DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE...
-
Upload
jaheem-herald -
Category
Documents
-
view
238 -
download
0
Transcript of DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE...
![Page 1: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/1.jpg)
DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND
OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP
Greg Pannoni, Associate Director, Operations and Industrial SecurityInformation Security Oversight OfficeNational Archives and Records Administration
![Page 2: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/2.jpg)
Overview
• ISOO Goals and Functions
• National Industrial Security Program (NISP) (E.O. 12829)• NISP Policy Advisory Committee and its Working Groups
• Classified National Security Information (E.O. 13526)
− Derivative Classification Training and Implementation
• Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information (E.O. 13587)
• Classified National Security Information Program for State, Local, Tribal, Private Sector Entities (SLTPS) (E.O. 13549)
• Controlled Unclassified Information (CUI) (E.O. 13556)
2
![Page 3: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/3.jpg)
3
What are ISOO’s Goals?
• Ensure Safeguarding of Classified National Security Information in a Cost-Effective & Efficient Manner
• Eliminate Redundant, Overlapping, or Unnecessary Requirements that Impede National Security Interests
• Ensure Government / Industry Partnership in the Protection of Classified Information
• Hold Classification Activity to the Minimum Necessary to Protect National Security
• Promote Declassification & Public Access to Information as Soon as National Security Considerations Permit
![Page 4: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/4.jpg)
How does ISOO Function?
• Develops, coordinates and issues implementing directives and instructions regarding Executive Orders 13526, 12829, and 13556 that are binding on executive branch agencies.
• Provides oversight and maintains continuous liaison with agency’s on all matters relating to the Government-wide security classification program and the NISP.
• Annually reports relevant data regarding each agency's security classification programs, to include costs, to the President.
• Recommends policy changes to the President through the National Security Advisor.
4
![Page 5: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/5.jpg)
NISP POLICY RELATIONSHIPS
5
E.O. 12829
NATIONAL INDUSTRIAL SECURITY PROGRAM
E.O. 13587
STRUCTURAL REFORMS TO IMPROVE THE SECURITY OF CLASSIFIED NETWORKS AND THE RESPONSIBLE SHARING OF
CLASSIFIED INFORMATION
E.O. 13526
CLASSIFIED NATIONAL SECURITY INFORMATION
E.O. 13549
Classified National Security Information Program for State, Local, Tribal, &
Private Sector Entities
![Page 6: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/6.jpg)
NISP Policy Advisory Committee (NISPPAC)
• Membership Director ISOO – Chairman Representatives of Government agencies (15 members) Nongovernmental (Industry) representatives (8 members)
• Functions – Advise the Chairman: On all matters concerning the policies of the NISP Serves as a forum to discuss policy issues in dispute
• Authority Executive Order No. 12829, National Industrial Security Program
Subject to Federal Advisory Committee Act (FACA), The Freedom of Information Act (FOIA), and The Government in the Sunshine Act
![Page 7: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/7.jpg)
NISPPAC Government Representatives
7
MembersMembers AgencyAgency
John P. Fitzpatrick, Chair Information Security Oversight Office
Mary Rose McCaffrey Central Intelligence Agency
Drew Winneberger Defense Security Service
Deborah Scholz Department of the Air Force
Patricia Stokes Department of the Army
Eric Dorsey Department of Commerce
Timothy Davis Department of Defense
Richard Donovan Department of Energy
![Page 8: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/8.jpg)
NISPPAC Government Representatives
8
MembersMembers AgencyAgency
Christal Fulton Department of Homeland Security
Anna Harrison Department of Justice
Stephen Long Department of the Navy
Kimberly Baugher Department of State
Peter AmbroseNational Aeronautics and Space Administration
Dennis Hanratty National Security Agency
Darlene Fenton Nuclear Regulatory Commission
Richard Hohman Office of the Director of National Intelligence
![Page 9: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/9.jpg)
NISPPAC Industry Members
9
MembersMembers Company Company
Scott Conway* Northrop Grumman
Marshall Sanders* Cloud Security Strategies
Frederick Riccardi ManTech
Shawn Daley MIT Lincoln Laboratory
Rosalind Baybutt Pamir Consulting LLC
Mike Witt Ball Aerospace
Rick Graham Huntington -Ingalls
Steve Kipp L3 Corporation
* Term Ends 1 October 2012
![Page 10: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/10.jpg)
NISPPAC Working Groups
10
NISPPAC working groups established to review issues and
prepare recommendations for formal NISPPAC decisions.• Permanent
• Certification and Accreditation Working Group
• Personnel Security Clearance Working Group
• Ad-Hoc
• NISPOM Rewrite Working Group
• Threat Information Working Group
• Small and Middle-Sized company Issues Working Group
• Special Access Program Working Group
• Foreign Ownership, Control and Influence (FOCI) Working Group
![Page 11: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/11.jpg)
11
Guidance found in:
● Executive Order 13526, “Classified National Security Information” December 29, 2009
● 32 C.F.R. Part 2001, “Classified National Security Information” June 25, 2010
● “Marking Classified National Security Information” January 2012
Derivative ClassificationDerivative Classification
![Page 12: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/12.jpg)
Derivative Classification is:
The incorporating, paraphrasing, restating, or generating in new form information that is already classified, and marking the newly developed material consistent with the classification markings that apply to the source information.
