NISP Operating Manual (NISPOM)
NISP OPERATING Manual (NISPOM)
FOREWORD
On behalf of the Secretary of Defense as Executive Agent, pursuant to Executive Order 12829, "National Industrial Security Program" (NISP), and with the concurrence of the Secretary of Energy, the Chairman of the Nuclear Regulatory Commission, and the Director of Central Intelligence, I am pleased to promulgate the inaugural edition of the NISP Operating Manual (NISPOM). The NISPOM was developed in close coordination with industry and it represents a concerted effort on behalf of hundreds of individuals throughout the Executive Branch and industry.
I believe the NISPOM represents the beginning of a new industrial security process which is based on sound threat analysis and risk management practices and which establishes consistent security policies and practices throughout the government. I also believe it creates a new government and industry partnership which empowers industry to more directly manage its own administrative security controls.
The President has recently created a Security Policy Board to ensure the protection of our nation's sensitive information and technologies within the framework of a more simplified, uniform and cost effective security system. The Security Policy Board and the Executive Agent will continue the process of consultation with industry on the NISPOM to make further improvements, especially in the complex and changing areas of automated information systems security and physical security.
All who use the NISPOM should ensure that it is implemented so as to achieve the goals of eliminating unnecessary costs while protecting vital information and technologies. Users of the NISPOM are encouraged to submit recommended changes through their Cognizant Security Agency to the Executive Agent's designated representative at the following address:
Department of Defense Assistant Secretary of Defense for Command, Control, Communications and Intelligence ATTN: DASD(I&S)/CI&SP, Room 3E160 6000 Defense Pentagon Washington, D.C. 20301-6000
The NISPOM replaces the Department of Defense Industrial Security Manual for Safeguarding Classified Information, dated January 1991.
John M. Deutch
Deputy Secretary of Defense
CHAPTER 1
General Provisions And Requirements
1-100. Purpose.
This Manual is issued in accordance with the National Industrial Security Program (NISP). The Manual prescribes requirements, restrictions, and other safeguards that are necessary to prevent unauthorized disclosure of classified information and to control authorized disclosure of classified information released by U.S. Government Executive Branch Departments and Agencies to their contractors. The Manual also prescribes requirements, restrictions, and other safeguards that are necessary to protect special classes of classified information, including Restricted Data, Formerly Restricted Data, intelligence sources and methods information, Sensitive Compartmented Information, and Special Access Program information. These procedures are applicable to licensees, grantees, and certificate holders to the extent legally and practically possible within the constraints of applicable law and the Code of Federal Regulations.
1-101. Authority.
a. The NISP was established by Executive Order 12829, 6 January 1993, "National Industrial Security Program" for the protection of information classified pursuant to Executive Order 12356, April 2, 1982, "National Security Information," or its successor or predecessor orders, and the Atomic Energy Act of 1954, as amended. The National Security Council is responsible for providing overall policy direction for the NISP. The Secretary of Defense has been designated Executive Agent for the NISP by the President. The Director, Information Security Oversight Office (ISOO) is responsible for implementing and monitoring the NISP and for issuing implementing directives that shall be binding on agencies.
b. The Secretary of Defense, in consultation with all affected agencies and with the concurrence of the Secretary of Energy, the Chairman of the Nuclear Regulatory Commission and the Director of Central Intelligence is responsible for issuance and maintenance of this Manual. The Secretary of Energy and the Nuclear Regulatory Commission shall prescribe that portion of the Manual that pertains to information classified under the Atomic Energy Act of 1954, as amended. The Director of Central Intelligence shall prescribe that portion of the Manual that pertains to intelligence sources and methods, including Sensitive Compartmented Information. The Director of Central Intelligence retains authority over access to intelligence sources and methods, including Sensitive Compartmented Information. The Director of Central Intelligence may inspect and monitor contractor, licensee, and grantee programs and facilities that involve access to such information. The Secretary of Energy and the Nuclear Regulatory Commission retain authority over access to information under their respective programs classified under the Atomic Energy Act of 1954, as amended. The Secretary or the Commission may inspect and monitor contractor, licensee, grantee, and certificate holder programs and facilities that involve access to such information.
c. The Secretary of Defense serves as Executive Agent for inspecting and monitoring contractors, licensees, grantees, and certificate holders who require or will require access to, or who store or will store classified information; and for determining the eligibility for access to classified information of contractors, licensees, certificate holders, and grantees and their respective employees. The Heads of agencies shall enter into agreements with the Secretary of Defense that establish the terms of the Secretary's responsibilities on their behalf.
d. The Director, ISOO, will consider and take action on complaints and suggestions from persons within or outside the Government with respect to the administration of the NISP.
e. Nothing in this Manual shall be construed to supersede the authority of the Secretary of Energy or the Chairman of the Nuclear Regulatory Commission under the Atomic Energy Act of 1954, as amended; or detract from the authority of installation Commanders under the Internal Security Act of 1950; the authority of the Director of Central Intelligence under the National Security Act of 1947, as amended, or Executive Order No. 12333 of December 8, 1981; or the authority of any other federal department or agency Head granted pursuant to U.S. statute or Presidential decree.
1-102. Scope.
a. The NISP applies to all executive branch departments and agencies and to all cleared contractor facilities located within the United States, its Trust Territories and Possessions.
b. This Manual applies to and shall be used by contractors to safeguard classified information released during all phases of the contracting, licensing, and grant process, including bidding, negotiation, award, performance, and termination. This Manual also applies to classified information not released under a contract, license, certificate or grant, and to foreign government information furnished to contractors that requires protection in the interest of national security. The Manual implements applicable Federal Statutes, Executive orders, National Directives, international treaties, and certain government-to- government agreements.
c. If a contractor determines that implementation of any provision of this Manual is more costly than provisions imposed under previous U.S. Government policies, standards or requirements, the contractor shall notify the Cognizant Security Agency (CSA). The notification shall indicate the prior policy, standard or requirement and explain how the NISPOM requirement is more costly to implement. Contractors shall, however, implement any such provision within three years from the date of this Manual, unless a written exception is granted by the CSA. When implementation is determined to be cost neutral, or where cost savings or cost avoidance can be achieved, implementation by contractors shall be effected no later than 6 months from the date of this Manual.
d. This Manual does not contain protection requirements for Special Nuclear Material.
1-103. Agency Agreements.
a. E.O.12829 requires the heads of agencies to enter into agreements with the Secretary of Defense that establish the terms of the Secretary's responsibilities on behalf of these agency heads.
b. The Secretary of Defense has entered into agreements with the departments and agencies listed below for the purpose of rendering industrial security services. This delegation of authority is contained in an exchange of letters between the Secretary of Defense and: (1) The Administrator, National Aeronautics and Space Administration (NASA); (2) The Secretary of Commerce; (3) The Administrator, General Services Administration (GSA); (4) The Secretary of State; (5) The Administrator, Small Business Administration (SBA); (6) The Director, National Science Foundation (NSF); (7) The Secretary of the Treasury; (8) The Secretary of Transportation; (9) The Secretary of the Interior; (10) The Secretary of Agriculture; (11) The Director, United States Information Agency (USIA); (12) The Secretary of Labor; (13) The Administrator, Environmental Protection Agency (EPA); (14) The Attorney General, Department of Justice; (15) The Director, U.S. Arms Control and Disarmament Agency (ACDA); (16) The Director, Federal Emergency Management Agency (FEMA); (17) The Chairman, Board of Governors, Federal Reserve System (FRS); (18) The Comptroller General of the United States, General Accounting Office (GAO); (19) The Director of Administrative Services, United States Trade Representative (USTR); and (20) The Director of Administration, United States International Trade Commission (USITC). NOTE: Appropriate interagency agreements have not yet been effected with the Department of Defense by the Department of Energy, the Nuclear Regulatory Commission and the Central Intelligence Agency.
1-104. Security Cognizance.
a. Consistent with 1-101e, above, security cognizance remains with each federal department or agency unless lawfully delegated. The term "Cognizant Security Agency" (CSA) denotes the Department of Defense (DoD), the Department of Energy, the Nuclear Regulatory Commission, and the Central Intelligence Agency. The Secretary of Defense, the Secretary of Energy, the Director of Central Intelligence and the Chairman, Nuclear Regulatory Commission may delegate any aspect of security administration regarding classified activities and contracts under their purview within the CSA or to another CSA. Responsibility for security administration may be further delegated by a CSA to one or more "Cognizant Security Offices (CSO)." It is the obligation of each CSA to inform industry of the applicable CSO.
b. The designation of a CSO does not relieve any Government Contracting Activity (GCA) of the responsibility to protect and safeguard the classified information necessary for its classified contracts, or from visiting the contractor to review the security aspects of such contracts.
c. Nothing in this Manual affects the authority of the Head of an Agency to limit, deny, or revoke access to classified information under its statutory, regulatory, or contract jurisdiction if that Agency Head determines that the security of the nation so requires. The term "agency head" has the meaning provided in 5 U.S.C. 552(f).
1-105. Composition of Manual.
This Manual is comprised of a "baseline" portion (Chapters 1 through 11). That portion of the Manual that prescribes requirements, restrictions, and safeguards that exceed the baseline standards, such as those necessary to protect special classes of information, are included in the NISPOM Supplement (NISPOMSUP). Until officially revised or canceled, the existing COMSEC, Carrier, and Marking Supplements to the former "Industrial Security Manual for Safeguarding Classified Information" will continue to be applicable to DoD-cleared facilities only.
1-106. Manual Interpretations.
All contractor re-quests for interpretations of this Manual shall be forwarded to the Cognizant Security Agency (CSA) through its designated Cognizant Security Office (CSO). Requests for interpretation by contractors located on any U.S. Government installation shall be forwarded to the CSA through the Commander or Head of the host installation. Requests for interpretation of DCIDs referenced in the NISPOM Supplement shall be forwarded to the DCI through approved channels.
1-107. Waivers and Exceptions to this Manual.
Requests shall be submitted by industry through government channels approved by the CSA. When submitting a request for waiver, the contractor shall specify, in writing, the reasons why it is impractical or unreasonable to comply with the requirement. Waivers and exceptions will not be granted to impose more stringent protection requirements than this Manual provides for CONFIDENTIAL, SECRET, or TOP SECRET information.
Section 2. General Requirements
1-200. General.
Contractors shall protect all classified information to which they have access or custody. A contractor performing work within the confines of a Federal installation shall safeguard classified information in accordance with provisions of this Manual and/or with the procedures of the host installation or agency.
1-201. Facility Security Officer (FSO).
The contractor shall appoint a U.S. citizen employee, who is cleared as part of the facility clearance (FCL), to be the FSO. The FSO will supervise and direct security measures necessary for implementing this Manual and related Federal requirements for classified information. The FSO, or those otherwise performing security duties, shall complete security training as specified in Chapter 3 and as deemed appropriate by the CSA.
1-202. Standard Practice Procedures.
The contractor shall implement all terms of this Manual applicable to each of its cleared facilities. Written procedures shall be prepared when the FSO believes them to be necessary for effective implementation of this Manual or when the cognizant security office (CSO) determines them to be necessary to reasonably foreclose the possibility of loss or compromise of classified information.
1-203. One-Person Facilities.
A facility at which only one person is assigned shall establish procedures for CSA notification after death or incapacitation of that person. The current combination of the facility's security container shall be provided to the CSA, or in the case of a multiple facility organization, to the home office.
1-204. Cooperation with Federal Agencies.
Contractors shall cooperate with Federal agencies during official inspections, investigations concerning the protection of classified information, and during the conduct of personnel security investigations of present or former employees and others. This includes providing suitable arrangements within the facility for conducting private interviews with employees during normal working hours, providing relevant employment and security records for review, when requested, and rendering other necessary assistance.
1-205. Agreements with Foreign Interests.
Contractors shall establish procedures to ensure compliance with governing export control laws before executing any agreement with a foreign interest that involves access to U.S. classified information by a foreign national. Contractors must also comply with the foreign ownership, control or influence requirements in this Manual. Prior to the execution of such agreements, review and approval are required by the State Department and release of the classified information must be approved by the U.S. Government. Failure to comply with Federal licensing requirements may render a contractor ineligible for a facility clearance.
1-206. Security Training and Briefings.
Contractors are responsible for advising all cleared employees, including those outside the United States, of their individual responsibility for safeguarding classified information. In this regard, contractors shall provide security training as appropriate, and in accordance with Chapter 3, to cleared employees by initial briefings, refresher briefings, and debriefings.
1-207. Security Reviews.
a. Government Reviews. Aperiodic security reviews of all cleared contractor facilities will be conducted to ensure that safeguards employed by contractors are adequate for the protection of classified information.
(1) Review Cycle. The CSA will determine the frequency of security reviews, which may be increased or decreased for sufficient reason, consistent with risk management principals. Security reviews may be conducted no more often than once every 12 months unless special circumstances exist.
(2) Procedures. Contractors will normally be provided notice of a forthcoming review. Unannounced reviews may be conducted at the discretion of the CSA. Security reviews necessarily subject all contractor employees and all areas and receptacles under the control of the contractor to examination. However, every effort will be made to avoid unnecessary intrusion into the personal effects of contractor personnel. The physical examination of the interior space of equipment not authorized to secure classified material will always be accomplished in the presence of a representative of the contractor.
(3) Reciprocity. Each CSA is responsible for ensuring that redundant and duplicative security review, and audit activity of its contractors is held to a minimum, including such activity conducted at common facilities by other CSA's. Appropriate intra and/or inter-agency agreements shall be executed to fulfill this cost-sensitive imperative. Instances of redundant and duplicative security review and audit activity shall be reported to the Director, Information Security Oversight Office (ISOO) for resolution.
b. Contractor Reviews. Contractors shall review their security system on a continuing basis and shall also conduct a formal self-inspection at intervals consistent with risk management principals.
1-208. Hotlines.
Federal agencies maintain hotlines to provide an unconstrained avenue for government and contractor employees to report, without fear of reprisal, known or suspected instances of serious security irregularities and infractions concerning contracts, programs, or projects. These hotlines do not supplant contractor responsibility to facilitate reporting and timely investigation of security matters concerning its operations or personnel, and contractor personnel are encouraged to furnish information through established company channels. However, the hotline may be used as an alternate means to report this type of information when considered prudent or necessary. Contractors shall inform all employees that the hotlines may be used, if necessary, for reporting matters of national security significance. CSA hotline addresses and telephone numbers are as follows:
Defense Hotline The Pentagon Washington, DC 20301-1900 (800) 424-9098 (703) 693-5080 NRC Hotline U.S. Nuclear Regulatory Commission Office of the Inspector General Mail StopTSD 28 Washington, D.C. 20555-0001 (800) 233-3497 CIA Hotline Office of the Inspector General Central Intelligence Agency Washington, D.C. 20505 (703) 874-2600 DOE Hotline Department of Energy Office of the Inspector General 1000 Independence Avenue, S.W. Room 5A235 Washington, D.C. 20585 (202) 586-4073 (800) 541-1625 1-209. Classified Information Procedures Act (CIPA). (P.L. 96-456, 94 STAT. 2025)
The provisions of this Manual do not apply to proceedings in criminal cases involving classified information, and appeals therefrom, before the United States District Courts, the Courts of Appeal, and the Supreme Court. Contractors and their employees are not authorized to afford defendants, or persons acting for the defendant, regardless of their personnel security clearance status, access to classified information except as otherwise authorized by a protective order issued pursuant to the CIPA.
Section 3. Reporting Requirements
1-300. General
Contractors are required to report certain events that have an impact on the status of the facility clearance (FCL), that impact on the status of an employee's personnel clearance (PCL), that affect proper safegarding of classified information, or that indicate classified information has been lost or compromised. Contractors shall establish such internal procedures as are necessary to ensure that cleared employees are aware of their responsibilities for reporting pertinent information to the FSO, the Federal Bureau of Investigation (FBI), or other Federal authorities as required by this Manual, the terms of a classified contract, and U.S. law. Contractors shall provide complete information to enable the CSA to ascertain whether classified information is adequately protected. Contractors shall submit reports to the FBI, and to their CSA, as specified in this Section.
a. When the reports are classified or offered in confidence and so marked by the contractor, the information will be reviewed by the CSA to determine whether it may be withheld from public disclosure under applicable exemptions of the Freedom of Information Act (5 U.S.C. 552).
b. When the reports are unclassified and contain information pertaining to an individual, the Privacy Act of 1974 (5 U.S.C. 552a) permits withholding of that infomation from the individual only to the extent that the disclosure of the information would reveal the identity of a source who furnished the information to the U.S. Government under an expressed promise that the identity of the source would be held in confidence. The fact that a report is submitted in confidence must be clearly marked on the report.
1-301 Reports to be Submitted to the FBI.
The contractor shall promptly submit a written report to the nearest field office of the FBI, regarding information coming to the contractor's attention concerning actual, probable or possible espionage, or subversive activities at any of its locations. An initial report may be made by phone, but it must be followed in writing, regardless of the disposition made of the report by the FBI. A copy of the written report shall be provided to the CSA.
1-302 Reports to be Submitted to the CSA.
a. Adverse Information. Contractors shall report adverse information coming to their attention concerning any of their cleared employees. Reports based on rumor or innuendo should not be made. The subsequent termination of employment of an employee does not obviate the requirement to submit this report. The report shall include the name and telephone number of the individual to contact for further information regarding the matter and the signature, typed name and title of the individual submitting the report. If the individual is employed on a Federal installation, a copy of the report and its final disposition shall be furnished by the contractor to the Commander or Head of the installation. NOTE: In two court cases, Becker vs. Philco and Taglia vs. Philco (389 U.S. 979), the U.S. Court of Appeals for the 4th Circuit decided on February 6, 1967, that a contractor is not liable for defamation of an employee because of reports made to the Government pursuant to the requirements of this Manual.
b. Suspicious Contacts. Contractors shall report efforts by any individual, regardless of nationality, to obtain illegal or unauthorized access to classified information or to compromise a cleared employee. In addition, all contacts by cleared employees with known or suspected intelligence officers from any country, or any contact which suggests the employee concerned may be the target of an attempted exploitation by the intelligence services of another country shall be reported.
c. Change in Cleared Employee Status. Contractors shall report (1) The death; (2) A change in name; (3) The termination of employment; (4) Change in marital status; (5) Change in citizenship; and (6) When the possibility of access to classified information in the future has been reasonably foreclosed. Such changes shall be reported by submission of a CSA designated form.
d. Representative of a Foreign Interest. Any cleared employee, who becomes a representative of a foreign interest (RFI) or whose status as an RFI is materially changed.
e. Citizenship by Naturalization. A. non-U.S. citizen granted a Limited Access Authorization (LAA) who becomes a citizen through naturalization. Submission of this report shall be made on a CSA designated form, and include the (1) city, county, and state where naturalized; (2) date naturalized;(3) court; and (4) certificate number.
f. Employees Desiring Not to Perform on Classified Work. Evidence that an employee no longer wishes to be processed for a clearance or to continue an existing clearance.
g. Standard Form (SF) 312. Refusal by an employee to execute the "Classified Information Nondisclosure Agreement" (SF 312).
h. Change Conditions Affecting the Facility Clearance.
(1) Any change of ownership, including stock transfers that effect control of the company.
(2) Any change of operating name or address of the company or any of its cleared locations.
(3) Any change to the information previously submitted for key management personnel including, as appropriate, the names of the individuals they are replacing. In addition, a statement shall be made indicating:
(a) Whether the new key management personnel are cleared, and if so, to what level and when, their dates and places of birth, social security numbers, and their citizenship;
(b) Whether they have been excluded from access; or
(c) Whether they have been temporarily excluded from access pending the granting of their clearance. A new complete listing of key management personnel need only be submitted at the discretion of the contractor and/or when requested in writing by the CSA.
(4) Action to terminate business or operations for any reason, imminent adjudication or reorganization in bankruptcy, or any change that might affect the validity of the FCL.
(5) Any material change concerning the information previously reported by the contractor concerning foreign ownership, control or influence (FOCI). This report shall be made by the submission of a CSA- designated form. When submitting this form, it is not necessary to repeat answers that have not changed. When entering into discussions, consultations or agreements that may reasonably lead to effective ownership or control by a foreign interest, the contractor shall report the details by letter. If the contractor has received a Schedule 13D from the investor, a copy shall be forwarded with the report. A new CSA-designated form regarding FOCI shall also beexecuted every 5 years.
i. Changes in Storage Capability. Any change in the storage capability that would raise or lower the level of classified information the facility is approved to safeguard.
j. Inability to Safeguard Classified Material. Any emergency situation that renders the facility incapable of safeguarding classified material.
k. Security Equipment Vulnerabilities. Significant vulnerabilities identified in security equipment, intrusion detection systems (IDS), access control systems, communications security (COMSEC) equipment or systems, and automated information system (AIS) security hardware and software used to protect classified material.
l. Unauthorized Receipt of Classified Material. The receipt or discovery of any classified material that the contractor is not authorized to have. The report should identify the source of the material, originator, quantity, subject or title, date, and classification level.
m. Employee Information in Compromise Cases. When requested by the CSA, information concerning an employee when the information is needed in connection with the loss, compromise, or suspected compromise of classified information.
n. Disposition of Classified Material Terminated From Accountability. When the whereabouts or disposition of classified material previously terminated from accountability is subsequently determined.
o. Foreign Classified Contracts. Any precontract negotiation or award not placed through a GCA that involves, or may involve, (1) The release or disclosure of U.S. classified information to a foreign interest, or (2) Access to classified information furnished by a foreign interest.
1-303. Reports of Loss, Compromise, or Suspected Compromise.
Any loss, compromise or suspected compromise of classified information, foreign or domestic, shall be reported to the CSA. Classified material that cannot be located within a reasonable period of time shall be presumed to be lost until an investigation determines otherwise. If the facility is located on a Government installation, the report shall be furnished to the CSA through the Commander or Head of the host installation.
a. Preliminary Inquiry. Immediately on receipt of a report of loss, compromise, or suspected compromise of classified information, the contractor shall initiate a preliminary inquiry to ascertain all of the circumstances surrounding the reported loss, compromise or suspected compromise.
b. Initial Report. If the contractor's preliminary inquiry confirms that a loss, compromise, or suspected compromise of any classified information occurred, the contractor shall promptly submit an initial report of the incident unless otherwise notified by the CSA. Submission of the initial report shall not be deferred pending completion of the entire investigation.
c. Final Report. When the investigation has been completed, a final report shall be submitted to the CSA. The report should include:
(1) Material and relevant information that was not included in the initial report; (2) The name, position, social security number, date and place of birth, and date of the clearance of the individual(s) who was primarily responsible for the incident, including a record of prior loss, compromise, or suspected compromise for which the individual had been determined responsible; (3) A statement of the corrective action taken to preclude a recurrence and the disciplinary action taken against the responsible individual(s), if any; and (4) Specific reasons for reaching the conclusion that loss, compromise, or suspected compromise occurred or did not occur.
1-304. Individual Culpability Reports.
Contractors shall establish and enforce policies that provide for appropriate administrative actions taken against employees who violate requirements of this Manual. They shall establish and apply a graduated scale of disciplinary actions in the event of employee violations or negligence. A statement of the administrative actions taken against an employee shall be included in a report to the CSA when individual responsibility for a security violation can be determined and one or more of the following factors are evident:
a. The violation involved a deliberate disregard of security requirements.
b. The violation involved gross negligence in the handling of classified material.
c. The violation involved was not deliberate in nature but involves a pattern of negligence or carelessn
CHAPTER 2
Security Clearances
Section 1. Facilities Clearances
2-100. General.
A facility clearance (FCL) is an administrative determination that a facility is eligible for access to classified information or award of a classified contract. Contract award may be made prior to the issuance of an FCL. However, in those cases, the contractor will be processed for an FCL at the appropriate level and must meet eligibility requirements for access to classified information. The FCL requirement for a prime contractor includes those instances in which all classified access will be limited to subcontractors. Contractors are eligible for custody (possession) of classified material, if they have an FCL and storage capability approved by the CSA.
a. An FCL is valid for access to classified information at the same, or lower, classification level as the FCL granted.
b. FCLs will be registered centrally by the U.S. Government.
c. A contractor shall not use its FCL for advertising or promotional purposes.
2-101. Reciprocity.
An FCL shall be considered valid and acceptable for use on a fully reciprocal basis by all Federal departments and agencies, provided it meets or exceeds the level of clearance needed.
2-102. Eligibility Requirements.
A contractor or prospective contractor cannot apply for its own FCL. A GCA or a currently cleared contractor may sponsor an uncleared contractor for an FCL. A company must meet the following eligibility requirements before it can be processed for an FCL.
a. The contractor must need access to the classified information in connection with a legitimate U.S. Government or foreign requirement.
b. The contractor must be organized and existing under the laws of any of the fifty states, the District of Columbia, or Puerto Rico, and be located in the U.S. and its territorial areas or possessions.
c. The contractor must have a reputation for integrity and lawful conduct in its business dealings. The contractor and its key managers, must not be barred from participating in U.S.Government contracts.
d. The contractor must not be under foreign ownership, control, or influence (FOCI) to a such a degree that the granting of the FCL would be inconsistent with the national interest.
2-103. Processing the FCL.
The CSA will advise and assist the company during the FCL process. As a minimum, the company will:
a. Execute CSA-designated forms.
b. Process key management personnel for personnel clearances (PCLs).
c. Appoint a U.S. citizen employee as the facility security officer (FSO).
2-104. Personnel Clearances Required in Connection with the FCL.
The senior management official and the FSO must always be cleared to the level of the FCL. Other officials, as determined by the CSA, must be granted a PCL or be excluded from classified access pursuant to paragraph 2-106.
2-105. PCLs Concurrent with the FCL.
Contractors may designate employees who require access to classified information during the negotiation of a contract or the preparation of a bid or quotation pertaining to a prime contract or a subcontract to be processed for PCLs concurrent with the FCL. The granting of an FCL is not dependent on the clearance of such employees.
2-106. Exclusion Procedures.
When, pursuant to paragraph 2-104, formal exclusion action is required, the organization's board of directors or similar executive body shall affirm the following, as appropriate.
a. Such officers, directors, partners, regents, or trustees (designated by name) shall not require, shall not have, and can be effectively excluded from access to all classified information disclosed to the organization. They also do not occupy positions that would enable them to adversely affect the organization's policies or practices in the performance of classified contracts. This action shall be made a matter of record by the organization's executive body. A copy of the resolution shall be furnished to the CSA.
b. Such officers or partners (designated by name) shall not require, shall not have, and can be effectively denied access to higher-level classified information (specify which higher level(s)) and do not occupy positions that would enable them to adversely affect the organization's policies or practices in the performance of higher-level classified contracts (specify higher level(s)). This action shall be made a matter of record by the organization's executive body. A copy of the resolution shall be furnished to the CSA.
2-107. Interim FCLs.
An interim FCL may be granted to eligible contractors by the CSA. An interim FCL is granted on a temporary basis pending completion of the full investigative requirements.
2-108. Multiple Facility Organizations.
The home office facility must have an FCL at the same, or higher, level of any cleared facility within the multiple facility organization.
2-109. Parent-Subsidiary Relationships.
When a parent-subsidiary relationship exists, the parent and the subsidiary will be processed separately for an FCL. As a general rule, the parent must have an FCL at the same, or higher, level as the subsidiary. However, the CSA will determine the necessity for the parent to be cleared or excluded from access to classified information. The CSA will advise the companies as to what action is necessary for processing the FCL. When a parent or its cleared subsidiaries are collocated, a formal written agreement to utilize common security services may be executed by the two firms, subject to the approval of the CSA.
2-110. Termination of the FCL.
Once granted, an FCL remains in effect until terminated by either party. If the FCL is terminated for any reason, the contractor shall return all classified material in its possession to the appropriate GCA or dispose of the material as instructed by the CSA. The contractor shall return the original copy of the letter of notification of the facility security clearance to the CSA.
2-111. Records Maintenance.
Contractors shall maintain the original CSA designated forms for the duration of the FCL.
Section 2. Personnel Clearances
2-200. General.
a. An employee may be processed for a personnel clearance (PCL) when the contractor determines that access is essential in the performance of tasks or services related to the fulfillment of a classified contract. A PCL is valid for access to classified information at the same, or lower, level of classification as the level of the clearance granted.
b. The CSA will provide written notice when an employee's PCL has been granted, denied, suspended, or revoked. The contractor shall immediately deny access to classified information to any employee when notified of a denial, revocation or suspension. The CSA will also provide written notice when processing action for PCL eligibility has been discontinued. Contractor personnel may be subject to a reinvestigation program as specified by the CSA.
c. Within a multiple facility organization (MFO), PCLs will be issued to a company's home office facility (HOF) unless an alternative arrangement is approved by the CSA. Cleared employee transfers within an MFO, and classified access afforded thereto, shall be managed by the contractor.
d. The contractor shall limit requests for PCLs to the minimal number of employees necessary for operational efficiency, consistent with contractual obligations and other requirements of this Manual. Requests for PCLs shall not be made to establish "pools" of cleared employees.
e. The contractor shall not submit a request for a PCL to one agency if the employee applicant is cleared or is in process for a PCL by another agency. In such cases, to permit clearance verification, the contractor should provide the new agency with the full name, date and place of birth, current address, social security number, clearing agency, and type of clearance.
2-201. Investigative Requirements.
Investigations conducted by a Federal Agency shall not be duplicated by another Federal Agency when those investigations are current within 5 years and meet the scope and standards for the level of PCL required. The types of investigations required are as follows:
a. Single Scope Background Investigation (SSBI). An SSBI is required for TOP SECRET, Q, and SCI. Application shall be made on an SF Form 86 for DOE and NRC contractors. All others shall submit a DD Form 398.
b. National Agency Check and Credit Check (NACC). An NACC is required for a SECRET, L, and CONFIDENTIAL PCL. Application shall be made on an SF Form 86 for DOE and NRC contractors. All others shall submit a DD Form 398-2.
c. Polygraph. Agencies with policies sanctioning the use of the polygraph for PCL purposes may require polygraph examinations when necessary. If issues of concern surface during any phase of security processing, coverage will be expanded to resolve those issues.
2-202. Common Adjudicative Standards.
Security clearance and SCI access determinations shall be based upon uniform common adjudicative standards.
2-203. Reciprocity.
Federal agencies that grant security clearances (TOP SECRET, SECRET, CONFIDENTIAL, Q or L) to their employees or their contractor employees are responsible for determining whether such employees have been previously cleared or investigated by the Federal Government. Any previously granted PCL that is based upon a current investigation of a scope that meets or exceeds that necessary for the clearance required, shall provide the basis for issuance of a new clearance without further investigation or adjudication unless significant derogatory information that was not previously adjudicated becomes known to the granting agency.
2-204. Pre-employment Clearance Action.
Contractors shall not initiate any pre-employment clearance action unless the recruitment is for a specific position that will require access to classified information. Contractors shall include the following statement in such employment advertisements: "Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information." The completed PCL application may be submitted to the CSA by the contractor prior to the date of employment, provided a written commitment for employment has been made by the contractor that prescribes a fixed date for employment within the ensuing 180 days, and the candidate has accepted the employment offer in writing.
2-205. Contractor-Granted Clearances.
Contractors are no longer permitted to grant clearances. Contractor-granted Confidential clearances in effect under previous policy are not valid for access to: Restricted Data; Formerly Restricted Data; COMSEC information; Sensitive Compartmented Information; NATO information (except RESTRICTED); Critical or Controlled Nuclear Weapon Security positions; and classified foreign government information.
2-206. Verification of U.S. Citizenship.
The contractor shall require each applicant for a PCL who claims U.S. citizenship to produce evidence of citizenship. A PCL will not be granted until the contractor has certified the applicant's U.S. citizenship.
2-207. Acceptable Proof of Citizenship.
a. For individuals born in the United States, a birth certificate is the primary and preferred means of citizenship verification. Acceptable certificates must show that the birth record was filed shortly after birth and it must be certified with the registrar's signature. It must bear the raised, impressed, or multicolored seal of the registrar's office. The only exception is if a state or other jurisdiction does not issue such seals as a matter of policy Uncertified copies of birth certificates are not acceptable. A delayed birth certificate is one created when a record was filed more than one year after the date of birth. Such a certificate is acceptable if it shows that the report of birth was supported by acceptable secondary evidence of birth. Secondary evidence may include: baptismal or circumcision certificates, hospital birth records, or affidavits of persons having personal knowledge about the facts of birth. Other documentary evidence can be early census, school, or family bible records, newspaper files, or insurance papers. All documents submitted as evidence of birth in the U.S. shall be original or certified documents.
b. If the individual claims citizenship by naturalization, a certificate of naturalization is acceptable proof of citizenship.
c. If citizenship was acquired by birth abroad to a U.S. citizen parent or parents, the following are acceptable evidence:
(1) A Certificate of Citizenship issued by the Immigration and Naturalization Service (INS); or (2) A Report of Birth Abroad of a Citizen of the United States of America (Form FS-240); or (3) A Certificate of Birth (Form FS-545 or DS-1350).
d. A passport, current or expired, is acceptable proof of citizenship.
e. A Record of Military Processing-Armed Forces of the United States (DD Form 1966) is acceptable proof of citizenship, provided it reflects U.S. citizenship.
2-208. Letter of Notification of Personnel Clearance (LOC).
An LOC will be issued by the CSA to notify the contractor that its employee has been granted a PCL. Unless terminated, suspended or revoked by the Government, the LOC remains effective as long as the employee is continuously employed by the contractor.
2-209. Representative of a Foreign Interest.
The CSA will determine whether a Representative of a Foreign Interest (RFI) is eligible for a clearance or continuation of a clearance.
a. An RFI must be a U.S. citizen to be eligible for a PCL.
b. The RFI shall submit a statement that fully explains the foreign connections and identifies all foreign interests. The statement shall contain the contractor's name and address and the date of submission. If the foreign interest is a business enterprise, the statement shall explain the nature of the business and, to the extent possible, details as to its ownership, including the citizenship of the principal owners or blocks of owners. The statement shall fully explain the nature of the relationship between the applicant and the foreign interest and indicate the approximate percentage of time devoted to the business of the foreign interest.
2-210. Non-U.S.Citizens.
Only U.S. citizens are eligible for a security clearance. Every effort shall be made to ensure that non-U.S. citizens are not employed in duties that may require access to classified information. However, compelling reasons may exist to grant access to classified information to an immigrant alien or a foreign national. Such individuals may be granted a Limited Access Authorization (LAA) in those rare circumstances where the non-U.S. citizen possesses unique or unusual skill or expertise that is urgently needed to support a specific U.S. Government contract involving access to specified classified information and a cleared or clearable U.S. citizen is not readily available. In addition, the LAA may only be issued under the following circumstances:
a. With the concurrence of the GCA in instances of special expertise.
b. With the concurrence of the CSA in furtherance of U.S. Government obligations pursuant to U.S. law, treaty, or international agreements.
2-211. Access Limitations of an LAA.
An LAA granted under the provisions of this Manual is not valid for access to the following types of information.
a. TOP SECRET information;
b. Restricted Data or Formerly Restricted Data;
c. Information that has not been determined releasable by a U.S. Government Designated Disclosure Authority to the country of which the individual is a citizen;
d. COMSEC information;
e. Intelligence information;
f. NATO Information. However, foreign nationals of a NATO member nation may be authorized access to NATO Information provided that:
(1) A NATO Security Clearance Certificate is obtained by the CSA from the individual's home country; and (2) NATO access is limited to performance on a specific NATO contract.
g. Information for which foreign disclosure has been prohibited in whole or in part; and
h. Information provided to the U.S. Government in confidence by a third party government and classified information furnished by a third party government.
2-212. Interim Clearances.
Interim TOP SECRET PCLs shall be granted only in emergency situations to avoid crucial delays in precontract negotiation, or in the award or performance on a contract. The contractor shall submit applications for Interim TOP SECRET PCLs to the pertinent GCA for endorsement. Applicants for TOP SECRET, SECRET, and CONFIDENTIAL PCLs may be routinely granted interim PCLs at the SECRET or CONFIDENTIAL level, as appropriate, provided there is no evidence of adverse information of material significance. The interim status will cease if results are favorable following completion of full investigative requirements. At that time the CSA will issue a new LOC. Non-U.S. citizens are not eligible for interim clearances.
a. An interim SECRET or CONFIDENTIAL PCL is valid for access to classified information at the level of the interim PCL granted, except for Sensitive Compartmented Information, Restricted Data, COMSEC Information, SAP, and NATO information. An interim TOP SECRET PCL is valid for access to TOP SECRET information and Restricted Data, NATO Information and COMSEC information at the SECRET and CONFIDENTIAL level.
b. An interim PCL granted by the CSA negates any existing contractor-granted CONFIDENTIAL clearance. When an interim PCL has been granted and derogatory information is subsequently developed, the CSA may withdraw the interim pending completion of the processing that is a prerequisite to the granting of a final PCL.
c. When an interim PCL for an individual who is required to be cleared in connection with the FCL is withdrawn, the interim FCL will also be withdrawn, unless action is taken to remove the individual from the position requiring access.
d. Withdrawal of an interim PCL is not a denial or revocation of the clearance and is not appealable during this stage of the processing.
2-213. Consultants.
A consultant is an individual under contract to provide professional or technical assistance to a contractor or GCA in a capacity requiring access to classified information. The consultant shall not possess classified material off the premises of the using (hiring) contractor or GCA except in connection with authorized visits. The consultant and the using contractor or GCA shall jointly execute a consultant certificate setting forth respective security responsibilities. The using contractor or GCA shall be the consumer of the services offered by the consultant it sponsors for a PCL. For security administration purposes, the consultant shall be considered an employee of the hiring contractor or GCA. The CSA shall be contacted regarding security procedures to be followed should it become necessary for a consultant to have custody of classified information at the consultant's place of business.
2-214. Concurrent PCLs.
A concurrent PCL can be issued if a contractor hires an individual or engages a consultant who has a current PCL (LOC issued to another contractor). The gaining contractor must be issued an LOC prior to the employee having access to classified information at that facility. Application shall be made by the submission of the CSA designated form.
2-215. Converting PCLs to Industrial Clearances.
PCLs granted by government agencies may be converted to industrial clearances when: (a) A determination can be made that the investigation meets standards prescribed for such clearances; (b) No more than 24 months has lapsed since the date of termination of the clearance; and, (c) No evidence of adverse information exists since the last investigation. Contractors employing persons eligible for conversion of clearance may request clearance to the level of access required by submitting the CSA designated form to the CSA. Access may not be granted until receipt of the LOC. The following procedures apply.
a. Former DOE and NRC Personnel. A Q access authorization can be converted to a TOP SECRET clearance. An L access authorization can be converted to a SECRET clearance. Annotate the application: "DOE (or NRC) Q (or L) Conversion Requested."
b. Federal Personnel. Submit a copy of the "Notification of Personnel Action" (Standard Form 50), which terminated employment with the Federal Government with the application.
c. Military Personnel. Submit a copy of the "Certificate of Release or Discharge From Active Duty" (DD Form 214).
d. National Guard and Reserve Personnel in the Ready Reserve Program. Include the individual's service number, the identity and exact address of the unit to which assigned, and the date such participation commenced on the application. For those individuals who have transferred to the standby or retired Reserve, submit a copy of the order effecting such a transfer.
