Secure Defense Consulting® Incorporated         Home Our credentials For government For industry JPAS info Newsletter Contact us

Electronic Communications Plan (ECP)

consulting services

We provide consulting services to help our clients implement an

Electronic Communications Plan (ECP) that will be acceptable to the

Defense Security Service (DSS) for the mitigation of the client's

Foreign Ownership, Control or Influence (FOCI). The degree and nature of

Foreign Ownership, Control, or Influence (FOCI) over the company

determines what FOCI mitigation agreements would be adequate for the

Defense Security Service (DSS) to grant a facility security clearance

(FCL). The FOCI mitigation agreement called a Board Resolution does not

generally require that an Electronic Communications Plan (ECP) be

implemented along with it. However, if a Security Control Agreement (SCA)

is used as the FOCI mitigation measure, then an Electronic

Communications Plan (ECP) may be required. A Special Security

Agreement (SSA) always requires an accompanying Electronic

Communications Plan (ECP), as do Proxy Agreements (PA) and

Voting Trust Agreements (VTA).

Though the above Foreign Ownership, Control or Influence (FOCI)

mitigation measures can be cumbersome for companies to implement, it is

typically the Electronic Communications Plan (ECP) that is the

biggest hurdle for them to clear. Electronic Communications Plans cover

telephones, video conferences, facsimile, cellular phones, PDAs, and all

other computer communication, including e-mails and server access.

Extensive, comprehensive information security measures and continuous

monitoring of those measures are required in order for the Defense

Security Service (DSS) to approve an Electronic Communications

Plan (ECP). Our consulting team can review your information security

framework and provide the necessary expertise in:

• facility and personnel security clearances (FCLs and PCLs)

• Foreign Ownership, Control, or Influence (FOCI) mitigation

• information system user identification and authentication

• system auditing and accountability procedures

• policies for configuration management and incident response

• contingency planning

• application partitioning

Please contact us to discuss your situation. We'll gladly tailor our services to

your unique needs and circumstances.

< Back to list of Services