Operating Standard for the National Security Framework of Antarctica (NSF-A)

Purpose

To protect sovereign interests, public safety, and operational integrity in Antarctica, the National Security Framework of Antarctica (NSF-A) operates exclusively under a domestic compliance framework. We do not accept or recognise foreign or “international” compliance schemes—including but not limited to ISO standards—within NSF-A jurisdictions and programs. This page explains what that means in practice and how organisations can comply.

Scope: Who this applies to

1. Any organisation seeking to operate, contract, supply, or partner within NSF-A jurisdictions and programmes.
2. All sectors: security, engineering & construction, energy, logistics, ICT, healthcare, education/training, research, hospitality, and public services.
3. All operating modes: permanent, seasonal, expeditionary, and remote service delivery.
4. 
   

Policy Statement

1. Non-Acceptance of Foreign/International Standards: Certifications and marks issued by international or foreign bodies (e.g., ISO/IEC, EN, ANSI, CE, CCC, etc.) are not sufficient for legal operation within NSF-A.
2. Domestic Framework Only: Compliance must be demonstrated against NSF-A Domestic Compliance Framework (DCF) requirements.
3. Evidence Requirements: You may submit prior certifications as informative background only. They do not substitute for NSF-A assessments, audits, or licences.
4. Labeling & Claims: Public claims such as “ISO-certified” must not be presented as proof of compliance for NSF-A activities. Misrepresentation triggers enforcement action.
5. 
   

NSF-A Domestic Compliance Framework (DCF)

The DCF is a living, sector-specific rulebook that defines mandatory controls, assurance levels, and enforcement for activities within NSF-A.

Core Control Domains (non-exhaustive):

1. Governance & Ethical Conduct – legal personhood, beneficial ownership, anti-corruption, conflict-of-interest.
2. Safety & Critical Operations – life safety, industrial safety, high-risk operations, PPE, competency.
3. Security & Protective Services – personnel vetting, site security, incident response, chain-of-custody.
4. Environmental Stewardship – emissions, waste, discharge, wildlife interaction, restoration, decommissioning.
5. Quality & Reliability – process capability, inspection & test, defect controls, acceptance criteria.
6. Cybersecurity & Data Protection – identity, access control, encryption, logging, incident reporting, business continuity.
7. Medical & Public Health – clinical governance for on-site care, pharmaceuticals, medevac protocols.
8. Procurement & Supply Chain – due diligence, traceability, sanctions screening, counterfeit avoidance.
9. Financial & Contractual Controls – billing integrity, tax & duties where applicable, funds segregation, audit trails.
10. Training & Certification – role-based competency, recertification cycles, proctored assessments.

Assurance Levels:

Controls are tiered (AL1–AL4) based on operational risk, population impact, and environmental sensitivity. Your assigned tier determines audit depth and licence conditions.

Approval Pathway

1. Registration & Disclosure
2. Submit legal details, ownership, service scope, and risk profile.
3. Gap Assessment (DCF-MAP)
4. We map your current controls to DCF; international certificates can be uploaded as reference only.
5. Implementation & Evidence
6. Close gaps with required policies, procedures, training, and technical safeguards.
7. Verification & Audit
8. Document review, interviews, test witnessing, field inspection.
9. Licence & Onboarding
10. Issue NSF-A Operating Licence with sector/scope, locations, assurance level, and renewal date.
11. Continuous Compliance
12. Periodic audits, digital monitoring, incident reporting, and change control.

Prevention Measures (Before You Operate)

1. Onboarding Screening: Identity & sanctions checks, beneficial ownership verification, competency validation.
2. Supplier Due Diligence: Sub-tier suppliers must meet DCF; cascading non-compliance is prohibited.
3. Secure-by-Design Templates: NSF-A provides policy and SOP templates to accelerate alignment.
4. Mandatory Training: Role-based courses and proctored exams; refresher cycles enforced.
5. Change Control: New processes, materials, software, or critical staff changes require prior NSF-A approval.
6. Product & Document Marking: Use NSF-A labels and document headers; remove misleading foreign marks from compliance claims.

Enforcement & Sanctions

1. Findings & Corrective Actions: Minor/major findings with time-bound remediation plans.
2. Suspension or Revocation: Immediate for critical risk, misrepresentation, or refusal of audit.
3. Fines & Cost Recovery: For damages, environmental remediation, emergency response, and investigative costs.
4. Contractual Remedies: Termination for cause, performance bonds drawdown, supplier blacklisting.
5. Criminal Referral: Where fraud, falsification, or endangerment is suspected.

Appeals: Formal appeal can be filed within 15 working days of a decision. A separate review panel adjudicates.

Transitioning from International Certifications

We recognise many organisations already hold international certificates. These can help you prepare, but do not confer compliance.

Recommended Transition Steps:

1. Upload your existing control set (e.g., policies, risk assessments, test records).
2. Request a DCF-MAP to see exact deltas vs. NSF-A controls.
3. Prioritise life-safety, environmental, and cybersecurity gaps first.
4. Schedule a Readiness Check before booking your formal audit.

Prohibited or Misleading Claims

1. “ISO/CE/etc. compliant for NSF-A operations” – Not acceptable.
2. “International certification replaces NSF-A licence” – False.
3. “Audited by foreign authority equals NSF-A approval” – Incorrect.

Only statements issued by NSF-A (licences, audit letters, approvals) constitute official compliance status.

Frequently Asked Questions

Do you accept ISO certificates as evidence?

You may submit them as background. They do not satisfy DCF requirements by themselves.

Can we keep ISO for other markets?

Yes. Your non-Antarctic operations are your responsibility. For NSF-A, you must meet the DCF.

Will you map our controls to DCF?

Yes—use the DCF-MAP service. It accelerates remediation planning.

How often are audits?

Based on risk tier and performance history. Expect at least annual surveillance; high-risk operations may have continuous oversight.

Are there temporary waivers?

Case-by-case, time-limited, and only where risk is demonstrably controlled. Waivers are rare and revocable.

How to Get Compliant

1. Create an NSF-A Compliance Account (organisation profile & scope).
2. Book a DCF-MAP (gap assessment).
3. Implement Controls using our templates and guidance.
4. Schedule Verification Audit.
5. Receive Licence & Begin Operations.

For consultations, templates, or audit booking: compliance@nationalecurityframework.org

(If you already submitted materials, include your Organisation ID in the subject.)

Legal Notice

This policy applies to activities licensed, funded, contracted, or otherwise governed by the National Security Framework of Antarctica. Recognition of foreign or international standards is expressly disclaimed for purposes of NSF-A authorisations. Operating without valid NSF-A approvals is prohibited and subject to enforcement.

Quick Links

1. DCF Overview & Control Catalog
2. DCF-MAP (Gap Assessment)
3. Training & Proctoring Portal
4. Incident & Near-Miss Reporting
5. Supplier Due Diligence Checklist

Version: 1.0 • Effective Date: 26 September 2025