Official websites use .mil
Secure .mil websites use HTTPS
The National Access Elsewhere Security Oversight Center (NAESOC) is designed to provide consistent oversight and security management for select facilities who do not possess classified information on-site ("access elsewhere").
Please review the resources to identify tools that can assist you in supporting your facility's security program. All resources are “self-help”, and you will find topics, tools, questions and answers that will prepare you for meeting your needs and requests. If you cannot find what you are looking for, please email the NAESOC General Mailbox. Learn more about the NAESOC
Email dcsa.naesoc.generalmailbox@mail.mil
NISS Messenger always available
For both Industry and GCA support, the NAESOC has provides an escalation in capability for any existing inquiries that have been submitted its Help Desk. Please use the Blue Button above to submit any escalation inquiries.
Call the DCSA help desk at 878-274-1344
Send an email to dcsa.ITSupport@mail.mil
Support hours are Monday - Friday 5 a.m. - 8 p.m. EDT and Saturday 8 a.m. - 2 p.m. EDT
https://www.dcsa.mil/Industrial-Security/Controlled-Unclassified-Information-CUI/Cybersecurity-Maturity-Model-Certification-CMMC/
https://dodcio.defense.gov/CMMC/
DoD 5220.22-M defines a security violation as a failure to comply with the policy and procedures established by the NISPOM that reasonably could result in the loss or compromise of classified information. Security incidents involving classified information must be appropriately reported to DCSA. Facilities assigned to the NAESOC must immediately report security violations via NISS Messenger. The Security Incident Job Aid provides recommendations and guidance on security incident response and remediation and submitting initial and final security violation reports.
Contractors shall report all relevant and available information indicative of a potential or actual insider threat. Please ensure reporting is made via NISS messenger when including Personally Identifiable Information.
The Reporting the Threat job aid and CDSE Insider Threat Content have been developed to support reporting and Establishing Insider Threat Programs.
Facilities shall report cyber incidents or intrusions regardless of classification level of information or information systems involved in the intrusion provided the contractor determined that 1) circumstance of intrusion are sufficient to qualify as actual, probable, or possible espionage, sabotage terrorism, or subversive activities, and 2) these activities constitute a threat to the protection of classified information, systems, or programs that are otherwise covered by the NISPOM.
NAESOC Facilities shall report cyber intrusions via NISS messenger.
All Suspicious Contact Reporting shall be reported to your local DCSA CI Special Agent.
Foreign Vetting in Academia: A tri-fold
Counterintelligence Awareness and Reporting: A tri-fold
Counterintelligence Best Practices for Industry Booklet
Counterintelligence Awareness and Reporting for NAESOC Facilities
Adverse information consists of any information that negatively reflects on the integrity or character of a cleared employee, that suggests that his or her ability to safeguard classified information may be impaired, or that his or her access to classified information clearly may not be in the interest of national security. Revised ISL
Change Conditions are those organizational changes that could affect the Facility Clearance.
Ownership, including stock transfers
Legal Structure
Operating Name
Principal Address
Key Management Personnel
Foreign Ownership, Control, or Influence (FOCI)
Bankruptcy
FCL Termination
Cage Code changes (rare)
Formal submission of Changed Conditions are required to be completed in NISS as an FCL Change Condition Package. Please ensure all business documentation is submitted to substantiate the reporting.
*Note: When entering discussions, consultations, or agreements that may reasonably lead to effective ownership or control by a foreign interest, the contractor shall immediately report the details to DCSA via NISS messenger.
Facility Profile Update Requests–Information that can be edited by Industry users includes, but is not limited to new contracts, program assets, and essential Key Management Personnel and security staff contact information. Facility profile updates have replaced Requests For Information (RFI); so ensure that you review your profile and submit timely updates. *Note: Please ensure all of your appropriate DD Form 254s are submitted via NISS. *Note: FCL Change Conditions should not be submitted as a Facility Profile Update Request.
An insider threat program plan endorsed by the Insider Threat Program Senior Official (ITPSO) (32 CFR Section 117.7(b)(4))
Formal appointment by the contractor of an ITPSO who is a U.S. citizen employee and a senior official of the company (32 CFR Section 117.7(b)(1)(iii)).
Contractor reviews, certified annually (32 CFR Section 117.7(h)(2))
Reporting (32 CFR Section 117.8).
Insider threat training (32 CFR Section 117.12 (g))
User activity monitoring on classified information systems (as required) (32 CFR Section 117.18 (b)(4)(i).
Risk Management Framework (RMF) (as required) (32 CFR Section 117.18 (e)
Insider Threat Program (ITP) for Industry. This job aid provides an overview of the insider threat program requirements for industry as outlined in the NISPOM, training, definitions, resources, and more.
Sample Insider Threat Program Plan for Industry. This sample plan provides recommendations for creating an InT program and can be tailored around your organization’s specific rules and guidelines.
Establishing a Program Toolkit. This toolkit provides information on how to establish an InT Program and procedures for responding to an InT action.
Insider Threat Reporting Job Aid. This job aid explains the reporting requirements and procedures for Federal agency employees and cleared contractors, and the consequences of failing to meet these guidelines.
Insider Threat and Industry Webinar. This webinar addresses the requirements for establishing an InT program, which includes developing an implementation plan to gather, share, and report relevant InT information from offices across the contractor’s organization.
Establishing an Insider Threat Program for Your Organization INT122.16 (cdse.edu). CDSE’s course provides guidance for organizational InT program managers on how to organize and design their specific program.
Insider Threat Definitions Job Aid. This job aid acts as a quick reference glossary of commonly used words within the InT space in an easily accessible format for InT professionals.
INSIDER THREAT WEBEX. In order to identify the risks and mitigations regarding Insider Threat for Access Elsewhere facilities, the NAESOC has specifically prepared this webex for the requirements of the non-possesing facility.
You can find additional information on Insider Threat reporting on the new Counterintelligence Awareness and Reporting for NAESOC Facilities webex
CHECK OUT INSIDER THREAT CASE STUDIES
CDSE has added a new case study to the case study library:
Ahmedelhadi Serageldin – A case of an insider’s mishandling of classified information
Russel Langford – A case study of an insider’s kinetic violence