Includes the classification of information based on classification guidance.
It is not the duplication or reproduction of existing classified information.
12
Derivative Classification
![Page 13: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/13.jpg)
Persons who apply derivative classification markings shall receive training in the proper application of the derivative classification principles of the Order, with an emphasis on avoiding over-classification, at least once every 2 years.
Derivative classifiers who do not receive such training at least once every two years shall have their authority to apply derivative classification markings suspended until they have received such training.
A waiver may be granted by the agency head, the deputy agency head, or the senior agency official if an individual is unable to receive such training due to unavoidable circumstances
Whenever a waiver is granted, the individual shall receive such training as soon as practicable.
13
Training
![Page 14: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/14.jpg)
Minimum Derivative Classification Training Coverage
• Observe and respect original classification decisions
• Classification levels
• Duration of classification
• Identification and Markings (carry forward to newly created documents the pertinent classification markings)
• Classification prohibitions and limitations
• Sanctions
• Classification challenges
• Security Classification Guides
• Information Sharing
14
**EMPHASIS ON AVOIDING OVER-CLASSIFICATION**
![Page 15: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/15.jpg)
Classification Standards
Information may be originally classified if:
• An Original Classification Authority (OCA) is classifying the information;
• The information is owned by, produced by or for, or is under the control of the United States Government;
• The information falls within one or more of the classification categories; and
• The OCA determines that the unauthorized disclosure of the information reasonably could be expected to result in damage to national security, to include defense against transnational terrorism, and the OCA is able to identify or describe the damage.
15
![Page 16: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/16.jpg)
Classification Levels
● Top Secret - information whose unauthorized disclosure could reasonably be expected to cause exceptionally grave damage to the national security.
• Secret - information whose unauthorized disclosure could reasonably be expected to cause serious damage to the national security.
• Confidential - information whose unauthorized disclosure could reasonably be expected to cause damage to the national security.
16
![Page 17: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/17.jpg)
Prohibitions and Limitations
• In no case shall information be classified, continue to be maintained as classified, or fail to be declassified in order to:
• Conceal violations of law, inefficiency, or administrative error;
• Prevent embarrassment to a person, organization, or agency;
• Restrain competition; or
• Prevent or delay the release of information that does not require protection in the interest of national security.
• Basic scientific research information not clearly related to the national security shall not be classified.
17
![Page 18: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/18.jpg)
Sanctions• U.S. Government employees, and its contractors, shall be subject
to appropriate sanctions if they knowingly, willfully, or negligently:
- disclose to unauthorized persons information properly classified under the Order;
- classify or continue the classification of information in violation of the order or any implementing directive;
- create or continue a special access program contrary to the requirements of the Order; or
- contravene any other provision of the Order or its implementing directive.
18
![Page 19: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/19.jpg)
Classification Challenges• Authorized holders of information, including authorized holders outside the classifying agency, are
encouraged and expected to challenge the classification of information they believe is improperly classified.
• Agencies must ensure individuals are not subject to retribution.
