28 December 1998
Source:
http://web7.whs.osd.mil/corres.htm
DOD Directive 5100.20 The National Security Agency and the Central Security Service
DOD Directive 5100.23 Administrative Arrangements for the National Security Agency
DOD Directive 5100.35 Military Communications-Electronics Board (MCEB)
DOD Directive 5100.47 National Cryptologic School
DOD Directive 5100.85 Intelligence Systems Board (ISB)
DOD Instruction 5105.58 Management of Measurement and Signature Intelligence (MASINT)
DOD Directive 5148.11 Assistant to the Secretary of Defense for Intelligence Oversight (ATSD(IO))
DOD Directive 5160.54 Critical Asset Assurance Program (CAAP)
DOD Directive 5200.1 DoD Information Security Program
DOD Directive 5205.8 Access to Classified Cryptographic Information
DOD Directive 5210.45 Personnel Security in the National Security Agency
DOD Directive 5210.70 DoD Cryptologic Training
For more publications see: http://www.fas.org/irp/doddir/dod/index.html
Department of Defense DIRECTIVE NUMBER 5100.20 December 23, 1971 Administrative Reissuance Incorporating Through Change 4, June 24, 1991 ASD(I) SUBJECT: The National Security Agency and the Central Security Service References: (a) National Security Council Intelligence Directive No. 6 1. PURPOSE This directive prescribes authorities, functions, and responsibilities of the National Security Agency (NSA) and the Central Security Service (CSS). 2. CONCEPT 2.1. Subject to the provisions of NSCID No. 6, and the National Security Act of 1947, as amended, and pursuant to the authorities vested in the Secretary of Defense, the National Security Agency is a separately organized agency within the Department of Defense under the direction, supervision, funding, maintenance and operation of the Secretary of Defense. 2.2. The National Security Agency is a unified organization structured to provide for the Signals Intelligence (SIGINT) mission of the United States and to insure secure communications systems for all departments and agencies of the U.S. Government. 2.3. The Central Security Service will conduct collection, processing and other SIGINT operations as assigned. Declassified on May 22, 1990 by the Director of Administration and Management, Office of the Secretary of Defense (Authority: E.O. 12356, April 6, 1982) 3. DEFINITIONS 3.1. Signals Intelligence (SIGINT) is a category of intelligence information comprising all Communications Intelligence (COMINT), Electronics Intelligence (ELINT), and Telemetry Intelligence (TELINT). 3.2. COMINT is technical and intelligence information derived from foreign communications by other than the intended recipients. COMINT is produced by the collection and processing of foreign communications passed by electromagnetic means, with specific exceptions stated below, and by the processing of foreign encrypted communications, however transmitted. Collection comprises search, intercept, and direction finding. Processing comprises range estimation, transmitter/operator identification, signal analysis, traffic analysis, cryptanalysts, decryption, study of plain text, the fusion of these processes, and the reporting of results. COMINT shall not include: 3.2.1. Intercept and processing of unencrypted written communications, except the processing of written plain text versions of communications which have been encrypted or are intended for subsequent encryption. 3.2.2. Intercept and processing of press, propaganda and other public broadcasts, except for processing encrypted or "hidden meaning" passages in such broadcasts. 3.2.3. Oral and wire interceptions conducted under DoD Directive 5200.24. 3.2.4. Censorship. 3.3. ELINT is technical and intelligence information derived from foreign, non-communications, electromagnetic radiations emanating from other than atomic detonation or radioactive sources. ELINT is produced by the collection (observation and recording), and the processing for subsequent intelligence purposes of that information. 3.4. TELINT is technical and intelligence information derived from the intercept, processing, and analysis of foreign telemetry. 3.5. SIGINT operational control is the authoritative direction of SIGINT activities, including tasking and allocation of effort, and the authoritative prescription of those uniform techniques and standards by which SIGINT information is collected, processed and reported. 3.6. SIGINT resources comprise units/activities and organizational elements engaged in the conduct of SIGINT (COMINT, ELINT or TELINT) activities. 4. APPLICABILITY The provisions of this directive apply to the Office of the Secretary of Defense, the Military Department, the Joint Chiefs of Staff, the Unified and Specified Commands, the National Security Agency, the Central Security Service, and other Defense Agencies hereinafter called Department of Defense Components. 5. ORGANIZATION AND RESOURCES 5.1. The SIGINT resources of the Department of Defense will be structured to accomplish most efficiently and effectively the SIGINT mission of the U.S. 5.2. The National Security Agency shall consist of a Director, a Headquarters, and such subordinate units, elements, facilities, and activities as are assigned to the National Security Agency by the Secretary of Defense in his role as the executive agent of the Government for the conduct of SIGINT. 5.3. The Central Security Service is comprised of a Chief, Central Security Service, a Deputy Chief, a jointly staffed headquarters, Army, Navy/Marine Corps and Air Force operating elements, and such other subordinate elements and facilities as may be assigned to the Central Security Service by the Secretary of Defense. 5.4. The Director, National Security Agency, shall also be the Chief, Central Security Service. 5.5. The Director of the National Security Agency/Chief, Central Security Service shall have a Deputy Director for the National Security Agency and a Deputy Chief, Central Security Service. To provide continuity in SIGINT matters the Deputy Director, National Security Agency, shall be a technically experienced civilian. The Deputy Chief, Central Security Service, shall be a commissioned officer of the Military Services, of not less than two star rank, designated by the Secretary of Defense. The Deputy Chief will normally not be selected from the same Military Service as the Chief. 5.6. The Director and Deputy Director of the National Security Agency shall be designated by the Secretary of Defense, subject to the approval of the President. The Director shall be a commissioned officer of the Military Services, on active or reactivated status, and shall enjoy not less than three star rank during the period of his incumbency. 5.7. The Director, National Security Agency/Chief, Central Security Service shall report to the Secretary of Defense. 5.8. The Commanders of the Service cryptologic organizations and their subordinate activities which conduct SIGINT operations will be subordinate to the Chief, Central Security Service, for all matters involving SIGINT activities. In this role they will be designated as Service element commanders and subordinate activities of the Central Security Service. Unless otherwise specifically provided in this directive, the Service cryptologic organizations will remain in their parent Services, for the purpose of administrative and logistic support. 5.9. The Secretary of Defense with the advice of the Joint Chiefs of Staff may specifically designate other SIGINT-related resources of the Department of Defense which will be subordinate to the Chief, Central Security Service for SIGINT operations. 6. RESPONSIBILITIES AND FUNCTIONS 6.1. Subject to the direction, authority and control of the Secretary of Defense, the Director, National Security Agency/Chief, Central Security Service shall: 6.1.1. Accomplish the SIGINT mission of the National Security Agency/Central Security Service. 6.1.2. Act as principal SIGINT advisor to the Secretary of Defense, the Director of Central Intelligence, and the Joint Chiefs of Staff. As principal SIGINT advisor to the Joint Chiefs of Staff, the Director, National Security Agency will keep the Joint Chiefs of Staff fully informed on SIGINT matters. 6.1.3. Exercise SIGINT operational control over SIGINT activities of the U.S. Government to respond most effectively to military and other SIGINT requirements. In the case of mobile military SIGINT platforms, he shall state movement requirements through appropriate channels to the military commanders, who shall retain responsibility for operational command of the vehicles. 6.1.4. Provide technical guidance to all SIGINT or SIGINT-related operations of the U.S. Government. 6.1.5. Formulate programs, plans, policies, procedures and principles. 6.1.6. Produce and disseminate SIGINT in accordance with the objectives, requirements and priorities established by the Director of Central Intelligence. (This function will not include the production and dissemination of finished intelligence which are the responsibilities of departments and agencies other than the National Security Agency/Central Security Service.) 6.1.7. Manage assigned SIGINT resources, personnel and programs. 6.1.8. In relation to the Department of Defense SIGINT activities, prepare and submit to the Secretary of Defense a consolidated program and budget, and requirements for military and civilian manpower, logistic and communications support, and research, development, test and evaluation, together with his recommendations pertaining thereto. 6.1.9. Conduct research, development and systems design to meet the needs of the National Security Agency/Central Security Service and coordinate with the departments and agencies their related research, development, test and evaluation in the SIGINT field. 6.1.10. Determine and submit to the Secretary of Defense logistic support requirements for the National Security Agency, and the Central Security Service, together with specific recommendations as to what each of the responsible departments and agencies of the Government should supply. 6.1.11. Develop requisite security rules, regulations and standards governing operating practices in accordance with the policies of the U.S. Intelligence Board and the U.S. Communications Security Board. 6.1.12. Prescribe within his field of authorized operations requisite security regulations covering operating practices, including the transmission, handling, and distribution of SIGINT material within and among the elements under his control; and exercise the necessary monitoring and supervisory control to ensure compliance with the regulations. 6.1.13. Make reports and furnish information to the U.S. Intelligence Board or the U.S. Communications Security Board, as required. 6.1.14. Respond to the SIGINT requirements of all DoD components and other departments and agencies. 6.1.15. Eliminate unwarranted duplication of SIGINT efforts. 6.1.16. Standardize SIGINT equipment and facilities wherever practicable. 6.1.17. Provide for production and procurement of SIGINT equipments. 6.1.18. Provide the Director of Central Intelligence through the Secretary of Defense with such information as required on the past, current and proposed plans, programs, and costs of the SIGINT activities under his control. 6.1.19. Provide guidance to the military departments to effect and insure sound and adequate military and civilian SIGINT career development and training programs, and conduct, or otherwise provide for, necessary specialized and advanced SIGINT training. 6.1.20. Provide technical advice and support to enhance SIGINT arrangements with foreign governments, and conduct, as authorized, SIGINT exchanges with foreign governments. 6.1.21. Perform such other functions as the Secretary of Defense assigns. 7. AUTHORITIES 7.1. Subject to the authority, direction and control of the Secretary of Defense, the Director, National Security Agency/Chief, Central Security Service, is specifically delegated authority to: 7.1.1. Exercise SIGINT operational control over SIGINT activities of the United States. 7.1.2. Issue direct to any of his operating elements such instructions and orders necessary to carry out his responsibilities and functions. 7.1.3. Have direct access to, and direct communications with, any element of the U.S. Government performing SIGINT functions. 7.1.4. The authority in paragraphs 7.1.1.,7.1.2., and 7.1.3. above is subject to review, approval and control in accordance with procedures determined by the Secretary of Defense. 7.1.5. Adjust as required, through the Service cryptologic organizations, personnel resources under his SIGINT operational control. 7.1.6. Centralize or consolidate SIGINT operations for which he is responsible to the extent desirable, consistent with efficiency, economy, effectiveness, and support to field commanders. 