An official website of the United States government
Here's how you know
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

News | Feb. 26, 2021

32 Code of Federal Regulation Part 117, NISPOM is now in effect. Cleared contractors under DOD cognizance must implement and comply within six months.

The NISPOM rule at 32 CFR Part 117, “National Industrial Security Program Operating Manual,” became effective on February 24, 2021. The rule stipulates that contractors must implement changes no later than six months after the date of the published rule. The exact implementation date will be published in an Industrial Security Letter (ISL). The ISL will also provide further guidance about the rule’s implementation.   

The rule implements policy, assigns responsibilities, establishes requirements, and provides procedures consistent with Executive Order 12829, “National Industrial Security Program;” Executive Order 10865, “Safeguarding Classified Information within Industry;” and 32 Code of Regulation Part 2004, “National Industrial Security Program.” That guidance outlines the protection of classified information that is disclosed to, or developed by contractors, licensees, grantees, or certificate holders to prevent unauthorized disclosure.

The Key Changes include:

  • Section 117.8(a); Reporting Requirements: Cleared contractors must submit reports pursuant to Security Executive Agent Directive (SEAD) 3 and cognizant security agency (CSA) guidance that supplements unique CSA mission requirements.
  • Section 117.9(m); Limited entity eligibility determination (Non-FOCI) and limited entity eligibility: The limited facility clearance provides an additional facility clearance  tool for DCSA and government contracting activities as a limited entity eligibility is specific to the requesting GCA’s classified information, and to a single, narrowly defined contract, agreement, or circumstance.
  • Section 117.11(d)(2)(iii)(A); National Interest Determination (NID): Requirement for NIDs is removed for certain covered contractors operating under a special security agreement with ownership by countries designated as part of the National Technology Industrial Base (United Kingdom, Canada or Australia).
  • Section 117.15(e)(2); TOP SECRET Information Accountability: Permits specific determinations by a CSA with respect to requirements for TOP SECRET accountability.
  • Section 117.15(d)(4); Intrusion Detection System (IDS) Installation: Allows for UL-2050 certification by an Office of Occupational Health and Safety Agency (OSHA) National Recognized Test Laboratory (NRTL)
  • Section 117.15; Safeguarding: Directs cleared contractors to refer to 32 CFR Part 2001, for direction on requirements for the protection of classified national security information (CNSI) to ensure consistency with national policy. This change is in addition to CSA approval and compliance with intelligence community specification (ICS) 705.
  • Section 117.7(b)(2); Senior Management Official (SMO): Clarifies key responsibilities for SMOs.
  • Section 117.13(d)(5); Classified Information Retention: Clarifies for the contractor that upon completion of a classified contract, the ‘‘contractor must return all government provided or deliverable information to the custody of the government.”

 

How is DCSA Supporting Implementation?

DCSA is working on a wide-range of updates to support implementation by cleared industry under DOD cognizance and to enable oversight. This includes but is not limited to:

  • Developing communications and briefing materials for use by DCSA staff in engagements with cleared industry and government partners. 
  • Coordinating with industry partners and groups for web based conference engagements on implementation strategies, questions and answers, to ensure a consistent approach by both industry and DCSA.
  • Reviewing existing industrial security letters (ISL’s) to determine those required to be retained and re-issued, and identifying those that can be rescinded based on revisions to the NISPOM rule.

 

  • Reviewing and revising industry products, tools, and systems including but not limited to CDSE training, tools and products; the National Industrial Security System (NISS), externally posted tools, and internal tools used in oversight.
  • Coordinating with DOD and the Office of Management and Budget for administrative revisions to NISP-related forms under DCSA management to reflect the change from the NISPOM to the federal rule. This includes the SF-328 - “Certificate Pertaining to Foreign Interest,” DD Form 44 – “Security Agreement,” and DD Form 441-1 – “Security Agreement Addendum.”

 

  • Planning in coordination with government partners and cleared industry for the implementation of Security Executive Agency Directive (SEAD) 3 reporting requirements.

What has DCSA done to enable better understanding of the new rule?

 

DCSA will continue to provide updates to industry and update products to support implementation. DCSA intends to launch a dedicated webpage for NISPOM rule implementati

Final FY 2024 Investigations Reimbursable Billing Rates now available
Jan. 31, 2023 - Federal Investigations Notice (FIN) 22-01, dated June 30, 2022, published DCSA’s initial, planned rates for Fiscal Year 2024.  By publishing the initial rates, it allowed DCSA customers to begin budgeting and planning their resource requirements for FY 2024.  Within FIN 22-01, it also noted that the final rates would be published in December 2022.  The final FY 2024 rates are now available and are posted in FIN 23-01, "Final FY 2024 Investigations Reimbursable Billing Rates," dated January 30, 2023. To develop the final FY 2024 rates, DCSA collaborated with the Security Clearance, Suitability/Fitness, and Credentialing community to evaluate policy, operational, and inflationary impacts on future personnel security costs since June 2022.  As a result of this thorough evaluation, followed by DoD Comptroller review and approval, DCSA lowered FY 2024 rates for tiered background investigation products by 18 percent and retained all other product and service rates published in FIN 22-01.  The 18 percent rate reduction is applied to new Trusted Workforce 2.0 tiered BI products as well as legacy tiered BI products in the event legacy products are still necessary for customers to order in FY 2024. You can find FIN 23-01 here. Please click the title for more information.

