Transcription of 124 - Defense Technical Information Center
1 DoD OpTOOPERATINGMANUALCO NRREG~k UTISGo19950303 124I DISTRIBUTION STA Jn u ry XAApproved for public UnlimitedJanuary 1 995 THE DEPUTY SECRETARY OF DEFENSEWASHINGTON, 20301 FOREWORDOn behalf of the Secretary of Defense as Executive Agent, pursuant to Executive Order 12829," national industrial security Program" (NISP), and with the concurrence of the Secretaryof Energy, the Chairman of the Nuclear Regulatory Commission, and the Director of CentralIntelligence, I am pleased to promulgate the inaugural edition of the NISP Operating Manual(NISPOM). The NISPOM was developed in close coordination with industry and it representsa concerted effort on behalf of hundreds of individuals throughout the Executive Branch believe the NISPOM represents the beginning of a new industrial security process which isbased on sound threat analysis and risk management practices and which establishes consistentsecurity policies and practices throughout the government.
2 I also believe it creates a new govern-ment and industry partnership which empowers industry to more directly manage its own admin-istrative security President has recently created a security Policy Board to ensure the protection of our nation'ssensitive Information and technologies within the framework of a more simplified, uniform effective security system. The security Policy Board and the Executive Agent will continuethe process of consultation with industry on the NISPOM to make further improvements, espe-cially in the complex and changing areas of automated Information systems security and physic who use the NISPOM should ensure that it is implemented so as to achieve the goals of 0eliminating unnecessary costs while protecting vital Information and technologies. Users of the LINISPOM are encouraged to submit recommended changes through their Cognizant SecurityAgency to the Executive Agent's designated representative at the following address:Lly.
3 _ :..Department of Defense Distribution IAssistant Secretary of Defense for Availability CodesCommand, Control, Communications and Intelligence --Avail and/orATTN: DASD(I&S)/CI&SP, Room 3E160 Dist Special6000 Defense PentagonWashington, 20301-6000 The NISPOM replaces the Department of Defense industrial security Manual for SafeguardingClassified Information , dated January )John M. DeutchDeputy Secretary of DefenseApproved for public release;Distribution Uubmiu1ted ITABLE OF CONTENTSPage *CHAPTER 8. AUTOMATED Information SYSTEM SECURITYS ection 1. Responsibilities .. 8-1-1 Section 2. Accreditation and security Modes .. 8-2-1 Section 3. Controls and M aintenance .. 8-3-1 Section 4. Networks .. 8-4-1 CHAPTER 9. SPECIAL REQUIREMENTSS ection 1. Restricted Data and Formerly Restricted Data .. 9-1-1 Section 2. DoD Critical Nuclear Weapon Design Information .
4 9-2-1 Section 3. Intelligence Information .. 9-3-1 CHAPTER 10. INTERNATIONAL security REQUIREMENTSS ection 1. General and Background Information .. 10-1-1 Section 2. Disclosure of Information to Foreign Interests .. 10-2-1 Section 3. Foreign Government Information .. 10-3-1 Section 4. International Transfers .. 10-4-1 Section 5. International Visits and Control of Foreign Nationals .. 10-5-1 Section 6. Contractor Operations Abroad .. 10-6-1 Section 7. NATO Information security Requirements .. 10-7-1 CHAPTER 11. MISCELLANEOUS INFORMATIONS ection 1. TEMPEST .. 11-1-1 Section 2. Defense Technical Information Center .. 11-2-1 Section 3. Independent Research and Development .. 11-3-1 APPENDICESA ppendix A. Organizational Elements for industrial security .. A-IAppendix B. Foreign M arking Equivalents .. B-IAppendix C. Definitions .. C-1 SUPPLEMENTS TO THE NISPOMD ocumentNISPOM Supplement.
5 TBDC hapter 1.* General Provisions And RequirementsSection 1. Introduction1-100. Purpose. This Manual is issued in accordance prescribe that portion of the Manual that pertains towith the national industrial security Program (NISP). intelligence sources and methods, including SensitiveThe Manual prescribes requirements, restrictions, and Compartmented Information . The Director of Centralother safeguards that are necessary to prevent unautho- Intelligence retains authority over access to intelli-rized disclosure of classified Information and to control gence sources and methods, including Sensitive Com-authorized disclosure of classified Information released partmented Information . The Director of Centralby Government Executive Branch Departments Intelligence may inspect and monitor contractor, lic-and Agencies to their contractors.
