Cleared defense contractors provide the technology and know-how that delivers products and services to our defense industry. CDCs and be a prime contractor or subcontractor and are contracted to support government organizations. The designation of CDC indicates that the organization is a government contractor with a facility clearance and is made up of employees with personnel security clearances. With classified contracts, the CDCs are required to protect their government customer’s classified information while performing on classified contracts.

The CDCs are part of the National Industrial Entrümpelungsfirma  Security Program (NISP). The National Industrial Security Program Operating Manual (NISPOM) provides guidance on how to perform on classified contracts. The guidance includes topics such as employee responsibilities, required training, continuous evaluation, maintaining security clearance, and much more. The Defense Counter-Intelligence and Security Agency (DCSA) formally known as DSS provides most DoD agency oversight and compliance reviews. They perform vulnerability assessments and determine how well a CDC protects classified information according to the NISPOM.

Cleared Defense Contractors have a big job not only performing on classified contracts, protecting classified information, but also documenting or validating compliance. The following tools should be in the CDC’s toolbox and can be employed to help them remain in compliance and demonstrate their level of compliance.

1. National Industrial Program Operating Manual (NISPOM)

The National Industrial Security Program Operating Manual (NISPOM) is the Department of Defense’s instruction to contractors of how to protect classified information. This printing of the NISPOM includes the latest from the Defense Security Services to include an Index and Industrial Security Letters. The NISPOM addresses a cleared contractor’s responsibilities including: Security Clearances, Required Training and Briefings, Classification and Markings, Safeguarding Classified Information, Visits and Meetings, Subcontracting, Information System Security, Special Requirements, International Security Requirements and much more.

2. International Traffic in Arms Regulation (ITAR)

“Any person who engages in the United States in the business of either manufacturing or exporting defense articles or furnishing defense services is required to register… ” ITAR “It is the contractor’s responsibility to comply with all applicable laws and regulations regarding export-controlled items.”-DDTC

Companies that provide defense goods and services should understand how to protect US technology; the ITAR provides the answers. ITAR is the defense product and service provider’s guide book for knowing when and how to obtain an export license.

This book provides answers to:

• Which defense contractors should register with the DDTC?
• Which defense commodities require export licenses?
• Which defense services require export licenses?
• What are corporate and government export responsibilities?
• What constitutes an export?
• How does one apply for a license or technical assistance agreement?

3. Self Inspection Handbook For NISP Contractors

The National Industrial Security Program Operating Manual (NISPOM) requires all participants in the National Industrial Security Program (NISP) to Entrümpelung conduct their own security reviews (self-inspections). This Self-Inspection Handbook is designed as a job aid to assist you in complying with this requirement. It is not intended to be used as a checklist only. Rather it is intended to assist you in developing a viable self-inspection program specifically tailored to the classified needs of your cleared company. You will also find they have included various techniques that will help enhance the overall quality of your self-inspection. To be most effective it is suggested that you look at your self-inspection as a three-step process: 1) pre-inspection 2) self-inspection 3) post-inspection.

0