What Is The NISS (National Industrial Security System)?
September 1, 2022The National Industrial Security System (NISS), not to be mistaken for the national institute of statistical sciences, is a program created by the DCSA. This system was created to manage and control the release of sensitive and classified information to authorized personnel.
The National Industrial Security System (NISS) is used by the Defense Counterintelligence and Security Agency (DCSA) and other government agencies to ensure that all security measures are in place for cleared contractors. However, there is more to the NISS than most people think. In this article, we will discuss the history of the National Industrial Security System (NISS), its functions, and how to register for this program.
Overview Of The NISS
The NISS is the Defense Counterintelligence and Security Agency (DCSA) ‘s information security program responsible for safeguarding classified information released to cleared contractors.
NISS was deployed on October 1st, 2018, to replace the Industrial Security Facilities Database (ISFD) and the Electronic Facilities Clearance System (e-FCL). Since then, NISS has operated as the DCSA System of Record for industrial security oversight accessible by the U.S. government, organizations, and DCSA personnel.
So far, the NISS has become an on-demand, data-driven ecosystem with automated workflows available to industry and government partners. NISS was developed and released in sections so that users could experience benefits right away. It replaced some capabilities of older systems while expanding others, like ISFD e-FCL. But it also gave security professionals more access to information about facilities and made that information easier to find.
This security program is an indirect offshoot of The National Industrial Security Program (NISP) created by Executive Order 12829, led and directed by President George Bush in 1993, to safeguard classified information held by contractors, licensees, and grantees of the United States Government in a cost-effective and efficient manner. Executive Order 12829 directed the formation of a single, integrated, coherent system for safeguarding classified information in the private sector. Consistent with the objective of standardizing security requirements for classified deals.
NISP operated on some central uniformity tenets, which included:
- Achieving uniformity in security procedures.
- Implementing the reciprocity principle in security procedures, particularly concerning facility and personnel clearances.
- Eliminating duplicative or unnecessary requirements, particularly agency inspections.
- Achieving reductions in security costs.
Today, the NISS modernized these tenets to provide an efficient and cost-effective way to manage industrial security while continuing to safeguard classified information.
Recently, the NISS software received a new update. This new update offers several major changes to the way change conditions are reported. The new FCL Change Condition Package is designed to be more user-friendly, with clarifying questions and easy-to-follow instructions. In addition, there have been enhancements made to submitting, returning, and archiving packages, including a new “Claim Ownership” feature for returned packages.
These changes were made to improve the user experience, the processing time, and also the number of resubmissions. Now, when users report changed addresses or Key Management Personnel (KMPs), they only need to submit one Change Condition Package form instead of both an Industry Profile Update Request and a Change Condition Package.
Benefits The NISS Offers
The NISS offers many benefits, including:
Increased Transparency For Industry And Government Stakeholders
NISS provides increased transparency for industry and government stakeholders. In the past, security clearances were often processed behind closed doors with little to no transparency. However, with NISS, the process is much more open and transparent.
Automatic Notifications And Alerts
The NISS platform offers users automatic notifications and alerts. This allows users to stay up-to-date on the status of their security clearance request or action. Also, the notifications come offer upcoming security vulnerability assessments (SVA) alerts that sets reminders for outstanding submissions to DCSA.
Expedited Performance Against Classified Contracts
The National Industrial Security System (NISS) also expedites performance against classified contracts. In the past, security clearances could take months or even years to process. However, with NISS, the process is much quicker and easier.
Advanced National Industrial Security Program (NISP) Reciprocity
Another benefit of NISS is that it improves National Industrial Security Program (NISP) reciprocity. NISP reciprocity is the process of sharing security clearance information between agencies. This process was often slow and inefficient. However, with NISS, the process is much quicker and easier.
Improved Processing Of Information System Approvals
Another great benefit of NISS is that it allows users to view, update, submit, track, and monitor their progress on security clearance requests and actions. This makes it easier for users to manage their facility’s security posture and compliance.