• Informal versus Formal Challenges
- Review by an impartial official or panel
- System for processing, tracking and recording formal challenges
- Written response within 60 days. (Affirmative response must identify or describe damage). 90 day non-response/120 day response
- Right to appeal agency decisions to the Interagency Security Classification Appeals Panel (120 days)
-
19
![Page 20: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/20.jpg)
Derivative classifiers shall, whenever practicable, use a classified addendum whenever classified information constitutes a small portion of an otherwise unclassified document or prepare a product to allow for dissemination at the lowest level of classification possible or in unclassified form.
20
Use of a Classified Addendum
![Page 21: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/21.jpg)
21
(a) Agencies with original classification authority shall prepare classification guides to facilitate the proper and uniform derivative classification of information. These guides shall conform to standards contained in directives issued under E.O. 13526.
(b) Each guide shall be approved personally and in writing by an official who:
(1) Has program or supervisory responsibility over the information or is the senior agency official; and
(2) Is authorized to classify information originally at the highest level of classification prescribed in the guide.
(c) Agencies shall establish procedures to ensure that classification guides are reviewed and updated as provided in directives issued under E.O. 13526.
Security Classification Guides
![Page 22: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/22.jpg)
22
(f) Makes clear that classification guides are not to be used to classify information for more than 25 years except for confidential human source, human intelligence source, or weapons of mass destruction information.
The duration of classification of a document classified by a derivative classifier using a classification guide shall not exceed 25 years from the date of the document, except for:
(1) Information that should clearly and demonstrably be expected to reveal the identity of a confidential human source or a human intelligence source or key design concepts of weapons of mass destruction; and
(2) Specific information incorporated into classification guides in accordance with section 2.2(e) of E.O. 13526.
Security Classification Guides (cont’d)
![Page 23: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/23.jpg)
Classification by Compilation
A determination that information is classified through the compilation of unclassified is a derivative classification action based upon existing original classification guidance. If the compilation of unclassified information reveals a new aspect of information that meets the standards for classification, it shall be referred to an original classification authority with jurisdiction over the information to make an original classification decision.
23
![Page 24: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/24.jpg)
24
Overall classification marking:
Indicates the highest level of classification of any one portion of
the document
Department of Good WorksWashington, D.C. 20006
July 15, 2010
MEMORANDUM FOR AGENCY OFFICIALS
From: Joe Carver, Director
Subject: (U) Examples
1. (S) Paragraph 1 contains information from Paragraph 2 in the source document and is
therefore marked (S).
2. (U) Paragraph 2 contains “Unclassified” information. Therefore, this portion will be
marked with the designation “U” in parentheses preceding the portion.
SECRET
SECRET
Derivative Classification Markings
![Page 25: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/25.jpg)
25
Classification authority block:
SECRET
Department of Good WorksWashington, D.C. 20006
July 15, 2010
MEMORANDUM FOR AGENCY OFFICIALS
From: Joe Carver, Director
Subject: (U) Examples
1. (S) Paragraph 1 contains information from Paragraph 2 in the source document and is
therefore marked (S).
2. (U) Paragraph 2 contains “Unclassified” information. Therefore, this portion will be
marked with the designation “U” in parentheses preceding the portion.
SECRET
Classified By: Identity of derivative classifier by name and position or by personal identifier.
Classified By: Stan Smith, Program Analyst
Derived From: Miscellaneous SCG, Dated January 5, 2009
Derived From: Source information
Declassify On: 20300715Declassify On: Declassification instructions
Derivative Classification Markings
![Page 26: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/26.jpg)
26
● Source information (Derived From): Concisely identify the source document or the classification guide on the “Derived From” line, including the agency, and where available, the office of origin, and the date of the source or guide.
● When using multiple source documents, the “Derived From” line shall appear as:
Derived From: Multiple Sources
● The derivative classifier shall include a listing of the source materials on, or attached to, each derivatively classified document. Example:
(U) Sources:1. (U) Dept of Good Works Memorandum dated June 27, 2010, Subj: Examples2. (U) Dept of Good Works Memorandum dated May 20, 2009, Subj: Examples3. (U) Radar SCG dated February 2, 2006
Derivative Classification Markings
![Page 27: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/27.jpg)
27
Declassification Instructions:
In most cases, the declassification date will be carried over from the source document.