7.1.7. Submit, as appropriate, concurrent/letter of evaluation efficiency/fitness reports on the commanders of subordinate elements of the Central Security Service in accordance with parent Service procedures. 7.1.8. Delegate SIGINT operational tasking of specified SIGINT resources and facilities for such periods and or such operational tasks as required or as directed by the Secretary of Defense. 7.1.9. Prescribe SIGINT procedures for activities to whom he provides technical guidance. 7.1.10. Prescribe, or review and approve security rules, regulations and instructions, as appropriate. 7.1.11. Conduct those SIGINT operations undertaken in support of certain missions within the purview of NSCID No. 5. 7.1.12. Obtain such information and intelligence material from the departments and agencies (Military Departments, other Department of Defense agencies, or other departments or agencies of the Government) as may be necessary for the performance of the National Security Agency/Central Security Service functions. 7.1.13. Maintain a departmental property account for the National Security Agency and the Central Security Service headquarters. 7.2. Other authorities, specifically delegated by the Secretary of Defense or by other proper authority to the Director, National Security Agency/Chief, Central Security Service in other directives or issuances, will be referenced in an Enclosure to this directive. 8. RELATIONSHIPS 8.1. In the performance of its responsibilities and functions, the National Security Agency/Central Security Service shall: 8.1.1. Coordinate actions, as appropriate, with other DoD Components, and other departments and agencies of the Government. 8.1.2. Maintain direct liaison, as appropriate, for the exchange of information and advice in the field of its assigned responsibility with other DoD Components and other departments and agencies of the Government. 8.1.3. Coordinate with other DoD Components and other departments and agencies of the Government to make maximum use of established facilities to preclude unnecessarily duplicating such facilities. 8.1.4. Provide for direct liaison by representatives of the intelligence components of individual departments and agencies regarding interpretation and amplification of requirements and priorities within the framework of objectives, requirements, and priorities established by the Director of Central Intelligence. 8.2. Other DoD Components shall provide support, within their respective fields of responsibility, to the Director, National Security Agency/Chief, Central Security Service as may be necessary to carry out his assigned responsibilities and functions. 9. ADMINISTRATION 9.1. To the extent applicable and consistent with the functions assigned to the National Security Agency/Central Security Service, Department of Defense policies, regulations and procedures will govern. 9.2. The National Security Agency/Central Security Service will be authorized such personnel, facilities, funds and other administrative support as the Secretary of Defense deems necessary for the performance of its functions. Other DoD Components shall provide support for the Agency/Service as prescribed in specific directives or support agreements. 10. CANCELLATION To the extent they are inconsistent herewith, DoD Directive S-5100.20, "The National Security Agency," dated March 19, 1959, DoD Directive S- 3115.4, "Communications Intelligence," dated March 19, 1959, and DoD Directive S-3115.2, "Electronics Intelligence," dated February 7, 1967 are hereby canceled. 11. EFFECTIVE DATE AND IMPLEMENTATION 11.1. This directive is effective upon publication. 11.2. To meet the provisions of this Directive, the Director, National Security Agency will develop a plan to implement this Directive including establishment of the Central Security Service for approval by the Secretary of Defense with the advice of the Joint Chiefs of Staff. 11.3. When the Central Security Service is established under the terms of this Directive and the approved implementing plan, all Department of Defense Components will review their existing directives, instructions, and regulations for conformity and submit necessary amendments thereto to the Assistant Secretary of Defense (Intelligence) within ninety (90) days. Enclosures - 1 1. Listing of Specific Delegations of Authority E1. ENCLOSURE 1 Listing of Specific Delegations of Authority by the Secretary of Defense to the Director of the National Security Agency E1.1.1. Administrative authorities required for the administration and operation of the National Security Agency, as prescribed in DoD Directive 5100.23, dated May 17, 1967. E1.1.2. Authority to authorize or request the procurement of cryptologic material and equipment by the Military Departments, as prescribed in DoD Directive 5160.13, dated March 20, 1956. E1.1.3. Authority to establish and administer programs of training, as prescribed in DoD Directive 1430.4, dated August 5, 1969. E1.1.4. Authority to assign the classification of TOP SECRET, as prescribed in DoD Directive 5200.1, "DoD Information Security Program Regulation," authorized by DoD Directive 5200.1, June 1, 1972. E1.1.5. Authority to determine the eligibility of individual civilian officers and employees to transport or store their privately owned motor vehicles at Government expense, in accordance with provisions of DoD Directive 1418.3, dated June 28, 1965.
Department of Defense DIRECTIVE NUMBER 5100.23 May 17, 1967 Administrative Reissuance Incorporating Through Change 2, November 1, 1985 SUBJECT: Administrative Arrangements for the National Security Agency References: (a) DoD Directive S-5100.20, "The National Security Agency" (b) DoD Directive 5100.23, "Administrative Arrangements for the National Security Agency," August 25, 1959 (hereby canceled) 1. PURPOSE This Directive prescribes certain administrative arrangements and delegates administrative authorities required for the administration and operation of the National Security Agency (NSA). 2. ORGANIZATIONAL RELATIONSHIPS The National Security Agency is a separately organized agency within the Department of Defense under the direction, authority and control of the Secretary of Defense who acts as executive agent of the Government for the maintenance and operation of the National Security Agency. To the extent applicable and consistent with the functions assigned to the Agency, Department of Defense policies, regulations, and procedures will govern the Agency's operations. When DoD directives, instructions, or other authoritative issuances hereafter published refer to DoD Components or Defense Agencies, these terms include NSA unless the issuance itself specifically exempts NSA, or the Agency had obtained an exception or modification as provided below: 2.1. Originators of DoD directives, instructions, and substantive changes to these documents shall ascertain and consider the views of the Director, NSA as appropriate. 2.2. If the Director, NSA, determines that DoD issuances would adversely affect the conduct of the mission of the Agency or interfere with its security requirements, he shall recommend to the Secretary of Defense exceptions or modifications to these issuances within 90 days from the date of their promulgation. 3. ADMINISTRATIVE ARRANGEMENTS The following specific arrangements and provisions will be applied in the administration and operation of the NSA: 3.1. Programming, budgeting, financing, accounting, and financial reporting activities of NSA will be in conformance with policies established by the Assistant Secretary of Defense (Comptroller). Disbursing services will be provided by the Military Departments. 3.2. The Director, NSA, will develop, in collaboration with the Military Departments, and submit to the Secretary of Defense, in accordance with applicable directives consolidated cryptologic plans and programs, together with the Director's recommendations as to requirements for military and civilian manpower, operating costs, investment in facilities and capital equipment, and research, development, test and evaluation. 3.3. The Director, NSA, shall make maximum use of the established facilities and services of the Military Departments and other DoD Components wherever practicable to achieve maximum efficiency and economy. 3.3.1. The Military Departments and other DoD Components shall provide such support to the NSA within their capabilities as may be necessary to carry out the assigned responsibilities of the Agency. 3.3.2. The need for and propriety of items procured for the NSA shall be determined by the Director, NSA, subject to DoD procurement regulations. 3.3.3. Although the Agency will operate its own printing plants, it will utilize the facilities of the Military Departments for the disposal of printing, binding, and related equipment that is surplus to the needs of the Agency. Such equipment will be removed promptly from the Agency facility by the Military Department concerned. When such equipment is being replaced, it will be removed concurrently with or prior to, as appropriate, the delivery of the replacement items. In other instances, when it is necessary for the convenience of the Agency that surplus printing equipment be removed prior to its final disposition by a Military Department or the General Services Administration, the cost of the removal will be borne by the Agency. 3.3.4. Other excess or surplus equipment and supplies of the Agency will be disposed of in accordance with DoD directives. 3.4. Statistics, reports or information which will disclose the organization or any function of the NSA, any of its activities, or the names, titles, salaries, or number of persons employed by the Agency will not be released outside the DoD to any individual, organization, or Government department or agency except when authorized by the Director, NSA, the Secretary of Defense, or other proper authority, or when required by law. Statistics and progress or status reports, including those pertaining to personnel employed by or assigned to the NSA, which are required by activities of the Office of the Secretary of Defense will be submitted by the Agency to the Directorate of Statistical Services, OASD(Comp), in accordance with the provisions of DoD Instruction 7700.3. 3.5. All military and civilian positions of the NSA are hereby designated as "critical sensitive positions" and will be treated as such in connection with investigative, security clearance, and employment matters. 4. DELEGATION OF AUTHORITY An enclosure to this directive contains delegations of the various administrative authorities required by the Director, NSA to administer and direct the operations of the Agency. 5. EFFECTIVE DATE AND CANCELLATION This directive is effective upon publication. Reference (b) is hereby superseded and canceled. Enclosures - 1 1. Delegation of Authority E1. ENCLOSURE 1 DELEGATIONS OF AUTHORITY E1.1.1. Pursuant to the authority vested in the Secretary of Defense, the following authorities, as required in the administration and operation of the National Security Agency, (NSA), are hereby delegated, subject to the authority, direction, and control of the Secretary of Defense, to the Director, NSA, or in the event of the absence or incapacity of the Director, to the person acting for him to: E1.1.1.1. Exercise the powers vested in the Secretary of Defense by Sections 302 and 3101 of Title 5, United States Code, and Sections 2 and 4 of Public Law 86-36, as amended (50 USC 402 note), pertaining to the establishment of positions; the fixing of basic compensation; the employment, direction, and general administration of civilian personnel of the NSA subject to the following provisions: E1.1.1.1.1. Positions established at the basic compensation equal to rates of basic compensation authorized for Grades 16, 17 and 18 of the General Schedule (5 USC 5332) are subject to the approval of the Secretary of Defense, and E1.1.1.1.2. The rates of compensation for positions established under the provisions of Section 4 of Public Law 86-36, as amended (50 USC 402 note) will be subject to approval by the Secretary of Defense. E1.1.1.2. Fix rates of pay for wage board employees in relation to prevailing rates for comparable job in the locality. E1.1.1.3. Prescribe, as conditions of employment, that NSA employees (a) must serve any place in the world as the needs of the Agency dictate, and (b) must forego personal unofficial travel when the Director, NSA, determines that travel in the proposed area would constitue a hazard to national security. E1.1.1.4. Administer oaths of office incident to entrance into the Executive Branch of the Federal Government or any other oath required by law in connection with employment therein, in accordance with the provisions of 5 USC 2903, and to designate in writing, as may be necessary, officers and employees of the NSA to perform this function. E1.1.1.5. Grant additional compensation to civilian officers and employees of the National Security Agency who are citizens or nationals of the United States, in accordance with and not to exceed additional compensation authorized by regulations of the State Department or the Civil Service Commission, whichever is applicable, for employees whose rates of basic compensation are fixed by statute. E1.1.1.6. Establish advisory committees and employ or procure the services of part-time advisors as consultants and experts as approved by the Secretary of Defense for the performance of NSA functions pursuant to the provisions of 10 USC 173, 5 USC 3109, and the agreement between the Department of Defense and the Civil Service Commission on the employment of experts and consultants dated July 22, 1959; and waive compliance with any part or all of the requirements of rules 1, 2, and 3 in paragraph V.A. of DoD Directive 5030.13, dated April 20, 1962, for any advisory committee, other than an industry advisory committee, when the Director, NSA finds that compliance would render effective utilization of the committee impracticable and that such waiver would be in the public interest. E1.1.1.7. Establish an NSA Incentive Awards Board and pay cash awards to, and incur necessary expenses for the honorary recognition of (a) civilian employees of the Government whose suggestions, inventions, superior accomplishments, or other personal efforts, including special acts or services, benefit or affect NSA or its subordinate activities in accordance with the provisions of 5 USC 4501-4506 and Civil Service Commission and DoD regulations, and (b) military assignees to the Agency whose suggestions, inventions scientific achievements or other meritorious special acts or services in connection with or related to their official duties benefit or affect NSA or its subordinate activities in accordance with 10 USC 1124 and DoD Directive 5120. 