What's new
ISL 2010-02 Feb. 22, 2010
This ISL pertains to Reporting requirements for cyber intrusions (NISPOM 1-301)
ISL 2010-01 Jan. 28, 2010
This ISL provides clarification on the following:
Cooperation with Federal Agencies and Officially Credentialed Representatives of Those Agencies
1. Security Management Office contact Information in JPAS
2. Acceptable Proof of Citizenship
3. Required Facility Security Officer (FSO) Training
4. Release of JPAS records
ISL 2009-02 Jun 6, 2009
This ISL pertains to Eligibility of companies organized and existing under the laws of US territories for Facility Clearances;
Pre-employment Clearance Action; and Negotiating an acceptable FOCI mitigation measure
ISL 2009-03 Nov. 27, 2009
This ISL answers the question "What constitutes a reportable material change under the National Industrial Security Program Operating Manual paragraph
1-302g(5) or a reportable significant change under NISPOM paragraph 2-302?"
ISL 2009-01 Mar. 5, 2009
This Industrial Security Letter (ISL) pertains to: (1) the Defense Security Service (DSS)
Office of Designated Approving Authority (ODAA) "Manual for the Certification and Accreditation of
Classified Systems under the National Industrial Security Program Operating Manual (NISPOM)," hereafter referred to
as the "Manual"; and (2) the DSS ODAA "Standardization of Baseline Technical Security Configurations," hereafter
referred to as the "Baseline Standards."
ISL 2007-01 Oct. 11, 2007
The articles in this Industrial Security Letter (ISL) all pertain to NISPOM Chapter 8,
"Information System Security". This ISL: 1) reissues verbatim some articles from previous
ISLs that are still current and applicable; 2) includes some previously published articles that have been modified
to reflect changes in practices or procedures since their original publication; and 3) includes new
articles to answer more recent questions or to provide clarification on issues pertaining to information
system security policy. Articles are written in a question and answer format, and are annotated with the associated
NISPOM paragraph in parentheses. Unless otherwise noted, all paragraph references refer to the NISPOM. Additional
requirements for high-risk systems and data are covered in the NISPOM Supplement (NISPOMSUP). It is important to note
that any security requirements imposed on contractors that are above the NISPOM baseline must be included in the contract
document. This includes any DoD Information Assurance Certification and Accreditation Program (DIACAP) requirements imposed
on contractors. (Note: DIACAP has superseded the DoD Information Technology Security Certification and Accreditation
Process (DITSCAP) in the Department of Defense.)
ISL 2006-02 Aug. 22, 2006
The following previously published ISL articles are still pertinent with regard to the issuance of the revised
NISPOM dated February 28, 2006 and are hereby reissued. Some have been modified slightly to account
for changes in policy, practice, or procedure since their original publication. Previous ISL articles pertaining to
Chapter 8, Information System Security will be reissued separately. The NISPOM paragraph to which the article pertains
is indicated in ( ).
ISL 2006-01 Apr. 14, 2006
This Industrial Security Letter (ISL) coincides with the release of the revised National Industrial Security Program
Operating Manual, DoD 5220.22-M (NISPOM), dated February 28, 2006. All previously published ISLs and other
previously published guidance regarding NISPOM implementation are hereby rescinded. Previous ISL articles that are still
pertinent will be reissued in subsequent ISLs. The revised NISPOM is available on the DSS website: www.dss.mil.
A summary of the major NISPOM changes is also posted on the DSS website. The articles in this ISL provide additional
guidance on selected NISPOM changes and are referenced by the appropriate NISPOM paragraph number.
ISL 2006-02 Aug. 22, 2006
DSS has published a new ISL dated August 22, 2006. This ISL contains previously published ISL articles
that are still pertinent with regard to the issuance of the revised NISPOM dated
February 28, 2006 and are hereby reissued. Some have been modified slightly to
account for changes in policy, practice, or procedure since their original
publication. Previous ISL articles pertaining to Chapter 8, Information System
Security will be reissued separately. The NISPOM paragraph to which the article
pertains is indicated in ( ).
ISL 2006-01 Apr. 14, 2006
DSS has published a new ISL dated April 14, 2006. This ISL provides additional guidance on selected NISPOM changes.
NISPOM REVISION SIGNED
The new revised NISPOM was signed by Dr. Cambone on February 28,
2006 and was posted to the following link today March 7, 2006
http://www.dtic.mil/whs/directives/corres/html/522022m.htm
. There has been information to indicate that DSS will be publishing 3 ISLs on the heels of
the publication of the NISPOM revision. The first ISL will discuss and
clarify the changes in the NISPOM revision. The second is supposed to be a
consolidation of the previous ISLs and the third will cover Information
Assurance issues.
The Defense Security
Service, Security Education, Training and Awareness (DSS/SETA)
Directorate has established a Speakers Bureau in
order to assist U S Government-affiliated customers seeking
subject matter experts to meet their security education, training and
awareness requirements.
The goal of the Speakers
Bureau is to house a diverse listing of experienced speakers. If you
are an experienced speaker with subject matter expertise, DSS/SETA
invites you to become a member of the Speakers Bureau and share your
expertise with the community. We also encourage you to extend this
invitation to other knowledgeable and experienced speakers.
For more detailed information, please
refer to the attached
Speakers Bureau Procedures
If you are interested in joining the Speakers Bureau, please complete
the attached
Speaker Registration
and return it to the DSS/SETA Resource Center via email (Security.Awareness@DSS.mil)
or fax 410 865-3159.
If you have any
questions, please contact the Resource Administrator at 410 865-3121 or
Security.Awareness@DSS.mil.