Classified By: John E. Doe, Chief Division 5Reason: 1.4(a)
Declassify On: 20150627
Source document
Derivative documentClassified By: Joe Carver, Director
Derived From: Department of Good Works Memorandum dated June 27, 2010, Subj: (U) Examples
Declassify On: 20150627
Source Document 1 - Declassify On: 20350215Source Document 2 - Declassify On: 20320510Source Document 3 - Declassify On: 20291231
When there are multiple sources, the declassification instruction
will be the most restrictive date
Derivative Document - Declassify On: 20350215
Derivative Classification Markings
![Page 28: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/28.jpg)
28
Portion marking:
Portion markings will be carried over from the
source document to the derivatively classified document. All other
portions will be appropriately marked.
Department of Good WorksWashington, D.C. 20006
July 15, 2010
MEMORANDUM FOR AGENCY OFFICIALS
From: Joe Carver, Director
Subject: (U) Examples
1. (S) Paragraph 1 contains information that is classified SECRET and is therefore marked (S).
2. (U) Paragraph 2 contains “Unclassified” information. Therefore, this portion will be marked with the designation “U” in parentheses preceding
the portion.
Department of Good WorksWashington, D.C. 20006
July 15, 2010
MEMORANDUM FOR AGENCY OFFICIALS
From: Joe Carver, Director
Subject: (U) Examples
1. (S) Paragraph 1 contains information from Paragraph 1 in the source document and is
therefore marked (S).
2. (U) Paragraph 2 contains “Unclassified” information. Therefore, this portion will be
marked with the designation “U” in parentheses preceding the portion.
Source document
Derivative document
Derivative Classification Markings
![Page 29: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/29.jpg)
29
Declassification Instructions – Use of Exemptions from Automatic Declassification (25X1-25X9):
The 25X exemptions may only be used on the “Declassify On” line if an agency has identified permanently valuable information that needs to be exempted from
automatic declassification at 25 years and has received approval from the Interagency Security Classification Appeals Panel (ISCAP) to exempt the
information and to incorporate the exemption into a classification guide. (See 32 C.F.R. Part 2001.26.)
When using an approved exemption, a date or event that has been approved by the ISCAP must be included with the marking and shall not exceed 50 years from the
date of the document.
Classified By: John E. Doe, Chief Division 5
Derived From: SCG title and dateDeclassify On: 25X3, 20540215
Derivative Classification Markings
![Page 30: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/30.jpg)
30
Specific information, the release of which should clearly and demonstrably be expected to:
25X1 - reveal the identify of a confidential human source, a human intelligence source, a relationship with an intelligence or security service of a foreign government or international organization, or a non-human intelligence source; or impair the effectiveness of an intelligence method currently in use, available for use, or under development
25X2 - reveal information that would assist in the development, production, or use of weapons of mass destruction
25X3 - reveal information that would impair U.S. cryptologic systems or activities
25X4 - reveal information that would impair the application of state-of-the-art technology within a U.S. weapon system
Derivative Classification Markings
![Page 31: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/31.jpg)
31
25X5 – reveal formally named or numbered U.S. military war plans that remain in effect, or reveal operational or tactical elements of prior plans that are contained in such active plans25X6 - reveal information, including foreign government information, that would cause serious harm to relations between the United States and a foreign government, or to ongoing diplomatic activities of the United States25X7 - reveal information that would impair the current ability of United States Government officials to protect the President, Vice President, and other protectees for whom protection services, in the interest of the national security, are authorized25X8 - reveal information that would seriously impair current national security emergency preparedness plans or reveal current vulnerabilities of systems, installations, or infrastructures relating to the national security25X9 - violate a statute, treaty, or international agreement that does not permit the automatic or unilateral declassification of information at 25 years.
