1. PISA Program Purpose:

    2. The National Security Agency (NSA) is constantly seeking to expand its industrial base and engage in discussions to encourage and improve industry’s understanding of NSA’s requirements and NSA’s understanding and potential use of industry capabilities. Such discussions will foster industry innovation and development of products, technologies, and services applicable to NSA’s requirements and will enhance NSA’s ability to acquire “state of the art” goods and services. Because many of NSA’s requirements are classified, the most productive discussions can occur only with a company’s representatives who have been authorized access to such information.

    The NSA Directorate of Acquisition and the Associate Directorate for Security and Counterintelligence partnered to create the Provisional Industrial Security Approval (PISA) Sponsorship Program. The Program is a three-year program designed to assist small businesses that are not currently contracting with the Agency, or are contracting in a very limited capacity. To participate in the PISA Program, a company must be registered in both the Central Contractors Registry (CCR) and the NSA’s Acquisition Resource Center (ARC), as well as have attended one of the NSA’s Office of Small Business Programs’ Biweekly Briefings. The company then must have a NSA office with a current or potential need for the capabilities offered by the company submit a technical recommendation to the PISA Program Manager. The PISA Program Office will review the content of each recommendation, in addition to eligibility criteria such as business size, current NSA cleared personnel, and current contracting activity with NSA before approving the technical recommendation.

  2. Process/ Administration:

    3. The PISA Sponsorship Program was established as a collaborative effort between NSA's Acquisition Directorate (DA22) and the Associate Directorate for Security and Counterintelligence (Q) to increase NSA's industrial base within the business community. It is estimated that 6-12 months will be required to complete processing under the PISA Sponsorship Program. The following outlines sponsorship steps in the PISA program:

    • The company must be registered in the Acquisition Resource Center (ARC) before a technical recommendation can be submitted on the company's behalf. To register in the ARC database, companies should log on to NSA's web site at www.nsa.gov. Click on 'business', then click on 'Acquisition Resource Center' and follow the link to the ARC registration.


    • An NSA office with a current or potential need for the capabilities offered by the company submits a technical recommendation to the PISA Program Manager (Attachment A provides a PISA technical recommendation template). The technical recommendation must be signed by an Office Level Manager (Chief, Deputy Chief, Technical Director). The technical recommendation documents the current or potential need for the product, service or other capability offered by the company and the intent that the office will enter into classified discussions with the company to facilitate the potential development and/or provision to NSA of technologies, products or services to meet NSA's requirements. NSA's Industry & Customer Relations Office (ICRO) will review the technical recommendation for completeness, accuracy and legitimacy.


    • NSA will conduct a counterintelligence assessment of the company focusing on any foreign interests. Based on that assessment, NSA will determine if the company can continue its participation in the PISA process.


    • NSA will host a meeting with the company to sign a Memorandum of Understanding, wherein the specific guidelines and responsibilities pertaining to the company's participation in the PISA program will be outlined. At that meeting, NSA will also identify the company's KMPs.


    • After signing the MOU, the company will submit to the PISA Program Coordinator a completed Contractor Position Roster Log (CPRL), which will name up to five individuals, including the KMPs, who will be processed by NSA for granting of SCI access. Two of the five CPRL slots will be designated as rotating. That is, individuals in those CPRL slots can be replaced with other company employees, either as people move to classified contract CPRLs or as other circumstances warrant (i.e. termination of employment, etc.). The PISA CPRL must be kept current by the company. The names of individuals who are removed from the active section of the CPRL will remain listed at the bottom of the CPRL.


    • Information contained in the clearance processing forms must be current within the last 90 days prior to submission to the PISA Program Manager, who will coordinate PISA clearance processing with NSA's Office of Security. NSA initiates the background investigations through its private Background Investigation Providers for those individuals identified on the CPRL. NSA bears the cost for these background investigations. NSA also initiates other necessary security processing, to include polygraph testing.


    • The PISA will be granted by NSA after all of the KMPs have been granted SCI access, which is contingent on favorable security processing. NSA will also sponsor two individuals with SCI access for retention badges so that Company representatives can visit their technical sponsor and others who may benefit from the company's area of expertise. NSA will periodically evaluate the company's progress in engaging in discussions with NSA and in otherwise pursuing efforts to develop technologies, products and/or services that will meet NSA's needs.

  3. Limitations of PISA program:


    • Participation in the PISA program is limited to three years from the date the company signs the MOU.


    • The PISA letter does not equate to a DoD facility clearance and is not portable to other agencies.


    • Companies issued a PISA letter are not authorized to work on NSA classified contracts until they have received a facility clearance from Defense Security Service (DSS).


    • The SCI access granted by NSA is for in-house access at NSA and will not be certified to other agencies.


    • NSA will not provide a Compelling Need Statement or Cryptologic Risk Assessment in support of a waiver to SCI processing requirements.


    • Conditional Certifications of Access (CCA) personnel clearance cases will not be accepted under the PISA Program. CCA cases must be processed as a Single Track case.


    • NSA will not expedite security processing for PISA participants.

    Additional questions concerning the PISA program can be directed to the PISA Program Office via email to pisa@nsa.gov.