15, dated 3 December 1965. E1.1.1.8. Authorize persons to be provisionally employed before the completion of a full field investigation provided such persons are not given access to sensitive cryptologic information while so employed, in accordance with Section 302(a) of Public Law 88-290. In an exceptional case in which the Director makes a determination in writing that his action is necessary or advisable in the national interest, authorize the employment of any person, or the detail or assignment of any person to the Agency, and grant to any such person access to sensitive cryptologic information, on a temporary basic pending the completion of a full field investigation, provided in such a case priority shall be given to the full field investigation, in accordance with Section 302(a) of Public Law 88-290, DoD Directive 5210.8, dated 15 February 1962, and 5210.45, dated 9 May 1964. E1.1.1.9. Provide for and establish boards of appraisal to assist the Director in discharging his personnel security responsibilities to appoint the members of such boards and to make the determination that a person's employment, detail, assignment, or access to classified information is or is not in the national interest, in accordance with Section 302(b) of Public Law 88- 290 and the provisions of Department of Defense Directive 5210.45. E1.1.1.10. Authorize the suspension, but not to terminate the services of an employee in the interest of national security in positions within the NSA, in accordance with the provisions of 5 USC 3571, 5594, 7312, 7532, Executive Order 10450 dated April 27, 1953, as amended, and DoD Directive 5210.7 dated September 2, 1966. E1.1.1.11. Clear persons for access to classified Defense material and information under the custody or jurisdiction of the NSA in accordance with the provisions of DoD Directive 5210.8, dated February 12, 1962, and DoD Directive 5210.45, dated May 9, 1964. E1.1.1.12. Promulgate regulations governing the granting or denial of industrial clearances for access to sensitive cryptologic information and to regulate physical security in industry or NSA sponsored contracts for sensitive cryptologic materials, in accordance with Executive Order 10065, as amended. E1.1.1.13. Conduct counterintelligence and personnel security investigations relating to civilians and members of the armed forces who are employed in, or assigned to, the NSA. E1.1.1.14. Promulgate the necessary security regulations for the protection of property and places under the jurisdiction of the Director, NSA, pursuant to the provisions of DoD Directive 5200.8 dated August 20, 1954. E1.1.1.15. Classify, declassify and downgrade or upgrade the classification of defense information or material for which the NSA has responsibility pursuant to Executive Order 10501, dated November 5, 1953, as amended, and DoD Directive 5200.1 , dated July 8, 1957, and to designate in writing, as may be necessary, officers and employees within the NSA to perform these functions. E1.1.1.16. Act, with respect to NSA employees, as agent for the collection and payment of taxes imposed by Subtitle C of Title 26, United States Code, and as such agent, to make all determinations and certifications required or provided for under Section 3122 of Title 26, United States Code, and Section 205 (p) (1) and (2) of the Social Security Act, as amended (42 USC 405 (p) (l) and (2)). E1.1.1.17. Authorize and approve overtime work of NSA civilian officers and employees of NSA in accordance with the provisions of Section 550.11 of the Civil Service Regulations. E1.1.1.18. Authorize and approve: E1.1.1.18.1. Travel for NSA civilian officers and employees in accordance with Joint Travel Regulations, Volume 2, Department of Defense Civilian Personnel, dated July 1, 1965, as amended; E1.1.1.18.2. Temporary duty travel only for military personnel assigned or detailed to NSA in accordance with Joint Travel Regulations, Volume 1, for the Uniformed Services, dated July 1, 1965, as amended; E1.1.1.18.3. Invitational travel to persons serving without compensation whose consultive, advisory, or other highly specialized technical services are required in a capacity that is directly related to or in connection with NSA activities, pursuant to 5 USC 5703. E1.1.1.19. Approve the expenditure of funds available for travel by military personnel assigned or detailed to NSA for expenses incident to attendance at meetings of technical, scientific, or professional or similar organizations in such instances where the approval of the Secretary of Defense or his designee is required by law (37 USC 412). E1.1.1.20. Develop, establish, and maintain an active and continuing Records Management Program, pursuant to the provisions of Section 506 (b) and (c) of the Federal Records Act of 1950, as amended (44 USC 396 (b)), and when authorized, operate a records center pursuant to the provisions of 506 (c) of the Federal Records Act of 1950 (44 USC 396 (c)). E1.1.1.21. Enter into and administer contracts in accordance with applicable laws, DoD regulations and the Armed Services Procurement Regulations, directly or through a Military Department, a DoD contract administration services component, or other Government Department or agency, as appropriate, for supplies, equipment and services required to accomplish the mission of the NSA. To the extent that any law or executive order specifically limits the exercise of such authority to persons at the Secretarial level of a Military Department, such authority will be exercised by the Assistant Secretary of Defense (Installations and Logistics). E1.1.1.22. Establish and use Imprest Funds for making small purchases of material and services other than personal for NSA when it is determined more advantageous and consistent with the best interests of the Government, in accordance with the provisions of DoD instruction 7280.1, dated January 5, 1962, and the Joint Regulations of the General Services Administration -- Treasury Department -- General Accounting Office, entitled "For Small Purchases Utilizing Imprest Funds." E1.1.1.23. Establish and maintain appropriate property accounts for NSA and to appoint Boards of Survey, approve reports of survey, relieve personal liability and drop accountability for NSA property maintained in the authorized Departmental Property Account which has been lost, damaged, stolen, destroyed, or otherwise rendered unserviceable, pursuant to the provisions of applicable laws and regulations. E1.1.1.24. Act for the Secretary of Defense before the Joint Committee on Printing, the Public Printer, and the Director, Bureau of the Budget on all matters pertaining to printing, binding, and publication requirements of the NSA. E1.1.1.25. Publish advertisements, notices, or proposals, in newspapers, magazines, or other public periodicals as required for the effective administration and operation of the NSA (44 USC 324). E1.1.1.26. Enter into support and services agreements with the Military Departments, other DoD Components, and other Government agencies as required. E1.1.1.27. The Director, NSA, may redelegate these authorities, as appropriate, and in writing, except as otherwise specifically indicated above or as otherwise provided by law.
Department of Defense DIRECTIVE NUMBER 5100.35 March 10, 1998 ASD(C3I) SUBJECT: Military Communications-Electronics Board (MCEB) References: (a) DoD Directive 5100.35, "Military Communications-Electronics Board," May 6, 1985 (hereby canceled) (b) Public Law 104-106, “Subdivision E of the Clinger-Cohen Act of 1996,” February 10, 1996 (formerly the Information Technology Management Reform Act of 1996) (c) Secretary of Defense Memorandum, “Implementation of Subdivision E of the Clinger-Cohen Act of 1996 (Public Law 104-106),” June 2, 1997 (d) DoD Directive 4650.1, "Management and Use of the Radio Frequency Spectrum,” June 24, 1987 1. REISSUANCE AND PURPOSE This Directive reissues reference (a) to update the mission, organization, functions, responsibilities, and relationships prescribed herein. 2. APPLICABILITY This Directive applies to the Office of the Secretary of Defense, the Military Departments, the Chairman of the Joint Chiefs of Staff, the Combatant Commands, the Inspector General of the Department of Defense, the Defense Agencies, and the DoD Field Activities (hereafter referred to collectively as "the DoD Components"). 3. MISSION 3.1. The MCEB shall consider those military communications-electronics matters, including those associated with National Security Systems (NSS) as defined in reference (b), referred to it by the Secretary of Defense, the Chairman of the Joint Chiefs of Staff, the DoD Chief Information Officer, and other officials designated in section 5.2., below. 3.2. The MCEB mission shall be, as follows: 3.2.1. Obtain coordination among the DoD Components, between the Department of Defense and other Governmental Departments and Agencies, and between the Department of Defense and the representatives of foreign nations as to matters under MCEB jurisdiction. 3.2.2. Provide guidance and direction to the DoD Components. 3.2.3. Furnish advice and assistance, as requested. 4. ORGANIZATION 4.1. The MCEB shall be composed of the following: 4.1.1. The Director for Command, Control, Communications, and Computer Systems, Joint Staff, (J-6), who shall serve as the Chair. 4.1.2. The Vice Director for Command, Control, Communications, and Computer Systems, Joint Staff, (VJ6) representing the Combatant Commands. 4.1.3. The Director of Information Systems for Command, Control, Communications, and Computers (C4), U.S. Army. 4.1.4. The Director, Space, Information Warfare, Command and Control, U.S. Navy. 4.1.5. The Director, Communications and Information, U.S. Air Force. 4.1.6. The Assistant Chief of Staff, Command, Control, Communications, Computers, and Intelligence, U.S. Marine Corps. 4.1.7. The Assistant Commandant for Systems, U.S. Coast Guard. 4.1.8. The Director, Defense Information Systems Agency, or designee. 4.1.9. The Director, National Security Agency, or designee. 4.1.10. The Director, Defense Intelligence Agency, or designee. 4.2. The Chair, MCEB, may request representatives from the other DoD Components and Government Agencies to participate with the MCEB on any matter in which that Component or Agency has an interest. 4.3. The MCEB shall be supported by a permanent Secretariat provided by the Chairman of the Joint Chiefs of Staff. 5. FUNCTIONS AND RESPONSIBILITIES 5.1. The Chairman of the Joint Chiefs of Staff shall provide overall guidance and direction to the MCEB. 5.2. The Secretaries of the Military Departments, and the Heads of the DoD Components shall refer military communications-electronics and NSS matters to the MCEB for coordination, or other applicable action. 5.3. The Chair, Military Communications-Electronics Board, shall: 5.3.1. Preside at MCEB meetings or designate a member to act as the Chair in his or her absence. 5.3.2. Determine whether matters referred to the MCEB are appropriate for MCEB consideration. 