Derivative Classification Markings
![Page 32: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/32.jpg)
32
Section 3.3(h), E.O. 13526Records that contain information, the release of which should clearly and demonstrably be expected to reveal the following are exempt from automatic declassification at 50 years:
50X1-HUM – the identity of a confidential human source or a human intelligence source
50X2-WMD – key design concepts of weapons of mass destruction
50X__ - in extraordinary cases, additional specific information formally approved by the ISCAP
(50X1-50X9 – match the same categories as the 25X1-25X9 categories)
Section 3.3(h)(3), E.O. 1352675X___ - specific information may be exempted from automatic declassification at 75 years if formally approved by the ISCAP.
Derivative Classification Markings
![Page 33: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/33.jpg)
25 years
50 years
75 years25X__
_territo
ry
50X___
territory
75X___
territory
ISCAP
from automatic declassification
All other information
50X1-HUM (no date or event required)
50X2-WMD (no date or event required)E.O. 13526 section 3.3(h)(1)(B)
E.O. 13526 section 3.3(h)(1)(A)
ISCAP
ISC
APIdentity of confidential human
source or human intelligence source
Key design concepts of weapons of mass destruction
ISC
AP
Information that meets the standards of
E.O. 13526 section 3.3(b)
25X___ with a date
or event
E.O. 13526 section 3.3(b)
ISC
AP
50X___ with a date
or event
E.O. 13526 section 3.3(h)
(2)
ISC
AP
![Page 34: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/34.jpg)
34
Declassification Instructions:
The following declassification instructions are no longer valid and, if annotated on the source document, will not be carried over to the derivative document.
• X1, X2, X3, X4, X5, X6, X7, X8• OADR
• MR (never a valid declassification instruction)• Subject to Treaty or International Agreement
The derivative classifier shall calculate a date that is 25 years from the date of the source document when determining the declassification instruction for the derivative document.
Derivative Classification Markings
![Page 35: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/35.jpg)
35
Declassification Instructions:
SECRETDepartment of Good Works
Washington, D.C. 20006
July 15, 2010
MEMORANDUM FOR AGENCY OFFICIALS
From: Joe Carver, Director
Subject: (U) Examples
1. (S) Paragraph 1.
2. (U) Paragraph 2.
Classified By: OCA name and positionReason: 1.4(a)
Declassify On: OADR SECRET
SECRETDepartment of Good Works
Washington, D.C. 20006
January 21, 2011
MEMORANDUM FOR AGENCY OFFICIALS
From: Joe Carver, Director
Subject: (U) Examples
1. (S) Paragraph 1 contains information from Paragraph 1 in the source document and is
therefore marked (S).
2. (U) Paragraph 2 is unclassified.
Classified By: Derivative classifier’s nameDerived From: Dept of Good Works Memo,
dtd July 15, 2010Declassify On: July 15, 2035
SECRET
Source documentDerivative document
The same rules apply when the source document contains any
invalid markings (X1-X8; OADR; MR; Subject to treaty
or international agreement)
The same rules apply when the source document contains any
invalid markings (X1-X8; OADR; MR; Subject to treaty
or international agreement)
Calculate a date that is 25 years from the date of the source document.
Do not carry over “OADR”
Derivative Classification Markings
![Page 36: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/36.jpg)
36
Declassification Instructions:
DNI Only or DCI Only are also no longer valid and, if annotated on the source document, will not be carried over to the derivative document.
If the document contains imagery, as described in E.O. 12951, the derivative classifier will mark the derivative document in the following manner:
Declassify on: 25X1, E.O. 12951
If the document does not contain imagery, as described in E.O. 12951, the derivative classifier will calculate a declassification date that is 25
years from the date of the source document.
Derivative Classification Markings
![Page 37: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/37.jpg)
37
Declassification Instructions:
SECRETDepartment of Good Works
Washington, D.C. 20006
July 15, 2010
MEMORANDUM FOR AGENCY OFFICIALS
From: Joe Carver, Director
Subject: (U) Examples
1. (S) Paragraph 1.
2. (U) Paragraph 2.
Classified By: OCA name and positionReason: 1.4(a)
Declassify On: DNI OnlySECRET
SECRETDepartment of Good Works
Washington, D.C. 20006
January 21, 2011
MEMORANDUM FOR AGENCY OFFICIALS
From: Joe Carver, Director
Subject: (U) Examples
1. (S) Paragraph 1 contains information from Paragraph 1 in the source document and is
therefore marked (S).
