Friday, October 21, 2016

Summary of Changes in NISPOM Conforming Change 2, Marking Classified Material

In our continuing effort to bring you the latest to National Industrial Security Contractors (NISPOM) we feel it is important to include articles reviewing the latest SUMMARY OF CHANGES TO DoDM 5220.22, “National Industrial Security Program Operating Manual” (NISPOM).

As a reminder, our intent is to address major changes vice administrative updates. Many of the changes are simply administrative such crossed out references no longer used, updated table of contents, or renumbered paragraphs. Only major changes not otherwise written about in previous articles will be added.

This leads us to today’s article; changes to how classification markings are applied. Throughout the article we write in actual verbiage from the “Summary of Changes” in its original format and edits.

Text in blue represents NISPOM Conforming Change 1 material and text in red is Change 2 material.

This brings us to NISPOM Paragraph 4-208. Markings for Derivatively Classified Documents.

a. CLASSIFIED BY Line. The purpose of the “Classified By” line is to identify the person who applies derivative classification markings for the document. If not otherwise evident, the line will include the agency contractor and, where available, the office of origin will be identified and follow the name and position or personal identifier of the derivative classifier.

This clarifies that the contractor performing derivative classification is identified and not the government agency the contractor supports. This further identification implies a few required steps. 1. The derivative classifier is indeed trained to make such a decision
2. The derivative classifier is responsible for proper classification markings
3. The derivative classifier can be held responsible for content
4. The derivative classifier can be later contacted for further information

The previous NISPOM Conforming Change 1 separated the two topics in subparagraph d and assigned the “CLASSIFICATION BY” Line to subparagraph a and “REASON CLASSIFIED” to subparagraph b. This clarification and separation of requirements further stress the importance of the contractor’s responsibility to understand classification instructions and responsibilities. The instructions should be specifically outlined in the DD From 254 and the accompanying security classification guide.

Additionally, the persons providing the derivative classification should be authorized to do so. The FSO should document derivative classifier training, those authorized to perform derivative classification, and ensure that cleared employees understand the classified work as required in contracting, programmatic, NISPOM, DD Form 254 and SCG documentation.

d. e. "CLASSIFIED BY" Line and "REASON CLASSIFIED" Line. As a general rule, a "Classified By" line and a "Reason Classified" line will be shown only on originally classified documents. However, certain agencies may require that derivatively classified documents contain a "Classified By"line to identify the derivative classifier and a "Reason Classified" Line to identify the specific reason for the derivative classification. Instructions for the use of these lines will be included in the security classification guidance provided with the contract.

e. "REASON CLASSIFIED" Line. As a general rule, a "Reason Classified" line will be shown only on originally classified documents. However, certain agencies may require that derivatively classified documents contain a "Reason Classified" Line to identify the specific reason for the derivative classification. Instructions for the use of these lines will be included in the security classification guidance provided with the contract.

REASON CLASSIFIED should only be applied to originally classified documents. As a rule, cleared defense contractors perform derivative classification when they generate classified material. However, there may be cases where cleared contractors produce originally classified documents. Where derivative classification occurs, contractors should not mark classified information with REASON CLASSIFIED unless required in the SCG.

This administrative update separates the once combined CLASSIFIED BY and REASON CLASSIFIED lines. For clarity, these lines have been provided new sub-paragraph numbers. Though an administrative and clarification update, we will cover this as it supports a major change to Paragraph 4-210b.

Paragraph 4-210b: b. E-mail and other Electronic Messages.
Electronically transmitted messages shall be marked in the same manner required for other documents except as noted. The overall classification of the message shall be the first item of information in the text and shall be displayed at the top and bottom of each message. A “Classified By” line, a "Derived From" line, a “Declassify On” line, is and portion markings are required on messages. Certain agencies may also require that messages contain a "Reason Classified" line in order to identify the specific reason for classification, which is carried over from the source document(s) or classification guide. Instructions for the use of such lines will be included in the security classification guidance provided with the contract documents.
4-210b removes the above crossed out verbiage to make it clear that REASON CLASSIFIED only applies to originally classified materially unless otherwise instructed to include on e-mail and electronic messages that represent derivative classification. The REASON CLASSIFIED is already addressed in 4-208e.

Paragraph 4-213. Marking Compilations. In some instances, certain information that would otherwise be unclassified when standing alone may require classification when combined or associated with other unclassified information. The determination that information requires classification by compilation will be based on specific guidance regarding compilation provided in a Contract Security Classification Specification or a security classification guide. If specific guidance is absent, the contractor will obtain written guidance from the applicable GCA.
When classification is required to protect a compilation of such information, the overall classification assigned to the compilation shall be conspicuously affixed. The reason for classifying the compilation shall be stated at an appropriate location at or near the beginning of the compilation.

The NISPOM Conforming Change 2 addition to paragraph 4-213 requires a specific source for determining the classification of the compilation. This information should be found in the SCG. For example, the top speed of a vehicle may be unclassified and the fact that the vehicle has good traction in mud may be unclassified. However, providing the top speed through mud might be classified and should be addressed in the SCG. If there is insufficient guidance, the contractor should contact the government program office and get clarification in writing. The contractor should also get guidance on how to treat the information until the program office provides the written guidance.

This completes the major updates to marking classified information given through the NISPOM Conforming Change 2. Next time we will cover safeguarding classified information.

FSOs who need assistance can visit www.redbikepublishing.com for books such as the NISPOM and ITAR. Additionally, try the Self-Inspection Handbook for NISP Contractors as a training and self-inspection aide. We also have Initial Security Briefings, Refresher Training, Insider Threat training and more. You can purchase our NISPOM training, download and present to cleared employees. The presenter can read notes word for word or edit the notes to provide a tailored briefing appropriate for their organization.

Have a book ready to publish? Why not contact us? www.redbikepublishing.com/publish-with-us



Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".

No comments: