TEAMS-Next Statement of Work Security Operations and Counterintelligence September 20, 2021
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
TEAMS-Next Statement of Work
Security Operations and Counterintelligence
September 20, 2021
Approved for Public Release
21-MDA-10929 (18 Aug 21)
1HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
Revision History
Author Date MR Number P0000X Reason For Change(s) SOW Version
Approved for Public Release
21-MDA-10929 (18 Aug 21)
2HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
1.0 Top Level Overview
1.1 Purpose
This Statement of Work (SOW) supports the Missile Defense Agency's (MDA) mission to
develop, test, and field an integrated, layered Missile Defense System (MDS) to defend the
United States (U.S.), its deployed forces, allies, and friends against all ranges of enemy
ballistic missiles in all phases of flight. The types of support required includes: 1)
engineering and technical support; 2) studies, analyses, and evaluations, and 3) management
and professional services.
This contract consists of the Security and Counterintelligence requirement. The Security
requirement consists of supporting the development, implementation, maintenance, and
assessment of security, emergency management, and program protection for the integrated,
layered Missile Defense System (MDS). Efforts include assisting with: Government review
and disclosure of U.S. Classified Military Information (CMI) and Controlled Unclassified
information (CUI) to foreign governments and international organizations; International
visits and assignments to the MDA; Technology transfer; Munitions export/import licensing
for all MDA personnel, offices, components, and support contractors or organizations that
receive funding from MDA; and, Declassification of documents related to all MDA
Research, Development, and Acquisition (RDA) Programs, including Test and Evaluation
(T&E) activities, and fielding of the MDS. The Counterintelligence requirement supports
Government efforts to integrate Defensive Counterintelligence (CI) activities, products and
services, into MDA RDA Programs, Special Access Programs (SAPs); T&E activities; and,
worldwide deployment of the MDS. These requirements include Agency CI Program
missions and functional areas authorized by Department of Defense (DoD) Directive O-
5240.02 that detect, identify, assess, exploit, penetrate, degrade, and counter or neutralize
intelligence collection efforts, other intelligence activities, sabotage, espionage, sedition,
subversion, assassination, and terrorist activities directed against the MDA, its personnel,
information, material, facilities, and activities worldwide. All DoD CI activities conducted
under this requirement must be executed in accordance with (IAW) DoD Directive (DoDD)
5240.01 and DoD Regulation 5240.1-R.
1.2 Organizational Description
a. Engineering Directorate (MDA/DE) – Responsible for technical design and development
of the MDS. DE oversees and integrates all activities associated with: system
engineering and technical integration; Modeling and Simulation (M&S) in support of
MDS requirements definition and capability verification; the performance of independent
technical assessments; and, technical intelligence. DE is the Engineering Functional
Manager. The primary support under this contract is for the Engineering functional
organization.
b. Program Protection (MDA/DEI-R) – Implements the Research Development and
Acquisition (RDA) Security, Information Safeguards, and Matrix Security programs
Approved for Public Release
21-MDA-10929 (18 Aug 21)
3HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
within the Agency on behalf of the Director, Technical Intelligence (DEI). Program
Protection provides Program Protection Planning, Cyber Mission Assurance, Supply
Chain Risk Management, Acquisition/Industrial Security, Information Security,
Operations Security, Classification Management, Security Review Supporting Public
Release, Declassification, Security Training, and Security Professional Development
policy oversight and implementation to ensure protection of Controlled Unclassified
Information (CUI) and collateral classified information, and daily operational support to
the Program Protection Directorate.
c. Security and Emergency Management (MDA/DSS) – Implements the MDA Physical
Security, Test Security, and Antiterrorism/Force Protection Programs, as well as MDA
Emergency Management Planning and Continuity of Operations (COOP) Programs and
Department of Defense (DoD) Mission Assurance Construct. Work undertaken by DSS
provides integrated Physical Security, Antiterrorism/Force Protection (AT/FP), and
Emergency Management/Continuity of Operations support to MDA leadership through
the protection of Agency personnel, information, and facilities. This includes the
capability to prepare for, mitigate, respond to, and recover from man-made and natural
disasters.
d. International and Policy Directorate International Security Division (MDA/DIS) –
Manages the review and disclosure of U.S. classified military information (CMI) and
controlled unclassified information (CUI) to foreign governments and international
organizations, international visits and assignments to MDA, technology transfer, and
munitions export/import licensing for all Agency personnel, offices, components, and
support contractors or organizations that receive funding from MDA. Serves as the MDA
lead for Committee on Foreign Investment in the United States (CFIUS) case processing
and reviews Small Business Innovative Research (SBIR) and Small Business Technology
Transfer (STTR) contracts to determine if work performance is export-controlled.
e. Counterintelligence Division (MDA/DEI-X) – Conducts counterintelligence (CI)
activities (investigations, operations, collection, analysis and production, and defensive
functional services) to detect, identify, assess, exploit, penetrate, degrade, and counter or
neutralize foreign intelligence collection efforts, sabotage, espionage, and terrorist
activities directed against the MDA, its personnel, information, material, facilities and
activities. Also serves as the MDA Office of Primary Responsibility to the National and
DoD CI and Law Enforcement (LE) communities. Integrates CI products, services and
defensive CI activities into all MDA programs and activities to detect, identify, assess,
exploit, penetrate, degrade, and counter or neutralize foreign intelligence collection
efforts, sabotage, espionage, and terrorist activities directed against the MDA, its
personnel, information, material, facilities and deployed MDS assets worldwide.
f. Special Security Office (MDA/DEI) – Responsible for implementing and administering
the Defense Special Security System on behalf of the Senior Intelligence Officer. The
Special Security Office (SSO) manages the planning, design, and construction security of
new and existing facilities, and enforces Intelligence Community Standards for the
Approved for Public Release
21-MDA-10929 (18 Aug 21)
4HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
accreditation, operation, and reciprocal use of these facilities. The Special Security
Office performs all aspects of physical, personnel, information, information systems, and
technical security within the accredited spaces. The Special Security Office is also
responsible for the implementation of DoD Procedures for the Agency’s Personnel
Security Program, processing all initial and periodic reinvestigations, as well as
managing suitability cases, continuous evaluation and vetting. Other areas of
responsibility include the North Atlantic Treaty Organization (NATO) Sub-registry, the
Trusted Associate Sponsorship System; Pentagon Access; Contractor Equivalent
Investigations; COE/JWICS Account and Access Control; IC PKI Trusted Agent
functions; Department of Energy (DOE) Visits; and, participation in the Insider Treat
Program.
1.3 General Requirements
a. Non-Personal Services - The Government shall neither supervise contractor employees
nor control the method by which the contractor performs the required work within the
hours invoiced for each employee. It shall be the responsibility of the contractor to
manage its employees and to guard against any actions that are personal services in
nature, or give the perception of personal services as defined in Federal Acquisition
Regulations (FAR) 37.104. If the contractor believes that any actions constitute, or are
perceived to constitute personal services, it shall be the contractor’s responsibility to
notify the Procuring Contracting Officer (PCO) and Contracting Officer’s Representative
(COR) immediately.
b. Business Relations – The contractor shall successfully integrate and coordinate all
activities needed to execute the requirements. The contractor shall manage the timeline,
completeness, quality of problem identification, and fraud prevention/reporting (i.e.,
obligation to ensure expenses charged to the contract are properly accounted for before
submitting invoices to MDA). The contractor shall provide corrective action plans,
proposal submittals, timely identification of issues, and effective management of
subcontractor. The contractor shall seek to ensure customer satisfaction and professional
and ethical behavior of all contractor personnel in support of the U.S. Government.
c. This SOW identifies requirements and associated products for the MDA’s Security
offices and CI Division. Support will sustain the MDS throughout the acquisition life
cycle as part of engineering activities that enable the MDS to defend regional interests,
allies, and deployed forces against missile threats.
d. In execution of this contract, support to DEI-X will use the covering agent concept. CI
covering agent support is the technique of assigning a primary supporting special agent to
a program. The special agent will conduct all routine liaison, advice and assistance, and
integrate CI products and services with the supported program. It ensures detailed
familiarity with the supported program’s operations, personnel, security, vulnerabilities,
and, in turn, provides the program with a designated point of contact for reporting matters
with actual or potential CI nexus.
Approved for Public Release
21-MDA-10929 (18 Aug 21)
5HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
1.4 Reference Documents
The following documents are applicable to this SOW:
a. Program Protection:
DAG-Chapter 9 “Defense Acquisition Guidebook (DAG) Chapter 9 Program
Protection”
DoDI 5200.48 “Controlled Unclassified Information (CUI)”
DoDI 5200-44 “Protection of Mission Critical Functions to Achieve Trusted Systems
and Networks (TSN)”
DoDM 5200.01 Vol 1”DoD Information Security Program: Overview, Classification,
and Declassification”
DoDM 5200.01 Vol 2 “DoD Information Security Program: Marking of Information”
DoDM 5200.01 Vol 3 “DoD Information Security Program: Protection of Classified
Information”
E.O. 13526 “Executive Order (E.O.) 13526 – Classified National Security
Information”
MDA 5200.08-M “Procedures for Protection of Critical Program Information,
Mission Critical Functions, and Critical Components within the Missile Defense
Agency”
MDA Directive 5200.08 “Program Protection within the Missile Defense Agency”
Executive Order (E.O) 13526 “Classified National Security Information”
Atomic Energy Act of 1954 “Development and Control Act of Atomic Energy”
DoDI 5000.02 “Operation of the Defense Acquisition System”
DODI 5200.39 “Critical Program Information (CPI) Identification and Protection
Within Research, Development, Test, and Evaluation (RDT&E)”
DoDM 3305.13 “DoD Security Accreditation and Certification”
DoDM 5200.01 “DoD Information Security Program: Controlled Unclassified
Information (CUI)”
DoDI 5200.48 “Interim Guidance Memorandum (IGM) Controlled Unclassified
Information (CUI) on Missile Defense Agency (MDA) Acquisitions with
Commercial Industry”
EO 12829 “National Industrial Security Program”
EO 11858 “Foreign Investment in the United States”
DoDD 2000.25 “DoD Procedures for Reviewing and Monitoring Transactions Filed
with the Committee on Foreign Investment in the United States (CFIUS)”
DoDD 5230.09 “Clearance of DoD Information for Public Release”
DoDD 5400.07 “DoD Freedom of Information Act (FOIA) Program”
MDA 5200.02-INS “DoD Information Security Program”
b. Security and Emergency Management:
Approved for Public Release
21-MDA-10929 (18 Aug 21)
6HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
DoD 5200.01, Volume 3, DoD Information Security Program: Protection of
Classified Information
DoD Instruction (DoDI) 2000.12
DoDI 2000.16
DoDI 2000.16 Vol 1 and 2
DoD Minimum Antiterrorism Standards for Buildings and/or Interagency Security
Committee (ISC) physical security standards
United States Northern Command (USNORTHCOM) Instruction 10-222
Unified Facilities Criteria (UFC) 4-010-01
MDA 5200.01-INS, Physical Security Program
MDA Security Operations Center (SOC) Standard Operating Procedures and
applicable sub-annexes and Special Security Instructions (SSIs)
Chairman Joints Chiefs of Staff (CJCS) Guide 5260, Self-Help Guide to
Antiterrorism, September 1, 2010
Joint Publication (JP) 3-07.2, Antiterrorism, November 24, 2010
UFC 4-010-02, DoD Minimum Antiterrorism Standoff Distances for Buildings
February 9, 2012 (Note: No longer mandatory but threat driven)
UFC 4-023-03, Design of Buildings to Resist Progressive Collapse, July 14, 2009
Change 1 January 27, 2010
MDA Manual 2000.16, Vol 1, Antiterrorism Program, Antiterrorism Standards,
January 29, 2021
(CUI) MDA Manual 2000.16, Vol 2, Antiterrorism Program Implementation: Force
Protection Condition System, January 29, 2021
MDA Directive 3000.10, Ballistic Missile Defense System Flight Test Concept of
Operations, June 20, 2019
DoDD 3020.40, Mission Assurance, November 29, 2016, Change 1, September 11,
2018
DoDI 3020.45, Mission Assurance Construct, August 14, 2018
National Security Strategy of the United States of America – March 3, 2021 (Interim)
Robert T. Stafford Disaster Relief and Emergency Assistance Act, November 23,
1988
Executive Order 12196 – Occupational safety and health programs for Federal
employees, February 26, 1980
Executive Order 12656--Assignment of emergency preparedness responsibilities,
November 18, 1988
Executive Order 13375, “Amendment to Executive Order 13295 relating to certain
influenza viruses and quarantinable communicable diseases,” April 1, 2005
National Preparedness Goal
National Security Presidential Directive-51/Homeland Security Presidential
Directive-20 (NSPD-51/HSPD-20), “National Continuity Policy,” May 9, 2007
Presidential Decision Directive (PDD) 62, “Protection Against Unconventional
Threats to the Homeland and Americans Overseas,” May 22, 1998, Declassified
March 18, 2014
Approved for Public Release
21-MDA-10929 (18 Aug 21)
7HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
National Incident Management System (NIMS), Last Updated June 22, 2021, but
latest published is October 2017
Department of Homeland Security, “National Response Framework,” Last Update
October 29, 2020
Federal Emergency Management Agency (FEMA) Guide “National Response
Framework,” Last Update October 29, 2020
National Continuity Policy Implementation Plan, August 2007, Federal Continuity
Directive 1, Issue Date, January 17, 2017, Directive 2, Issue Date June 13, 2017
National Infrastructure Protection Plan (NIPP), February 2013, NIPP Security and
Resilience Challenge 2016, 2017, 2018 (Cybersecurity and Infrastructure Security
Agency)
National Strategy for Pandemic Influenza (NSPI), November 2005, May 2006
Homeland Security Council, “National Strategy for Pandemic Influenza
Implementation Plan,” May 2006, Update 2017, Update 2019
National Strategy for Pandemic Influenza Implementation Plan (NSPIIP), May 2006,
(U.S. Department of State 2001-2009)
National Exercise Program Implementation Plan (NEPIP), 2008, Last Update July 20,
2020
Department of Health and Human Services, “HHS Pandemic Influenza Plan”
November 2005, Last Update 2017
Federal Manager's Decision Makers Emergency Guide OPM Website December 22,
2003
Federal Management Regulation Title 41, Code of Federal Regulations, Part 102-74
Subpart C (Government Services Administration (GSA) Leased Space and Facilities)
2012
Federal Preparedness Circular 60, “Continuity of the Executive Branch of the Federal
Government during National Security Emergencies,” Circular dated April 30, 2001
Federal Continuity Directive (FCD) 1, “Federal Executive Branch National
Continuity Program and Requirements,” February 2008
HSPD 1, “Organization and Operation of the Homeland Security Council, October
29, 2001
HSPD 3, “Homeland Security Advisory System,” March 11, 2002
HSPD 5, “Management of Domestic Incidents,” February 28, 2003
HSPD 7, “Critical Infrastructure Identification, Prioritization, and Protection,”
December 17, 2003
Presidential Policy Directive (PPD) 8, “National Preparedness,” March 30, 2011
HSPD 12, “Policy for a Common Identification Standard for Federal Employees and
Contractors,” August 27, 2004
FCD 2, “Federal Executive Branch Mission Essential Functions and Candidate
Primary Mission Essential Functions Identification and Submission Process”, June
13, 2017
National Communications System Directive (NCSD) 3-10, “Minimum Requirements
for Continuity Communications Capabilities”
Approved for Public Release
21-MDA-10929 (18 Aug 21)
8HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
Homeland Security Exercise and Evaluation Program (HSEEP)
29 Code of Federal Regulations (CFR) 1910.38 (Exit Routes, Emergency Action
Plans and Fire Prevention), November 7, 2002
36 CFR, Part 1236, “Management of Vital Records,” July 1, 2000
41 CFR, 101.20.103-4, “Occupant Emergency Program,” July 1, 1999
National Fire Protection Association (NFPA) 1600 Standard on “Disaster/Emergency
Management and Business Continuity Programs,” 2013 Edition
National Institute of Standards and Technology (NIST) Special Publication 800-34,
“Contingency Planning Guide for Information Technology Systems,” June 2002
NIST Special Publication 800-53, “Security and Privacy Controls for Federal
Information Systems and Organizations,” Rev 4, April 2013, Includes Updates as of
January 22, 2015
Office of Personnel Management, “Human Management Policy for a Pandemic
Influenza”
DoDI 3020.42, “Defense Continuity Plan Development,” February 17, 2006
DoDI 6055.17, “DoD Installation Emergency Management (IEM) Program,” June 12,
2019
DoDI 3001.02, “Personnel Accountability in Conjunction with Natural or Manmade
Disasters,” May 3, 2010
Army Regulation (AR) 525-27, “Army Emergency Management Program,” March
29, 2019
AR 525-13, “Antiterrorism,” December 3, 2019
JP 3-27, “Homeland Defense,” April 10, 2018
JP 3-41, “Chemical, Biological, Radiological, Nuclear and High-Yield Explosive
Consequence Management,” September 9, 2016
Executive Council on Integrity and Efficiency, “IG's Guide to Evaluating Agency
Emergency Preparedness,” November 1, 2006
DoDD 3020.26, “DoD Continuity Policy,” February 14, 2018
DoDD 5134.9, “Missile Defense Agency,” September 17, 2009
DoDI 3020.42, “Defense Continuity Plan Development,” February 17, 2006
Department of Defense, “National Defense Strategy of the United States of America,”
March 2005
Department of Defense, “Implementation Plan for Pandemic Influenza,” August 2006
USNORTHCOM AT Operations Order (OPORD) 05-01B National Response Plan, 6
May 2005
JP 3-11 “Operations in Chemical, Biological, Radiological, and Nuclear
Environments,” 28 October 2020
JP 3-41 “Chemical, Biological, Radiological, and Nuclear Response,” 9 September
2016
DoD Civilian Personnel Management Service Emergency Preparedness and Response
Guide, May 2007
OSD 21913-05 – Implementation of the National Response Plan and National
Incident Management System
Approved for Public Release
21-MDA-10929 (18 Aug 21)
9HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
Assistant Secretary of Defense (Health Affairs) Memorandum, “Department of
Defense Influenza Pandemic Preparation and Response Health Policy Guidance,” 25
January 2006
DoD, “Strategy for Homeland Defense and Civil Support,” June 2005
c. International Security:
Title 22, Code of Federal Regulations, Chapter I, Subchapter M, “International
Traffic in Arms Regulations (ITAR)” Parts 120-130, [Foreign Relations]
Title 15, Code of Federal Regulations Chapter VII, Subchapter C, “Export
Administration Regulations,” Parts 730-774
National Disclosure Policy-1, “National Policy and Procedures for the Disclosure of
Classified Military Information to Foreign Governments and International
Organizations,” [short title: National Disclosure Policy (NDP-1)], February, 14, 2017
DoDD 5000.01, “The Defense Acquisition System,” May 12, 2003, Incorporating
Change 2, August 31, 2018
DoDD 5111.21, “Arms Transfer and Technology Release Senior Steering Group and
Technology Security and Foreign Disclosure Office,” October 14, 2014
DoDD 5132.03, “DoD Policy and Responsibilities Relating to Security Cooperation,”
December 29, 2016
DoDD 5134.09, “Missile Defense Agency (MDA),” September 17, 2009
DoDD 5230.11, “Disclosure of Classified Military Information to Foreign
Governments and International Organizations,” June 16, 1992
DoDD 5230.20, “Visits and Assignments of Foreign Nationals,” June 22, 2005
DoDD 5230.25, “Withholding of Unclassified Technical Data from Public
Disclosure,” November 6, 1984, as amended
DoDD 5400.07, “DoD Freedom of Information Act (FOIA) Program,”
April 5, 2019
DoDD 5530.3, “International Agreements,” June 11, 1987, as amended
DoDI 2000.25, “DoD Instruction, Procedures for Reviewing and Monitoring
Transactions Filed with the Committee on Foreign Investment in the United States
(CFIUS),” August 5, 2010
DoDI 2040.02, “International Transfers of Technology, Articles, and Services,”
March 27, 2014, Incorporating Change 1, July 31, 2017
DoDI 5230.24, “Distribution Statements on Technical Documents,”
August 23, 2012, Incorporating Change 3, October 15, 2018
DoDM 5200.01, Volumes 1 through 4, “DoD Information Security Program,”
February 24, 2012, as amended
MDA Directive 3204.01, “Small Business Innovation Research and Small Business
Technology Transfer Programs,” January 12, 2018
MDA Instruction 2070.01-INS, “Preparation of the Project Security Instruction and
Security Classification Guide for International Agreements,” August 02, 2018
MDA Instruction 5230.02-INS, “International Security,” April 3, 2014
MDA Instruction 5200.02-INS, “Information Security Program,” March 22, 2018
Approved for Public Release
21-MDA-10929 (18 Aug 21)
10HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
MDA Instruction 5000.03-INS, “Committee on Foreign Investment in the United
States; Foreign Ownership, Control, or Influence; and National Interest
Determination,” July 06, 2018
MDA Manual 5200.08-M, “Procedures for Protection of Critical Program
Information, Mission Critical Functions, and Critical Components within the Missile
Defense Agency,” May 01, 2019
Deputy Secretary of Defense Memorandum, “Training in International Security and
Foreign Disclosure Support to International Programs,” October 22, 1999
d. Counterintelligence:
DoDD 5148.13 Intelligence Oversight
DoDD 5240.01 DoD Intelligence Activities
DoDD 5240.02 Counterintelligence (CI)
DODI 5240.05 Technical Surveillance Countermeasures (TSCM)
DoDD 5240.06 Counterintelligence Awareness and Reporting (CIAR)
DoDD 5205.16 Counterintelligence Functional Services
DoDI O-5240.10 Counterintelligence (CI) in the DoD Components
DoDI 5240.18 Counterintelligence Analysis and Production
DoDI S-5240.23 Counterintelligence Activities in Cyberspace
DoDI O-5240.24 Counterintelligence Activities Supporting Research, Development
and Acquisition (RDA)
DoDI 5240.26 Countering Espionage, International Terrorism, and the
Counterintelligence (CI) Insider Threat
MDA Cyber Forensics Laboratory (CFL) Standard Operating Procedure (SOP)
e. SSO:
Security Executive Agent Directive (SEAD) 3, Reporting Requirements for Personnel
with Access to Classified Information or Who Hold a Sensitive Position
SEAD 4, National Security Adjudicative Guidelines
SEAD 8, Temporary Eligibility
DoD Manual 5200.02, Procedures for the DoD Personnel Security Program (PSP)
DoD Manual 5105.21, Volume 1, Sensitive Compartmented Information (SCI)
Administrative Security Manual: Information and Information Systems Security
DoD Manual 5105.21, Volume 2, Sensitive Compartmented Information (SCI)
Administrative Security Manual: Administration of Physical Security, Visitor
Control, and Technical Security
DoD Manual 5105.21, Volume 3, Sensitive Compartmented Information (SCI)
Administrative Security Manual: Administration of Personnel Security, Industrial
Security, and Special Activities
Intelligence Community Directive 705, Sensitive Compartmented Information
Facilities
Intelligence Community Directive 700, Protection of National Intelligence
Approved for Public Release
21-MDA-10929 (18 Aug 21)
11HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
IC Tech Spec for ICD/ICS 705, Technical Specifications for Construction and
Management of Sensitive Compartmented Information Facilities
f. Travel:
Joint Travel Regulation (JTR), current version at https://www.defensetravel.dod.mil/
Synchronized Pre-deployment and Operational Tracker (SPOT), current version at
https://www.acq.osd.mi/log/PS/spt.html
Note: Support under this requirement will be completed using the referenced documents
listed in this section. If any document referenced in this section is replaced or superseded,
the replacement or superseding document shall be applicable to this SOW unless MDA
provides other guidance. In addition, while this section provides documents to be used
completing this requirement, work is not limited to these documents. Other documents may
be provided by the Government, or required by the Government, for use in supporting this
requirement throughout the life of the contract.
2.0 Government and Proprietary Information and Non-Disclosure Agreements
2.1 Government and Proprietary Information
In the performance of this contract, the contractor may be provided access to privileged
Government information. Government information may include items such as plans,
policies, reports, studies, financial plans, or data which has not been released or otherwise
made available to the public. The contractor shall ensure that all such information is
protected in accordance with any restrictions imposed on such information. The contractor
agrees that without the prior written approval of the PCO, it shall not:
1) Use such information for any private purpose unless the information has been
released or otherwise made available to the public.
2) Compete for work based on such information after the completion of this contract, or
until such information is released or otherwise made available to the public,
whichever occurs first.
3) Submit an unsolicited proposal to the Government which is based on such
information after such information is released or otherwise made available to the
public, whichever occurs first.
4) Release information unless such information has previously been released or
otherwise made available to the public by the Government.
The contractor agrees that, to the extent it receives or is given access to proprietary data,
trade secrets, or other confidential or privileged technical, business, or financial information
(hereinafter referred to as "proprietary data") under this contract, it shall treat such
Approved for Public Release
21-MDA-10929 (18 Aug 21)
12HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
information in accordance with any restrictions imposed on such information. The contractor
further agrees to enter into a written agreement for the protection of the proprietary data of
others and to exercise diligent effort to protect such proprietary data from unauthorized use
or disclosure.
2.3 Non-Disclosure Agreements (NDAs)
The contractor shall require all employees, and all subcontractor employees at all tiers, to
sign the Missile Defense Agency Non-Disclosure Agreement (MDA NDA) set forth in
Section J Attachment 06 within 10 days of employment. The signed forms shall be
submitted to the PCO and the COR within 10 days of employee signature.
The contractor shall obtain from each employee under this contract, a written non-disclosure
agreement (Section J Attachment 06) which shall provide that the employee shall not, during
his/her employment by the contractor or thereafter, disclose to others or use for their benefit,
privileged Government information or proprietary data received in connection with the work
under this contract. The contractor shall educate its employees regarding the philosophy of
Part 9.505-4 of the FAR so that they will not use or disclose Government information or
proprietary data acquired in the performance of this contract.
The MDA NDA is required of all contractor employees and subcontractors supporting under
this effort; however, there may be additional NDAs required (i.e., Planning, Programming,
Budgeting and Execution (PPBE)) dependent upon the support required at any given time
throughout period of performance of the contract. The contractor shall certify completion of
the MDA NDA requirement and others applicable NDAs for each employee via the Monthly
Manpower Report (Contract Data Requirements List (CDRL) A004).
3.0 Scope of Work
3.1 Program Protection
3.1.1 Description - The contractor shall provide support to RDA Security, Information
Safeguards, Matrix Security, and Training and Operations.
3.1.2 Task Details
a. Support RDA Security in execution and oversight of the Acquisition System Protection
Program for all established and developing MDA Programs. Prepare staffing positions
for approval and track through action completion. Support meetings to discuss
requirements/issues.
Specifically, the contractor shall:
1) Support Program Protection Planning and coordination of Program Protection Plan
(PPP) activities across the MDA. Track program events/milestones to identify
Approved for Public Release
21-MDA-10929 (18 Aug 21)
13HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
when planning is required, assist the program office with assembling experts into
integrated product teams (IPTs), facilitate critical program information (CPI)
identification/analysis through the IPT process, identify Horizontal Protection
requirements, and compare other DoD systems CPI through the Acquisition
Security database (ASDB). Provide Software Assurance (SwA) expertise and lead
functions to develop and implement SwA policies and engineering guidelines in
alignment with the Joint Federated Assurance Center (JFAC) “best practices”
throughout the system development life cycle (SDLC). Participate in JFAC and
Trusted Systems and Networks (TSN) activities and working groups and assess
compliance with DoD guidelines and federal law to minimize risk to program
capability. Support the Government lead with conducting MDA Quality, Safety,
and Mission Assurance Assessments and compliance assessments. Support and/or
perform quality or compliance assessments of MDA contractors. Coordinate with
MDA Quality, Safety, and Mission Assurance and/or program offices on all
proposed assessment schedules to determine the level of effort required and suitable
timeframes. Facilitate programs as they conduct criticality analysis (e.g.,
identifying/validating Mission Critical Functions, Critical Components), facilitate
and support program validation of the identified threat and vulnerability, facilitate
and support program validation of the identified SwA threat and vulnerability, and
support associated system security engineering and Anti-Tamper functions.
Provide the Government lead with support of PPP activities for MDA programs.
Identify and prioritize security vulnerabilities discovered by vulnerability analysis
tools and develop appropriate remedial countermeasures in the PPP. Support
program office preparation and approval of the PPP and coordination through the
MDA Engineering Board process. Generate unique CPI training materials when
appropriate. Contractor shall prepare, plan, coordinate, conduct, and provide reports
on supply chain risk assessments at contractor facilities during quality or
compliance assessments. Task includes conducting evaluations of PPPs and
Program Protection Implementation Plans (PPIPs) for compliance and efficiency
and submit evaluation/corrective action reports. Assess PPPs, Plans of Action and
Milestones (POA&Ms), CPI assessments, threat assessments, candidate
countermeasures, vendor plans, purchase orders, subcontracting and documentation.
Evaluate corrective actions to security findings and provide assessment to the
proposed corrective action(s) to the Government lead. Develop and maintain an
approved Program Protection evaluation checklist of items that assessors will use as
a basis to conduct evaluations. The checklist should provide guidance to enable an
objective evaluation as whether MDA contractors are complying with applicable
law, regulations and contracted requirements. Support the Government lead by
assisting in coordinating with Defense Counterintelligence and Security Agency
(DCSA) and MDA program offices and participating in Industrial Security
compliance reviews/inspections at MDA offices and contractor facilities. Prepare
an assessment report for Government lead approval and participate in tracking
corrective actions required to completion.
Approved for Public Release
21-MDA-10929 (18 Aug 21)
14HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
2) Perform contractor Supply Chain Risk Management (SCRM), including Foreign
Military Sales (FMS) SCRM, functions and coordinate SCRM activities across the
MDA. Supply SCRM threat support and analysis. Support the Government lead
with coordinating/facilitating SCRM requests (vendor/component reviews) from the
program offices, coordinate proposed task with program offices, analyze threats to
the supply chain, and report Government lead approved SCRM findings to the
requesting program offices. Identify and coordinate SCRM requirements with
Acquisition/Industrial Security. Support the Government lead by providing SCRM
expertise during MDA Quality, Safety, and Mission Assurance Assessments or
compliance assessments. Participate in JFAC and TSN activities and working
groups, and assess compliance with DoD guidelines and federal law to minimize
risk to program capability. Function as the SCRM/TSN Integration Council
(MSTIC) secretariat by planning, organizing, and scheduling MSTIC meetings,
developing meeting minutes, and preparing briefings to support executive level
MSTIC meetings. Assist the Government lead, with execution of element-level
technical reviews in accordance with (IAW) MDA Instruction 5000.20-INS,
“Engineering Technical Review Process.” Tasks include reviews of MDA
Programs’ System Engineering Plan (SEP) and/or System Engineering
Management Plan (SEMP) to ensure adequate incorporation of Program Protection
design considerations via the Systems Security Engineering processes. Conduct
evaluations of additional Program-specific systems engineering considerations
detailed in each element’s PPP. Attend/support Engineering Working Groups,
review PPPs and PPIPs, and, support CPI assessments, and threat assessments.
