VS-NFD Monitoring & Regular Checks

The German Classified Information Instruction (Verschlusssachenanweisung, VSA) mandates that the security officer conducts unannounced spot checks to verify that classified materials are correctly graded, marked, and stored. Additionally, IT security components must be checked for proper use, access rights reviewed regularly, and audit trail data evaluated. The security documentation must be reviewed for completeness at least every three years. ADVISORI supports organisations in establishing and conducting these control processes.

Physical security monitoring for VS-NfD covers access controls to classified areas, proper storage in approved containers, verification of marking and registration, and inspection of transport and shipping routes. IT systems and data carriers must be checked for malware before processing VS-NfD materials, with these checks repeated at regular intervals. The monitoring also includes environmental controls and protection against espionage and sabotage.

The Geheimschutzbeauftragter (security officer) holds overall responsibility for all VS-NfD control measures. Core duties include conducting unannounced spot checks, verifying correct classification of materials, ensuring compliance with the VS-NfD guidelines, evaluating security incidents, updating the security documentation, and reporting to the competent authority. ADVISORI advises on building efficient control structures for security officers.

The frequency depends on the control area: spot checks by the security officer are irregular and unannounced. Security documentation must be updated with every security-relevant change, with a full review at least every three years. Access rights require regular reviews and automatically expire when no longer needed. Audit trail data must be continuously evaluated. Records of all checks conducted must be retained for five years.

When VS-NfD regulations are breached, the security officer must document the incident, analyse the root cause, and initiate countermeasures. Depending on severity, reporting obligations to the BSI (Federal Office for Information Security) or the competent security authority apply. Repeated violations may result in revocation of the security clearance for classified information access and disciplinary or criminal consequences. Continuous monitoring helps detect and prevent breaches early.

VS-NfD monitoring goes beyond standard IT security monitoring by addressing specific requirements of the Classified Information Instruction: only BSI-approved products and systems may be used, special encryption and access control requirements apply, and logging must comply with the Geheimschutzhandbuch (security manual). Physical and personnel security aspects must also be monitored, which are not covered in typical IT security monitoring.

VS-NfD monitoring documentation must cover: records of checks conducted and security-relevant findings (retention period: five years), security documentation with all relevant changes, evidence of access authorisations and their reviews, audit trail evaluations, and reports on security incidents and corrective actions taken. ADVISORI helps create audit-proof documentation templates.