2. (U) Paragraph 2 is unclassified.
Classified By: Derivative classifier’s nameDerived From: Dept of Good Works Memo,
dtd July 15, 2010Declassify On: 20350715
SECRET
Source document
Derivative document
Do not carry over “DNI Only”
If the source document contains “DNI Only” or “DCI Only” as a declassification instruction, and there is no imagery in the document, a declassification date will be
calculated 25 years from the date of the source
document.
If the source document contains “DNI Only” or “DCI Only” as a declassification instruction, and there is no imagery in the document, a declassification date will be
calculated 25 years from the date of the source
document.
Calculate a date that is 25 years from the date of the source document.
Derivative Classification Markings (Cont’d)
![Page 38: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/38.jpg)
38
Declassification
Instructions:
SECRETDepartment of Good Works
Washington, D.C. 20006
XxxxxxxxxxxxxxxxxxxxxxxxxxxxxXxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Classified By: OCA name and positionReason: 1.4(a)
Declassify On: DCI OnlySECRET
Source documentDerivative document
Do not carry over “DCI Only”
SECRETDepartment of Good Works
Washington, D.C. 20006
Xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.Xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxx.
Classified By: Derivative classifier’s nameDerived From: Dept of Good Works Memo,
dtd July 15, 2010Declassify On: 25X1, E.O. 12951
SECRET
Secret
Secret
If the source document contains “DNI Only” or “DCI Only” as a declassification instruction, and contains
imagery, the new declassification instruction will read: “Declassify on:
25X1, E.O. 12951”
If the source document contains “DNI Only” or “DCI Only” as a declassification instruction, and contains
imagery, the new declassification instruction will read: “Declassify on:
25X1, E.O. 12951”
The declassification instruction on the derivatively classified document will read: Declassify on: 25X1, E.O. 12951
Derivative Classification Markings
![Page 39: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/39.jpg)
Reminders
• Only individuals specifically authorized in writing may classify documents originally.
• Only individuals with the appropriate security clearance, who are required by their work to restate classified source information, may derivatively classify information.
• The terms “Top Secret,” “Secret,” and “Confidential” are not to be used to mark executive branch information that has not been properly designated as classified national security information under E.O. 13526.
• Information shall not be classified for any reason unrelated to the protection of the national security.
• Classifiers and authorized holders are responsible for ensuring that information is appropriately classified and properly marked.
39
![Page 40: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/40.jpg)
Reminders (continued)
• Individuals who believe that information in their possession is inappropriately classified, or inappropriately unclassified, are expected to bring their concerns to the attention of responsible officials.
• The following markings are not authorized in the “Declassify On” line:
• Originating Agency’s Determination Required” or “OADR” for documents created after 10/14/95;
• “X1”, “X2”, “X3”, “X4”, “X5”, “X6”, “X7”, or “X8” for documents created after 9/22/2003;
• “Manual Review” or “MR;” • “DNI Only” or “DCI Only;”• “Subject to treaty or international agreement;” and• “25X1-human.”
40
![Page 41: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/41.jpg)
E.O. 13587
Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding
of Classified Information
• Reinforce the importance of responsible information sharing
• Ensure that policies, processes, technical security solutions, oversight, and organizational cultures match information sharing & safeguarding requirements
• Emphasize consistent guidance and implementation across the entire Federal government
• Recognize the importance of shared risk and shared responsibility
41
![Page 42: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/42.jpg)
E.O. 13587 Governance Structure
• A Senior Information Sharing and Safeguarding Steering Committee to coordinate interagency efforts and ensuring that Departments and Agencies are held accountable for implementation of information sharing and safeguarding policy and standards.
• A Classified Information Sharing and Safeguarding to provide sustained, full-time focus on sharing and safeguarding of classified national security information.
• Senior representatives of the Department of Defense and the National Security Agency jointly act as the Executive Agent for Safeguarding Classified Information on Computer Networks to develop technical safeguarding policies and standards and conduct assessments of compliance.
• An Insider Threat Task Force to develop a government-wide program for insider threat detection and prevention to improve protection and reduce potential vulnerabilities of classified information from exploitation, compromise or other unauthorized disclosure.
