Temporary Sensitive Compartmented Information Facilities (T-SCIF) Training Guide
|
|
- Lizbeth Bryant
- 6 years ago
- Views:
Transcription
1 Temporary Sensitive Compartmented Information Facilities (T-SCIF) Training Guide January 2013
2 T-SCIF Training Welcome Welcome to T-SCIF Training Welcome to T-SCIF Training Welcome to Temporary Sensitive Compartmented Information Facilities or T-SCIF Training The goal of this course is to ensure responsible security professionals are provided adequate training in protecting National Security Information (NSI) at the Sensitive Compartmented Information (SCI) level while supporting the needs of the mission. The course is designed to help you understand the Department of Defense (DoD) guiding principles for Sensitive Compartmented Information, the critical importance of Temporary Sensitive Compartmented Information Facilities (T- SCIFs), and how to prepare for and implement a T-SCIF. The course provides quality training to both newly assigned or appointed individuals with little or no SCI experience in their performance as an SCI security official and to those in the field who are engaged in implementing a T-SCIF. Anyone involved with T-SCIFs can benefit from this training. Navigation Instructions Host: Before you begin this course for the first time please take a minute to review the navigation information and meet your guide, Sgt. Jones. Navigating through this course requires that you are aware of the options available for changing slides, viewing the transcript, and searching for key words. The panel on the left contains three tabs. The outline tab shows the slide titles to enable you to move to a specific slide. The Transcript tab allows you to read along with the audio. The Search tab provides a search engine that will help you locate specific words or topics in either the slide or the notes. In the upper right of the slide you can click to view a searchable glossary, find downloadable references and resources, and exit the course. There are two types of slide navigation. The main buttons are on the bottom of the screen and allow volume and slide direction control. Clicking on the large arrow will either play or pause the current slide. Use the smaller arrows to advance or retreat through the slides. Throughout the course there are several internal slide shows. For each of these arrows will appear on the upper right hand corner. These are the only way to advance through the internal slide shows without missing any of the information. Now I d like to introduce you to Sgt. Jones. Sergeant Jones: Good day ma am. Page 2
3 T-SCIF Training Part 1 Host: You will meet Sgt. Jones at various places throughout the course. Sergeant Jones: That is correct. Together we will strive to teach you what you need to know to set up and break down a temporary SCIF. Now go start the course. Course Purpose All personnel with access to classified information must maintain a heightened sense of awareness and immediately take action to report all instances of suspicious and malicious behavior to their Security Manager, Special Security Office, and/or Chain of Command. This course is intended to: Provide guidance for the approval and operation of T-SCIFs, when required, in support of tactical, contingency, emergency, and other immediate operational needs, and Ensure the execution and protection of a sound command security program to protect classified information and prevent unauthorized disclosure. Table of Contents This course is divided into two parts. Part I is an introduction to and overview of Temporary Sensitive Compartmented Information Facilities, or T-SCIFs, including lists of resources that define regulations and procedures for setting up and reviewing a T-SCIF. This section is intended to provide a solid foundation for anyone assigned the job of implementing a T-SCIF. Part II goes deeper into the details of creating and managing a T-SCIF. This portion of the course is intended to be used as initial training but also as an important reference tool for the day-to-day workings of a T-SCIF, including how to withdraw from a T-SCIF, and how to report security incidents and violations. To start the course, click on the Part I title, or if you have already viewed those lessons, you can go directly to Part II by clicking on the Part II title. There are knowledge checks throughout the course, and these are not scored. However, at the end of the course is a cumulative assessment. You must pass this test at the end with at least a score of 75% to qualify for a Certificate of Completion for this course. Page 3
4 T-SCIF Training Part 1 Part 1 - Introduction Overview of Temporary Sensitive Compartmented Information Facilities Objectives By the end of Part 1 of this course you should be able to: Define SCI Identify SCI Leadership Responsibilities Explain T-SCIF Security Requirements Locate Resources to Set Up and Review a T-SCIF Lesson 1: Timeline and SCI Authority Lesson 1: National Security and U.S. Army timelines for SCI and defines SCI and security. National Security Policy and US Army SCI Authorities Timeline US Army SCI Authorities Timeline This timeline shows the history of the authorities that have been put in place to assure the security of sensitive compartmented information. Click on each button on the timeline to see a short explanation of what each document contains. What is SCI? All classified information is divided into one of three categories: Confidential applies to information or material the unauthorized disclosure of which could be reasonably expected to cause damage to the national security. Secret applies to information or material the unauthorized disclosure of which reasonably could be expected to cause serious damage to the national security. Top Secret applies to information or material the unauthorized disclosure of which could reasonably be expected to cause exceptionally grave damage to the national security. "For Official Use Only" or FOUO is not a security classification. It is used to protect information covered under the Privacy Act and other sensitive data. In addition to the above, some classified information is so sensitive that even the extra protection measures applied to Top Secret information are not sufficient. This information is known as "Sensitive Compartmented Information" (SCI) or Special Access Programs (SAP). An individual needs special "SCI Access" or SAP approval to be given access to this information. Page 4
5 T-SCIF Training Part 1 Sensitive Compartmented Information or SCI, is classified national intelligence concerning, or derived from, intelligence sources, methods, or analytical processes that is required to be protected within formal access control systems established and overseen by the Director of National Intelligence. Access to SCI is closely controlled and granted only after a clear need-to-know for such access has been established. Who Owns the Program? E.O amended E.O and established the Director of National Intelligence (DNI) as the Head of the Intelligence Community for intelligence matters related to National Security. DNI oversees and directs the implementation of the National Intelligence Program. Part 1 Lesson 1 Knowledge Check Read the question and answers carefully to determine the correct answer. Drag and drop the role to the matching responsibility on the left. When you have made your selection click Submit to check your answer. Lesson 2: SCI Leadership Responsibilities Lesson 2: SCI Leadership Responsibilities describes the SCI Community network and provides a listing of leadership responsibilities. It also includes the training requirements for those involved with SCI. SCI Community Network The SCI Community Network is composed of all personnel assigned the responsibility of managing, safeguarding, storing, and/or transmitting intelligence information over an SCI Network. This includes but is not limited to: Special Security Officers (SSOs), Special Security Representatives (SSRs), and Information Assurance Managers (IAMs) in your chain of command, your ACOM/ASCC & DRU SCI Program Managers, HQDA SCI Program Managers, and SSO DIA. All of these resources are available to support you! NOTE: When deployed: SSOs will follow COCOM representative guidelines. Required Training The major organizations providing SSO training are the DIA, ODNI and DSS. All Page 5
6 T-SCIF Training Part 1 personnel assigned to the position of SSO and/or ASSO will attend the SCI Security Officials course within 120 days of being appointed to these security duties. Security courses are sponsored by ODNI and DSS. SSRs will be trained by the respective SSO within 30 days of assignments to the position and, when possible, allowed attendance at the Security Officials course as a security baseline. SSOs will provide annual refresher training and maintain strategic communications with SSRs and security managers at all echelons to ensure the integrity of the SCI program. SSOs will provide security training to subordinate commands for T-SCIF operations and further safeguarding of classified information during the redeployment phase. The SCI Security Officials course is listed in STEPP as Course #SCI Part 1 Lesson 2 Knowledge Check Read the question and answers carefully to determine the correct answer. Drag and drop the role to the matching responsibility on the left. When you have made your selection click Submit to check your answer. Lesson 3: T-SCIF Overview Lesson 3: T-SCIF Overview begins with a definition of T-SCIF and covers Planning Considerations, how to make a T-SCIF Request, and reviews certain required Policies, Procedures, and Standard Operating Procedures. T-SCIF Requirements A Temporary SCIF is a facility determined to be necessary for a limited time to meet tactical, emergency, or immediate operational requirements as defined in ICS In accordance with IC Tech Spec-for ICD/ICS 705, Chapter 6, Ground-Based T-SCIFs may be established in hardened structures, for example, buildings and bunkers, or semi-permanent structures like truck-mounted or towed military shelters, prefabricated buildings, or tents. Permanent-type hardened structures shall be used to the greatest extent possible for T -SCIFs. Prior to the T-SCIF activation, the Accrediting Official (AO) may require submission of a standard Fixed Facility Checklist (Attachment 8a) or a T-SCIF Checklist produced before or after a deployment. Page 6