2-216. Clearance Terminations.
The contractor shall terminate a PCL (a) Upon termination of employment; or (b) When the need for access to classified information in the future is reasonably foreclosed. Termination of a PCL is accomplished by submitting a CSA-designated form to the CSA.
2-217. Clearance Reinstatements.
A PCL can be reinstated provided (a) No more than 24 months has lapsed since the date of termination of the clearance; (b) There is no known adverse information; (c) The most recent investigation must not exceed 5 years (TS, Q) or 10 years (SECRET, L); and (d) Must meet or exceed the scope of the investigation required for the level of PCL that is to be reinstated or granted. A PCL can be reinstated at the same, or lower, level by submission of a CSA-designated form to the CSA. The employee may not have access to classified information until receipt of the LOC.
2-218. Procedures for Completing the Application Form.
The application forms shall be completed jointly by the employee and the contractor. Contractors shall inform employees that page 5 of the DD Form 398-2 and the DD Form 398 or part 2 of the SF-86 may be completed in private and returned to security personnel in a sealed envelope. The contractor shall not review any information that is contained in the sealed envelope. The contractor shall review the remainder of the application to determine its adequacy and to ensure that necessary information has not been omitted. The contractor shall ensure that the applicant's fingerprints are authentic, legible, and complete to avoid subsequent clearance processing delays. An employee of the contractor shall witness the taking of the applicant's fingerprints to ensure that the person fingerprinted is, in fact, the same as the person being processed for the clearance. All PCL forms required by this Section are available from the CSA.
2-219. Records Maintenance.
The contractor shall maintain a current record at each facility (to include uncleared locations) of all cleared employees. Records maintained by a HOF and/or PMF for employees located at subordinate facilities (cleared and uncleared locations) shall include the name and address at which the employee is assigned. When furnished with a list of cleared personnel by the CSA, contractors are requested to annotate the list with any corrections or adjustments and return it at the earliest practical time. The reply shall include a statement by the FSO certifying that the individuals listed remain employed and that a PCL is still required.
Section 3. Foreign Ownership, Control, or Influence (FOCI)
2-300. General.
a. This Section establishes the policy concerning the initial or continued clearance eligibility of U.S. companies with foreign involvement; provides criteria for determining whether U.S. companies are under foreign ownership, control or influence (FOCI); prescribes responsibilities in FOCI matters; and outlines security measures that may be considered to negate or reduce to an acceptable level FOCI-based security risks .
b. The foreign involvement of U.S. companies cleared or under consideration for a facility security clearance (FCL) is examined to ensure appropriate resolution of matters determined to be of national security significance. The development of security measures to negate FOCI determined to be unacceptable shall be based on the concept of risk management. The determination of whether a U.S. company is under FOCI, its eligibility for an FCL, and the security measures deemed necessary to negate FOCI shall be made on a case-by-case basis.
2-301. Policy.
Foreign investment can play an important role in maintaining the vitality of the U.S. industrial base. Therefore, it is the policy of the U.S. Government to allow foreign investment consistent with the national security interests of the United States. The following FOCI policy for U.S. companies subject to an FCL is intended to facilitate foreign investment by ensuring that foreign firms cannot undermine U.S. security and export controls to gain unauthorized access to critical technology, classified information and special classes of classified information:
a. A U.S. company is considered under FOCI whenever a foreign interest has the power, direct or indirect, whether or not exercised, and whether or not exercisable through the ownership of the U.S. company's securities, by contractual arrangements or other means, to direct or decide matters affecting the management or operations of that company in a manner which may result in unauthorized access to classified information or may affect adversely the performance of classified contracts.
b. A U.S. company determined to be under FOCI is ineligible for an FCL, or an existing FCL shall be suspended or revoked unless security measures are taken as necessary to remove the possibility of unauthorized access or the adverse affect on classified contracts.
c. The Federal Government reserves the right and has the obligation to impose any security method, safeguard, or restriction it believes necessary to ensure that unauthorized access to classified information is effectively precluded and that performance of classified contracts is not adversely affected.
d. Changed conditions, such as a change in ownership, indebtedness, or the foreign intelligence threat, may justify certain adjustments to the security terms under which a company is operating or, alternatively, that a different FOCI negation method be employed. If a changed condition is of sufficient significance, it might also result in a determination that a company is no longer considered to be under FOCI or, conversely, that a company is no longer eligible for an FCL.
e. Nothing contained in this Section shall affect the authority of the Head of an Agency to limit, deny or revoke access to classified information under its statutory, regulatory or contract jurisdiction. For purposes of this Section, the term "agency" has the meaning provided at 5 U.S.C. 552(f), to include the term "DoD Component."
2-302. Factors.
a. The following factors shall be considered in the aggregate to determine whether an applicant company is under FOCI; its eligibility for an FCL; and the protective measures required:
(1) Foreign intelligence threat; (2) Risk of unauthorized technology transfer; (3) Type and sensitivity of the information requiring protection; (4) Nature and extent of FOCI, to include whether a foreign person occupies a controlling or dominant minority position; source of FOCI, to include identification of immediate, intermediate and ultimate parent organizations; (5) Record of compliance with pertinent U.S. laws, regulations and contracts; and (6) Nature of bilateral and multilateral security and information exchange agreements that may pertain.
b. In addition to the factors shown above, the following information is required to be furnished to the CSA on the CSA-designated form. The information will be considered in the aggregate and the fact that some of the below listed conditions may apply does not necessarily render the applicant company ineligible for an FCL.
(1) Ownership or beneficial ownership, direct or indirect, of 5 percent or more of the applicant company's voting securities by a foreign person; (2) Ownership or beneficial ownership, direct or indirect, of 25 percent or more of any class of the applicant company's non-voting securities by a foreign person; (3) Management positions, such as directors, officers, or executive personnel of the applicant company held by non U.S. citizens; (4) Foreign person power, direct or indirect, to control the election, appointment, or tenure of directors, officers, or executive personnel of the applicant company and the power to control other decisions or activities of the applicant company; (5) Contracts, agreements, understandings, or arrangements between the applicant company and a foreign person; (6) Details of loan arrangements between the applicant company and a foreign person if the applicant company's (the borrower) overall debt to equity ratio is 40:60 or greater; and details of any significant portion of the applicant company's financial obligations that are subject to the ability of a foreign person to demand repayment; (7) Total revenues or net income in excess of 5 percent from a single foreign person or in excess of 30 percent from foreign persons in the aggregate; (8) Ten percent or more of any class of the applicant's voting securities held in "nominee shares," in "street names," or in some other method that does not disclose the beneficial owner of equitable title; (9) Interlocking directors with foreign persons and any officer or management official of the applicant company who is also employed by a foreign person; (10) Any other factor that indicates or demonstrates a capability on the part of foreign persons to control or influence the operations or management of the applicant company; and (11) Ownership of 10% or more of any foreign interest.
2-303. Procedures.
a. If there are any affirmative answers on the form, or other information is received which indicates that the applicant company may be under FOCI, the CSA shall review the case to determine the relative significance of the information in regard to:
(1) Whether the applicant is under FOCI, which shall include a review of the factors listed at 2-302; (2) The extent and manner to which the FOCI may result in unauthorized access to classified information or adversely impact classified contract performance; and (3) The type of actions, if any, that would be necessary to negate the effects of FOCI to a level deemed acceptable to the Federal Government. Disputed matters may be appealed and the applicant shall be advised of the government's appeal channels by the CSA.
b. When a company with an FCL enters into negotiations for the proposed merger, acquisition, or takeover by a foreign person, the applicant shall submit notification to the CSA of the commencement of such negotiations. The submission shall include the type of transaction under negotiation (stock purchase, asset purchase, etc.), the identity of the potential foreign person investor, and a plan to negate the FOCI by a method outlined in 2-306. The company shall submit copies of loan, purchase and shareholder agreements, annual reports, bylaws, articles of incorporation, partnership agreements and reports filed with other federal agencies to the CSA.
c. When a company with an FCL is determined to be under FOCI, the facility security clearance shall be suspended. Suspension notices shall be made as follows: (1) When the company has current access to classified information, the GCAs and prime contractor(s) of record shall be notified of the suspension action along with full particulars regarding the reason(s) therefor. Cognizant contracting agency security and acquisition officials shall be furnished written, concurrent notice of the suspension action. All such notices shall include a statement that the award of additional classified contracts is prohibited so long as the FCL remains in suspension. (2) The company subject to suspension action shall be notified that its clearance has been suspended, that current access to classified information and performance on existing classified contracts may continue unless notified by the CSA to the contrary, and that the award of new classified contracts will not be permitted until the FCL has been restored to a valid status.
d. When necessary, the applicant company shall be advised that failure to adopt required security measures, may result in denial or revocation of the FCL. When final agreement by the parties with regard to the security measures required by the CSA is attained, the applicant shall be declared eligible for an FCL upon implementation of the required security measures. When a previously suspended FCL has been restored to a valid status, all recipients of previous suspension notices shall be notified.
e. A counterintelligence threat assessment and technology transfer risk assessment shall be obtained by the CSA and considered prior to a final decision to grant an FCL to an applicant company under FOCI or to restore an FCL previously suspended. These assessments shall be updated periodically under circumstances and at intervals considered appropriate by the CSA.
f. Whenever a company has been determined to be under FOCI, the primary consideration shall be the safeguarding of classified information. The CSA is responsible for taking whatever interim action necessary to safeguard classified information, in coordination with other affected agencies as appropriate. If the company does not have possession of classified material, and does not have a current or impending requirement for access to classified information, the FCL shall be administratively terminated.
2-304. Foreign Mergers, Acquisitions and Takeovers, and the CFIUS.
a. Proposed merger, acquisition, or takeover (transaction) cases voluntarily filed for review by the Committee on Foreign Investment in the United States (CFIUS) under Section 721 of Title VII of the Defense Production Act (DPA) of 1950 (P.L. 102-99) shall be processed on a priority basis. The CSA shall determine whether the proposed transaction involves an applicant subject to this Section and convey its finding to appropriate agency authorities. If the proposed transaction would require FOCI negation measures to be imposed if consummated, the parties to the transaction shall be promptly advised of such measures and be requested to provide the CSA with their preliminary acceptance or rejection of them as promptly as possible.
b. The CFIUS review and the industrial security review are carried out in two parallel, but separate, processes with different time constraints and considerations. Ideally, when industrial security enhancements (see Sections 2-305 and 2-306) are required to resolve industrial security concerns of a case under review by CFIUS, there should be agreement before a recommendation on the matter is formulated. As a technical matter, however, a security agreement cannot be signed until the proposed foreign investor legally completes the transaction, usually the date of closing. When the required security arrangement, (1) Has been rejected; or (2) When it appears agreement will not be attained regarding material terms of such an arrangement; or (3) The company has failed to comply with the reporting requirements of this Manual, industrial security authorities may recommend that the Department position be an investigation of the proposed transaction by CFIUS to assure that national security concerns are protected.
2-305. FOCI Negation Action Plans.
If it is determined that an applicant company may be ineligible for an FCL or that additional action would be necessary to negate the FOCI, the applicant shall be promptly advised and requested to submit a negation plan.
a. In those cases where the FOCI stems from foreign ownership, a plan shall consist of one of the methods prescribed at 2-306. Amendments to purchase and shareholder agreements may also serve to remove FOCI concerns.
b. When factors not related to ownership are present, the plan shall provide positive measures that assure that the foreign person can be effectively denied access to classified information and cannot otherwise adversely affect performance on classified contracts. Examples of such measures include: modification or termination of loan agreements, contracts and other understandings with foreign interests; diversification or reduction of foreign source income; demonstration of financial viability independent of foreign persons; elimination or resolution of problem debt; assignment of specific oversight duties and responsibilities to board members; formulation of special executive-level security committees to consider and oversee matters that impact upon the performance of classified contracts; physical or organizational separation of the facility component performing on classified contracts; the appointment of a technology control officer; adoption of special board resolutions; and other actions that negate foreign control or influence.
2-306. Methods to Negate Risk in Foreign Ownership Cases.
Under normal circumstances, foreign ownership of a U.S. company under consideration for an FCL becomes a concern to the U.S. Government when a foreign shareholder has the ability, either directly or indirectly, whether exercised or exercisable, to control or influence the election or appointment of one or more members to the applicant company's board of directors by any means (equivalent equity for unincorporated companies). Foreign ownership which cannot be so manifested is not, in and of itself, considered significant.
a. Board Resolution. When a foreign person does not own voting stock sufficient to elect, or otherwise is not entitled to representation to the applicant company's board of directors, a resolution(s) by the applicant's board of directors will normally be adequate. The Board shall identify the foreign shareholder and describe the type and number of foreign owned shares; acknowledge the applicant's obligation to comply with all industrial security program and export control requirements; certify that the foreign shareholder shall not require, shall not have, and can be effectively precluded from unauthorized access to all classified and export-controlled information entrusted to or held by the applicant company; will not be permitted to hold positions that may enable them to influence the performance of classified contracts; and provide for an annual certification to the CSA acknowledging the continued effectiveness of the resolution. The company shall be required to distribute to members of its board of directors and its principal officers copies of such resolutions and report in the company's corporate records the completion of such distribution.
b. Voting Trust Agreement and Proxy Agreement. The Voting Trust Agreement and the Proxy Agreement are substantially identical arrangements whereby the voting rights of the foreign owned stock are vested in cleared U.S. citizens approved by the Federal Government. Neither arrangement imposes any restrictions on a company's eligibility to have access to classified information or to compete for classified contracts.
(1) Establishment of a Voting Trust or Proxy Agreement involves the selection of three trustees or proxy holders respectively, all of whom must become directors of the cleared company's board. Both arrangements must provide for the exercise of all prerogatives of ownership by the voting trustees or proxy holders with complete freedom to act independently from the foreign person stockholders. The arrangements may, however, limit the authority of the trustees or proxy holders by requiring that approval be obtained from the foreign person stockholder(s) with respect to matters such as: (a) The sale or disposal of the corporation's assets or a substantial part thereof; (b) Pledges, mortgages, or other encumbrances on the capital stock; (c) Corporate mergers, consolidations, or reorganizations; (d) The dissolution of the corporation; and (e) The filing of a bankruptcy petition. However, nothing herein prohibits the trustees or proxy holders from consulting with the foreign person stockholders, or vice versa, where otherwise consistent with U.S. laws, regulations and the terms of the Voting Trust or Proxy Agreement. (2) The voting trustees or proxy holders must assume full responsibility for the voting stock and for exercising all management prerogatives relating thereto in such a way as to ensure that the foreign stockholders, except for the approvals enumerated in (1) above, shall be insulated from the cleared company and continue solely in the status of beneficiaries. The company shall be organized, structured, and financed so as to be capable of operating as a viable business entity independent from the foreign stockholders. (3) Individuals who serve as voting trustees or proxy holders must be: (a) U.S. citizens residing within the United States, who are capable of assuming full responsibility for voting the stock and exercising management prerogatives relating thereto in a way that ensures that the foreign person stockholders can be effectively insulated from the cleared company; (b) Completely disinterested individuals with no prior involvement with the applicant company, the corporate body with which it is affiliated, or the foreign person owner; and (c) Eligible for a PCL at the level of the FCL. (4) Management positions requiring personnel security clearances in conjunction with the FCL must be filled by U.S. citizens residing in the United States.
c. Special Security Agreement and Security Control Agreement. The Special Security Agreement (SSA) and the Security Control Agreement (SCA) are substantially identical arrangements that impose substantial industrial security and export control measures within an institutionalized set of corporate practices and procedures; require active involvement of senior management and certain Board members in security matters (who must be cleared, U.S. citizens); provide for the establishment of a Government Security Committee (GSC) to oversee classified and export control matters; and preserve the foreign person shareholder's right to be represented on the Board with a direct voice in the business management of the company while denying unauthorized access to classified information.
(1) A company effectively owned or controlled by a foreign person may be cleared under the SSA arrangement. However, access to "proscribed information" is permitted only with the written permission of the cognizant U.S. agency with jurisdiction over the information involved. A determination to disclose proscribed information to a company cleared under an SSA requires that a favorable National Interest Determination (see 2-309) be rendered prior to contract award. Additionally, the Federal Government must have entered into a General Security Agreement with the foreign government involved.
(2) A company not effectively owned or controlled by a foreign person may be cleared under the SCA arrangement. Limitations on access to classified information are not required under an SCA.
d. Limited Facility Clearance. The Federal Government has entered into Industrial Security Agreements with certain foreign governments. These agreements establish arrangements whereby a foreign-owned U.S. company may be considered eligible for an FCL. Access limitations are inherent with the granting of limited FCLs.
(1) A limited FCL may be granted upon satisfaction of the following criteria: (a) There is an Industrial Security Agreement with the foreign government of the country from which the foreign ownership is derived; (b) Access to classified information will be limited to performance on a contract, subcontract or program involving the government of the country from which foreign ownership is derived; and (c) Release of classified information must be in conformity with the U.S. National Disclosure Policy. (2) A limited FCL may also be granted when the criteria listed in paragraph (1) above cannot be satisfied, provided there exists a compelling need to do so consistent with national security interests.
2-307. Annual Review and Certification.
a. Annual Review. Representatives of the CSA shall meet at least annually with senior management officials of companies operating under a Voting Trust, Proxy Agreement, SSA, or SCA to review the purpose and effectiveness of the clearance arrangement and to establish common understanding of the operating requirements and their implementation. These reviews will also include an examination of the following:
(1) Acts of compliance or noncompliance with the approved security arrangement, standard rules, and applicable laws and regulations. (2) Problems or impediments associated with the practical application or utility of the security arrangement. (3) Whether security controls, practices, or procedures warrant adjustment.
b. Annual Certification. Depending upon the security arrangement in place, the Voting trustees, Proxy holders or the Chairman of the GSC shall submit annually to the CSA an implementation and compliance report. Such reports shall include the following:
(1) A detailed description of the manner in which the company is carrying out its obligations under the arrangement. (2) Changes to security procedures, implemented or proposed, and the reasons for those changes. (3) A detailed description of any acts of noncompliance, whether inadvertent or intentional, with a discussion of steps that were taken to prevent such acts from recurring. (4) Any changes, or impending changes, of senior management officials, or key Board members, including the reasons therefor. (5) Any changes or impending changes in the organizational structure or ownership, including any acquisitions, mergers or divestitures. (6) Any other issues that could have a bearing on the effectiveness of the applicable security clearance arrangement.
2-308. Government Security Committee (GSC).
Under a Voting Trust, Proxy Agreement, SSA and SCA, an applicant company is required to establish a permanent committee of it's Board of Directors, known as the GSC.
a. The GSC normally consists of Voting Trustees, Proxy Holders or Outside Directors, as applicable, and those officers/directors who hold PCLs.
b. The members of the GSC are required to ensure that the company maintains policies and procedures to safeguard export controlled and classified information entrusted to it.
c. The GSC shall also take the necessary steps to ensure that the company complies with U.S. export control laws and regulations and does not take action deemed adverse to performance on classified contracts. This shall include the appointment of a Technology Control Officer (TCO) and the development, approval, and implementation of a Technology Control Plan (TCP).
d. The Facility Security Officer (FSO) shall be the principal advisor to the GSC and attend GSC meetings. The Chairman of the GSC, must concur with the appointment of replacement FSOs selected by management. FSO and TCO functions shall be carried out under the authority of the GSC.
2-309. National Interest Determination.
a. A company cleared under an SSA and its cleared employees may only be afforded access to "proscribed information" with special authorization. This special authorization must be manifested by a favorable national interest determination (NID) that must be program/project/contract-specific. Access to proscribed information must be predicated on compelling evidence that release of such information to a company cleared under the SSA arrangement advances the national security interests of the United States. The authority to make this determination shall not be permitted below the Assistant Secretary or comparable level of the agency concerned.
b. A proposed NID will be prepared and sponsored by the GCA whose contract or program, is involved and it shall include the following information:
(1) Identification of the proposed awardee along with a synopsis of its foreign ownership (include solicitation and other reference numbers to identify the action); (2) General description of the procurement and performance requirements; (3) Identification of national security interests involved and the ways in which award of the contract helps advance those interests; (4) The availability of any other U.S. company with the capacity, capability, and technical expertise to satisfy acquisition, technology base, or industrial base requirements and the reasons any such company should be denied the contract; and (5) A description of any alternate means available to satisfy the requirement, and the reasons alternative means are not acceptable.
c. An NID shall be initiated by the GCA. A company may assist in the preparation of an NID, but the GCA is not obligated to pursue the matter further unless it believes further consideration to be warranted. The GCA shall, if it is supportive of the NID, forward the case through appropriate agency channels to the ultimate approval authority within that agency. If the proscribed information is under the classification or control jurisdiction of another agency, the approval of the cognizant agency is required; e.g., NSA for COMSEC, DCI for SCI, DOE for RD and FRD, the Military Departments for their TOP SECRET information, and other Executive Branch Departments and Agencies for classified information under their cognizance.
d. It is the responsibility of the cognizant approval authority to ensure that pertinent security, counterintelligence, and acquisition interests are thoroughly examined. Agency-specific case processing details and the senior official(s) responsible for rendering final approval of NID's shall be contained in the implementing regulations of the U.S. agency whose contract is involved.
2-310. Technology Control Plan.
A TCP approved by the CSA shall be developed and implemented by those companies cleared under a Voting Trust Agreement, Proxy Agreement, SSA and SCA and when otherwise deemed appropriate by the CSA. The TCP shall prescribe all security measures determined necessary to reasonably foreclose the possibility of inadvertent access by non-U.S. citizen employees and visitors to information for which they are not authorized. The TCP shall also prescribe measures designed to assure that access by non-U.S. citizens is strictly limited to only that specific information for which appropriate Federal Government disclosure authorization has been obtained; e.g., an approved export license or technical assistance agreement. Unique badging, escort, segregated work area, security indoctrination schemes, and other measures shall be included, as appropriate.
2-311. Compliance.
Failure on the part of the company to ensure compliance with the terms of any approved security arrangement may constitute grounds for revocation of the company's FCL.
CHAPTER 3
Security Training and Briefings
Section 1. Security Training and Briefings
3-100. General.
Contractors shall provide all cleared employees with security training and briefings commensurate with their involvement with classified information.
3-101. Training Materials.
Contractors may obtain defensive security, threat awareness, and other education and training information and material from their CSA or other sources.
3-102. FSO Training.
Contractors shall be responsible for ensuring that the FSO, and others performing security duties, complete security training deemed appropriate by the CSA. Training requirements shall be based on the facility's involvement with classified information and may include an FSO orientation course and for FSOs at facilities with safeguarding capability, an FSO Program Management Course. Training, if required, should be completed within 1 year of appointment to the position of FSO.
3-103. Government-Provided Briefings.
The CSA is responsible for providing initial security briefings to the FSO, and for ensuring that other briefings required for special categories of information are provided.
3-104. Temporary Help Suppliers.
A temporary help supplier, or other contractor who employs cleared individuals solely for dispatch elsewhere, shall be responsible for ensuring that required briefings are provided to their cleared personnel. The temporary help supplier or the using contractor may conduct these briefings.
3-105. Classified Information Nondisclosure Agreement (SF 312).
The SF 312 is an agreement between the United States and an individual who is cleared for access to classified information. An employee issued an initial PCL must execute an SF 312 prior to being granted access to classified information. The contractor shall forward the executed SF 312 to the CSA for retention. If the employee refuses to execute the SF 312, the contractor shall deny the employee access to classified information and submit a report to the CSA. The SF 312 shall be signed and dated by the employee and witnessed. The employee's and witness' signatures must bear the same date.
3-106. Initial Security Briefings.
Prior to being granted access to classified information, an employee shall receive an initial security briefing that includes the following:
a. A Threat Awareness Briefing.
b. A Defensive Security Briefing.
c. An overview of the security classification system.
d. Employee reporting obligations and requirements.
e. Security procedures and duties applicable to the employee's job.
3-107. Refresher Briefings.
The contractor shall conduct periodic refresher briefings for all cleared employees. As a minimum, the refresher briefing shall reinforce the information provided during the initial briefing and inform employees of appropriate changes in security regulations. Contractors may satisfy this requirement by use of audio/video materials and by issuing written materials on a regular basis.
3-108. Debriefings.
Contractors shall debrief cleared employees at the time of termination of employment (discharge, resignation, or retirement); when an employee's PCL is terminated, suspended, or revoked; and upon termination of the FCL.
CHAPTER 4
Classification and Marking
Section 1. Classification
4-100. General.
Information is classified pursuant to E.O. 12356 by an original classification authority and is designated and marked as TOP SECRET, SECRET, or CONFIDENTIAL. The designation UNCLASSIFIED is used to identify information that does not require a security classification. Except as provided by statute, (see Chapter 9) no other terms may be used to identify classified information. An original classification decision at any level can be made only by a U.S. Government official who has been delegated the authority in writing. Original classification decisions may require a security classification guide to be issued for use in making derivative classification decisions. Contractors make derivative classification decisions based on the guidance provided by the Contract Security Classification Specification that is issued with each classified contract.
4-101. Original Classification.
A determination to originally classify information may be made only when: (a) The information falls into one or more of the categories set forth in E.O. 12356, and (b) The unauthorized disclosure of the information, either by itself or in context with other information, reasonably could be expected to cause damage to the national security.
4-102. Derivative Classification Responsibilities.
Contractors who, extract, or summarize classified information, or who apply classification markings derived from a source document, or as directed by a classification guide or a Contract Security Classification Specification, are making derivative classification decisions. The FSO shall ensure that all employees authorized to perform derivative classification actions are sufficiently trained and that they possess, or have ready access to, the pertinent classification guides and/or guidance necessary to fulfill these important actions. Any specialized training required to implement these responsibilities will be provided by the CSA upon request.
a. The manager or supervisor at the operational level where material is being produced or assembled shall determine the necessity, currency, and accuracy of the classification applied to that material.
b. The manager or supervisor whose signature or other form of approval is required before material is transmitted outside the facility shall determine the necessity, currency, and accuracy of the security classification applied to that material.
c. Individual employees who copy or extract classified information from another document, or who reproduce or translate an entire document, shall be responsible for (1) Marking the new document or copy with the same classification markings as applied to the information or document from which the new document or copy was prepared and (2) Challenging the classification if there is reason to believe the information is classified unnecessarily or improperly.
d. Questions on the classification assigned to reference material are referred as indicated in paragraph 11-206.
e. Commensurate with their involvement, security classification guidance, shall be provided to all employees, including but not limited to, other cleared locations, sales, marketing, technical, production, accounting, clerical, and overseas personnel who have access to classified information in connection with performance on a classified contract.
f. Appropriate security classification guidance shall be provided to subcontractors in connection with classified subcontracts. Subcontractors assume the security classification responsibilities of prime contractors in relation to their subcontractors. (See Chapter 7 for Subcontracting.)
4-103. Security Classification Guidance.
The GCA is responsible for incorporating appropriate security requirements clauses in a classified contract and for providing the contractor with the security classification guidance needed during the performance of the contract. This guidance is provided to a contractor by means of the Contract Security Classification Specification. The Contract Security Classification Specification must identify the specific elements of classified information involved in the contract which require security protection. Contractors shall, to the extent practicable, advise and assist in the development of the original Contract Security Classification Specification. It is the contractor's responsibility to understand and apply all aspects of the classification guidance. Classification guidance is, not withstanding the contractor's input, the exclusive responsibility of the GCA, and the final determination of the appropriate classification for the information rests with that activity. The Contract Security Classification Specification is a contractual specification necessary for performance on a classified contract. If a classified contract is received without a Contract Security Classification Specification, the contractor shall advise the GCA.
a. The GCA is required to issue an original Contract Security Classification Specification to a contractor in connection with an IFB, RFP, RFQ, or other solicitation; and with the award of a contract that will require access to, or development of, classified information in the performance of the classified contract.
b. The GCA is required to review the existing guidance periodically during the performance stages of the contract and to issue a revised Contract Security Classification Specification when a change occurs to the existing guidance or when additional security classification guidance is needed by the contractor.
c. Upon completion of a classified contract, the contractor must dispose of the classified information in accordance with Chapter 5, Section 7. If the GCA does not advise to the contrary, the contractor may retain classified material for a period of 2 years following completion of the contract. The Contract Security Classification Specification will continue in effect for this 2-year period. If the GCA determines the contractor has a continuing need for the material, the GCA must issue a final Contract Security Classification Specification for the classified contract. A final specification is provided to show the retention period and to provide final disposition instructions for the classified material under the contract.
4-104. Challenges to Classification.
Contractors who believe (a) That information is classified improperly or unnecessarily; or (b) That current security considerations justify downgrading to a lower classification or upgrading to a higher classification; or (c) That the security classification guidance provided is improper or inadequate, are required to discuss such issues with the pertinent GCA for remedy. If a solution is not forthcoming, and the contractor believes that corrective action is still required, a formal challenge shall be made to the agency that originally classified the information. Such challenges shall include a description sufficient to identify the issue, the reasons why the contractor believes that corrective action is required, and any recommendations for appropriate corrective action. In any case, the information in question shall be safeguarded as required by this Manual for its assigned or proposed level of classification, whichever is higher, until action is completed. If no answer is received within 45 days, the CSA may be requested to provide assistance in obtaining a response. The fact that a contractor has initiated such a challenge will not, in any way, serve as a basis for adverse action by the Government. If a contractor believes that adverse action did result from a classification challenge, full details should be furnished promptly to the ISOO for resolution.
4-105. Contractor Developed Information.
Whenever a contractor develops an unsolicited proposal or originates information not in the performance of a classified contract, the following rules shall apply:
a. If the information was previously identified as classified, it shall be classified in accordance with an appropriate Contract Security Classification Specification, classification guide, or source document and marked as required by this Chapter.
b. If the information was not previously classified, but the contractor believes the information may, or should, be classified, the contractor should protect the information as though classified at the appropriate level and submit it to the agency that has an interest in the subject matter for a classification determination. In such a case, the following marking, or one that clearly conveys the same meaning, may be used:
CLASSIFICATION DETERMINATION PENDING- Protect as though classified (TOP SECRET, SECRET, or CONFIDENTIAL).
This marking shall appear conspicuously at least once on the material but no further markings are necessary until a classification determination is received. In addition, contractors are not precluded from marking such material as company-private or proprietary information. Pending a final classification determination, the contractor should protect the information. It should be noted however, that E.O. 12356 prohibits classification of information over which the Government has no jurisdiction. To be eligible for classification, the information must (1) Incorporate classified information to which the contractor was given prior access, or (2) The Government must first acquire a proprietary interest in the information.
4-106. Classified Information Appearing in Public Media.
The fact that classified information has been made public does not mean that it is automatically declassified. Contractors shall continue the classification until formally advised to the contrary. Questions as to the propriety of continued classification in these cases should be brought to the immediate attention of the GCA.
4-107. Downgrading or Declassifying Classified Information.
Information is downgraded or declassified based on the loss of sensitivity of the information due to the passage of time or on occurrence of a specific event. Contractors downgrade or declassify information based on the guidance provided in a Contract Security Classification Specification, upon formal notification, or as shown on the material. These actions constitute implementation of a directed action rather than an exercise of the authority for deciding the change or cancellation of the classification. At the time the material is actually downgraded or declassified, the action to update records and change the classification markings shall be initiated and performed. Declassification, either automatically or by individual review, is not automatically an approval for public disclosure.
Section 2. Marking Requirements
4-200. General.
Physically marking classified information with appropriate classification markings serves to warn and inform holders of the degree of protection required to protect it. Other notations facilitate downgrading, declassification, and aid in derivative classification actions. Therefore, it is essential that all classified information and material be marked to clearly convey to the holder the level of classification assigned, the portions that contain or reveal classified information, the period of time protection is required, and any other notations required for protection of the information or material.
4-201. Marking Requirements for Information and Material.
As a general rule, the markings specified in paragraphs 4-202 through 4-208 are required for all classified information, regardless of the form in which it appears. Some material, such as documents, letters, and reports, can be easily marked with the required markings. Marking other material, such as equipment, AIS media, and slides, will be more difficult due to size or other physical characteristics. Since the principal purpose of the markings is to alert the holder that the information requires special protection, it is essential that all classified material be marked to the fullest extent possible to ensure that it is afforded the necessary safeguards.
4-202. Identification Markings.
All classified material shall be marked to show the name and address of the facility responsible for its preparation, and the date of preparation. These markings are required on the face of all classified documents.
4-203. Overall Markings.
The highest level of classified information contained in a document is its overall marking. The overall marking shall be conspicuously marked or stamped at the top and bottom on the outside of the front cover (if any), on the title page (if any), on the first page, and on the outside of the back cover (if any). If the document does not have a back cover, the outside of the back or last page, which may serve as a cover, may also be marked at the top and bottom with the overall classification of the document. All copies of classified documents shall also bear the required markings. Overall markings shall be stamped, printed, etched, written, engraved, painted, or affixed by means of a tag, sticker, decal, or similar device on classified material, other than documents, and on containers of such material, if possible. If marking the material or container is not practical, written notification of the markings shall be furnished to recipients.
4-204. Page Markings.
Interior pages of classified documents shall be conspicuously marked or stamped at the top and bottom with the highest classification of the information appearing thereon, or the designation UNCLASSIFIED, if all the information on the page is UNCLASSIFIED. Alternatively, the overall classification of the document may be conspicuously marked or stamped at the top and bottom of each interior page, when necessary to achieve production efficiency, and the particular information to which classification is assigned is adequately identified by portion markings in accordance with 4-206. In any case, the classification marking of a page shall not supersede a lower level of classification indicated by a portion marking applicable to information on that page.
4-205. Component Markings.
The major components of complex documents are likely to be used separately. In such cases, each major component shall be marked as a separate document. Examples include: (a) each annex, appendix, or similar component of a plan, program, or project description; (b) attachments and appendices to a letter; and (c) each major part of a report. If an entire major component is UNCLASSIFIED, the first page of the component may be marked at the top and bottom with the designation UNCLASSIFIED and a statement included, such as: "All portions of this (annex, appendix, etc.) are UNCLASSIFIED." When this method of marking is used, no further markings are required on the unclassified major component.
4-206. Portion Markings.
Each section, part, paragraph, or similar portion of a classified document shall be marked to show the highest level of its classification, or that the portion is unclassified. Portions of documents shall be marked in a manner that eliminates doubt as to which of its portions contain or reveal classified information. For the purpose of applying these markings, a portion or paragraph shall be considered a distinct section or subdivision of a chapter, letter, or document dealing with a particular point or idea which begins on a new line and is often indented. Classification levels of portions of a document shall be shown by the appropriate classification symbol placed immediately following the portion's letter or number, or in the absence of letters or numbers, immediately before the beginning of the portion. In marking portions, the parenthetical symbols (TS) for TOP SECRET, (S) for SECRET, (C) for CONFIDENTIAL, and (U) for UNCLASSIFIED shall be used.
a. Portions of U.S. documents containing foreign government information shall be marked to reflect the foreign country of origin as well as the appropriate classification, for example, (U.K.-C).
b. Portions of U.S. documents containing extracts from NATO documents shall be marked to reflect "NATO" or "COSMIC" as well as the appropriate classification, for example, (NATO-S) or (COSMIC-TS).
c. When illustrations, photographs, figures, graphs, drawings, charts, or similar portions are contained in classified documents they shall be marked clearly to show their classified or unclassified status. These classification markings shall not be abbreviated and shall be prominent and placed within or contiguous (touching or near) to such a portion. Captions of such portions shall be marked on the basis of their content alone by placing the symbol (TS), (S), (C), or (U) immediately preceding the caption.
d. If, in an exceptional situation, parenthetical marking of the portions is determined to be impractical, the classified document shall contain a description sufficient to identify the exact information that is classified and the classification level(s) assigned to it. For example, each portion of a document need not be separately marked if all portions are classified at the same level, provided a full explanation is included in the document.
4-207. Subject and Title Markings.
Unclassified subjects and titles shall be selected for classified documents, if possible. An unclassified subject or title shall be marked with a (U) placed immediately following and to the right of the item. A classified subject or title shall be marked with the appropriate symbol (TS), (S), or (C) placed immediately following and to the right of the item.
4-208. Markings for the "Classified by," "Downgrade to," or "Declassify on" Lines.
All classified information shall be marked to reflect the source of the classification; downgrading instructions, if appropriate; and declassification instructions. The markings used to show this information are as follows:
CLASSIFIED BY DOWNGRADE TO ON DECLASSIFY ON
Documents shall show the required information either on the cover, first page, title page, or in another prominent position. Other material shall show the required information on the material itself or, if not practical, in related or accompanying documentation.
a. The "CLASSIFIED BY" Line. The purpose of the "Classified by" line is to provide justification for the classification applied to the material by the contractor and to trace it to the contract under which it was prepared. In completing the "Classified by" line, the contractor shall identify the applicable guidance that authorizes the classification of the material. Normally this will be a Contract Security Classification Specification for a contractor. However, many Contract Security Classification Specifications cite more than one security guide and many times the contractor is extracting information from a classified source document. In these cases, the contractor may cite the Contract Security Classification Specification, use the phrase "multiple sources" or cite the specific guide or source document that authorizes the classification. When the phrase "multiple sources" is used, the contractor shall maintain records that support the classification for the duration of the contract under which the material was created. These records may take the form of a bibliography identifying the applicable classification sources and be included in the text of a document or they may be maintained separately. When identifying the Contract Security Classification Specification on the "Classified by" line, always include the date of the Contract Security Classification Specification and the specific contract number for which it was issued. The "Classified by" line is not required on electronic messages.
b. The "DECLASSIFY ON" Line. The purpose of the "Declassify On" line is to provide any declassification instructions appropriate for the material. When completing this line, the contractor shall use the information specified in the Contract Security Classification Specification or guide furnished with a classified contract or cite the source document. Material containing Restricted Data or Formerly Restricted Data shall not have a "Declassify On" line.
c. The "DOWNGRADE TO" Line. The purpose of the "Downgrade To" line is to provide any downgrading instructions appropriate for the material. When completing this line, the contractor shall insert SECRET or CONFIDENTIAL and an effective date or event as indicated in the Contract Security Classification Specification, a guide, or the source document.
4-209. Extracts of Information.
Most classified material originated under recent Executive orders contains overall, portion, paragraph, and appropriate downgrading and declassification markings that will provide sufficient guidance for the classification of extracted information. However, some classified material may not have these markings. If contractors encounter source documents that do not provide the needed markings the following procedures apply.
a. Information extracted from a classified source document shall be classified according to the classification markings on the source.
(1) If the source document contains portion markings, the classification of the extracted portions shall be carried forth to the new material. (2) If the source document does not contain portion markings, the overall classification of the source document shall be carried forth to the extracted information in the new document. (3) If the new material is classified based on "multiple sources," the highest level of classification contained in the document shall be shown as the overall classification on the new material.
b. Downgrading and declassification markings shown on the source shall be carried forth to the new material.
(1) If only one source is used, the downgrading and declassification markings shown on the source shall be carried forth to the new material. If no date or event is shown on the source, the new material shall show "Originating Agency's Determination Required" or "OADR" on the "Declassify on" line. (2) If the new material is classified based on "multiple sources," the most remote date or event for declassification shown on any source shall be assigned to the new material. If any source shows "OADR," or no date of event is shown, the "Declassify on" line on the new document or material shall show "Originating Agency's Determination Required" or "OADR."
c. If the contractor requires more definitive guidance, the originator of the source document, or the GCA that provided the document, may be contacted and requested to provide appropriate markings or an appropriate security classification guide. In any case, the classification markings for a source document are the responsibility of the originator, and not the contractor extracting the information. Contractors are encouraged to contact the originator to avoid improper or unnecessary classification of material.
4-210. Marking Special Types of Material.
The following procedures are for marking special types of material, but are not all inclusive. The procedures cover the types of materials that are most often produced by contractors and may be varied to accommodate the physical characteristics of the material, organizational and operational requirements, and ultimate use of the item produced. The intent of the markings is to ensure that the classification of the item, regardless of its form, is clear to the holder.
a. Files, Folders, or Groups of Documents. Files, folders, binders, envelopes, and other items, containing classified documents, when not in secure storage, shall be conspicuously marked with the highest classification of any classified item included therein. Cover sheets may be used for this purpose.
b. Messages. Electronically transmitted messages shall be marked in the same manner required for other documents except as noted herein. The overall classification of the message shall be the first item of information in the text. A "Classified By" line is not required on messages. When messages are printed by an automated system, all markings may be applied by that system, provided the classification markings are clearly distinguished from the printed text. Included in the last line of text of the message is the date or event for declassification or the notation Originating Agency's Determination Required or OADR, and the downgrading action, if applicable. In record communications systems, electronically transmitted messages shall be marked in accordance with JANAP 128 format requirements.
c. Microforms. Microforms contain images or text in sizes too small to be read by the unaided eye. The applicable markings specified in 4-202 through 4-208 shall be conspicuously marked on the microform medium or its container, to be readable by the unaided eye. These markings shall also be included on the image so that when the image is enlarged and displayed or printed, the markings will be conspicuous and readable. Further markings and handling shall be as appropriate for the particular microform involved.
d. Translations. Translations of U.S. classified information into a language other than English shall be marked to show the U.S. as the country of origin, with the appropriate U.S. markings as specified in 4-202 through 4-208, and the foreign language equivalent thereof.(See Appendix B).
4-211. Marking Transmittal Documents.
A transmittal document shall be marked with the highest level of classified information contained therein and with an appropriate notation to indicate its classification when the enclosures are removed. An unclassified document that transmits a classified document as an attachment shall bear a notation substantially as follows: Unclassified when Separated from Classified Enclosures. A classified transmittal that transmits higher classified information shall be marked with a notation substantially as follows: CONFIDENTIAL (or SECRET) when Separated from Enclosures. In addition, a classified transmittal itself must bear all the classification markings required by this Manual for a classified document.
4-212. Marking Wholly Unclassified Material.
Normally, wholly UNCLASSIFIED material will not be marked or stamped UNCLASSIFIED unless it is essential to convey to a recipient of such material that: (a) The material has been examined specifically with a view to impose a security classification and has been determined not to require classification; or (b) The material has been reviewed and has been determined to no longer require classification and it is declassified.
4-213. Marking Compilations.
a. Documents. In some instances, certain information that would otherwise be unclassified when standing alone may require classification when combined or associated with other unclassified information. When classification is required to protect a compilation of such information, the overall classification assigned to the document shall be conspicuously marked or stamped at the top and bottom of each page and on the outside of the front and back covers, if any. The reason for classifying the compilation shall be stated at an appropriate location at or near the beginning of the document. In this instance, the portions of a document classified in this manner need not be marked.
b. Portions of a Document. If a classified document contains certain portions that are unclassified when standing alone, but classified information will be revealed when they are combined or associated, those portions shall be marked as unclassified, the page shall be marked with the highest classification of any information on the page, and a statement shall be added to the page, or to the document, to explain the classification of the combination or association to the holder. This method of marking may also be used if classified portions on a page, or within a document, will reveal a higher classification when they are combined or associated than when they are standing alone.
4-214. Marking Miscellaneous Material.
Unless a requirement exists to retain material such as rejects, typewriter ribbons, carbons, and similar items for a specific purpose, there is no need to mark, stamp, or otherwise indicate that the material is classified. (NOTE: Such material developed in connection with the handling, processing, production, and utilization of classified information shall be handled in a manner that ensures adequate protection of the classified information involved and destruction at the earliest practical time.)
4-215. Marking Training Material.
Unclassified documents or material that are created to simulate or demonstrate classified documents or material shall be clearly marked to indicate the actual UNCLASSIFIED status of the information. For example: SECRET FOR TRAINING PURPOSES ONLY, OTHERWISE UNCLASSIFIED or UNCLASSIFIED SAMPLE, or a similar marking may be used.
4-216. Marking Downgraded or Declassified Material.
Classified information, which is downgraded or declassified, shall be promptly and conspicuously marked to indicate the change. If the volume of material is such that prompt remarking of each classified item cannot be accomplished without unduly interfering with operations, a downgrading and declassification notice may be attached to the inside of the file drawers or other storage container in lieu of the remarking otherwise required. Each notice shall specify the authority for the downgrading or declassification action, the date of the action, and the storage container to which it applies. When documents or other material subject to downgrading or declassification are withdrawn from the container solely for transfer to another, or when the container is transferred from one place to another, the transfer may be made without remarking, if the notice is attached to the new container or remains with each shipment. When the documents or material are withdrawn for use or for transmittal outside the facility, they shall be remarked in accordance with a or b below.
a. Automatic Downgrading or Declassification Actions. Holders of classified material may take automatic downgrading or declassification actions as specified by the markings on the material without further authority for the action. All old classification markings shall be canceled and the new markings substituted, whenever practical. In the case of documents, as a minimum, the outside of the front cover (if any), the title page (if any), the first page, and the outside of the back cover (if any), shall reflect the new classification markings, or the designation UNCLASSIFIED. Other material shall be remarked by the most practical method for the type of material involved to ensure that it is clear to the holder what level of classification is assigned to the material. Old markings shall be canceled, if possible, on the material itself. If not practical, the material may be marked by affixing new decals, tags, stickers, and the like to the material or its container.
b. Other than Automatic Downgrading or Declassification Actions. When contractors are notified of downgrading or declassification actions that are contrary to the markings shown on the material, the material shall be remarked to indicate the change. All old classification markings shall be canceled and the new markings substituted, whenever practical. In the case of documents, as a minimum, the outside of the front cover (if any), the title page (if any), the first page, and the outside of the back cover (if any), shall reflect the new classification markings or the designation UNCLASSIFIED. In addition, the material shall be marked to indicate the authority for the action, the date of the action, and the identity of the person or contractor taking the action. Other holders shall be notified if further dissemination has been made by the contractor.
4-217. Upgrading Action.
When a notice is received to upgrade material to a higher level, for example from CONFIDENTIAL to SECRET, the new markings shall be immediately entered on the material in accordance with the notice to upgrade, and all the superseded markings shall be obliterated. The authority for, and the date of, the upgrading action shall be entered on the material. As appropriate, other holders shall be notified if further dissemination of the material has been made by the contractor. (See 4-218 below).
4-218. Miscellaneous Actions.
If classified material is inadvertently distributed outside the facility without the proper classification assigned to it, or without any markings to identify the material as classified, the contractor shall, as appropriate:
a. Determine whether all holders of the material are cleared and are authorized access to it.
b. Determine whether control of the material has been lost.
c. If recipients are cleared for access to the material, promptly provide written notice to all holders of the proper classification to be assigned. If control of the material has been lost, if all copies cannot be accounted for, or if unauthorized personnel have had access to it, report the compromise to the CSA.
d. In the case of classified material being upgraded, the contractor's written notice shall not be classified unless the notice contains additional information warranting classification. In the case of material which was inadvertently released as UNCLASSIFIED, the contractor's written notice shall be classified CONFIDENTIAL, unless it contains additional information warranting a higher classification. The notice shall cite the applicable Contract Security Classification Specification or other classification guide on the "Classified by" line and be marked with an appropriate declassification instruction.
4-219. Documents Generated Under Previous Executive Orders.
Documents classified under previous executive orders need not be remarked to comply with the marking requirements of E.O. 12356. Any automatic downgrading or declassification action specified on such documents may be taken without further authority. Information extracted from these documents for use in new documents shall be marked for downgrading or declassification action as specified on the source document. If automatic markings are not included on the source documents, the documents shall remain classified until authority is obtained from the originating agency for downgrading or declassification action. Information extracted from such documents for use in new documents shall specify "Originating Agency's Determination Required" on the "Declassify on" line.
CHAPTER 5
Safeguarding Classified Information
Section 1. General Safeguarding Requirements
5-100. General.
Contractors shall be responsible for safeguarding classified information in their custody or under their control. Individuals are responsible for safeguarding classified information entrusted to them. The extent of protection afforded classified information shall be sufficient to reasonably foreclose the possibility of its loss or compromise.
5-101. Safeguarding Oral Discussions.
Contractors shall ensure that all cleared employees are aware of the prohibition against discussing classified information over unsecured telephones, in public conveyances or places, or in any other manner that permits interception by unauthorized persons.
5-102. End of Day Security Checks.
a. Contractors that store classified material shall establish a system of security checks at the close of each working day to ensure that all classified material and security repositories have been appropriately secured.
b. Contractors that operate multiple work shifts shall perform the security checks at the end of the last working shift in which classified material had been removed from storage for use. The checks are not required during continuous 24-hour operations.
5-103. Perimeter Controls.
Contractors authorized to store classified material shall establish and maintain a system to deter and detect unauthorized introduction or removal of classified material from their facility. The objective is to discourage the introduction or removal of classified material without proper authority. If the unauthorized introduction or removal of classified material can be reasonably foreclosed through technical means, which are encouraged, no further controls are necessary. Employees who have a legitimate need to remove or transport classified material should be provided appropriate authorization media for passing through designated entry/exit points. The fact that persons who enter or depart the facility are subject to an inspection of their personal effects shall be conspicuously posted at all pertinent entries and exits.
a. All persons who enter or exit the facility shall be subject to an inspection of their personal effects, except under circumstances where the possibility of access to classified material is remote. Inspections shall be limited to buildings or areas where classified work is being performed. Inspections are not required of wallets, change purses, clothing, cosmetic cases, or other objects of an unusually personal nature.
b. The extent, frequency, and location of inspections shall be accomplished in a manner consistent with contractual obligations and operational efficiency. Inspections may be done using any appropriate random sampling technique. Contractors are encouraged to seek legal advice during the formulation of implementing procedures and to surface significant problems to the CSA.
5-104. Emergency Procedures.
Contractors shall develop procedures for safeguarding classified material in emergency situations. The procedures shall be as simple and practical as possible and should be adaptable to any type of emergency that may reasonably arise. Contractors shall promptly report to the CSA, any emergency situation which renders the facility incapable of safeguarding classified material.
Section 2. Control and Accountability
5-200. General.
Contractors shall establish an information management system and control the classified information in their possession.
5-201. Policy.
The document accountability system for SECRET material is eliminated as a security protection measure, except for highly sensitive program information and where special conditions exist as approved by the GCA. Contractors shall ensure that classified information in their custody is used or retained only in furtherance of a lawful and authorized U.S. Government purpose. The U.S. Government reserves the right to retrieve its classified material or to cause appropriate disposition of the material by the contractor. The information management system employed by the contractor shall be capable of facilitating such retrieval and disposition in a reasonable period of time.
5-202. External Receipt and Dispatch Records.
Contractors shall maintain a record that reflects: (a) The date of the material; (b) The date of receipt or dispatch; (c) The classification; (d) An unclassified description of the material; and (e) The identity of the activity from which the material was received or to which the material was dispatched. Receipt and dispatch records shall be retained for 2 years.
5-203. Accountability for TOP SECRET.
a. TOP SECRET control officials shall be designated to receive, transmit, and maintain access and accountability records for TOP SECRET information. An inventory shall be conducted annually unless written relief is granted by the GCA.
b. The transmittal of TOP SECRET information shall be covered by a continuous receipt system both within and outside the facility.
c. Each item of TOP SECRET material shall be numbered in series. The copy number shall be placed on TOP SECRET documents and on all associated transaction documents.
5-204. Receiving Classified Material.
All classified material shall be delivered directly to designated personnel. When U.S. Registered Mail, U.S. Express Mail, U.S. Certified Mail, or classified material delivered by messenger is not received directly by designated personnel, procedures shall be established to ensure that the material is received by authorized persons for prompt delivery or notice to authorized personnel. The material shall be examined for evidence of tampering and the classified contents shall be checked against the receipt. Discrepancies in the contents of a package, or absence of a receipt for TOP SECRET and SECRET material, shall be reported promptly to the sender. If the shipment is in order, the receipt shall be signed and returned to the sender. If a receipt is included with CONFIDENTIAL material, it shall be signed and returned to the sender.
5-205. Generation of Classified Material.
a. A record of TOP SECRET material produced by the contractor shall be made when the material is: (1) Completed as a finished document; (2) Retained for more than 30 days after creation, regardless of the stage of development; or (3) Transmitted outside the facility.
b. Classified working papers, such as, notes and rough drafts generated by the contractor in the preparation of a finished document shall be: (1) Dated when created; (2) Marked with its overall classification, and with the annotation "WORKING PAPERS;" and (3) Destroyed when no longer needed.
Section 3. Storage and Storage Equipment
5-300. General.
This Section describes the uniform requirements for the physical protection of classified material in the custody of contractors. Where these requirements are not appropriate for protecting specific types or forms of classified material, compensatory provisions shall be developed and approved by the CSA. Nothing in this Manual shall be construed to contradict or inhibit compliance with the law or building codes. Cognizant security officials shall work to meet appropriate security needs according to the intent of this Manual and at acceptable cost.
5-301. General Services Administration (GSA) Storage Equipment.
GSA establishes and publishes uniform standards, specifications, and supply schedules for security containers, vault door and frame units, and key-operated and combination padlocks suitable for the storage and protection of classified information. Manufacturers, and prices of storage equipment approved by the GSA, are listed in the Federal Supply Schedule (FSS) catalog (FSC GROUP 71-Part III). Copies of specifications and schedules may be obtained from any regional office of the GSA.
5-302. TOP SECRET Storage.
TOP SECRET material shall be stored in a GSA-approved security container, an approved vault or an approved Closed Area. Supplemental protection is required.
5-303. SECRET Storage.
SECRET material shall be stored in the same manner as TOP SECRET material without supplemental protection or as follows:
a. A safe, steel file cabinet, or safe-type steel file container that has an automatic unit locking mechanism. All such receptacles will be accorded supplemental protection during non-working hours.
b. Any steel file cabinet that has four sides and a top and bottom (all permanently attached by welding, rivets or peened bolts so the contents cannot be removed without leaving visible evidence of entry) and is secured by a rigid metal lock bar and an approved key operated or combination padlock. The keepers of the rigid metal lock bar shall be secured to the cabinet by welding, rivets, or bolts, so they cannot be removed and replaced without leaving evidence of the entry. The drawers of the container shall be held securely, so their contents cannot be removed without forcing open the drawer. This type cabinet will be accorded supplemental protection during non-working hours.
5-304. CONFIDENTIAL Storage.
CONFIDENTIAL material shall be stored in the same manner as TOP SECRET or SECRET material except that no supplemental protection is required.
5-305. Restricted Areas.
When it is necessary to control access to classified material in an open area during working hours, a Restricted Area may be established. A Restricted Area will normally become necessary when it is impractical or impossible to protect classified material because of its size, quantity or other unusual characteristic. The Restricted Area shall have a clearly defined perimeter, but physical barriers are not required. Personnel within the area shall be responsible for challenging all persons who may lack appropriate access authority. All classified material will be secured during non-working hours in approved repositories or secured using other methods approved by the CSA.
5-306. Closed Areas.
Due to the size and nature of the classified material, or operational necessity, it may be necessary to construct Closed Areas for storage because GSA-approved containers or vaults are unsuitable or impractical. Closed Areas must be approved by the CSA and be constructed in accordance with Section 8 of this Chapter. Access to Closed Areas must be controlled to preclude unauthorized access. This may be accomplished through the use of a cleared employee or by a supplanting access control device or system. Access shall be limited to authorized persons who have an appropriate security clearance and a need-to-know for the classified material/information within the area. Persons without the appropriate level of clearance and/or need to know shall be escorted at all times by an authorized person where inadvertent or unauthorized exposure to classified information cannot otherwise be effectively prevented. The Closed Area shall be accorded supplemental protection during non-working hours. During such hours, admittance to the area shall be controlled by locked entrances and exits secured by either an approved built-in combination lock or an approved combination or key-operated padlock. However, doors secured from the inside with a panic bolt (for example, actuated by a panic bar), a dead bolt, a rigid wood or metal bar, or other means approved by the CSA, will not require additional locking devices.
a. Open shelf or bin storage of classified documents in Closed Areas requires CSA approval. Only areas protected by an approved intrusion detection system will qualify for such approval.
b. The CSA and the contractor shall agree on the need to establish, and the extent of, Closed Areas prior to the award of the contract, when possible, or at such subsequent time as the need for such areas becomes apparent during performance on the contract.
5-307. Supplemental Protection.
a. Intrusion Detection Systems as described in Section 9 of this Chapter shall be used as supplemental protection for all storage containers, vaults and Closed Areas approved for storage of classified material following publication of this Manual.
b. Security guards approved as supplemental protection prior to publication of this Manual may continue to be utilized. When guards are authorized, the schedule of patrol is 2 hours for TOP SECRET material and 4 hours for SECRET material.
c. GSA-approved security containers and approved vaults secured with a locking mechanism meeting Federal Specification FF-L-2740, do not require supplemental protection when the CSA has determined that the GSA-approved security container or approved vault is located in an area of the facility with security-in-depth.
5-308. Protection of Combinations to Security Containers, Cabinets, Vaults and Closed Areas.
Only a minimum number of authorized persons shall have knowledge of combinations to authorized storage containers. Containers shall bear no external markings indicating the level of classified material authorized for storage.
a. A record of the names of persons having knowledge of the combination shall be maintained.
b. Security containers, vaults, cabinets, and other authorized storage containers shall be kept locked when not under the direct supervision of an authorized person entrusted with the contents.
c. The combination shall be safeguarded in accordance with the highest classification of the material authorized for storage in the container. Superseded combinations shall be destroyed.
d. If a record is made of a combination, the record shall be marked with the highest classification of material authorized for storage in the container.
5-309. Changing Combinations.
Combinations shall be changed by a person authorized access to the contents of the container, or by the FSO or his or her designee. Combinations shall be changed as follows:
a. The initial use of an approved container or lock for the protection of classified material.
b. The termination of employment of any person having knowledge of the combination, or when the clearance granted to any such person has been withdrawn, suspended, or revoked.
c. The compromise or suspected compromise of a container or its combination, or discovery of a container left unlocked and unattended.
d. At other times when considered necessary by the FSO or CSA.
5-310. Supervision of Keys and Padlocks.
Use of key-operated padlocks are subject to the following requirements: (i) a key and lock custodian shall be appointed to ensure proper custody and handling of keys and locks used for protection of classified material; (ii) a key and lock control register shall be maintained to identify keys for each lock and their current location and custody; (iii) keys and locks shall be audited each month; (iv) keys shall be inventoried with each change of custody; (v) keys shall not be removed from the premises; (vi) keys and spare locks shall be protected equivalent to the level of classified material involved; (vii) locks shall be changed or rotated at least annually, and shall be replaced after loss or compromise of their operable keys; and (viii) making master keys is prohibited.
5-311. Repair of Approved Containers.
Repairs, maintenance, or other actions that affect the physical integrity of a security container approved for storage of classified information shall be accomplished only by appropriately cleared or continuously escorted personnel specifically trained in approved methods of maintenance and repair of containers.
a. An approved security container is considered to have been restored to its original state of security integrity if all damaged or altered parts are replaced with manufacturer's replacement or identical cannibalized parts.
b. GSA-approved containers manufactured prior to October 1990, and often referred to as BLACK labeled containers, can be neutralized by drilling a hole adjacent to or through the dial ring of the container, thereby providing access into the locking mechanism to open the lock. Before replacement of the damaged locking mechanism, the drill hole will have to be repaired with a plug which can be: (1) A tapered, hardened tool-steel pin; (2) A steel dowel; (3) A drill bit; or (4) A steel ball bearing. The plug must be of a diameter slightly larger than the hole, and of such length that when driven into the hole there shall remain at each end a shallow recess not less than 1/8 inch or more than 3/16 inch deep to permit the acceptance of substantial welds. Additionally, the plug must be welded on both the inside and outside surfaces. The outside of the drawer or door must then be puttied, sanded, and repainted in such a way that no visible evidence of the hole or its repair remains after replacement of the damaged parts with the new lock.
c. GSA-approved containers manufactured after October 1990 and containers equipped with combination locks meeting Federal specification FF-L-2740 require a different method of repair. These containers, sometimes referred to as RED labeled containers, have a substantial increase in lock protection which makes the traditional method of drilling extremely difficult. The process for neutralizing a lockout involves cutting the lock bolts by sawing through the control drawerhead. The only authorized repair is replacement of the drawerhead and locking bolts.
d. Approved security containers that have been drilled or repaired in a manner other than as described above, shall not be considered to have been restored to their original integrity. The "Protection" label on the outside of the locking drawer's side and the "General Services Administration Approved Security Container" label on the face of the top drawer shall be removed.
e. A container repaired using other methods than those described above shall not be used for storage of TOP SECRET material, but may be used for storage of Secret material with the approval of the CSA and for storage of CONFIDENTIAL material with the approval of the FSO.
f. A list shall be maintained by the FSO of all approved containers that have sustained significant damage. Each container listed shall be identified by giving its location and a description of the damage. There shall also be on file a signed and dated certification, provided by the repairer, setting forth the method of repair used.
5-312. Supplanting Access Control Systems or Devices.
Automated access control systems and electronic, mechanical, or electromechanical devices which meet the criteria stated in paragraphs 5-313 and 5-314, below, may be used to supplant contractor-authorized employees or guards to control admittance to Closed and Restricted Areas during working hours. Approval of the FSO is required before effecting the installation of a supplanting access control device to meet a requirement of this Manual.
5-313. Automated Access Control Systems.
The automated access control system must be capable of identifying the individual entering the area and authenticating that person's authority to enter the area.
a. Manufacturers of automated access control equipment or devices must assure in writing that their system will meet the following standards before FSO's may favorably consider such systems for protection of classified information:
(1) Chances of an unauthorized individual gaining access through normal operation of the equipment are no more than one in ten thousand. (2) Chances of an authorized individual being rejected for access through normal operation of the equipment are no more than one in one thousand.
b. Identification of individuals entering the area can be obtained by an identification (ID) badge or card, or by personal identity.
(1) The ID badge or card must use embedded sensors, integrated circuits, magnetic stripes or other means of encoding data that identifies the facility and the individual to whom the card is issued. (2) Personal identity verification identifies the individual requesting access by some unique personal characteristic, such as, (a) Fingerprint, (b) Hand geometry, (c) Handwriting, (d) Retina, or (e) Voice recognition.
c. In conjunction with an ID badge or card or personal identity verification, a personal identification number (PIN) is required. The PIN must be separately entered into the system by each individual using a keypad device. The PIN shall consist of four or more digits, randomly selected with no known or logical association with the individual. The PIN must be changed when it is believed to have been subjected to compromise.
d. Authentication of the individual's authorization to enter the area must be accomplished within the system by comparing the inputs from the ID badge or card or the personal identity verification device and the keypad with an electronic database of individuals authorized into the area. A procedure must be established for removal of the individual's authorization to enter the area upon reassignment, transfer or termination, or when the individual's personnel clearance is suspended or revoked.
e. Locations where access transactions are, or can be displayed, and where authorization data, card encoded data and personal identification or verification data is input, stored, displayed, or recorded must be protected.
f. Control panels, card readers, keypads, communication or interface devices located outside the entrance to a Closed Area shall have tamper resistant enclosures, be securely fastened to a wall or other structure, be protected by a tamper alarm or secured with an approved combination padlock. Control panels located within a Closed Area shall require only a minimal degree of physical security protection sufficient to preclude unauthorized access to the mechanism. Where areas containing TOP SECRET information are involved, tamper alarm protection is mandatory.
g. Systems that utilize transmission lines to carry access authorization, personal identification, or verification data between devices/equipment located outside the Closed Area shall receive circuit protection equal to or greater than that specified as Grade A by UL.
h. Access to records and information concerning encoded ID data and PINs shall be restricted to individuals cleared at the same level as the highest classified information contained within the specific area or areas in which ID data or PINs are utilized. Access to identification or authorization data, operating system software or any identifying data associated with the access control system shall be limited to the least number of personnel possible. Such data or software shall be kept secured when unattended.
i. Records reflecting active assignments of ID badges/cards, PINs, levels of access, personnel clearances, and similar system related records shall be maintained. Records concerning personnel removed from the system shall be retained for 90 days.
j. Personnel entering or leaving an area shall be required to immediately secure the entrance or exit point. Authorized personnel who permit another individual entrance into the area are responsible for confirming the individual's clearance and need-to-know. During shift changes and emergency situations, if the door remains open, admittance shall be controlled by a contractor-authorized employee or guard stationed to supervise the entrance to the area.
5-314. Electronic, Mechanical, or Electro-mechanical Devices.
Provided the classified material within the Closed Area is no higher than SECRET, electronic, mechanical, or electro-mechanical devices that meet the criteria stated in this paragraph may be used to supplant contractor authorized employees or guards to control admittance to Closed Areas during working hours. Devices may be used that operate by either a push-button combination that activates the locking device or by a control card used in conjunction with a push-button combination, thereby excluding any system that operates solely by the use of a control card.
a. The electronic control panel containing the mechanical mechanism by which the combination is set may be located inside or outside the Closed Area. When located outside the Closed Area, the control panel shall be securely fastened or attached to the perimeter barrier of the area and secured by an approved combination padlock. If the control panel is located within the Closed Area, it shall require only a minimal degree of physical security designed to preclude unauthorized access to the mechanism.
b. The control panel shall be installed in a manner that precludes an unauthorized person in the immediate vicinity from observing the selection of the correct combination of the push buttons, or have a shielding device mounted.
c. The selection and setting of the combination shall be accomplished by an employee of the contractor who is authorized to enter the area. The combination shall be changed as specified in paragraph 5-309. The combination shall be classified and safeguarded in accordance with the classification of the highest classified material within the Closed Area.
d. Electrical gear, wiring included, or mechanical links (cables, rods, etc.) shall be accessible only from inside the area, or shall be secured within a protective covering to preclude surreptitious manipulation of components.
e. Personnel entering or leaving the area shall be required to immediately lock the entrance or exit point. Authorized personnel who permit another individual entrance into the area are responsible for confirming the individual's personnel clearance and need-to-know. During shift changes and emergency situations, if the door remains open, admittance shall be controlled by a contractor authorized employee or guard stationed to supervise the entrance to the area.
Section 4. Transmission
5-400. General.
Classified material shall be transmitted outside the contractor's facility in a manner that prevents loss or unauthorized access.
5-401. Preparation and Receipting.
a. Classified information to be transmitted outside of a facility shall be enclosed in opaque inner and outer covers. The inner cover shall be a sealed wrapper or envelope plainly marked with the assigned classification and addresses of both sender and addressee. The outer cover shall be sealed and addressed with no identification of the classification of its contents. A receipt shall be attached to or enclosed in the inner cover, except that CONFIDENTIAL information shall require a receipt only if the sender deems it necessary. The receipt shall identify the sender, the addressee and the document, but shall contain no classified information. It shall be signed by the recipient, returned to the sender, and retained for 2 years.
b. A suspense system will be established to track transmitted documents until a signed copy of the receipt is returned.
c. When the material is of a size, weight, or nature that precludes the use of envelopes, the materials used for packaging shall be of such strength and durability to ensure the necessary protection while the material is in transit.
5-402. TOP SECRET Transmission Outside a Facility.
Written authorization of the GCA is required to transmit TOP SECRET information outside of the facility. TOP SECRET material may be transmitted by the following methods within and directly between the U.S., Puerto Rico, or a U.S. possession or trust territory.
a. The Defense Courier Service (DCS), if authorized by the GCA.
b. A designated courier or escort cleared for access to TOP SECRET information.
c. By electrical means over CSA approved secured communications security circuits provided such transmission conforms with this Manual, the telecommunications security provisions of the contract, or as otherwise authorized by the GCA.
5-403. SECRET Transmission Outside a Facility.
SECRET material may be transmitted by one of the following methods within and directly between the U.S., Puerto Rico, or a U.S. possession or trust territory:
a. By the methods established for TOP SECRET.
b. U.S. Postal Service Express Mail and U.S.Postal Service Registered Mail. NOTE: The "Waiver of Signature and Indemnity" block on the U.S. Postal Service Express Mail Label 11-B may not be executed and the use of external (street side) express mail collection boxes is prohibited.
c. A cleared "Commercial Carrier."
d. A cleared commercial messenger service engaged in the intracity/local area delivery (same day delivery only) of classified material.
e. A commercial delivery company, approved by the CSA, that provides nation wide, overnight service with computer tracing and reporting features. Such companies need not be security cleared.
f. Other methods as directed, in writing, by the GCA.
5-404. CONFIDENTIAL Transmission Outside a Facility.
CONFIDENTIAL material shall be transmitted by the methods established for SECRET material or by U.S. Postal Service Certified Mail.
5-405. Transmission Outside the U.S., Puerto Rico, or a U.S.
Possession or Trust Territory.
Classified material may be transmitted to a U.S. Government activity outside the U.S., Puerto Rico, or a U.S. possession or trust territory only under the provisions of a classified contract or with the written authorization of the GCA.
a. TOP SECRET may be transmitted by the Defense Courier Service, Department of State Courier System, or a courier service authorized by the GCA.
b. SECRET and CONFIDENTIAL may be transmitted by: (1) Registered mail through U.S. Army, Navy, or Air Force postal facilities; (2) By an appropriately cleared contractor employee; (3) By a U.S. civil service employee or military person, who has been designated by the GCA; (4) By U.S. and Canadian registered mail with registered mail receipt to and from Canada and via a U.S. or a Canadian government activity; or (5) As authorized by the GCA.
5-406. Addressing Classified Material.
Mail or shipments containing classified material shall be addressed to the Commander or approved classified mailing address of a federal activity or to a cleared contractor using the name and classified mailing address of the facility. An individual's name shall not appear on the outer cover. This does not prevent the use of office code letters, numbers, or phrases in an attention line to aid in internal routing.
a. When it is necessary to direct SECRET or CONFIDENTIAL material to the attention of a particular individual, other than as prescribed below, the identity of the intended recipient shall be indicated on an attention line placed in the letter of transmittal or on the inner container or wrapper.
b. When addressing SECRET or CONFIDENTIAL material to an individual operating as an independent consultant, or to any facility at which only one employee is assigned, the outer container shall specify:
"TO BE OPENED BY ADDRESSEE ONLY" and be annotated: "POSTMASTER-DO NOT FORWARD. IF UNDELIVERABLE TO ADDRESSEE, RETURN TO SENDER."
5-407. Transmission Within a Facility.
Classified material may be transmitted within a facility without single or double-wrapping provided adequate measures are taken to protect the material against unauthorized disclosure.
5-408. SECRET Transmission by Commercial Carrier.
SECRET material may be shipped by a commercial carrier that has been approved by the CSA to transport SECRET shipments. Commercial carriers may be used only within and between the 48 contiguous States and the District of Columbia or wholly within Alaska, Hawaii, Puerto Rico, or a U.S. possession or trust territory. When the services of a commercial carrier are required, the contractor, as consignor, shall be responsible for the following.
a. The material shall be prepared for transmission to afford additional protection against pilferage, theft, and compromise as follows.
(1) The material shall be shipped in hardened containers unless specifically authorized otherwise by the contracting agency. (2) Carrier equipment shall be sealed by the contractor or a representative of the carrier, when there is a full carload, a full truckload, exclusive use of the vehicle, or a closed and locked compartment of the carrier's equipment is used. The seals shall be numbered and the numbers indicated on all copies of the bill of lading (BL). When seals are used, the BL shall be annotated substantially as follows: DO NOT BREAK SEALS EXCEPT IN CASE OF EMERGENCY OR UPON PRIOR AUTHORITY OF THE CONSIGNOR OR CONSIGNEE. IF FOUND BROKEN OR IF BROKEN FOR EMERGENCY REASONS, APPLY CARRIER'S SEALS AS SOON AS POSSIBLE AND IMMEDIATELY NOTIFY BOTH THE CONSIGNOR AND THE CONSIGNEE. (3) For DoD contractors the notation "Protective Security Service Required" shall be reflected on all copies of the BL. The BL will be maintained in a suspense file to follow-up on overdue or delayed shipments.
b. The contractor shall utilize a qualified carrier selected by the U.S. Government that will provide a single-line service from point of origin to destination, when such service is available, or by such transshipping procedures as may be specified by the U.S. Government.
c. The contractor shall request routing instructions, including designation of a qualified carrier, from the GCA or designated representative (normally the government transportation officer). The request shall specify that the routing instructions are required for the shipment of SECRET material and include the point of origin and point of destination.
d. The contractor shall notify the consignee (including U.S. Government transshipping activity) of the nature of the shipment, the means of the shipment, numbers of the seals, if used, and the anticipated time and date of arrival by separate communication at least 24 hours in advance, (or immediately on dispatch if transit time is less than 24 hours) of the arrival of the shipment. This notification shall be addressed to the appropriate organizational entity and not to an individual. Request that the consignee activity (including a military transshipping activity) notify the consignor of any shipment not received within 48 hours after the estimated time of arrival indicated by the consignor.
e. In addition, the contractor shall annotate the BL:
"CARRIER TO NOTIFY THE CONSIGNOR AND CONSIGNEE (Telephone Numbers) IMMEDIATELY IF SHIPMENT IS DELAYED BECAUSE OF AN ACCIDENT OR INCIDENT. IF NEITHER CAN BE REACHED, CONTACT (Enter appropriate HOTLINE Number). USE HOTLINE NUMBER TO OBTAIN SAFE HAVEN OR REFUGE INSTRUCTIONS IN THE EVENT OF A CIVIL DISORDER, NATURAL DISASTER, CARRIER STRIKE OR OTHER EMERGENCY."
5-409. CONFIDENTIAL Transmission by Commercial Carrier.
CONFIDENTIAL material may be shipped by a CSA or GCA-approved commercial carrier. For DoD contractors a commercial carrier who is authorized by law, regulatory body, or regulation to provide the required transportation service shall be used when a determination has been made by the Military Traffic Management Command (MTMC) that the carrier has a tariff, government tender, agreement, or contract that provides Constant Surveillance Service. Commercial carriers may be used only within and between the 48 contiguous states and the District of Columbia or wholly within Alaska, Hawaii, Puerto Rico, or a U.S. possession or trust territory. An FCL is not required for the commercial carrier. The contractor, as consignor, shall:
a. Utilize containers of such strength and durability as to provide security protection to prevent items from breaking out of the container and to facilitate the detection of any tampering with the container while in transit;
b. For DoD contractors indicate on the BL, "Constant Surveillance Service Required." In addition, annotate the BL as indicated in 5-408e.
c. Instruct the carrier to ship packages weighing less than 200 pounds gross in a closed vehicle or a closed portion of the carrier's equipment.
5-410. Use of Couriers, Handcarriers, and Escorts.
Contractors who designate cleared employees as couriers, handcarriers, and escorts shall ensure that:
a. They are briefed on their responsibility to safeguard classified information.
b. They possess an identification card or badge, which contains the contractor's name and the name and a photograph of the employee.
c. The employee retains classified material in his or her personal possession at all times. Arrangements shall be made in advance of departure for overnight storage at a U.S. Government installation or at a cleared contractor's facility that has appropriate storage capability, if needed.
d. If the classified material is being handcarried to a classified meeting or on a visit an inventory of the material shall be made prior to departure. A copy of the inventory shall be carried by the employee. On the employee's return to the facility, an inventory shall be made of the material for which the employee was charged. If the material is not returned, a receipt shall be obtained and the transaction shall be recorded in the dispatch records. A receipt is not required for CONFIDENTIAL material.
5-411. Use of Commercial Passenger Aircraft for Transmitting Classified Material.
Classified material may be handcarried aboard commercial passenger aircraft by cleared employees with the approval of the FSO. The contractor shall adhere to the procedures contained in FAA Advisory Circular (AC 108-3), "Screening of Persons Carrying U.S. Classified Material." A copy of AC 108-3 is available from the CSA.
a. Routine Processing. Employees handcarrying classified material will be subject to routine processing by airline security agents. Hand-held packages will normally be screened by x-ray examination. If air carrier personnel are not satisfied with the results of the inspection, and the prospective passenger is requested to open a classified package for visual examination the traveler shall inform the screener that the carry-on items contain U.S. Government classified information and cannot be opened. Under no circumstances may the classified material be opened by the traveler or air carrier personnel.
b. Special Processing. When routine processing would subject the classified material to compromise or damage; when visual examination is or may be required to successfully screen a classified package; or when classified material is in specialized containers which due to its size, weight, or other physical characteristics cannot be routinely processed, the contractor shall contact the appropriate air carrier in advance to explain the particular circumstances and obtain instructions on the special screening procedures to be followed.
c. Authorization Letter. Contractors shall provide employees with written authorization to handcarry classified material on commercial aircraft. The written authorization shall:
(1) Provide the full name, date of birth, height, weight, and signature of the traveler and state that he or she is authorized to transmit classified material; (2) Describe the type of identification the traveler will present on request; (3) Describe the material being handcarried and request that it be exempt from opening; (4) Identify the points of departure, destination, and known transfer points; (5) Include the name, telephone number, and signature of the FSO, and the location and telephone number of the CSA.
5-412. Use of Escorts for Classified Shipments.
A sufficient number of escorts shall be assigned to each classified shipment to ensure continuous surveillance and control over the shipment while in transit. Specific written instructions and operating procedures shall be furnished escorts prior to shipping and shall include the following:
a. Name and address of persons, including alternates, to whom the classified material is to be delivered;
b. Receipting procedures;
c. Means of transportation and the route to be used;
d. Duties of each escort during movement, during stops en route, and during loading and unloading operations; and
e. Emergency and communication procedures.
5-413. Functions of an Escort.
Escorts shall be responsible for the following.
a. Accept custody for the shipment by signing a receipt and release custody of the shipment to the consignee, after obtaining a signed receipt.
b. When accompanying a classified shipment in an express or freight car, provide continuous observation of the containers and observe adjacent areas during stops or layovers.
c. When traveling in an escort car accompanying a classified shipment via rail, keep the shipment cars under observation and detrain at stops, when practical and time permits, in order to guard the shipment cars and check the cars or containers locks and seals. The escort car (after arrangements with the railroad) should be pre-positioned immediately behind the car used for the classified shipment to enable the escort to keep the shipment car under observation.
d. Maintain liaison with train crews, other railroad personnel, special police, and law enforcement agencies, as necessary.
e. When escorting classified shipments via motor vehicles, maintain continuous vigilance for the presence of conditions or situations that might threaten the security of the cargo, take such action as circumstances might require to avoid interference with continuous safe passage of the vehicle, check seals and locks at each stop where time permits, and observe vehicles and adjacent areas during stops or layovers.
f. When escorting shipments via aircraft, provide continuous observation of plane and cargo during ground stops and of cargo during loading and unloading operations. The escort shall not board the plane until after the cargo area is secured. Furthermore, the escort should preferably be the first person to depart the plane to observe the opening of the cargo area. Advance arrangements with the airline are required.
g. Notify the consignor by the fastest means available if there is an unforeseen delay en route, an alternate route is used, or an emergency occurs. If appropriate and the security of the shipment is involved, notify the nearest law enforcement official.