6 The Manual also pre- ensee, and grantee programs and facilities thatscribes requirements, restrictions, and other safeguards involve access to such Information . The Secretary ofthat are necessary to protect special classes of classified Energy and the Nuclear Regulatory Commissioninformation, including Restricted Data, Formerly retain authority over access to Information under theirRestricted Data, intelligence sources and methods infor- respective programs classified under the Atomicmation, Sensitive Compartmented Information , and Energy Act of 1954, as amended. The Secretary or theSpecial Access Program Information . These procedures Commission may inspect and monitor contractor, lic-are applicable to licensees, grantees, and certificate ensee, grantee, and certificate holder programs andholders to the extent legally and practically possible facilities that involve access to such the constraints of applicable law and the Code ofFederal Regulations.
7 C. The Secretary of Defense serves as Executive Agentfor inspecting and monitoring contractors, licensees,1-101. Authority. grantees, and certificate holders who require or willrequire access to, or who store or will store classifieda. The NISP was established by Executive Order Information ; and for determining the eligibility for12829, 6 January 1993, " national industrial security access to classified Information of contractors, lic-Program" for the protection of Information classified ensees, certificate holders, and grantees and theirpursuant to Executive Order 12356, April 2, 1982, respective employees. The Heads of agencies shall" national security Information ," or its successor or enter into agreements with the Secretary of Defensepredecessor orders, and the Atomic Energy Act of that establish the terms of the Secretary's responsi-1954, as amended.
8 The national security Council is bilities on their for providing overall policy direction forthe NISP. The Secretary of Defense has been desig- d. The Director, ISOO, will consider and take action onnated Executive Agent for the NISP by the President. complaints and suggestions from persons within orThe Director, Information security Oversight Office outside the Government with respect to the adminis-(ISOO) is responsible for implementing and moni- tration of the the NISP and for issuing implementing direc-tives that shall be binding on agencies. e. Nothing in this Manual shall be construed to super-sede the authority of the Secretary of Energy or theb. The Secretary of Defense , in consultation with all Chairman of the Nuclear Regulatory Commissionaffected agencies and with the concurrence of the under the Atomic Energy Act of 1954, as amended;Secretary of Energy, the Chairman of the Nuclear or detract from the authority of installation Com-Regulatory Commission and the Director of Central manders under the Internal security Act of 1950; theIntelligence is responsible for issuance and mainte- authority of the Director of Central Intelligencenance of this Manual.
9 The Secretary of Energy and under the national security Act of 1947, asthe Nuclear Regulatory Commission shall prescribe amended, or Executive Order No. 12333 of Decem-that portion of the Manual that pertains to Information ber 8, 1981; or the authority of any other federalclassified under the Atomic Energy Act of 1954, as department or agency Head granted pursuant to The Director of Central Intelligence shall statute or Presidential Scope. Secretary of Defense and: (1) The Administrator, national Aeronautics and Space Administrationa. The NISP applies to all executive branch depart- (NASA); (2) The Secretary of Commerce; (3) Thements and agencies and to all cleared contractor Administrator, General Services Administrationfacilities located within the United States, its Trust (GSA); (4) The Secretary of State; (5) The Adminis-Territories and Possessions.
10 Trator, Small Business Administration (SBA); (6)The Director, national Science Foundation (NSF);b. This Manual applies to and shall be used by contrac- (7) The Secretary of the Treasury; (8) The Secretarytors to safeguard classified Information released dur- of Transportation; (9) The Secretary of the Interior;ing all phases of the contracting, licensing, and grant (10) The Secretary of Agriculture; (11) The Director,process, including bidding, negotiation, award, per- United States Information Agency (USIA); (12) Theformance, and termination. This Manual also applies Secretary of Labor; (13) The Administrator, Envi-to classified Information not released under a con- ronmental Protection Agency (EPA); (14) The Attor-tract, license, certificate or grant, and to foreign gov- ney General, Department of Justice; (15) Theernment Information furnished to contractors that Director, Arms Control and Disarmamentrequires protection in the interest of national secu- Agency (ACDA); (16) The Director, Federal Emer-rity.