NISP Authorizing Official, Critical Technology Protection
2022 Joint NDIA/AIA Spring Industrial Security Conference
In March 2021 David Scott was appointed the NISP Authorization Official in the Industrial Security Directorate (ISD) at headquarters. He is responsible for the NAO program’s application of Risk Management Framework (RMF) Assessment & Authorization process of cleared industry information systems. Mr. Scott provides policy interpretation, guidance and procedures to NISP government and industry stakeholders. In May 2017, he served as the DCSA Capital Region Authorization Official (AO) responsible for oversight and protection of classified systems in the National Capital Region (NCR). He provided guidance and leadership to a regional team of Information System Security Professionals (ISSP) that executed the agency mission of validating industry System Security Plans (SSP), conducted Security Vulnerability Assessments & Administrative Inquiries (AI), serve as Command Cyber Readiness Inspection (CCRI) reviewers, as well as many other security oversight functions.
Mr. Scott joined DCSA in 2010 after spending eleven years as a defense contractor holding positions as Systems Administrator, COMSEC Custodian, Information Systems Security Officer and Division Information Systems Security Manager. Mr. Scott served as a Sr. Information Systems Security Professional, at DCSA (formerly DSS) Headquarters. As a member of the NAO (formerly ODAA) HQ staff, he provided expertise on myriad issues that impact the DCSA mission as well as serve as the agency SIPRNet and CCRI Program Lead.
He holds a bachelor’s degree in Business Administration from the University of Virginia at Wise and holds Cyber/IT certifications of Certified Information Systems Security Professional (CISSP) and CompTIA Security+.