The Defense Security Service (DSS) National Industrial Security Program (NISP) Authorization Office (NAO) (formerly known as Office of the Designated Approving Authority (ODAA)) was established in 2004 as an initiative resulting from the DSS overall agency transformation to improve timeliness and consistency through centralized management and de-centralized execution of the assessment and authorization (A&A) process (formerly known as the certification and accreditation (C&A) process). The NAO is accountable for timely, consistent policy implementation and A&A determinations nationwide by DSS. The NAO works closely with cleared defense industry, government contracting activities and other DSS Industrial Security personnel.
The NAO operates based on certain long established DSS A&A doctrines. They are:
The current DSS Assessment & Authorization Process Manual (DAAPM) is a major shift from prior practice in the way System Security Plans are processed at DSS, and provides new roles and responsibilities for cleared Industry Information System Security Managers (ISSM) as well as DSS personnel. These changes are described in detail in the DAAPM. Some changes include:
The NAO is involved in much more than just A&A. The NAO also:
The NAO website is a communication vehicle to provide information and tools to DSS and Industry. Your comments and suggestions are welcomed by sending an email to email@example.com.