7 T-SCIF Training Part 1 T-SCIF Planning Considerations Establishing a T-SCIF requires detailed planning and coordination. Listed below are procedures to follow: Provide proper protection, use, and dissemination of SCI documents and material by enforcing SCI, information, personnel, physical, communications, industrial, and IA security rules and by developing standard operating procedures also known as SOPs and practices in accordance with regulatory guidance (DoDM Volumes 1,2,& 3). Ensure SCI is disseminated to persons with authorized access to the material. They also must have an established "need-to-know". Ensure an Accrediting Official-approved Emergency Action Plan or EAP is developed and rehearsed periodically by all personnel assigned to the T-SCIF; the results of the rehearsal drills shall be documented. Ensure SCI cleared personnel receive proper security education training and awareness and are trained to perform their respective duties and responsibilities in the protection of SCI and equipment. Ensure when employing a T-SCIF, a risk management approach is used that balances the operational mission with the protection of SCI. Pre-Deployment Considerations SCIF security, temporary or permanent, starts with the decision to build a SCIF. Adequate planning and design will prevent many of the security risks to SCI. If you have been assigned responsibility for creating a T-SCIF, then site planning should have already taken place, including looking at the standoff distance for AT/FP as well as TEMPEST requirements. Pre-deployment considerations are covered in the T-SCIF Request which must be submitted at least 14 days prior to T-SCIF activation. Other items to consider include: Access Control Procedures Visitor and Escorting Procedures Let s start with the T-SCIF request. T-SCIF Request Required Information The information listed here is required to complete the T-SCIF REQUEST JWICS M3 MESSAGE FORMAT It must be submitted at least 14 days prior to T-SCIF activation. Page 7
8 T-SCIF Training Part 1 Indicate parent SCIF ID# and Exercise/Operation Name, parent group SSO, and the name of your SSO. Indicate where training will take place if it will be held at a different installation or command. Indicate where you will be deployed from and the 8 digit map coordinates (if possible) of the deployment location. Describe the facility to be used, and the type of T-SCIF configuration. For example, tents, shelters, vehicles, existing shelters, caves, etc. Provide dates of operation from STARTEX to ENDEX. Note that T-SCIFs will be 24-hour mode of operation. This cannot be waivered. How many SSO/SSR personnel will be present per shift? There must be at least one SCI-cleared individual present at all times. List the name, rank, unit, and contact number, if available for the SSO/SSR responsible for onsite operations of the T-SCIF. Describe how the SCI will be stored. Describe how SCI will be transported from the SCIF to the field site. Include means of transportation and storage of SCI while in transit. Note: Couriers must be appointed on orders. Describe the physical aspects of the T-SCIF's defensive perimeter, and use of concertina. Include the number, type and placement of guards fixed or roving, clearance level of guards, and access point. Provide nomenclature of guard's weapons and storage point of ammunition if applicable. What are the type and classification level of SCI being processed or utilized. What is the nomenclature of systems used to process SCI? Will hardcopy SCI storage be required, if so, what is the nomenclature of the approved GSA security container? Is there proper sound attenuation for open discussion of SCI in the T-SCIF? If not, what counter measures will be used. For example, power generator, white noise generators, etc. T-SCIF Request Required Information List other sections/elements/units and methods where SCI links are established. Will foreign nationals or visitors require access to the T-SCIF? If so, describe them. List the type and number of phones or voice communication devices to be used in the T-SCIF. Describe protection/encryption or Telephone Security Group (TSG) rating to be used for classified voice traffic. If there are passive receivers and television equipment, provide type and use for each system listed. Page 8
9 T-SCIF Training Part 1 An Emergency Action Plan/Standard Operating Procedure is required. Ensure that the EAP/SOP is reviewed by Unit SIO (G-2/S-2) at least annually. Use the Remarks section to add any items or processes that are not covered in the format of this request. Describe all requested waivers. Provide date, division and corps, or Unit MSC reviewed, and provide local approval. Give the name, rank, unit/sso, phone: DSN, CML, unclassified fax, and classified fax for the message POC. As needed be sure to use proper "Classified By," Derived From, and "Declassify On" markings. For example: Classified: John Doe, Director, Space Command Derived from: DoDM , Volumes 1-3, Sensitive Compartmented Information (SCI) Administrative Security Manual, October 19, Declassify on: As always, ensure paragraph markings are use in accordance with the ICD 710 and the Controlled Access Program Coordination Office Authorized Classification and Control Office (CAPCO) Markings Register, Volume 4, Edition 1 (version 4.1), December 10, Common Errors Below is a list of the five most common errors found in T-SCIF request submission: Top 5 T-SCIF Request Discrepancies addressed/corrected by HQDA SSO (1) SOP/EAP not signed/dated and/or reviewed annually (2) Specify if personnel will transport SCI by courier deployed from/deployed to, how safeguarded, and distance (miles) (3) Specify storage/safeguarding of SCI during non-duty hours (duty hours may only be 8 hours p/day, but operational period w/security is 24/7) (4) Purpose of T-SCIF request not stated (training, exercise, maintenance, and predeployment) (5) Memorandum of Understanding (MOU) or Memorandum of Agreement (MOA) not in place with Parent Facility (if required) Policies and Procedures Per Policies, Procedures, & SOPs the following information is required or recommended. There is no cell phone use in T-SCIFs. This is not strictly enforced, but needs to be. It is recommended to get C of S to sign list of authorized personnel for cell phone usage in Tactical Operations Centers (TOCs). Page 9
10 T-SCIF Training Part 1 For escorting, visitors, and badge reciprocity, it is recommended that trained access point personnel (band & commandant) control visitors and enforce proper procedures. Higher ranks should not "vouch" for personnel not on access rosters. To prevent confusion resulting from potentially invalid badges or old badges from old units, only allow MNCI badges and your unit badges. Concerning badging and who gets what badge and who is authorized a badge, it is recommended to only issue badges to those personnel with daily business in TOC or SCIF. Minimize the number of badges. Make sure access guards making badges are only authorized Secret level badges. SSO only issues SCI-level badges. Policies and Procedures (Cont.) The following recommendations are related to T-SCIF & SSR Requirements. An SSR must complete online training, have signed orders, and present SSO with a copy of certificate of completed training. The T-SCIF must have at least one SSR present at all times. Also, make sure SSRs submit T-SCIF requests in timely manner and do not try to operate illegally. They must be in compliance. Interim Access Requirements cover policy & procedure for the Standard Paperwork or Packet. The Standard Packet includes: Memo signatures from: The S2 who conducts the screening in accordance with AR The Commander (O-5 or above) in the soldier's chain of command (not just any O-5), The soldier s statement that he understands this is not a clearance and that it is only for the duration of the deployment. Memo is signed by the Commander once he or she reviews the entire packet A signed SF 312, the Screening Sheet filled out and signed, and a security briefing on how to handle classified information, signed by the soldier who is then added to the Interim Access Roster and issued a badge. This roster is then also used to debrief and collect all badges upon redeployment. Policies and Procedures (Cont.) Drives and M3 Accounts On Control and Storage of SCI Hard Drives for BCTs, the recommendation is that the SSO stores all SCI hard drives in his or her SCIF until all SSR requirements, IASO requirements, and T-SCIF approval is met and completed. This prevents the SSO from not completing minimum requirements and training, and ensures the SSO is Page 10
11 T-SCIF Training Part 1 operating legally. Thumb drives are not authorized for use in a T-SCIF. Finally, concerning M3 access, it might prove beneficial to provide SSRs with limited access to M3 to only view T-SCIF approval messages and visit certificates in case of last-minute access or updates. Part 1 Lesson 3 Knowledge Check Read each question carefully and select the correct answer. Click Submit to check your response. Lesson 4: T-SCIF Security Requirements Lesson 4: In the T-SCIF security requirements lesson we will discuss location, physical security and access requirements, as well as communication and connectivity. Location When possible, T-SCIFs shall be established within the perimeters of U.S. - controlled areas or compounds. If a U.S.-controlled area or compound is not available, the T-SCIF shall be located within the area that affords the greatest degree of protection against surreptitious or forced entry. Minimum Security Requirements Minimum security requirements are essential for tactical operations. Each T-SCIF configuration offers unique security challenges. Each will be improved upon, using the security considerations and requirements for permanent secure facilities as an ultimate goal. While in a tactical environment, a 24-hour operation is mandatory. T-SCIF security features shall provide acoustical, visual, and surreptitious entry protection. TSCM Inspection A TSCM inspection shall be requested for any structure proposed for T-SCIF use if the space was previously occupied by a non-u.s. element. It is the Accrediting Official s (AOs) responsibility to evaluate operating the SCIF prior to TSCM inspection and formally assume all risk associated with early operation. Page 11
