DOW Physical Security Role-Based Certification (RBC)

SFPC logoReady to Prove Your Competency? Start Here. As a core component of the Department of War (DOW) Physical Security Role-Based Certification (RBC), the Physical Security and Asset Protection (PY201.01/PY201.10) course is designed to formally validate your on-the-job competence. The curriculum moves beyond theory, mapping directly to the real-world behaviors required of an effective physical security professional. Through a series of practical, scenario-based assessments, you will consistently prove your ability to perform your duties. This program ensures that upon completion, you are not just 'trained', but officially verified as competent in your critical security role.  

Physical Security Specialist Roles and Responsibilities: DOW Physical Security Specialists are responsible for the planning and management of physical security programs designed to protect people, information, equipment, facilities, activities, and operations (PIE-FAO). This RBC is appropriate for security professionals who oversee or support a DOW Physical Security Program. It provides the essential knowledge to develop the skillset to effectively manage the full spectrum of physical security responsibilities, from risk analysis to briefing commanders. 

Category

Skills

Risk Management

Threat & Vulnerability Analysis, Risk Mitigation Methodologies

Security Planning

Physical Security Plan Development, Asset & Stakeholder Identification

Security Implementation

Access Control, SCIF Requirements, AA&E Storage, Countermeasures

Program Management

Cost-Benefit Analysis, Justification, Briefing & Recommendations

Coordination

Collaboration and communication with internal/external stakeholders


Outcome: Learners will be equipped with critical thinking and problem-solving skills to apply effective solutions to real-world physical security issues.

DOW Information Security Certification Requirements 
To earn the DOW Information Security Certification, you must successfully complete the following four phases in order. 
 
Phase 1:  Complete Prerequisite eLearning Courses 
Before you can enroll in the main certification course, you must first complete and pass the following self-paced eLearning courses and the final capstone assessment. The capstone will unlock automatically only after all other prerequisites have been completed. 
  • Introduction to Physical Security (PY011.06) 
  • Exterior Security Lighting (PY109.06) 
  • Electronic Security Systems (PY250.06) 
  • Physical Security Measures (PY103.06) 
  • Physical Security Planning and Implementation (PY106.06) 
  • Lock and Key Systems (PY104.06) 
  • Storage Containers and Facilities (PY105.06) 
  • Risk Management for DOD Security Programs (GS102.06) 
  • Protected Distribution System (CS140.16) 
  • ICD 705 Physical Security Construction Requirements for SAP (SA501.06) 
  • Capstone: Physical Security Virtual Environment Assessment (PY108.06) 
Phase 2: Attend an Instructor-led Course  
After completing all prerequisites, you must enroll in and attend the Physical Security and Asset Protection (PY201.01/PY201.10) course. This intensive course is offered as a 5-day instructor-led training (ILT) or a 21-day virtual instructor-led training (VILT). 

Course Requirements & Expectations: You will be required to review all lesson materials and participate in all graded activities. These activities are designed to build critical thinking and require you to analyze regulatory guidance and apply key concepts to practical scenarios. Graded activities include: 
  • Practical exercises 
  • Quizzes 
  • Discussion forums 
  • A final capstone project 
Time Commitment: To be successful, you must commit to full-time attendance for the entire duration of the course. 

Note: For the VILT this has been estimated at an average of 4 hours per day of work. 
 

Phase 3: Successfully Complete the Course  
To pass the course, you must earn a cumulative average of 80% or higher on all graded coursework. This includes all practical exercises, activities, discussion questions, and the final capstone project. 

Phase 4: Pass the Final Certification Exam  
The final step to earning your certification is passing the comprehensive final exam administered at the conclusion of the PY201.01 course. You must pass this exam with a minimum score of 80% to earn the DOW Physical Security Certification. 

To understand the specific responsibilities of a DOW Physical Security Specialist and grasp what effective implementation looks like in practice, select a topic from the chart below. Each section details the duties and responsibilities covered in the certification. 

Responsibility

Implementation looks like...

Analyze Threats and Risks

Conducting risk assessments to evaluate potential risks and vulnerabilities to assets throughout their life cycle. 