Section 5. Disclosure
5-500. General.
Contractors shall ensure that classified information is disclosed only to authorized persons.
5-501. Disclosure to Employees.
Contractors are authorized to disclose classified information to their cleared employees as necessary for the performance of tasks or services essential to the fulfillment of a classified contract or subcontract.
5-502. Disclosure to Subcontractors.
Unless specifically prohibited by this Manual, contractors are authorized to disclose classified information to a cleared subcontractor when access is necessary for the performance of tasks or services essential to the fulfillment of a prime contract or a subcontract.
5-503. Disclosure between Parent and Subsidiaries.
Disclosure of classified information between a parent and its subsidiaries, or between subsidiaries, shall be accomplished in the same manner as prescribed in 5-502 for subcontractors.
5-504. Disclosure in an MFO.
Disclosure of classified information between cleared facilities of the MFO shall be accomplished in the same manner as prescribed in 5-501 for employees.
5-505. Disclosure to DoD Activities.
Contractors are authorized to disclose classified information received or generated under a DoD classified contract to another DoD activity unless specifically prohibited by the DoD activity that has classification jurisdiction over the information.
5-506. Disclosure to Federal Agencies.
Contractors shall not disclose classified information received or generated under a contract from one agency to any other federal agency unless specifically authorized by the agency that has classification jurisdiction over the information.
5-507. Disclosure of Classified Information to Foreign Persons.
Contractors shall not disclose classified information to foreign persons unless release of the information is authorized in writing by the Government Agency having classification jurisdiction over the information involved, e.g. DOE or NRC for RD and FRD, NSA for COMSEC, and the DCI for SCI, and all other Executive Branch Departments and agencies for classified information under their jurisdiction. The disclosure must also be consistent with applicable U.S. laws and regulations.
5-508. Disclosure of Export Controlled Information to Foreign Persons.
Contractors shall not disclose export-controlled information and technology (classified or unclassified) to a foreign person, whether an employee or not, or whether disclosure occurs in the United States or abroad, unless such disclosure is in compliance with applicable U.S. laws and regulations.
5-509. Disclosure to Other Contractors. Contractors shall not disclose classified information to another contractor except (a) In furtherance of a contract or subcontract; (b) As authorized by this Manual; or (c) With the written approval of the agency with classification jurisdiction over the information involved.
5-510. Disclosure to Courts and Attorneys.
Contractors shall not disclose classified information to federal or state courts, or to attorneys hired solely to represent the contractor in a criminal or civil case, except in accordance with special instructions of the agency that has jurisdiction over the information. (see paragraph 1-209).
5-511. Disclosure to the Public.
Contractors shall not disclose classified or unclassified information pertaining to a classified contract to the public without prior review and clearance as specified in the Contract Security Classification Specification for the contract or as otherwise specified by the CSA or GCA.
a. Requests for approval shall be submitted through the activity specified in the GCA-provided classification guidance for the contract involved. Each request shall indicate the approximate date the contractor intends to release the information for public disclosure and identify the media to be used for the initial release. A copy of each approved request for release shall be retained for a period of one inspection cycle for review by the CSA. All information developed subsequent to the initial approval shall also be cleared by the appropriate office prior to public disclosure.
b. The following information need not be submitted for approval unless specifically prohibited by the CSA or GCA:
(1) The fact that a contract has been received, including the subject matter of the contract and/or type of item in general terms provided the name or description of the subject matter is not classified. (2) The method or type of contract; such as, bid, negotiated, or letter. (3) Total dollar amount of the contract unless that information equates to, (a) A level of effort in a sensitive research area or (b) Quantities of stocks of certain weapons and equipment that are classified. (4) Whether the contract will require the hiring or termination of employees. (5) Other information that from time-to-time may be authorized on a case-by-case basis in a specific agreement with the contractor. (6) Information previously officially approved for public disclosure.
c. The procedures of this paragraph also apply to information pertaining to classified contracts intended for use in unclassified brochures, promotional sales literature, reports to stockholders, or similar type material.
d. Information that has been declassified is not automatically authorized for public disclosure. Contractors shall request approval for public disclosure of "declassified" information, in accordance with the procedures of this paragraph.
Section 6. Reproduction
5-600. General.
Contractors shall establish a reproduction control system to ensure that reproduction of classified material is held to the minimum consistent with contractual and operational requirements. Classified reproduction shall be accomplished by authorized employees knowledgeable of the procedures for classified reproduction. The use of technology that prevents, discourages, or detects the unauthorized reproduction of classified documents is encouraged.
5-601. Limitations.
a. TOP SECRET documents may be reproduced as necessary in the preparation and delivery of a contract deliverable. Reproduction for any other purpose requires the consent of the GCA.
b. Unless restricted by the GCA, SECRET and CONFIDENTIAL documents may be reproduced as follows:
(1) Performance of a prime contract or a subcontract in furtherance of a prime contract. (2) Preparation of a solicited or unsolicited bid, quotation, or proposal to a Federal agency or prospective subcontractor. (3) Preparation of patent applications to be filed in the U.S. Patent Office.
c. Reproduced copies of classified documents shall be subject to the same protection as the original documents.
5-602. Marking Reproductions.
All reproductions of classified material shall be conspicuously marked with the same classification markings as the material being reproduced. Copies of classified material shall be reviewed after the reproduction process to ensure that these markings are visible. 5-603. Records.
Contractors shall maintain a record of the reproduction of all TOP SECRET material. The record shall be retained for 2 years.
Section 7. Disposition and Retention
5-700. General.
Classified information no longer needed shall be processed for appropriate disposition. Classified information approved for destruction shall be destroyed in accordance with this Section. The method of destruction must preclude recognition or reconstruction of the classified information or material.
a. All classified material received or generated in the performance of a classified contract shall be returned on completion of the contract unless the material has been declassified, destroyed, or retention of the material has been authorized.
b. Contractors shall establish procedures for review of their classified holdings on a recurring basis to reduce these classified inventories to the minimum necessary for effective and efficient operations. Multiple copies, obsolete material, and classified waste shall be destroyed as soon as practical after it has served its purpose. Any appropriate downgrading and declassification actions shall be taken on a timely basis to reduce the volume and to lower the level of classified material being retained by the contractor.
5-701. Disposition of Classified.
Contractors shall return or destroy classified material in accordance with the following schedule:
a. If a bid, proposal, or quote is not submitted or is withdrawn, within 180 days after the opening date of bids, proposals, or quotes.
b. If a bid, proposal, or quote is not accepted, within 180 days after notification that a bid, proposal, or quote has not been accepted.
c. If a successful bidder, within 2 years after final delivery of goods and services, or after completion or termination of the classified contract, whichever comes first.
d. If the classified material was not received under a specific contract, such as material obtained at classified meetings or from a secondary distribution center, within 1 year after receipt.
5-702. Retention of Classified Material.
Contractors desiring to retain classified material received or generated under a contract may do so for a period of 2 years after completion of the contract, provided the GCA does not advise to the contrary. If retention is required beyond the 2 year period, the contractor must request and receive written retention authority from the GCA.
a. Contractors shall identify classified material for retention as follows:
(1) TOP SECRET material shall be identified in a list of specific documents unless the GCA authorizes identification by subject matter and approximate number of documents. (2) SECRET and CONFIDENTIAL material may be identified by general subject matter and the approximate number of documents.
b. Contractors shall include a statement of justification for retention based on the following:
(1) The material is necessary for the maintenance of the contractor's essential records. (2) The material is patentable or proprietary data to which the contractor has title. (3) The material will assist the contractor in independent research and development efforts. (4) The material will benefit the U.S. Government in the performance of other prospective or existing Government agency contracts. (5) The material is being retained in accordance with the "records retention clause" of the contract. (6) The material will benefit the U.S. Government in the performance of another active contract and will be transferred to that contract (specify contract).
5-703. Termination of Security Agreement.
Notwithstanding the provisions for retention outlined above, in the event that the FCL is to be terminated, the contractor shall return all classified material in its possession to the GCA concerned, or dispose of such material in accordance with instructions from the CSA.
5-704. Destruction.
Contractors shall destroy classified material in their possession as soon as possible after it has serves the purpose for which it was, (a) Released by the government, (b) Developed or prepared by the contractor, and (c) Retained after completion or termination of the contract.
5-705. Methods of Destruction.
Classified material may be destroyed by burning, shredding, pulping, melting, mutilation, chemical decomposition, or pulverizing (for example, hammer mills, choppers, and hybridized disintegration equipment). Pulpers, pulverizers, or shedders may be used only for the destruction of paper products. High wet Strength paper, paper mylar, durable-medium paper substitute, or similar water repellent type papers are not sufficiently destroyed by pulping; other methods such as disintegration, shredding, or burning shall be used to destroy these types of papers. Residue shall be inspected during each destruction to ensure that classified information cannot be reconstructed. Crosscut shredders shall be designed to produce residue particle size not exceeding 1/32 inch in width (with a 1/64 inch tolerance by 1/2 inch in length. Classified material in microform; that is, microfilm, microfiche, or similar high data density material may be destroyed by burning or chemical decomposition, or other methods as approved by the CSA.
a. Public destruction facilities may be used only with the approval of, and under conditions prescribed by, the CSA.
b. Classified material removed from a cleared facility for destruction shall be destroyed on the same day it is removed.
5-706. Witness to Destruction.
Classified material shall be destroyed by appropriately cleared employees of the contractor. These individuals shall have a full understanding of their responsibilities. For destruction of TOP SECRET material, two persons are required. For destruction of SECRET and CONFIDENTIAL material, one person is required.
5-707. Destruction Records.
Destruction records are required for TOP SECRET material. The records shall indicate the date of destruction, identify the material destroyed, and be signed by the individuals designated to destroy and witness the destruction. Destruction officials shall be required to know, through their personal knowledge, that such material was destroyed. At the contractor's discretion, the destruction information required may be combined with other required control records. Destruction records shall be maintained by the contractor for 2 years.
5-708. Classified Waste.
Classified waste shall be destroyed as soon as practical. This applies to all waste material containing classified information. Pending destruction, classified waste shall be safeguarded as required for the level of classified material involved. Receptacles utilized to accumulate classified waste shall be clearly identified as containing classified material.
Section 8. Construction Requirements
5-800. General.
This Section describes the construction requirements for Closed Areas and vaults. Construction shall conform to the requirements of this Section or, with CSA approval, to the standards of DCID 1/21 (Manual for Physical Security Standards for Sensitive Compartmented Information Facilities.)
5-801. Construction Requirements for Closed Areas.
This paragraph specifies the minimum safeguards and standards required for the construction of Closed Areas that are approved for use for safeguarding classified material. These criteria and standards apply to all new construction and reconstruction, alterations, modifications, and repairs of existing areas. They will also be used for evaluating the adequacy of existing areas.
a. Hardware. Only heavy duty builder's hardware shall be used in construction. Hardware accessible from outside the area shall be peened, pinned, brazed, or spotwelded to preclude removal.
b. Walls. Construction may be of plaster, gypsum wallboard, metal panels, hardboard, wood, plywood, glass, wire mesh, expanded metal, or other materials offering resistance to, and evidence of, unauthorized entry into the area. If insert-type panels are used, a method shall be devised to prevent the removal of such panels without leaving visual evidence of tampering. If visual access is a factor, area barrier walls up to a height of 8 feet shall be of opaque or translucent construction.
c. Windows. The openings for windows which open, that are less than 18 feet from an access point (for example, another window outside the area, roof, ledge, or door) shall be fitted with 1/2-inch bars (separated by no more than 6 inches), plus crossbars to prevent spreading, 18 gauge expanded metal, or wire mesh securely fastened on the inside. When visual access of classified information is a factor, the windows shall be covered by any practical method, such as drapes, blinds, or painting or covering the inside of the glass. During nonworking hours, the windows shall be closed and securely fastened to preclude surreptitious entry.
d. Doors. Doors shall be substantially constructed of wood or metal. When windows, louvers, baffle plates, or similar openings are used, they shall be secured with 18 gauge expanded metal or with wire mesh securely fastened on the inside. If visual access is a factor, the windows shall be covered. When doors are used in pairs, an astragal (overlapping molding) shall be installed where the doors meet.
e. Door Locking Devices. Entrance doors shall be secured with either an approved built-in combination lock, an approved combination padlock, or with an approved key-operated padlock. Other doors shall be secured from the inside with a panic bolt (for example, actuated by a panic bar); a dead bolt; a rigid wood or metal bar, (which shall preclude "springing") which extends across the width of the door and is held in position by solid clamps, preferably on the door casing; or by other means approved by the CSA consistent with relevant fire and safety codes.
f. Ceilings. Ceilings shall be constructed of plaster, gypsum wall board material, panels, hardboard, wood, plywood, ceiling tile, or other material offering similar resistance to and detection of unauthorized entry. Wire mesh, or other non-opaque material offering similar resistance to, and evidence of, unauthorized entry into the area may be used if visual access to classified material is not a factor.
g. Ceilings (Unusual Cases). When wall barriers do not extend to the true ceiling and a false ceiling is created, the false ceiling must be reinforced with wire mesh or 18 gauge expanded metal to serve as the true ceiling. When wire mesh or expanded metal is used, it must overlap the adjoining walls and be secured in a manner that precludes removal without leaving evidence of tampering. When wall barriers of an area do extend to the true ceiling and a false ceiling is added, there is no necessity for reinforcing the false ceiling. When there is a valid justification for not erecting a solid ceiling as part of the area, such as the use of overhead cranes for the movement of bulky equipment within the area, the contractor shall ensure that surreptitious entry cannot be obtained by entering the area over the top of the barrier walls.
h. Miscellaneous Openings. Where ducts, pipes, registers, sewers, and tunnels are of such size and shape as to permit unauthorized entry, (in excess of 96 square inches in area and over 6 inches in its smallest dimension) they shall be secured by 18 gauge expanded metal or wire mesh, or, by rigid metal bars 1/2-inch in diameter extending across their width, with a maximum space of 6 inches between the bars. The rigid metal bars shall be securely fastened at both ends to preclude removal and shall have crossbars to prevent spreading. When wire mesh, expanded metal, or rigid metal bars are used, they must ensure that classified material cannot be removed through the openings with the aid of any type instrument. Expanded metal, wire mesh or rigid metal bars are not required if an IDS is used as supplemental protection.
5-802. Construction Required for Vaults.
This paragraph specifies the minimum standards required for the construction of vaults approved for use as storage facilities for classified material. These standards apply to all new construction and reconstruction, alterations, modifications, and repairs of existing vaults. They will also be used for evaluating the adequacy of existing vaults. In addition to the requirements given below, the wall, floor, and roof construction shall be in accordance with nationally recognized standards of structural practice. For the vaults described below, the concrete shall be poured in place, and will have a compressive strength of 2,500 pounds per square inch.
a. Floor. The floor must be a monolithic concrete construction of the thickness of adjacent concrete floor construction, but not less than 4 inches thick.
b. Walls. Wall must be not less than 8-inch-thick hollow clay tile (vertical cell double shells) or concrete blocks (thick shells). Monolithic steel-reinforced concrete walls at least 4 inches thick may also be used. Where hollow clay tiles are used and such masonry units are flush, or in contact with, facility exterior walls, they shall be filled with concrete and steel-reinforced bars. Walls are to extend to the underside of the roof or ceiling above.
c. Roof/Ceiling. The roof or ceiling must be a monolithic reinforced concrete slab of thickness to be determined by structural requirements.
d. Vault Door and Frame Unit. A GSA-approved vault door and frame unit shall be used.
e. Miscellaneous Openings. Omission of all miscellaneous openings is desirable, but not mandatory. Openings of such size and shape as to permit unauthorized entry, (normally in excess of 96 square inches in area and over 6 inches in its smallest dimension) and openings for ducts, pipes, registers, sewers and tunnels shall be equipped with man-safe barriers such as wire mesh, 18 gauge expanded metal, or rigid metal bars of at least 1/2 inch in diameter extending across their width with a maximum space of 6 inches between the bars. The rigid metal bars shall be securely fastened at both ends to preclude removal and shall have crossbars to prevent spreading. Where wire mesh, expanded metal, or rigid metal bars are used, care shall be exercised to ensure that classified material within the vault cannot be removed with the aid of any type of instrument. Pipes and conduits entering the vault shall enter through walls that are not common to the vault and the structure housing the vault. Preferably such pipes and conduits should be installed when the vault is constructed. If this is not practical, they shall be carried through snug-fitting pipe sleeves cast in the concrete. After installation, the annular space between the sleeve and the pipe or conduit shall be caulked solid with lead, wood, waterproof (silicone) caulking, or similar material, which will give evidence of surreptitious removal.
Section 9. Intrusion Detection Systems 5-900. General.
This Section specifies the minimum standards for an approved Intrusion Detection System (IDS) when supplemental protection is required for TOP SECRET and SECRET material. The IDS shall be connected to, and monitored by, a central monitoring station. Alarm system installation shall conform to the requirements of this Section or to the standards set forth in DCID 1/21 (Physical Security Standards for Sensitive Compartmented Information Facilities). The CSA will approve contingency protection procedures in the event of IDS malfunction.
5-901. CSA Approval.
CSA approval is required before installing an IDS. Approval of a new IDS shall be based on the criteria of DCID 1/21 or UL Standard 2050, as determined by the CSA. IDSs currently in use that do not meet either of these standards, such as those certified to meet Grade A service and those installed by a non-UL listed company, may continue in use until January 1, 2002.
5-902. Central Monitoring Station.
a. The central monitoring station may be located at a UL listed: (1) Defense (Government) Contractor Monitoring Station (DCMS or GCMS) formerly called a proprietary central station; (2) Cleared commercial central station; (3) Cleared protective signal service station (e.g., fire alarm monitor); or (4) Cleared residential monitoring station. For the purpose of monitoring alarms, all provide an equivalent level of monitoring service.
b. Trained alarm monitors, cleared to the SECRET level, shall be in attendance at the alarm monitoring station at all times when the IDS is in operation.
c. The central monitoring station shall be required to indicate whether or not the system is in working order and to indicate tampering with any element of the system. Necessary repairs shall be made as soon as practical. Until repairs are completed, periodic patrols shall be conducted during non-working hours, unless a SECRET cleared employee is stationed at the alarmed site.
d. When an IDS is used, it shall be activated immediately at the close of business at the alarmed area or container. This may require that the last person who departs the controlled area or checks the security container notify the central monitoring station to set the alarm. A record shall be maintained to identify the person responsible for setting and deactivating the IDS. Each failure to activate or deactivate shall be reported to the FSO. Such records shall be maintained for 30 days.
e. Records shall be maintained for 90 days indicating time of receipt of alarm; name(s) of security force personnel responding; time dispatched to facility/area; time security force personnel arrived; nature of alarm; and what follow-up actions were accomplished.
5-903. Investigative Response to Alarms.
a. The following resources may be used to investigate alarms: proprietary security force personnel, central station guards, and a subcontracted guard service.
(1) For a DCMS or GCMS, trained proprietary security force personnel, cleared to the SECRET level and sufficient in number to be dispatched immediately to investigate each alarm, shall be available at all times when the IDS is in operation. (2) For a commercial central station, protective signaling service station, or residential monitoring station, guards dispatched shall be cleared only if they have the ability and responsibility to access the area or container(s) housing classified material; i.e., keys to the facility have been provided or the personnel are authorized to enter the building or check the container or area that contains classified material. (3) Uncleared guards dispatched by a commercial central station, protective signaling service station, or residential monitoring station to an alarm shall remain on the premises until a designated, cleared representative of the facility arrives, or for a period of not less than 1 hour, whichever comes first. If a cleared representative of the facility does not arrive within 1 hour following the arrival of the guard, the central control station must provide the CSA with a report of the incident that includes the name of the subscriber facility, the date and time of the alarm, and the name of the subscriber's representative who was contacted to respond. A report shall be submitted to the CSA within 24 hours of the next working day. (NOTE: The primary purpose of any alarm response team is to ascertain if intrusion has occurred and if possible assist in the apprehension of the individuals. If an alarm activation resets in a reasonable amount of time and no physical penetration of the area or container is visible, then entrance into the area or container is not required. Therefore, the initial response team may consist of uncleared personnel. If the alarm activation does not reset or physical penetration is observed, then a cleared response team must be dispatched. The initial uncleared response team must stay on station until relieved by the cleared response team. If a cleared response team does not arrive within one hour, then a report to the CSA must be made by the close of the next business day.) (4) Subcontracted guards must be under contract with either the installing alarm company or the cleared facility.
b. The response time shall not exceed 15 minutes. When environmental factors (e.g., traffic, distance) legitimately prevent a 15 minute response time, the CSA may authorize up to a 30 minute response time. The CSA authorization shall be in writing and shall be noted on the alarm certificate. (NOTE: The UL standard for response within the time limits is 80%. That is the minimum allowable on-time response rate. Anything less than 80% is unacceptable. However, in all cases, a guard or cleared employee must arrive at the alarmed premises.)
5-904. Installation.
The IDS at the facility, area or container shall be installed by a UL listed alarm installing company or by a company approved by the CSA. When connected to a commercial central station, DCMS or GCMS protective signaling service or residential monitoring station, the service provided shall include line security (i.e., the connecting lines are electronically supervised to detect evidence of tampering or malfunction). If line security is not available, then two independent means of transmission of the alarm signal from the alarmed area to the monitoring station must be provided. In all cases, the extent of protection for a container shall be "Complete" and for an alarmed area shall be "Extent No. 3."
5-905. Certification of Compliance.
Evidence of compliance with the requirements of this Section will consist of a valid (current) UL Certificate for the appropriate category of service. This certificate will have been issued to the protected facility by UL, through the alarm installing company. The certificate serves as evidence that the alarm installing company: (a) Is listed as furnishing security systems of the category indicated; (b) Is authorized to issue the certificate of installation as representation that the equipment is in compliance with requirements established by UL for the class; and (c) Is subject to the UL field countercheck program whereby periodic inspections are made of representative alarm installations by UL personnel to verify the correctness of certification practices.
5-906. Exceptional Cases.
a. If the requirements set forth above cannot be met due to extenuating circumstances, the contractor may request CSA approval for an alarm system that is:
(1) Monitored by a central control station but responded to by a local (municipal, county, state) law enforcement organization. (2) Connected by direct wire to alarm receiving equipment located in a local (municipal, county, state) police station or public emergency service dispatch center. This alarm system is activated and deactivated by employees of the contractor, but the alarm is monitored and responded to by personnel of the monitoring police or emergency service dispatch organization. Personnel monitoring alarm signals at police stations or dispatch centers do not require PCL's. Police department response systems may be requested only when: (a) the contractor facility is located in an area where central control station services are not available with line security and/or proprietary security force personnel, or a contractually-dispatched response to an alarm signal cannot be achieved within the time limits required by the CSA, and, (b) it is impractical for the contractor to establish a DCMS or proprietary guard force at that location. Nonetheless, installation of these type systems must use UL listed equipment and be accomplished by an alarm installation company that is listed by UL for any of the following categories: 1 Defense (National) Industrial Security Systems 2 Proprietary Alarm Systems 3 Central Station Burglar Alarm Systems 4 Police - Station - Connected Burglar Alarm Systems
b. An installation proposal, explaining how the system would operate, shall be submitted to the CSA. The proposal must include sufficient justification for the granting of an exception and the full name and address of the police department that will monitor the system and provide the required response. The name and address of the UL listed company that will install the system, and inspect, maintain, and repair the equipment, shall also be furnished.
c. The contractor shall require a 15-minute response time from the police department. Arrangements shall be made with the police to immediately notify a contractor representative on receipt of the alarm. The contractor representative is required to go immediately to the facility to investigate the alarm, and to take appropriate measures to secure the classified material.
d. In exceptional cases where central station monitoring service is available, but no proprietary security force of central station or subcontracted guard response is available, and where the police department does not agree to respond to alarms, and no other manner of investigative response is available, the CSA may approve cleared employees as the sole means of response.
CHAPTER 6
Visits and Meetings
Section 1. Visits
6-100. General.
This Section applies when, in furtherance of a lawful and authorized U.S. Government purpose, it is anticipated that classified information will be disclosed during a visit to a cleared contractor or to a Federal facility.
6-101. Notification and Approval of Classified Visits.
The number of classified visits shall be held to a minimum. The contractor must determine that the visit is necessary and that the purpose of the visit cannot be achieved without access to, or disclosure of, classified information. All classified visits require advance notification to, and approval of, the organization being visited. In urgent cases, visit information may be furnished by telephone provided that it is followed up in writing.
6-102. Visits by Government Representatives.
Representatives of the Federal Government, when acting in their official capacities as inspectors, investigators, or auditors, may visit a contractor's facility without furnishing advanced notification, provided these representatives present appropriate government credentials upon arrival.
6-103. Visit Authorization Letters (VAL).
Contractors shall include the following information in all VAL's.
a. Contractor's name, address, and telephone number, assigned CAGE Code, if applicable, and certification of the level of the facility security clearance.
b. Name, date and place of birth, and citizenship of the employee intending to visit;
c. Certification of the proposed visitor's personnel clearance and any special access authorizations required for the visit;
d. Name of person(s) to be visited;
e. Purpose and sufficient justification for the visit to allow for a determination of the necessity of the visit; and
f. Date or period during which the VAL is to be valid.
6-104. Recurring Visit Arrangements.
Classified visits may be arranged for a 12 month period. Contract related visits may be arranged for the duration of the contract with the approval of the activity being visited. The requesting contractor shall notify all places honoring such visit arrangements of any change in the employee's status that will cause the visit request to be canceled prior to its normal termination date.
6-105. Need-to-Know Determination.
The responsibility for determining need-to-know in connection with a classified visit rests with the individual who will disclose classified information during the visit. Contractors shall establish procedures to ensure positive identification of visitors prior to the disclosure of any classified information.
6-106. Control of Visitors.
Contractors shall establish procedures to control the movement of visitors to ensure they are only afforded access to classified information consistent with the purpose of the visit.
6-107. Visitor Record.
Contractors shall maintain a record of all visitors to their facility who have been approved for access to classified information. The record shall indicate, (a) The visitor's name; (b) Name of the activity represented; and (c) The date of the visit.
6-108. Long-Term Visitors.
When employees of one contractor are temporarily stationed at another contractor's facility, the security procedures of the host contractor will govern.
6-109. Disclosure During Visits.
Contractors may disclose classified information during visits provided the intended recipients possess appropriate PCLs and have a need-to-know for the classified information consistent with the following:
a. Contract Related Visits. When there is a classified contractual relationship (to include all phases of pre-contract activity) between the parties involved, classified information may be disclosed without the approval of the Government agency that has jurisdiction over the information.
b. Non-contract Related Visits. When there is no classified contractual relationship between the parties, classified information may not be disclosed without the approval of the Government agency that has jurisdiction over the information.
Section 2. Meetings
6-200. General.
This Section applies to a conference, seminar, symposium, exhibit, convention, training course, or other such gathering during which classified information is disclosed, hereafter called a "meeting."
6-201. Government Sponsorship of Meetings.
Disclosure of classified information to large diverse audiences such as conferences, increases security risks. However, classified disclosure at such meetings, which serve a government purpose and at which adequate security measures have been provided in advance, may be conducted by a cleared contractor provided the meeting is authorized by a Government Agency that has agreed to assume security jurisdiction. The Government Agency must approve security arrangements, announcements, attendees, and the location of the meeting. The Government Agency may delegate certain responsibilities to a cleared contractor for the security arrangements and other actions necessary for the meeting under the general supervision of the Government Agency.
a. Requests for Authorization. Contractors desiring to conduct meetings requiring sponsorship shall submit their requests to the Government Agency having principal interest in the subject matter of each meeting. The request for authorization shall include the following information:
(1) An explanation of the Government purpose to be served by disclosing classified information at the meeting and why the use of conventional channels for release of the information will not advance those interests. (2) The subject of the meeting and scope of classified topics, to include the classification level, to be disclosed at the meeting. (3) The expected dates and location of the meeting. (4) The general content of the proposed announcement and/or invitation to be sent to prospective attendees or participants. (5) The identity of any other non-Government organization involved and a full description of the type of support it will provide. (6) A list of any foreign representatives (including their nationality, name, organizational affiliation) whose attendance at the meeting is proposed. (7) A description of the security arrangements necessary for the meeting to comply with the requirements of this Manual.
b. Location of Meetings. Classified sessions shall be held only at a Federal Government installation or a cleared contractor facility where adequate physical security and procedural controls have been approved. The authorizing Government Agency is responsible for evaluating and approving the location proposed for the meeting.
c. Security Arrangements for Meetings. The contractor shall develop the security measures and procedures to be used and obtain the authorizing agency's approval. The security arrangements must provide for the following:
(1) Announcements. Approval of the authorizing agency shall be obtained for all announcements of the meeting. Announcements shall be unclassified and shall be limited to a general description of topics expected to be presented, names of speakers, and administrative instructions for requesting invitations or participation. Classified presentations shall not be solicited in the announcement. When the meeting has been approved, announcements may only state that the Government Agency has authorized the conduct of classified sessions and will provide necessary security assistance. The announcement shall further specify that security clearances and justification to attend classified sessions are to be forwarded to the authorizing agency or its designee. Invitations to foreign persons shall be sent by the authorizing Government Agency. (2) Clearance and Need-to-know. All persons in attendance at classified sessions shall possess the requisite clearance and need-to-know for the information to be disclosed. Need-to-know shall be determined by the authorizing agency or its designee based on the justification provided. Attendance shall be authorized only to those persons whose security clearance and justification for attendance have been certified by the security officer of the organization represented. The names of all authorized attendees or participants must appear on an access list with entry permitted to the classified session only after verification of the attendee's identity based on presentation of official photographic identification, such as, a passport, contractor or U.S. Government identification card. (3) Presentations. Classified information must be authorized for disclosure in advance by the Government Agency having jurisdiction over the information to be presented. Individuals making presentations at meetings shall provide sufficient classification guidance to enable attendees to identify what information is classified and the level of classification. Classified presentations shall be delivered orally and/or visually. Copies of classified presentations or slides, etc., shall not be distributed at the classified meeting, and any classified notes or electronic recordings of classified presentations shall be classified, safeguarded, and transmitted as required by this Manual. (4) Physical Security. The physical security measures for the classified sessions shall provide for control of, access to, and dissemination of, the classified information to be presented and shall provide for secure storage capability, if necessary.
6-202. Disclosure Authority at Meetings.
A contractor desiring to disclose classified information at a meeting shall:
a. Obtain prior written authorization for each proposed disclosure of classified information from the Government Agency having jurisdiction over the information involved. The authorization may be in the form of an export license or a Government Agency exemption pursuant to Section 125.4(b)(1) of the ITAR.
b. Furnish a copy of the disclosure authorization to the Government Agency sponsoring the meeting.
c. Associations are not responsible for ensuring that classified presentations and papers of other organizations have been approved for disclosure. Authority to disclose classified information at meetings, whether disclosure is by officials of industry or government, must be granted by the Government Agency or activity that has classification jurisdiction over the information to be disclosed. Each contractor that desires to disclose classified information at a meeting is responsible for requesting and obtaining disclosure approvals.
6-203. Requests to Attend Classified Meetings.
Before a contractor employee can attend a classified meeting, the contractor shall:
a. Certify the PCL status of the employee who will attend the classified meeting.
b. Provide justification why the employee requires access to the classified information, cite the classified contract or GCA program/project involved, and forward the information to the authorizing Government agency.
CHAPTER 7
Subcontracting
Section 1. Prime Contractor Responsibilities
7-100. General.
This Chapter contains the requirements and responsibilities of a prime contractor when disclosing classified information to a subcontractor.
7-101. Responsibilities (Pre-Award).
Before a prime contractor may release, disclose classified information to a subcontractor, or cause classified information to be generated by a subcontractor, the following actions are required:
a. Determine the Security Requirements of the Subcontract.
(1) Access to classified information will be required. This is a "classified contract" within the meaning of this Manual. A "security requirements clause" and a Contract Security Classification Specification shall be incorporated in the solicitation and in the subcontract (see the "security requirements clause" in the prime contract). The subcontractor must possess an appropriate FCL and safeguarding capability if possession of classified information will be required. (a) Access will not be required in the pre-award phase. Prospective subcontractors are not required to possess a FCL to receive or bid on the solicitation. (b) Access will be required during the pre-award phase. All prospective subcontractors must possess the appropriate FCL and have safeguarding capability. (2) Access to classified information will not be required. This is not a "classified contract" within the meaning of this Manual. If the prime contract contains requirements for release or disclosure of certain information, even though, not classified, such as unclassified sensitive information, the requirements shall be incorporated in the solicitation and the subcontract.
b. Determine Clearance Status of Prospective Subcontractors.
(1) All prospective subcontractors have appropriate clearance. This determination can be made if there is an existing contractual relationship between the parties involving classified information of the same or higher category, or by contacting the CSA. (2) Some prospective subcontractors do not have appropriate clearances. The prime contractor shall request the CSA of each prospective subcontractor to initiate appropriate clearance action.
7-102. Verification of Clearance and Safeguarding Capability.
a. The prime contractor shall verify the clearance status and safeguarding capability from the CSA.
b. Verifications may be requested from the CSA by message, telephone, or letter. Telephonic confirmation normally will be provided immediately to telephone requests, and written confirmation will be furnished within 5 working days regardless of the mode of the request. Verifications shall remain valid for 3 calendar years unless superseded in writing by the CSA.
c. If a prospective subcontractor does not have the appropriate FCL or safeguarding capability, the prime contractor shall request the CSA of the subcontractor to initiate the necessary action. Requests shall include, as a minimum, the full name, address and telephone number of the requester; the full name, address, and telephone number of a contact at the facility to be processed for an FCL; the level of clearance and/or safeguarding capability required; and full justification for the request. Requests for safeguarding capability shall include a description, quantity, end-item, and classification of the information related to the proposed subcontract. Other factors necessary to assist the CSA in determining whether the prospective subcontractor meets the requirements of this Manual shall be identified, such as any special accesses involved, e.g., Restricted Data.
d. Requests to process a prospective subcontractor for an FCL must be based on a bona fide procurement need for the prospective subcontractor to have access to, or possession of, classified information. Requesting contractors shall allow sufficient lead time in connection with the award of a classified subcontract to enable an uncleared bidder to be processed for the necessary FCL. When the FCL cannot be granted in sufficient time to qualify the prospective subcontractor for participation in the current procurement action, the CSA will continue the FCL processing action to qualify the prospective subcontractor for future contract consideration provided:
(1) The delay in processing the FCL was not caused by a lack of cooperation on the part of the prospective subcontractor; (2) Future classified negotiations may occur within 12 months; and (3) There is reasonable likelihood the subcontractor may be awarded a classified subcontract.
7-103. Security Classification Guidance.
Prime contractors shall ensure that a Contract Security Classification Specification is incorporated in each classified subcontract. When preparing classification guidance for a subcontract, the prime contractor may extract pertinent information from the Contract Security Classification Specification issued with the prime contract; from security classification guides issued with the prime contract; or from any security guides that provide guidance for the classified information furnished to, or that will be generated by, the subcontractor. The Contract Security Classification Specification prepared by the prime contractor shall be signed by a designated official of the contractor. In the absence of exceptional circumstances, the classification specification shall not contain any classified information. If classified supplements are required as part of the Contract Security Classification Specification, they shall be identified and forwarded to the subcontractor by separate correspondence.
a. An original Contract Security Classification Specification shall be included with each RFQ, RFP, IFB, or other solicitation to ensure that the prospective subcontractor is aware of the security requirements of the subcontract and can plan accordingly. An original Contract Security Classification Specification shall also be included in the subcontract awarded to the successful bidder.
b. A revised Contract Security Classification Specification shall be issued as necessary during the lifetime of the subcontract when the security requirements change.
7-104. Responsibilities (Performance).
Prime contractors shall review the security requirements during the different stages of the subcontract and provide the subcontractor with applicable changes in the security requirements. Requests for public release by a subcontractor shall be forwarded through the prime contractor to the GCA.
7-105. Responsibilities (Completion of the Subcontract).
Upon completion of the subcontract, the subcontractor may retain classified material received or generated under the subcontract for a 2-year period, provided the prime contractor or GCA does not advise to the contrary. If retention is required beyond the 2-year period, the subcontractor must request written retention authority through the prime contractor to the GCA. If retention authority is approved by the GCA, the prime contractor will issue a final Contract Security Classification Specification, annotated to provide the retention period and final disposition instructions.
7-106. Notification of Unsatisfactory Conditions.
The prime contractor will be notified if the CSA discovers unsatisfactory security conditions in a subcontractor's facility. When so notified, the prime contractor shall follow the instructions received relative to what action, if any, should be taken in order to safeguard classified material relating to the subcontract.
CHAPTER 8
Automated Information System Security
Section 1. Responsibilities
8-100. General.
a. Computer and networking systems (collectively referred to as Automated Information Systems (AISs)) used to capture, create, store, process or distribute classified information must be operated so that the information is protected against unauthorized disclosure or modification.
b. Protection requires a balanced approach that includes AIS features as well as administrative, operational, physical, and personnel controls. Protection is commensurate with the classification level and category of the information, the threat, and the operational requirements associated with the environment of the AIS.
8-101. Scope.
This Chapter describes the minimum security requirements for an AIS processing classified information.
8-102. Responsibilities.
a. The CSA shall establish a line of authority for oversight, review, inspection, certification, and accreditation of AISs used by its contractors.
b. The contractor shall publish and promulgate an AIS Security Policy that addresses the classified processing environment. The contractor shall appoint an Information Systems Security Representative (ISSR) whose responsibilities are to:
(1) Maintain liaison with the CSA. (2) Implement and administer the contractor's AIS Security Policy. (3) Ensure the preparation of an AIS Security Plan (AISSP). (4) Ensure the establishment and maintenance of security safeguards and access controls. (5) Ensure that users have the security clearance, special access authorizations, and need-to-know for the information that they can access. (6) Ensure that all AIS security related documentation is current. (7) Advise the CSA of any abnormal event that effects the security of the AIS. (8) Ensure that secure maintenance procedures are followed. (9) Ensure that security audit records are maintained, accessible, and reviewed and analyzed at least weekly. (10) Designate Security Custodians in facilities with multiple AIS or multiple shifts. (11) Ensure the development and implementation of an ongoing AIS security education program. (12) Perform threat based, aperiodic inspections pursuant to the AISSP. The frequency of inspections may be adjusted for sufficient cause. (13) Ensure that Memoranda of Agreement are in place for AIS supporting multiple CSAs. (14) Approve and document the movement of AIS equipment. (15) Approve the release of sanitized equipment and components in accordance with the sanitization matrix. (16) Approve and document additional AIS operated in dedicated security mode that is substantially the same as described in the AISSP. The classification level of the additional AIS must be the same as that of the approved AIS. (17) Approve and document additional or replacement components of a dedicated or system high AIS that are identical in functionality and do not affect the security of the AIS. (18) Document in the security plan and administer any procedures necessary to prevent classified information from migrating to unclassified AISs and leaving the security area.
