SNL makes a determination to sponsor an entity (subcontract company, supplier or academic institution) for a Facility Clearance (FCL) based on a subcontract and legitimate need for access to or creation of classified information. The SNL Contract Security Management Program processes entities under SNL subcontract for FCLs, registers SNL subcontracts using the Contract Security Classification Specification (CSCS), and flows down DOE and SNL security requirements to subcontractor entities. Once an FCL is granted by DOE and the CSCS has been approved for an entity, its employees may then be sponsored for DOE personnel security clearances to perform work under a registered subcontract.

Facility Security Officer Responsibilities

A Facility Security Officer (FSO) is a U.S. citizen with a security clearance equivalent to the facility clearance who is assigned the responsibility of administering the requirements of the safeguards and security program at their facility.  An FSO must be an employee of the entity, not a contractor.

Document/Item

Description

Required Action

FSO Foreign Ownership Control and Influence (FOCI) Responsibilities & Facility Clearance Reporting Requirements

Subcontractor companies are required to report certain events that have an impact on the status of their facility clearance. The reporting requirements stated in this document pertain specifically to the facility clearance.

Review responsibilities and adhere to reporting requirements.

Non-Possessing Subcontractor Security Requirements Plan (NPSRP)

Sandia National Laboratories is responsible for complying with and flowing down DOE Contractor Requirements Documents incorporated into its contracts with subcontractors at any tier to the extent necessary to ensure compliance with DOE Directives.

The NPSRP outlines the security requirements and procedures non-possessing subcontractor companies and its personnel must follow or abide by for all U.S. Government support service subcontracts to obtain DOE personnel security clearances sponsored by Sandia National Laboratories.  Subcontractor companies are required to flow down the requirements in the NPSRP to all tier non-possessing subcontractor companies performing work under subcontract to SNL.

Company Key Management Personnel (KMP) and the Facility Security Officer (FSO) are obligated to read and adhere to the requirements and procedures within this plan.

When requested by Contract Security Management, KMP and the FSO will submit a completed NPSRP Certification, accepting the responsibility for ensuring company compliance with the requirements relayed in the plan.

PHY-210DE, Facility Security Officer Overview

This DOE self-study training course provides an overview of the roles and responsibilities of the DOE and DOE-subcontractor FSO.  The course emphasizes facility clearance requirements, personnel security, information security, incident reporting, and other related programs.  The course references the National Industrial Security Program Operating Manual (NISPOM) ( DoD 5220.22-M) and a comprehensive listing of DOE orders, manuals, guides, forms, and notices.

Successful completion of the course, by means of six sets of Knowledge Checks, and end-of-lesson written test questions, requires a minimum score of 80% on each set.

Course Outcome: Upon successful completion of this course, participants will have a basic understanding of FSO roles and responsibilities.

 

Required for:   DOE and SNL subcontractor personnel assigned to FSO positions or functions.

Submit completions via fax or email.

Fax: 505-844-9739

Email: farateam@sandia.gov 

Flowdown of Requirements

Counterintelligence

  • DOE O 475.1, dated 12/10/04,  Counterintelligence Program

Cyber Security

  • NA SD 205.1, dated 7/06/17,  Baseline Cybersecurity Program. Cancels DOE NAP 14.1-D, dated 12/18/12.
  • NIST Special Publication 800-53, Revision 4 , Security and Privacy Controls for Federal Information Systems and Organizations
  • CNSSI NO 1253, dated 3/27/14, Security Categorization and Control Selection for National Security Systems
  • DOE O 205.1C, dated 5/15/19, Department of Energy Cyber Security Program. Cancels DOE O 205.1B, Chg 3, dated 4/29/14 
  • DOE M 205.1-3, Admin Chg. 1, dated 12/20/12,  Telecommunications Security Manual.  This manual is not available on the Directives Portal.  Contact  farateam@sandia.gov if you require access to this manual

Foreign Travel

Foreign Visits and Assignments

  • DOE O 142.3A, Chg 2, dated 12/13/19, Unclassified Foreign Visits and Assignments Program. Cancels DOE O 142.3A, Chg 1, dated 1/18/17

Healthcare and Support Services

  • DOE O 232.2A, Chg 1, dated 10/04/19, Occurrence Reporting and Processing of Operations Information. Cancels DOE O 232.2A, dated 01/17/17

Information Security

  • DOE O 471.3, Admin Chg 1, dated 1/13/11,  Identifying and Protecting Official Use Information
  • DOE M 471.3-1, Admin Chg 1, dated 1/13/11,  Manual for Identifying and Protecting Official Use Only Information
  • DOE O 471.6, Admin Chg 3, dated 9/12/19,  Information Security.  This order cancels DOE O 471.6, Admin Chg 2, dated 5/15/15,  Information Security
  • DOE O 475.2B, dated 10/3/14,  Identifying Classified Information.  This order cancels DOE O 475.2A, dated 2/1/11,  Identifying Classified Information
  • SD 471.6, dated 12/9/19, Operations Security Program

Personnel Security

  • DOE O 472.2, Chg.1, dated 7/9/14,  Personnel Security.  This order cancels DOE O 472.2, Admin Chg 1, dated 10/8/13,  Personnel Security 
  • NNSA SD 206.2, dated 4/14/18,  Implementation of Personal Identity Verification for Uncleared Contractors

Physical Security

  • DOE O 473.3A Chg 1, dated 1/2/18, Protection Program Operations. Cancels  DOE O 473.3A, dated 3/23/16
  • DOE O 470.3C dated 11/23/16, Design Basis Threat.  This policy is not available on the Directives Portal.  Contact  farateam@sandia.gov if you require access to this order
  • Unclassified Graded Security Protection Policy (U), dated 3/25/09.  This policy is not available on the Directives Portal.  Contact  farateam@sandia.gov if you require access to this policy
  • DOE O 470.6, Chg 1, dated 1/11/17, Technical Security Program
  • ACD 470.6, dated 7/15/19, Use of Mobile Devices Within National Nuclear Security Administration Secure Spaces

Program Planning and Management

  • DOE O 470.4B, Admin Chg 2, dated 1/17/17,  Safeguards and Security Program.  This order cancels  DOE O 470.4B, Admin Chg 1, dated 2/15/13