THE SECURITY CLASSIFICATION SYSTEM

CONTENTS Why the Security Classification System How is information classified How is classified information marked Government and contractor responsibilities Test

 How do classified items receive their designations?  Who is responsible for assigning classification levels?  What recourse do security managers have after discovering a classification error?  Can anything be assigned a classification level by anyone?  These are questions that come to the minds of many who safeguard or work with classified material. Although there is guidance to demonstrate proper control, accountability, documentation, storage, dissemination and destruction of classified material, many practitioners do not understand the fundamentals. Executive Order provides the history, disposition and future status of classified information. CONTENTS

WHY ASSIGN CLASSIFICATION SYSTMS “It has been estimated by some intelligence experts that Mr. Walker provided enough code-data information to alter significantly the balance of power between Russia and the United States” John Oconner, New York Times For over 18 years John A. Walker, Jr. had sold secrets during and after his career in the Navy. Though entrusted with a security clearance and a “need-to know”, he did not demonstrate the trustworthiness of which his thorough background investigation deemed him worthy. When the opportunity revealed itself, he took advantage of his position and responsibilities to smuggle classified information to his Russian connections. During the investigation into his arrest, authorities discovered a complex spy ring consisting of family members and other recruited operatives. Walker had earned the trust and cooperation of his family to commit one of the most notorious of all cases of espionage. As a result of his crimes, he received a two life terms plus 10 year, his son received 25 years and the damage to the U.S. national security was tremendous.

NISP is designed Safeguard classified information that has been or may be released to… “current, prospective, or former contractors, licensees, or grantees of United States agencies”. It is also designed to provide for the protection of classified material as outlined in EO and the Atomic Energy Act of 1954, as amended. NATIONAL INDUSTRIAL SECURITY PROGRAM

 The NISPOM is the primary regulatory reference for performing industrial security  The Department of Defense consults with Secretary of Energy, the Nuclear Regulatory Commission and the Director of Central Intelligence to issue and maintain the NISPOM  It is up to the contractor and each agency work together to meet the NISPOM’s intent NISPOM The NISPOM provides restrictions, rules, guidelines and procedures for preventing unauthorized disclosure of classified material; it is the primary regulatory reference for performing industrial security.

 The Secretary of Energy and the Nuclear Regulatory Commission have the lead in detailing requirements for protecting classified information identified in the Atomic Energy Act of 1954  The Director of Central Intelligence will provide a section for intelligence sources and methods, to include Sensitive Compartmented Information (SCI)  However, in this coordination each agency maintains its authority  The NISPOM applies to authorized users of classified information and equips those working on classified contracts with critical instruction on how to implement the NISP in their organizations  It is up to the contractor and the oversight agency to work together to provide accurate interpretation of the guidelines to the specific classified contract requirements. NISPOM

All agencies apply three factors to the concept of Risk Management 1.Damage to national security 2.Existing or anticipated threat to disclosure of information. 3.Short and long term costs of the requirements, restrictions, and other safeguards NATIONAL INDUSTRIAL SECURITY PROGRAM (NISPOM) The second and third factors aren’t spelled out in the NISPOM, but are recognized as legitimate concerns to prevent the NISP from becoming a burden to industry

 The Secretary of Defense and the other identified agencies apply the concept of Risk Management while implementing the NISPOM  Astute Industrial Security managers develop risk management analysis to better interpret the risk and discover the potential impact. They will also develop solutions to reduce the risk and the predicted damage. The bottom line is to reduce the probability of unauthorized disclosure of classified information NATIONAL INDUSTRIAL SECURITY PROGRAM (NISPOM)

 Provides Classified National Security Information and delivers a cohesive method for designation classification  The Government has designed stringent policy to ensure that classified material is protected at the level necessary to prevent unauthorized disclosure. EXECUTIVE ORDER 13526

 CONFIDENTIAL information could reasonably be expected cause damage  SECRET could reasonably be expected to cause serious damage  TOP SECRET could reasonably be expected to cause exceptionally grave damage to national security THREE DESINGNATIONS FOR CLASSIFIED Caution: Classified information should not be confused with the proprietary information sometimes referred to as company confidential or secret.