Section 2. Accreditation and Security Modes
8-200. AIS Accreditation
a. The contractor shall obtain written accreditation from the CSA prior to processing classified information on AISs. To obtain accreditation, the contractor shall submit a formal request to the CSA and an AISSP. Where similar AIS are located within the same facility, a single security plan is permitted.
b. Accreditation is the CSAs approval for an AIS to process classified information in an operational environment. The accreditation is based on documentation, analysis, and evaluation of AIS operations with respect to security risks and also on the safeguards associated with operation of the AIS.
c. Interim accreditation may be granted in order for a contractor to start processing classified information. This interim action shall be for a specific period and shall specify the contractor actions to be completed and the minimum security requirements to be met during this period.
d. AIS accreditation may be withdrawn by the CSA should procedures and controls established in the AISSP be assessed ineffective by the CSA. Accreditation may also be withdrawn by the CSA when there has been an unacceptable change in system or security configuration.
e. The contractor can self-approve AISs that are similar to previously accredited AIS security profile and components provided the self-approval plan and procedures are included in the AISSP. In the event of discrepancies, or determination by the CSA that the self-approval plan is not administered effectively, the CSA may withdraw the contractor's self-approval authority.
f. An AIS may be reaccredited or self-approval authority can be reinstated by the CSA after review, analysis, and approval of an updated AISSP. An accredited AIS may be reaccredited when significant changes to the original accreditation or baseline occur.
8-201. Equipment not Requiring Accreditation.
Some equipment/components, to include test equipment, fits the definition of an AIS, whereas others may not. The ISSR will determine and document the capability of such equipment in the context of the equipment/components ability to collect and process information. As a general rule, equipment composed of volatile memory with no other storage media would not require accreditation. AIS components that need not be included in the system accreditation include but are not limited to:
a. Electronic typewriters, basic function calculators, and test equipment.
b. Security requirements for AISs that are embedded as an integral element of a larger system that is used to perform or control a function, such as test stands, simulators, control systems or weapons systems should be established concurrently with the design and development of the system. If not provided, the contractor shall request them from the appropriate GCA. In the absence of such requirements, the security requirements and procedures of this Manual will be applied to the extent appropriate as determined by the CSA.
8-202. The AIS Security Plan.
a. User Operational Procedures. These procedures describe how access to an AIS and classified information is authorized and revoked; the protection mechanisms provided by the AIS, guidelines on their use, and how they interact with one another, procedures for screening and preventing the introduction of malicious code, and the like.
b. System Configuration Management Procedures. These procedures describe the documenting, controlling, changing, and maintaining of the accountability of AIS hardware, firmware, software, communications interfaces, operating procedures, and installation structures.
c. Audit Features and Controls. These describe:
(1) A chronological record of AIS usage and system support activities. (2) Maintenance and repair of AIS hardware, including installation or removal of equipment, devices or components. (3) Transaction receipts, equipment sanitization, declassification and release records.
d. Concept of Operations (CONOP). The CONOP describes what the AIS will be used for and how it will operate.
e. Continuity of Operations Procedures (COOP). The COOP describes procedures to ensure continuous operations of AISs in the event of a disaster resulting from fire, flood, malicious act, human error, or any other occurrence. When the GCA determines a COOP to be necessary, the requirements will be contractually imposed. Costs directly related to the COOP requirements when in addition to safeguards required by this Manual, will be charged to the specific contract for which the requirements are imposed. At a minimum, the COOP must include:
(1) Identification of mission-essential resources, including AIS components, key response and recovery personnel, and alternate site processing requirements. (2) Identification of mission-essential applications. (3) The type of response necessary to continue the mission, based on the projected recovery time. (4) Frequency of performing backups to ensure, at a minimum, that current back-up copies of mission essential software and data exist. (5) An estimate of the cost of exercising the plan, software, or alternate site.
f. System Administration and Maintenance Procedures. These describe maintenance and repair procedures, including adding, changing, and removing components, and the use of maintenance devices and utilities.
g. Training Procedures. Security awareness training must be provided prior to assigning the individual access to the AIS and updated as needed. An individual receiving the training may be required to sign an agreement to abide by the security requirements specified in the AISSP.
h. Startup and Shut-down Procedures. These include system upgrading and downgrading, handling of user data and output, access controls to the AIS and remote AIS areas during, between, and after classified processing; and the declassification, release and destruction of storage media and AIS.
i. Certification Test Plan. This plan outlines the inspection and test procedures to demonstrate compliance with the security requirements associated with the mode of operation. It must include a detailed description of how the implementation of the operating system software, data management software, firmware, and related security software packages will enable the AIS to meet the compartmented or multilevel mode requirements. Products, subsystems, and systems that have been endorsed through formal evaluation programs (e.g., the Evaluated Products List supporting the TCSEC) must be evaluated as part of the AIS in the certification and accreditation process. In lieu of a certification test plan for the dedicated and system high mode, the ISSR will:
(1) Verify that system access controls and/or procedures are functional for the dedicated mode. (2) Provide test results that verify that need to know controls are implemented for the system high mode.
8-203. Security Modes-General.
a. AISs that process classified information must operate in the dedicated, system-high, compartmented, or multilevel mode. Security modes are authorized variations in security environments, requirements, and methods of operating. In all modes, the integration of automated and conventional security measures shall, with reasonable dependability, prevent unauthorized access to classified information during, or resulting from the processing of such information, and prevent unauthorized manipulation of the AIS that could result in the compromise of classified information.
b. In determining the mode of operation, three elements must be addressed:
(1) The boundary of an AIS includes all users that are directly or indirectly connected, and who can receive data from the system without a reliable human review by a cleared authority. The perimeter is the extent of the system that is to be accredited as a single system. (2) The nature of data is defined in terms of its classification levels, compartments, subcompartments, and sensitivities. (3) The level and diversity of access privileges of its users are defined as their clearance levels, need-to-know, and formal access approvals.
8-204. Dedicated Security Mode.
a. An AIS is operating in the dedicated mode when each user with direct or indirect access to the AIS, its peripherals, remote terminals, or remote hosts has all of the following:
(1) A PCL and need-to-know for all information stored or processed. (2) If applicable, has all formal access approvals and has executed all appropriate nondisclosure agreements for all the information stored and/or processed (including all compartments and sub-compartments).
b. The following security requirements are established for AISs operating in the dedicated mode:
(1) Enforce system access procedures. (2) All hardcopy output and media removed will be handled at the level for which the system is accredited until reviewed by a knowledgeable individual.
8-205. Security Features for Dedicated Security Mode.
Since the system is not required to provide technical security features, it is up to the user to protect the information on the system.
8-206. Security Assurances for Dedicated Security Mode.
Configuration management procedures must be employed to maintain the ability of the AIS to protect the customer's classified information. Configuration management procedures must be conducted in coordination with the ISSR. The systems configuration management procedures shall include an approach for specifying, documenting, controlling, and maintaining the visibility and accountability of all appropriate AIS hardware, firmware, software, communications interfaces, operating procedures, installation structures and changes thereto.
8-207. System High Security Mode.
An AIS is operating in the system-high mode when each user with direct or indirect access to the AIS, its peripherals, remote terminals, or remote hosts has all of the following:
a. A PCL for all information on the AIS.
b. Access approval and has signed nondisclosure agreements for all the information stored and/or processed.
c. A need-to-know for some of the information contained within the system.
8-208. Security Features for System High Mode.
AISs operating in the system high mode, in addition to meeting all of the security standards established for the dedicated mode, will:
a. Define and control access between system users and named objects (e.g., files and programs). The enforcement mechanism must allow system users to specify and control the sharing of those objects by named individuals and/or explicitly defined groups of individuals. The access control mechanism must either, by explicit user action or by default, provide that all objects are protected from unauthorized access (discretionary access control). Access permission to an object by users not already possessing access permission must only be assigned by authorized users of the object.
b. When feasible, as determined by the CSA, provide a time lockout in an interactive session after an interval of user inactivity. The time interval and restart requirements shall be specified in the AISSP.
c. Provide an audit trail capability that records time, date user ID, terminal ID (if applicable), and file name for the following events:
(1) System log on and log off. (2) Unsuccessful access attempts.
d. Protect the audit, identification, and authentication mechanisms from unauthorized access modification, access or deletion.
e. Require that storage contain no residual data from the previously contained object before being assigned, allocated, or reallocated to another subject.
f. Ensure that each person having access to a multi-user AIS have the proper security clearances and authorizations and be uniquely identified and authenticated before access to the AIS is permitted. The identification and authentication methods used shall be specified and approved in the AISSP. User access controls in multi-user AISs shall include authorization, user identification, and authentication; administrative controls for assigning these shall be covered in the AISSP.
(1) User Authorizations. The manager or supervisor of each user of an AIS shall determine the required authorizations, such as need-to-know for that user. (2) User Identification. Each system user shall have a unique user identifier and authenticator. (a) User ID Reuse. Prior to reuse of a user ID, all previous access authorizations (including file accesses for that user ID) shall be removed from the AIS. (b) User ID Removal. The ISSR shall ensure the development and implementation of procedures for the prompt removal of access from the AIS when the need for access no longer exists. (c) User ID Revalidation. The ISSR shall ensure that all user ID's are revalidated at least annually, and information such as sponsor and means of off-line contact (e.g., phone number, mailing address) are updated as necessary.
g. Authentication. Each user of a multi-user AIS shall be authenticated before access is permitted. This authentication can be based on any one of three types of information: something the person knows (e.g., a password); something the person possesses (e.g., a card or key); something about the person (e.g., fingerprints or voiceprints); or some combination of these three. Authenticators that are passwords shall be changed at least every 6 months. Multi-user AISs shall ensure that each user of the AIS is authenticated before access is permitted.
(1) Logon. Users shall be required to authenticate their identities at "logon" time by supplying their authenticator (e.g., password, smart card, or fingerprints) in conjunction with their user ID. (2) Protection of Authenticator. An authenticator that is in the form of knowledge or possession (password, smart card, keys,) shall not be shared with anyone. Authenticators shall be protected at a level commensurate with the accreditation level of the AIS. (3) Additional Authentication Countermeasures. Where the operating system provides the capability, the following features shall be implemented: (a) Logon Attempt Rate. Successive logon attempts shall be controlled by denying access after multiple (maximum of five) unsuccessful attempts on the same user ID, by limiting the number of access attempts in a specified time period, by the use of a time delay control system, or other such methods, subject to approval by the CSA. (b) Notification to the User. The user shall be notified upon successful logon of the date and time of the user's last logon; the ID of the terminal used at last logon, and the number of unsuccessful logon attempts using this user ID since the last successful logon. This notice shall require positive action by the user to remove the notice from the screen.
8-209. Security Assurances for System High Mode.
a. Examination of Hardware and Software. AIS hardware and software shall be examined when received from the vendor and before being placed into use.
(1) AIS Hardware. An examination shall result in assurance that the equipment appears to be in good working order and have no elements that might be detrimental to the secure operation of the resource. Subsequent changes and developments which affect security may require additional examination. (2) AIS Software. Commercially procured software shall be examined to assure that the software contains no features that might be detrimental to the security of the AIS. Security-related software shall be examined to assure that the security features function as specified. (3) Custom Software or Hardware Systems. New or significantly changed security relevant software and hardware developed specifically for the system shall be subject to testing and review at appropriate stages of development.
b. Security Testing. The system security features for need-to-know controls will be tested and verified. Identified flaws will be corrected.
8-210. Compartmented Security Mode.
An AIS is operating in the compartmented mode when users with direct or indirect access to the AIS, its peripherals, or remote terminals have all of the following:
a. A PCL for the most restricted information processed.
b. Formal access approval and has signed nondisclosure agreements for that information to which he or she is to have access (some users do not have formal access approval for all compartments or subcompartments processed by the AIS).
c. A valid need-to-know for that information for which he/she is to have access.
8-211. Security Features for Compartmented Mode.
In addition to all security features and security assurances required for the system high mode of operation, AIS operating in the compartmented mode of operation shall also include:
a. Security Labels. The AIS shall place security labels on all entities (e.g., files) reflecting the sensitivity (classification level, classification category, and handling caveats) of the information for resources and the authorizations (security clearances, need-to-know, formal access approvals) for users. These labels shall be an integral part of the electronic data or media. These security labels shall be compared and validated before a user is granted access to a resource.
b. Export of Security Labels. Security labels exported from the AIS shall be accurate representations of the corresponding security labels on the information in the originating AIS.
c. Mandatory Access Controls. Mandatory access controls shall provide a means of restricting access to files based on the sensitivity (as represented by the label) of the information contained in the files and the formal authorization (i.e. security clearance ) of users to access information of such sensitivity.
d. No information shall be accessed whose compartment is inconsistent with the session log on.
e. Support a trusted communications path between itself and each user for initial logon and verification for AIS processing TOP SECRET information.
f. Enforce, under system control, a system-generated, printed, and human-readable security classification level banner at the top and bottom of each physical page of system hard-copy output.
g. Audit these additional events: the routing of all system jobs and output, and changes to security labels.
8-212. Security Assurances for Compartmented Mode.
a. Confidence in Software Source. In acquiring resources to be used as part of an AIS, consideration shall be given to the level of confidence placed in the vendor to provide a quality product, to support the security features of the product, and to assist in the correction of any flaws.
b. Flaw Discovery. The vendor shall have implemented a method for ensuring the discovery of flaws in the system (hardware, firmware, or software) that may have an effect on the security.
c. Description of Security Enforcement Mechanisms (often referred to as the Trusted Computing Base). The protections and provisions of the security enforcement mechanisms shall be documented in such a manner to show the underlying planning for the security. The security enforcement mechanisms shall be isolated and protected from any user or unauthorized process interference or modification. Hardware and software features shall be provided that can be used to periodically validate the correct operation of the elements of the security enforcement mechanisms.
d. Independent Validation and Verification. An independent validation and verification team shall assist in the certification testing of an AIS and shall perform validation and verification testing of the system as required by the CSA.
e. Security Label Integrity. The methodology shall ensure, (1) Integrity of the security labels; (2) The association of a security label with the transmitted data; and (3) Enforcement of the control features of the security labels.
f. Detailed Design of Security Enforcement Mechanisms. An informal description of the security policy model enforced by the system shall be available.
8-213. Multilevel Security Mode.
An AIS is operating in the multilevel mode when all of the following statements are satisfied concerning the users with direct or indirect access to the AIS, its peripherals, remote terminals, or remote hosts:
a. All users of the multilevel system must have a PCL but some users may not have a PCL for all levels of the classified information residing on the system.
b. All users are cleared, have a need-to-know, and the appropriate access approval (i.e., signed nondisclosure agreements) for information to be accessed.
8-214. Security Features for Multilevel Mode.
In addition to all security features and security assurances required for the compartmented mode of operation, AIS operating in the multilevel mode shall also include:
a. A mechanism that is able to monitor the occurrence or accumulation of security auditable events that may indicate an imminent violation of security policy. This mechanism shall be able to immediately notify the security administrator when thresholds are exceeded and, if the occurrence or accumulation of these security relevant events continues, the system shall take the least disruptive action to terminate the event.
b. Access controls that are capable of specifying, for each named object, a list of named individuals and a list of groups of named individuals with their respective modes of access to that object. It will be possible to specify for each named object a list of named individuals and a list of groups of named individuals for which no access to the object is to be given.
c. Support a trusted communication path between the AIS and users for use when a positive AIS-to-user connection is required (i.e., logon, change subject security level). Communications via this trusted path shall be activated exclusively by a user or the AIS and shall be logically isolated and unmistakably distinguishable from other paths.
d. Support separate operator and administrator functions. The functions performed in the role of a security administrator shall be identified. The AIS system administrative personnel shall only be able to perform security administrator functions after taking a distinct auditable action to assume the security administrative role of the AIS system. Non-security functions that can be performed in the security administrative role shall be limited strictly to those essential to performing the security role effectively.
e. Provide procedures and/or mechanisms to assure that, after an AIS system failure or other discontinuity, recovery without a protection compromise is obtained.
f. Immediately notify a terminal user of each change in the security level associated with that user during an interactive session. A user shall be able to query the system as desired for a display of the user's complete sensitivity label.
g. Enforce an upgrade or downgrade principle where all users processing have a system-maintained classification; no data is read that is classified higher than the processing session authorized; and no data is written unless its security classification level is equal to the user's authorized processing security classification.
8-215. Security Assurances for Multilevel Mode.
a. Flaw Tracking and Remediation. The vendor shall provide evidence that all discovered flaws have been tracked and remedied.
b. Life-Cycle Assurance. The development of the AIS hardware, firmware, and software shall be under life-cycle control and management (i.e., control of the AIS from the earliest design stage through decommissioning).
c. Separation of Functions. The functions of the ISSR and the AIS manager shall not be performed by the same person.
d. Device Labels. The methodology shall ensure that the originating and destination device labels are a part of each message header and enforce the control features of the data flow between originator and destination.
e. Trusted Path. The system shall support a trusted communication path between the user and system security mechanisms.
f. Security Isolation. The security enforcement mechanism shall maintain a domain for its own execution that protects it from external interference and tampering (e.g., by reading or modification of its code and data structures). The protection of the security enforcement mechanism shall provide isolation and non circumvention of isolation functions.
g. Security Penetration Testing. In addition to testing the performance of the AIS for certification, there shall be testing to attempt to penetrate the security countermeasures of the system. The test procedures shall be documented in the test plan for certification and also in the test plan for ongoing testing.
Section 3. Controls and Maintenance
8-300. Physical Security.
a. Physical security safeguards shall be established that prevent or detect unauthorized access to accredited system entry points and unauthorized modification of the AIS hardware and software. Hardware integrity of the AIS, including remote equipment, shall be maintained at all times, even when the AIS is not processing or storing classified information.
b. Attended classified processing shall take place in an area, normally a Restricted Area, where authorized persons can exercise constant surveillance and control of the AIS. All unescorted personnel to the area must have a government granted PCL and controls must be in place to restrict visual and aural access to classified information.
c. When the AIS is processing classified information unattended, or when classified information remains on an unattended AIS, a Closed Area is required.
d. When the AIS is not in use, all classified information has been removed and properly secured, and the AIS has been downgraded, continuous physical protection, to prevent or detect unauthorized modification of the AIS hardware and software, shall be implemented through one or more of the following methods:
(1) Continuous supervision by authorized personnel. (2) Use of approved cabinets, enclosures, seals, locks or Closed Areas. (3) Use of area controls that prevent or detect tampering or theft of the hardware and software. These controls will vary depending on the overall physical security controls in effect in the immediate secure area.
8-301. Software Controls.
a. Contractor personnel that design, develop, test, install, or make modifications to systems, or use security software, shall be cleared to the level of the AIS. Non-system or applications software that will be used during classified processing periods can be developed or modified by personnel without a clearance. However, before software developed by uncleared persons is used in a classified processing period, it must be reviewed or tested by authorized and knowledgeable contractor personnel to provide reasonable assurance that security vulnerabilities do not exist.
b. The AISSP must provide procedures for approval of installation of any software on the AIS.
c. Software provided on media that may be written to (e.g., magnetic media) must be safeguarded commensurate with the accreditation level unless a physical write-protect mechanism is used. (Mechanisms shall be tested and verified by attempting to write to the media.) The write protection mechanism must be verified once during each session when it is used to process classified information.
d. Unclassified software provided on media that cannot be changed (e.g., CD read-only media) may be loaded onto the classified system without being labeled or classified provided it is immediately removed from the security area upon completion of the loading procedure. If the media is to be retained in the security area, it may be controlled and stored as unclassified media.
e. The contractor shall validate the functionality of security-related software (e.g., access control, auditing, purge, etc.) before the AIS is accredited. The software shall be revalidated when changed.
f. Use of software of unknown or suspect origin is strongly discouraged.
g. The contractor must verify that all software is free of malicious code prior to installation.
h. Unclassified vendor-supplied software used for maintenance or diagnostics must be controlled as though classified.
i. Incidents involving malicious software will be investigated by the ISSR. If the incident affects the integrity of classified information, the CSA will be notified immediately and a written report detailing the findings of this investigation will be submitted to the CSA in accordance with the AISSP.
8-302. Media Controls.
a. In general, media that contains classified information will be handled in a manner consistent with the handling of classified documents.
b. All storage media used for classified data on dedicated and system high AIS must be labeled and controlled to the highest level of the information on the AIS. However, information not at the highest level may be written to appropriately classified/unclassified media using authorized procedures and/or methods.
c. All data storage media for compartmented and multilevel AIS must be labeled and controlled to the highest level of the information contained on the media.
d. When two or more AISs are collocated in the same security area and processing at different levels or compartments, procedures described in the system security plan will be used to distinguish among them.
e. Authorized sanitization procedures for the most commonly used memory and storage media are defined in the sanitization matrix.
f. Media must be sanitized and all markings and labels removed before media can be declassified. Sanitization actions must be verified and a record must be annotated to show the date, the particular sanitization action taken, and the person taking the action.
g. Media must be sanitized and declassified prior to release from continuous protection.
h. All printed output from an AIS processing in the dedicated or system high mode must be treated as though classified until verified to be unclassified.
8-303. Security Audits
a. In addition to the audits required under security modes, the following logs are required regardless of mode of operation. The logs must include the date, the event, and the person responsible.
(1) Maintenance, repair, installation, or removal of hardware components. Log must include the component involved, and action taken. (2) Installation, testing, and modification of operating system and security-related software. Log must include the software involved and action taken. (3) Upgrading and downgrading actions. (4) Sanitization and declassifying media and devices. (5) Application and reapplication of seals.
b. At intervals specified in the AISSP, the ISSR (or designee) shall review, analyze, and annotate audit records created during classified processing periods to ensure that all pertinent activity is properly recorded and appropriate action has been taken to correct anomalies.
c. Audit trail records shall be retained until reviewed and released by the contractor or CSA but not more than 12 months.
8-304. AIS Operations
a. Security Level Upgrading. To increase the level of processing on an AIS the following procedures must be implemented:
(1) Adjust the area controls to the level of information to be processed. (2) Configure the AIS as described in the AISSP. The use of logical disconnects is prohibited for AIS processing TOP SECRET information. (3) Remove and store removable data storage media not to be used during the processing period. (4) Clear all memory including buffer storage. (5) Initialize the system for processing at the approved level of operation with a dedicated copy of the operating system. This copy of the operating system must be protected commensurate with the security classification and access levels of the information to be processed during the period.
b. Security Level Downgrading. To lower the level of processing, the following procedures must be implemented:
(1) Remove and store removable data storage media not to be used during the lower processing period. (2) Clear the memory and buffer storage of the equipment to be downgraded, for collateral SECRET and below; sanitize for TOP SECRET. (3) Sanitize printers. (4) For classified processing, configure the AIS as described in the AISSP. (5) Adjust the area controls to the level of information to be processed. (6) Initialize the system for processing at the lower level with a dedicated copy of the operating system. This copy of the operating system must be protected commensurate with the security classification and access levels of the information to be processed during the period.
8-305. Identification and Authentication Techniques.
When the AIS is processing classified information, access to any unattended hardware must conform to those required in this document for the highest level of classified material processed on the AIS. Specific user identification and authentication techniques and procedures will be included in the AISSP. Examples of identification and authentication techniques include, but are not limited to: user IDs and passwords, tokens, biometrics and smartcards.
a. User IDs identify users in the system and are used in conjunction with authentication techniques to gain access to the system. User IDs will be disabled whenever a user no longer has a need-to-know or proper clearance. The user ID will be deleted from the system only after review of programs and data associated with the ID. Disabled accounts will be removed from the system as soon as practical. Access attempts will be limited to five tries. Users who fail to access the system within the established limits will be denied access until the user's ID is reactivated.
b. When used, system logon passwords will be randomly selected and will be at least six characters in length.
(1) Appropriate guidance must be provided by the ISSR or contractor to users prior to their choosing their own logon passwords. When an automated system logon-password generation routine is used, it must be described in the AISSP. (2) Passwords must be validated by the system each time the user accesses the system. (3) System logon passwords must not be displayed at any terminal or printed on any printer. (4) Passwords will not be shared by any user. (5) Passwords will be classified and controlled at the highest level of the information accessed. (6) Passwords must be changed at least every 6 months. (7) Immediately following a suspected or known compromise of a password, the ISSR will be notified and a new password issued.
c. Master data files containing the user population system logon passwords will be encrypted when practical. Access to the files will be limited to the ISSR and a designee identified in the AISSP.
d. When classified and unclassified AIS are collocated the following requirements apply:
(1) The ISSR must document procedures to ensure the protection of classified information. (2) The unclassified AIS cannot be connected to the classified AIS. (3) Users shall be provided a special awareness briefing.
e. When two or more AISs are collocated in the same security area and processing at different levels or compartments, procedures described in the AISSPwill be used to distinguish among them.
8-306. Maintenance
a. Cleared personnel who perform maintenance or diagnostics do not normally require an escort. Need-to-know for access to classified information must be enforced. Uncleared maintenance personnel must always be escorted by a cleared and technically knowledgeable individual. The ISSR must ensure that escorts of uncleared maintenance personnel are trained and sufficiently knowledgeable concerning the AISSP, established security policies and practices, and escorting procedures.
b. If maintenance is being conducted by appropriately cleared personnel, system sanitizing or component isolation are a local option. If maintenance is being performed by uncleared personnel, steps must be taken to effectively deny access to classified information by the uncleared person and any maintenance equipment or software used; these procedures should be documented in the AISSP. A technically knowledgeable escort is preferred. If access to classified data cannot be precluded by the escort, either the component under maintenance must be physically disconnected from the classified AIS (and sanitized before and after maintenance) or the entire AIS must be sanitized before and after maintenance.
c. The dedicated copy of the system software with a direct security function shall not be used for maintenance purposes by uncleared personnel.
d. When a system failure prevents sanitization of the system prior to maintenance by uncleared vendor personnel, AISSP procedures must be enforced to deny the uncleared person visual and electronic access to any classified data that may be contained on the system.
e. When practical, all maintenance and diagnostics will be performed in the contractor's facility. Any AIS components or equipment released from secure control is no longer part of an accredited system.
f. Vendor-supplied software/firmware used for maintenance or diagnostics must be protected at the level of the accredited AIS. The CSA may allow, on a case-by-case basis, the release of certain types of costly magnetic media for maintenance, such as disk head-alignment.
g. All maintenance tools, diagnostic equipment, and other devices used to service an accredited AIS must be approved by the contractor.
h. Any component board placed into an accredited AIS must remain in the security area until proper release procedures are completed.
i. Remote diagnostic or maintenance services are strongly discouraged. If remote diagnostic or maintenance services become necessary, the AIS shall be sanitized and disconnected from any communication links to network, prior to the connection of any nonsecured communication line.
Clearing and Sanitization Matrix Media Clear Sanitize Magnetic Tape Type I a or b a, b, or m Type II a or b b or m Type III a or b m Magnetic Disk Bernoullis a, b, or c m Floppies a, b, or c m Non-Removable Rigid Disk c a, b, d, or m Removable Rigid Disk a, b, or c a, b, d, or m Optical Disk Read Many, Write Many c m Read Only m, n Write Once, Read Many (Worm) m, n Memory Dynamic Random Access Memory (DRAM) c or g c,g, or m Electronically Alterable PROM (EAPROM) i j or m Electronically Erasable PROM (EEPROM) i h or m Erasable Programmable (ROM (EPROM) k l then c, or m Flash EPROM (FEPROM) i c then i, or m Programmable ROM (PROM) c m Magnetic Bubble Memory c a, b, c, or m Magnetic Core Memory c a, b, e, or m Magnetic Plated Wire c c and f, or m Magnetic Resistive Memory c m Nonvolatile RAM (NOVRAM) c or g c, g, or m Read Only Memory ROM m Static Random Access Memory (SRAM) c or g c and f, g, or m Equipment Cathode Ray Tube (CRT) g q Printers Impact g p then g Laser g o then g
Clearing and Sanitization Matrix
a. Degauss with a Type I degausser
b. Degauss with a Type II degausser.
c. Overwrite all addressable locations with a single character.
d. Overwrite all addressable locations with a character, its complement, then a random character and verify. THIS METHOD IS NOT APPROVED FOR SANITIZING MEDIA THAT CONTAINS TOP SECRET INFORMATION.
e. Overwrite all addressable locations with a character, its complement, then a random character.
f. Each overwrite must reside in memory for a period longer than the classified data resided.
g. Remove all power to include battery power.
h. Overwrite all locations with a random pattern, all locations with binary zeros, all locations with binary ones.
i. Perform a full chip erase as per manufacturer's data sheets.
j. Perform i above, then c above, a total of three times.
k. Perform an ultraviolet erase according to manufacturer's recommendation.
l. Perform k above, but increase time by a factor of three.
m. Destroy - Disintegrate, incinerate, pulverize, shred, or melt.
n. Destruction required only if classified information is contained.
o. Run five pages of unclassified text (font test acceptable).
p. Ribbons must be destroyed. Platens must be cleaned.
q. Inspect and/or test screen surface for evidence of burned-in information. If present, the cathode ray tube must be destroyed.
Section 4. Networks
8-400. Networks.
This Section identifies basic security requirements for protecting classified information processed on accredited networks. Network operations shall maintain the integrity of the security features and assurances of its mode of operation. A "Reference Guide for Security in Networks" can be obtained from the CSA.
8-401. Types of Networks.
a. A Unified Network is a collection of AIS's or network systems that are accredited as a single entity by a single CSA. A unified network may be as simple as a small standalone LAN operating in dedicated mode, following a single security policy, accredited as a single entity, and administered by a single ISSR. The perimeter of such a network encompasses all its hardware, software, and attached devices. Its boundary extends to all its users. A unified network has a single mode of operation based on the clearance levels, access, and need-to-know. This mode of operation will be mapped to the level of trust required and will address the risk of the least trusted user obtaining the most sensitive information processed or stored on the network.
b. An interconnected network is comprised of separately accredited AISs and/or unified networks. Each self-contained AIS maintains its own intra-AIS services and controls, protects its own resources, and retains its individual accreditation. Each participating AIS or unified network has its own ISSR. The interconnected network must have a security support structure capable of adjudicating the different security policy (implementations) of the participating AISs or unified networks. An interconnected network requires accreditation, which may be as simple as an addendum to a Memorandum of Agreement (MOA) between the accrediting authorities.
8-402. Methods of Interconnection.
a. Security support structure (SSS) is the hardware, software, and firmware required to adjudicate security policy and implementation differences between and among connecting unified networks and/or AISs. The SSS must be accredited. The following requirements must be satisfied as part of the SSS accreditation:
(1) Document the security policy enforced by the SSS. (2) Identify a single mode of operation. (3) Document the network security architecture and design. (4) Document minimum contents of MOA's required for connection to the SSS.
b. Separately accredited network (SAN) is a medium of interconnection of convenience. Networks and/or AISs that are interconnected through a SAN must meet the connection rules of the SAN.
c. The interconnection of previously accredited systems into an accredited network may require a re-examination of the security features and assurances of the contributing systems to ensure their accreditations remain valid.
(1) Once an interconnected network is defined and accredited, additional networks or separate AISs (separately accredited) may only be connected through the accredited SSS. (2) The addition of components to contributing unified networks that are members of an accredited interconnected network are allowed provided these additions do not change the accreditation of the contributing system.
8-403. Network Requirements.
a. Network Security Management. The contractor shall designate an ISSR for each accredited network to oversee security. The ISSR is responsible for ensuring compliance with the network security requirements as described in the AISSP.
b. Network Security Coordination.
(1) Every network must have a security plan. (2) When different CSAs are involved, a single network security manager (NSM) may be named that will be responsible for network security (including the network AISSP). The NSM will ensure a comprehensive approach to enforce the overall security policy required by the network security plan.
c. Specific network requirements must be determined on a case-by-case basis by the CSAs involved; however, as a minimum, the AISSP for the network must address the following additional requirements:
(1) Description of security services and mechanisms protecting against network specific threats. Consistent with its mode of operation, the network must provide the following security services: (a) Access control. (b) Data flow control. (c) Data separation. (d) Auditing. (e) Communications integrity. (2) Consistent implementation of security features across the network components. (3) Configuration control of network interconnections. (4) Protection and control of data transfers. (5) Security features incorporated in communications protocols. (6) Adequacy of any filtering bridge, secure gateway, or other similar security device in controlling access and data flow. (7) Compatibility of the entire combination of operating modes when connecting a new system. (8) Adequacy of the external system's features to support the local security policy.
8-404. Transmission Security.
Protected Distribution Systems or National Security Agency approved encryption methodologies and devices shall be used to protect classified information when it is being transmitted between network components.
CHAPTER 9
Special Requirements
Section 1. Restricted Data and Formerly Restricted Data
9-100. General.
This Section contains information and the requirements for safeguarding atomic energy information that is designated "Restricted Data" and "Formerly Restricted Data." Such information is classified under the authority of the Atomic Energy Act of 1954 and is under the jurisdiction and control of the Department of Energy (DOE). For purposes of this Section, a distinction is made between National Security Information and atomic energy information as explained below.
9-101. Authority and Responsibilities.
a. The Atomic Energy Act of 1954, as amended, provides for the development, use, and control of atomic energy. The Act establishes policy for handling atomic energy-related classified information designated as Restricted Data (RD) and Formerly Restricted Data (FRD). The Act provides responsibility to DOE to "control the dissemination and declassification of Restricted Data." In Section 143 of the Act, the Secretary of Defense has the responsibility to establish personnel and other security procedures and standards that are in reasonable conformity to the standards established by the Department of Energy. This Section is intended to ensure reasonable conformity in policy and procedures used by contractors for the control of RD and FRD.
b. The Secretary of Energy and the Chairman of the Nuclear Regulatory Commission retain authority over access to information which is under their respective cognizance as directed by the Atomic Energy Act of 1954. The Secretary or the Commission may inspect and monitor contractor programs or facilities that involve access to such information or may enter into written agreement with the DOD to inspect and monitor these programs or facilities.
9-102. Background Information.
a. The Atomic Energy Act is the basis for classification of atomic energy information as Restricted Data and Formerly Restricted Data. In accordance with the Atomic Energy Act, all atomic energy information is classified unless a positive action is taken to declassify it. This is directly opposite to procedures used for information classified by E.O. 12356. This is a significant difference that should be clearly understood. By the Act, Congress has decreed that atomic energy information is different -- it is "born classified," it remains classified until a positive action is taken to declassify it, and it may be declassified only by the Department of Energy. No other organization can declassify atomic energy information, and once it is declassified, it cannot be reclassified.
b. "Restricted Data" (RD) is defined in the Atomic Energy Act as follows:
"The term Restricted Data means all data concerning, (1) design, manufacture, or utilization of atomic weapons; (2) the production of special nuclear material; or (3) the use of special nuclear material in the production of energy, but shall not include data declassified or removed from the Restricted Data category pursuant to Section 142."
c. "Formerly Restricted Data" (FRD) is information which has been removed from the Restricted Data category after the DOE and the DOD have jointly determined that the information relates primarily to the military utilization of atomic weapons and can be adequately safeguarded as National Security Information in the United States. Such data may not be given to any other nation except under specially approved agreements and with the authorization of DOE. FRD is identified and handled as Restricted Data when sent outside the United States.
9-103. Unauthorized Disclosures.
Contractors shall report all unauthorized disclosures involving RD and FRD to the DOE or NRC through their CSA.
9-104. International Requirements.
The Act provides for a program of international cooperation to promote common defense and security and to make available to cooperating nations the benefits of peaceful applications of atomic energy as widely as expanding technology and considerations of the common defense and security will permit. Information controlled by the Act may be shared with another nation only under the terms of an agreement for cooperation. The disclosure by a contractor of RD and FRD shall not be permitted until an agreement is signed by the United States and participating governments and disclosure guidance and security arrangements are established. RD and FRD shall not be transmitted to a foreign national or regional defense organization unless such action is approved and undertaken pursuant to an agreement for cooperation between the United States and the cooperating entity and supporting statutory determinations as prescribed in the Act.
9-105. Personnel Security Clearances.
Only DOE, NRC, DoD, and NASA can grant access to RD and FRD. Contractors of all other federal agencies must be processed for PCLs by the DOE. The minimum investigative requirements and standards for access to RD and FRD are set forth below.
a. Top Secret RD-A favorable Single Scope Background Investigation (SSBI).
b. Secret RD-A favorable SSBI. (SRD as defined pursuant to the NISPOMSUP).
c. Confidential RD-A favorable NACC.
d. Top Secret FRD-A favorable SSBI.
e. Secret FRD-A favorable NACC.
f. Confidential FRD-A favorable NACC. DOE and NRC use the designation Q when a favorable access authorization determination has been conducted based on an SSBI and L when a favorable access authorization determination has been made based on an NACC.
9-106. Classification.
a. Since RD is born classified, no classification category determination by a person with original classification authority is ever required for RD or FRD; however, an authorized classifier must determine the classification level. No date or event for automatic declassification ever applies to RD or FRD.
b. Only RD Classifiers appointed and trained under Government Agency procedures may derivatively classify material that contains RD. Any contractor employee authorized to derivatively classify NSI material may also derivatively classify FRD material. Such derivative classification determinations shall be based on classification guidance approved by the DOE or NRC and not on portion markings in a source document. If such classification guidance is not available and the information in the document meets the definition of RD, then the classifier shall, as an interim measure, mark the document as Confidential RD or, if the sensitivity of the information in the document so warrants, as Secret RD. Such document shall be promptly referred to the CSA who shall provide the contractor with the final determination based upon official published classification guidance.
c. RD and FRD are not limited to U.S. Government information. Contractors who develop RD, FRD, or an invention or discovery useful in the production or utilization of special nuclear material or atomic energy shall file a report with a complete description thereof with the DOE or the Commissioner of Patents as prescribed by the Act. Documents thought to contain RD or FRD shall be marked temporarily as such. Such documents shall be promptly referred to the CSA for a final determination based upon official published classification guidance.
9-107. Declassification.
Documents marked as containing RD and FRD remain classified until a positive action by an authorized person is taken to declassify them; no date or event for automatic declassification ever applies to RD and FRD documents. Only the DOE may declassify contractor documents marked as RD. Only the DOE or the DOD may declassify contractor documents marked as FRD. These authorities may be delegated on a case-by-case basis. Contractors shall send any document marked as RD or FRD that must be declassified or sanitized to the appropriate government contracting office.
9-108. Transclassification.
Transclassification occurs when information is removed from the RD category by a joint determination of DOE and DOD and placed in the FRD category in accordance with section 142d of the Atomic Energy Act. This information is primarily related to the military utilization of atomic weapons and can be adequately safeguarded as NSI. This authority is severely restricted and cannot be exercised by RD Classifiers. Contact the DOE for information.
9-109. Marking.
In addition to the markings specified in Chapter 4 for NSI, classified material containing RD and FRD shall be marked as indicated below:
a. Restricted Data. The following notice shall be affixed on material that contains Restricted Data. This may be abbreviated RD.
