2006 Security Awareness

1

• 2006 Security Awareness
• Special Interest Group
• (SASIG) Workshop
• Charleston, South Carolina
• April 18-20, 2006

2
Office of Security and Safety Performance
Assurance
SP-1
SP-1.21
Office of Security and Safety Performance
Assurance
Office of Business Operations
SP-1.2
Director
SP-1
SP-1.22
Congressional Liaison and Outreach Program Office
Office of Resource Management
Office of Mission Operations
SP-1
SP-1.23
Deputy Director
Office of Human Resources and Administration
SP-40
SP-10
SP-30
SP-50
SP-20
SP-60
SP-70
Office of Material Control and Accountability
Office of Independent Oversight
Office of Technology and Field Assistance
Office of Security Operations
National Training Center
Office of Classification
Office of Security Policy
SP-31
SP-61
SP-11
SP-21
SP-41
SP-51
Office of Headquarters Security Operations
Office Of Security Training Operations
Office of Security Evaluations
Office of Field Assistance
Office of Quality Management
Office of Policy
SP-42
SP-62
SP-32
SP-52
SP-22
SP-12
Office of Foreign Visits and Assignments and FOCI
Office of Cyber Security and Special Reviews
Office of Safety Training Operations
Office of Personnel Security
Office of Technical Guidance
Office of Technology
SP-23
SP-43
SP-53
Office of Emergency Management Oversight
Office of Special Operations
Office of Document Reviews
SP-44
Office of Environment, Safety and
Health Evaluations
3
Office of Security and Safety Performance
Assurance
Safeguards and SecurityPolicies and Programs -
Technology Development - Executive Protection
- Control of Nuclear Materials and
Classified Information - Foreign Visits
Assignments - Continuity of Operations -
Technical AssistanceIndependent Oversight of -
Safeguards and Security - Cyber Security -
Emergency Management - Environment, Safety, and
Health
Secretary of Energy
Deputy Secretary
Under Secretary for Energy, Science Environment
Under Secretary for Nuclear Security / NNSA
Environmental Management
Energy Efficiency Renewable Energy
Power Marketing Administrations
Defense Programs
Nuclear Energy, Science Technology
Assistant Secretary Environment, Safety and Health
Defense Nuclear Nonproliferation
Fossil Energy
Civilian Radioactive Waste Management
Counter-Terrorism
Intelligence
Science
Emergency Operations
4
Inspection Scope

• Topical Areas Covered
• Program Management
• Physical Security Systems
• Protective Force Program
• Personnel Security
• Classified Matter Protection and Control
• Classification and Information Control
• Material Control and Accountability
• Cyber Security (Classified Unclassified)

5
Inspection Scope (Contd)

• Assess Progress Since Last Inspection
• Evaluate Key Management Processes
• Program Direction
• Threat Assessment
• Risk Management
• Readiness Assurance
• Feedback and Improvement

6
Inspection Approach

• Data Collection
• Interview Managers, Staff, and Other Program
  Implementers
• Review Program Documents
• Conduct Performance Testing
• Validate (Daily) and Analyze Data
• Report Writing
• Factual Accuracy Review
• Corrective Action Plan Review and Feedback

7
Site Inspection Sequencing
Planning/Data Collection/Performance Test
Coordination

Week 1
Data Collection
Week 2

Performance Testing/Report Writing/ Closeout
Activities

Weeks 3 4
Site Comment Period
Weeks 5 6
Report Finalized
Weeks 7 8
On-Site GTN
8
Personnel Security Scope

• Site Security Awareness Program (SSAP)
• Personnel Security Clearance (PSC)
• Foreign Visitors and Assignees (FVA)
• Human Reliability Program (HRP)

9
Personnel SecurityInspection Approach

• SSAP
• Assess the Quality of Training, to Include
• Attend and Assess Briefing Presentations
• Evaluate Use of Supplemental Awareness Materials
• Tracking of Who Gets Briefed and When
• Conduct Performance Testing
• Administer a Security Awareness Questionnaire
• Check Removal of Terminated Employees from Access
  Control Systems
• Compare DOE Central Personnel Clearance Index
  (CPCI) Records with Site Termination Data
• Compare Badge Issuance Dates with Clearance Grant
  Dates and Completion of Security Briefings