![Page 43: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/43.jpg)
Areas of Focus & Ongoing Improvement
![Page 44: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/44.jpg)
Removable Media
44
Initial Operating Capability (IOC) Definition:
● IOC is reached when write privileges are disabled and/or controlled using a hardware or software solution
Final Operating Capability (FOC) Definition:
● FOC includes IOC, and is achieved when a monitoring and alerting function is implemented for all successful / unsuccessful
“write” attempts to removable media devices.
![Page 45: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/45.jpg)
Reducing Anonymity
Final Operating Capability (FOC) Definition:
● FOC includes IOC, and is achieved when:
● 90 percent of users have PKI certificates for identification (or a comparable solution) on classified networks (Secret and Top Secret); and
● Hardware tokens are used for authentication to enable access to high and medium-sensitivity applications (software tokens are sufficient pursuant to Intelligence
Community policy and with coordination with the Steering Committee).
Initial Operating Capability (IOC) Definition: ● IOC is reached when the PKI is established such that:
● Certificates are issued (or a comparable solution) for identification for a minimum of 10 percent of users on classified networks (Secret and Top Secret) and
● PKI tokens are used for authentication to high-sensitivity applications (software tokens are sufficient pursuant to Intelligence Community policy and with
coordination with the Steering Committee).
![Page 46: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/46.jpg)
Insider Threat Program
46
Initial Operating Capability (IOC) Definition:
● IOC is reached when an agency has policies, procedures, and an organizational structure that identifies an accountable official(s) for the insider threat program, provides regular insider threat
awareness training to agency personnel, and includes an integrated approach to gathering (electronically and/or manually)
relevant sources of insider threat information for analysis and response.
![Page 47: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/47.jpg)
Insider Threat Program
47
Final Operating Capability (FOC) Definition:
● FOC includes IOC, and is achieved when an agency has implemented the capabilities for:
● Monitoring user network activities on all agency networks;
● Inclusion of counterintelligence triggers for user-monitoring tailored to the agency environment;
● Establishing an integrated capability to monitor, audit, gather, and analyze information relevant to insider threat analysis from across the agency; and
● There is a capability for integrated insider threat analysis of current data on user actions collected from automated and/or manual information sources – such as audit data, foreign travel and contact reporting, financial disclosure, facility, access, phone records, and external databases.
![Page 48: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/48.jpg)
Access Control
48
Initial Operating Capability (IOC) Definition: IOC is reached when an interoperable infrastructure for integrated access-control capability (hard-token PKI plus “attribute-based” authorization) is operational (Secret and Top Secret) in accordance with the Federal Identity, Credential, and Access Management (FICAM) framework or equivalent guidance appropriate for the subject network fabric.
● Establishes capability for user attribute provisioning to support attribute-based authorization on classified networks.
● Requires this capability to be integrated with the PKI authentication capability.
Scope:
● Minimum of 10 percent of users on classified networks are provisioned with attributes for authorization-related access-control decisions.
● Minimum of 25 percent of classified data repositories designated as highest sensitivity (as defined in NIST SP 800-53, CNSSI 1253, ICD 503 or equivalent guidance appropriate for the subject network fabric) are integrated to use the interoperable access-control infrastructure facilities (PKI integrated with attribute-based access control).
![Page 49: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/49.jpg)
Access Control
49
Final Operating Capability (FOC) Definition:
FOC includes IOC, and is achieved when an agency has implemented the capabilities for:
● Federation (exchange) of standardized user authorization attributes on classified networks across organizations;
● Consistent application of fabric-wide access control policy, with timely promulgation of policy changes; and
●Tagging of information resources with access-relevant attributes on ingest, creation, or modification; as applicable.
Scope:
● All users of classified networks.
● All high and medium-sensitivity classified network applications.
![Page 50: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/50.jpg)
Enterprise Audit
50
Initial Operating Capability (IOC) Definition: IOC is reached when an agency has the ability to:
● Monitor user-attributable activities (defined as Auditable Events in ICS 500-27) on at least one community-shared information resource on at least one of the agency’s classified networks;
● Analyze identified anomalies (which includes correlating such anomalies with other data sources);
● Report and respond to potential security incidents through collaboration with the appropriate CI, security, law enforcement, or Information Security (INFOSEC) offices;
● Provide automated notifications of security incidents from a community-shared information resource on at least one of the agency’s classified networks to the appropriate offices;
● Deliver an automated flow of audit data from a community-shared information resource on at least one of the agency’s classified networks into an agency-specific audit capability; and
● Provide audit data to other affected organizations.