3) Perform Acquisition/Industrial Security functions and coordinate
Acquisition/Industrial Security activities across the MDA. Assist programs with
developing, updating, and/or implementing the approved Contract Security
Classification Specification (i.e., DD Form 254) for classified requirements.
Analyze and provide updated DD Form 254s for Government approval. Review,
provide analysis of, and assist with tracking contractor-related industrial security
incidents. Notify the Contracting Directorate (MDA/CT) and/or DCSA of
contractor security incidents and report findings via Contract Incident Report.
Coordinate with DCSA and/or MDA Program Offices to participate in Industrial
Security compliance reviews/inspections. Develop and maintain an approved
Industrial/Acquisition inspection protocol/checklist that will objectively evaluate
whether MDA contractors are complying with applicable law, regulations and
contracted requirements. Prepare assessment reports for Government approval and
track corrective actions required to completion. Support the Government lead by
participating in Industrial Security compliance reviews/inspections at MDA
contractor facilities. Support the Government lead by providing Industrial/
Acquisition security expertise during MDA Quality, Safety, and Mission Assurance
Assessments. Support the Government lead by managing Foreign Ownership,
Control or Influence (FOCI) efforts for the Agency. Develop and coordinate
questionnaires, FOCI memorandums, correspondence, and/or National Interest
Determinations (NIDs) for requirements related to cleared defense contractors
Approved for Public Release
21-MDA-10929 (18 Aug 21)
15HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
under FOCI. Retrieve the CFIUS requests from MDA International Security and
evaluate current MDA contracts for impacts. Prepare staffing positions for
approval by the Government lead and provide results to MDA International
Security. Support meetings to discuss requirements/issues.
b. In support of Information Safeguards, the contractor shall assist with orchestrating
protective measures to safeguard MDS information from loss, compromise, or
unauthorized disclosure. The contractor shall support implementation of the MDA
Information Security (INFOSEC) Program IAW DoD, MDA, and other non-DoD
requirements. The contractor shall engage in activities such as performing analysis,
developing plans, attending meetings, preparing reports, conducting surveys,
maintaining and updating databases, and conducting training.
Specifically, the contractor shall:
1) Provide INFOSEC Program Support: Perform reviews of draft Preliminary
Inquiries, recommend document corrections to the Inquiry Official. Coordinate
with the MDA CERT and Classification Management for reported network
spillages. Perform Newcomer Orientation Briefings. Assist in the management of
and providing support to Security Managers as part of the Agency Security
Manager program. Coordinate Quarterly Security Manager meetings. Coordinate
scheduling and perform INFOSEC Reviews (IPRs) of program areas; draft
memoranda for IPR results. Draft memoranda and associated staffing
documentation for task response packages. Maintain metrics; produce monthly and
annual Security Incident status reports and completed IPRs. Travel to perform
IPRs. Monitor the Accountable Mail tracker (AMT) tool and contact senders who
have classified packages that are showing past due. Perform Document Marking
Classification Reviews and document the reviews using the MDA Form 100, the
Program Protection Marking Review Form or forms provided in the tasking. Draft
INFOSEC related Communication Round Table announcements, portal and kiosk
banners. Assist in the management of and providing support to the Agency Top
Secret Control Program. Update task database and file system folders. Maintain
metrics; produce monthly and annual task metric reports.
2) Support the administration of the Agency Operations Security (OPSEC) Program:
Maintain and draft updates as necessary for MDA OPSEC policy documents,
OPSEC instruction, OPSEC Coordinator handbook, and the MDA Master Critical
Information List. Provide assistance to and oversight of OPSEC Coordinators in
developing and implementing their OPSEC programs. Conduct OPSEC
assessments and assist OPSEC Coordinators with their self-assessments; and, draft
associated memoranda. Conduct OPSEC coordination meetings. Draft memoranda
and associated staffing documentation for task response packages. Maintain
metrics and produce monthly and annual OPSEC status reports. Draft OPSEC-
related Communication Round Table announcements, portal and kiosk banners as
part of an OPSEC awareness campaign. Attend installation’s monthly OPSEC
Approved for Public Release
21-MDA-10929 (18 Aug 21)
16HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
meeting and annual OPSEC awareness day. Draft MDA’s annual OPSEC report.
Update task database and file system folders. Maintain metrics; produce monthly
and annual task metric reports.
3) Support the Agency-Wide Declassification Program by performing declassification
reviews in compliance with requirements and procedures outlined in Executive
Order (E.O.) 13526, “Classified National Security Information”; the Atomic Energy
Act of 1954, as amended; and other applicable DoD and MDA policies. MDA
Declassification reviews are page-by-page, line-by-line declassification analysis on
MDA classified historical records 25 years or older.
a) Perform first-level declassification reviews; recommend document disposition
to second-level reviewers. Enter declassification review results in the Agency
tracking database (i.e., Data Acquisition Network Interface (DANI)). Preload
document metadata (e.g., catalog number, pages, title, classification, document
date) in DANI to facilitate review and duplicate document identification. Assist
with Special Media Conversion. Research legacy MDA programs and
recommend declassification program working aid updates.
b) Perform second-level declassification reviews; recommend document
disposition to the Government. Enter declassification review results in DANI.
Attach completed SF 715 to the records. Perform Special Media Conversion.
Research special media conversion capabilities and recommend equipment
purchase to the Government. Perform courier duties. Review records located at
the National Declassification Center (NDC). Research legacy MDA programs
and update declassification program working aids. Draft Standard Operating
Procedures (SOPs) for Declassification Review and Special Media Conversion.