5.3.3. Redirect matters referred to the MCEB if the Chair, MCEB, determines that such matters are best accomplished by referral to another DoD Component. 5.3.4. Determine whether issues referred to the MCEB can be resolved by MCEB action. 5.3.5. Inform the DoD CIO of all MCEB-related matters, which may have an impact on the responsibilities of the CIO as provided in the Secretary of Defense’s Memorandum (reference (c)). 5.3.6. Make decisions for the MCEB when consensus is not reached on matters referred to the MCEB. 5.3.7. Determine the subsequent disposition of matters referred to the MCEB that are not resolved by MCEB action. 5.3.8. Establish administrative and procedural arrangements for the MCEB, to include managing the MCEB Secretariat. 5.3.9. Provide a conflict resolution forum for frequency spectrum issues. 5.3.10. Recommend guiding policy and develop procedures in support of radio frequency management functions and requirements of the Military Departments, the Combatant Commands, and Defense Agencies, in accordance with DoD Directive 4650.1 (reference (d)). 5.3.11. Develop, review, and implement procedures for participation in the DoD Electromagnetic Compatibility Program. 5.3.12. Coordinate changes to, and promulgate allied communications publications and joint Army, Navy, and Air Force publications. Determine format, assign printing responsibilities, and distribute communications-electronics publications, except those communications security publications that are the responsibility of other DoD elements. 5.3.13. Develop, review, and coordinate joint and allied communications-electronics operating procedures. 5.3.14. In accordance with the procedures of the OSD and the Chairman of the Joint Chiefs of Staff for the approval of U.S. positions, coordinate and participate in the development of changes to joint and allied principles, technical standards, and procedures for obtaining interoperability, compatibility, and standardization of C4 equipment, including communications-electronics standardization agreements (STANAGs) of the North Atlantic Treaty Organization. Manage the DoD review process when ratification of any communications-electronics STANAGs is under consideration and serve as office of record for all ratified agreements. 5.3.15. Develop and process the DoD position for negotiation with representatives of other nations on communications-electronics matters for which the MCEB is responsible. 5.3.16. Communicate directly with all the DoD Components, with the other Departments and Agencies of the Government and with representatives of other nations on communications-electronics and NSS matters for which the MCEB is responsible. 5.3.17. Establish and direct, as required, subsidiary panels to support MCEB activities. 5.3.18. Coordinate membership for applicable allied technical panels and working groups. 5.3.19. Serve as the United States principal member to the Combined Communications-Electronics Board. 5.4. The Members of the MCEB shall: 5.4.1. Participate in the activities of the MCEB and vote on matters placed before the MCEB for decision. 5.4.2. Designate an alternate whom, when participating in MCEB activities for his or her principal, shall have plenary power to act for same. 5.4.3. Request, individually or as a group, reconsideration by the Secretary of Defense or the Chairman of the Joint Chiefs of Staff, as applicable, of a decision made by the Chair, MCEB, under paragraph 5.3.6. above. Such a request shall be submitted through the Chair, MCEB, for comment. When reconsideration by the Secretary of Defense is requested, the request also shall be accompanied by the comments of the Chairman of the Joint Chiefs of Staff. 6. ADMINISTRATION 6.1. The permanent MCEB Secretariat shall consist of military and civilian personnel, with necessary funding support, provided by the Director for Command, Control, Communications and Computers (J-6), the Joint Staff. 6.2. The Heads of DoD Components shall provide qualified personnel (within their capability and normally on an additional duty basis) when requested by the Chair, MCEB, to serve on subsidiary MCEB panels. 7. RELATIONSHIPS 7.1. The Chair, MCEB, shall make reports and furnish recommendations on the activities of the MCEB to the Secretary of Defense through the Chairman of the Joint Chiefs of Staff. 7.2. The Chair, MCEB, shall provide information on MCEB actions to, and coordinate activities with, the DoD CIO. 8. EFFECTIVE DATE This Directive is effective immediately.
Department of Defense DIRECTIVE NUMBER 5100.47 April 30, 1965 ASD(SIS) SUBJECT: National Cryptologic School References: (a) DoD Directive S-3115.2, March 19, 1959 (b) DoD Directive S-3115.4, March 19, 1959 1. PURPOSE This Directive provides for the establishment of the National Cryptologic School as a professional educational institution of the National Security Agency (NSA). 2. MISSION The National Cryptologic School will conduct courses of instruction related to cryptologic functions designed to: 2.1. Enhance the preparation of selected military officers and civilian personnel for important command, staff, and policy-making positions in the national and international security structure. 2.2. Prepare military and civilian personnel for duty in cryptologic and related activities. 2.3. Assist the broad career development of military and civilian personnel assigned to cryptologic functions. 3. APPLICABILITY The provisions of this Directive apply to all Components of DoD. 4. FUNCTIONS AND RESPONSIBILITIES Under the direction of the Secretary of Defense, the Director, NSA shall: 4.1. Operate and control the National Cryptologic School. 4.2. Determine the level and scope of courses of instruction to be offered by the School for both resident and non-resident use, as required for accomplishment of cryptologic missions, and establish the necessary training programs and courses. 4.3. Establish for the School: 4.3.1. The total enrollment and allocation of student quotas for resident courses. 4.3.2. Criteria for selection of students for resident courses. 4.3.3. Prerequisites and regulations for participation in correspondence courses. 4.4. Reallocate equitably unfilled quotas for resident courses. 4.5. Select the Chief, National Cryptologic School. 5. ADMINISTRATION 5.1. The staff and faculty will be provided from civilian and military personnel on duty with NSA and by detail from the Military Departments to the School for specific training requirements. 5.2. Clerical support for specialized and advanced courses conducted by the School for the departments will be provided by NSA. 5.3. Except as provided below, NSA will be responsible for programming, budgeting, and financing of expenses incident to the National Cryptologic School: 5.3.1. The pay, allowances (including subsistence) of military personnel, and the permanent change of station travel costs of military and civilian personnel assigned to the staff or faculty of the School will be borne by the DoD Components from which assigned. 5.3.2. Pay, allowances and travel costs (not integral to courses of instruction) of military and civilian personnel assigned as students at the School will be borne by their respective sponsoring DoD Components. 5.3.3. Equipments peculiar to cryptologic missions and required to support specialized and advanced training for the Military Departments will be programmed, budgeted and provided to the School by the DoD components in accordance with established DoD procedures and the related Combined Cryptologic Program. 5.4. The Director, NSA, shall report annually to the Secretary of Defense on the operations of the School, including recommendations as appropriate. 6. AUTHORITY The appropriate provisions of DoD Directives S-3115.2 and S-3115.4 (references (a) and (b)) apply to the Director, NSA, and his designees, in the discharge of the functions and responsibilities assigned by this Directive. 7. EFFECTIVE DATE AND IMPLEMENTATION This Directive is effective upon publication. Its provisions will be implemented as determined by the Director, NSA.
Department of Defense DIRECTIVE NUMBER 5100.85 June 27, 1995 ASD(C3I) SUBJECT: Intelligence Systems Board (ISB) References: (a) Joint Pub 1-02, "Department of Defense Dictionary of Military and Associated Terms," March 23, 1994 (b) Title 10, United States Code (c) Title 50, United States Code (d) Executive Order 12333, "United States Intelligence Activities," December 4, 1981 (e) DoD Directive 5137.1, "Assistant Secretary of Defense for Command, Control, Communications, and Intelligence (ASD(C3I))," February 12, 1992 (f) DoD Directive 5100.35, "Military Communications-Electronics Board," May 6, 1985 (g) DoD Directive 5205.9, "Joint Military Intelligence Program (JMIP)," April 7, 1995 1. PURPOSE This Directive establishes a joint ISB (hereafter referred to as "the Board") composed of representatives of the Secretary of Defense and the Director of Central Intelligence. The Board is to ensure the interoperability of automatic1 intelligence information systems is met effectively and efficiently, in a manner conducive to national security, and consistent with the authorities and duties of the Secretary of Defense and the Director of Central Intelligence under references (b), (c), and (d). ____________________ 1 Reference (a) uses "automatic" rather than "automated" in systems such as this. 2. APPLICABILITY This Directive applies to the Office of the Secretary of Defense (OSD), the Military Departments, the Chairman of the Joint Chiefs of Staff, the Unified Combatant Commands, the Inspector General of the Department of Defense, the Defense Agencies, and the DoD Field Activities (hereafter referred to collectively as "the DoD Components"). 3. DEFINITIONS 3.1. Automatic Intelligence Information Systems. Electronic data processing and communications systems and facilities, and related operating standards and procedures used in or intended for use in the collection, processing, analysis, and dissemination of intelligence; includes automatic systems that support the exchange and dissemination of intelligence data through transformation, indexing, storage, retrieval, presentation, telecommunications, and teleprocessing. 3.2. Joint Military Intelligence Program (JMIP). A program for planning and budgeting Defense-wide initiatives and activities that provide intelligence information and support to multiple DoD customers. Included are the Defense Cryptologic Program; the Defense Imagery Program; the Defense Mapping, Charting, and Geodesy Program; and the Defense General Intelligence and Applications Program. 3.3. National Foreign Intelligence Program (NFIP). A planning and resources management program for which responsibility has been assigned by the President to the Director of Central Intelligence and having components as defined in 50 U.S.C. 401.a. (reference (c)). Included are the program on the Central Intelligence Agency, the Consolidated Cryptologic Program, the General Defense Intelligence Program, and certain other programs within the Department of Defense. Also included are the foreign intelligence and counterintelligence programs of the Departments of State, Treasury, and Energy, and the Federal Bureau of Investigation. 3.4. Tactical Intelligence and Related Activities (TIARA). Those DoD intelligence activities planned and programmed by the sponsoring organization as required for support of the planning and conduct of tactical military operations by United States Armed Forces. 4. ORGANIZATION AND MANAGEMENT 4.1. The ISB 4.1.1. The Deputy Assistant Secretary of Defense (Intelligence and Security) (DASD(I&S)), representing the Assistant Secretary of Defense for Command, Control, Communications, and Intelligence (ASD(C3I)) and the Executive Director for Intelligence Community Affairs representing the Director of Central Intelligence, shall Co-Chair the Board, which shall meet on the call of either Co-Chair. 4.1.2. Members of the Board shall be senior representatives of the: 4.1.2.1. Under Secretary of Defense (Comptroller). 4.1.2.2. NFIP Program Managers. 4.1.2.3. JMIP Program Managers. 4.1.2.4. Military Service TIARA Managers. 4.1.2.5. Chairman of the Joint Chiefs of Staff. 4.1.2.6. Director, Defense Information Systems Agency. 4.1.2.7. Director, Program Analysis and Evaluation. 4.1.2.8. Community Open Source Program Office. 4.1.2.9. Chairperson, Military Communications-Electronics Board. 4.1.2.10. Deputy Chief of Staff for Intelligence; Headquarters (HQ), Department of the Army. 4.1.2.11. Director of Naval Intelligence, Department of the Navy. 4.1.2.12. Assistant Chief of Staff, Intelligence, HQ, Department of the Air Force. 4.1.2.13. Director of Intelligence, HQ, U.S. Marine Corps. 4.1.3. The Co-Chairs may invite other organizations having an interest in automatic intelligence information systems to be represented at the Board sessions on an ex-officio basis, or to participate in the Board meetings when matters germane to their interests are addressed. 