INTRODUCTION TO INDUSTRIAL
SECURITY COMPLETE DETAILED CASE
STUDY
h National Industrial Security Program Operating Manual (NISPOM) - 5220.22-M
Cognizant Security Agencies (CSAs) - Establish general industrial security programs and oversee and
administer security requirements.
Cognizant Security Offices (CSOs) - Administer the NISP on behalf of the CSA.
Government Contracting Agency (GCA) - Represents the agency that issues the contract and provides the
industry with contract-specific security classification guidance. Has broad authority regarding acquisition
functions for its agency as delegated by the agency head.
5 CSA's - DoD, Office of the Director of National Intelligence (ODNI), Department of Energy (DoE), the
Nuclear Regulatory COmmision (NRC), and DHS. Each has one or more CSO that administers the NISP.
Defense Security Service (DSS) - The designated CSO for the DoD and over 20 other non-DoD agencies
including DHS.
Security Vulnerability Assessments (SVAs) - Assessments made to ensure adherence to the NISPOM and
contract guidelines.
Information Systems - Store large amounts of valuable information and need continuous protection.
Contractors may operate their own of these, or they may use government-owned systems at the
facility/instalaltion.
Industrial Security Field Operations (ISFO) - Like CSOs, provides oversight and conducts Security
Vulnerability Assessments. Maintains offices throughout the country, led by a regional director and a
SECURITY COMPLETE DETAILED CASE
STUDY
h National Industrial Security Program Operating Manual (NISPOM) - 5220.22-M
Cognizant Security Agencies (CSAs) - Establish general industrial security programs and oversee and
administer security requirements.
Cognizant Security Offices (CSOs) - Administer the NISP on behalf of the CSA.
Government Contracting Agency (GCA) - Represents the agency that issues the contract and provides the
industry with contract-specific security classification guidance. Has broad authority regarding acquisition
functions for its agency as delegated by the agency head.
5 CSA's - DoD, Office of the Director of National Intelligence (ODNI), Department of Energy (DoE), the
Nuclear Regulatory COmmision (NRC), and DHS. Each has one or more CSO that administers the NISP.
Defense Security Service (DSS) - The designated CSO for the DoD and over 20 other non-DoD agencies
including DHS.
Security Vulnerability Assessments (SVAs) - Assessments made to ensure adherence to the NISPOM and
contract guidelines.
Information Systems - Store large amounts of valuable information and need continuous protection.
Contractors may operate their own of these, or they may use government-owned systems at the
facility/instalaltion.
Industrial Security Field Operations (ISFO) - Like CSOs, provides oversight and conducts Security
Vulnerability Assessments. Maintains offices throughout the country, led by a regional director and a