Classifications are not assigned unless:  An original classification authority (OCR) is applying the classification level  The U.S. Government owns, is producing, or is controlling the information  Information meets one of eight categories  The OCR determines unauthorized disclosure could cause damage to national security to include transnational terrorism and they can identify or describe the damage. CONDITIONS FOR CLASSIFICATION

 According to a report from the Chairman of the House National Security Subcommittee, 10% of secrets should have never been classified and that nearly 90% of classified information has been over- classified  A Defense Security Services report stated in 2003 nearly $6.5 billion was spent to classify information  To prevent such abuse, the Executive Order provides guidance to train and prevent classification authorities from arbitrarily assigned a classification level CONDITIONS FOR CLASSIFICATION

1.Military plans, weapons systems or operations  The U.S. armed forces not only safeguards, but provides instructions for protecting the specifics of their weapons and plans. If these strategies and operations were released to the wrong hands, the information would damage national security and adversely affect our ability to defend ourselves. 2. Foreign government information  This knowledge includes what the U.S. Government may already know about other governments. This gives the U.S. the advantage of knowing information that another country thinks is protected. WHAT ARE THE EIGHT CATEGORIES

3.Intelligence activities, sources, or methods or cryptology  One can imagine what damage could take place if any intelligence gathering sources, methods or activities were compromised. The suspecting adversary could become aware of the threat and cease their activity or design countermeasures designed to thwart future efforts. WHAT ARE THE EIGHT CATEGORIES

4.Foreign relations or activities of the United States including confidential sources  This information is specified U.S. foreign policy activities and sources friendly to U.S. efforts and U.S. organizations. Such is protected to ensure the safety of the relations and success of the activities. Compromise of any of the sources could cause damage to National Security as they are denied further access. 5.Scientific, technological, or economic matters relating to national security, including defense against transnational terrorism  Unauthorized access to national security-related U.S. scientific, technological, and economic data could compromise plans, production, and strategies and leave certain vulnerabilities. WHAT ARE THE EIGHT CATEGORIES

6.U.S. programs for safeguarding nuclear materials or facilities  For nuclear activities, the Department of Energy and the Nuclear Regulation Commission provide specific guidance to ensure the best protection. Vulnerabilities and strengths are assessed to ensure the best possible measures are in place to protect these items. Plans, strategies and programs are only effective if enforced AND access is limited. WHAT ARE THE EIGHT CATEGORIES

7.Vulnerabilities of systems, installations, infrastructures, projects, plans or protection services related to national security including terrorism  Security managers assess strengths and to ensure the best possible measures are in place to protect these items. Plans, strategies and programs are only effective if enforced AND access is limited. An adversary could use the programs to gain advantages, steal, damage or destroy systems, installations, infrastructures, projects, plans or protection services. 8.Weapons of Mass Destruction  Information fitting this category is classified to prevent unauthorized disclosure. Such unauthorized disclosure could make the U.S. vulnerable to adversaries to include transnational terrorists. WHAT ARE THE EIGHT CATEGORIES

 Classified material should always display proper markings at all times  The classified information will have markings displayed in a specific manner based on the type of media (compact disk, cassette, book, map and etc.)  Furthermore, the classification should identify which pages, paragraphs and portions are classified and unclassified. CLASSIFICATION MARKINGS

EXAMPLES OF DOCUMENT MARKINGS Overall Page Markings Portion Marking Classification Information Notice that the document has a top and bottom marking at the highest level of classification on the page and appropriate levels of classification for the information in the paragraph.

