National Interest Determinations

In order for a company cleared under a Special Security Agreement (SSA) to have access to proscribed information (proscribed information includes information classified as Top Secret; Communications Security, except classified keys used for data transfer; Restricted Data/Formerly Restricted Data; Special Access Program (SAP); and Sensitive Compartmented Information (SCI)), the Government Contracting Activity (GCA) must formulate a National Interest Determination (NID) that release of proscribed information to the company will not harm the national security interests of the United States. The preparation of the NID is the responsibility of the GCA. It is the responsibility of DSS to determine the need for a NID and to request the NID from the GCA. The determination of the need for a NID or its preparation is never the responsibility of the contractor.

If there is no indication to Defense Security Service (DSS) that the GCA will disapprove the NID, DSS will not delay implementation of a FOCI action plan. The approved NID must be forwarded to DSS by the GCA.

On April 6, 2010, the Information Security Oversight Office (ISOO) of the National Archives and Records Administration issued a rule amending 32 C.F.R. Part 2004 "National Industrial Security Program Implementing Directive No. 1“ which provides a flexible 30-day timeframe for NID decisions, following notice of the request for a NID to the GCA. If no interagency coordination is required, the GCA shall provide a final documented decision on a NID, with a copy to the contractor, within 30 days.

If the proscribed information is owned by or under the control of another agency (e.g., the National Security Agency for Communications Security information), the GCA has 30 days to notify the other agency that concurrence will be required for the NID, then an additional 30 days (for 60 days total) to provide the final documented and concurred upon NID. This allows for the NID process to take longer than 30 or 60 days if the GCA requires additional time due to “special circumstances.”

Each GCA coordinates the prepared NID for signature within their respective organizations. The NID letter must include the name of the company, address, cage code, contract number, project or program name, the specific category of Proscribed Information being authorized for release, the GCAs security point of contact and telephone number and a sentence stating whether the release of the Proscribed Information to the company will harm the national security interests of the United States. It should specifically report the results of the coordination with national authorities on the release of the proscribed information under their jurisdiction (NSA, DoE, DNI, etc.).

A NID is mandatory when a Special Security Agreement is determined to be the FOCI mitigation instrument and the classified contract requires access to proscribed information. NIDs may be required for programs, projects, or specific contracts; if a NID is program or project-specific, a separate NID for individual contracts or orders under the program or project is not required.