The Defense Counterintelligence and Security Agency (DCSA) is announcing the successful joint development of a Security Rating Scorecard in cooperation with the NISPPAC national working group. This scorecard will not change any aspect of the current security review process and is expected to be implemented on October 1, 2024. These changes reflect DCSA’s ongoing commitment to partnering with industry enhancing clarity, fairness, and transparency within the security framework governing the National Industrial Security Program (NISP).
In May 2023, DCSA and industry partners initiated a project to refine its security rating process, emphasizing the agency’s dedication to continuous improvement. These refinements are not a response to systemic errs, rather, a direct response to industry feedback on how the rating system delivers outcomes. The scorecard developed is designed to streamline and simplify the security rating process for all stakeholders. Starting October 1, 2024, the refined process will include the introduction of a numeric Security Rating Score (SRS) and enhanced criteria definitions to ensure consistent understanding and application, based on DoD Manual 5220.32 Volume 1, “National Industrial Security Program: Industrial Security Procedures for Government Activities.”
The refined system aims to minimize subjectivity, increase quality, and enhance clarity for all parties involved. DCSA will roll out comprehensive communication and training initiatives to ensure all stakeholders are well-informed about these changes. Detailed information and training materials will be available on the DCSA website.
The refined security rating process underscores DCSA’s mission and capability to safeguard critical national security information (CNSI) through a streamlined approach which places compliance with 32 CFR Part 117 first. This approach should help enable a smooth transition for industry partners and stakeholders. DCSA aims to eliminate gaps or uncertainties, empowering stakeholders with a clear understanding and confidence in the updated security rating process.