PSI requirements for Industry data collection through NISS
Jan. 31, 2023 - The Defense Counterintelligence and Security Agency (DCSA) is responsible for projecting Personnel Security Investigations (PSI) requirements each year. The data collection for PSI projection requirements will be conducted March 6 through March 31, 2023, through the National Industrial Security System (NISS) Submission Site. Annual projections acquired from Industry through this collection are the key components in DoD program planning and budgeting for NISP security clearances. In preparation for this upcoming data collection, our Industry partners are highly encouraged to register for their NISS accounts before March 6 in order to participate in the survey. Registration instructions are found on the NISS website under the Registration section (https://www.dcsa.mil/is/niss/). For all other NISS questions, please contact the DCSA knowledge center at 888-282-7682 and select option 2, then option 2. We look forward to your participation. If you have any questions, please contact:dcsa.ncr.dcsa.mbx.psiprogram@mail.mil

NBIS Industry Onboarding is now open for all organizations.
Jan. 25, 2023 - As of January 9, onboarding to the National Background Investigation Services (NBIS) is now open for all organizations. The NBIS Industry Onboarding Team has supplied email notification to all Defense Information System for Security (DISS) industry Account and Hierarchy Managers that onboarding to NBIS has begun. However, if you are an Account and Hierarchy Manager, and you or your other organization team members which hold the aforementioned DISS roles have not received notification, please reach out via email to the Industry Onboarding Team at the mailbox provided below to receive the instructions and details on how to begin. Once onboarded, users should continue to utilize DISS for Case Initiation, Investigation Status, Visit Management, Subject Management, Eligibility Determinations, Incident Reporting, Access Management, and Foreign Travel, etc., until these functionalities are available in NBIS. Subject data has not yet migrated from DISS to NBIS. Notification will be provided when subject data has migrated and when case initiations can be started in NBIS. Do not create a subject’s profile or initiate cases until notification is received. For questions regarding the NBIS Onboarding Process email the NBIS Industry Onboarding Team at the NBIS Industry Onboarding Team mailbox: dcsa.meade.nbis.mbx.nbis-industry-onboarding-team@mail.mil

Register Now: NBIS Industry Onboarding Live Webinars
Dec. 20, 2022 - The DCSA NBIS Industry Onboarding Team invites Industry users to register for two upcoming Live Virtual Webinars on the following NBIS topics: Org and User Management (Tuesday, January 10, 2023 at 1300 - 1500 Eastern) Purpose: Basic navigation steps within NBIS, organization management basics, applying minimum configurations needed for investigation requests, describing and demonstrating form routing, and managing users within your organization. Assignment Management Configurations (Tuesday, January 17, 2023 at 1300 - 1500 Eastern) Purpose: How to create and apply optional configurations in NBIS to meet organizational needs, identifying optional configurations based on organizational functionality, understanding and applying assignment rules, and comprehending the use of both user assignment and order form templates. Registration is now open now through January 5th. For additional information and to register, please use the following link: https://dcsa.acms.com/nbiswebinarregistration/event/registration.html. All participants MUST register to receive an invite and further instructions. Capacity for both sessions is limited. For those unable to attend, recorded sessions will be made available at: https://nbistraining.countermeasures.com. For questions, please email: dcsa.meade.nbis.mbx.nbis-industry-onboarding-team@mail.mil . Please click the title for more information

Coming in January: NBIS Onboarding for All of Industry
Dec. 20, 2022 - NBIS onboarding officially commenced in November 2022 for industry facilities in the DCSA Western Region. Starting January 9th, all other Industry facilities in the remaining DCSA regions (Eastern, Central, Mid-Atlantic, as well as HQ) will be provided notification and instructions via email to DISS Account and Hierarchy Managers for organizations to begin the onboarding process into NBIS. Onboarding to NBIS is accomplished through the Industry Onboarding Portal (also known as NBIS ServiceNow). One user (known as the ‘Initial’ user) from each organization will onboard through the portal. Once provisioned and enrolled into NBIS, the initial user will be responsible for provisioning additional users within their organization. Please click the title for more information.