Remarks from the Co-Chairs

Mary Griggs
Current Outside Director
Former Director, Industrial Security, Defense Security Service

Farhad Jalinous
Global International Trade and Global Mergers & Acquisitions Practices
White & Case LLP

Open Q&A and Fireside Chat: The Latest on NISPOM, AOPs, Operational Changes, and More Priorities

Audience Polling

The New NISPOM and the New National Interest Determination Exceptions: Unpacking the Real-Life Practical Impact and DCSA Compliance Expectations

Jennifer Brown
Director of Security & FSO/TCO
iDirect Government Technologies

Curtis Chappell
Director of Corporate Security
Thales Defense & Security Inc.

The National Industrial Security Program Operating Manual (NISPOM) became a federal regulation in February 2021. Hear experts discuss the practical changes and how it will affect industry representatives. This session will include live audience polling, and an opportunity to participate on camera for an interactive discussion.

• Who requires additional protocols and National Interest Determinations, and who doesn’t?
• How does the new NISPOM affect a company financially?
• When is a NID required; understanding different (higher vs. lower) levels of classified information and proscribed information (PI), and how PI relates to the NID
• How to manage the NID process (best practices), avoid pitfalls and obtain the requisite approvals
• The role of National Interest Determinations and whether a separate NID is required for each transaction
• Navigating the NID process and best practices for contractors that require NIDs
• The newest challenges to procuring an NID

Review of Sample FCLS

Facility Clearance Documents Under the Microscope: What Can Now Trigger Delays and Denials — and Best Practices for Improved Timelines

Angie Hawkins
Director, FOCI Compliance
Allied Universal

Richard Ray Jr.
Senior Security Manager/FSO/ITPSO
Squadron Defense Group

During this interactive session, speakers and delegates will engage in a “hands-on” exercise of reviewing sample Facility Clearance Documents (FCL). Uncover the lesser-known pitfalls and nuances that can trigger delays and denials.

Part 1: Best Practices Guide to FCL

• Tailoring the documents to the context of your company
• Identifying pertinent data to include for both FOCI and non-FOCI companies
• Determining which factors could increase or decrease the speed of your clearance process
• Concrete examples of how a company can lose its facility clearance and the impact on the business
• Contrasting timelines for FOCI companies verses non-FOCI companies

Part 2: Interactive Benchmarking and Q&A

1:1 Networking

Break

Cybersecurity Maturity Model Certification (CMMC): Where Industry Has Gone Right and Wrong on Supply Chain and Cyber Risk Management

Robert Metzger
Shareholder
Rogers Joseph O'Donnell PC

John H. Young, Jr.
President
Young Consulting Group, LLC.

During this highly anticipated session, hear critical insights on the U.S. DoD’s new Cybersecurity Maturity Model Certification (CMMC), requiring all U.S. DoD contractors and subcontractors to undergo a third-party audit of their cybersecurity programs. Hear concrete examples of where companies have gone right and wrong in recent cybersecurity audits.
Topics will include:

• CMMC Rule implementation within the DFARS and the impact on foreign partners
• What to expect from the assessment process for certification
• Update on the CMMC implementation schedule
• Dispelling common misconceptions about CMMC program requirements
• Role of outside directors and proxies charged with ensuring compliance with mitigation agreement
• The steps necessary to achieve each level of the certification program
• How DCSA is integrating the Cybersecurity Maturity Model into the other IT security requirements for unclassified systems (including Electronic Communications Plans and NIST SP 800-171)?

When FOCI Agreements Can Be Invalidated or Terminated: When and How FIRRMA Agreements are Being Re-Assessed — and Key Factors Affecting Outcomes

Giovanna Cinelli
Partner
Morgan Lewis & Bockius LLP

FIRRMA Agreements (Foreign Investment Risk Review Modernization Act) that are more than 10-years old are now being re-assessed. During this new, critically important session, learn what has helped entities justify their agreements vs. what has led to agreements being invalidated or terminated.

