In
our continuing effort to bring you the latest to National Industrial Security
Contractors (NISPOM) we feel it is important to include articles reviewing the
latest SUMMARY OF CHANGES TO DoDM
5220.22, “National Industrial
Security Program Operating Manual” (NISPOM).
As
a reminder, our intent is to address major changes vice administrative updates.
Many of the changes are simply administrative such crossed out references no
longer used, updated table of contents, or renumbered paragraphs. Only major
changes not otherwise written about in previous articles will be added.
This
leads us to today’s article; changes to how classification markings are applied.
Throughout the article we write in actual verbiage from the “Summary of
Changes” in its original format and edits.
Text
in blue represents NISPOM Conforming Change 1 material and text in red
is Change 2 material.
This brings us to NISPOM Paragraph 4-208. Markings for
Derivatively Classified Documents.
a. CLASSIFIED BY Line. The purpose of the
“Classified By” line is to identify the person who applies derivative
classification markings for the document. If not otherwise evident, the line
will include the agency contractor and, where available, the office of origin will be identified and
follow the name and position or personal identifier of the derivative
classifier.
This clarifies that the contractor performing
derivative classification is identified and not the government agency the
contractor supports. This further identification implies a few required steps.
1. The derivative classifier is indeed trained to make such a decision
2. The derivative classifier is responsible for
proper classification markings
3. The derivative classifier can be held responsible
for content
4. The derivative classifier can be later contacted
for further information
The previous NISPOM Conforming Change 1 separated the two topics
in subparagraph d and assigned the “CLASSIFICATION BY” Line to subparagraph a
and “REASON CLASSIFIED” to subparagraph b. This clarification and separation of
requirements further stress the importance of the contractor’s responsibility
to understand classification instructions and responsibilities. The
instructions should be specifically outlined in the DD From 254 and the
accompanying security classification guide.
Additionally, the persons providing the derivative classification
should be authorized to do so. The FSO should document derivative
classifier training, those authorized to
perform derivative classification, and ensure that cleared employees understand
the classified work as required in contracting, programmatic, NISPOM, DD Form 254 and
SCG documentation.
• e. "REASON
CLASSIFIED" Line. As a general rule, a "Reason Classified"
line will be shown only on originally classified documents. However, certain
agencies may require that derivatively classified documents contain a
"Reason Classified" Line to identify the specific reason for the derivative
classification. Instructions for the use of these lines will be included in the
security classification guidance provided with the contract.
REASON CLASSIFIED should only be applied to originally classified
documents. As a rule, cleared defense contractors perform derivative
classification when they generate classified material. However, there may be
cases where cleared contractors produce originally classified documents. Where
derivative classification occurs, contractors should not mark classified
information with REASON CLASSIFIED unless required in the SCG.
This administrative update separates the once combined CLASSIFIED
BY and REASON CLASSIFIED lines. For clarity, these lines have been provided new
sub-paragraph numbers. Though an administrative and clarification update, we
will cover this as it supports a major change to Paragraph 4-210b.
Paragraph 4-210b: b. E-mail and other Electronic
Messages.
Electronically transmitted messages shall be
marked in the same manner required for other documents except as noted. The
overall classification of the message shall be the first item of information in
the text and shall be displayed at the top and bottom of each message. A
“Classified By” line, a "Derived From" line, a “Declassify On” line, is and
portion markings are required on messages. Certain agencies may also
require that messages contain a "Reason Classified" line in order to
identify the specific reason for classification, which is carried over from the
source document(s) or classification guide. Instructions for the use of such
lines will be included in the security classification guidance provided with
the contract documents.
4-210b removes the above crossed out verbiage to make it clear
that REASON CLASSIFIED only applies to originally classified materially unless
otherwise instructed to include on e-mail and electronic messages that
represent derivative classification. The REASON CLASSIFIED is already addressed
in 4-208e.
Paragraph 4-213. Marking Compilations. In some
instances, certain information that would otherwise be unclassified when
standing alone may require classification when combined or associated with
other unclassified information. The determination that information requires classification by
compilation will be based on specific guidance regarding compilation provided
in a Contract Security Classification Specification or a security
classification guide. If specific guidance is absent, the contractor will
obtain written guidance from the applicable GCA.
When classification is required to protect a
compilation of such information, the overall classification assigned to the
compilation shall be conspicuously affixed. The reason for classifying the
compilation shall be stated at an appropriate location at or near the beginning
of the compilation.
The NISPOM Conforming Change 2 addition to paragraph 4-213
requires a specific source for determining the classification of the
compilation. This information should be found in the SCG. For example, the top
speed of a vehicle may be unclassified and the fact that the vehicle has good
traction in mud may be unclassified. However, providing the top speed through mud might be classified and should be addressed in the SCG. If there
is insufficient guidance, the contractor should contact the government program
office and get clarification in writing. The contractor should also get
guidance on how to treat the information until the program office provides the
written guidance.
This completes the major updates to marking classified information
given through the NISPOM Conforming Change 2. Next time we will cover
safeguarding classified information.
FSOs who need
assistance can visit www.redbikepublishing.com for books such as the NISPOM and ITAR. Additionally,
try the Self-Inspection Handbook for NISP
Contractors as a
training and self-inspection aide. We also have Initial
Security Briefings,
Refresher Training, Insider Threat training and more. You can purchase our NISPOM
training, download and present to cleared employees. The presenter can read
notes word for word or edit the notes to provide a tailored briefing
appropriate for their organization.
Have a book ready
to publish? Why not contact us? www.redbikepublishing.com/publish-with-us
Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".
No comments:
Post a Comment