Avoid Costly SCIF Accreditation Pitfalls
There are many products on the market labeled as a “SCIF”(Sensitive Compartmented Information Facility) or SAPF’s (Special Access Program Facility), which are not suitable for all environments. A SCIF is not a SCIF until it gets accredited, and a SCIF doesn’t get accredited until all technical and policy objectives are met. Construction or establishment of a SCIF is dependent upon many factors beyond the physical construction features of the facility. Establishing a SCIF must also take into consideration operational security (OPSEC), “Inspectable Space” and Security in Depth (SID) requirements. Most critically, accrediting a SCIF begins with a collaborative relationship with an “AO” (Accrediting Official).
Every SCIF must be custom designed for its unique application
A SCIF must be designed to address the specific threats and vulnerabilities for its intended use, which in turn drives the CSP (Construction Security Plan) and TEMPEST requirements at every site. The types of operations that will occur within the SCIF also play a significant factor. This can also change the technical security needs and countermeasures of the SCIF, particularly in regard to the need for surreptitious entry protection.
Did you know:
- Using equipment that emits a high RF signature can increase your RF shielding requirements
- Increased or reduced setback from your Inspectable Space perimeter can also affect RF shielding requirements
- Installing a video teleconference (VTC) or other kinds of amplified sound can increase your acoustic requirements
- Open storage accreditation may dictate enhanced countermeasures
That is why Armag custom-designs each SCIF to be fully policy compliant while keeping in mind the potential threats, intended use and site-specific requirements.
If two manufacturers design the same product, does it mean that both products can be accredited?
Certainly not. There are critical factors that are often overlooked when considering a manufacturer. Construction of a SCIF has as much to do with the construction process, as it does for construction design. When comparing manufacturers, you need to consider their security in depth, adherence to policy compliance, quality standards and workmanship.
Additionally, the SCIF manufacturer must protect the construction process from exploitation, including essential factors such as:
- Who is allowed to construct the SCIF, or even have access to the construction area?
- Is there a Construction Security Plan (CSP) in place at the manufacturing location?
- Consideration of the materials being installed in the SCIF. Do the materials come from a foreign source, are they properly screened and inspected? How are materials intended for the SCIF/SAPF stored?
- Protecting the chain of custody of the SCIF. A transportable SCIF must leave the secure environment for some period to travel to its destination. How is the SCIF secured during transport? Has a transportation security plan been established and followed?
Armag Guarantees Accreditation
There is no guessing or concerns over accreditation when you work with Armag. We provide on-site subject matter expertise (SME) support at all stages of your project, ensuring rigorous compliance with US Government (USG) requirements concerning ICD 705 and related standards. We offer unparalleled accreditation assistance which enables us to confidently guarantee accreditation for every SCIF we build.
Just because you see a product branded on the internet as a “SCIF” does not mean that it will be accredited for use. For accreditation, a SCIF must be custom designed and manufactured to exact specification within a controlled and secure manufacturing facility, which is accountable for all materials, operations, and processes.
Contact an ARMAG SCIF expert to discuss your upcoming SCIF/SAPF requirements today.