4.2. The Intelligence Systems Secretariat (ISS) 4.2.1. ISS (hereafter referred to as "the Secretariat") shall operate under the guidance of the Co-Chairs of the Board. 4.2.2. The Secretariat Director shall be appointed by the Secretary of Defense in consultation with the Director of Central Intelligence. The Deputy Director shall be appointed by the Director of Central Intelligence in consultation with the Secretary of Defense. 4.2.3. As the staff element of the Board, the Secretariat shall be staffed jointly by the Department of Defense and non-DoD intelligence elements. 4.2.4. The Secretariat Director may establish subcommittees, working groups, and advisory bodies, as necessary, to support activities of the Board. 4.2.5. With approval of the Board Co-Chairs, the Secretariat Director may invite U. S. Government organizations not represented on the Board to participate in specific programs or activities sponsored by the Board. 5. RESPONSIBILITIES AND FUNCTIONS 5.1. The Assistant Secretary of Defense for Command, Control, Communications, and Intelligence, under DoD Directive 5137.1 (reference (e)), as the principal staff assistant and advisor to the Secretary and Deputy Secretary of Defense for information management matters, shall represent the Secretary of Defense on Board-related matters. In the exercise of these responsibilities, the Assistant Secretary of Defense for Command, Control, Communications, and Intelligence shall: 5.1.1. Issue relevant DoD policy guidance, as necessary. 5.1.2. Nominate to the Secretary of Defense, in consultation with the Director of Central Intelligence, the Secretariat Director, and consult with the Director of Central Intelligence on appointment of the Secretariat Deputy Director. 5.1.3. Ensure appropriate participation by the DoD Components in activities of the Board and the Secretariat, including DoD representation in the Secretariat. 5.1.4. Ensure that the Secretariat shall operate under the guidance and direction of the Board Co-Chairs, and serves as the supporting staff element of the Board. 5.2. The Intelligence Systems Secretariat shall, in cooperation with the intelligence functional managers, provide administrative support to the Board, and shall conduct the day-to-day staff activities necessary to support accomplishment of the Board's responsibilities. 5.3. The Intelligence Systems Board shall: 5.3.1. Advise and make recommendations, under the guidance of its Co-Chairs, to the Secretary of Defense and the Director of Central Intelligence on policy and requirements on the design, development, acquisition, and operation of automatic intelligence information systems and architectures used by the DoD Components and by non-DoD organizations within the NFIP concerning: 5.3.1.1. Enhancing interoperability of existing and planned automatic intelligence systems designed or intended for intelligence support to the U.S. Armed Forces. 5.3.1.2. Integrating and enhancing interoperability among automatic intelligence information systems functioning within or among elements of the NFIP, JMIP, and TIARA aggregate. 5.3.1.3. Improving interoperability between intelligence and military command and control systems. 5.3.1.4. Defining interorganizational intelligence information architectures. 5.3.1.5. Establishing an automatic intelligence information systems management security policy. 5.3.1.6. Defining and coordinating common information handling standards and procedures. 5.3.1.7. Developing program and budget guidance affecting the development and operation of automatic intelligence information systems. 5.3.1.8. Evaluating and adopting new and improved automatic intelligence information management technologies. 5.3.1.9. Designating a DoD or NFIP Component to serve as the Executive Agent for processes or activities of common concern. 5.3.1.10. Identifying priority automatic intelligence information systems that require funding support for acquisition and/or operations. 5.3.1.11. Designating of an Executive Agent(s) to implement and operate automatic intelligence systems as a service of common concern. 5.3.2. Emphasize the means to enhance the interoperability of existing and planned automatic intelligence information system support to operational military components. 5.3.3. In the interest of furthering interoperability of present and planned automatic intelligence information systems, serve as the channel for communications and other interface between the DoD Components represented on the ISB and the Military Communications-Electronics Board (MCEB) under DoD Directive 5100.35 (reference (f)). In this interface role, review and provide recommendations, as appropriate, on all communications between the ISB member Components and the MCEB that relate to automatic intelligence information systems and architectures. 5.4. The Chairperson of the Military Communications-Electronics Board shall provide a senior member to serve as a member of the ISB, and ensure that communications between the MCEB and the DoD Components represented on the ISB are sent to the ISB Secretariat for review by the ISB if they relate to automatic intelligence information systems and architectures. 5.5. The Heads of the DoD Components shall: 5.5.1. Provide senior-level representation to serve on the Board. 5.5.2. Provide qualified representatives, as coordinated with the Assistant Secretary of Defense for Command, Control, Communications, and Intelligence to the Secretariat on a detail, non-reimbursable, rotational basis. 5.5.3. Participate, where appropriate, in working groups and panels established by the Secretariat Director to address tasks assigned by the Board Co-Chairs. 5.5.4. Provide information and data to the Secretariat as required to enable the Board to fulfill its responsibilities. 5.5.5. Upon designation by the Secretary of Defense and Director of Central Intelligence, and with arrangements for necessary funding, serve as the Executive Agent for implementation and/or operation of automatic intelligence information systems as a service of common concern. 6. EFFECTIVE DATE This Directive is effective immediately.
DODI 5105.58 Management of Measurement and Signature Intelligence (MASINT), February 9, 1993, ASD(C3I) **** Text of the Regulation **** References: (a) DoD Directive 5137.1, "Assistant Secretary of Defense for Command, Control, Communications, and Intelligence," February 12, 1992 (b) DoD Directive 5105.21, "Defense Intelligence Agency," May 19, 1977 (c) DoD Directive 5240.1, "DoD Intelligence Activities," April 25, 1988 (d) Title 10, United States Code (e) National Security Act of 1947 (f) Executive Order 12333, "United States Intelligence Activities," December 4, 1981 A. PURPOSE This Instruction assign responsibilities for the central management of MASINT within the Department of Defense, pursuant to references (a), (b), and (c), to ensure that U.S. Government intelligence and Defense operational, acquisition, and other needs for MASINT are met effectively and efficiently in a manner conducive to national security and consistent with the authorities and duties of the Secretary of Defense and the Director of Central Intelligence under references (d), (e), and (f). B. APPLICABILITY This Instruction applies to the Office of the Secretary of Defense, the Military Departments, the Chairman of the Joint Chiefs of Staff and the Joint Staff, the Unified and Specified Combatant Commands, the Defense Agencies, and the DoD Field Activities (hereafter referred to collectively as "the DoD Components"). C. DEFINITION MASINT. Technically derived intelligence (excluding Signals intelligence and traditional imagery intelligence) that, when collected, processed, and analyzed, results in intelligence that locates, tracks, identifies, or describes the signatures sources. It includes the advanced (distinctive characteristics) of fixed or dynamic target data processing and exploitation of data from overhead and airborne imagery collection systems. MASINT data can be acquired from a variety of satellite, airborne, or shipborne platforms; remotely piloted vehicles; or from mobile or fixed ground-based collection sites. Its sensors include, but are not limited to, radar, laser, optical, infrared, acoustic, nuclear, radiation, detection, spectroradiometric, and seismic systems, as well as gas, liquid, and solid materials sampling systems. D. RESPONSIBILITIES 1. The Assistant Secretary of Defense for Command, Control, Communications, and Intelligence, as the designated principal staff assistant to the Secretary and Deputy Secretary of Defense for intelligence matters under DoD Directive 5137.1 (reference (a)), shall be responsible for MASINT policy development, program oversight and evaluation, and resource management. 2. The Director, Defense Intelligence Agency, shall: a. Provide central management for MASINT in accordance with DoD Directive 5105.21 (reference (b)), DoD Directive 5240.21 (reference (c)), and this Instruction. b. Establish a Central MASINT Office (CMO) within the Defense Intelligence Agency (DIA), which shall be responsible for providing support to the Department of Defense, the Central Intelligence Agency (CIA), and other Federal Government Departments and Agencies on MASINT matters relating to national security. The Director, DIA, shall exercise authority, direction, and control over the CMO. The CMO shall consist of a Director, appointed by the Director, DIA, a central MASINT tasking authority, and such other subordinate organizational elements as the Director, CMO, establishes within the resources made available. The Director, CMO may also have direct access to the Director of Central Intelligence as required to fulfill Intelligence Community requirements. c. Provide administrative support to the Director, CMO, including personnel, budget execution, and contracting services. The Director, CMO, may also receive administrative support, to the extent permitted by the law and approved by the Secretary of Defense and the Director of Central Intelligence, from the Central Intelligence Agency or other Departments or Agencies of the Federal Government. Resources for the CMO shall be provided through the National Foreign Intelligence Program (NFIP) and the budget aggregation known as "Tactical Intelligence and Related Activities," in accordance with applicable planning, programming, and budgeting system procedures. d. Ensure that the Director, Central MASINT Office, shall: (1) Organize, direct, and manage the CMO and all assigned resources. (2) Manage the establishment of national MASINT collection requirements consistent with the guidance received from the Director of Central Intelligence under E.O. 12333 (reference (f). (3) Provide responsible MASINT support to the Department of Defense, the CIA, and, as appropriate, other Federal Government Departments and Agencies, including the coordination of MASINT collection tasking, collection processing, exploitation, and dissemination. (4) Task MASINT collection elements of the Department of Defense to meet national intelligence requirements, including requirements established by the Director of Central Intelligence, in accordance with the "National Security Act of 1947" and E.O. 12333 (references (e) and (f)), except that the Director, CMO, shall advise MASINT collection elements on collection of MASINT to meet such national intelligence requirements when the collection element both (a) is assigned to, or under the operational control, of the Secretary of a Military Department or a commander of a unified or specified combatant command and (b) is not allocated by the Secretary of Defense to meet national intelligence requirements. (5) Advise MASINT collection elements of the Department of Defense on the collection of MASINT to meet non-national intelligence requirements. (6) Establish the architectures for MASINT tasking, collection, processing, and dissemination in the Department of Defense, in coordination with the DoD Components and consistent to the maximum practicable extent with the overall functional architectures of the Department of Defense. Also, to the extent authorized by the heads of other Departments or Agencies with MASINT tasking, collection, processing, exploitation, and dissemination functions, establish the architectures for MASINT tasking, collection, processing, exploitation, and dissemination in those other Departments and Agencies. (7) Establish, in coordination with the Director of the Defense Information Systems Agency and the DoD Components, as appropriate, standards for MASINT systems for which the Department of Defense has responsibility and ensure compatibility and interoperability for such systems, and, to the extent authorized by the heads of the other Departments or Agencies with MASINT systems, establish standards and ensure compatibility and interoperability