Assist Research Analysts. Assist the Government with declassification
reviewer training. Review and analyze existing and/or new guidance within the
declassification community and MDA Security Classification Guides (SCGs);
identify inconsistencies in the horizontal protection of information, and template
and format issues. Assist with Records Management of the declassification
program. Research legacy MDA programs and recommend declassification
program working aid updates. Draft Declassification policy documents.
Conduct Records Management of the declassification program. Provide
Declassification records request training to the MDA workforce. Maintain
Declassification MDA Knowledge Online (MKO) portal pages. Fulfill records
requests. Coordinate with the Matrix Support Division to ensure current MDA
research and development (R&D) programs have access to classified historical
records pertaining to hypersonic weapon defense, directed energy defense
weapons, space-based defense weapons, and other applicable R&D efforts by
MDA predecessor organizations. Return reviewed records and associated SF
715s to original libraries. Accession records to National Archives and Records
Administration. Perform courier duties. Update and improve DANI, review
Approved for Public Release
21-MDA-10929 (18 Aug 21)
17HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
processes and procedures ensuring compatibility with external and internal
databases (e.g., NDC).
c) Provide the Government lead with projected monthly and annual review plan
including cumulative production projections. Provide detailed status updates
and progress made toward specified goals to review all MDA classified
historical records on schedule before automatic declassification each calendar
year. If monthly target is not completed, develop and provide contingency plan
to meet annual review by end of the calendar year. Provide supervision and
direction to Declassification/Information Safeguards support team.
4) Support implementation of the Classification Management and Security Review for
Public Release programs IAW DoD and MDA requirements.
a) Security reviews supporting public release: Perform reviews of draft documents
intended for release to the public domain and provided by Public Affairs,
Business Operations, Congressional Affairs, General Accountability Office
(GAO)/DoD Inspector General (IG), and Washington Headquarters Services
Office of Security Review; ensure no classified or CUI is released to the public.
Draft memoranda of review results. Draft memoranda and associated staffing
documentation for task response packages, including MDA Form 100s (or
equivalent) if provided with tasking. Maintain metrics and produce monthly
and annual task metric reports. Update task database and file system folders.
b) Security Reviews for Classification: Perform reviews of documents, e-mails,
videos, and pictures for classification to ensure no classified information is
released to the public. Draft classification guidance memorandums. Draft
memoranda and associated staffing documentation for task response packages,
including MDA Form 100s (or equivalent) if provided with the tasking. Assist
in the development and staffing of Agency Security Classification guides to
validate proper format, identify horizontal classification issues, and evaluate
security classification issues. Draft response to Classification Challenges.
Draft responses to Classification Determinations. Maintain metrics; produce
monthly and annual task metric reports. Update Original Classification
Authority training as needed. Coordinate with Information Security and the
MDA CERT for reported network spills. Update task database and file system
folders.
5) Support implementation and management of the MDA Controlled Unclassified
Information program IAW DoD and MDA requirements.
a) Security reviews supporting CUI program: Perform reviews of draft documents
intended for release to outside Agencies to include the public domain and
provided by Agency Program offices, Business Operations, Congressional
Affairs, General Accountability Office (GAO)/DoD Inspector General (IG), and
Approved for Public Release
21-MDA-10929 (18 Aug 21)
18HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
Washington Headquarters Services Office of Security Review; ensure no
classified or CUI is released to the public. Draft memoranda of review results.
Draft memoranda and associated staffing documentation for task response
packages, including MDA Form 100s (or equivalent) if provided with tasking.
Maintain metrics and produce monthly and annual task metric reports. Update
task database and file system folders.
b) Support CUI Program internal decontrol process coordinating products with the
originator of the information, or the original classification authority (OCA) if
identified in a security classification guide. Perform reviews of documents, e-
mails, videos, and pictures for potential to ensure no CUI is released to the
public. Draft CUI guidance memorandums. Draft DoD Implementation Status
Report. Draft memoranda and associated staffing documentation for task
response packages, including MDA Form 100s (or equivalent) if provided with
the tasking. Assist in the development and staffing of CUI agency guidance.
Draft memorandums and information slides for Security Manager training.
Maintain metrics; produce monthly and annual task metric reports. Coordinate
with Information Security and the MDA CERT for reported network spills.
Update task database and file system folders.
c. Matrix Support: The contractor shall provide embedded matrix support to the assigned
MDA Element, in regards to security matters covered in this statement of work, with
reach-back support from Core MDA security program offices. Specifically, as
required, the contractor shall coordinate, synchronize, and assist with administration of
security matters for the assigned MDA Element consistent with the MDA Matrix
Management Handbook.
MDA Element Location
Dahlgren, VA
Sea-Based Weapons Systems (AB)
Pacific Missile Range Facility, HI
Command and Control, Battle
Redstone Arsenal, AL (placeholder)
Management, and Communications (BC)
Test Directorate (DT) Redstone Arsenal, AL
Redstone Arsenal, AL
Innovation, Science and Technology (DV)
Kirtland Air Force Base, NM (placeholder)
Ground-Based Midcourse Defense (GM) Redstone Arsenal, AL (placeholder)
Israeli Programs (IP) Redstone Arsenal, AL (placeholder)
Redstone Arsenal, AL
Sensors Program (SN)
Schriever Space Force Base (SFB), CO
Space Systems (SS) Schriever SFB, CO
Targets and Countermeasures (TC) Redstone Arsenal, AL
Terminal High Altitude Area Defense (TH) Redstone Arsenal, AL
d. Training and Operations: The contractor shall assist in performing and executing all
Security Operations and Enterprise (O&E) functions and activities.
Specifically, the contractor shall:
Approved for Public Release
21-MDA-10929 (18 Aug 21)
19HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
1) Assist the Training and Operations directorate, supporting requirements, policies,
and procedures for Program Protection: Integrate and coordinate inputs, products,
and processes across directorate elements. Coordinate and integrate execution of
directorate requirements and taskings. Develop, execute, document, and assist in
the management of key Program Protection core functions, tasks, and system
engineering processes. Coordinate, integrate, arrange, conduct, and assist in the
management of day-to-day directorate support functions and mission requirements.
2) Assist with administering and executing the DoD security education and
development program: Plan, assess, apply metrics, and develop exams and
certifications. Assess, integrate, validate, and coordinate internal and external
security training and operations reports, presentations, project status updates, and
security management assessments.
