Facility Clearance

SNL makes a determination to sponsor an entity (subcontract company, supplier or academic institution) for a Facility Clearance (FCL) based on a subcontract and legitimate need for access to or creation of classified information. The SNL Contract Security Management Program processes entities under SNL subcontract for FCLs, registers SNL subcontracts using the Contract Security Classification Specification (CSCS), and flows down DOE and SNL security requirements to subcontractor entities. Once an FCL is granted by DOE and the CSCS has been approved for an entity, its employees may then be sponsored for DOE personnel security clearances to perform work under a registered subcontract.

Facility Security Officer Responsibilities

A Facility Security Officer (FSO) is a U.S. citizen with a security clearance equivalent to the facility clearance who is assigned the responsibility of administering the requirements of the safeguards and security program at their facility. An FSO must be an employee of the entity, not a contractor.

Document

FSO Foreign Ownership Control and Influence (FOCI) Responsibilities & Facility Clearance Reporting Requirements

Description

Subcontractor companies are required to report certain events that have an impact on the status of their facility clearance. The reporting requirements stated in this document pertain specifically to the facility clearance.

Required Action

Review responsibilities and adhere to reporting requirements.

S&S-PLN-120, Non-Possessing Subcontractor Security Requirements Plan (NPSRP)

Sandia National Laboratories is responsible for complying with and flowing down DOE Contractor Requirements Documents incorporated into its contracts with subcontractors at any tier to the extent necessary to ensure compliance with DOE Directives.The NPSRP outlines the security requirements and procedures non-possessing subcontractor companies and its personnel must follow or abide by for all U.S. Government support service subcontracts to obtain DOE personnel security clearances sponsored by Sandia National Laboratories. Subcontractor companies are required to flow down the requirements in the NPSRP to all tier non-possessing subcontractor companies performing work under subcontract to SNL.

Company Key Management Personnel (KMP) and the Facility Security Officer (FSO) are obligated to read and adhere to the requirements and procedures within this plan.When requested by Contract Security Management, KMP and the FSO will submit a completed NPSRP Certification, accepting the responsibility for ensuring company compliance with the requirements relayed in the plan.

PMC-110DE, Facility Security Officer Overview

This DOE self-study training course provides an overview of the roles and responsibilities of the DOE and DOE-subcontractor FSO. The course emphasizes facility clearance requirements, personnel security, information security, incident reporting, and other related programs. The course references 32 CFR 117, National Industrial Security Program Operating Manual (NISPOM) and a comprehensive listing of DOE orders, manuals, guides, forms, and notices. Successful completion of the course, by means of six sets of Knowledge Checks, and end-of-lesson written test questions, requires a minimum score of 80% on each set. Course Outcome: Upon successful completion of this course, participants will have a basic understanding of FSO roles and responsibilities.

Required for: DOE and SNL subcontractor personnel assigned to FSO positions or functions. Submit completions via email farateam@sandia.gov

Periodic Security Review Self-Assessment Checklist

Periodic Security reviews are a requirement for all non-possessing subcontractors. This process verifies that non-possessing subcontracting companies to Sandia National Laboratories are completing self-assessments.

Required for: DOE and SNL Conduct a self-assessment for your company and provide to farateam@sandia.gov upon receipt of an Engagement Letter. If you do not have a pre-established self-assessment process or document, the Periodic Security Review Self-Assessment Checklist is available for your use.

Flowdown of Requirements

Counterintelligence

DOE O 475.1, dated 12/10/04, Counterintelligence Program

Cyber Security

NNSA SD 205.1A, dated 9/24/2024, Baseline Cybersecurity Program. Supersedes SD 205.1A.
NIST Special Publication 800-53, Revision 4-5 , Security and Privacy Controls for Information Systems and Organizations
CNSSI NO 1253, dated 3/27/14, Security Categorization and Control Selection for National Security Systems
DOE O 205.1D, dated 4/30/2024, Department of Energy Cyber Security Program. Supersedes DOE O 205.C, dated 2/3/22.

Foreign Travel

DOE O 550.1, Chg 1 (LtdChg) dated 12/13/19, Official Travel

Foreign Visits and Assignments

DOE O 142.3B, Chg 1 (LtdChg), dated 03/02/2022, Unclassified Foreign National Access Program

Healthcare and Support Services

DOE O 232.2A, Chg 1, dated 10/04/19, Occurrence Reporting and Processing of Operations Information. Cancels DOE O 232.2A, dated 01/17/17

Information Security

DOE O 471.6 Chg. 4 (LtdChg), dated 08/22/2023, Information Security
DOE O 475.2B, dated 10/3/14, Identifying Classified Information. This order cancels DOE O 475.2A, dated 2/1/11, Identifying Classified Information
NNSA SD 471.6, dated 12/9/19, Operations Security Program

Personnel Security

DOE O 472.2A, Chg. 1 (LtdChg), dated 10/28/2024, Personnel Security. This order supersedes DOE O 472.2A, dated 6/10/22.
NNSA SD 206.2, dated 4/14/18, Implementation of Personal Identity Verification for Uncleared Contractors

Physical Security

DOE O 473.1A, dated 08/30/21, Physical Protection Program. This order cancels DOE O 473.3A Chg 1, dated 01/02/18
DOE O 470.3C, Ltd. Chg. 2, dated 09/09/2020, Design Basis Threat (DBT). This policy is not available on the Directives Portal. Contact farateam@sandia.gov if you require access to this order
DOE O 470.6, Chg 1, dated 1/11/17, Technical Security Program
NA SD 470.6, dated 02/25/2022, OUO Technical Security Program

Program Planning and Management

DOE O 470.1A, Safeguards and Security Program Operations Management, dated 12/18/2024. This order supersedes DOE O 470.4B Admin Chg 3, dated 9/23/21.
DOE 470.4C, dated 12/18/2024, Safeguards and Security Planning