12 T-SCIF Training Part 1 Physical Security Requirements The AO, in collaboration with the CTTA, shall provide red/black separation and protected distribution guidance for field installation in accordance with NSTISSAM TEMPEST 2-95 and 2-95A and CNSSI When a T-SCIF is no longer required, the responsible SCI security official shall conduct a thorough facility inspection to ensure all SCI material has been removed. Access Requirements It is critical that the T-SCIF has only one point of entry. According to the Tech Spec The T-SCIF shall have only one entrance which shall be controlled during hours of operation by an SCI-indoctrinated person using an access roster. That single entry point must be continuously manned by an SCI indoctrinated person with an access control roster. It is important to note that automated access control is not authorized. Ensure you list detailed procedures for your entry control in your SOP s. Communication and Connectivity Unclassified telecommunications equipment shall meet the requirements outlined in the IC Tech Spec -for ICD/ICS 705 to the greatest extent practical. Telephones obtained in a foreign country shall not be used within a T-SCIF. Communication and Connectivity Cables and wires penetrating the T-SCIF perimeter shall be provided protections in accordance with Tech Spec 705. The AO may require inspections and routing of cables and wiring through protective distribution systems (PDS) or may require other countermeasures. Part 1 Lesson 4 Knowledge Check Read each question carefully and select the correct answer. Click Submit to check your response. Lesson 5: T-SCIF Set Up & Review Lesson 5: T-SCIF Set Up and Review covers the three types of T-SCIFs, acceptable barriers, where to place signs, and gives a high level overview of storage and destruction of SCI. Page 12
13 T-SCIF Training Part 1 Types of T-SCIFs In this section we will look at the three major types of T-SCIFs, and required Physical Barriers. There are three major types of T-SCIFs, those within a DTOC (Division Tactical Operations Center), those adjacent to a DTOC and a Stand Alone T-SCIF. The T-SCIF may be established in a room, building, bunker, tent, truck-mounted or towed shelter, prefabricated modular trailer or building, part of a compartment located on an aircraft, including unmanned aerial vehicles, surface/subsurface vessels. Regardless of what configuration is adopted, it must provide appropriate acoustical, visual, and surreptitious entry protection. Based upon a local risk assessment, the approving authority may require additional physical security safeguards, (i.e. the installation of sound-masking devices, locks, access controls, alarms, or physical barriers (temporary walls, fences, radio frequency shielded shelter, etc.) in order to prevent non-sci indoctrinated personnel located in adjacent T-SCIF areas from gaining access (deliberate or unintentional) to SCI information. An example of where this may be needed is a T- SCIF that is physically co-located within a collateral facility or a host nation installation. T-SCIF Within a DTOC This T-SCIF is located within the boundaries of another facility but is isolated by the addition of a separate barrier. This might include a T-SCIF that was constructed within an existing building. If that building has previously been occupied by a non-u.s. element, you must request a TSCM. The Type of T-SCIF to be constructed depends on the location of the building, the positioning of the generators, positioning of physical security, and how the physical area can be controlled. T-SCIF Adjacent to DTOC This T-SCIF is located next to and adjacent to the boundaries of another facility, and has its own barrier. Standalone T-SCIF Stand Alone T-SCIF Connected To Types of T-SCIFS This T-SCIF could be located anywhere and it must have its own barrier. Page 13
14 T-SCIF Training Part 1 T-SCIF Physical Barrier When possible, locate your T-SCIF within pre-established perimeters. If this is not possible, place it where it can get the greatest protection from surreptitious or forced entry. Use whatever type of items you have available to construct a barrier. Use concertina and Jersey barriers if possible. Make sure that there are no gaps in the perimeter. You should continually build on your perimeter security. Note: The T-SCIF approval authority shall determine whether proposed security measures provided adequate protection based on local threat conditions. T-SCIF Perimeter The perimeter of your T-SCIF will have a continuous guard force observing the entire perimeter. It can be guarded by roving or fixed guards. The guard force must have a Secret clearance. This clearance may be waivable with mitigation. (For information on waivers see DoDM Volumes 1,2,& 3) They also need to carry emergency communication equipment and be armed if necessary. For example, in a war zone you would have armed guards, but for a training exercise it is unlikely to be necessary. Signs Wherever practical, T-SCIFs will be designated as a restricted area according to the "Internal Security Act of 1950" (64 Statute 987). The Special Security Officer (SSO) will ensure the T- SCIF is listed within the post or installation directive which defines and designates all local controlled areas and will post outside the T-SCIF the proper English and foreign (overseas areas only) language Restricted Area signs as appropriate. SCI Storage Under field or combat conditions open storage of SCI media and materials requires a continuous presence by SCI-indoctrinated personnel. Every effort shall be made to obtain from any available host command necessary support for the storage and protection of SCI, for example, security containers, generators, guards, weapons, etc. The quantity of SCI material within a T-SCIF shall be limited, to the extent possible, to an amount consistent with operational needs. All SCI shall be stored in GSA-approved security containers. The Action Officer (AO) may approve exceptions to the storage of SCI material in GSA- Page 14
15 T-SCIF Training Part 1 approved storage containers for a specified period of time. SCI Destruction The Action Officer shall approve the means by which SCI material will be destroyed when it is no longer needed. Approved methods of destruction: SCI must be destroyed in a manner that will prevent reconstruction (i.e., Burning, Pulping, Shredding, Pulverizing, Melting, and Chemical Decomposition). All Information Systems (IS) and magnetic media must be destroyed in accordance with the NSA. Activation Checklist Activating a T-SCIF is the culmination of several weeks and perhaps months of planning and coordination. Go to the Reference tab to print out the Activation Checklist containing examples of items to consider when activating a T-SCIF. The security identified should be improved upon as the situation warrants. This checklist should be modified to include specific or unique unit requirements. Part 1 Lesson 5 Knowledge Check Read each question carefully and select the correct answer. Click Submit to check your response. Lesson 6: Examples of T-SCIF Configurations Lesson 6: Example of T-SCIF Configurations is a narrated slide show that includes some of the many variations that occur in T-SCIF set ups. The following slide show has examples of T-SCIF configurations. Click the arrow to advance from slide to slide or click Slide Show. it will cover five important areas of the T-SCIF. T-SCIF types Perimeters Protection Entry ways Interior Page 15
16 T-SCIF Training Part 1 Examples of T-SCIF Configurations Part 1 Lesson 6 Knowledge Check Read each question carefully and select the correct answer. Click Submit to check your response. Lesson 7: Deployment Considerations Lesson 7: Deployment Considerations Lesson 7: Topics covered in this section include: Deployment Considerations Transporting SCI Materials, and Redeployment Considerations Deployment Considerations When deployed to a T_SCIF, there are two questions to consider: Is the physical layout and overall security of the T-SCIF in accordance with IC Tech Spec for ICD/ICS 705? Is the Accreditation Paperwork for the Stay Behind Equipment available if equipment was left from a previous unit? In regard to equipment, the following is a list of Required Equipment: 1. NIPR, SIPR, JWICS terminals / laptops 2. DSN and VOIP Phones Lines 3. Digital Scanner - Fax not available over there 4. Document Shredder 5. Safe 6. Cipher Locks on doors 7. DCS Deployed account 8. Indoctrination DVD - A print copy should be available in-case DVD players are unavailable in a T-SCIF. For backup, coordinate indoctrinations with another SSO in the vicinity of deployed location. In related issues, make sure you know the Open Storage Policy in the Deployed Environment (DIV SEC MGR), who is in charge of these, and when they are deployed. Page 16
17 T-SCIF Training Part 2 Part Two - Application PART 2 Managing Temporary Sensitive Compartmented Information Facilities (T- SCIFs) Objectives By the end of Part 2 of this course you should be able to: Create a T-SCIF Emergency Action Plan (EAP) Courier SCI in a Tactical Environment Apply Proper Media Control & PED Mitigation Prepare a T-SCIF for Withdrawal Properly Report Security Incidents & Violations Securely Manage a T-SCIF Site including Information Security (IS) and Information Assurance (IA) Lesson 1: T-SCIF Emergency Action Plan (EAP) Lesson 1: This section covers how to create a T-SCIF Emergency Action Plan (EAP) EAP Overview Each T-SCIF will establish and maintain an Emergency Action Plan that accounts for: Fire Natural disaster (i.e. floods, hurricanes) Combat Conditions during times of war Communication outages Entrance of emergency personnel (e.g., host country police and firemen) into the SCIF Physical protection and safety of those working in T-SCIFs EAP Planning Planning should address the following: Protection of persons and SCI Emergency Response Personnel Evacuation plans for persons and SCI Destruction of SCI when evacuation is not possible Page 17
18 T-SCIF Training Part 2 Security Container Labels Label security containers containing materials identified for emergency destruction/ removal in the following manner: Priority One: All cryptographic equipment and related documents Priority Two: All operational SCI/SAP code word material and multimedia which might divulge: Targets and successes Documents dealing with U.S. SCI activities Documents concerning compartment projects Other sensitive intelligence materials Top secret collateral materials Priority Three: Less sensitive administrative SCI material and collateral classified material (not included above). The SIO responsible for SCI will validate the EAP. EAP Review and Drills Emergency plans will be reviewed annually and updated as necessary: All personnel must be familiar with the plans. In war zone areas where the possibility that the T-SCIF might be overrun, the SSO/SSR will conduct drills to ensure dependability of the EAP. Drills are to be conducted as circumstances warrant, but no less frequently than annually. Note: Where the risk of overrun is significant, reduce SCI holdings to absolute minimum needed for current working purposes and conditions. Emergency Action Plan - TOC - Minimum Requirements An EAP report has 3 areas of minimum requirements. These requirements include an introduction, annexes, and attachments. *** Letter of Introduction Table of Contents Distribution *** Emergency Destruction Procedures Fire Protection Bomb Threat Page 18
