NISPOM

What is the NISPOM ?

The National Industrial Security Program (NISP) is the nominal authority in the United States for managing the needs of private industry to access classified information. A major component of the NISP is the NISP Operating Manual, also called NISPOM, or DoD 5220.22-M. The NISPOM establishes standard procedures and requirements for the protection of classified information disclosed to or developed by contractors, licensees, grantees, or certificate holders to prevent unauthorized disclosure. 

The NISPOM covers the entire field of government industrial security including data sanitization. Furthermore, the NISPOM does not actually specify any particular method. Standards for sanitization are left up to the Cognizant Security Authority. The Defense Security Service provides a Clearing and Sanitization Matrix (C&SM) which does specify methods.  

This solution will provide your organisation guidance on how to gain and maintain compliance with the NISPOM.