Role-Based Access To Information
NISS also offers role-based access to information. This allows users to access only the information they need when needed.
Better Reporting Capabilities
NISS also offers improved reporting capabilities. Security reports were often challenging to understand and interpret decades ago. However, with NISS, the process is much easier and more user-friendly.
Streamlined Business Processes
NISS streamlines business processes by automating workflows and tasks. This saves users time and money by reducing the need for manual processes.
Ability To Review Company Documentation With DCSA
NISS makes it easier to review a company’s documentation, results, and interactions with the DCSA. The process is much quicker than traditional methods, and this saves users time and money. Also, stakeholders can now review facility clearance information, requests, communications, and results with DCSA in one location.
Enhanced FOCI Mitigation Processing
A company’s Foreign Ownership, Control, or Influence (FOCI) factors are reviewed as part of the facility clearance process and throughout the life of the facility security clearance. The National Industrial Security System (NISS) enhances FOCI mitigation processing by automating workflows and tasks. This reduces the need for manual processes.
Reduced Costs
The National Industrial Security System (NISS) has reduced costs for both industry and government.
Utilizes Single Sign-On (SSO) Capabilities (NCAISS)
NISS utilizes Single Sign-On (SSO) capabilities. With single sign-on (SSO), you only need one set of login credentials to access multiple applications. This feature allows users to access NISS with their existing National Industrial Security Program (NISP) Central Access Information Security System (NCAISS) credentials.
How To Register For NISS
The NISS site provides instructions on how to register for the program, and it requires two-factor authentication (2FA) by using a CAC/PKI/ECA, etc., to log on.
Create An NCAISS Account
First, users will need to create an account on the NCAISS website. Once you have created an account, users can access the NCAISS portal. The NCAISS account is a web-based application that gives Public Key Infrastructure (PKI)-based authentication services to DCSA applications and information systems for authorized users.
Through the NCAISS Portal, authorized users can access their DCSA NCAISS Portal account through a single sign-on (SSO) capability using PKI certificates (either a Common Access Card (CAC) or DoD-approved External Certification Authority (ECA) certificate).
Request A NISS Account
Once you’re logged in to your NCAISS account, request a NISS account using the “Request/Modify Access” icon. Users will need to provide their full name, email address, and organization affiliation. After submitting the form, the user will send an email with further instructions on completing the process.
Users should also know that registering for NISS as an external government user differs slightly from an external industry user. Industry external users will go through a different process which is outlined on the NISS external portal.
Training
The National Industrial Security System (NISS) External User Training is available in STEPP. To view this course, simply log into STEPP. Training job aids are accessible for Industry and Government users within the NISS application’s Knowledge Base. A few examples of these include: How to Submit a Sponsorship Request, How to Submit a Facility Verification Request, How to Message my ISR and Facility Profile Update Request. Please keep in mind that this is not an extensive list of training products.
Summary
Ever since the National Industrial Security System (NISS) came into existence, it has been an essential part of the U.S. Department of Defence (DoD), especially the Defense Counterintelligence Security Agency (DCSA). The NISS has revolutionized the former National Industrial Security Program (NISP) by making it easier to access and update security information.
NISS also offers role-based access to information and improved reporting capabilities, which makes the process much easier and more user-friendly. In addition, NISS streamlines business processes by automating workflows and tasks, saving users time and money.
Asides from this, NISS utilizes Single Sign-On (SSO) capabilities which allow users to access NISS with their existing National Industrial Security Program (NISP) Central Access Information Security System (NCAISS) credentials. If you are a government partner or contractor, we highly recommend registering for the National Industrial Security System (NISS).
Need Managed Security Services For Your Firm? Contact Global Solutions
Global Solutions offers a variety of managed security services to meet the needs of your business. We can help you assess your security needs and choose the right service for your business. If you would like to learn more about our managed security services, please get in touch with us. We would be happy to discuss your specific needs and provide a proposal outlining our services.