19 T-SCIF Training Part 2 Natural Disasters Sabotage or Terrorist Attack Riots or Civil Disorders Loss of Utilities *** (Organization) Evacuation Emergency Transportation or Material for Destruction Fire Protection Emergency Exit Routes Bomb Threat Emergency Phone Numbers Notification Alert Checklist-Evacuation Notification Alert Checklist-Emergency Destruction Notification Alert Checklist-Secure Storage Notification Alert Checklist-Fire Notification Annual Review of EAP by Assigned Personnel Part 2 Lesson 1 Knowledge Check Read each question carefully and select the correct answer. Click Submit to check your response. Lesson 2: Couriering SCI in a Tactical Environment Lesson 2: By the end of this section you should be able to: Identify proper Courier procedures Transport SCI will be transferred from one SCIF to another in a manner that ensures proper protection of the material. Convenience will not be a consideration. The preferred method of transporting SCI from one SCIF to another will be via secure or other secure electronic means. Alternatively, SCI will be transported by: SCI-indoctrinated persons (certified or designated couriers) DCS (Defense Courier Service) Establishing an account can be done in accordance with DoDI Defense Courier Operations (DCO), June 30, 2011 or in accordance with their website Diplomatic pouch Page 19
20 T-SCIF Training Part 2 When transporting SCI within the confines of a single building (military headquarters or DoD-controlled building), SCI material should be placed in a locked brief case or locked pouch. The briefcase or pouch will bear an inconspicuous notice asking anyone finding the container unattended to notify the owner immediately and to arrange to return it unopened to the owner. Formal designation or dedication of a courier is not required. Additional Transport Information More information is available concerning transportation. Go to DoDM Volumes 1,2,& 3 for additional guidance. Transmission and transportation using a briefcase or pouch Authorizations Requirements Procedures Forms DA Form 3964 identifies documents, along with routing and destruction information, reproduction authority and receipt or traces action. AR provides further information needed to complete the DA Form Couriers must possess a DD Form 2501 (Courier Authorization Card), or memo with the acronym SCI displayed prominently in the subject line. This form provides specific courier information and approval as well as a list of precautions to follow while in transit. SCI Wrapping Requirements SCI will be transported from one SCIF to another in a manner that ensures it is properly protected. For local travel, SCI material may be hand-carried using a locked briefcase or pouch as the outer wrapper along with an inner wrapper. Attach an unobtrusive luggage tag with the following notation to the briefcase or pouch: PROPERTY OF THE U.S. GOVERNMENT TO BE RETURNED UNOPENED TO - include the name of the appropriate organization and a telephone number that will be manned at all times. Note: Additional requirements are located in the see DoDM Volumes 1,2,& 3. Inner Container Wrapping Requirements SCI requires double-wrapping. Use two opaque envelopes, Kraft wrapping paper, or canvas bags, cartons, leather or plastic pouches, or similar containers which prevent observation of the contents. Seal all seams of both wrappers with reinforced paper tape. Do not use masking, Page 20
21 T-SCIF Training Part 2 cellophane or duct tape. Retain an inventory of the material until verification is received that the information was delivered to an authorized recipient. Inner Wrapper. Place address of receiving SCIF in the center of package; place address of sending SCIF in upper left corner. Include originator package control number if applicable (lower right corner recommended). Stamp or print in large letters above the address of the receiving SCIF: "TO BE OPENED ONLY BY (SCI security official, i.e. SSO, GCO, TCO, HCO or appropriately cleared recipient). Type, print or ink stamp in large letters at the top and bottom on each side, the appropriate security classification. SCI code words and caveats will not be used on any wrapper. Stamp or print the statement: "CONTAINS SENSITIVE COMPARTMENTED INFORMATION" on each side. Outer Container Wrapping Requirements Outer Wrapper. 1. Place the address of receiving SCIF in the center of the package; place address of sending SCIF in the upper left corner. Include the originator package control number, if used (lower right corner is recommended). 2. Secure outer containers with reinforced paper tape, lead seals, tumbler padlocks, or other means which reasonably protect against surreptitious access. 3. The Military Shipping Label (MSL) replaced the DCS Form The Advanced Transportation Control Movement Document (ATCMD) located at URL: - enables automated submittal of advance transportation control and movement data. The data supplied when filling out the ATCMD will also be used to create the MSL. Shippers are still required to add DCS two line address (In-The-Clear) to clarify destination delivery address. 5. After the ATCMD is submitted it will generate a Transportation Control and Movement Document (TCMD) which is used in place of the DCS Form 1. Once all the requested information has been provided, including the weight and measurements of the package, the application will generate a bar coded formatted MSL. Part 2 Lesson 2 Knowledge Check Read each question carefully and select the correct answer. Click Submit to check your response. Page 21
22 T-SCIF Training Part 2 Lesson 3: Media Control & Personal Electronic Device (PED) Mitigation Lesson 3: By the end of this lesson you should be able to: Apply proper media control & PED mitigation Use the Portable Distribution Device (PED) Mitigation Table for PED permission determination Media Control Pre-existing media or newly created media containing SCI will be externally labeled, as appropriate, with the standard forms (SF 711 and SF 712), or other identifying color-coded markings to show its classification and SCI control system caveats. Examples of media items include, but are not limited to magnetic tapes, disk packs, floppy disks, magnetic cassettes, and compact disks. Internal AIS (Automated Information Systems) media identification will include security markings in a form suitable for the media (i.e., classification; SCI system caveats, and see DoDM Volumes 1,2,& 3 for reference marking, if applicable.) The introduction and/or removal of media from an SCI facility (environment) will be accounted for by document control procedures under the control of the SSO. PEDs Current policy provides the PED Mitigation Table to assist in determining authorized and unauthorized PED introduction. The table lists types of PEDs and if they are prohibited, require approval, registration, or mitigation. Prohibited items include: MP3 players, RF transmitters, any PED with wireless transmitting capabilities, privately owned laptops, PEDs with recording capabilities, removable storage media for privately owned non-laptop PEDs, and privately owned PEDs capable of connection to system within the SCIF without interface cables or cradles. Thumb Drives are not authorized for use in a T-SCIF. These are minimum standards, SIOs may impose stricter requirements if local conditions warrant. Part 2 Lesson 3 Knowledge Check Read each question carefully and select the correct answer. Click Submit to check your response. Page 22
23 T-SCIF Training Part 2 Lesson 4: Withdrawal of T-SCIF Accreditation Lesson 4: This lesson outlines the steps to take in order to withdraw T-SCIF accreditation. Withdrawal of Accreditation of a T SCIF The following steps outline the initial steps for Withdrawal of Accreditation from a T- SCIF 1. Determine that the T-SCIF is no longer needed 2. SSO/CSSO initiates request 3. Accrediting Officer issues formal SCI withdrawal correspondence 4. Conduct a closeout inspection to ensure all SCI is removed and the facility is sanitized. SCIF Closeout Procedures SCIF closeouts and withdrawals of accreditation shall comply with the following procedures: 1. Inspect all areas, storage containers, and furniture for the presence of classified, sensitive, or proprietary information. 2. Reset safe combinations to and lock the containers. 3. Affix written certification to all storage containers that the container does not contain classified, sensitive, or proprietary information. The certification shall include the date of inspection and the name and signature of the inspector. 4. Ensure that reproduction and printing equipment is decertified or disposed of in accordance with AO guidance. 5. Dispose of, or relocate, SCI computer equipment, media, hard drives, and portable storage media as approved by the AO. 6. Request revocation of Automated Information Systems (AIS) accreditation. 7. Request revocation of SCIF accreditation 8. If the SCIF will be used for another mission or project that requires alarms, transfer alarm service to the new activity. Page 23
24 T-SCIF Training Part 2 9. If the SCIF will not be used for another mission or project and all classified information has been removed, the following shall occur: a. Alarm service shall be discontinued. b. Combinations on the entrance door and any GSA containers shall be changed to c. All keys shall be accounted for Part 2 Lesson 4 Knowledge Check Read each question carefully and select the correct answer. Click Submit to check your response. Lesson 5: Security Incidents, Violations, & Infractions Lesson 5: By the end of this section you should be able to locate the guidance to: Properly Report Security Incidents Create a preliminary inquiry report Complete a damage assessment Review an investigation report for completeness Security Incidents - Overview Security incidents are categorized as either Violations or Infractions. It is the responsibility of all SCI indoctrinated personnel to do the following: Report any security incidents affecting or involving SCI to the appropriate SSO or SCI Security Official and prepare an appropriate report that provides sufficient information to explain the incident. Security Violations A security violation involves: (1) any action that results in or could reasonably be expected to result in an unauthorized disclosure or compromise of classified information (including national intelligence); (2) any knowing, willful, or negligent action to classify or continue the classification of information contrary to the requirements of Executive Order 13526, or its implementing directives; (3) any knowing, willful, or negligent action to create or continue a special access Page 24
