FSOs Bring Value

FSOs Bring Value. One way to be a world class Facility Security Officer at a cleared defense contractor facility is to provide value to the enterprise. The National Industrial Security Program Operating Manual (NISPOM) describes the FSO as responsible for developing and implementing a security program to protect classified information. But is that all FSOs are supposed to do? How about providing more value to the enterprise by assisting other business units based on skills FSOs develop and demonstrate beyond NISPOM.

FSOs are highly trained through FSO and NISPOM training. FSOs can better their bone fides with the Industrial Security Professional (ISP) or SFPC Certification

For example, in fortune 500 companies, the Chief Security Officer or other similar title is responsible for IT security, physical security, loss prevention and etc. So, are these roles covered adequately in your enterprise? It’s not so clear cut at defense contractor facilities. There is so much more that can be done and the enterprise will be grateful for the assistance.

So, how do FSOs get to the point where the enterprise respects critical skills and desire their service, advice and assistance?

First of all, FSO responsibilities should be part of enterprise DNA. In other words, they are part of the winning team that is the enterprise and not just another stove piped department. For example, what skills do FSOs possess that can assist HR in protecting personal identifiable information? How can FSOs advise business development in getting foreign business or partnering with uncleared defense contractors?

To function effectively in the corporate culture the FSO should implement policies that are championed or accepted by other departments. Human resources may include in their policy the progressing levels of discipline that NISPOM requires. Safety may put into policy the care and maintenance of egress and entry doors that are also used to protect classified information. Likewise, security policy could include areas that impact other business units.

They’ve got it. Cleared employees know how to protect classified information. What about the other stuff?

Other areas that concern the enterprise are the protection of unclassified efforts. High value items, trade secrets, proprietary information, and research and development efforts. Where the FSO understands NISPOM, ITAR and other regulations, there is little guidance on protecting raw data and other proprietary information.

Here are three ways FSOs can provide more value outside of NISPOM:

1. Help HR develop program to protect PII and be compliant with the Health Insurance Portability and Accountability Act of 1996 -HIPAA.

2. Put controls in place to enforce need to know of company trade secrets, intellectual property and proprietary information.

3. Develop a public release process to prevent accidental spillage of technical information

4. Assist business development with protecting company information while presenting capabilities briefings.

FSOs are highly trained through FSO certification and  NISPOM training to protect classified information. However as such, they should use transferable skills and initiative and look for ways to contribute to the enterprise that go outside of NISPOM. Doing so adds value and protects the enterprise.

Be sure to visit Red Bike Publishing for books and training.

Leave a Comment

newsletter

Click here to sign up for the Newsletter