Restricted Data This material contains Restricted Data as defined in the Atomic Energy Act of 1954. Unauthorized disclosure subject to administrative and criminal sanctions. Material classified as RD must indicate the classification guide and the authorized RD classifier. The following marking shall be applied: Classified by: (guide) Classifier: (name and title)
b. Formerly Restricted Data. The following notice shall be affixed on material which contains Formerly Restricted Data. This may be abbreviated FRD.
Formerly Restricted Data Unauthorized disclosure subject to administrative and criminal sanctions. Handle as Restricted Data in foreign dissemination. Section 144b, AEA 1954.
Material classified as FRD must indicate the classification guide. The following marking shall be applied:
Classified by: (guide)
c. Documents shall be marked to indicate CNWDI, Sigmas, and NNPI, as applicable.
9-110. Automated Information Systems.
See the NISPOMSUP for AIS requirements for TSRD and SRD.
9-111. Physical Security.
See the NISPOMSUP for physical security requirements for TSRD and SRD.
Section 2. DOD Critical Nuclear Weapon Design Information
9-200. General.
This Section contains the special requirements for protection of Critical Nuclear Weapon Design Information (CNWDI).
9-201. Background.
CNWDI is a DoD category of TOP SECRET Restricted Data or SECRET Restricted Data that reveals the theory of operation or design of the components of a thermonuclear or fission bomb, warhead, demolition munition, or test device. Specifically excluded is information concerning arming, fuzing, and firing systems; limited life components; and total contained quantities of fissionable, fusionable, and high explosive materials by type. Among these excluded items are the components that DoD personnel set, maintain, operate, test or replace. The sensitivity of DoD CNWDI is such that access shall be granted to the absolute minimum number of employees who require it for the accomplishment of assigned responsibilities on a classified contract. Because of the importance of such information, special requirements have been established for its control. (DoD Directive 5210.2 establishes these controls in the DoD).
9-202. Briefings.
Prior to having access to DoD CNWDI, employees shall be briefed on its sensitivity by the FSO or his or her alternate. (The FSO will be initially briefed by a Government representative.) The briefing shall include the definition of DoD CNWDI, a reminder of the extreme sensitivity of the information, and an explanation of the individual's continuing responsibility for properly safeguarding DoD CNWDI and for ensuring that dissemination is strictly limited to other personnel who have been authorized for access and have a need-to-know for the particular information. The briefing shall also be tailored to cover any special local requirements. Upon termination of access to DoD CNWDI, the employee shall be given an oral debriefing that shall include a statement of: a. The purpose of the debriefing; b. The serious nature of the subject matter that requires protection in the national interest; and c. The need for caution and discretion.
9-203. Markings.
In addition to other markings required by this Manual, CNWDI material shall be clearly marked, "Critical Nuclear Weapon Design Information-DoD Directive 5210.2 Applies." As a minimum, CNWDI documents shall show such markings on the cover or first page. Portions of documents that contain CNWDI shall be marked with an (N) or (CNWDI) following the classification of the portion. For example, TS(RD)(N) or TS(RD)(CNWDI).
9-204. Subcontractors.
Contractors shall not disclose CNWDI to subcontractors without theprior written approval of the GCA. This approval may be included in a Contract Security Classification Specification, other contract-related document, or by separate correspondence.
9-205. Transmission Outside the Facility.
Transmission outside the contractor's facility is authorized only to the GCA, or to a subcontractor as approved by 9-204 above. Any other transmission must be approved by the GCA. Prior to transmission to another cleared facility, the contractor shall verify from the CSA that the facility has been authorized access to CNWDI. When CNWDI is transmitted to another facility, the inner wrapping shall be addressed to the personal attention of the FSO or his or her alternate, and in addition to any other prescribed markings, the inner wrapping shall be marked: "Critical Nuclear Weapon Design Information-DoD Directive 5210.2 Applies." Similarly, transmissions addressed to the GCA or other U.S. Government agency shall bear on the inner wrapper the marking, "Critical Nuclear Weapon Design Information-DoD Directive 5210.2 Applies."
9-206. Records.
Contractors shall maintain a record of all employees who have been authorized access to CNWDI, and the date of the special briefing(s). These records shall be retained for 2 years following the termination of employment and/or the termination of the individual's clearance or access, as applicable.
9-207. Weapon Data.
That portion of RD or FRD that concerns the design, manufacture, or utilization (including theory, development, storage, characteristics, performance, and effects) of atomic weapons or atomic weapon components and nuclear explosive devices is called Weapon Data and it has special protection provisions. Weapon Data is divided into eight Sigma categories the protection of which is prescribed by DOE Order 5610.2, CONTROL OF WEAPON DATA. However, certain Weapon Data has been re-categorized as CNWDI and is protected as described in this Section.
Section 3. Intelligence Information
9-300. General.
This Section contains general information on safeguarding Intelligence Information. Intelligence Information is under the jurisdiction and control of the Director of Central Intelligence (DCI) pursuant to Executive Order (E.O.) 12333, "United States Intelligence Activities."
9-301. Definitions.
The following definitions are extracts from E.O. 12333, DCI Directives (DCIDs), and DoD Directives pertaining to Intelligence Information.
a. Foreign Intelligence. Information relating to the capabilities, intentions, and activities of foreign powers, organizations, or persons, but not including counterintelligence except for information on international terrorist activities.
b. Counterintelligence. Those activities that are concerned with identifying and counteracting the threat to security posed by foreign intelligence services or organizations or by individuals engaged in espionage, sabotage, or subversion.
c. Intelligence Information. Intelligence Information includes the following classified information: (1) Foreign intelligence and counterintelligence as defined in E.O. 12333; (2) Information describing U.S. foreign intelligence and counterintelligence activities, sources, methods, equipment, or methodology used for the acquisition, processing, or exploitation of such intelligence; foreign military hardware obtained for exploitation; and photography or recordings resulting from U.S. intelligence collection efforts; and (3) Information on Intelligence Community protective security programs (e.g., personnel, physical, technical, and information security). (Such information is collected, processed, produced or disseminated by the Director of Central Intelligence and other agencies of the Intelligence Community under the authority of E.O. 12333.)
d. Intelligence Community. As identified in E.O. 12333, the Central Intelligence Agency (CIA); the National Security Agency (NSA); the Defense Intelligence Agency (DIA); offices within the DoD for the collection of specialized national foreign intelligence through reconnaissance programs; the Bureau of Intelligence and Research (INR) of the Department of State; the intelligence elements of the Army, Navy, Air Force, and Marine Corps, the Federal Bureau of Investigation (FBI), the Department of the Treasury, and the Department of Energy (DOE); and the staff elements of the Director of Central Intelligence (DCI).
e. Senior Officials of the Intelligence Community (SOICs). The heads of organizations in the Intelligence Community.
f. Senior Intelligence Officer (SIO). The highest ranking military or civilian individual charged with direct foreign intelligence missions, functions, or responsibilities within an element of the Intelligence Community.
g. Sensitive Compartmented Information (SCI). Classified Intelligence Information concerning or derived from intelligence sources, methods, or analytical processes, which is required to be handled within formal access control systems established by the Director of Central Intelligence.
h. SCI Facility (SCIF). An accredited area, room, group of rooms, or installation where SCI may be stored, used, discussed, and/or processed.
9-302. Background.
DCID 1/7, "Security Controls on the Dissemination of Intelligence Information," establishes policies, controls, procedures, and control markings for the dissemination and use of intelligence to ensure that it will be adequately protected. DCID 1/14, "Minimum Personnel Security Standards and Procedures Governing Eligibility for Access to Sensitive Compartmented Information," establishes personnel security standards for personnel requiring access to SCI. Access to SCI must be approved by the SOICs. DCID 1/19, "Security Policy for Sensitive Compartmented Information," establishes policies and procedures for the security, use, and dissemination of SCI.
9-303. Control Markings Authorized for Intelligence Information.
a. "Warning Notice-Intelligence Sources or Methods Invoved" (WNINTEL). This marking is used only on Intelligence Information that identifies or would reasonably permit identification of an intelligence source or method that is susceptible to countermeasures that could nullify or reduce its effectiveness. This marking may be abbreviated as "WNINTEL" or "WN." This marking may not be used in conjunction with special access or sensitive compartmented information (SCI) controls.
b. "DISSEMINATION AND EXTRACTION OF INFORMATION CONTROLLED BY ORIGINATOR" (ORCON). This marking may be used only on Intelligence Information that clearly identifies or would reasonably permit ready identification of an intelligence source or method that is particularly susceptible to countermeasures that would nullify or measurably reduce its effectiveness. This marking may be abbreviated as "ORCON" or "OC."
c. "NOT RELEASABLE TO CONTRACTORS/CONSULTANTS" (NOCONTRACT). This marking may be used only on Intelligence Information that is provided by a source on the express or implied condition that it not be made available to contractors; or that, if disclosed to a contractor, would actually or potentially give him/her a competitive advantage, which could reasonably be expected to cause a conflict of interest with his/her obligation to protect the information. This marking may be abbreviated as "NOCONTRACT" or "NC."
d. "CAUTION - PROPRIETARY INFORMATION INVOLVED" (PROPIN). This marking is used, with or without a security classification, to identify information provided by a commercial firm or private source under an express or implied understanding that the information will be protected as a trade secret or proprietary data believed to have actual or potential value. This marking may be used in conjunction with the "NOCONTRACT" marking to preclude dissemination to any contractor. This marking may be abbreviated as "PROPIN" or "PR."
e. "NOT RELEASABLE TO FOREIGN NATIONALS" (NOFORN). This marking is used to identify Intelligence Information that may not be released in any form to foreign governments, foreign nationals, or non-U.S. citizens. This marking may be abbreviated "NOFORN" or "NF."
f. "AUTHORIZED FOR RELEASE TO (name of country(ies)/international organization)" (REL). This marking is used to identify Intelligence Information that an originator has predetermined to be releasable or has released, through established foreign disclosure procedures and channels, to the foreign/international organization indicated. This marking may be abbreviated "REL (abbreviated name of foreign organization)."
9-304. Limitation on Dissemination of Intelligence Information.
A contractor is not authorized to further disclose or release classified Intelligence Information (including release to a subcontractor) without prior written authorization of the releasing agency.
9-305. Safeguarding Intelligence Information.
All classified Intelligence Information in the contractor's possession shall be safeguarded and controlled in accordance with the provisions of this Manual for classified information of the same classification level, with any additional requirements and instructions received from the GCA, and with any specific restrictive markings or limitations that appear on the documents themselves.
9-306. Inquiries.
All inquiries concerning source, acquisition, use, control or restrictions pertaining to Intelligence Information shall be directed to the releasing agency.
CHAPTER 10
International Security Requirements
Section 1. General and Background Information
10-100. General.
This Chapter provides policy and procedures governing the control of classified information in international programs. It also provides procedures for those aspects of the ITAR that require compliance with this Manual. (The terms used in this Chapter may differ from those in the ITAR). This Section contains information concerning the Federal laws and regulations, the National Disclosure Policy, and the international agreements that govern the disclosure of classified and other sensitive information to foreign interests.
10-101. Policy.
The private use of classified information is not permitted except in furtherance of a lawful and authorized Government purpose. Government Agencies have appointed individuals to the positions of Principal and Designated Disclosure Authorities to oversee foreign disclosure decisions. These officials authorize the release of their agency's classified information that is involved in the export of articles and services. They determine that the release is essential to the accomplishment of the specified Government purpose; the information is releasable to the foreign government involved; and the information can and will be adequately protected by the recipient foreign government.
10-102. Applicable Federal Laws.
The transfer of articles and services, and related technical data, to a foreign person, within or outside the U.S., or the movement of such material or information to any destination outside the legal jurisdiction of the U.S., constitutes an export. Depending on the nature of the articles or data, most exports are governed by the Arms Export Control Act, the Export Administration Act, and the Atomic Energy Act.
a. The Arms Export Control Act (AECA) (22 U.S.C. 2751). This Act governs the export of defense articles and services, and related technical data, that have been determined to constitute "arms, munitions, and implements of war," and have been so designated by incorporation in the U.S. Munitions List. The AECA is implemented by the Department of State (Office of Defense Trade Controls) in the ITAR (22 CFR 120 et seq.). Exports of classified defense articles and data on the U.S. Munitions List are also subject to the provisions of the National Disclosure Policy. The AECA requires agreement by foreign governments to protect U.S. defense articles and technical data provided to them.
b. The Export Administration Act (EAA) (50 U.S.C. app. 2401 Note). This Act governs the export of articles and technical data that are principally commercial in nature and deemed not appropriate for inclusion on the U.S. Munitions List. The EAA is implemented by the Department of Commerce (Bureau of Export Administration) in the Export Administration Regulation (15 CFR 368 et seq.). This Regulation establishes a list of commodities and related technical data known as the Commerce Control List. Some of these controlled commodities are referred to as "dual-use." That is, they have an actual or potential military as well as civilian, commercial application. Therefore, export of certain dual-use commodities requires DoD concurrence. Exports under the EAA do not include classified information. (NOTE: The EAA expired in 1990, but was revived in 1993 (P.L. 103-10); however, the administrative controls have been in continuous effect under E.O. 12730 of Sepember 30, 1990, and now E.O. 12868 of September 30, 1993).
c. The Atomic Energy Act (AEA) of 1954, as amended (42 U.S.C. 2011). This Act provides a program of international cooperation to promote common defense and security, and makes available to cooperating nations the benefits of peaceful applications of atomic energy, as expanding technology and considerations of the common defense and security permit. RD and FRD may be shared with another nation only under the terms of an agreement for cooperation.
d. The Defense Authorization Act of 1984 (10 U.S.C. 130). This Act authorizes the Secretary of Defense to withhold from public disclosure unclassified technical data that has military or space application, is owned or controlled by the DoD, and is subject to license under the AECA or EAA. Canada has a similar law. A qualified contractor in the United States and Canada that is registered at the Joint Certification Office, Defense Logistics Agency, may have access to this technical data in support of a U.S. or Canadian Government requirement. A foreign contractor may have access to the U.S. technical data upon issuance of an export license or other written U.S. Government authorization, and their agreement to comply with requirements specified in the export authorization. The information that is subject to these additional controls is identified by an export control warning and distribution statements that describe who may have access and the reasons for control.
10-103. National Disclosure Policy (NDP).
Decisions on the disclosure of classified military information to foreign interests, including classified information related to defense articles and services controlled by the ITAR, are governed by the NDP. U.S. Government policy is to avoid creating false impressions of its readiness to make available classified military information to foreign interests. The policy prescribes that commitments shall not be expressed or implied and there may be no disclosure of any information until a decision is made concerning the disclosure of any classified information. Decisions on the disclosure of classified military information are contingent on a decision by a principal or designated disclosure authority that the following criteria are met:
a. The disclosure supports U.S. foreign policy.
b. The release of classified military information will not have a negative impact on U.S. military security.
c. The foreign recipient has the capability and intent to protect the classified information.
d. There is a clearly defined benefit to the U.S. Government that outweighs the risks involved.
e. The release is limited to that classified information necessary to satisfy the U.S. Government objectives in authorizing the disclosure.
10-104. Bilateral Security Agreements.
Bilateral security agreements are negotiated with various foreign governments. Confidentiality requested by some foreign governments prevents a listing of the countries that have executed these agreements.
a. The General Security Agreement, negotiated through diplomatic channels, requires that each government provide to the classified information provided by the other substantially the same degree of protection as the releasing government. The Agreement contains provisions concerning limits on the use of each government's information, including restrictions on third party transfers and proprietary rights. It does not commit governments to share classified information, nor does it constitute authority to release classified material to that government. It satisfies, in part, the eligibility requirements of the AECA concerning the agreement of the recipient foreign government to protect U.S. classified defense articles and technical data. (NOTE: The General Security Agreement also is known as a General Security of Information Agreement and General Security of Military Information Agreement. The title and scope are different, depending on the year the particular agreement was signed.)
b. Industrial security agreements have been negotiated with certain foreign governments which identify the procedures to be used when foreign government information is provided to industry. The Office of the Under Secretary of Defense (Policy) negotiates Industrial Security Agreements as an Annex to the General Security Agreement and the Director, Defense Investigative Service, has been delegated authority to implement the provisions of the Industrial Security Agreements. The Director of Security, NRC, negotiates and implements these agreements for the NRC.
Section 2. Disclosure of U.S. Information to Foreign Interests
10-200. General.
Contractors shall avoid creating false impressions of the U.S. Government's readiness to authorize release of classified information to a foreign entity. If the information is derived from classified source material, is related to a classified GCA contract, and it has not been approved for public disclosure, advance disclosure authorization will be required. Disclosure authorization may be in the form of an export license, a letter authorization from the U.S. Government licensing authority, or an exemption to the export authorization requirements.
10-201. Authorization for Disclosure.
Disclosure guidance will be provided by the GCA. Disclosure guidance provided for a previous contract or program shall not be used, unless the contractor is so instructed, in writing, by the GCA or the licensing authority. Classified information normally will be authorized for disclosure and export as listed below:
a. Government-to-Government International Agreements. Classified information shall not be disclosed until the agreement is signed by the participating governments and disclosure guidance and security arrangements are established. The export of technical data pursuant to such agreements may be exempt from ITAR licensing requirements.
b. Symposia, Seminars, Exhibitions, and Conferences. Appropriately cleared foreign nationals may participate in classified gatherings if authorized by the Head of the U.S. Government Agency that authorizes the conduct of the conference. All export controlled information to be disclosed shall be approved for disclosure pursuant to an export authorization or exemption covering the specific information and countries involved, or by written authorization from the designated disclosure authority of the originating Government Agency.
c. Foreign Visits. Disclosure of classified information shall be limited to that specific information authorized in connection with an approved visit request or export authorization.
d. Sales, Loans, Leases, or Grants of Classified Items. Disclosure of classified information or release of classified articles or services in connection with Government sales, loans, eases, or grants shall be in accordance with security arrangements specified by the GCA. Tests or demonstrations of U.S. classified articles prior to a purchase of inventory quantities of the item shall be under U.S. control unless an exception to policy is approved by the head of the GCA.
e. Foreign Participation in Contractor Training Activities. Disclosure of classified information to foreign nationals participating in training at contractor facilities shall be limited to information that is necessary for the operation and maintenance of, or training on, an item of equipment that has been sold to the trainee's government.
f. Direct Commercial Sales. The disclosure of classified information may be authorized pursuant to a direct commercial sale only if the proposed disclosure is in support of a U.S. or foreign government procurement requirement, a Government contract, or an international agreement. A direct commercial sale includes sales under a government agency sales financing program. If a proposed disclosure is in support of a foreign government requirement, the contractor should consult with U.S. in-country officials (normally the U.S. Security Assistance/Armaments Cooperation Office or Commercial Counselor).
g. Temporary Exports. Classified articles (including articles that require the use of classified information for operation) exported for demonstration purposes shall remain under U.S. control. The request for export authorization shall include a description of the arrangements that have been made in-country for U.S. control of the demonstrations and secure storage under U.S. Government control.
h. Foreign Contractor Participation in U.S Classified Contracts. Requests initiated by foreign contractors for classified information shall be submitted through the foreign country's embassy in Washington, DC, to the GCA foreign disclosure office. Approval of the request by GCA does not alleviate the requirement for a U.S. contractor to obtain an export authorization.
10-202. Direct Commercial Arrangements.
An export authorization is required before a contractor makes a proposal to a foreign person that involves the eventual disclosure of U.S. classified information. The contractor should obtain the concurrence of the GCA before submitting an export authorization request. To expedite disclosure and export decisions, the request for export authorization should include the following:
a. The U.S. or foreign government requirement that justifies the proposed export.
b. The type and classification level of any classified information and other export controlled technical information that ultimately would have to be exported, and the name, address, and telephone number of the Government entity that originated the classified information.
c. Identification of any prior licenses for the same articles or data.
d. A discussion of how U.S. operational and technology interests can be protected.
e. An evaluation of foreign availability of similar articles or technology.
f. The name, address, and telephone number of a U.S. and/or foreign government official who is knowledgeable concerning the government requirement.
g. The name, address, and telephone number of the CSA for U.S. contractors.
h.Any proposed security requirements that may require U.S. and/or foreign government approval.
i. Proposed transfer arrangements.
j. A Technology Control Plan (TCP), if applicable.
10-203. Retransfer and Security Assurances.
a. Requests for export authorizations that will involve the transfer of significant military equipment or classified material shall be accompanied by a Department of State Form DSP-83, Non-Transfer and Use Certificate. If classified material is involved, the form shall be signed by an official of the responsible foreign government who has the authority to certify that the transfer is for government purposes and that the classified material will be protected in compliance with a government-to-government security agreement.
b. If the transfer of classified material is not covered by a government-to-government agreement containing security requirements, an agreement will be necessary prior to the transfer of the material.
c. If a foreign government official refuses to sign the Form DSP-83, citing an existing agreement as the basis for refusal, that official should be requested to contact the Department of State, Office of Defense Controls, in writing, through its embassy in Washington, D.C. to address the requirement. The correspondence shall cite the existing agreement and certify that the material to be transferred is for government purposes and will be protected in compliance with the cited agreement.
10-204. Contract Security Requirements.
a. When a U.S. contractor is authorized to award a subcontract or enter into a Manufacturing License Agreement, Technical Assistance Agreement, or other direct commercial arrangement with a foreign contractor that will involve classified information, security requirements clauses will be incorporated in the subcontract document or agreement and security classification guidance via a Contract Security Classification Specification will be provided (see page 10-2-4). Two copies of the signed contract with the clauses and the classification guidance shall be provided to the CSA. If the export authorization specifies that additional security arrangements are necessary for performance on the contract, contractor developed arrangements shall be incorporated in appropriate clauses in the contract or in a separate security document.
b. The contractor shall prepare and maintain a written record that identifies the originator or source of classified information that will be used in providing defense articles or services to foreign customers. The contractor shall maintain this listing with the contractor's record copy of the pertinent export authorization. Security Clauses for International Contracts Security clauses, substantially as shown below, shall be included in all contracts and subcontracts involving classified information that are awarded to foreign contractors.
1. All classified information and material furnished or generated pursuant to this contract shall be protected as follows: a. The recipient will not release the information or material to a third-country government, person, or firm without the prior approval of the releasing government. b. The recipient will afford the information and material a degree of protection equivalent to that afforded it by the releasing government; and c. The recipient will not use the information and material for other than the purpose for which it was furnished without the prior written consent of the releasing government. 2. Classified information and material furnished or generated pursuant to this contract shall be transferred through government channels or other channels specified in writing by the Governments of the United States and (insert applicable country) and only to persons who have an appropriate security clearance and an official need for access to the information in order to perform on the contract. 3. Classified information and material furnished under this contract will be remarked by the recipient with its government's equivalent security classification markings. 4. Classified information and material generated under this contract must be assigned a security classification as specified by the contract security classification specifications provided with this contract. 5. All cases in which it is known or there is reason to believe that classifed information or material furnished or generated pursuant to this contract has been lost or disclosed to unauthorized persons shall be reported promptly and fully by the contractor to its government's security authorities. 6. Classified information and material furnished or generated pursuant to this contract shall not be further provided to another potential contractor or subcontractor unless: a. A potential contractor or subcontractor which is located in the United States or (insert applicable country) has been approved for access to classified information and material by U.S. or (insert applicable country) security authorities; or, b. If located in a third country, prior written consent is obtained from the United States Government. 7. Upon completion of the contract, all classified material furnished or generated pursuant to the contract will be returned to the U.S. contractor or be destroyed. 8. The recipient contractor shall insert terms that substantially conform to the language of these clauses, including this clause, in all subcontracts under this contract that involve access to classified information furnished or generated under this contract.
Section 3. Foreign Government Information
10-300. General.
Foreign government information shall retain its original classification markings or shall be assigned a U.S. classification that provides a degree of protection at least equivalent to that required by the entity that furnished the information. This Section provides additional requirements for protecting and controlling access to foreign government information provided to U.S. contractors.
10-301. Policy.
The contractor shall notify the CSA when awarded contracts by a foreign interest that will involve access to classified information. The CSA shall administer oversight and ensure implementation of the security requirements of the contract on behalf of the foreign government, including the establishment of channels for the transfer of classified material.
10-302. Marking Foreign Government Classified Material.
Foreign government designations for classified information generally parallel U. S. security classification designations. However, some foreign governments have a fourth level of classification, RESTRICTED, for which there is no equivalent U.S. classification. The information is to be protected and marked as CONFIDENTIAL information. When other foreign government material is received, the equivalent U.S. classification and the country of origin shall be marked on the front and back in English. Foreign government classification designations and the U.S. equivalents are shown in Appendix B.
10-303. Marking U.S. Documents That Contain Foreign Government Information.
U.S. documents that contain foreign government information shall be marked on the front, "THIS DOCUMENT CONTAINS FOREIGN GOVERNMENT (indicate level) INFORMATION." In addition, the portions shall be marked to identify the classification level and the country of origin, e.g., (UK-C); (GE-C). If a foreign government indicates that it does not want to be identified, applicable paragraphs shall be marked FGI together with the appropriate classification, e.g., (FGI-S). The "Classified by" line shall identify U.S. as well as foreign classification sources. If the foreign government does not want to be identified, a separate record shall be maintained. The "Declassify on" line shall contain the notation, "ORIGINATING AGENCY'S DETERMINATION REQUIRED" or "OADR." A U.S. document, marked as described herein, shall not be downgraded below the highest level of foreign government information contained in the document or be declassified without the written approval of the foreign government that originated the information. Recommendations concerning downgrading or declassification shall be submitted to the CSA.
10-304. Marking Documents Prepared For Foreign Governments.
Documents prepared for foreign governments that contain U.S. and foreign government information shall be marked as prescribed by the foreign government. In addition, they shall be marked on the front, "THIS DOCUMENT CONTAINS UNITED STATES CLASSIFIED INFORMATION." Portions shall be marked to identify the U.S. classified information. The record specified in paragraph 10-204b shall be maintained.
10-305. PCL, FCL, and Briefing Requirements.
PCLs and FCLs issued by the U.S. Government are valid for access to classified foreign government information of a corresponding level. Contractor employees will be briefed and acknowledge in writing their responsibilities for handling foreign government information prior to being granted access.
10-306. Storage, Control, and Accountability.
Foreign government material shall be stored and access controlled generally in the same manner as U.S. classified material of an equivalent classification. The procedures shall ensure that the material can be located at all times and access is limited to only those persons who require access for the specific purpose for which the information was provided by the originating government. Foreign government material shall be stored in a manner that will avoid commingling with other material which may be accomplished by establishing separate files in a storage container. Annual inventories are required for TOP SECRET and SECRET material.
10-307. Disclosure and Use Limitations.
Foreign government information shall not be disclosed to nationals of a third country, including intending citizens, or to any other third party, or be used for other than the purpose for which it was provided, without the prior written consent of the originating foreign government. Requests for other uses or further disclosure shall be submitted to the GCA for U.S. contracts, and through the CSA for direct commercial contracts. Approval of the request does not alleviate the requirement for the contractor to obtain an export authorization.
10-308. Exports of Foreign Government Information.
An export authorization is required for the export or re-export of export-controlled foreign government information except for technical data being returned to the original source of import. All requests for export authorization for foreign government information shall clearly identify and distinguish between the foreign government information and any U.S. information involved in the same request. Foreign government information shall not be exported to a third party without the prior consent of the originating government. A copy of such consent shall be provided in writing to the Office of Defense Trade Controls, Department of State, with an information copy to the CSA.
10-309. Transfer.
Foreign government information shall be transferred within the U.S., its possessions, or territories, using the same channels as specified by this Manual for U.S. classified information of an equivalent classification except that uncleared commercial delivery services shall not be used. The transfer of foreign government information to areas outside the U.S. shall be through government-to-government channels
10-310. Contract Security Requirements.
The foreign entity that awards a classified contract is responsible for providing appropriate security classification guidance and any security requirements clauses. The failure of a foreign entity to provide classification guidance shall be reported to the CSA.
10-311. Public Disclosure.
The public disclosure of foreign government information requires the prior written approval of the contracting foreign government.
10-312. Subcontracting.
a. A U.S. contractor may award a subcontract that involves access to foreign government information to another contractor within the U.S., its possessions or territories, except as described in subparagraph b, below, upon verifying with the CSA that the prospective subcontractor has the appropriate FCL and storage capability. The contractor awarding a subcontract shall provide appropriate security classification guidance and incorporate the pertinent security requirements clauses in the subcontract.
b. Subcontracts involving foreign government information shall not be awarded to a contractor in a third country or to a U.S. company with a limited FCL based on third-country ownership, control, or influence without the express written consent of the originating foreign government. The CSA will coordinate with the appropriate foreign government authorities to resolve the matter.
10-313. Reproduction.
The reproduction of foreign government TOP SECRET information requires the written approval of the originating government. Reproduced copies of all foreign government information shall be controlled, protected, and accounted for in the same manner as the original version.
10-314. Disposition.
Foreign government information shall be returned to the GCA or foreign government that provided the information, upon completion of the contract, unless the contract specifically authorizes destruction or retention of the information. TOP SECRET and SECRET destruction must be witnessed; destruction certificates are required for foreign government material and shall be retained for 3 years.
10-315. Loss, Compromise, or Suspected Compromise.
The loss, compromise, or suspected compromise of foreign government material shall be reported promptly to the CSA.
10-316. Reporting of Improper Receipt of Foreign Government Material.
The contractor shall report to the CSA the receipt of classified material from foreign interests that is not received through government channels.
10-317. Processing Foreign Government Classified Information on AISs.
Foreign government information shall be processed on an AIS accredited to the appropriate classification level.
Section 4. International Transfers
10-400. General.
This Section contains the procedures for international transfers of classified material. The requirements in this Section do not apply to the transmission of classified material to U.S. Government activities outside the United States. Copies of the forms, plans and certificates discussed in this Section may be obtained from the CSO.
10-401. Policy.
All international transfers of classified material shall take place through government - to - government channels. Control and accountability of classified material must be maintained until the material is officially transferred to the intended recipient government through its designated government representative (DGR).
a. To ensure Government accountability, written transmission instructions shall be prepared for all international transfers of classified material. If the transfer involves the use of a commercial carrier or freight forwarder, the instructions shall be fully described in a Transportation Plan (TP). The instructions shall be approved by the CSA and the recipient government security authorities. Preparation of the instructions shall be the responsibility of: (1) The contractor for commercial contracts; and (2) The executing government agency for Government contracts.
b. In urgent situations, the CSA may authorize appropriately cleared contractor employees to handcarry classified material.
c. The CSA shall be contacted at the earliest possible stage in deliberations that will lead to the international transfer of classified material. The CSA shall advise the contractor on the transfer arrangements, identify the recipient government's DGR, appoint a U.S. government employee as the U.S. DGR, and ensure that the transportation plan prepared by the contractor or government is adequate.
10-402. Transfers of Freight.
a. Government Agency Sales. Classified material to be furnished to a foreign government under such transactions normally will be shipped via government agency-arranged transportation, such as the DTS, and be transferred to the foreign government's DGR within the recipient government's territory. In any Government Agency sales case, the Government Agency that executes the sale is responsible, in coordination with the recipient foreign government, for preparing a TP. When the point of origin is a U.S. contractor facility, the GCA shall provide the contractor and the applicable CSA a copy of the TP and the applicable Letter of Offer and Acceptance (LOA). If a freight forwarder is to be used in processing the shipment, the freight forwarder and its CSA also shall be provided a copy of the TP by the GCA.
b. Commercial Contracts. The contractor shall prepare a TP in coordination with the receiving government security officials. This requirement applies whether the material is to be moved by land, sea, or air, and applies to U.S. and foreign classified contracts. After the CSA approves the TP, it shall be forwarded to the recipient foreign government security authorities for final coordination and approval.
c. Transportation Plan (TP). A requirement to prepare a TP shall be included in each contract that involves the international transfer of classified material as freight. The TP shall describe arrangements for the secure shipment of the material from the point of origin to the ultimate destination. The U.S. and recipient government DGRs shall be identified in the TP. The TP shall provide for security arrangements in the event the transfer cannot be made promptly. When there are to be repetitive shipments, a Notice of Classified Consignment will be used. The shipment must be accompanied by an appropriately cleared escort.
d. International Carriers. The international transfer of classified material shall be made using only ships, aircraft, or other carriers that:
(1) Are owned or chartered by the U.S Government or under U.S. registry (2) Are owned or chartered by or under the registry of the recipient government (3) Are carriers other than those described that are expressly authorized to perform this function in writing by the Designated Security Authority of the GCA and the security authorities of the foreign government involved. This authority shall not be delegated and this exception may be authorized only when a carrier described in (1) or (2), above, is not available and/or an urgent operational requirement dictates use of the exception.
10-404. Return of Material for Repair, Modification, or Maintenance.
A foreign government or contractor may return classified material to a U.S. contractor for repair, modification, or maintenance. The approved methods of return shall be specified in either the GCA sales contract, the security requirements section of a direct commercial sales contract, or, in the case of material transferred as freight, in the original TP. The contractor, upon receipt of notification that classified material is to be received, will notify the applicable CSA. The CSA shall contact the applicable foreign government security officials and arrange for secure transportation within the United States.
10-405. Use of Freight Forwarders.
a. A commercial freight forwarder may be used to arrange for the international transfer of classified material as freight. The freight forwarder must be under contract to a Government Agency, U.S. contractor, or the recipient foreign government. The contract shall describe the specific functions to be performed by the freight forwarder. The responsibility for security and control of the classified material that is processed by freight forwarders remains with the U.S. Government until the freight is transferred to a DGR of the recipient government.
b. Only freight forwarders that have a valid FCL and storage capability at the appropriate level are eligible to take custody, or possession of classified material for delivery as freight to foreign recipients. Freight forwarders that only process unclassified paperwork and make arrangements for the delivery of classified material to foreign recipients do not require an FCL.
10-406. Handcarrying Classified Material.
To meet an urgent need, the CSA may authorize contractor employees to handcarry classified material outside the United States. SECRET is the highest level of classified material to be carried and it shall be of such size and weight that the courier can retain it in his or her possession at all times. The CSA shall ensure that necessary arrangements are made with U.S. airport security and customs officials and that security authorities of the receiving government approve the plan. If the transfer is pursuant to a contract or a bilateral or multinational government program, the request shall be approved in writing by the GCA. The CSA shall be notified by the contractor of a requirement under this Section at least 5 work days in advance of the transfer. Furthermore:
a. The courier shall be a full-time, appropriately cleared employee of the dispatching contractor.
b. The courier shall be provided with a Courier Certificate that shall be consecutively numbered and be valid for one journey only. The journey may include more than one stop, if approved by the CSA and secure Government storage has been arranged at each stop. The Courier Certificate shall be returned to the dispatching security officer immediately upon completion of the journey.
c. Before commencement of each journey, the courier shall read and initial the Notes to the Courier attached to the Courier Certificate and sign the Courier Declaration . The Declaration shall be maintained by the FSO until completion of the next security inspection by the CSA.
d. The material shall be inventoried, and shall be wrapped and sealed in the presence of the U.S. DGR. The address of the receiving security office and the return address of the dispatching company security office shall be shown on the inner envelope or wrapping. The address of the receiving government's DGR shall be shown on the outer envelope or wrapping along with the return address of the dispatching office.
e. The dispatching company security office shall prepare three copies of a receipt based on the inventory, and list the classified material involved. One copy of the receipt shall be retained by the dispatching company security office and the other two copies shall be packed with the classified material. The security office shall obtain a receipt for the sealed package from the courier.
f. The dispatching company security office shall provide the receiving security office with 24 work hours advance notification of the anticipated date and time of the courier's arrival, and the identity of the courier. The receiving security office shall notify the dispatching company security office if the courier does not arrive within 8 hours of the expected time of arrival. The dispatching security office shall notify its DGR of any delay, unless officially notified otherwise of a change in the courier's itinerary.
g. The receiving DGR shall verify the contents of the consignment and shall sign the receipts enclosed in the consignment. One copy shall be returned to the courier. Upon return, the courier shall provide the executed receipt to the dispatching security office.
h. Throughout the journey, the consignment shall remain under the direct personal control of the courier. It shall not be left unattended at any time during the journey, in the transport being used, in hotel rooms, in cloakrooms, or other such location, and it may not be deposited in hotel safes, luggage lockers, or in luggage offices. In addition, envelopes and packages containing the classified material shall not be opened en route, unless required by customs or other government officials.
i. When inspection by government officials is unavoidable, the courier shall request that the officials provide written verification that they have opened the package. The courier shall notify the FSO as soon as possible. The FSO shall notify the U.S. DGR. If the inspecting officials are not of the same country as the dispatching security office, the designated security authority in the country whose officials inspected the consignment also shall be notified by the CSA. Under no circumstances shall the classified consignment be handed over to customs or other officials for their custody.
j. When carrying classified material, the courier shall not travel by surface routes through third countries, except as authorized by the CSA. The courier shall travel only on carriers described in 10-403d, and travel direct routes between the U.S. and the destination.
10-407. Classified Material Receipts.
There shall be a continuous chain of receipts to record international transfers of all classified material from the contractor through the U.S. DGR and the recipient DGR to the ultimate foreign recipient. The contractor shall retain an active suspense record until return of applicable receipts for the material. A copy of the external receipt that records the passing of custody of the package containing the classified material shall be retained by the contractor and each intermediate consignee in a suspense file until the receipt that is enclosed in the package is signed and returned. Follow-up action shall be initiated through the CSA if the signed receipt is not returned within 45 days. The contractor shall retain the receipt for 2 years.
10-408. Contractor Preparations for International Transfers Pursuant to Commercial and User Agency Sales.
The contractor shall be responsible for the following preparations to facilitate international transfers:
a. Ensure that each party that will be involved in the transfer is identified in the applicable contract or agreement, and in the license application or letter request.
b. Notify the appropriate U.S. DGR when the material is ready.
c. Provide documentation or written certification by an empowered official (as defined in the ITAR) to the U.S. DGR to verify that the classified shipment is within the limitations of the pertinent export authorization or an authorized exemption to the export authorization requirements, or is within the limitations of the pertinent GCA contract.
d. Have the classified shipment ready for visual review and verification by the DGR. As a minimum this will include:
(1) Preparing the packaging materials, address labels, and receipts for review. (2) Marking the contents with the appropriate U.S. classification or the equivalent foreign government classification, downgrading, and declassification markings, as applicable. (3) Ensuring that shipping documents (including, as appropriate, the Shipper's Export Declaration) include the name and telephone number of the CSA that validates the license or letter authorization, and the FSO or his or her designee for the particular transfer. (4) Have sent advance notification of the shipment to the CSA, the recipient, and to the freight forwarder, if applicable. The notification will require that the recipient confirm receipt of the shipment or provide notice to the contractor if the shipment is not received in accordance with the prescribed shipping schedule.
10-409. Transfers of Technical Data Pursuant to an ITAR Exemption.
a. The contractor shall provide to the DGR valid documentation (i.e., license, Letter of Offer and Acceptance, or agreement) to verify the export authorization for classified technical data to be transferred pursuant to an ITAR exemption. The documentation shall include a copy of the Form DSP-83 associated with the original export authorization.
b. Classified technical data to be exported pursuant to ITAR exemption 125.4(b)(1) shall be supported by a written authorization signed by a principal disclosure authority or designated disclosure authority of the Government Agency. A copy of the authorization shall be provided by the contractor through the CSA to the Office of Defense Trade Controls.
c. Exports shall not be permitted under a Manufacturing License or Technical Assistance Agreement for which the authorization has expired.