for the systems of those other Departments or Agencies. (8) Serve as the functional manager for the MASINT programs in the NFIP consistent with applicable guidance received from the Director of Central Intelligence in accordance with the "National Security Act of 1947" and E.O. 12333 (references (e) and (f)). (9) Serve as the functional manager, an advisor to the ASD(C3I) and the DoD Components, for the MASINT programs in the budget aggregation known as the "Tactical Intelligence and Related Activities". (10) Evaluate the performance of MASINT components of the Department of Defense in meeting national and non-national intelligence requirements and, to the extent authorized by the heads of the other Departments or Agencies with MASINT tasking, collection, processing, exploitation, and dissemination functions, evaluate the performance of the MASINT components of those other Departments or Agencies in meeting national and non- national intelligence requirements. (11) Develop and make recommendations on national and non-national MASINT policy, including relationships to international matters, for the approval of appropriate Federal Government officials. (12) In coordination with the appropriate DoD Components, support and conduct research, development, test, and evaluation activities related to MASINT tasking, collection, processing, exploitation, and dissemination, consistent with applicable law and DoD Directives. (13) Protect intelligence sources and methods from unauthorized disclosure, in accordance with guidance received from the Director of Central Intelligence under the "National Security Act of 1947" and E.O. 12333 (references (e) and (f)). (14) In coordination with the appropriate DoD Components, establish standards for training personnel performing MASINT tasking, collection, processing, exploitation, and dissemination functions. (15) Advise the Secretary of Defense and the Director of Central Intelligence on future needs for the MASINT systems. (16) Coordinate the use of MASINT systems that support military forces in exercises. (l7) Make use of established facilities and services in the Department of Defense or other governmental Agencies, to the extent permitted by law, whenever practicable, to achieve maximum efficiency and economy. Special emphasis will be made on maximizing the use of existing personnel, facilities and services of the Defense Intelligence Agency. Further, resources of the Central Intelligence Agency and other Departments or Agencies will be used to the extent authorized by the Director of Central Intelligence and the heads of other Departments and Agencies of the Federal Government. (l8) Perform such other functions related to MASINT as the Assistant Secretary of Defense for Command, Control, Communications, and Intelligence may direct. 3. The Heads of the DoD Components shall support the Director, CMO, in carrying out assigned functions by the following: a. Ensure compliance with national intelligence tasking issued under paragraph D.3.d above. b. Ensure compliance with the architectures and standards established by the Director, CMO, under paragraphs D.3.f and D.3.g above. c. Assist the Director, CMO, in the Director's assigned responsibility as functional manager for national and tactical MASINT programs under paragraphs D.3.h., D.3.i. and D.3.n. above. d. Submit MASINT collection requirements to the Director, CMO, through appropriate validation authorities. E. EFFECTIVE DATE This Instruction is effective immediately. CHARLES A. HAWKINS, JR. Acting Assistant Secretary of Defense for Command, Control, Communications, and Intelligence
Department of Defense DIRECTIVE NUMBER 5148.11 July 1, 1994 DA&M SUBJECT: Assistant to the Secretary of Defense for Intelligence Oversight (ATSD(IO)) References: (a) Title 10, United States Code (b) DoD Directive 5148.11, "Assistant to the Secretary of Defense (Intelligence Oversight)," December 1, 1982 (hereby canceled) (c) Executive Order 12333, "United States Intelligence Activities," December 4, 1981 (d) DoD Directive 5240.1, "DoD Intelligence Activities," April 25, 1988 (e) through (k), see enclosure E1. 1. REISSUANCE AND PURPOSE Under the authority vested in the Secretary of Defense by Section 113 of reference (a), this Directive reissues reference (b) to update the responsibilities, functions, relationships, and authorities of the ATSD(IO), as prescribed herein. 2. APPLICABILITY This Directive applies to the Office of the Secretary of Defense (OSD), the Military Departments, the Chairman of the Joint Chiefs of Staff, the Unified Combatant Commands, the Office of the Inspector General of the Department of Defense, the Defense Agencies, and the DoD Field Activities (hereafter referred to collectively as "the DoD Components"). 3. DEFINITION 3.1. Propriety. Refers to the standards for intelligence activities promulgated in Executive orders, Presidential Directives, and DoD Directives. Other terms used herein are defined in references (c), (d), and (e). 4. RESPONSIBILITIES AND FUNCTIONS The Assistant to the Secretary of Defense for Intelligence Oversight shall be responsible for the independent oversight of all intelligence activities in the Department of Defense. In this capacity, the ATSD(IO) shall ensure that all activities performed by intelligence units and all intelligence activities performed by non-intelligence units, are conducted in compliance with Federal law and other laws as appropriate, Executive orders and Presidential Directives, and DoD Directives System issuances. In the exercise of this responsibility, the ATSD(IO) shall: 4.1. Develop intelligence oversight policy and, in coordination with the General Counsel of the Department of Defense (GC, DoD), issue intelligence oversight guidance to the DoD intelligence components, including regulatory guidance implementing intelligence oversight aspects of E.O. 12333 (reference (c)). 4.2. Review, in consultation with the GC, DoD, all allegations that raise questions of the legality or propriety of intelligence activities in the Department of Defense. 4.3. Investigate intelligence activities that raise questions of legality or propriety. 4.4. Conduct vigorous and independent inspections of the DoD Components that engage in intelligence activities for the purpose of verifying that personnel are familiar and in compliance with E.O. 12333 (reference (c)) and its DoD implementing documents. At the request of senior leadership of the Department, and as practicable, the ATSD(IO) will assess and evaluate the performance of DoD's intelligence activities during the course of scheduled inspections and site visits. Reports in these areas of special interest will be provided to the requesting official and the Secretary of Defense for information. 4.5. Monitor investigations and inspections conducted by the DoD Components related to intelligence activities, evaluate the findings and, if appropriate, submit recommendations for corrective action to the Secretary and Deputy Secretary of Defense. 4.6. Report the following to the Secretary and Deputy Secretary of Defense, and the Intelligence Oversight Board of the President's Foreign Intelligence Advisory Board, established under E.O. 12863 (reference (f)), at least quarterly, in consultation with the GC, DoD: 4.6.1. Any significant oversight activities undertaken; and 4.6.2. Any DoD intelligence activities of questionable legality or propriety, the investigative action on them, an evaluation of completed investigations, and the action taken on completed investigations. 4.7. Participate as a member of the Defense Counterintelligence Board (DoD Directive 5240.2, reference (g)). 4.8. Pursuant to DoD Directive 5240.12 (reference (h)), review and conduct an annual financial audit of all funds generated by DoD Intelligence Commercial Activities, and report the results to the Assistant Secretary of Defense for Command, Control, Communications, and Intelligence. 4.9. Review DoD clandestine intelligence activities to ensure compliance with special constraints and controls. 4.10. Evaluate the effectiveness of the DoD intelligence components' efforts to protect HUMINT sources, in accordance with DoD Directive S-5205.1 (reference (i)). 4.11. Participate in the Sensitive Reconnaissance Operations approval process. 4.12. Conduct liaison with Federal intelligence and law enforcement agencies (e.g., Central Intelligence Agency, Federal Bureau of Investigation, and Drug Enforcement Administration) at the national level and field locations, as required, to ensure DoD intelligence activities and DoD intelligence support to law enforcement agencies are being conducted properly. 4.13. Review the DoD sensitive support provided to the DoD Components and other Federal Agencies, pursuant to DoD Directive S-5210.36 (reference (j)), to ensure compliance with DoD policy. 4.14. Coordinate, as appropriate, with the DoD Inspector General (DoD IG) on matters relating to the DoD IG's area of responsibility in accordance with DoD Directive 5106.1 (reference (k)). 4.15. Perform such other functions as the Secretary of Defense may prescribe. 5. RELATIONSHIPS 5.1. In the performance of assigned responsibilities and functions, the ATSD(IO) shall serve under the authority, direction, and control of the Secretary of Defense, and shall: 5.1.1. Report directly to the Secretary and Deputy Secretary of Defense. 5.1.2. Coordinate and exchange information with other OSD officials, heads of the DoD Components, and other Federal officials having collateral or related functions. 5.1.3. Use existing facilities and services of the Department of Defense and other Federal Agencies, when practicable, to avoid duplication and to achieve maximum efficiency and economy. 5.2. Other OSD officials and heads of the DoD Components shall coordinate with the ATSD(IO) on all matters related to the responsibilities and functions cited in section 4., above. 6. AUTHORITIES The ATSD(IO) is hereby delegated authority to: 6.1. Obtain reports, information, advice, and assistance, consistent with DoD Directive 8910.1 (reference (l)), as necessary, in carrying out assigned functions. 6.2. Communicate directly with the heads of the DoD Components and, with notification to the Chairman of the Joint Chiefs of Staff, to the Commanders of the Unified Combatant Commands, as necessary, in carrying out assigned functions. 6.3. Request such temporary assistance from the DoD Components as may be required for the conduct of inspections or investigations, to include personnel, facilities, and other services. Requests for needed support shall be made in accordance with established procedures. 6.4. Communicate directly with the Intelligence Oversight Board of the President's Foreign Intelligence Advisory Board, the Director of Central Intelligence, other Federal officials, representatives of the legislative branch, members of the public, and representatives of foreign governments, as appropriate, in carrying out assigned functions. 6.5. Have complete and unrestricted access to all available intelligence-related information, regardless of classification or compartmentation, from all DoD Components and personnel, as required, in carrying out assigned functions. This includes specifically the authority to: 6.5.1. Require an Inspector General or other cognizant investigative official of a DoD Component to report allegations of improprieties or illegalities of intelligence activities by, or within, a DoD Component; and 6.5.2. Obtain information on the status, proceedings, and findings or to obtain copies of reports of investigations or inspections of such allegations. 6.6. Deal directly with the head of the element inspected or investigated, conduct interviews, take depositions, and examine records incident to an inspection or investigation of any DoD Component, as required, in carrying out assigned functions. 7. EFFECTIVE DATE This Directive is effective immediately. Enclosures - 1 1. References, continued E1. ENCLOSURE 1 REFERENCES, continued (e) DoD 5240.1-R, "Procedures Governing the Activities of DoD Intelligence Components that Affect United States Persons," December 1982, authorized by DoD Directive 5240.1, April 25, 1988 (f) Executive Order 12863, "President's Intelligence Advisory Board," September 13, 1993 (g) DoD Directive 5240.2, "Department of Defense Counterintelligence," June 6, 1983 (h) DoD Directive 5240.12, "Department of Defense Intelligence Commercial Activities," December 2, 1992 (i) DoD Directive S-5205.1, "Acquisition and Reporting of Information Relating to National Security (U)," January 31, 1983 (j) DoD Directive S-5210.36, "Provision of DoD Sensitive Support to DoD Components and Other Departments and Agencies of the U. S. Government (U)," June 10, 1986 (k) DoD Directive 5106.1, "Inspector General of the Department of Defense," March 14, 1983 (l) DoD Directive 8910.1, "Management and Control of Information Requirements," June 11, 1993