Advise on Risk

Advising and representing your activity head on all physical security risk management matters. 

Apply Methodologies

Applying various methodologies to effectively manage and mitigate identified risks to DOW/DOD assets. 

Responsibility

Implementation looks like...

Develop Security Plans

Examining and assembling all necessary components of a comprehensive physical security plan.  

Identify Key Elements

Identifying critical assets, key stakeholders, and the required physical security protections for each. 

Develop Security Plans

Examining and assembling all necessary components of a comprehensive physical security plan.  

Integrate Policy

Ensuring the physical security plan is in full compliance with all DOW, DOD, and national-level regulatory guidance. 

Responsibility

Implementation looks like...

ISP Personnel Integrity and Accountability

Contractors: 

  • Ensuring contractors who are responsible for security administration and support tasks are clearly distinguished in terms of their roles, functions, and capacities. This is necessary to avoid any confusion regarding which security personnel have the authority to perform inherently governmental tasks and which do not. 
  • Ensuring work-related tasks and responsibilities that are considered inherently governmental, as specified in policy guidance, are not performed by contractors. These activities include: 
    • Making original classification decisions 
    • Approving or issuing security policy 
    • Making decisions related to foreign disclosure, public release, or classification challenges 
  • Conducting security investigations to determine fault involving government or contract personnel (except for preliminary inquiries). 

Security Oversight Coordination

Designate as applicable, Top Secret Control Officer (TSCO), Top Secret Control Assistants (TSCAs), and Security Assistants: 

  • Designating a TSCO as required by policy. 
  • Providing guidance, direction, coordination, and oversight to designated ASMs, TSCOs, TSCAs, security assistants, and others in security management. 
  • Assigning security assistants to carry out administrative security functions, as applicable. 
  • Following the requirements of Intelligence Community Directive 703 by designating an SSO for the activity.  
    • Coordinate with SSO to designate alternate SSOs as needed. These designations must be in writing and apply to any activity that is accredited and authorized to receive, use, and store SCI.   

Foreign National Personnel Cognizance

Foreign Nationals: 
Recognizing and enforcing the restrictions that apply to foreign nationals in relation to the ISP. Foreign nationals should not: 

  • Have the authority to approve or issue policy. 
  • Be involved in making original classification or declassification decisions. 
  • Oversee the foreign disclosure process or make decisions in that regard. 
  • Oversee or coordinate decisions related to public release. 
  • Be responsible for overseeing the security incident process or ensuring that security actions and corrective measures are implemented. 

Responsibility

Implementation looks like...

IT Coordination

Preventing the inadvertent disclosure of DOD information to unauthorized individuals, by coordinating with your AO and IT staff to establish proper procedures for the disposal of computer hard drives when remediating a spillage. These procedures should specifically address the removal of U.S. Government data from hard drives prior to disposal.

Stakeholder Coordination 

Working with all stakeholders and officials both internally and externally to ensure the proper security measures for the classification, safeguarding, transmission, declassification, and destruction of all classified information. These individuals include the SSO, the SAP Security Officer, the Information Systems Security Officer (ISSO), Counterintelligence (CI), and OPSEC.

Department of Energy (DOE) Coordination

Ensuring, as applicable, DOE classified information is protected and handled by personnel that have access as required by the Atomic Energy Act (AEA). 

SCG Coordination

Ensuring SCG Coordination: 

  • Coordinate with originating organizations and OCAs, as necessary, for the distribution of SCGs. 
  • Coordinate the preparation, dissemination, and maintenance of SCGs under your activity’s jurisdiction, as required. 

Leadership Coordination

Coordinating with the head of your activity and component on a regular basis to ensure effective communication about all program oversight and implementation practices that they are ultimately responsible for. 

FDO Coordination

Collaborate, as necessary, with the FDO to address all aspects related to the disclosure of classified information and CUI to foreign governments and international organizations as outlined in DODD 5230.11, Disclosure of Classified Military Information to Foreign Governments and International Organizations.

Feedback/suggestions? Email