How to Maintain a Facility Clearance
Maintaining an Facility Clearance (FCL) involves more than just initial approval; it requires ongoing diligence and compliance with DCSA regulations. As a follow up to our July 16, 2024, article, “A Guide to Obtaining a Facility Security Clearance,”this article provides key responsibilities and considerations in maintaining your FCL.
Maintaining an FCL
Obtaining an FCL is just the beginning. Facilities must continuously comply with security
requirements to maintain their clearance. Key responsibilities include:
- Security Vulnerability Assessments (SVA): DCSA conducts periodic security reviews to ensure ongoing compliance.
- Training and Awareness: The FSO must provide initial and annual security training and awareness programs for cleared employees. The ITPSO must provide insider threat awareness training annually for cleared employees.
- Reporting Requirements: The facility must report any security incidents, changes in ownership or control, and other relevant changes to the DCSA.
- Personnel Security Clearances: The facility must manage personnel security clearances for employees who need access to classified information.
Key Considerations for maintaining an FCL
Key Management Personnel (KMP)
Three key KMP positions required by DCSA are the Senior Management Official (SMO), Facility Security Officer (FSO), and Insider Threat Program Senior Official (ITPSO). DCSA defines the SMO as the entity employee with the highest decision-making authority, such as a President or Managing Member. The FSO and ITPSO must be a US citizen employee of the company. These three positions require the individual to have a Personnel Clearance (PCL). If not cleared at the time the FCL Package is submitted, DCSA will initiate a PCL investigation for them. The FCL would not be able to be issued until each KMP’s eligibility is issued.
Foreign Ownership, Control, or Influence (FOCI)
Facilities with significant foreign ownership, control, or influence may face additional scrutiny and requirements. DCSA assesses FOCI factors to determine if they pose a risk to national security. Mitigation measures, such as establishing a board resolution, special security agreement, or voting trust agreement, may be required.
Compliance with Security Regulations
Facilities must adhere to all applicable security regulations, including the National Industrial Security Program Operating Manual (NISPOM) and other guidelines provided by the DCSA. Non-compliance can result in the suspension or revocation of the FCL.
Obtaining and maintaining a Facility Security Clearance is a complex process that requires
careful planning, rigorous adherence to security requirements, and ongoing commitment to protecting classified information. By understanding the steps involved and key considerations, facilities can navigate the FCL process successfully and contribute to national security efforts.
