Supporting Statement PART A (revised)

SUPPORTTNG STATEMENT
By Defense Security Services (DSS)
"Defense Security Service Industrial Security Review Data" and
"Defense Security Service Industrial Security Facility Clearance Survey Data"
A. Justification
1. Need for Information Collection

Executive Order (EO) 12829, "National Industrial Security Program (NISP)," Section
202 (a) stipulates that the Secretary of Defense shall serve as the Executive Agent for inspecting
and monitoring the contractors, licensees, and grantees who require or will require access, to or
who store or will store classified information; and for determining the eligibility for access to
classified information of contractors, licensees, and grantees and their respective employees. The
specific requirements necessary to protect classified information released to private industry are
set forth in DoD 5220.22-M, "National Industrial Security Program Operating Manual
(NISPOM)." The Executive Agent has the authority to issue, after consultation with affected
agencies, standard forms or other standardization that will promote the implementation of the
NISP. Contractors participating in the NISP are subject to an initial Facility Security Clearance
(FCL) Survey and periodic Security Reviews to determine their eligibility to participate in the
NISP and to ensure that safeguards employed are adequate for the protection of classified
information. The Cognizant Security Agency (CSA), designated by the NISPOM, is responsible
for determining the frequency of Security Reviews which may be increased or decreased for
sufficient reason, consistent with risk management principles. Department of Defense Directive
5105.42, "Defense Security Service," delineates the mission, functions and responsibilities of
DSS. DSS is an Agency of the Department of Defense, currently under the authority of the
Under Secretary of Defense for Intelligence (USD(1)). DSS functions and responsibilities include
the administration and implementation of the Defense portion of the NISP.
2. Use of the Information

DSS is the office of record for the maintenance of information pertaining to facility
clearance records and security information regarding cleared contractors in the NISP under its
security cognizance. The Facility Clearance Survey and Security Review Data elements are used
to assess and advise Government Contracting Agencies regarding the contractor's ability to
protect classified information in its possession. The information is also used to respond to
inquiries regarding the facility's clearance status and storage capability of cleared contractors.
Information collected during the Survey or Review may be provided to federal, state and local
government agencies if necessary to obtain information for an interim personnel security
clearance or making a personnel security determination concerning retention in a sensitive
position or letting a contract. Information may be provided to a congressional office in response
to an inquiry from the individual, to domestic or foreign law enforcement, security, investigative,

or administrative authorities to comply with domestic and international agreements. The
Department of Justice may receive information in support of pending or potential litigation to
which the records are pertinent. For records management purposes, Survey and Security Review
Data may be provided to the General Services Administration and National Archives and
Records Administration. Copies of the Survey and Security Review Data may also be provided
for counterintelligence activities, authorized by Federal Law or Executive Order, within and
outside DoD or the U.S. Government. Contractors are required to maintain security records
pertaining to their Facility Clearance, Cleared Personnel, Training, Top Secret
InformationEquipment (over 30 days old), Approved Security Containers, Information Systems,
Intrusion Detection Systems and Foreign Classified Contracts, etc., for the duration of their
participation in the NISP. Records pertaining to the retention of classified material upon
completion of a contract must also be kept.

3. Use of Information Technology
The FCL Survey and subsequent Security Reviews require an onsite visit at the
contractor's location with personal interviews and physical security inspections. Contractors may
provide supplemental information, Standard Practice Procedures, corrective actions, change
conditions and/or administrative inquiry reports via the utilization of information technology
(e-g., Electronic Mail (E-mail), CD-ROM, and Floppy Disk). Portions of the data collected may
be stored in databases within DSS for records management purposes. In addition, as part of the
DoD Transformation process, DSS established the Industrial Security Facility Database (ISFD),
an automated information system to handle Industrial Security information processing needs.
Contactors have been provided limited access to this data base through the Facility Verification
Request application. The application is web-enabled and provides contractors with information
pertaining to a facility's clearance status. DSS is also responsible for managing the Department
of Defense's Joint Personnel Adjudication System (JPAS). JPAS contains personnel security
clearance information for military, DoD civilian and contractor personnel. Contractors
participating in the NISP have been given direct access to JPAS and have the ability to review,
verify and update personnel security clearance information electronically.
4. Efforts to Identify Duplication
Pursuant to EO 12829 there are four CSAs who are signatories to the NISP, the
Department of Defense, Department of Energy (DOE), Central Intelligence Agency (CIA) and
the Nuclear Regulatory Commission (NRC). Although the Secretary of Defense is designated as
the Executive Agent for the NISP and the NISPOM, the SecretariesDirector of DOE, NRC, and
CIA prescribe and issue the portion of the Manual that pertains to information classified under
the Atomic Energy Act of 1954 or intelligence sources and methods, including Sensitive
Compartmented Information. The SecretariesIDirector of DOE,NRC and CIA retain the right to
inspect and monitor contractors, licensees and grantee programs and facilities that involve access
to such information or may enter into agreements with the Secretary of Defense to inspect and
monitor these programs in whole or in part, on their behalf. DSS and DOEhave entered into an
agreement to reciprocally accept each other's Facility Clearance process. The heads of other
Federal Government Agencies are required by EO 12829 to enter into agreements with the
Secretary of Defense that establish the terms of the Secretary's responsibilities on their behalf.

5. Methods Used to Minimize Burden on Small Entities
This collection of information does not have a significant impact on small businesses or
other entities. Individuals who provide their services through their own business entities (e.g.,
corporation, LLC), have no employees requiring clearances and do not require storage for
classified material may be cleared as consultants thereby eliminating the requirement for an FCL.
In addition, branch offices that do not require approval for classified storage are no longer
required to have an FCL. In both instances, the contractor is no longer subject to Security
Reviews andlor FCL Surveys.

6. Consequences of Not Collecting the Information
If the data is not collected periodicallylon occasion (e.g., initial facility clearance
processing, when the respondent changes ownershiplorganizational structure; location; or upon
request), DSS will not be able to evaluate the contractor's continued eligibility to participate in
the NISP, ensure the protection of classified information, and maintain current records.
7.

Special Circumstances

There are no circumstances that require the collection to be conducted in a manner
inconsistent with 5 CFR 1320.5(d)(2).

8.

Agency 60 Day Federal Register Notice and Consultations Outside the Agency

A Federal Register Notice appeared on December 12,2006 (71 FR 74489). No
comments were received and a copy of the Federal Register Notice is provided.
There were no other consultations made outside of DSS.

9.

Payments to Respondents
No payments or gifts will be provided to the respondents.

10. Assurance of Confidentiality
Responses to some of the questions asked during an FCL Survey or Security Review may
reveal proprietary, commercial confidential or private information. FCL Surveys and Security
Review Reports are marked as a minimum "For Official Use Only (FOUO)". Contractors also
have reporting requirements under the NISP. When contractor reports are classified or offered in
confidence and so marked by the contractor, the information will be reviewed to determine
whether it may be withheld from public disclosure under applicable exemptions of the Freedom
of Information Act. Only authorized personnel are granted access to Survey and Security Review
Data stored in DSS Contractor Facility Files and /or databases.
Contractors participating in the NISP are required to have an FCL. The FCL process
begins with the conduct of an FCL Survey. Since certain Key Management Personnel (KMPs)

must be cleared to the level of the FCL, DSS personnel gather Personal Identifying information
in order to determine whether there are existing personnel security investigations (PSIs), or to
request new PSIs as necessary.
Social Security Numbers (SSN), in conjunction with Date and Place of Birth, are utilized
as Personal Identification Numbers in accordance with Executive Order 9397, "Numbering
System For Federal Accounts Relating To Individual Persons." The Order requires Federal
Agencies to utilize the SSN, when establishing a system of permanent account numbers
pertaining to individual persons in order to move towards the use of a single unduplicated
numerical identification system of accounts and avoid the unnecessary establishment of
additional systems. The Order also requires the Social Security Administration to furnish upon
request, of any Federal Agency, the account number pertaining to any person whom such agency
has an account, or the name and other identifying data pertaining to any account number of any
such person.
Survey data is utilized by DSS personnel to initiate and build records in the Joint
Personnel Adjudication System (JPAS) for KMPs. KMPs are not able to access JPAS prior to
being issued a FCL and Personal Security Clearance. JPAS is the automated system used for
personnel security management within DoD, providing a common, comprehensive medium to
record and document personnel security actions within the Department. JPAS records are
retrievable only by use of the SSN. Privacy Act protected information is utilized to input, verify
and retrieve data found in JPAS and a Privacy Act System Notice for this system was published
in the Federal Register. In addition, SSNs are utilized to initiate the Electronic Questionnaire
for Investigation Processing (E-QIP) from JPAS. E-QIP is maintained by the Office of
Personnel Management. E-QIP is a secure web based application, designed to process and store
all personnel investigative forms for DoD, DoD Contractors, Military Services and other
participating Federal Agencies. E-QIP electronically allows Applicants to enter, update, and
release their personal investigative data over a secure Internet connection, to their employing
agency for review, and approval. In JPAS and E-QIP, the SSN, Date and Place of Birth are
mandatory fields that must be completed by authorized Department of Defense, Federal and
Contractor employees in order to build and1 or access records. Records can not be built and/or
retrieved utilizing a Name Check. SSNs will not be collected as part of the FCL Survey for
Stockholders and Negotiators unless they are required to have access to classified information.
Security controls may include the use of encryption and/or passwords, firewalls, Public
Key Infrastructure for electronic submissions and storage in safes, as appropriate. Disposal of the
data is through burning or shredding in accordance with procedures established for the handling
of FOUO and Privacy Act information.

11. Sensitive Questions
No Sensitive questions.

12. Estimates of Hour Response Burden and Annual Cost to the Respondent
(a) Respondent Burden:

(1) Industrial Security Review Data
(i) Responses Per Respondent: 1
(ii) Number of Respondents: 12,111
a. Possessors of classified: 4,78 1
b. Non-Possessors of classified: 7,330
(iii) Hours Per Response:
a. Possessors of classified: 5.3
b. Non-Possessors of classified: 2
(iv) Annual Burden Hours: 39,999 hours = (5.3 hours x 4,781 respondents) +
(2 hours x 7,330 respondents)

(2) Facility Security Clearance Survey Data
(i)
(ii)
(iii)
(iv)

Responses Per Respondent: 1
Number of Respondents: 1,761
Hours Per Response: 2 hours
Annual Burden: 3,522 hours = (2 hours x 1,761 respondents)

(3) Total Annual Burden Hours: 43,521 hours = 39,999 hours + 3,522 hours
(i) Industrial Security Reviews: 39,999 hours
(ii) Facility Security Clearance Surveys: 3,522 hours
(4) Total Number of Responses: 13,872 = (1 response x 12,111 security review
respondents) + (1 response x 1,761 FCL survey respondents)
(b) Respondent Cost
(1) Annual Cost to Respondent:
(i) Facility Survey: $78.28 = ($52.88 x .25 hours) + ($38.04 x 1.5 hours) +
($3 1.99 x .25 hours)
(ii) Security Review:
a. Possessing: $207.44 = ($52.88 x .6625 hours) + ($38.04 x 3.975 hours) +
($31.99 + .6625 hours)
b. Non-Possessing: $78.28 = ($52.88 x .25 hours) + ($38.04 x 1.5 hours) +
($3 1.99 x .25 hours)
(2) Total Annual Cost to Respondents: $1,703,414.12 = $1 37,85 1.08 + $991,770.64 +
$573,792.40
(i) Facility Survey: $137,851.08 = $78.28 x 1,761 respondents
(ii) Security Review
a. Possessing: $991,770.64 = $207.44 x 4,78 1 respondents
b. Non-Possessing: $573,792.40 = $78.28 x 7,330 respondents

(3) Explanation of Respondent Cost:

(i) Cost to respondent is based on the approximate salary of a Key Management
OfficiallGS 15 Step 1, Facility Security Officer (FSO)/GS 13 Step 1 and
EmployeeIGS 12 Step 1 (January 2007 salary for Washington DC Metropolitan
Area):
a. KMP Salary rate: $52.88 an hour x 12.5% of the review or survey
assessment time.
b. FSO Salary Rate: $38.04 an hour x 75 % of the review or survey
assessment time.
c. Employee Salary Rate: $3 1.99 an hour x 12.5% of the survey assessment
time.
(ii) FCL Survey Time: KMP: 2 hours x 12.5% = .25 hours; FSO: 2 hours x 75% =
1.5 hours and Employee: 2 hours x 12.5% = -25hours
(iii) Security Review Time:
a. Possessing: KMP: 5.3 hours x 12.5% = .6625 hours; FSO: 5.3 hours x 75%
= 3.975 hours and Employee: 5.3 hours x 12.5% = .6625 hours
b. Non-Possessing: KMP: 2 hours x 12.5% = .25 hours; FSO: 2 hours x 75%
= 1.5 hours and Employee: 2 hours x 12.5% = .25 hours
(iv) Number of Security Review Respondents:
a. Possessing: 4,78 1
b. Non-Possessing: 7,330
(v) Number of Survey Respondents: 1,761
13. Estimates for Cost Burden:

As noted in Item 3. above, DSS established ISFD to handle all of its Industrial Security
Information processing needs and is responsible for managing JPAS, to which contractors have
been given limited access. In order to ensure connectivity to the new systems there may be initial
start up costs for the contractors pertaining to the need to upgrade their hardware andlor
software. Potential costs to the contract should be offset by efficiencies gained through the
elimination of paper reports and the ability to request and receive facility and personnel security
clearance information electronically.
Total Capital1 Startup Cost To Respondent:
(1) Security Review: $1,332,210.00 = $1 10 per Software License x 12,111
Respondents
(2) FCL Survey: $193,710.00 = $1 10 per Software License x 1,761 respondents
(3) Total Annualized Cost = $1,525,920.00
14. Estimates of Annual Cost to Government:

(a) Facility Survey 0pe.rations and Maintenance Costs
(1) Printing/Recording: $28,136.00 = $440.25 + $18,490.50 + $9,245.25
i. FCL Guide: $440.25 = 1,761 respondents (5 pages x $.05)
ii. NISPOM Paper Copy: $18,490.50 = 1,761 respondents (210 pages x $.05)
iii. NISPOM CD ROM: $9,245.25 = 1,761 respondents x $5.25 per CD copy
(2) Postage for Contractor Notification Letter/NISPOM CD: $2,747.16 = ($.39 x 4) x
1,761 respondents
(3) Supplies:
i. Paper: $2,904.65 = $37.5 x 77.484 boxes
[(1,761 x 220 pages)l500 pages per ream = 774.84 reams110 ream per box =
77.484 boxes]
ii. NISPOM CD ROM: $5.25 = 210 pages x $.025 [cost to reproduce]
(4) Transportation/Fuel: $28,176.00 = $1 6 x 1,761 [FCL Surveys conducted]
(5) Communications/Information Technology: $33,459 = $19.00 x 1,761 [FCL
Surveys conducted]

(6) UtilitiesISpace: $30,377.25 = $17.25 x 1,761 [FCL Surveys conducted]
(7) FCL Survey Data Collection: $101,248.695 = [($38.04 x .25 hours) + ($31.99 x
1.5 hours)] (1,761 respondents)
(8) Total Estimated Cost: $227,048.76 = $28,136.00 [PrintingRecording] +
$2,747.16 [Postage] + $2,904.65 [Supplies] + $28,176.00 [Transportation/Fuel] +
$33,459.00 [Communications/IT] + $30,377.25 [UtilitiesISpace] + $101,248.695
[ FCL Surveys conducted]

