 MB)
  6. ^ "DSS Clearing & Sanitization Matrix" (PDF). DSS. 2007-06-28. Retrieved 2011-04-26. (98 KB)
  7. ^ NIST (2014-12-18). Unrelated to NISP or NISPOM, National Institute of Standards and Technology (NIST) Computer Security Division Released Special Publication 800-88 Revision 1, Guidelines for Media Sanitization, 18 December 2014. Retrieved from http://csrc.nist.gov/news_events/news_archive/news_archive_2014.html#dec18.

External links edit

  • EO-12829 overview ("National Industrial Security Program")
  • EO-12829 PDF
  • NIST News Archive 2014-12-18

January 01, 1970
national, industrial, security, program, nisp, nominal, authority, united, states, managing, needs, private, industry, access, classified, information, nisp, established, 1993, executive, order, 12829, national, security, council, nominally, sets, policy, nisp. The National Industrial Security Program or NISP is the nominal authority in the United States for managing the needs of private industry to access classified information 1 The NISP was established in 1993 by Executive Order 12829 2 The National Security Council nominally sets policy for the NISP while the Director of the Information Security Oversight Office is nominally the authority for implementation Under the ISOO the Secretary of Defense is nominally the Executive Agent but the NISP recognizes four different Cognizant Security Agencies all of which have equal authority the Department of Defense the Department of Energy the Central Intelligence Agency and the Nuclear Regulatory Commission 3 Defense Counterintelligence and Security Agency administers the NISP on behalf of the Department of Defense and 34 other federal agencies Contents 1 NISP Operating Manual DoD 5220 22 M 1 1 Data sanitization 2 References 3 External linksNISP Operating Manual DoD 5220 22 M editA major component of the NISP is the NISP Operating Manual also called NISPOM or DoD 5220 22 M The NISPOM establishes the standard procedures and requirements for all government contractors with regards to classified information As of 2017 update the current NISPOM edition is dated 28 Feb 2006 Chapters and selected sections of this edition are 4 Chapter 1 General Provisions and Requirements Chapter 2 Security Clearances Section 1 Facility Clearances Section 2 Personnel Security Clearances Section 3 Foreign Ownership Control or Influence FOCI Chapter 3 Security Training and Briefings Chapter 4 Classification and Marking Chapter 5 Safeguarding Classified Information Chapter 6 Visits and Meetings Chapter 7 Subcontracting Chapter 8 Information System Security Chapter 9 Special Requirements Section 1 RD and FRD Section 2 DoD Critical Nuclear Weapon Design Information CNWDI Section 3 Intelligence Information Section 4 Communication Security COMSEC Chapter 10 International Security Requirements Chapter 11 Miscellaneous Information Section 1 TEMPEST Section 2 Defense Technical Information Center DTIC Section 3 Independent Research and Development IR amp D Efforts Appendices Data sanitization edit DoD 5220 22 M is sometimes cited as a standard for sanitization to counter data remanence The NISPOM actually covers the entire field of government industrial security of which data sanitization is a very small part about two paragraphs in a 141 page document 5 Furthermore the NISPOM does not actually specify any particular method Standards for sanitization are left up to the Cognizant Security Authority The Defense Security Service provides a Clearing and Sanitization Matrix C amp SM which does specify methods 6 As of the June 2007 edition of the DSS C amp SM overwriting is no longer acceptable for sanitization of magnetic media only degaussing or physical destruction is acceptable 7 References edit Manual reissues DoD 5220 22 M National Industrial Security Program Operating 2006 CiteSeerX 10 1 1 180 8813 Executive Order 12829 FAS website Retrieved 2007 04 01 NISP Brochure PDF DSS Archived from the original PDF on 2006 04 20 Retrieved 2007 04 01 59 KB Download NISPOM DSS Retrieved 2010 11 10 DoD 2006 02 28 National Industrial Security Program Operating Manual NISPOM PDF DSS pp 8 3 1 Retrieved 2013 03 07 1 92 MB DSS Clearing amp Sanitization Matrix PDF DSS 2007 06 28 Retrieved 2011 04 26 98 KB NIST 2014 12 18 Unrelated to NISP or NISPOM National Institute of Standards and Technology NIST Computer Security Division Released Special Publication 800 88 Revision 1 Guidelines for Media Sanitization 18 December 2014 Retrieved from http csrc nist gov news events news archive news archive 2014 html dec18 External links editEO 12829 overview National Industrial Security Program EO 12829 PDF NIST News Archive 2014 12 18 Retrieved from https en wikipedia org w index php title National Industrial Security Program amp oldid 1176179599 NISP Operating Manual DoD 5220 22 M, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.