Was this page helpful?

Security Incident Investigations

Security Incident Investigations (SIIs) occur when there is a known or suspected loss of national security information (NSI) or controlled unclassified information (CUI). InfoSec personnel conduct SIIs to determine the circumstances surrounding an actual, or potential compromise, of NSI or CUI to determine individual responsibility, notifying outside stakeholders when necessary, and making recommendations to prevent similar occurrences going forward. Such investigations often necessitate partnership with Personnel Security (PerSec) regarding suspension of an individual’s clearance and continued access to NSI, and coordination with Human Resources if such an action would affect an individual’s ability to remain in their current position or regarding individuals who hold positions of trust who are suspected of mishandling or losing CUI.