• The outlook for companies who have recently mitigated an acquisition
• Revisiting how FOCI issues are addressed during due diligence and subsequent transaction documents
• Analyzing the effects that FIRRMA has on companies at varying points in the FOCI mitigation and CFIUS approval processes
• Special considerations for coordination across the U.S. government, parties to a transaction, and outside counsel

Break

Sustaining FOCI Mitigation: Balancing the Responsibilities of Outside Directors, Proxy Holders and the Agency in Charge

Robert Metzger
Shareholder
Rogers Joseph O'Donnell PC

Bob “Clete” Boyer
Chief Compliance Officer, Facility Security Officer
Tactical Air Support Inc.

Drew Winneberger
CEO
Winn Consulting Solutions, LLC

• Heightened challenges that are unique to FOCI-mitigated companies
• Fostering a strong relationship between company management, compliance staff, and Outside Directors/Proxy Holders
• How (and how not) to address compliance concerns and issues as they arise
• Ascertaining priorities of the FSO, CSO or GC of the FOCI- mitigated company
• How DCSA now supervises compliance
• Best practices for effective reporting
• The duties of Outside Directors and Proxy Holders in monitoring the FOCI mitigation plan
• When should DCSA permit Outside Directors who are not completely “disinterested” in the entity under FOCI
• The evolving requirements related to the roles and qualifications of Outside Directors/Proxy Holders in the National Industrial Security Program
• Key misconceptions about visitations, and what is considered a “routine business” visit
• How are companies putting together their FOCI mitigation for ITAR, EAR, and sanctions -for export control proposes?
• The current usage and outlook for Tailored Security Plans (“TSP”)

M&A: Anticipating and Planning for the Expected and Lesser-Known FOCI Issues

Jill McClune
General Counsel, US
Avon Protection Systems, Inc.

Karalyn Mildorf
Partner
White & Case LLP

• Identifying and addressing FOCI issues during due diligence
• Addressing risk in transactional documents
• Managing the timeline: FOCI mitigation considerations that can delay the deal timeline and/or jeopardize the target’s facility security clearances
• How to effectively manage and coordinate FOCI and CFIUS processes

Break

AOP

The Affiliated Operations Plan (AOPs) in Practice: Special Briefing on How FOCI- Mitigated Companies Are Fine Tuning Interactions with Affiliates

Mary Griggs
Current Outside Director
Former Director, Industrial Security, Defense Security Service

Diana Thornton
Director Security
Wood Programs Inc.

Take the opportunity to turn on your video and audio to participate in the live discussion.

• Differences in AOPs for SSAs and Proxy Agreements
• How to customize an AOP for your company to maximize
• efficiencies while meeting DCSA requirements
• Mapping out intended affiliated operations, including administrative support and commercial interactions
• Identifying FOCI risks and how to specifically mitigate them
• Developing a successful AOP proposal
• Identifying potential affiliated operations that make sense, or whether you are already engaging in affiliated operations
• Best practices and pitfalls to avoid when drafting and submitting an AOP
• Key strategies for mitigating and managing affiliated operations
• Developing internal steps to ensure you are properly mitigating potential risks
• Monitoring of Affiliated Operations: How the Government Security Committee (GSC) and FSO ensure compliance

HYPOTHETICAL SCENARIOS

Parent – FOCI Company Relationships: The Do’s and Don’ts

Robert Geckle
SVP, COO and Head of Corporate Functions
AIRBUS U.S. Space & Defense, Inc.

Shannon Reaves
Partner, National Security/CFIUS/ Compliance
Stroock

Pamela Drew
Outside Director
QinetiQ Inc.
Outside Director
Serco Proxy Director, Ultra Electronics

• Real-world examples of how to develop and sustain a successful relationship between a FOCI-mitigated company and its parent
• What makes these arrangements work — and how to overcome challenges
• Tackling complex issues, including under Affiliated Operations
• Plans
• Identifying potential affiliated operations that make sense, or whether you are already engaging in affiliated operations
• Best practices and pitfalls to avoid when drafting and submitting an AOP
• Key strategies for mitigating and managing affiliated operations
• Developing internal steps to ensure you are properly mitigating potential risks

Closing Remarks from the Co-Chairs