Section 5. International Visits and Control of Foreign Nationals
10-500. General.
This Section describes the procedures that the United States and foreign governments have established to control international visits to their organizations and cleared contractor facilities. It also describes procedures for controlling access to sensitive areas and information by foreign national employees.
10-501. Policy.
a. All requests for international visits shall be processed in compliance with the requirements of this Section.
b. The contractor shall establish procedures to monitor international visits by their employees and visits or assignments to their facilities of foreign nationals to ensure that the disclosure of, and access to, export-controlled articles and related information are limited to those that are approved by an export authorization.
c. Visit authorizations shall not be used to employ or otherwise acquire the services of foreign nationals that require access to export-controlled information; an export authorization is required for such situations.
10-502. Types and Purpose of International Visits.
Visit requests are necessary to make administrative arrangements, obtain security assurances, and disclosure decisions. There are three types of international visits.
a. One-time Visits. A visit for a single, short-term occasion (normally less than 30 days) for a specified purpose.
b. Recurring Visits. Intermittent, recurring visits over a specified period of time, normally up to 1 year in duration, in support of a Government-approved arrangement, such as an agreement, contract, or license. By agreement of the governments, the term of the authorization may be for the duration of the arrangement, subject to annual review, and validation.
c. Extended Visits. A single visit for an extended period of time, normally up to 1 year, in support of an agreement, contract, or license. (NOTE: Some governments have only two categories of visits (one-time and recurring) and refer to an extended visit as a one-time, long-term visit.)
10-503. Emergency Visits.
Some foreign governments will accept a visit request submitted within 7 calendar days of the proposed visit for an "emergency visit." To qualify as an emergency visit, the visit must relate to a specific Government-approved contract, international agreement or announced request for proposal, and failure to make the visit reasonably could be expected to seriously jeopardize performance on the contract or program, or result in the loss of a contract opportunity. Emergency visits are only approved as a single, one-time visit. The requester should coordinate the emergency visit in advance with the person to be visited and ensure that the complete name, grade or position, address, and telephone number of the person and a knowledgeable foreign government point of contact are provided in the visit request, along with the identification of the contract, agreement, or program and the justification for submission of the emergency visit request.
10-504. Requests for Recurring Visits.
Recurring visit authorizations should be requested at the beginning of each program. After approval of the request, individual visits may be arranged directly with the security office of the location to be visited subject to three working days advance notice.
10-505. Amendments.
Visit requests that have been approved or that are being processed may be amended only to change, add, or delete names and change dates. Amendments that request earlier dates than originally specified shall not be accepted. Emergency visit authorizations shall not be amended.
10-506. Visits Abroad by U.S. Contractors.
Many foreign governments require the submission of a visit request for all visits to a government facility or a cleared contractor facility, even though classified information may not be involved. They also require that the requests be received a specified number of days in advance of the visit. These lead times for NATO countries are attached. An export authorization must be obtained if export controlled technical data is to be disclosed or if information to be divulged is related to a classified U.S. Government program, unless the disclosure of the information is covered by an ITAR exemption. Visit request procedures are outlined as follows:
a. Request Format. The visit request format is contained on pages 10-5-4 and 10-5-5 and shall be forwarded to the CSA. The host for the visit should coordinate the visit in advance with appropriate government authorities who are required to approve the visit. It is the visitor's responsibility to ensure that such coordination has occurred.
b. Government Agency Programs. When contractor employees are to visit foreign government facilities or foreign contractors on U.S. Government orders in support of a Government contract or agreement, a visit request also shall be submitted by the contractor.
10-507. Visits by Foreign Nationals to U.S. Contractor Facilities.
Requests for visits by foreign nationals to U.S. contractor facilities that will involve the disclosure of (a) U.S. classified information, (b) Unclassified information related to a U.S. Government classified program, or (c) Plant visits covered by Section 125.5 of the ITAR, shall be processed through the sponsoring foreign government (normally the visitor's embassy) to the U.S. Government Agency for approval. (NOTE: Requests for visits by foreign nationals that involve only commercial programs and related unclassified information may be submitted directly to the contractor. It is the contractor's responsibility to ensure that an export authorization is obtained, if applicable.) As described below, the U.S. Government Agency may approve or deny the request, or decline to render a decision.
a. Government-Approved Visits. U.S. Government-approved visits constitute an exemption to the export licensing provisions of the ITAR. U.S. Government approved visits shall not be used to avoid the export licensing requirements for commercial initiatives. When the cognizant U.S. Government Agency approves a visit, the notification of approval shall contain instructions on the level and scope of classified and unclassified information authorized for disclosure, as well as any limitations. Final acceptance of the visit shall be subject to the concurrence of the contractor who shall notify the U.S. Government Agency when a visit is not desired.
b. Visit Request Denials. If the U.S. Government Agency does not approve the disclosure of the information related to the proposed visit, it will deny the visit request. The requesting government and the contractor to be visited shall be advised of the reason for the denial. The contractor may accept the visitor(s). However, only information that is in the public domain may be disclosed.
c. Non-Sponsorship. The U.S. Government Agency will decline to render a decision on a visit request that is not in support of a U.S. Government program. A declination notice, indicating that the visit is not Government approved (i.e., the visit is non-sponsored), shall be furnished to the requesting foreign government with an information copy to the U.S. contractor to be visited. A declination notice does not preclude the visit, provided the contractor has, or obtains, an export authorization for the information involved and, if classified information is involved, has been notified that the requesting foreign government has provided the required security assurance of the proposed visitor to the U.S. Government Agency in the original visit request. It shall be the responsibility of the contractor to consult applicable export regulations to determine licensing requirements regarding the disclosure of export controlled information during such visits by foreign nationals.
d. Access by Foreign Visitors to Classified Information. The contractor shall establish procedures to ensure that foreign visitors are not afforded access to classified information and other export-controlled technical data except as authorized by an export license, approved visit request, or other exemption to the licensing requirements. The contractor shall not inform the foreign visitor of the scope of access authorized or of the limitations imposed by the Government. Foreign visitors shall not be given custody of classified material except when they are acting as an official courier of their government and the CSA authorizes the transfer.
e. Visitor Records. Contractor visitor records shall clearly identify foreign visitors.
f. Visits to Subsidiaries. A visit request authorization for a visit to a parent facility also may be used for visits to other divisions or subsidiaries of the same company provided disclosures are for the same purpose, the information to be disclosed does not exceed the parameters of the approved visit request, and the U.S. Government Agency concurs.
10-508. Control of Access by On-Site Foreign Nationals
a. Extended visits and assignments of foreign nationals to contractor facilities shall be authorized only when it is essential that the foreign national be at the facility pursuant to a contract or Government agreement (e.g., joint venture, liaison representative to a joint or multinational program, or direct commercial sale).
b. If the foreign national will require access to export-controlled information related to, or derived from, a U.S. Government classified contract, the contractor shall obtain the written consent of the GCA prior to making a commitment to accept the proposed visit or assignment. A copy of the written consent shall be included with the request for export authorization, when such authorization is required.
c. The applicable CSA shall be notified in advance of all extended visits and assignments of foreign nationals to cleared contractor facilities. The notification shall include a copy of the approved visit authorization or the U.S. Government export authorization, and the Technology Control Plan (TCP).
d. U.S. and foreign government classified material in a U.S. contractor facility is to remain under U.S. contractor custody and control and is subject to inspection by the FSO and the CSA. This does not preclude a foreign visitor from being furnished a security container for the temporary storage of classified material, consistent with the purpose of the visit or assignment, provided the CSA approves, and responsibility for the container and its contents remains with the U.S. contractor. Exceptions to this policy may be approved on a case-by-case basis by the CSA for the storage of foreign government classified information furnished to the visitor by the visitor's government through government channels. Exceptions shall be approved in advance, in writing, by the CSA, and agreed to by the visitor's government. The agreed procedures shall be included in the contractor's TCP, shall require the foreign nationals to provide receipts for the material, and shall include an arrangement for the CSA to ensure compliance, including provisions for the CSA to inspect and inventory the material.
10-509. TCP.
A TCP is required to control access by foreign nationals assigned to, or employed by, cleared contractor facilities unless the CSA determines that procedures already in place at the contractor's facility are adequate. The TCP shall contain procedures to control access for all export-controlled information. A sample of a TCP may be obtained from the CSA.
10-510. Security and Export Control Violations Involving Foreign Nationals.
Any violation of administrative security procedures or export control regulations by foreign visitors or foreign national employees shall be reported to the CSA.
Standard Request For Visit Format
I. This matrix contains the instructions for the completion of a Request for Visit (RFV). The visit request must be submitted through the Facility Security Officer to the applicable Clearance Agency. The RFV format in Section II below, will be used for all requests for international visits as follows:
a. A separate request must be submitted for each program, project, or contract.
b. A separate request must be submitted for each country to be visited.
c. Subject to Government Agency restrictions, multiple locations may be listed for each country provided each location is involved in the same program, project, or contract.
d. The RFV may be locally produced on a form or form letter provided the specified format is followed. Information given to answer each data element must be typed or printed in block letters so that it is legible.
e. Most countries have established a specified number of working days that a visit request must be received for processing prior to the visit. The chart in Section III below, lists this information for the NATO member nations.
II. The RFV format will be completed in compliance with the format and instructions listed below. The Subject line of the request should state: Request for Visit Authorization - (insert name of country). The date of the request must be included in the heading. A reference should be made to any correspondence that supports the proposed visit, particularly if the reference includes an invitation.
1. REQUESTING FACILITY. Provide the full name and postal address (include city, state, country, and postal zone) and the name, organization, and telephone and telefax numbers of a person who is knowledgeable of the purpose of the visit.
2. GOVERNMENT AGENCY OR INDUSTRIAL FACILITY TO BE VISITED. Provide the full name and postal address (include city, state, country, and postal zone) and telefax and telephone number of the person with whom arrangements have been made for the visit at the facility.
(NOTE: An Annex should be used if more than two locations are to be visited. In such case, the statement. See also Annex __ should be included.)
3. DATES OF VISIT. Provide the actual date or period (date-to-date) of the visit by day-month-year.
4. TYPE OF VISIT. Specify whether the visit is a government initiative or commercial initiative and whether the visit is being initiated by the requesting facility or the facility to be visited. Government initiative will be specified only if the visit is in support of an authorized government program, which must be fully described in item 7.
5. SUBJECT TO BE DISCUSSED/JUSTIFICATION. Give a concise description of the issues or subjects to be discussed and the reason for the visit. Do not use unexplained abbreviations. In the case of a request for recurring visits, this item should state Recurring Visits as the first words in the data element (e.g., Recurring Visits to discuss . . .).
6. ANTICIPATED LEVEL OF CLASSIFIED INFORMATION TO BE INVOLVED. Indicate SECRET, CONFIDENTIAL, RESTRICTED, or UNCLASSIFIED as applicable, and country of origin of the information.
7. PERTINENCE OF VISIT. Specify the full name of the government program, agreement, or sales contract (e.g., FMS case), or request for proposal or tender offer, using commonly used or explained abbreviations only.
8. PARTICULARS OF VISITOR.
NAME: Family name, followed by forename in full and middle initial(s).
DOB: Date of birth (day-month-year).
POB: Place of birth (city, state, and country).
SC: Security clearance status (e.g., TS, S, C). Indicate NATO clearance if the visit is related to NATO business.
ID-PP: Enter the passport number.
NATIONALITY: Enter citizenship.
POSITION: Provide the position the visitor holds in the organization (e.g., director, product manager, etc.)
COMPANY? Provide the name of the government agency or industrial facility that the
AGENCY visitor represents if different from item 1.
NOTE: If more than 2 visitors are involved in the visit, a continuation sheet should be used. In that case item 8 should state "SEE ANNEX_, NUMBER OF VISITORS:. . . (state the number of visitors).
9. SECURITY OFFICER OF THE REQUESTING CONTRACTOR. Provide the name and telephone number of the requesting Facility Security Officer.
10. CERTIFICATION OF SECURITY CLEARANCE. Do not fill in (to be completed by the Government Clearance Agency).
NOTE: Item 10 also may be filled in by the appropriate official of the U.S. Embassy in the country to be visited or the applicable Office of Industrial Security International (OISI).
11. REMARKS.
(a) This item can be used for certain administrative requirements (e.g., proposed itinerary, request for hotel reservations, and/or transportation).
(b) In the case of an Emergency Visit, the name, telephone, and telefax numbers of the knowledgeable person with whom advance arrangements have been made should be stated.
III. Lead-times (i.e., the number of days in advance that the request must be received by the host government) for NATO nations are as follows:
One-time and Recurring Visits Amendments Belgium 14 9 Canada 20 10 Denmark 7 5 France 25 5 Germany 25 10 Greece 20 10 Italy 14 7 Luxembourg 10 9 Netherlands 20 5 Norway 15 10 Portugal 20 7 Spain 25 8 Turkey 15 10 United Kingdom 21 5
Section 6. Contractor Operations Abroad
10-600. General.
This Section sets forth requirements governing contractor operations abroad, including PCLs for U.S. contractor employees assigned outside the U.S. and their access to classified information.
10-601. Access by Contractor Employees Assigned Outside the United States.
a. Contractor employees assigned outside the United States, its possessions or territories may have access to classified information in connection with performance on a specified United States, NATO, or foreign government classified contract.
b. The assignment of an employee who is a foreign national, including intending citizens, outside the U.S. on programs that will involve access to classified information is prohibited and negates the basis on which an LAA may have been provided to such employee.
c. A consultant shall not be assigned outside the United States with responsibilities that require access to classified information.
10-602. Storage, Custody, and Control of Classified Information Abroad by Employees of a U.S. Contractor.
a. The storage, custody, and control of classified information required by a U.S. contractor employee abroad is the responsibility of the U.S. Government. Therefore, the storage of classified information by contractor employees at any location abroad that is not under U.S. Government control is prohibited. The storage may be at a U.S. military facility, a U.S. Embassy or Consulate, or other location occupied by a U.S. Government organization.
b. A contractor employee may be furnished a security container to temporarily store classified material at a U.S. Government Agency overseas location. The decision to permit a contractor to temporarily store classified information must be approved in writing by the senior security official for the U.S. Government host organization.
c. A contractor employee may be permitted to temporarily remove classified information from an overseas U.S. Government controlled facility, when necessary for the performance of a GCA contract or pursuant to an approved export authorization. The responsible U.S. Government security official at the U.S. Government facility shall verify that the contractor has an export authorization or other written U.S. Government approval to have the material; verify the need for the material to be removed from the facility; and brief the employee on handling procedures. In such cases, the contractor employee shall sign a receipt for the classified material. Arrangements shall also be made with the U.S. Government custodian for the return and storage of the classified material during non-duty hours. Violations of this policy shall be reported to the applicable CSA by the security office at the U.S. Government facility.
d. A contractor employee shall not store classified information at overseas divisions or subsidiaries of U.S. companies incorporated or located in a foreign country. (NOTE: The divisions or subsidiaries may possess classified information that has been transferred to the applicable foreign government through government-to-government channels pursuant to an approved export authorization or other written U.S. Government authorization. Access to this classified information at such locations by a U.S. contractor employee assigned abroad by the parent facility on a visit authorization in support of a foreign government contract or subcontract, is governed by the laws and regulations of the country in which the division or subsidiary is registered or incorporated. The division or subsidiary that has obtained the information from the foreign government shall provide the access.)
e. U.S. contractor employees assigned to foreign government or foreign contractor facilities under a direct commercial sales arrangement will be subject to the host-nation's industrial security policies.
10-603. Transmission of Classified Material to Employees Abroad.
The transmission of classified material to a cleared contractor employee located outside the United States shall be through U.S. Government channels. If the material is to be used for other than U.S. Government purposes, an export authorization is required and a copy of the authorization, validated by the designated Government representative, shall accompany the material. The material shall be addressed to a U.S. military organization or other U.S. Government organization (e.g., an Embassy). The U.S. government organization abroad shall be responsible for custody and control of the material.
10-604. Security Briefings.
An employee being assigned outside the United States shall be briefed on the security requirements of their assignment, including the handling, disclosure, and storage of classified information overseas.
10-605. Report of Assignments.
a. The contractor shall promptly report to the CSA the assignment of a cleared employee to a location outside the United States, Puerto Rico, Guam, or the Virgin Islands for a period exceeding 90 consecutive days. The report shall contain the following information:
(1) Name, address, telephone number, and CSA overseas code (if applicable) of the location to which the employee will be assigned; whether the location is under U.S. Government or foreign government control; and name, title, and telephone number of the U.S. Government or foreign government security official at the location. (2) Justification for access to any U.S. or foreign government classified information, including identification of the contract, license, or agreement under which access is necessary.
b. Subsequent to the assignment of a cleared employee outside the United States, the contractor shall provide to the CSA:
(1) Justification, based on a specified contract, license, agreement, or other Government-approved arrangement, for the employee's continuing need for a PCL every 3 years following the initial assignment. (2) Notification of any change in the location and mailing address of the affected employee. (3) Notification of the termination of the employee's assignment outside the United States.
Section 7. NATO Information Security Requirements
10-700. General.
This Section provides the security requirements needed to comply with the procedures established by the U.S. Security Authority for NATO(USSAN) for safeguarding NATO information provided to U.S. industry.
10-701. Classification Levels.
NATO has four levels of security classification; COSMIC TOP SECRET (CTS), NATO SECRET (NS), NATO CONFIDENTIAL (NC), and NATO RESTRICTED (NR). Another marking, ATOMAL, is applied to U.S. RESTRICTED DATA or FORMERLY RESTRICTED DATA and United Kingdom Atomic information that has been released to NATO. ATOMAL information is marked COSMIC TOP SECRET ATOMAL (CTSA), NATO SECRET ATOMAL (NSA), or NATO CONFIDENTIAL ATOMAL (NCA).
10-702. NATO Contracts.
NATO contracts involving NATO-unique systems, programs, or operations are awarded by a NATO Production and Logistics Organization (NPLO), a designated NATO Management Agency, the NATO Research Staff, or a NATO Command. In the case of NATO infrastructure projects (e.g., airfields, communications), the NATO contract is awarded by a contracting agency or prime contractor of the NATO nation that is responsible for the infrastructure project.
10-703. NATO Facility Security Clearance Certificate.
A NATO Facility Security Clearance Certificate (FSCC) is required for a contractor to negotiate or perform on a NATO classified contract A U.S. facility qualifies for a NATO FSCC if it has an equivalent U.S. FCL and its personnel have been briefed on NATO procedures. The CSA shall provide the NATO FSCC to the requesting activity. A NATO FSCC is not required for GCA contracts that involve access to NATO classified information.
10-704. PCL Requirements.
Access to NATO classified information requires a final PCL at the equivalent level. A PCL is not required for access to NATO RESTRICTED information.
10-705. NATO Briefings.
Prior to having access to NATO classified information including Restricted, employees shall be given a NATO security briefing that covers the requirements of this Section and the consequences of negligent handling of NATO classified information. The FSO shall be initially briefed by a representative of the CSA. Annual refresher briefings shall also be conducted. When access to NATO classified information is no longer required, the employee shall be debriefed. The employee shall sign a certificate stating that they have been briefed or debriefed, as applicable, and acknowledge their responsibility for safeguarding NATO information. Such certificates shall be maintained for 2 years for NATO SECRET, CONFIDENTIAL and RESTRICTED, and 3 years for COSMIC TOP SECRET and all ATOMAL information.
10-706. Access to NATO Classified Information by Foreign Nationals.
Foreign nationals of non-NATO nations may have access to NATO classified information only with the consent of the NATO Office of Security and the contracting activity. Requests shall be submitted to the Central U.S. Registry (CUSR). Access to NATO classified information may be permitted for citizens of NATO member nations provided a NATO security clearance certificate is provided by their government and they have been briefed.
10-707. Subcontracting for NATO Contracts.
The contractor shall obtain prior written approval from the NATO contracting activity and a NATO FSCC must be issued prior to awarding the subcontract. The request for approval will be forwarded through the CSA.
10-708. Preparing and Marking NATO Documents.
All classified documents created by a U.S. contractor shall be portion marked. Any portion extracted from a NATO document that is not portion marked, must be assigned the classification that is assigned to the NATO document.
a. All U.S. originated NATO classified documents shall bear an assigned reference number and date on the first page. The reference numbers shall be assigned as follows:
(1) The first element shall be the abbreviation for the name of the contractor facility. (2) The second element shall be the abbreviation for the overall classification followed by a hyphen and the four digit sequence number for the document within that classification that has been generated for the applicable calendar year. (3) The third element is the year; e.g., MM/NS-0013/93.
b. COSMIC TOP SECRET, NATO SECRET, and ATOMAL documents shall bear the reference number on each page and a copy number on the cover or first page. Copies of NATO documents shall be serially numbered. Pages shall be numbered. The first page or index or table of contents shall include a list, including page numbers, of all Annexes and Appendices. The total number of pages shall be stated on the first page. All Annexes or Appendices will include the date of the original document and the purpose of the new text (addition or substitution) on the first page.
c. One of the following markings shall be applied to NATO documents that contain ATOMAL information:
(1) "This document contains U.S. ATOMIC Information (RESTRICTED DATA or FORMERLY RESTRICTED DATA) made available pursuant to the NATO Agreement for Cooperation Regarding ATOMIC Information, dated 18 June 1964, and will be safeguarded accordingly." (2) "This document contains UK ATOMIC Information. This information is released to the North Atlantic Treaty Organization including its military and civilian agencies and member states on condition that it will not be released by the recipient organization to any other organization or government or national of another country or member of any other organization without prior permission from H.M. Government in the United Kingdom."
d. Working papers shall be retained only until a final product is produced.
10-709. Classification Guidance.
Classification guidance shall be in the form of a NATO security aspects letter and a security requirements checklist for NATO contracts, or a Contract Security Classification Specification. If adequate classification guidance is not received, the contractor shall contact the CSA for assistance. NATO classified documents and NATO information in other documents shall not be declassified or downgraded without the prior written consent of the originating activity. Recommendations concerning the declassification or downgrading of NATO classified information shall be forwarded to the CUSR.
10-710. Further Distribution.
The contractor shall not release or disclose NATO classified information to a third party or outside the contractor's facility for any purpose without the prior written approval of the contracting agency.
10-711. Storage of NATO Documents.
NATO classified documents shall be stored as prescribed for U.S. documents of an equivalent classification level, except as described below.
a. NATO classified documents shall not be commingled with other documents. NATO RESTRICTED documents may be stored in locked filing cabinets, bookcases, desks, or other similar locked containers that will deter unauthorized access.
b. Combinations for containers used to store NATO classified information shall be changed annually. The combination also shall be changed when an individual with access to the container departs or no longer requires access to the container, and if the combination is suspected of being compromised.
c. When the combination is recorded it shall be marked with the highest classification level of documents stored in the container as well as to indicate the level and type of NATO documents in the container. The combination record must be logged and controlled in the same manner as NATO classified documents.
10-712. International Transmission.
NATO has a registry system for the receipt and distribution of NATO documents within each NATO member nation. The central distribution point for the U.S. is the CUSR located in the Pentagon. The CUSR establishes subregistries at U.S. Government organizations for further distribution and control of NATO documents. Subregistries may establish control points and sub-control points at contractor facilities. COSMIC TOP SECRET, NATO SECRET, and all ATOMAL documents shall be transferred through the registry system. NATO CONFIDENTIAL and RESTRICTED documents provided as part of NATO infrastructure contracts shall be transmitted via government-to-government channels in compliance with Section 4 of this Chapter.
10-713. Handcarrying.
NATO SECRET, NATO CONFIDENTIAL, and NATO RESTRICTED documents may be handcarried across international borders if authorized by the GCA. The courier shall be issued a NATO Courier Certificate by the CSA. When handcarrying is authorized, the documents shall be delivered to a U.S. organization at NATO, which shall transfer them to the intended NATO recipient.
10-714. Reproduction.
Reproductions of COSMIC TOP SECRET and COSMIC TOP SECRET ATOMAL information shall be performed by the responsible Registry. The reproduction of NATO SECRET, CONFIDENTIAL, and RESTRICTED documents may be authorized to meet contractual requirements unless reproduction is prohibited by the contracting entity. Copies of COSMIC TOP SECRET, NATO SECRET, and ATOMAL documents shall be serially numbered and controlled and accounted for in the same manner as the original.
10-715. Disposition.
Generally, all NATO classified documents shall be returned to the contracting activity that provided them, upon completion of the contract. Documents provided in connection with an invitation to bid also shall be immediately returned if the bid is not accepted or submitted. NATO classified documents may be destroyed when permitted by either the contract or invitation to bid COSMIC TOP SECRET and COSMIC TOP SECRET ATOMAL documents shall be destroyed by the Registry that provided the documents. Destruction of COSMIC TOP SECRET, NATO SECRET and all ATOMAL documents shall be witnessed.
10-716. Accountability Records.
Logs, receipts, and destruction certificates are required for NATO classified information, as described below. Records for NATO documents shall be maintained separately from records of non-NATO documents. COSMIC TOP SECRET and all ATOMAL documents shall be recorded on logs maintained separately from other NATO logs and be assigned unique serial control numbers. Additionally, disclosure records, bearing the name and signature of each person that has access, are required for all COSMIC TOP SECRET, COSMIC TOP SECRET ATOMAL, and all other ATOMAL or NATO classified documents to which special access limitations have been applied.
a. Minimum identifying data on logs, receipts, and destruction certificates shall include the NATO reference number, short title, date of the document, classification, and serial copy numbers. Logs shall reflect the short title, unclassified subject, and distribution of the documents.
b. Receipts are required for all NATO classified documents except NATO CONFIDENTIAL and RESTRICTED.
c. Inventories shall be conducted annually of all COSMIC TOP SECRET, NATO SECRET, and all ATOMAL documents.
d. Destruction certificates are required for all NATO classified documents except RESTRICTED. The destruction of COSMIC TOP SECRET, NATO SECRET and all ATOMAL documents must be witnessed.
e. Records shall be retained for 10 years for COSMIC TOP SECRET and COSMIC TOP SECRET ATOMAL documents and 3 years for NATO SECRET, NATO SECRET ATOMAL, NATO CONFIDENTIAL, and NATO CONFIDENTIAL ATOMAL documents.
10-717. Security Violations and Loss, Compromise, or Possible Compromise.
The contractor shall immediately report the loss, compromise, suspected loss or compromise, and security violations involving NATO classified information to the CSA.
10-718. Extracting from NATO Documents.
Permission to extract from a COSMIC TOP SECRET or ATOMAL document shall be obtained from the CUSR.
a. If extracts of NATO information are included in a U.S. document prepared for a non-NATO contract, the document shall be marked with U.S. classification markings. The caveat, "THIS DOCUMENT CONTAINS NATO (level of classification) INFORMATION" also shall be marked on the front cover or first page,of the document. Additionally, each paragraph or portion containing the NATO information shall be marked with the appropriate NATO classification, abbreviated in parentheses (e.g., NS) preceding the portion or paragraph. The "Declassify on" line of the document shall show "Originating Agency Determination Required" or "OADR" unless the original NATO document shows a specific date for declassification.
b. NATO RESTRICTED information may be included in U.S. unclassified documents. The U.S. document must be marked, "THIS DOCUMENT CONTAINS NATO RESTRICTED INFORMATION." It shall be protected as NATO RESTRICTED information.
c. The declassification or downgrading of NATO information in a U.S. document requires the approval of the originating NATO activity. Requests shall be submitted to the CUSR for NATO contracts, through the GCA for U.S. contracts, and through the CSA for non-NATO contracts awarded by a NATO member nation.
10-719. Release of U.S. Information to NATO.
a. The release of U.S. classified or export-controlled information to NATO requires an export authorization or other written disclosure authorization. When a document containing U.S. classified information is being prepared for NATO, the appropriate NATO classification markings shall be applied to the document. Documents containing U.S. classified information, and U.S. classified documents that are authorized for release to NATO, shall be marked on the cover or first page "THIS DOCUMENT CONTAINS U.S. CLASSIFIED INFORMATION. THE INFORMATION IN THIS DOCUMENT HAS BEEN AUTHORIZED FOR RELEASE TO (cite the NATO organization) BY (cite the applicable license or other written authority.)" The CSA shall provide transmission instructions to the contractor. The material shall be addressed to a U.S. organization at NATO, which shall then place the material into NATO security channels. The material shall be accompanied by a letter to the U.S. organization that provides transfer instructions and assurances that the material has been authorized for release to NATO. The inner wrapper shall be addressed to the intended NATO recipient. Material to be sent to NATO via mail shall be routed through the U.S. Postal Service and U.S. military postal channels to the U.S. organization that will make the transfer.
b. A record shall be maintained that identifies the originator and source of classified information that are used in the preparation of documents for release to NATO. The record shall be provided with any request for release authorization.
10-720. Visits.
NATO visits are visits by personnel representing a NATO entity and relating to NATO contracts and programs. NATO visits shall be handled in accordance with the requirements in Section 5 of this Chapter. A NATO Certificate of Security Clearance will be included with the visit request.
a. NPLO and NATO Industrial Advisory Group (NIAG) Recurring Visits. NATO has established special procedures for recurring visits involving contractors, government departments and agencies, and NATO commands and agencies that are participating in a NPLO or NIAG contract or program. The NATO Management Office or Agency responsible for the NPLO program will prepare a list of the Government and contractor facilities participating in the program. For NIAG programs, the list will be prepared by the responsible NATO staff element. The list will be forwarded to the appropriate clearance agency of the participating nations, which will forward it to the participating contractor.
b. Visitor Record. Contractor visitor records shall clearly identify NATO visitors including those by U.S. personnel assigned to NATO. The records shall be maintained for 3 years.
CHAPTER 11
Miscellaneous Information
Section 1. Tempest
11-100. General.
TEMPEST is an unclassified short name referring to investigations and studies of compromising emanations. Compromising emanations are unintentional intelligence-bearing signals that, if intercepted and analyzed, will disclose classified information when it is transmitted, received, handled, or otherwise processed by any information processing equipment.
11-101. TEMPEST Requirements.
a. TEMPEST countermeasures will be applied only in proportion to the threat of exploitation and the resulting damage to the national security, should the information be obtained by a foreign intelligence organization. It is the responsibility of the GCA to identify in writing what TEMPEST countermeasures may be required. The GCA will identify any TEMPEST requirements within the United States to the CSA for approval prior to imposing requirements for TEMPEST countermeasures upon their contractors. Contractors may not impose TEMPEST countermeasures upon their sub-contractors without GCA and CSA approval.
b. The Government is responsible for performing threat assessment and vulnerability studies when it is determined that classified information may be exposed to TEMPEST collection.
c. Contractors will assist the GCA in conducting threat and vulnerability surveys by providing the following information upon request:
(1) The specific classification and special categories of material to be processed/handled by electronic means. (2) The specific location where classified processing will be performed. (3) The name, address, title, and telephone number of a point-of-contact at the facility where processing will occur.
11-102. Cost.
All costs associated with applying TEMPEST countermeasures, when such countermeasures are imposed upon the contractor by a GCA, shall be recoverable by direct charge to the applicable contract. The GCA should provide TEMPEST shielding and shielded equipments GFE when such extreme countermeasures are deemed essential to the protection of the information being processed.
Section 2. Defense Technical Information Center
11-200. General.
The DoD operates certain activities to assist individuals and organizations in gaining access to scientific and technical information (STI) describing planned or on-going RDT&E efforts of the DoD.
a. The Defense Technical Information Center (DTIC) is the central point within DoD for acquiring, storing, retrieving, and disseminating STI to support the management and conduct of DoD research, development, engineering, and study programs.
b. DTIC is under the operational control of the Under Secretary of Defense for Acquisition and Technology. Its main facility is located at Cameron Station, Alexandria, VA. Other DTIC sites serve localized communities and special research interests through remote online service facilities.
11-201. DTIC Addresses.
Defense Technical Information Center Building 5, Cameron Station Alexandria, VA 22304-6145 (703) 274-6434 DTIC Albuquerque Regional Office PL/SUL Aberdeen Avenue, S.E. Kirtland AFB, NM 87117-5776 (505) 846-6797 DTIC Boston Regional Office 5 Wright St., Bldg. 1103 Hanscom AFB, MA 01731-3012 (517) 377-2413 DTIC Los Angeles Regional Office 222 N. Sepulveda Boulevard, Suite 906 El Segundo, CA 90245-4320 (213) 335-4170 DTIC Dayton Regional Office 2690 C Street, Suite 4 Building 22 Wright-Patterson AFB, OH 45433-7411 (513) 255-7905 DTIC Manpower and Training Research Information System, ATTN: DTIC-AM 53355 Cole Road San Diego, CA 92152-7213 (619) 553-7000
11-202. User Community.
DTIC services are available to the DoD and its contractors and to other U.S. Government organizations and their contractors. Contractors may also become eligible for services under the Defense Potential Contractors Program.
11-203. Registration Process.
All users are required to register for service. Registration, which is free, generally involves completing two forms which are available from DTIC as part of a registration kit.
a. DD Form 1540, "Registration for Scientific and Technical Information Services." This form shall be completed for each contract that authorizes use of DTIC services. This authorization is included in the Contract Security Classification Specification. The DD Form 1540 is submitted to DTIC through the sponsoring GCA for certification and approval. If a subcontract is involved, the DD Form 1540 is submitted through the prime contractor. The DD Form 1540 remains in force until completion of the classified contract or subcontract.
b. DD Form 2345, Militarily Critical Technical Data Agreement. Qualified contractors are eligible for access to militarily critical technical data after certification with Defense Logistics Services Center (DLSC) by completing the DD Form 2345. This DLSC certification is supplementary to registration with the DTIC. Upon certification with DLSC, the user also may be eligible for access to unclassified, militarily critical technical data from other DoD sources. All security criteria, including the need for a facility clearance, still must be met for the user to have access to the Defense RDT&E Online System (DROLS) or to obtain classified material.
11-204. Safeguarding Requirements.
Classified information acquired from DTIC shall be safeguarded in accordance with the requirements of this Manual and with any restrictions that are marked on the material itself. The specific contract number that authorized the contractor access to the information shall be placed on each classified document. When the contract to which the DD Form 1540 applies is completed or terminated, the contractor shall either destroy or request retention for the material.
11-205. DTIC Downgrading or Declassification Notices.
DTIC remarks downgraded or declassified paper documents to reflect such action only on the front and back covers and the title, first, and back pages. It is the responsibility of the recipient to complete any remarking required. Documents originally marked under the provisions of previous E.O.s may contain pages that do not bear any classification markings. Before extracting or reproducing the information from these pages, contractors should direct any questions they may have to the originator of the document.
11-206. Questions Concerning Reference Material.
Most material made available to contractors by DTIC and other distribution agencies is "reference material" as defined by this Manual. Therefore, the GCA that authorized the services of DTIC under a specific contract may not be in a position to provide the contractor with classification guidance for the reference material. Classification jurisdiction always is the responsibility of the originating agency, or its successor, not necessarily the authorizing GCA. When a contractor requires classification guidance for reference material to prepare guidance for a subcontract or for other reasons and needs assistance in identifying the responsible department or agency, the CSA should be consulted.
11-207. Subcontracts.
If a contractor awards a subcontract, that authorizes the subcontractor to use the services of DTIC and is expected to require access only to classified reference material, the Contract Security Classification Specification issued to the subcontractor shall show the highest category of classification required and a statement similar to the following: "Information extracted from classified reference material shall be classified according to the markings on such material. The DD Form 1540 prepared under this subcontract shall be forwarded through (name of prime contractor)."
Section 3. Independent Research and Development Efforts
11-300. General.
This Section provides special procedures and requirements necessary for safeguarding classified information when it is incorporated in contractors independent research and development (IR&D) efforts.
11-301. Limitations.
Contractors frequently must use classified information in their IR&D efforts to effectively explore technological advancements and state-of-the-art improvements.
a. Contractors are generally precluded from disclosing classified information to other cleared contractors in connection with an IR&D effort without the prior written approval of the agency that has jurisdiction over the information or the agency that provided the information to the contractor.
b. DoD contractors shall not release or disclose classified information, under the jurisdiction of a non-DoD Agency to other cleared contractors in connection with an IR&D effort without the written approval of the non-DoD Agency.
c. DoD cleared contractors may disclose SECRET and CONFIDENTIAL information, under the jurisdiction of a DoD contracting activity, to other DoD cleared contractors in connection with an IR&D effort unless specifically prohibited by the DoD in a Contract Security Classification Specification or other written notification.
11-302. Information Generated Under an IR&D Effort that Incorporates Classified Information.
Under E.O. 12356, information that is in substance the same as information currently classified, requires a derivative classification. Therefore, information in a contractor's IR&D effort will require a derivative classification.
11-303. Classification Guidance.
The releasing contractor may extract guidance appropriate for the IR&D effort from:
a. An existing Contract Security Classification Specification that was previously furnished by a GCA in connection with performance of a classified contract;
b. A final Contract Security Classification Specification that was issued in connection with retention of classified documents under a completed contract;
c. A security classification guide obtained from DTIC;
d. A classified source document.
NOTE: The Department of Defense "Index of Security Classification Guides," and many of the listed security classification guides, are available to contractors who are registered with the DTIC. Contractors are encouraged to use the Index and the listed guides to obtain up-to-date security guidance for the classified information involved when developing guidance appropriate for their IR&D efforts.
11-304. Preparation of Security Guidance.
Contractors shall use the Contract Security Classification Specification to provide security guidance for the classified information released in their IR&D efforts.
11-305. Retention of Classified Documents Generated Under IR&D Efforts.
Contractors may retain the classified documents that were generated in connection with their classified IR&D efforts for the duration of their facility clearance provided they have proper storage capability. Documents shall be clearly identified as "IR&D DOCUMENTS." A contractor's facility clearance will not be continued solely for the purpose of retention of classified IR&D documents without specific retention authorization from the GCA that has jurisdiction over the classified information contained in such documents. Contractors shall establish procedures for review of their IR&D DOCUMENTS on a recurring basis to reduce their classified inventory to the minimum necessary.
APPENDIX A
Cognizant Security Office
Information
Department of Defense
Designation of Cognizant Security Office (CSO). Each CSA: DoD; DOE; NRC; and CIA, will designate the CSO for contracts issued. A CSA may designate any CSO to function on its behalf. All relationships between the GCA and the contractor on industrial security matters shall be handled through, or in coordination with, the CSO, except those matters specifically set forth in this Manual as responsibilities of the GCA. The Assistant Secretary of Defense for Command, Control, Communications and Intelligence and the Under Secretary of Defense for Policy are responsible for development and approval of security policy for DoD under the National Industrial Security Program. Administration of DoD industrial security has been assigned to the Director, Defense Investigative Service (DIS), except as specified in the NISPOMSUP. The Director, DIS has delegated industrial security program administration to the Deputy Director (Industrial Security) Headquarters, Defense Investigative Service.
The Regional Directors of DIS are responsible for administration of DoD industrial security within their respective regions. The office of the Director of Industrial Security in each of the DIS Regions is designated as the CSO for all DoD contractor facilities located within its region. The management of each facility that has been assigned to one of the DIS Regions for security cognizance will be notified in writing by the CSO. All facility clearances shall be granted by the CSO. The addresses and phone numbers for the CSO's are listed below.