3) Assist with assessing requirements and implementing the Security Professional
Education Development (SPeD) program.
a) Prepare the SPeD Implementation Plan and supporting documents. Coordinate
and secure approval. Update and brief Program Protection on the SPeD
Program.
b) Coordinate MDA certification testing and conferral activities, secure approval,
and update the DoD SPeD Program Office. Prepare and maintain certification
support material, and distribute to certification candidates. Prepare status
updates and maintain certification metrics. Track compliance with SPeD
certification requirements.
c) Maintain SPeD database at the MKO, Program Protection Division portal.
d) Develop SPeD Program training plan, secure approval, and conduct training.
Make recommendations for MDA workforce career development and
Functional Career Guide update to incorporate SPeD requirements. Develop
SPeD unique training. Generate SPeD training materials, including using the
DS Directorate, Visual Information Production Center (VIPC) for reproduction
requirements. Coordinate with the Director for Operations Human Resources
office (HR) and provide documentation for participants to receive training credit.
Upgrade materials based on feedback from training.
4) Manage SPeD certification within the Government and contractor workforce.
3.2 Security and Emergency Management
3.2.1 Description – The contractor shall support the Agency’s AT/FP, Physical Security, and
Emergency Management and COOP Programs; and, Test Security.
Approved for Public Release
21-MDA-10929 (18 Aug 21)
20HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
3.2.2 Task Details
a. In support of the Agency’s AT/FP Program, the contractor shall:
1) Assist with planning and assessment of the MDA AT Program. Participate in inter-
and intra-agency collaborative efforts; prepare reports and memoranda. Assist in
revising existing or developing new policies, plans, procedures and training
material; and, make recommendations.
2) Maintain, update and provide AT product related data IAW procedures and policies,
as well as all reportable AT products IAW DoDI 2000.16 Vol 1and 2, DoDI
2000.12, and USNORTHCOM Instruction 10-222.
3) Assist with the review and assessment of construction design drawings, including
renovation, associated requirements documents, and related technical information
for regulatory security compliance at MDA Facilities. Assist in the identification of
AT requirements pertaining to security designs, construction, renovation and/or
modification of Military Construction (MILCON) projects, General Services
Administration (GSA) leased facilities, operational and test program sites. Prepare a
recommended position and/or assessment via memorandum or design comment
matrix form; coordinate and submit final documents for approval.
4) Assist with planning, developing, and executing AT CA and VA assessments.
Document results utilizing the Risk Management Tool Enterprise Protection Risk
Management (EPRM) and the Mission Assurance Risk Management System
(MARMS). Develop mitigations for recommendation to MDA leadership to
reduce risk. Utilize EPRM to develop residual risk after recommended
mitigations are approved and implemented. Prepare and coordinate CA/VA
assessments, checklists, and/or comment matrix and/or memorandums IAW DoD,
MDA host installation and/or USNORTHCOM guidance. Coordinate and submit
for final approval and transmission.
5) Assist with executing the MDA AT Self-Assessment Program IAW
USNORTHCOM AT Benchmarks or MDA approved assessment criteria. The AT
Self-Assessment encompasses the USNORTHCOM Program Review, Local MDA
facility annual self-assessments and Higher Headquarters assessments to host
installations. Engage in Theater, Agency, and/or host installation/facility AT
Program Reviews. Prepare AT Self-assessment package, coordinate, and submit
final documents for approval.
Update, maintain, and assist in executing the MDA AT Level 1 Training
Awareness Program for the MDA Newcomer’s Orientation Program and Cloud
Learning Management System (LMS). Provide briefings/materials for training,
using the DS VIPC for reproduction requirements. Coordinate with HR and
provide documentation for participants to receive training credit. Upgrade
Approved for Public Release
21-MDA-10929 (18 Aug 21)
21HQ0858-21-R-0015
Attachment J-01 Security and CI SOW
briefings/materials based on feedback from training sessions.
Conduct monthly and comprehensive annual reviews to analyze and ascertain
AT Level 1 training completion percentages of MDA personnel at local,
regional, or agency level, as well as pending requirements. Reviews may be
tailored to provide specific information to internal or external organizations.
Prepare monthly training reports to provide complete AT Level 1 training status
and metrics.
Develop, deploy, maintain and assist in executing the Active Shooter Awareness
Program to include preparing Active Shooter training videos, briefings and
media presentations. IAW DoD policy, perform on-going updates and present
Active Shooter training during the MDA Newcomer’s orientation executed
throughout the MDA enterprise.
Plan, participate, and incorporate active shooter based exercises at all levels as a
subset of the Agency’s AT Program. These events are to be conducted IAW the
MDA Executive Director’s guidance on exercise support to MDA FP Program.
Prepare monthly training reports to provide complete Active Shooter training
status and metrics.
Assist in coordinating all exercise activities with the MDA Emergency
Management and Continuity of Operations Division (DSS-E) for scheduling and
deconfliction with host installation activities. Provide Master Scenario Events
List (MSEL) and After-Action Reports (AARs).
Prepare minutes of “Hot Wash” activities, working papers and final AARs as
required.
6) Assist with implementing and executing the Random AT Measure Program
(RAMP) IAW MDA guidelines, including coordinating, distributing, and the
compilation of results which will be transmitted in the format of a final monthly
report.
7) Prepare recommended responses to assigned agency taskings regarding protection of
MDS assets (e.g., TMT or other assigned actions); coordinate, submit response for
final approval and transmission.
8) Assist in the execution of MDA AT Risk-Assessment process IAW DoDI 2000.16
or MDA approved assessment criteria. Participate in Theater, Higher Headquarters,
Agency, and/or host installation/facility annual AT criticality and vulnerability
assessments when MDA facilities and assets are being assessed. Prepare AT
criticality and vulnerability assessment inputs and packages for coordination, and
submit inputs and final documents for approval. Assist in the performance of
assessments at MDA facilities and assets to ensure compliance with the UFC 4-010-
01, DoD Minimum Antiterrorism Standards for Buildings and/or ISC physical
security standards, where applicable. Conduct special event vulnerability
assessments and draft the associated special event vulnerability assessment reports
for MDA events on or off-installation where 300 or more DoD personnel will be
Approved for Public Release
21-MDA-10929 (18 Aug 21)
22You can also read