 Limits to classification  A classification cannot be assigned to hide legal violations, inefficiencies or mistakes  Nor can the classification authorities assigned to prevent embarrassment, prevent or restrict competition or delay the release of information that hasn’t previously required such a level of protection LET’S CLASSIFY IT ALL JUST TO BE SURE Users of Classified material have an obligation to challenge classification that violate any of the above

 Holders of classified information may discover that the classification level may be inappropriate or unnecessary. These holders have a duty to report their beliefs.  Such reports are to be handled with the agency authorities and reviewed for a decision.  The agency heads or senior officials also need to ensure there is no retribution for the report as well as notifying the individuals that they have a right to appeal the agency decisions to the Interagency Security Classification Appeals Panel. CAN’T WE JUST CLASSIFY IT ALL JUST TO BE SURE Users of Classified material have an obligation to challenge classification that violate any of the above

 Anyone desiring access to classified information must possess a security clearance and have “need to know”  Security clearances are issued after a favorable investigation and a determination is made. CLEARANCE AND “NEED TO KNOW”

 Classified users are trained in proper safeguarding and sanctions imposed on those who fail to protect it from unauthorized disclosure  Each originating agency must provide instructions on the proper protection, use, storage, transmission and destruction of the information WE ARE PROVIDED INSTRUCIONS OF USE

 DON’T BEGIN CLASSIFIED WORK WITHOUT  DDFORM254-Provides instructions on how, when and where to perform on a classified contract  SECURITY CLASSIFICATION GUIDE- Designed to notify what is classified and to what level. A security classification guide is assigned to each classified project. WE ARE PROVIDED INSTRUCIONS OF USE

 The NISP is created to protect classified information  Three factors are considered before implementing the NISPOM:  level of damage to national security  existing or anticipate threat to disclosure  long and short term costs  Presidential Executive Order delivers a cohesive method for designation classification, protecting and declassifying national security information  Classified material should always be marked with the correct level SUMMARY

O’Connor, John, “TV View; American Spies In Pursuit Of The American Dream”, New York Times, NY, , Feb 4, The President, Executive Order 12829—National Industrial Security Program (Federal Register, Jan 1993) pg The President, Executive Order 13292, Further Amendment to Executive Order 13526, As Amended, Classified National Security Information—National Industrial Security Program (Federal Register, Mar 2003) Sec. 1-2 “Too Many Secrets: Overclassification As A Barrier To Critical Information Sharing”, (Hearing Before The Subcommittee On National Security, Emerging Threats And International Relations Of The Committee On Government Reform House Of Representatives One Hundred Eighth Congress Second Session August 24, 2004) Serial No , Available Via The World Wide Web: and Report Card, Quantitative Indicators in Secrecy of the Federal Government”, ( August 2004). REFERENCES

Click on the correct answers TEST

1.All of the following are classifications except: A.TOP SECRETTOP SECRET B.CONFIDENTIALCONFIDENTIAL C.SECRETSECRET D.FOR OFFICIAL USE ONLYFOR OFFICIAL USE ONLY 2.All of the following are conditions to be met before classifying an item except A.Original Classification Authority is involvedOriginal Classification Authority is involved B.U.S. Government owns itU.S. Government owns it C.Information could cause damage to national securityInformation could cause damage to national security D.Information could cause embarrassment to the PresidentInformation could cause embarrassment to the President 3.Anyone with a SECRET clearance can access classified at the CONFIDENTIAL level A.TrueTrue B.FalseFalse 4.All must be considered before the Government implements NISPOM except A.Cost of implementationCost of implementation B.Threat to disclosureThreat to disclosure C.Damage to National SecurityDamage to National Security D.Buy-in by contractorsBuy-in by contractors TEST-SELECT THE CORRECT ANSWER

5.Which of the following is described as possible damage for unauthorized disclosure of SECRET A.Causes extremely serious damageCauses extremely serious damage B.Causes damageCauses damage C.Causes extremely grave damageCauses extremely grave damage D.Causes serious damageCauses serious damage 6.Presidential Executive Order implemented the National Industrial Security Program A.TrueTrue B.FalseFalse TEST-SELECT THE CORRECT ANSWER

Go Back!

Go Back!

Go Back!

Go Back!

CERTIFICATE