25 T-SCIF Training Part 2 program contrary to the requirements of Executive Order 13526; or (4) Contravene or violate any other provision of EO or its implementing directives. Security Violations (Cont.) Security violations can be a result of many incidents. Loss or exposure of SCI require immediate reporting, an investigation, and a damage assessment describing the impact on national security. Some of these incidents include, but are not limited to: Deliberate or accidental exposure of SCI resulting from loss Loss, theft, or capture Recovery by salvage Defection Press leaks or public declarations Release of unauthorized publications Discovery of clandestine surveillance and listening devices Loss that could reveal intelligence sources and methods Other unauthorized means Security Infractions As mentioned in the security overview, security incidents fall into two distinct categories: infractions and violations An Infraction is a security incident involving a deviation from current governing security regulations that does not result in an unauthorized disclosure or compromise of national intelligence information nor otherwise constitute a unauthorized disclosure or compromise of national intelligence information nor otherwise constitute a security violation (Previously Practices Dangerous to Security ). An infraction requires immediate corrective action, but does not require investigation and does not constitute a security violation, but can lead to security violations or compromises if left uncorrected. Security Violations Examples of infractions include, but are not limited to: A courier who is carrying classified documents stopping at a public establishment to conduct personal business. An employee placing burn bags adjacent to unclassified trash containers. Personnel failing to change security container combinations as required. Page 25
26 T-SCIF Training Part 2 With all reported infractions, management officials will ensure prompt corrective action is taken and that those actions are documented. Reporting Security Incidents Report all security incidents to an SCI security official in the following manner: Incidents where SCI is compromised as a result of espionage or suspected espionage will be reported immediately by the most secure means to the appropriate HICE or designee. Activity concerning the violation will cease pending a counterintelligence assessment by the appropriate HICE or designee. Security Incidents - Compromise Certain For a security violation with a determination of "Compromise Certain" the cognizant HICE will immediately report the incident to the appropriate Intelligence Community program manager. The steps to this procedure are to first send a copy of the report to SSO DIA/DAC-3D. Next, an investigation will be conducted to identify full details of the violation/ compromise, and to determine what specific information was involved, what damage resulted, and whether culpability was involved in the incident. Security Incidents - Summary Reports HICEs will provide summaries of investigations to the DNI and a copy to SSO DIA/DAC- 3D under the following conditions: When investigations show that SCI was inadvertently disclosed to foreign nationals or deliberately disclosed to unauthorized persons When cases under investigation involve espionage, flagrant dereliction of security duties, or serious inadequacy of security policies or procedures Local SCI security officials will advise the parent command SCI security officials of SCI security violations that occur within their security cognizance and involve personnel assigned to that parent command Security Incidents - Outside the AOR If a security violation is committed by an activity that does not belong to the organization exercising security cognizance where the violation occurred, procedures are as follows: The SSO notifies both organizations of the security violation. Page 26
27 T-SCIF Training Part 2 The organization with security cognizance ensures that an investigation is conducted. A report of investigation is forwarded to both organizations. The organization whose activity committed the violation will determine what corrective action should be taken. The report of this determination will be forwarded to the other organization involved. Security Incidents - Information Systems All security violations occurring on computer systems, terminals, or equipment which process SCI will be reported through command SCI channels SCI security officials and the DoDIIS site Information Assurance Manager will coordinate security incidents involving SCI systems Examples of serious incidents on a SCI network include, but are not limited to: Human error in reviewing media for content and classification, resulting in compromise Incorrect setting of a security filter that results in the compromise of intelligence Intrusion Attempts Intrusion attempts, can either be either physical, through hacking or Virus attacks Failure of a system or network security feature Note: Commanders, supervisors, and their security managers must ensure that SCI security violations or other information that could impact on an individual's continued eligibility for access to SCI are reported to the appropriate Central Adjudication Authority. Preliminary Inquiry Report When the SCI security official determines that a security violation has occurred, the SCI security official must report the violation within 72 hours of discovery to the appropriate HICE/SIO with information copies to SSO DIA/DAC-3D. The local SIO must ensure the appointment of an inquiry official. Preliminary Inquiries will not be conducted by the SSO or staff member. In addition, classify the notification according to content, but at least Confidential, to prevent further possible disclosure. Send the notification by priority DSSCS message or other secure channel. Page 27
28 T-SCIF Training Part 2 Security Violation Investigation Report Reports of investigation will include sufficient detail to explain the incident. The report will assess intent, location of incident, risk of compromise, sensitivity of information, and mitigating factors in arriving at a final analysis of the incident. Damage Assessment Damage Assessment of Compromised Information Be aware that loss or exposure of SCI from any cause requires immediate reporting, investigation, and submission of a damage assessment describing the impact on national security. The original classification authority (OCA) must: 1. Reevaluate lost or compromised information. 2. Determine if a change in classification is needed. 3. Indicate damage to national security. Part 2 Lesson 5 Knowledge Check Read each question carefully and select the correct answer. Click Submit to check your response. Part II Summary In the second part of this course you learned to create a T-SCIF Emergency Action Plan, how to apply proper media and PED control, securely manage the IS, prepare a T- SCIF for withdrawal of accreditation and report security incidents. Page 28
August Initial Security Briefing Job Aid
August 2015 Initial Security Briefing Job Aid A NOTE FOR SECURITY PERSONNEL: This initial briefing contains the basic security information personnel need to know when they first report for duty. This briefing
More informationFrom: Commanding Officer/Leader, United States Navy Band
DEPARTMENT OF THE NAVY UNITED STATES NAVY BAND 617 WARRINGTON AVE., SE WASHINGTON NAVY YARD, DC 20374-5054 NAVBANDINST 5510 NB.SM NAVY BAND INSTRUCTION 5510 From: Commanding Officer/Leader, United States
More informationQ-53 Security Training: Transmitting and Transporting Classified Information, Part I
Q-53 Security Training: Transmitting and Transporting Classified Information, Part I Agenda Classified Information Dissemination Outside of DoD Disclosure Handling Transmission and Transportation Requirements
More informationDepartment of Defense MANUAL
Department of Defense MANUAL NUMBER 5105.21, Volume 1 October 19, 2012 Incorporating Change 1, Effective May 16, 2018 USD(I) SUBJECT: Sensitive Compartmented Information (SCI) Administrative Security Manual:
More informationBalancing Requirements
REFERENCES LESSON TOPIC 5.5 Safeguarding SECNAV M-5510.36, Chapters 7 and 10 OPNAVINST 5530.14E, Physical Security and Loss Prevention SECNAVINST 5430.107, Mission and Functions of the Naval Criminal Investigative
More informationDefense Security Service DELIVER! A Pamphlet On. How to Transmit and Transport Your Classified Materials. Prepared by
Defense Security Service DELIVER! A Pamphlet On How to Transmit and Transport Your Classified Materials Prepared by Information Security Team Department of Defense Security Institute Richmond, Virginia
More informationDEPARTMENT OF DEFENSE MANUAL V3_AIR FORCE MANUAL16-703V3 BY ORDER OF THE SECRETARY OF THE AIR FORCE 31 DECEMBER. Operations Support
BY ORDER OF THE SECRETARY OF THE AIR FORCE DEPARTMENT OF DEFENSE MANUAL 5205.07V3_AIR FORCE MANUAL16-703V3 31 DECEMBER Operations Support SPECIAL ACCESS PROGRAM (SAP) SECURITY MANUAL: PHYSICAL SECURITY
More informationOverview of Physical Security and Protective Measures
Overview of Physical Security and Protective Measures NAVFAC Northwest Presented by: Richard Cofer, P.E. Naval Facilities Engineering Command Atlantic Capital Improvements Business Line Engineering Criteria
More information1. Functions of the Air Force SCI Security Program and the Special Security Officer (SSO) System.
Template modified: 27 May 1997 14:30 BY ORDER OF THE SECRETARY OF THE AIR FORCE AIR FORCE INSTRUCTION 14-302 18 JANUARY 1994 Intelligence CONTROL, PROTECTION, AND DISSEMINATION OF SENSITIVE COMPARTMENTED
More informationDepartment of Defense INSTRUCTION. SUBJECT: DoD Information Security Program and Protection of Sensitive Compartmented Information
Department of Defense INSTRUCTION NUMBER 5200.01 October 9, 2008 SUBJECT: DoD Information Security Program and Protection of Sensitive Compartmented Information References: See Enclosure 1 USD(I) 1. PURPOSE.