(b) Security Review Operations and Maintenance Costs:
(1) Postage: Contractor Notification Letter: $4,723.29 = $.39 x 12,111

(2) Supplies: Paper: $227,08 1.25 = (12,111 x 5 pages)/500 pages per ream =
60,555.00 reams110 reams per box = 6055.5 boxes x $37.5 per box
(3) TransportationRuel: $193,776.00 = $16.00 x 12,111 [Security Reviews
conducted]
(4) Communications/Inforrnation Technology: $230,109.00 = $19.00 x 12,111

[Security Reviews conducted]

(5) Utilitieslspace: $208,914.75 = $17.25 x 12,111 [Security Reviews conducted]

(6) Security Review Data Collection

i. Possessing: $848,914.36 = [($38.04 x 1.325 hours) + ($31.99 x 3.975 hours)]
(4,78 1 respondents)
ii. Non-Possessing: $433,203.00 = [($38.04 x -25hours) + ($3 1.99 x 1.5 hours)]
(7,330 respondents)

(7) Total Estimated Cost: $2,146,921.65 = $4,723.29 [Postage] + $227,081.25
[Supplies] + $193,776.00 [Transportation/Fuel] + $230,109.00
[Communication/IT]+ $208,914.75 [UtilitiesISpace] + $848,914.36 [Security
Review/Possessing] + $433,203.00 [Security Reviewmon-Possessing]
(c) Total Estimated Annual Costs to the Government: $2,373,970.41 = $227,048.76 [FCL
Survey] + $2,146,921.65 [Security Review]
(d) Explanation of Cost to the Government:
(1) Survey and Security Review costs are based on the approximate salary of GS 13
Step 1 (CI Specialist/ISSP/Supervisor)and GS 12 Step1 IS Rep (Effective January
2007):
i. GS 13 Step 1 Salary Rate: ($38.04 an hour) x (25% of the review or survey
assessment time)
ii. GS 12 Step 1 Salary Rate: ($31.99 an hour) x (75% of the review or survey
assessment time)
(2) FCL Survey Time:
i. GS 13 Step 1: (2 hours) x (25% of the review) = .5 hours
ii. GS 12 Step 1: (2 hours) x (75% of the review) =1.5 hours
(3) Security Review Time:
i. Possessing:
a. GS 13 Step 1: (5.3 hours) x 25% = 1.325 hours
b. GS 12 Step 1: (5.3 hours) x 75%= 3.975 hours
ii. Non-Possessing:
a. GS 13 Step 1: (2 hours) x 25% = .25 hours
b. GS 12 Step 1: (2 hours) x 75% = 1.5 hours
(4) Printingmecording: $.05 per page, $5.25 per NISPOM CD ROM
(5) Postage: $.39
(6) Supplies:
i. Paper: 500 pages per packlream, 10 packslreams per box, average $37.5 per
box.
a. NISPOM: 210 pages
b. Notification Letter: 5 pages
c. FCL Survey Guide: 5 pages

(7) Transportation/Fuel:
i. Average Purchase/Maintenance Daily Rate $6 = $15,000.00 per car/ over 7 years
[365 days x 7 = 2,555 days]
ii. Average Fuel Costs per Collection: $10 = 5 gallons x $2.00

15. Program Changes and Adjustments
There is a slight increase in burden hours and cost due to an increase of respondents
participating in the NISP.
16. Publication PlansITime Schedule

There are no plans to formally publish or tabulate the information collected, although
some of the information maybe used for budgeting purposes or to meet information reporting
requirements as referenced in Item 2., above.

17. Approval Not to Display Expiration Date
Approval is not sought for avoiding display of the expiration date for OMB approval of
the information collection.
18. Exceptions to the Certificate Statement

It is believed that DSS is in compliance with the requirements of Item 19, "Certification
for Paperwork Reduction Act Submissions".

B. Collection of Information Employing Statistical Methods
Statistical methods are not employed for collection of this information.