![Page 51: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/51.jpg)
Enterprise Audit
51
Final Operating Capability (FOC) Definition:
FOC includes IOC applied to all classified networks, and is achieved when an agency has implemented the ability to:
● Share user-attributable audit information in a common format collected from high and medium-sensitivity information resources (both internal and community-shared) for users;
● Analyze identified anomalies; and
● Enable a timely response to incidents.
![Page 52: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/52.jpg)
E.O.13549“Classified National Security Information Program for State,
Local, Tribal, and Private Sector Entities” (SLTPS)
• Establishes a program to safeguard and govern access to classified information shared by the Federal Government with SLTPS entities.
• Ensures that security standards for classified information are applied in accordance with national policy.
• Private sector facilities where classified information is or will be used or stored as well as contractors of SLT entities shall be inspected, accredited, and monitored for compliance with the standards established pursuant to the NISP by DoD or another responsible Cognizant Security Agency.
• SLTPS-Policy Advisory Committee created to discuss policy disputes and facilitate or recommend changes to remove undue impediment to information sharing
52
![Page 53: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/53.jpg)
53
Key Elements of the E.O. 13556 (CUI)
• Establishes an open and uniform program.
• Manages all unclassified information within the executive branch that requires safeguarding and dissemination controls.
• The control of this information is pursuant to and consistent with law, regulation, and Government-wide policy.
• Freedom of Information Act (FOIA): “The mere fact that information is designated as CUI shall not have a bearing on determinations pursuant to any law requiring the disclosure of information or permitting disclosure as a matter of discretion, including disclosures to the legislative or judicial branches.” –
Section 2(b)
![Page 54: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/54.jpg)
54
Overview of the CUI ProgramOne uniform and consistent policy
applied to a defined and organized body
of information
![Page 55: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/55.jpg)
Approved CUI Categories
1. Agriculture
2. Copyright
3. Critical Infrastructure
4. Emergency Management
5. Export Control
6. Financial
7. Immigration
8. Intelligence
9. Law Enforcement
10. Transportation
11. Nuclear
12. Patent
13. Privacy
14. Proprietary
15. Statistical
16. Tax
17. Legal
55
![Page 56: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/56.jpg)
56
Five Programmatic Areas of the Compliance Plan
Controlled Unclassified Information
Compliance Plan
Processes and procedures of continuous monitoring to ensure compliance with
the EO and Notice
Roles and responsibilities established to guide and direct the program and its requirements
Development, implementation and revision of properly
documented policies that are readily available to all
affected personnel
Education of affected personnel on the appropriate handling of information
including responsibilities and ongoing maintenance
Identify and assess requirements of IT systems and toolsets for program
implementation
![Page 57: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/57.jpg)
CUI Executive AgentCurrent Efforts
57
• Development of CUI Supplemental Guidance & Consultation Interagency Representatives of the public State, Local, Tribal Private Sector
• Approval of Additional CUI Categories & Subcategories CUI Registry Updates Continuing Agency Submissions
• Approval of Compliance Plans Target Date Updates Continuing Agency Submissions
![Page 58: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/58.jpg)
58
Contact Information
Information Security Oversight OfficeNational Archives and Records Administration700 Pennsylvania Avenue, N.W., Room 100
Washington, DC 20408-0001
(202) 357-5250(202) 357-5907 (fax)
[email protected]@nara.gov
www.archives.gov/isoo
![Page 59: DERIVATIVE CLASSIFICATION TRAINING/IMPLEMENTATION AND OVERVIEW OF EXECUTIVE ORDERS IMPACTING THE NISP Greg Pannoni, Associate Director, Operations and.](https://reader038.fdocuments.net/reader038/viewer/2022102604/56649c795503460f9492e4f0/html5/thumbnails/59.jpg)
QUESTIONS?
59