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Physical Hunting Physical Hunting is employed to detect anomalies in the physical components, and vulnerabilities
More informationDepartment of Defense INSTRUCTION. DoD Unclassified Controlled Nuclear Information (UCNI)
Department of Defense INSTRUCTION NUMBER 5210.83 July 12, 2012 Incorporating Change 1, Effective February 22, 2018 USD(I) SUBJECT: DoD Unclassified Controlled Nuclear Information (UCNI) References: See
More informationDepartment of Homeland Security Management Directives System MD Number: Issue Date: 06/29/2004 PORTABLE ELECTRONIC DEVICES IN SCI FACILITIES
Department of Homeland Security Management Directives System MD Number: 11021 Issue Date: 06/29/2004 PORTABLE ELECTRONIC DEVICES IN SCI FACILITIES I. Purpose This Directive establishes policy and procedures
More informationStudent Guide - DSS Annual Security Awareness Training
Introduction - DSS Annual Security Awareness Training Hello, I m Tim Harrison, Chief of Security for the Defense Security Service (or DSS). Welcome to the DSS Annual Security Awareness Training. Here at
More informationINTELLIGENCE COMMUNITY STANDARD NUMBER 705-1
ICS 705-1 INTELLIGENCE COMMUNITY STANDARD NUMBER 705-1 PHYSICAL AND TECHNICAL SECURITY STANDARDS FOR SENSITIVE COMPARTMENTED INFORMATION FACILITIES (EFFK'TlVE: 17 SEPTEMBER 2010) A. AUTHORITY: The National
More informationSECURITY OF CLASSIFIED MATERIALS B STUDENT HANDOUT
UNITED STATES MARINE CORPS THE BASIC SCHOOL MARINE CORPS TRAINING COMMAND CAMP BARRETT, VIRGINIA 22134-5019 SECURITY OF CLASSIFIED MATERIALS B141176 STUDENT HANDOUT Basic Officer Course Introduction Importance
More informationSECURITY OF CLASSIFIED MATERIALS W130119XQ STUDENT HANDOUT
UNITED STATES MARINE CORPS THE BASIC SCHOOL MARINE CORPS TRAINING COMMAND CAMP BARRETT, VIRGINIA 22134-5019 SECURITY OF CLASSIFIED MATERIALS W130119XQ STUDENT HANDOUT Warrant Officer Basic Course Introduction
More informationIdentification and Protection of Unclassified Controlled Nuclear Information
ORDER DOE O 471.1B Approved: Identification and Protection of Unclassified Controlled Nuclear Information U.S. DEPARTMENT OF ENERGY Office of Health, Safety and Security DOE O 471.1B 1 IDENTIFICATION
More informationProtection of Classified National Intelligence, Including Sensitive Compartmented Information
Protection of Classified National Intelligence, Including Sensitive Compartmented Information 703 A. AUTHORITY 1. The National Security Act of 1947, as amended; Executive Order (EO) 12333, as amended;
More informationSecurity Asset Protection Professional Certification (SAPPC) Competency Preparatory Tools (CPT)
SAPPC Knowledge Checkup Please note: Cyber items are indicated with a ** at the end of the practice test questions. Question Answer Linked 1. What is the security professionals role in pursuing and meeting
More informationDEPARTMENT OF DEFENSE CONTRACT SECURITY CLASSIFICATION SPECIFICATION
1. CLEARANCE AND SAFEGUARDING DEPARTMENT OF DEFENSE CONTRACT SECURITY CLASSIFICATION SPECIFICATION a. FACILITY CLEARANCE REQUIRED b. LEVEL OF SAFEGUARDING REQUIRED Print TOP SECRET (The requirements of
More information8/15/2013. Security Incidents Involving Special Circumstances. Information Security Webinar. Danny Jennings. DCO Meeting Room Navigation
Incidents Involving Special Circumstances Information Webinar Danny Jennings Physical & General Curriculum Manager responsible for: Curriculum development Course instruction Curriculum review Retired military,
More informationSecurity Classification Guidance v3
Security Classification Guidance v3 September 2017 Center for Development of Security Excellence Lesson 1: Course Introduction Course Overview Welcome to the Security Classification Guidance Course. The
More informationFor Security Professionals in the Combat Environment. October 2012
Deployable Security Trainer For Security Professionals in the Combat Environment October 2012 OCTOBER Deployable 2011 Security Trainer OCTOber 2012 1 Deployable Security Trainer OCTOBER 2012 2 TABLE OF
More informationDepartment of Defense DIRECTIVE
Department of Defense DIRECTIVE NUMBER 5105.68 May 3, 2002 Certified Current as of November 21, 2003 SUBJECT: Pentagon Force Protection Agency DA&M References: (a) Title 10, United States Code (b) DoD
More informationProcedural Guidance for Conducting DoD Classified Conferences
Procedural Guidance for Conducting DoD Classified Conferences Prepared By July 2008 Security professionals may find this guidance useful when they are involved in hosting/coordinating DoD classified conferences.
More informationGeneral Security. Question Answer Policy Resource
General Security Briefly define a Special Access Program. A program established for a specific class of classified information that imposes safeguarding and access requirements that exceed those normally
More informationStudent Guide Course: Original Classification
Course: Original Classification Lesson: Course Introduction Course Information Purpose Audience Pass/Fail % Estimated completion time Define original classification and identify the process for determining
More informationNATO SECURITY INDOCTRINATION
NATO SECURITY INDOCTRINATION This security briefing contains the minimum elements of information that must be provided to individuals upon initial indoctrination for access to NATO classified information.
More informationDepartment of Health and Human Services (HHS) National Security Information Manual, February 1, 2005
Description of document: Requested date: Released date: Posted date: Source of document: Department of Health and Human Services (HHS) National Security Information Manual, February 1, 2005 07-June-2011
More informationDepartment of Defense INSTRUCTION
Department of Defense INSTRUCTION NUMBER 5205.08 November 8, 2007 USD(I) SUBJECT: Access to Classified Cryptographic Information References: (a) DoD Directive 5205.8, subject as above, February 20, 1991
More informationBY ORDER OF THE SECRETARY OF THE AIR FORCE AIR FORCE HEADQUARTERS OPERATING INSTRUCTION APRIL Security
BY ORDER OF THE SECRETARY OF THE AIR FORCE AIR FORCE HEADQUARTERS OPERATING INSTRUCTION 31-2 1 APRIL 1998 Security POLICY AND PROCEDURES FOR HANDLING AND SAFEGUARDING NORTH ATLANTIC TREATY ORGANIZATION
More informationREPORT ON COST ESTIMATES FOR SECURITY CLASSIFICATION ACTIVITIES FOR 2005
REPORT ON COST ESTIMATES FOR SECURITY CLASSIFICATION ACTIVITIES FOR 2005 BACKGROUND AND METHODOLOGY As part of its responsibilities to oversee agency actions to ensure compliance with Executive Order 12958,
More informationSUBJECT: Directive-Type Memorandum (DTM) Law Enforcement Reporting of Suspicious Activity
THE UNDER SECRETARY OF DEFENSE 2000 DEFENSE PENTAGON WASHINGTON, D.C. 20301-2000 POLICY October 1, 2010 MEMORANDUM FOR: SEE DISTRIBUTION SUBJECT: Directive-Type Memorandum (DTM) 10-018 Law Enforcement
More informationCOMPLIANCE WITH THIS PUBLICATION IS MANDATORY
BY ORDER OF THE COMMANDER AIR MOBILITY COMMAND (AMC) AIR MOBILITY COMMAND INSTRUCTION 16-1404 21 FEBRUARY 2017 Operations TOP SECRET CONTROL COMPLIANCE WITH THIS PUBLICATION IS MANDATORY ACCESSIBILITY:
More informationDepartment of Defense DIRECTIVE
Department of Defense DIRECTIVE NUMBER 5105.68 December 19, 2008 DA&M SUBJECT: Pentagon Force Protection Agency (PFPA) References: See Enclosure 1 1. PURPOSE. This Directive, under the authority vested
More informationInitial Security Briefing
UNIVERSITY OF CALIFORNIA BERKELEY DAVIS IRVINE LOS ANGELES MERCED RIVERSIDE SAN DIEGO SAN FRANCISCO SANTA BARBARA SANTA CRUZ Initial Security Briefing This briefing paper sets forth certain basic Federal
More informationStudent Guide: North Atlantic Treaty Organization
Length Two (2) Hours Description This course provides the student with a basic understanding of NATO information security procedures, access requirements, personnel and facility security requirements,
More informationDirector of Central Intelligence Directive 1/19. Security Policy for Sensitive Compartmented Information and Security Policy Manual
PDF Version Director of Central Intelligence Directive 1/19 Security Policy for Sensitive Compartmented Information and Security Policy Manual (Effective 1 March 1995) Pursuant to the provisions of the
More informationDepartment of Defense DIRECTIVE. SUBJECT: Department of Defense Unclassified Controlled Nuclear Information (DoD UCNI)
Department of Defense DIRECTIVE NUMBER 5210.83 November 15, 1991 Certified Current as of November 24, 2003 Incorporating Change 1, November 16, 1994 ASD(C3I) SUBJECT: Department of Defense Unclassified
More informationD T- I C References: (a) DoD Directive , "Telephone A D A. REISSUANCE AND PURPOSE AD-A Department of Defense Directive.