Department of Defense DIRECTIVE NUMBER 5160.54 January 20, 1998 USD(P) SUBJECT: Critical Asset Assurance Program (CAAP) References: (a) DoD Directive 5160.54, "DoD Key Asset Protection Program (KAPP)," June 26, 1989 (hereby canceled) (b) DoD Directive 3020.36, "Assignment of National Security Emergency Preparedness (NSEP) Responsibilities to Department of Defense Components," November 2, 1988 (c) DoD Directive S-3600.1, "Information Operations (IO) (U)," December 9, 1996 (d) DoD 5160.54-R, "Industrial Facilities Protection Regulation," March 1977, authorized by this Directive (e) through (n), see enclosure 1 1. REISSUANCE AND PURPOSE This Directive: 1.1. Reissues reference (a) to update DoD policies and responsibilities for the protection and assurance of DoD and non-DoD Critical Assets worldwide, to support the requirements of reference (b), and to implement the policies established by reference (c) as they pertain to Critical Assets that are, include, or depend upon Information Systems. (See definition E2.1.9.) 1.2. Expands the requirement to identify Critical Assets and assure their integrity, availability, survivability, and capability to support vital DoD missions across the full range of military operations. 1.3. Provides for an integrated infrastructure vulnerability assessment and assurance program based on an analysis of the identified Critical Assets using risk management principles. The risk management-based analysis provides the information necessary to effectively allocate available resources necessary for assurance. 1.4. Continues the authorization to publish reference (d), and authorizes the publication of DoD 5160.54-M, consistent with DoD 5025.1-M (reference (e)). 2. APPLICABILITY This Directive applies to the Office of the Secretary of Defense, the Military Departments, the Chairman of the Joint Chiefs of Staff, the Combatant Commands, the Inspector General of the Department of Defense, the Defense Agencies, and the DoD Field Activities (hereafter referred to collectively as "the DoD Components"). 3. DEFINITIONS The terms used in this Directive are defined in enclosure 2. 4. POLICY It is DoD policy to: 4.1. Identify and ensure the availability, integrity, survivability and adequacy of those assets, (domestic and foreign) whose capabilities are deemed critical to DoD Force Readiness and operations in peace, crisis, and war by providing for their protection from all hazards; mitigating the effect of their loss or disruption; and/or planning for timely restoral or recovery. The level of assurance appropriate for each asset is a risk management decision of the owning or controlling DoD Component, made in coordination with those dependent on the asset, and based on its criticality, the threat, and resources available. 4.2. Recognize that critical DoD equipment, facilities, and services are dependent upon non-DoD assets -- the international and national infrastructures, other facilities and services of the private sector, and those of other Government Departments and Agencies; and that non-DoD assets essential to the functioning of DoD Critical Assets are also Critical Assets of concern to the Department of Defense. Critical Assets include information systems and computer-based systems and networks that can be distributive in nature. 4.3. Recognize that in peacetime responsibility for protecting non-DoD Critical Assets and designing their security rests primarily with the civil sector owners and with local, State, and Federal law enforcement authorities and that responsibility for protecting non-U.S. Critical Assets rests with the appropriate national authority. However, the Department of Defense must participate with the civil sector, emergency preparedness and law enforcement authorities in planning for Critical Asset assurance during an emergency, and must be prepared, in concert with the appropriate authorities and within defense priorities, to assist in their protection during emergencies, including natural disaster, physical or technical attack, and technological or other emergency that seriously degrades or threatens DoD operations. (See DoD Directives 3025.1, 3025.12, and 3025.15, references (f) through (h).) 4.4. Provide an integrated asset and infrastructure vulnerability assessment and assurance program for the protection and assurance of DoD and non-DoD Critical Assets worldwide through the CAAP. The CAAP must provide a comprehensive and integrated decision support environment to represent the relationship between Critical Assets and force readiness and operations in peace, crisis or war that can be used to assess the dependencies, vulnerabilities and effects of the disruption or loss of Critical Assets or supporting infrastructures on their plans and operations. The CAAP must also provide the capability for Critical Asset assurance analysis, planning, prioritization, resource programming and response necessary to mitigate the disruption or loss of Critical Assets. It must also ensure that the collection, retention, and dissemination of CAAP information are in compliance with applicable U.S. law, statutes, directives, and policies as delineated by the established intelligence oversight program. See DoD Directive 5240.1 and DoD 5240.l-R (references (i) and (j)). 5. RESPONSIBILITIES 5.1. The Under Secretary of Defense for Policy shall: 5.1.1. Provide policy direction and guidance for the development and implementation of CAAP as an element of national security emergency preparedness. 5.1.2. Represent the Secretary of Defense with other Federal Departments and Agencies and with industry in the development, review, and approval of standards for the assurance of all Critical Assets and coordinate such agreements as may be appropriate for this program. 5.1.3. Develop and lead a process for annual program review of the CAAP with the Components and the DoD Executive Agent that includes an analysis of the program effectiveness in meeting goals and objectives, an assessment of the performance of organizations in accomplishing their roles and responsibilities, a review of threats and technologies, and the status of planning and analysis for the assurance of Critical Assets to ensure compliance with this Directive. 5.1.4. Exercise classification authority for CAAP, and publish classification guidance. 5.1.5. Establish, support and provide the Co-Chair (with the Office of the Assistant Secretary of Defense for Command, Control, Communications and Intelligence) for the Critical Infrastructure Protection Working Group (CIPWG). 5.1.6. Maintain and revise this Directive. 5.2. The Under Secretary of Defense for Acquisition and Technology shall: 5.2.1. Comprehensively integrate the policies established by this Directive in acquisition policy guidance, to include the Federal Acquisition Regulations System (reference (k)); develop assurance standards; and ensure that internal and external infrastructure protection, mitigation, detection, reaction and recovery measures are designed into the acquisition process, systems being developed and acquired, and the supporting industrial base. 5.2.2. Foster research on infrastructure systems assurance and analysis and promote development of infrastructure interdependency analysis. Identify technologies that represent threats to Critical Assets or related infrastructures (e.g., information or command and control systems), countermeasures technologies for existing or emerging threats, and technologies that may have inherent susceptibilities or vulnerabilities. 5.2.3. Provide policy to assess and mitigate infrastructure dependencies and vulnerabilities of specific DoD installations, facilities and supporting private sector facilities and systems. 5.2.4. In accordance with instructions from the DoD Executive Agent, provide DoD installations and facilities database support to facilitate maintenance of Critical Assets data by the DoD Components for inclusion in the CAAP. 5.3. The Assistant Secretary of Defense for Command, Control, Communications, and Intelligence shall: 5.3.1. Integrate the policies established by this Directive into policy guidance and standards promulgated for functional areas assigned by DoD Directive 5137.1 (reference (l)). Ensure, in consultation with Under Secretary of Defense for Acquisition and Technology, infrastructure dependencies and protection, mitigation, detection, reaction and recovery measures are considered during command, control, communications, intelligence, information and security systems development and acquisition. Ensure that intelligence, counterintelligence, and security countermeasure programs support the protection, survivability, availability, integrity and recovery of Critical Assets. 5.3.2. Provide the Co-Chair (with the Office of the Under Secretary of Defense for Policy) for the CIPWG. 5.3.3. Require the Director, Defense Investigative Service (DIS), to: 5.3.3.1. Conduct, in coordination with the appropriate DoD Component and with permission of the owners, on-site surveys, to include vulnerability analyses to physical and technical threats, for each non-DoD Industrial and Infrastructure Critical Asset designated by the DoD Executive Agent as requiring on-site survey. 5.3.3.2. Maintain liaison with the DoD Executive Agent, the responsible DoD Component, and consult with industry, as appropriate. Develop CAAP survey procedures in coordination with the DoD Executive Agent, and support courses of instruction to orient and train Government and industry personnel on CAAP surveys. Obtain technical assistance from other Components, as required. 5.3.4. Require the Director, Defense Intelligence Agency (DIA), in coordination with the National Security Agency (NSA), the DIS, the Federal Bureau of Investigation (FBI), and the Director, Central Intelligence, to develop procedures for continuous analysis of the hostile intelligence; special operations; and technical, terrorist, criminal and other transnational threats to Critical Assets and Infrastructures; develop and maintain a Critical Asset and Infrastructure Threat Assessment, and advise the DoD Executive Agent, the Chairman of the Joint Chiefs of Staff and the DoD Components of hostile threats to Critical Assets and Infrastructures in their areas of responsibility as evolving threats become known. These activities must be accomplished within the provisions of DoD Directive 5240.1 and DoD 5240.1-R (references (i) and (j)). 5.3.5. Require the Director, National Imagery and Mapping Agency, to support the DoD Executive Agent's requirements for imagery and maps needed for CAAP. 5.3.6. Require the Director, Defense Information Systems Agency, to: 5.3.6.1. Provide, in conjunction with the DoD Components, for the assurance of the Defense Information Infrastructure (DII) and mitigation of the effects of its loss or disruption. 5.3.6.2. Coordinate with the National Communication System (NCS) to identify National Information Infrastructure (NII) assets critical to the DoD operations and National Security and Emergency Preparedness telecommunications. Identify to the DoD Executive Agent and the appropriate DoD Components the Critical Assets of the DII and the NII whose disruption or loss would seriously affect DoD operations and the nature of those effects. Coordinate with the DoD Executive Agent, the DoD Components, and the NCS regarding actions taken to increase the reliability, redundancy, protection, and restoral of information systems supporting Critical Assets. 5.3.6.3. Provide for overall coordination of the Computer Emergency Response Team (CERT) activities of the DoD Components and their interface with CERT-related activities of the Federal Government (to include the FBI), the NSA for national security systems, and private sector. 5.4. The Chairman of the Joint Chiefs of Staff shall: 5.4.1. Ensure identification of Critical Assets necessary for the execution of Deliberate and Crisis Action Plans and plan for mitigation of their loss or disruption. Identify those Critical Assets to the DoD Executive Agent. 5.4.2. Ensure that disruption and loss of Critical Assets, to include supporting national infrastructures, are scripted and responded to in Joint Exercises. 5.5. The Secretary of the Army, as the DoD Executive Agent, shall: 5.5.1. Develop, implement and administer the CAAP to meet the requirements described in subsection 4.4., above. Obtain Critical Asset nominations from the DoD Components, integrate them into the CAAP, and program and provide CAAP resources for support of CAAP decision support systems, analytic and management activities. Provide the capability for each DoD Component to use the CAAP for identification, analysis and assurance of assets critical to its operations. In coordination with the DoD Components, establish priorities for infrastructure analysis and remediation, recommend actions to the Components based upon the CAAP and DIA threat analysis, and review the CAAP annually with the Under Secretary of Defense, for Policy (USD(P)) and the Components. 