September 2013. DSS Security Rating Matrix Update. Security Rating Process Overview. A new security rating process was first implemented in November 2011. The current process was subsequently updated on September 1, 2013.
DSS Security Rating Matrix Update
A new security rating process was first implemented in November 2011. The current process was subsequently updated on September 1, 2013.
Numerically based, quantifiable, and accounts for all aspects of a
facility’s involvement in the National Industrial Security Program (NISP)
More standardized and less subjective rating process.
A NISP enhancement directly relates to and enhances the protection of classified information beyond baseline NISPOM standards.
Rating Matrix update in effect as of September 1, 2013.
Feedback from DSS field personnel and industry partners was gathered over the past year to refine the Rating Matrix into a more transparent, consistent, subjective process designed to identify and mitigate vulnerabilities while recognizing practices in place that enhance security programs beyond baseline NISPOM requirements.
The update does not drastically change the process - rather this builds upon the original implementation to further add clarity, drive consistency, and encourage more robust security programs.
within Security Community
in Security Community
Category 8: FOCI / International
Category 9: Classified Material Controls
And Physical Security
Category 10: Information Systems
Most notably, in the interest of transparency and clarity a one-stop product is being issued to all FSOs covering the assessment process, vulnerabilities, and enhancement categories.
Enhancements include the definition, intent, and examples.