AD-A271 072 1111 11111January gil 1111111111M Iq/J-)~ 15 80 NUMBER 464d.1 D T- ELEC T Department of Defense Directive USD(P) SUBJECT Telephone Monitoring and Recording I C References: (a) DoD Directive
More informationOverview of Electronic Security Systems
Overview of Electronic Security Systems NAVFAC Northwest Presented by: Richard Cofer, P.E. Naval Facilities Engineering Command Atlantic Capital Improvements Business Line Engineering Criteria and Programs
More informationDepartment of Defense MANUAL
Department of Defense MANUAL NUMBER O-5205.13 April 26, 2012 DoD CIO SUBJECT: Defense Industrial Base (DIB) Cyber Security and Information Assurance (CS/IA) Program Security Classification Manual (SCM)
More informationArmy Regulation Security. Department of the Army. Information Security Program. Headquarters. Washington, DC 29 September 2000 UNCLASSIFIED
Army Regulation 380 5 Security Department of the Army Information Security Program Headquarters Department of the Army Washington, DC 29 September 2000 UNCLASSIFIED SUMMARY of CHANGE AR 380 5 Department
More informationPERSONALLY IDENTIFIABLE INFORMATON (PII)
PERSONALLY IDENTIFIABLE INFORMATON (PII) 1 PII - REFERENCES DOD 5400.11-R, DoD Privacy Act Program, May 07 OSD Memo, Subj: Safeguarding Against and Responding to the Breach of Personally Identifiable Information,
More informationSYNOPSIS of an INDUSTRIAL SECURITY MANUAL
GG-1 MULTINATIONAL INDUSTRIAL SECURITY WORKING GROUP MISWG Document Number 24 09 September 2010 SYNOPSIS of an INDUSTRIAL SECURITY MANUAL PART I: PART II: PART III: PART IV: PART V: Foreword Table of Contents
More informationDepartment of the Army TRADOC Memorandum Headquarters, United States Army Training and Doctrine Command Fort Eustis, Virginia
Department of the Army TRADOC Memorandum 380-5 Headquarters, United States Army Training and Doctrine Command Fort Eustis, Virginia 23604-5700 22 August 2016 Administration-General INFORMATION SECURITY
More informationCOMPLIANCE WITH THIS PUBLICATION IS MANDATORY
BY ORDER OF THE COMMANDER EDWARDS AIR FORCE BASE AIR FORCE INSTRUCTION 31-401 EDWARDS AIR FORCE BASE Supplement 6 DECEMBER 2013 Security INFORMATION SECURITY PROGRAM MANAGEMENT COMPLIANCE WITH THIS PUBLICATION
More informationSubj: CHIEF OF NAVAL AIR TRAINING ANTITERRORISM PLAN
CNATRA STAFF INSTRUCTION 3300.1A DEPARTMENT OF THE NAVY CHIEF OF NAVAL AIR TRAINING 250 LEXINGTON BLVD SUITE 102 CORPUS CHRISTI TX 78419-5041 CNATRASTAFFINST 3300.1A 00 Subj: CHIEF OF NAVAL AIR TRAINING
More informationDEPARTMENT OF DEFENSE (DoD) INITIAL TRAINING GUIDE
DEPARTMENT OF DEFENSE (DoD) INITIAL TRAINING GUIDE Lockheed Martin Security TABLE OF CONTENTS Congratulations 2 Introduction 3 Reporting Requirements 4 Procedures and Duties 5 Safeguarding 6 Reproduction
More informationCity of Virginia Beach Police Department
City of Virginia Beach Police Department Bomb Threat Explosive Device Response Field Guide A Guide for Department Personnel Methods for the Appropriate Response to Bomb Threats and Explosive Devices This
More informationPHILADELPHIA POLICE DEPARTMENT DIRECTIVE 4.5
PHILADELPHIA POLICE DEPARTMENT DIRECTIVE 4.5 Issued Date: 05-10-13 Effective Date: 05-10-13 Updated Date: SUBJECT: BOMB SCARES, EXPLOSIVE DEVICES AND EXPLOSIONS 1. POLICY A. The discovery of explosive
More informationChapter 9 Legal Aspects of Health Information Management
Chapter 9 Legal Aspects of Health Information Management EXERCISE 9-1 Legal and Regulatory Terms 1. T 2. F 3. F 4. F 5. F EXERCISE 9-2 Maintaining the Patient Record in the Normal Course of Business 1.
More informationOVERLOOK SYSTEMS TECHNOLOGIES, INC. Standard Practice Procedure
OVERLOOK SYSTEMS TECHNOLOGIES, INC. Standard Practice Procedure for Safeguarding Classified Information 25 March 2013 FOREWORD As stated in the Overlook Security Policy, dated 23 January 2013, Overlook
More informationDepartment of Defense MANUAL
Department of Defense MANUAL NUMBER 5205.07, Volume 1 June 18, 2015 Incorporating Change 1, Effective February 12, 2018 USD(I) SUBJECT: DoD Special Access Program (SAP) Security Manual: General Procedures
More informationDoD M OPERATING MANUAL. February
DoD 5220.22-M OPERATING MANUAL February 2006 http://www.ncms-isp.org/nispom_200602_with_isls.pdf NISPOM Hyper-Link and Color-Code Guide All hyper-links that take you to a specific reference have a corresponding
More informationIndustrial Security Program
Army Regulation 380 49 Security Industrial Security Program Headquarters Department of the Army Washington, DC 20 March 2013 UNCLASSIFIED SUMMARY of CHANGE AR 380 49 Industrial Security Program This major
More informationDepartment of Defense INSTRUCTION
Department of Defense INSTRUCTION NUMBER 5100.76 February 28, 2014 USD(I) SUBJECT: Safeguarding Sensitive Conventional Arms, Ammunition, and Explosives (AA&E) References: See Enclosure 1 1. PURPOSE. This
More informationDODEA ADMINISTRATIVE INSTRUCTION , VOLUME 1 DODEA PERSONNEL SECURITY AND SUITABILITY PROGRAM
DODEA ADMINISTRATIVE INSTRUCTION 5210.03, VOLUME 1 DODEA PERSONNEL SECURITY AND SUITABILITY PROGRAM Originating Component: Security Management Division Effective: March 23, 2018 Releasability: Cleared
More informationIntroduction to Industrial Security, v3
Introduction to Industrial Security, v3 September 2017 Center for Development of Security Excellence Lesson 1: Course Introduction Introduction Introduction Subcontractor CEO: I m really excited -- my
More informationAPPENDIX N. GENERIC DOCUMENT TEMPLATE, DISTRIBUTION STATEMENTS AND DOCUMENT DATA SHEET and THE IMPORTANCE OF MARKING DOCUMENTS
APPENDIX N GENERIC DOCUMENT TEMPLATE, DISTRIBUTION STATEMENTS AND DOCUMENT DATA SHEET and THE IMPORTANCE OF MARKING DOCUMENTS This Appendix describes requirements for using a standardized document template,
More informationDepartment of Defense DIRECTIVE. SUBJECT: Security Requirements for Automated Information Systems (AISs)
Department of Defense DIRECTIVE NUMBER 5200.28 March 21, 1988 SUBJECT: Security Requirements for Automated Information Systems (AISs) USD(A) References: (a) DoD Directive 5200.28, "Security Requirements
More informationEXECUTIVE ORDER 12333: UNITED STATES INTELLIGENCE ACTIVITIES
EXECUTIVE ORDER 12333: UNITED STATES INTELLIGENCE ACTIVITIES (Federal Register Vol. 40, No. 235 (December 8, 1981), amended by EO 13284 (2003), EO 13355 (2004), and EO 13470 (2008)) PREAMBLE Timely, accurate,
More informationTECHNICAL SPECIFICATIONS FOR CONSTRUCTION
TECHNICAL SPECIFICATIONS FOR CONSTRUCTION AND MANAGEMENT OF SENSITIVE COMPARTMENTED INFORMATION FACILITIES VERSION 1.1 IC Tech Spec for ICD/ICS 705 An Intelligence Community Technical Specification Prepared
More informationDepartment of Defense DIRECTIVE
Department of Defense DIRECTIVE NUMBER 5240.02 March 17, 2015 USD(I) SUBJECT: Counterintelligence (CI) References: See Enclosure 1 1. PURPOSE. This directive: a. Reissues DoD Directive (DoDD) O-5240.02
More informationDepartment of Defense INSTRUCTION
Department of Defense INSTRUCTION NUMBER 3305.12 October 14, 2016 Incorporating Change 1, Effective February 26, 2018 USD (I) SUBJECT: Intelligence and Counterintelligence (I&CI) Training of Non-U.S. Persons
More informationDerivative Classifier Training
As a cleared contractor employee that creates classified materials you are considered a derivative classifier as outlined in the presidents Executive Order (E.O.) 13526. Page 1 of 21 Derivative classifiers
More informationTHE WHITE HOUSE. Office of the Press Secretary. For Immediate Release January 17, January 17, 2014
THE WHITE HOUSE Office of the Press Secretary For Immediate Release January 17, 2014 January 17, 2014 PRESIDENTIAL POLICY DIRECTIVE/PPD-28 SUBJECT: Signals Intelligence Activities The United States, like
More informationCOMPLIANCE WITH THIS PUBLICATION IS MANDATORY
BY ORDER OF THE COMMANDER OFFUTT AIR FORCE BASE AIR FORCE INSTRUCTION 31-401 OFFUTT AIR FORCE BASE Supplement 28 JANUARY 2015 Security INFORMATION SECURITY COMPLIANCE WITH THIS PUBLICATION IS MANDATORY
More informationBY ORDER OF THE HEADQUARTERS OPERATING INSTRUCTION 10-1 SECRETARY OF THE AIR FORCE 21 October 2011 COMPLIANCE WITH THIS PUBLICATION IS MANDATORY
BY ORDER OF THE HEADQUARTERS OPERATING INSTRUCTION 10-1 SECRETARY OF THE AIR FORCE 21 October 2011 Operations Headquarters Air Force Emergency Response on the Pentagon Reservation COMPLIANCE WITH THIS
More informationPROCEDURAL MANUAL SAFEGUARDING INFORMATION DESIGNATED AS CHEMICAL-TERRORISM VULNERABILITY INFORMATION (CVI)
PROCEDURAL MANUAL SAFEGUARDING INFORMATION DESIGNATED AS CHEMICAL-TERRORISM VULNERABILITY INFORMATION (CVI) June 2007 Approved for Release: Lawrence Stanton Director (Acting), CSCD Andrew J. Puglia Levy
More informationCourse No. S-3C-001 Exercise Guide Lesson Topic 8.2 ASSIGNMENT SHEET 8.2. Security Incidents Team Exercise
INTRODUCTION ASSIGNMENT SHEET 8.2 Security Incidents Team Exercise This exercise provides practical application of information provided in Lesson Topic 8.1, Loss and Compromise of Classified Information.