Operational Areas of DIS Cognizant Security Offices
Northeast Region
The Northeast Region, New England Sector includes: Puerto Rico and the states of Connecticut, Maine, Massachusetts, New Hampshire, New York, Rhode Island, Vermont and the following zip codes in New Jersey:
07001-07699 07801-07999
The Northeast Region, Mid-Atlantic Sector includes: the states of Delaware, New Jersey (less the zip codes listed above), Pennsylvania, Ohio, West Virginia, and the following zip codes in Maryland:
215__, 219___ all of 217__except, 210___ 23, 37, 38, 65, and 94, 212___ 21048, 80, 88, 216___ 21107, 55, 57
Capital Area
The Capital Area includes: the state of Virginia; Washington, DC, and the following zip codes in Maryland:
20814-17 20861 20895 206___ 20832-33 20866 20901-06 207___ 20842 20871 20910 21401 20850-55 20874-79 20912 21403-04
Southeast Region
The Southeast Region includes: the states of Alabama, Arkansas, Florida, Georgia, Kentucky, Louisiana, Mississippi, North Carolina, South Carolina, Tennessee, and the following zip codes in eastern Texas:
75501 75662 75505 75671 75570 75755
Central Region
The Central Region, Southwest Sector includes: the states of Arizona, Colorado, New Mexico, Oklahoma, and Texas (less the zip codes listed above).
The Central Region, Midwest Sector includes: the states of Illinois, Indiana, Iowa, Kansas, Michigan, Minnesota, Missouri, Nebraska, North Dakota, South Dakota, Wisconsin, and Cheyenne, Wyoming.
Pacific Region
The Pacific Region, Northern Sector includes: the states of Idaho, Montana, Oregon, Washington, Wyoming (except for Cheyenne), Utah, and the following zip codes in California:
93612 95050 94530 95240 93706 95060 94533/46 95336 93923 95070 94549/50 95338 93940 95101 94554 95367 94022 95134 94558 95376 94042 95360 94563 95402-07 94086 94002 94565 95501 94303 94010 94566 95608 94535 94025 94570 95611 94537 94030 94574/77 95616/19 94544 94044 94583 95630 94560 94066 94585 95648 94587 94070 94596 95660 95006 94101 94599 95670 95008 94302-06 94608 95673/75/87 95014 94402 94615 95695 95018 94501 94701 95741 95020 94510 94708 95813 95023 94513 94802 95926 95030 94520 94952 96067 95037 94524 95208 96099 96137
The Pacific Region, Southern Sector includes: the states of Alaska, California (less the zip codes listed above), Hawaii and Nevada. Addresses and Telephone Numbers
Northeast Region, DIS Northeast Region, DIS New England Sector Mid-Atlantic Sector Barnes Building 1040 Kings Highway North 495 Summer Street Cherry Hill, NJ 08034-1908 Boston, MA 02210-2192 COMM: (609) 482-6505 COMM: (617) 451-4914 DSN: 444-4030 DSN: 955-4914 FAX: (609) 482-0286 FAX: (617) 451-3052/4929 Central Region, DIS Central Region, DIS Southwest Sector Midwest Sector 106 Decker Court, Suite 200 610 S. Canal Street Irving, TX 75062-2795 Room 908 COMM: (214) 717-5228 Chicago, IL 60607-4599 FAX: (214) 717-0268 COMM: (312) 886-2436 FAX: (312) 353-1538 Pacific Region, DIS Pacific Region, DIS Southern Sector Northern Sector 3605 Long Beach Blvd, Building 35, Room 114 Suite 405 The Presidio Long Beach, CA 90807-4013 San Francisco, CA 94129-7700 COMM: (310) 595-7251 COMM: (415) 561-5608 FAX: (310) 595-5584 FAX: (415) 561-2125 Capital Area, DIS Southeast Region, DIS Hoffman Building 2300 Lake Park Drive 2461 Eisenhower Avenue Suite 250 Alexandria, VA 22331-1000 Smyrna, GA 30080-7606 COMM: (703) 325-9634 COMM: (404) 432-0826 DSN: 221-9634 DSN: 697-6785 FAX: (703) 325-0792 FAX: (404) 801-3300
Other Industrial Security Addresses
OISI-E OISI-FE (Mannheim) PSC 79, Box 003 HQ USAMC-E APO AE 09724 Unit 29331 COMM: 9/011/322/725-0884 APO AE 09266 FAX: 9/011/322/725-0116 COMM: 9/011/49621-472582 SECURE: 9-022/322/720-9015 FAX: 9/011/49621-4815517 OISI-FE OISI-CASA (Central and South UNIT 45005 America) APO AP 96343-5005 c/o DIS, Industrial Security FO COMM: 9/011/81-3117-63-3619 (S41ME) FAX: 9/011/81-3117-63-3622 1333 Gateway Drive, Suite 1009 Melbourne, FL 32901-2629 COMM: (407) 951-4412 FAX: (407) 984-993 DISCO P.O. 2499 Columbus, OH 43216-5006 COMM: (614) 692-2133 DSN: 850-2133 FAX: (614) 692-3663/5263 Verification of Facility Clearance and Safeguarding Defense Investigative Service (DIS) Central Verification Activity (CVA) P.O. Box 1211 Baltimore, MD 21203-1211 (410) 631-0690
This page reserved for Field Organization Map
Department of Energy
The DOE designates the DOE Field Office Safeguards and Security Divisions, listed below, as CSO, Clearance Agency, CVA, Adjudicative Authority, and PCL and FCL databases for their contractors.
U.S. Department of Energy Field Office, Albuquerque Kirkland Air Force Base - East Albuquerque, NM 87115 (505) 845-4094 U.S. Department of Energy Pittsburgh Naval Reactors P.O. Box 109 West Mifflin, PA 15122-0109 (412) 476-7240 U.S. Department of Energy Field Office, Chicago 9800 South Cass Avenue Argonne, IL 60439 (708) 252-2052 U.S. Department of Energy Field Office, Idaho 785 DOE Place Idaho Falls, ID 83402-1104 (208) 526-1393 U.S. Department of Energy Field Office, Nevada 2753 S. Highland Drive Las Vegas, NV 89109 (702) 295-0915 U.S. Department of Energy Field Office, Oak Ridge 200 Administration Road Federal Office Building Oak Ridge, TN 37831 (615) 576-1858 U.S. Department of Energy Field Office, Richland P.O. Box 550, A6-35 Richland, WA 99352 (509) 376-7441 U.S. Department of Energy Rocky Flats Office, P.O. Box 92 Golden, CO 80402-0928 (303) 966-6003 U.S. Department of Energy Field Office, San Francisco 1333 Boradway Oakland, CA 94612 (415) 273-7935 U.S. Department of Energy Field Office, Savannah River Aiken, SC 29801 (803) 239-2458 U.S. Department of Energy Schenectady Naval Reactors Knolls Atomic Power Laboratory River Road Niskayuna, NY 12301-1069 (518) 395-6397 U.S. Department of Energy Headquarters Operations Division SA-141 Washington, DC 20585 (301) 903-4642
With regard to International Affairs and Industrial Security International, the DOE designates:
U.S. Department of Energy Office of Security Affairs Office of Safeguards and Security SA-10 Washington, DC 20585 (301) 903-5106
Central Intelligence Agency
The CIA designates the procedure listed below, for CSO, Clearance Agency, CVA, Adjudicative Authority, and PCL and FCL databases for their contractors.
Contact the assigned Contract Officer's Security Representative (COSR) Central Intelligence Agency Washington, DC 20505
Nuclear Regulatory Commission
The NRC designates the office listed below as the CSO, Audjudicative Authority, International Affairs Office, PCL and FCL databases, and the Office of Industrial Security International for their contractors.
U.S. Nuclear Regulatory Commission ATTN: Director of Security Washington, DC 20555 (301) 415-8100
The NRC designates the offices listed below as the Clearance Agency and Central Verification Agency for their contractors.
Clearance Agency:
U.S. Nuclear Regulatory Commission ATTN: Director of Security Personnel Security Branch Washington D.C. 20555 (301) 415-7043
Central Verification Agency:
U.S. Nuclear Regulatory Commission ATTN: Director of Security Facilities Security Branch Washington, D.C. 20555 (301) 415-7407
APPENDIX B
Foreign Equivalent Markings
Country Top Secret Secret Confidential Restricted
Argentina Estrictamente Secreto Secreto Confidencial Reservado
Australia Top Secret Secret Confidential Restricted
Austria Streng Geheim Geheim Verschluss
Belgium (Flemish)Zeer Geheim Geheim Vertrouwelijk Bepertke
Verspreiding
Bolivia Supersecreto Secreto Confidencial Reservado
or Muy Secreto
Brazil Ultra Secreto Secreto Confidencial Reservado
Cambodia Sam Ngat Bamphot Sam Ngat Roeung Art Kambang Ham Kom Psay
Canada Top Secret Secret Confidential Restricted
Chile Secreto Secreto Reservado Reservado
Columbia Ultrasecreto Secreto Reservado Confidencial
Restringido
Costa Rica Alto Secreto Secreto Confidencial
Denmark Yderst Hemmeligt Hemmeligt Fortroligt Tiltjenestebrug
Ecuador Secretisimo Secreto Confidencial Reservado
El Salvador Ultra Secreto Secreto Confidencial Reservado
Ethiopia Yemiaz Birtou Mistir Mistir Kilkil
Finland Erittain Salainen Salainen
France Tres Secret Secret Defense Confidentiel Defense
Diffusion Restreinte
Germany Streng Geheim Geheim Vs-Vertraulich
Greece Guatamala Alto Secreto Secreto Confidencial Reservado
Haiti Top Secret Secret Confidential Reserve
Hinduras Super Secreto Secreto Confidencial Reservado
Hong Kong Top Secret Secret Confidential Restricted
Hungary Szigoruan Titkos Titkos Bizalmas
India Param Gupt Gupt Gopniya Pratibanhst/seemit
Indonesia Sangat Rahasia Rahasia Agak Rahahasia Terbatas
Iran Bekoliserri Serri Kheil Mahramaneh Mahramaneh
Iraq Sirri Lil-ghaxah Sirri Khass Mehdoud
Iceland Algjorti Trunadarmal
Ireland (Gaelic) An-sicreideach Sicreideach Runda Srianta
Israel Sodi Beyoter Sodi Shamur Mugbal
Italy Secgretissimo Segreto Riservatissimo Riservato
Japan Kimitsu Gokuhi Hi Toriatsukaichui
Jordan Maktum Jiddan Maktum Sirri Mahdud
Korea I-Kup Bi Mil II-Kup Bi Mil III-Kup Bi Mil Bu Woi Bi
Laos Lup Sood Gnod Kuam Lup Kuam Lap Chum Kut Kon Arn
Lebanon Tres Secret Secret Confidentiel
Mexico Alto Secreto Secreto Confidencial Restringido
Netherlands Zeer Geheim Geheim Confidentieel or
Vertrouwelijk Dienstgeheim
New Zealand Top Secret Secret Confidential Restricted
Nicaragua Alto Secreto Secreto Confidencial Reservado
Norway Strengt Hemmelig Hemmelig Konfidensiell Begrenset
Pakistan (URDU)Intahai Khufia Khufia Sigha-E-Raz Barai Mahdud
Taqsim Paraguay Secreto Secreto Confidencial Reservado
Peru Estrictamente Secreto Secreto Confidencial Reservado
Philippines Top Secret Secret Confidential Restricted
Portugal Muito Secreto Secreto Confidencial Reservado
Saudi Arabia Saudi Top Secret Saudi Very Secret Saudi Secret Saudi Restricted
Spain Maximo Secreto Secreto Confidencial Diffusion Limitada
Sweden (red borders)Hemlig Hemlig
Switzerland (Three languages: French, German and Italian. TOP SECRET has a registration
number to distinguish from SECRET and CONFIDENTIAL)
Taiwan Chichimi Chimi
Thailand Lup Tisud Lup Maag Lup Pok Pid
Turkey Cok Gizli Gizli Ozel Hizmete Ozel
Union of South Africa
English Top Secret Secret Confidential Restricted
Afrikaans Uiters Geheim Geheim Vertroulik Beperk
United Arab Republic
of Egypt Jirri Lilghaxeh Sirri Khas Mehoud Jidden
United Kingdom Top Secret Secret Confidential Restricted
Uraguay Ultra Secreto Secreto Confidencial Reservado
Russia
Viet Nam (Vietnamese)Toi-Mat Mat Kin Pho Bien Han Che
APPENDIX C
Definitions:
Access.
The ability and opportunity to obtain knowledge of classified information.
Adverse Information.
Any information that adversely reflects on the integrity or character of a cleared employee, that suggests that his or her ability to safeguard classified information may be impaired, or that his or her access to classified information clearly may not be in the interest of national security. Affiliate. Any entity effectively owned or controlled by another entity.
Approved Access Control Device.
An access control device that meets the requirements of this Manual as approved by the FSO.
Approved Built-in Combination Lock.
A combination lock, equipped with a top-reading dial, that conforms to Underwriters' Laboratories, Inc. Standard Number, UL 768, Group 1R.
Approved Combination Padlock.
A three-position dial-type changeable combination padlock listed on the GSA Qualified Products List as meeting the requirements of Federal Specification FF-P-110.
Approved Electronic, Mechanical, or Electro-Mechanical Device.
An electronic, mechanical, or electro-mechanical device that meets the requirements of this Manual as approved by the FSO.
Approved Key-Operated Padlock.
A padlock, which meets the requirements of MIL-SPEC-P-43607 (shrouded shackle), National Stock Number 5340-00-799-8248, or MIL-SPEC-P-43951 (regular shackle), National Stock Number 5340-00-799-8016.
Approved Security Container.
A security file container, originally procured from a Federal Supply Schedule supplier that conforms to federal specifications and bears a "Test Certification Label" on the locking drawer attesting to the security capabilities of the container and lock. Such containers will be labeled "General Services Administration Approved Security Container" on the face of the top drawer. Acceptable tests of these containers can be performed only by a testing facility specifically approved by GSA.
Approved Vault.
A vault that has been constructed in accordance with this Manual and approved by the CSA.
Approved Vault Door.
A vault door and frame unit originally procured from the Federal Supply Schedule (FSC Group 71, Part III, Section E, FSC Class 7110), that meets Federal Specification AA-D-600.
Authorized Person.
A person who has a need-to-know for classified information in the performance of official duties and who has been granted a personnel clearance at the required level. Automated Information System. An assembly of computer hardware, software, and firmware configured for the purpose of automating the functions of calculating, computing, sequencing, storing, retrieving, displaying, communicating, or otherwise manipulating data, information and textual material.
Automated Information System Security.
All security safeguards needed to provide an acceptable level of protection for Automated Information Systems and the classified data processed.
Classification Authority.
The authority that is vested in a government official to make an initial determination that information requires protection against unauthorized disclosure in the interest of national security.
Classified Contract.
Any contract that requires or will require access to classified information by a contractor or his or her employees in the performance of the contract. (A contract may be a classified contract even though the contract document is not classified.) The requirements prescribed for a "classified contract" also are applicable to all phases of precontract activity, including solicitations (bids, quotations, and proposals), precontract negotiations, post-contract activity, or other Government Contracting Agency program or project which requires access to classified information by a contractor.
Classification Guide.
A document issued by an authorized original classifier that prescribes the level of classification and appropriate declassification instructions for specific information to be classified on a derivative basis. (Classification guides are provided to contractors by the Contract Security Classification Specification.)
Classified Information.
The term includes National Security Information, Restricted Data, and Formerly Restricted Data.
Classified Information Procedures Act.
A law that provides a mechanism for the courts to determine what classified information the defense counsel may access.
Classified Visit.
A visit during which the visitor will require, or is expected to require, access to classified information.
Classifier.
Any person who makes a classification determination and applies a classification category to information or material. The determination may be an original classification action or it may be a derivative classification action. Contractors make derivative classification determinations based on classified source material, a security classification guide, or a Contract Security Classification Specification.
Cleared Commercial Carrier.
A carrier that is authorized by law, regulatory body, or regulation to transport SECRET material and has been granted a SECRET facility clearance.
Cleared Employees.
All contractor employees granted a personnel security clearance (PCL) and all employees in-process for a PCL. Closed Area. An area that meets the requirements of this Manual, as approved by the CSA, for the purpose of safeguarding classified material that, because of its size or nature, or operational necessity, cannot be adequately protected by the normal safeguards or stored during nonworking hours in approved containers. (See 5-306.)
Cognizant Security Agency.
Agencies of the Executive Branch that have been authorized by E.O. 12829 to establish an industrial security program for the purpose of safeguarding classified information under the jurisdiction of those agencies when disclosed or released to U.S. Industry. These agencies are: The Department of Defense, the Department of Energy, the Central Intelligence Agency, and the Nuclear Regulatory Commission. The Secretary of Defense (SECDEF) has been designated as Executive Agent for the NISP. Heads of the Executive Branches are required to enter into agreements with the SECDEF that establish the terms of the SECDEF's responsibilities on behalf of these agency heads for administration of industrial security on their behalf.
Cognizant Security Office.
The office or offices delegated by the Head of a CSA to administer industrial security in a contractor's facility on behalf of the CSA.
Colleges and Universities.
All educational institutions that award academic degrees, and related research activities directly associated with a college or university through organization or by articles of incorporation.
Communications Intelligence.
Technical and intelligence information derived from foreign communications by other than the intended recipient.
Communications Security.
Protective measures taken to deny unauthorized persons information derived from telecommunications of the U.S. Government relating to national security and to ensure the authenticity of such communications.
Company.
A generic and comprehensive term which may include sole proprietorships, individuals, partnerships, corporations, societies, associations, and organizations usually established and operating to commonly prosecute a commercial, industrial or other legitimate business, enterprise, or undertaking.
Compromise.
The disclosure of classified information to an unauthorized person.
CONFIDENTIAL.
The designation that shall be applied to information or material the unauthorized disclosure of which could be reasonably expected to cause damage to the national security.
Consignee.
A person, firm, or government activity named as the receiver of a shipment; one to whom a shipment is consigned.
Consignor.
A person, firm, or government activity by whom articles are shipped. The consignor is usually the shipper.
Constant Surveillance Service.
A transportation protective service provided by a commercial carrier qualified by MTMC to transport CONFIDENTIAL shipments. The service requires constant surveillance of the shipment at all times by a qualified carrier representative, however, a facility clearance is not required for the carrier. The carrier providing the service must maintain a signature and tally record for the shipment.
Continental Limits of the United States.
U.S. territory, including the adjacent territorial waters located within the North American continent between Canada and Mexico.
Contracting Officer.
A government official who, in accordance with departmental or agency procedures, currently is designated as a contracting officer with the authority to enter into and administer contracts, and make determinations and findings with respect thereto, or any part of such authority. The term also includes the designated representative of the contracting officer acting within the limits of his or her authority.
Contractor.
Any industrial, educational, commercial, or other entity that has been granted an FCL by a CSA.
Courier.
A cleared employee, designated by the contractor, whose principal duty is to transmit classified material to its destination. The classified material remains in the personal possession of the courier except for authorized overnight storage.
Conversion Rights.
The right inherent in the ownership or holding of particular securities to exchange such securities for voting securities.
Critical Nuclear Weapon Design Information.
A DoD category of weapon data designating TOP SECRET Restricted Data or SECRET Restricted Data revealing the theory of operation or design of the components of a thermonuclear or implosion-type fission bomb, warhead, demolition munition, or test device.
Custodian.
An individual who has possession of, or is otherwise charged with, the responsibility for safeguarding classified information.
Declassification.
The determination that classified information no longer requires, in the interest of national security, any degree of protection against unauthorized disclosure, together with removal or cancellation of the classification designation.
Declassification Event.
An event that eliminates the need for continued classification of information.
Defense Transportation System.
Military controlled terminal facilities, Military Airlift Command controlled aircraft, Military Sealift Command controlled or arranged sealift and Government controlled air or land transportation.
Department of Defense.
The Office of the Secretary of Defense (OSD) (including all boards, councils, staffs, and commands), DoD agencies, and the Departments of Army, Navy, and Air Force (including all of their activities).
Derivative Classification.
A determination that information is in substance the same as information currently classified and the application of the same classification markings. Persons who only reproduce, extract, or summarize classified information, or who only apply classification markings derived from source material or as directed by a classification guide, need not possess original classification authority. Persons who apply derivative classification markings shall observe and respect original classification decisions and carry forward to any newly created documents any assigned authorized markings.
Document.
Any recorded information, regardless of its physical form or characteristics, including, without limitation, written or printed matter, tapes, charts, maps, paintings, drawing, engravings, sketches, working notes and papers; reproductions of such things by any means or process; and sound, voice, magnetic, or electronic recordings in any form.
Downgrade.
A determination that classified information requires, in the interest of national security, a lower degree of protection against unauthorized disclosure than currently provided, together with a changing of the classification designation to reflect a lower degree of protection. Effectively Owned or Controlled. A foreign government or any entity controlled by a foreign government has the power, either directly or indirectly, whether exercised or exercisable, to control the election, appointment or tenure of the Offeror's officers, or a majority of the Offeror's board of directors by any means; e.g., ownership, contract, or operation of law (or equivalent power for unincorporated organizations).
Embedded System.
An AIS that performs or controls a function, either in whole or in part, as an integral element of a larger system or subsystem such as, ground support equipment, flight simulators, engine test stands, or fire control systems.
Entity.
Any U.S. or foreign person.
Escort.
A cleared employee, designated by the contractor, who accompanies a shipment of classified material to its destination. The classified material does not remain in the personal possession of the escort but the conveyance in which the material is transported remains under the constant observation and control of the escort.
Evaluated Products List.
A documented inventory of equipments, hardware software, and/or firmware that have been evaluated against the evaluation criteria found in DoD 5200.28-STD.
Facility.
A plant, laboratory, office, college, university, or commercial structure with associated warehouses, storage areas, utilities, and components,that, when related by function and location, form an operating entity. (A business or educational organization may consist of one or more facilities as defined herein.) For purposes of industrial security, the term does not include Government installations.
Facility (Security) Clearance.
An administrative determination that, from a security viewpoint, a facility is eligible for access to classified information of a certain category (and all lower categories).
Firmware.
A method of organizing control of an AIS in a microprogrammed structure in addition to, or rather than, software or hardware. Microprograms are composed of microinstructions, normally resident in read-only memory, to control the sequencing of computer circuits directly at the detailed level of the single machine instruction.
Foreign Government.
Any national governing body organized and existing under the laws of any country other than the United States and its possessions and trust territories and any agent or instrumentality of that government.
Foreign Government Information.
Information that is: a. Provided to the U.S. by a foreign government or governments, an international organization of governments, or any element thereof with the expectation, expressed or implied, that the information, the source of the information, or both, are to be held in confidence; or b. Produced by the U.S. pursuant to, or as a result of, a joint arrangement with a foreign government or governments, an international organization of governments or any element thereof, requiring that the information, the arrangement, or both are to be held in confidence.
Foreign Interest.
Any foreign government, agency of a foreign government, or representative of a foreign government; any form of business enterprise or legal entity organized, chartered or incorporated under the laws of any country other than the U.S. or its possessions and trust territories, and any person who is not a citizen or national of the United States.
Foreign Nationals.
Any person who is not a citizen or national of the United States.
Foreign Person.
Any foreign interest and any U.S. person effectively owned or controlled by a foreign interest.
Foreign Recipient.
A foreign government or international organization, to whom the U.S. is providing classified material.
Formerly Restricted Data.
Classified information jointly determined by the DOE and its predecessors and the DOD to be related primarily to the military utilization of atomic weapons and removed by the DOE from the Restricted Data category pursuant to section 142(d) of the Atomic Energy Act of 1954, as amended, and safeguarded as National Security Information, subject to the restrictions on transmission to other countries and regional defense organizations that apply to Restricted Data.
Freight Forwarder (Transportation Agent).
Any agent or facility designated to receive, process, and transship U.S. material to foreign recipients. In the context of this Manual, an agent or facility cleared specifically to perform these functions for the transfer of U.S. classified material to foreign recipients.
Government-To-Government Channels.
Transfers by government officials through official channels or through other channels specified by the governments involved.
Government Contracting Activity.
An element of an agency designated by the agency head and delegated broad authority regarding acquisition functions.
Handcarrier.
A cleared employee, designated by the contractor, who occasionally handcarries classified material to its destination in connection with a classified visit or meeting. The classified material remains in the personal possession of the handcarrier except for authorized overnight storage.
Home Office Facility.
The headquarters facility of a multiple facility organization.
Independent Research and Development.
A contractor funded research and development effort that is not sponsored by, or required in performance of, a contract or grant that consists of projects falling with the areas of basic research; applied research; development; and systems, and other concept formulation studies. Industrial Security. That portion of information security which is concerned with the protection of classified information in the custody of U.S. industry.
Information.
Any information or material, regardless of its physical form or characteristics.
Information Security.
The result of any system of administrative policies and procedures for identifying, controlling, and protecting from unauthorized disclosure, information the protection of which is authorized by executive order.
Information System Security Officer.
The contractor employee responsible for the implementation of Automated Information Systems security, and operational compliance with the documented security measures and controls, at the contractor facility.
Intelligence.
Intelligence is the product resulting from the collection, evaluation, analysis, integration, and interpretation of all available information, that concerns one or more aspects of foreign nations or of areas of foreign operations, and that is immediately or potentially significant to military planning and operations.
Intelligence Information.
Information that is under the jurisdiction and control of the Director of Central Intelligence or a member of the Intelligence Community.
Intelligent Terminal.
An AIS term that means a terminal that is programmable, able to accept peripheral devices, able to connect with other terminals or computers, able to accept additional memory, or which may be modified to have these characteristics.
Letter of Consent.
The form used by the CSA to notify a contractor that a PCL or a Limited Access Authorization has been granted to an employee.
Letter of Offer and Acceptance (LOA).
United States Department of Defense Offer and Acceptance that, when executed, provides that the U.S. offers to sell, subject to terms and conditions contained therein, defense material to a foreign government, and the foreign government accepts the offer, subject to those terms and conditions.
Military Export Sales.
Military Export Sales may by divided into Foreign Military Sales (FMS) under the AECA, sales under Section 607 of the Foreign Assistance Act (FAA) and Direct Commercial Sales. FMS and FAA are government-to-government transactions. For these sales, the DoD purchases articles and services from U.S. firms, takes title to the equipment, or has title to the articles to be sold from U.S. stocks, and sells the articles or services to the foreign buyer. For direct commercial sales, the U.S. firm sells directly to the foreign government or international organization. Limited Access Authorization. Security access authorization to CONFIDENTIAL or SECRET information granted to non-U.S. citizens requiring such limited access in the course of their regular duties.
Material.
Any product or substance on, or in which, information is embodied.
Multiple Facility Organization.
A legal entity (single proprietorship, partnership, association, trust, or corporation) that is composed of two or more facilities.
National of the United States.
A national of the United States is: a. A citizen of the United States, or, b. A person who, though not a citizen of the United States, owes permanent allegiance to the United States.
NOTE: 8 U.S.C. 1101(a) (22). 8 U.S.C. 1401, subsection (a) lists in paragraphs (1) through (7) categories of persons born in and outside the United States or its possessions who may qualify as nationals of the United States. This subsection should be consulted when doubt exists as to whether or not a person can qualify as a national of the United States.
National Security.
The national defense and foreign relations of the United States.
National Security Information.
Any information that has been determined pursuant to E.O. 12356 or any predecessor order to require protection against unauthorized disclosure and is so designated. The classifications TOP SECRET, SECRET, and CONFIDENTIAL are used to designate such information and it is referred to as "classified information."
NATO Information.
Information bearing NATO markings, indicating the information is the property of NATO, access to which is limited to representatives of NATO and its member nations unless proper NATO authority has been obtained to release outside of NATO.
Need-to-Know.
A determination made by the possessor of classified information that a prospective recipient has a requirement for access to, knowledge of, or possession of the classified information to perform tasks or services essential to the fulfillment of a classified contract or program. Network. An AIS term meaning a network composed of a communications medium and all components attached to that medium whose responsibility is the transference of information. Such components may include AISs, packet switches, telecommunications controllers, key distribution centers, and technical control devices.
Original Classification.
An initial determination that information requires, in the interest of national security, protection against unauthorized disclosure, together with a classification designation signifying the level of protection required. (Only government officials, who have been designated in writing, may apply an original classification to information.)
Parent Corporation.
A corporation that owns at least a majority of another corporation's voting securities.
Personnel (Security) Clearance.
An administrative determination that an individual is eligible, from a security point of view, for access to classified information of the same or lower category as the level of the personnel clearance being granted.
Possessions.
U.S. possessions are the U.S. Virgin Islands, Guam, American Samoa, Swain's Island, Howland Island, Baker Island, Jarvis Island, Midway Islands (this consists of Sand Island and Eastern Island), Kingman Reef, Johnston Atoll, Navassa Island, Swan Island,Wake Island, and Palmyra Island.
Prime Contract.
A contract let by a GCA to a contractor for a legitimate government purpose. Prime Contractor. The contractor who receives a prime contract from a GCA.
Principal Management Facility.
A cleared facility of an MFO which reports directly to the HOF and whose principal management official has been delegated certain personnel security administration responsibilities for a defined geographical or functional area. The PMF will function as a HOF in relation to its area of responsibility. Both cleared and uncleared facilities may be under the jurisdiction of a PMF.
Proscribed Information.
a. Top Secret information;
b. Communication Security (COMSEC) information, except classified keys used to operate secure telephone units (STU IIIs);
c. Restricted Data as defined in the U.S. Atomic Energy Act of 1954, as amended;
d. Special Access Program (SAP) information; or
e. Sensitive Compartmented Information (SCI)
Protective Security Service.
A transportation protective service provided by a cleared commercial carrier qualified by the Military Traffic Management Command (MTMC) to transport SECRET shipments.
Public.
Any contractor, subcontractor, Government official, or other individual who does not require access to information (classified or unclassified) in furtherance of the performance of the classified contract under which the information was provided to the contractor or as authorized by this Manual.
Public Disclosure.
The passing of information and/or material pertaining to a classified contract to the public, or any member of the public, by any means of communication.
Reference Material.
Documentary material over which the GCA, who lets the classified contract, does not have classification jurisdiction, and did not have classification jurisdiction at the time the material was originated. Most material made available to contractors by the Defense Technical Information Center and other secondary distribution agencies is reference material as thus defined.
Regrade.
To assign a higher or lower security classification to an item of classified material.
Remote Terminal.
A device for communication with an automated information system from a location, that is not within the central computer facility.
Representative of a Foreign Interest (RFI).
A citizen or national of the United States, who is acting as a representative of a foreign interest. (See "Foreign Interest.")
Restricted Area.
A controlled access area established to safeguard classified material, that because of its size or nature, cannot be adequately protected during working hours by the usual safeguards, but that is capable of being stored during non-working hours in an approved repository or secured by other methods approved by the CSA. (See paragraph 5-305.)
Restricted Data.
All data concerning the design, manufacture, or utilization of atomic weapons; the production of special nuclear material; or the use of special nuclear material in the production of energy, but shall not include data declassified or removed from the RD category pursuant to section 142 of the Atomic Energy Act of 1954, as amended.
SECRET.
The designation that shall be applied only to information or material the unauthorized disclosure of which reasonably could be expected to cause serious damage to the national security.
Security Cognizance.
The Government office assigned the responsibility for acting for CSAs in the discharge of industrial security responsibilities described in this Manual. Security in Depth. A determination made by the CSA that a contractor's security program consists of layered and complementary security controls sufficient to deter and detect unauthorized entryand movement within the facility.
Security Violation.
Failure to comply with the policy and procedures established by this Manual that reasonably could result in the loss or compromise of classified information. Sensitive Compartmented Information. All Intelligence Information and material that requires special controls for restricted handling within compartmented channels and for which compartmentation is established.
Shipper.
One who releases custody of material to a carrier for transportation to a consignee. (See "Consignor.")
Short Title.
An identifying combination of letters and numbers assigned to a document or equipment for purposes of brevity.
Source Document.
A classified document, other than a classification guide, from which information is extracted for inclusion in another document.
Special Access Program.
Any program that is established to control access, distribution, and to provide protection for particularly sensitive classified information beyond that normally required for TOP SECRET, SECRET, or CONFIDENTIAL information. A Special Access Program can be created or continued only as authorized by a senior agency official delegated such authority pursuant to E.O. 12356. Standard Practice Procedures. A document(s) prepared by a contractor that implements the applicable requirements of this Manual for the contractor's operations and involvement with classified information at the contractor's facility.
Subcontract.
Any contract entered into by a contractor to furnish supplies or services for performance of a prime contract or a subcontract. For purposes of this Manual a subcontract is any contract, subcontract, purchase order, lease agreement, service agreement, request for quotation (RFQ), request for proposal (RFP), invitation for bid (IFB), or other agreement or procurement action between contractors that requires or will require access to classified information to fulfill the performance requirements of a prime contract.
Subcontractor.
A supplier, distributor, vendor, or firm that furnishes supplies or services to or for a prime contractor or another subcontractor, who enters into a contract with a prime contractor. For purposes of this Manual, each subcontractor shall be considered as a prime contractor in relation to its subcontractors.
Subsidiary Corporation.
A corporation in which another corporation owns at least a majority of its voting securities.
System Software.
Computer programs that control, monitor, or facilitate use of the AIS; for example, operating systems, programming languages, communication, input-output control, sorts, security packages and other utility-type programs. Considered to also include off-the-shelf application packages obtained from manufacturers and commercial vendors, such as for word processing, spreadsheets, data base management, graphics, and computer-aided design.
Technical Data.
Information governed by the International Traffic in Arms Regulation (ITAR) and the Export Administration Regulation (EAR). The export of technical data that is inherently military in character is controlled by the ITAR, 22 CFR 120.1-130.17 (1987). The export of technical data that has both military and civilian uses is controlled by the EAR, 15 CFR 368.1-399.2 (1987).
TOP SECRET.
The designation that shall be applied only to information or material the unauthorized disclosure of which reasonably could be expected to cause exceptionally grave damage to the national security.
Transclassification.
When information has been removed from the RD category by a joint determination of DOE and DOD and placed in the FRD category in accordance with section 142d of the Atomic Energy Act.
Transmission.
The sending of information from one place to another by radio, microwave, laser, or other nonconnective methods, as well as by cable, wire, or other connective medium. Transmission also includes movement involving the actual transfer of custody and responsibility for a document or other classified material from one authorized addressee to another.
Transshipping Activity.
A government activity to which a carrier transfers custody of freight for reshipment by another carrier to the consignee.
United States and Its Territorial Areas.
The 50 states, the District of Columbia, the Commonwealth of Puerto Rico, Guam, American Samoa, the Virgin Islands, the Trust Territory of the Pacific Islands (also called Micronesia), Midway Island, Wake Island, Johnston Atoll, Kingman Reef, Swain's Island, and Palmyra Island.
Unauthorized Person.
A person not authorized to have access to specific classified information in accordance with the requirements of this Manual.
United States.
The 50 states and the District of Columbia.
United States Citizen (Native Born).
A person born in one of the following locations is considered to be a U.S. citizen for industrial security purposes: the 50 United States; District of Columbia; Puerto Rico; Guam; American Samoa; Northern Mariana Islands; U.S. Virgin Islands; Panama Canal Zone (if the father or mother (or both) was, or is, a citizen of the U.S.); the Federated States of Micronesia; and the Republic of the Marshall Islands.
U.S. Person.
Any form of business enterprise or entity organized, chartered or incorporated under the laws of the United States or its possessions and trust territories and any person who is a citizen or national of the United States.
Upgrade.
A determination that certain classified information, in the interest of national security, requires a higher degree of protection against unauthorized disclosure than currently provided, coupled with a changing of the classification designation to reflect such a higher degree.
Voting Securities.
Any securities that presently entitle the owner or holder thereof to vote for the election of directors of the issuer or, with respect to unincorporated entities, individuals exercising similar functions.
Working Hours.
The period of time when:
a. There is present in the specific area where classified material is located, a work force on a regularly scheduled shift, as contrasted with employees working within an area on an overtime basis outside of the scheduled workshift; and
b. The number of employees in the scheduled work force is sufficient in number and so positioned to be able to detect and challenge the presence of unauthorized personnel. This would, therefore, exclude janitors, maintenance personnel, and other individuals whose duties require movement throughout the facility.
APPENDIX D
Acronyms:
AEA Atomic Energy Act AECA Arms Export Control Act AIS Automated Information System AISSP Automated Information System Security Plan BL Bill of Lading CAGE Commercial and Government Entity CFIUS Committee on Foreign Investment in the United States CIA Central Intelligence Agency CIPA Classified Information Procedures Act CNWDI Critical Nuclear Weapons Design Information COMSEC Communications Security CONOP Concept of Operations COOP Continuity of Operations Procedure COR Central Office of Record CSA Cognizant Security Agency CSO Cognizant Security Office CUSR Central United States Registry CVA Central Verification Activity DCI Director of Central Intelligence DCID Director of Central Intelligence Directive DCMS Defense Contractor Monitoring Station DCS Defense Courier Service DGR Designated Government Representative DIS Defense Investigative Service DISCO Defense Industrial Security Clearance Office DLSC Defense Logistics Services Center DoD Department of Defense DoDSI Department of Defense Security Institute DOE Department of Energy DTIC Defense Technical Information Center EAA Export Administration Act E.O. Executive Order FBI Federal Bureau of Investigation FCL Facility (Security) Clearance FGI Foreign Government Information FMS Foreign Military Sales FOCI Foreign Ownership, Control or Influence FRD Formerly Restricted Data FSO Facility Security Officer FSS Federal Supply Schedule GCA Government Contracting Activity GCMS Government Contractor Monitoring Station GFE Government Furnished Equipment GSA General Services Administration GSC Government Security Committee HOF Home Office Facility IDS Intrusion Detection System IFB Invitation for Bid IR&D Independent Research & Development ISOO Information Security Oversight Office ISSR Information System Security Representative ITAR International Traffic in Arms Regulations LAA Limited Access Authorization LOC Letter of Notification of Personnel Clearance MFO Multiple Facility Organization MOA Memorandum of Agreement MTMC Military Traffic Management Command NACC National Agency Check and Credit Check NATO North Atlantic Treaty Organization NDP National Disclosure Policy NID National Interest Determination NISP National Industrial Security Program NISPOM National Industrial Security Program Operating Manual NISPOMSUP National Industrial Security Program Operating Manual Supplement NPLO NATO Production Logistics Organization NRC Nuclear Regulatory Commission NSA National Security Agency NSM Network Security Manager OADR Originating Agency's Determination Required PCL Personnel (Security) Clearance PIN Personal Identification Number PMF Principal Management Facility RD Restricted Data RFI Representative of Foreign Interest RFP Request for Proposal RFQ Request for Quotation SAN Separately Accredited Network SCA Security Control Agreement SCI Sensitive Compartmented Information SCIF Sensitive Compartmented Information Facility SSA Special Security Agreement SSBI Single Scope Background Investigation SSS Security Support Structure TCO Technology Control Officer TCP Technology Control Plan UL Underwriters' Laboratories U.K. United Kingdom U.S. United States U.S.C. United States Code VAL Visit Authorization Letter