Tag: security plan

SCIF vs. SAPF

By: Colene King

 

SCIF and SAPF high security facilities appear identical and are used for the same function: to store, utilize, and discuss sensitive information. Their delineation occurs in their intended user.

 

 

When it comes to the construction of new SCIFs and SAPFs, there are strict guidelines that must be followed. These guidelines are laid out in the ICD 705 Technical Specifications (Tech Spec, for short). The Office of the Director of National Intelligence (ODNI) establishes the guidelines & standards set forth in the ICD 705. ODNI is responsible for the management, processing, and safeguarding of information for the United States.

 

Some of the construction items covered in the ICD 705 include:

  • Physical Security and Hardening
  • Acoustic Controls
  • Visual Controls
  • Alarms and Access Control
  • Electronic and TEMPEST Security

Prior to the roll out of the ICD 705 (2010), SCIFs and SAPFs were built with different standards and processes. When the Tech Spec came out, it created a set of mutually accepted standards to ensure the safeguarding of national security.

 

In 2004, the Department of Defense began using their own set of standards and processes for SAPFs to protect national security. The DoD followed the guidelines of a document titled JAFAN 6/9.

 

The intelligence community, on the other hand, had a different set of standards prior to the ICD 705 being released. Beyond that, each agency within the intelligence community followed their own set of standards when it came to classified information. This made it nearly impossible to repurpose a SCIF to be used by another agency. The facility would need to undergo a significant renovation to become usable by the new agency.

 

When the ICD 705 was created in 2010, each agency in the intelligence community adopted these standards. The adoption of uniform standards within the ICD 705 allowed SCIFs to be easily repurposed between agencies.

 

However, the DoD was a later adopter; it took six years for this organization to implement the Tech Specs. In 2016, the Department of Defense integrated ICD 705 into their own 5205.7 manual. This created more reciprocity between the Department of Defense and the Intelligence Community.

 

SCIFs and SAPFs are now both built to the same standards, however, some procedural standards for facility accreditation don’t align. Each facility appoints an Accrediting Official; this delegate is responsible for accrediting the space and entering the facility’s information into the national repository.

 

Although SCIFs and SAPFs aren’t identical, they are more reciprocal now than they’ve ever been. Whether you are looking for a SCIF or a SAPF, KL Security is here to help you along the way. You can trust us to stay current will any and all construction standards required to safeguard sensitive information.

 

For more information or to request a quote

Call 866-867-0306 or email [email protected]

Illinois Craft Grower License Application Emergency Rule Update

NOTICE OF EMERGENCY RULES ANNOUNCED TODAY

Today, the state of Illinois released updated rules and requirements for applications of the Craft Grower license and Infuser License.

The full set of rule updates can be found here:

 

Highlights include:

“The Department and law enforcement agencies shall have the ability to access a cultivation center’s security alarm system in real-time”

 

Security Plan and Record keeping (145 points):
A) Measure 1 (40 points): The applicant’s security plan demonstrates
its ability to prevent the theft or diversion of cannabis and how the
plan will assist ISP, the Department, and local law enforcement.

Specifically, it shall evidence compliance with all items in Sections
1300.180 and 1300.185 of this Part.

B) Measure 2 (40 points): The applicant demonstrates that its plan for
record keeping, tracking and monitoring inventory, quality control
and security, and other policies and procedures will discourage
unlawful activity. It also describes the applicant’s plan to
coordinate with, and dispose of unused or surplus cannabis through
ISP, and the Department.

C) Measure 3 (40 points): The applicant’s security plan shall describe
the enclosed, locked facility that will be used to secure or store
cannabis, its security measures, including when the location is
closed for business, and the steps taken to ensure that cannabis is
not visible to the public.

D) Measure 4 (25 points): The applicant’s plan to apply for a
transporter license or plan to work with a licensed transporter and
the applicant’s procedures for safely and securely delivering
cannabis and cannabis-infused products to cannabis business
establishments

 

 

“Enclosed, Locked Facility” means a room, greenhouse, building, or other
enclosed area equipped with locks or other security devices that permit access only by cannabis business establishment agents working for the licensed cannabis business establishment or acting pursuant to the Act to cultivate, process, store, or distribute cannabis. [410 ILCS 705/1-10]”

 

Per Section 1300.30

Authorized On-Premises Storage. A cultivation center is authorized to store
cannabis and cannabis-infused products inventory on the licensed premises. All inventory stored on the licensed premises must be secured in a limited access area and tracked using the inventory and security requirements of this Part.