More informationThis page left blank.
This page left blank. Introduction 2 Reminders 2 SECTION 1 Originally Classified Documents 3 Portion Marking 5 Overall Classification Marking 6 Classification Authority Block Classified By line 7 Reason
More informationDepartment of Defense MANUAL
Department of Defense MANUAL NUMBER 5105.21, Volume 3 October 19, 2012 Incorporating Effective April 5, 2018 USD(I) SUBJECT: Sensitive Compartmented Information (SCI) Administrative Security Manual: Administration
More informationDefense Security Service Academy OCA Desk Reference Guide
Defense Security Service Academy OCA Desk Reference Guide May 007 Final Page OCA Decision Aid The safety and security of the United States depend upon the protection of sensitive information. Classification
More informationDepartment of Defense DIRECTIVE
Department of Defense DIRECTIVE NUMBER 5200.39 September 10, 1997 SUBJECT: Security, Intelligence, and Counterintelligence Support to Acquisition Program Protection ASD(C3I) References: (a) DoD Directive
More informationDepartment of Defense INSTRUCTION. SUBJECT: Security of Unclassified DoD Information on Non-DoD Information Systems
Department of Defense INSTRUCTION NUMBER 8582.01 June 6, 2012 Incorporating Change 1, October 27, 2017 SUBJECT: Security of Unclassified DoD Information on Non-DoD Information Systems References: See Enclosure
More informationQuestion Distractors References Linked Competency
SFPC Example Questions Please note: Cyber items are indicated with a ** at the end of the practice test questions. 1. Which of the following is a true statement regarding the special handling requirements
More informationJoint Base Lewis-McChord (JBLM), WA Network Enterprise Center (NEC) COMPUTER-USER AGREEMENT Change 1 (30 Jun 2008)
Joint Base Lewis-McChord (JBLM), WA Network Enterprise Center (NEC) COMPUTER-USER AGREEMENT Change 1 (30 Jun 2008) Your Information Management Officer (IMO), System Administrator (SA) or Information Assurance
More informationCOMPLIANCE WITH THIS PUBLICATION IS MANDATORY
BY THE ORDER OF THE COMMANDER NORAD AND USNORTHCOM NORAD AND USNORTHCOM INSTRUCTION 33-172 11 JUNE 2010 CURRENT AND ESSENTIAL, 27 OCT 12 Communication and Information NETWORK CLASSIFIED MATERIAL INCIDENT
More informationDepartment of Defense INSTRUCTION. Access to and Dissemination of Restricted Data and Formerly Restricted Data
Department of Defense INSTRUCTION NUMBER 5210.02 June 3, 2011 Incorporating Change 1, October 25, 2017 USD(I) SUBJECT: Access to and Dissemination of Restricted Data and Formerly Restricted Data References:
More informationModel Policy. Active Shooter. Updated: April 2018 PURPOSE
Model Policy Active Shooter Updated: April 2018 I. PURPOSE Hot Zone: A geographic area, consisting of the immediate incident location, with a direct and immediate threat to personal safety or health. All
More informationEvaluation Questions for Lesson 3.6
Evaluation Notes on Use: Types of learning evaluation questions are: 1) Narrative 2) Fill in the blank/sentence completion 3) True-False Combine in different ways for pre-assessment and post-assessment.
More informationDepartment of Defense MANUAL
Department of Defense MANUAL SUBJECT: DoD Operations Security (OPSEC) Program Manual References: See Enclosure 1 NUMBER 5205.02-M November 3, 2008 Incorporating Change 1, Effective April 26, 2018 USD(I)
More informationCOMPLIANCE WITH THIS PUBLICATION IS MANADATORY
BY ORDER OF THE COMMANDER 403D WING 403D WING INSTRUCTION 10-245 14 JANUARY 2014 Operations ANTITERRORISM PROGRAM COMPLIANCE WITH THIS PUBLICATION IS MANADATORY ACCESSIBILITY: Publication and forms are
More informationDepartment of Defense DIRECTIVE
Department of Defense DIRECTIVE NUMBER 5210.56 November 1, 2001 Incorporating Change 1, January 24, 2002 SUBJECT: Use of Deadly Force and the Carrying of Firearms by DoD Personnel Engaged in Law Enforcement
More information805C-COM-6004 Supervise Unit Postal Services Status: Approved
Report Date: 13 Feb 2018 805C-COM-6004 Supervise Unit Postal Services Status: Approved Distribution Restriction: Approved for public release; distribution is unlimited. Destruction Notice: None Foreign
More informationDepartment of Defense MANUAL. DoD Information Security Program: Controlled Unclassified Information (CUI)
Department of Defense MANUAL NUMBER 5200.01, Volume 4 February 24, 2012 Incorporating Change 1, Effective May 9, 2018 USD(I) SUBJECT: DoD Information Security Program: Controlled Unclassified Information
More informationRevised Mar Standard Practice Procedures For Security Services. George Mason University 4400 University Drive, MSN 6D4, Fairfax, Virginia 22030
Standard Practice Procedures For Security Services George Mason University 4400 University Drive, MSN 6D4, Fairfax, Virginia 22030 1 Letter of Promulgation George Mason University (Mason) has entered into
More informationDefense Security Service Intelligence Oversight Awareness Training Course Transcript for CI
Welcome In a 2013 testimony to congress on Foreign Intelligence Surveillance, the former Director of National Intelligence, LT GEN James Clapper (Ret) spoke about limitations to intelligence activities
More informationFLORIDA DEPARTMENT OF JUVENILE JUSTICE POLICIES AND PROCEDURES
POLICIES AND PROCEDURES Assistant Secretary or EMT Member /s/ Larry Lumpee, Assistant Secretary for Detention Services Subject Detention Services - Security Authority Chapter 985, Fla. Stat. Effective
More informationDepartment of Defense DIRECTIVE
Department of Defense DIRECTIVE NUMBER 5205.8 February 20, 1991 Certified Current as of February 20, 2004 SUBJECT: Access to Classified Cryptographic Information ASD(C3I) References: (a) National Telecommunications
More informationDeclassification Options and Requirements
Options and Requirements Information Security Webinar Marc Brandsness Security Asset Protection Professional Certification (SAPPC) Retired US Air Force-Security Forces with over 25 years of Law Enforcement
More informationDepartment of Defense DIRECTIVE
Department of Defense DIRECTIVE SUBJECT: Defense Security Service (DSS) References: See Enclosure 1 NUMBER 5105.42 August 3, 2010 Incorporating Change 1, March 31, 2011 DA&M 1. PURPOSE. Pursuant to the
More informationPlanning Terrorism Counteraction ANTITERRORISM
CHAPTER 18 Planning Terrorism Counteraction At Army installations worldwide, terrorism counteraction is being planned, practiced, assessed, updated, and carried out. Ideally, the total Army community helps
More informationDepartment of Defense INSTRUCTION
Department of Defense INSTRUCTION NUMBER 5200.39 May 28, 2015 Incorporating Change 1, November 17, 2017 USD(I)/USD(AT&L) SUBJECT: Critical Program Information (CPI) Identification and Protection Within
More informationQuestion Distractors References Linked Competency
ISOC Example Questions 1. Which statement regarding a corporation s common business structure and Facility Security Clearances (FCLs) is TRUE? Select all that apply. a. If a director does not require access
More informationBY ORDER OF THE COMMANDER OFFUTT AFB INSTRUCTION OFFUTT AIR FORCE BASE 10 JANUARY COMPLIANCE WITH THIS PUBLICATION IS MANDATORY
BY ORDER OF THE COMMANDER OFFUTT AFB INSTRUCTION 31-125 OFFUTT AIR FORCE BASE 10 JANUARY 2017 10 Security LAW ENFORCEMENT OFFICERS SAFETY ACT (LEOSA) CONCEAL-CARRY AUTHORIZATION ON OFFUTT AFB COMPLIANCE
More informationDepartment of Defense INSTRUCTION
Department of Defense INSTRUCTION NUMBER 5030.59 March 10, 2015 Incorporating Change 1, Effective May 8, 2018 USD(I) SUBJECT: National Geospatial-Intelligence Agency (NGA) LIMITED DISTRIBUTION Geospatial
More informationPersonnel Clearances in the NISP
Personnel Clearances in the NISP Student Guide August 2016 Center for Development of Security Excellence Lesson 1: Course Introduction Course Introduction Course Information Welcome to the Personnel Clearances
More information