10
Personnel SecurityInspection Approach

• PSC
• Assess Screening and Analysis Functions
• Use of Pre-Employment Checks, as Required
• Review Caseloads and Impact
• Assess the Adjudication Process
• Evaluate Timeframes Required to Process Cases
• Assess Staff Size and Knowledge

11
Personnel SecurityInspection Approach

• PSC (Contd)
• Assess Reporting of Information of Personnel
  Security Interest
• Conduct Performance Testing
• Review Randomly Selected Personnel Security Files
  (PSF) to Determine
• Duties Justify Type of Clearance
  Requested/Granted
• Initial Screening and Clearance (Grant)
  Notification are Completed Within 7 Days of
  Receipt (Clear Cases)
• Appropriate Documentation Exists to Justify
  Clearance Suspension

12
Personnel SecurityInspection Approach

• FVA
• Evaluate Process Used to Request and Approve
  Visits and Assignments
• Assess Host and Escort Training Programs
• Evaluate Content and Adequacy of Generic and
  Specific Security Plans
• Assess Sites Ability to Assure Adherence to
  Security Plans
• Conduct Performance Testing
• Randomly Select Files to Ensure All Required
  Actions are Documented
• Determine if DOE Foreign Access Central Tracking
  System (FACTS) is Being Used Properly
• Conduct Walk-Downs of Areas Wherein Foreign
  Visitors are Assigned and Assess Adequacy of
  Protection Measures

13
Personnel SecurityInspection Approach

• HRP
• Assess Site Procedures to Identify HRP Positions
• Evaluate Certification, Re-certification,
  Removal, and Reinstatement Processes
• Assess the Site HRP Training Program
• Evaluate the Drug/Alcohol Testing Programs, to
  Include
• Site Actions in Response to Positive Test Results
• Randomness, Unpredictability, and
  Non-Discriminatory Nature of Testing
• Specimen Handling Procedures and Testing
  Facilities

14
Personnel SecurityInspection Approach

• HRP (Contd)
• Conduct Performance Testing
• Observe and Evaluate Drug and Alcohol Tests
• Administer a Knowledge Questionnaire to Drug and
  Alcohol Testing Technicians
• Administer Knowledge Tests to HRP Incumbents and
  Supervisors

15
SSAP

• Positive Attributes
• Content and Presentation of Awareness Briefings
• Use of Supplemental Materials
• Individuals Knowledgeable of Security
  Responsibilities
• Areas Needing Attention
• Proper Completion of DOE Forms 5631.29, Security
  Termination Statement
• Timely Retrieval of Badges of Terminated
  Employees
• Timely Completion of Annual Security Refresher
  Briefings

16
PSC

• Positive Attributes
• Clearance Processing Staff
• Timeliness and Accuracy of Requests
• Clearance Justifications
• Areas Needing Attention
• Thoroughness of Pre-Employment Checks
• Reporting of Information of Personnel Security
  Interest

17
FVA

• Positive Attributes
• Request and Approval Processes Effective
• Documentation of Visits /Assignments
• Areas Needing Attention
• Specificity of Security Plans
• Control of Foreign National Visitors After Hours

18
HRP

• Positive Attributes
• Key Personnel Committed
• Documentation of Critical Processes
• Incumbents and Supervisors Knowledgeable
• Areas Needing Attention
• Enrollment of Individuals with Recurring Access
  to Category I SNM
• Temporary Removals
• Randomness and Unpredictability of Drug/Alcohol
  Testing Selections

19
In Closing

• Attributes Observed in Effective Site
• Personnel Security Programs
• Continuously Assess Their Work
• Streamline Their Processes
• Automate as Much as Possible
• Communicate Effectively Internally
• Independent Oversight Augmentee Program

We appreciate this technical exchange.
20

• Questions?