5.5.2. Develop, publish and administer DoD 5160.54-R (reference (d)), and 5160.54-M, consistent with DoD 5025.l-M (reference (e)). 5.5.3. Coordinate with other Departments and Agencies, as required, to solicit nominations of Infrastructure Assets critical to national defense applications. Designate non-DoD Industrial and Infrastructure Critical Assets that require on-site surveys and vulnerability assessments. Coordinate with DIS regarding conduct of industrial Critical Asset site surveys and vulnerability assessments. 5.5.4. Ensure that regulations, plans, and procedures governing military support to law enforcement in civil disturbances, as promulgated under DoD Directive 3025.12 (reference (g)), facilitate response by the DoD Components to protect Critical Assets under any conditions or circumstances covered by that Directive. 5.6. The Secretary of the Navy shall require the Program Manager, Joint Program Office for Special Technology Countermeasures, to provide the infrastructure assurance analysis and vulnerability assessment support to the DoD Executive Agent. 5.7. The Heads of the DoD Components shall: 5.7.1. Identify those assets critical to their operations (to include the supporting DoD and non-DoD infrastructures and other civil sector facilities and services), nominate those Critical Assets for inclusion in the CAAP, conduct risk assessments, and designate their category of importance in accordance with the instructions of the DoD Executive Agent. 5.7.2. Retain overall responsibility for the assurance of the Critical Assets subject to their authority or control. Program and provide for increased Critical Asset reliability, security and redundancy; plan for their disruption or loss and subsequent restoral; and develop systems that are less dependent upon vulnerable infrastructures and systems. Program and provide for supplemental integrated infrastructure vulnerability assessment and assurance capability when requirements exceed organic capabilities. Provide for a CERT capability. 5.7.3. Include a contractual requirement for cooperation in vulnerability assessments and assurance planning when contracting for private sector facilities, services and products, and consider all-hazard assurance of service when awarding contracts. 5.7.4. Review annually all Critical Asset nominations and recommend changes in accordance with the instructions of the DoD Executive Agent. Review the CAAP annually with the USD(P) and the DoD Executive Agent. Provide senior (flag or senior executive service) representation on the CIPWG. 5.7.5. Assign personnel to the Executive Agent to support the CAAP and comply with the requirements of the DoD Executive Agent in accordance with this Directive. 5.7.6. Require that commanders of DoD installations conduct an annual review with all tenant activities of all Critical Assets associated with their installation, to include supporting DoD and non-DoD infrastructures and other civil sector facilities and services upon which the Critical Assets depend. This review shall include the validation of data on facilities and their dependencies, an examination of Installation and tenants' plans for increasing reliability, reducing vulnerabilities, mitigating hazards to and the restoration of Critical Assets, and a review of these plans with the FBI, local emergency services personnel (including local law enforcement), the National Guard, and the representatives of critical infrastructure and support service providers, as appropriate. Assist tenant activities in direct coordination with local providers of critical infrastructure and other support services necessary to the operation of the their Critical Assets. Require that commanders of DoD Installations report through their chains of command the review results to the DoD Executive Agent so that plans and requirements can be fully coordinated and supported across the Department. 6. INFORMATION REQUIREMENTS The collection of installations and facilities data identified in paragraph 5.2.4., above, is assigned Report Control Symbol DD-A&T(A)760, and the collection of Critical Asset data identified in paragraphs 5.5.1. and 5.7.1., above, is assigned Report Control Symbol DD-POL(A)1747, in accordance with DoD 8910-M (reference (m)). The information collections in paragraphs 5.3.3.1., 5.3.4., and 5.7.6., above, are exempt from licensing in accordance with reference (m). 7. EFFECTIVE DATE This Directive is effective immediately. Enclosures - 2 1. References 2. Definitions E1. ENCLOSURE 1 ENCLOSURE 1 REFERENCES, continued (e) DoD 5025.l-M, "DoD Directives System Procedures," August 1994, authorized by DoD Directive 5025.1, June 24, 1994 (f) DoD Directive 3025.1, "Military Support to Civil Authorities (SCA)," January 15, 1993 (g) DoD Directive 3025.12, "Military Assistance for Civil Disturbances," February 4, 1994 (h) DoD Directive 3025.15, "Military Assistance to Civil Authorities," February 18, 1997 (i) DoD Directive 5240.1, "DoD Intelligence Activities," April 25, 1988 (j) DoD 5240.1-R, "Procedures Governing the Activities of DoD Intelligence Components that Affect United States Persons," December 1982, authorized by DoD Directive 5240.1, April 25, 1988. (k) Title 48, Code of Federal Regulations, "Federal Acquisition Regulations System," October 1, 1996 (l) DoD Directive 5137.1, "Assistant Secretary of Defense for Command, Control, Communications and Intelligence (ASD (C3I))," February 12, 1992 (m) DoD 8910.1-M, "DoD Procedures for Management of Information Requirements," November 28, 1986, authorized by DoD Directive 8910.1, June 11, 1993 (n) DoD Directive 5200.8, "Security of DoD Installations and Resources," April 25, 1991 E2. ENCLOSURE 2 DEFINITIONS E2.1.1. Assurance. In the context of CAAP, assurance is a process of identifying assets deemed critical to the Department of Defense in peacetime, crisis and war; assessing the potential threats to these assets and the capabilities they provide; quantifying the likely non-availability to the Department of Defense under various hazard scenarios; identifying potential actions that can be taken to restore those assets (or functionality they provide) if they are lost, damaged, corrupted, or compromised; and identifying and recommending options to protect, mitigate, and improve the availability of these Critical Assets to the DoD organizations that own, use, and control them. It includes a range of activities to systematically inform planners and decisionmakers of the probability of availability and quality (e.g., integrity, reliability, confidentiality, survivability, endurability, capacity, adequacy) of specific assets or services under given scenarios; quantifying the likely impact of non-availability to the military operation or defense activity; and identifying and prioritizing options to improve the likelihood of the availability of specific assets or services in specific scenarios. Examples of assurance activities that can improve the likelihood of asset availability include protection (preventing, by whatever means, the disruption or corruption of an asset); mitigation or moderation of the effects of disruption or corruption (by controlling the damage, providing alternative services, and reducing demand on the asset); and planning for and providing timely restoral or recovery. Alternatively, plans can be made to absorb the loss of otherwise anticipated services. Assurance of a Critical Asset is the responsibility of the owning or controlling DoD Component. E2.1.2. Computer Emergency Response Team (CERT). An organization chartered by an information system owner to coordinate and/or accomplish necessary actions in response to computer emergency incidents that threaten the availability or integrity of its information systems. E2.1.3. Critical Asset. Any facility, equipment, service or resource considered essential to DoD operations in peace, crisis and war and warranting measures and precautions to ensure its continued efficient operation, protection from disruption, degradation or destruction, and timely restoration. Critical Assets may be DoD assets or other government or private assets, (e.g., Industrial or Infrastructure Critical Assets), domestic or foreign, whose disruption or loss would render DoD Critical Assets ineffective or otherwise seriously disrupt DoD operations. Critical Assets include both traditional "physical" facilities or equipment, non-physical assets (such as software systems) or "assets" that are distributed in nature (such as command and control networks, wide area networks or similar computer-based networks). E2.1.4. DoD Executive Agent. The individual designated by position to have and to exercise the assigned responsibility and delegated authority of the Secretary of Defense, as specified in this Directive. E2.1.5. DoD Infrastructure. Infrastructure owned, operated or provided by the Department of Defense. DoD Infrastructures include the DII, C4ISR, Space, Financial Services, Logistics, Public Works (includes DoD-owned or -operated utilities, roads, rails and railheads and their interface to commercial and other Government Systems), Personnel, Health Affairs and Emergency Preparedness. See also definitions of Infrastructure and National Infrastructure, below. E2.1.6. DoD Installation. A facility subject to the custody, jurisdiction, or administration of any DoD Component. This term includes, but is not limited to, military reservations, installations, bases, posts, camps, stations, arsenals, or laboratories where a DoD Component has operational responsibility for facility security and defense. Examples are facilities where orders or regulations for protection and security have been issued by the military commander or other specified DoD official under provisions of DoD Directive 5200.8 (reference (n)). Both industrial assets and infrastructure assets, not owned by the Department of Defense, may exist within the boundaries of a military installation. E2.1.7. Industrial Asset. Any factory, plant, building or structure used for manufacturing, producing, processing, repairing, assembling, storing, or distributing a product or components that supports a DoD Component. A Critical Industrial Asset is an industrial asset deemed essential to DoD operations or the functioning of a Critical Asset E2.1.8. Information Assurance. Information Operations that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. This includes providing for restoration of information systems by incorporating protection, detection, and reaction capabilities. (See DoD Directive S-3600.1, reference (c).) E2.1.9. Information System. The entire infrastructure, organination, personnel and components that collect, process, store, transmit, display, disseminate and act on information under reference (c). E2.1.10. Infrastructure. The framework of interdependent networks and systems comprising identifiable industries, institutions, and distribution capabilities that provide a continual flow of goods and services essential to the defense and economic security of the United States, the smooth functioning of government at all levels, or society as a whole. E2.1.11. Infrastructure Asset. Any Infrastructure facility, equipment, service or resource that supports a DoD Component. A Critical Infrastructure Asset is an infrastructure asset deemed essential to DoD operations or the functioning of a Critical Asset. E2.1.12. National Infrastructure. Those infrastructures essential to the functioning of the nation and whose incapacity or destruction would have a debilitating regional or national impact. National infrastructures include telecommunications, electrical power systems, gas and oil transportation and storage, water supply systems, banking and finance, transportation, emergency services, and continuity of government operations. E2.1.13. Technical Attack. An attack that can be perpetrated by circumventing or nullifying hardware or software protection mechanisms, or exploiting hardware or software vulnerabilities, rather than physical destruction or by subverting system personnel or other users.
Department of Defense DIRECTIVE NUMBER 5200.1 December 13, 1996 ASD(C3I) SUBJECT: DoD Information Security Program References: (a) DoD Directive 5200.1, subject as above, June 7, 1982 (hereby canceled) (b) Executive Order 12958, “Classified National Security Information,” April 20, 1995, as amended (c) Information Security Oversight Office Directive, “Classified National Security Information,” October 13, 1995 (d) DoD Instruction 5230.21, “Protection of Classified National Security Council and Intelligence Information,” March 15, 1982 (hereby canceled) (e) through (i), see enclosure l 1. REISSUANCE AND PURPOSE This Directive: 1.1. Reissues reference (a) to update policy and responsibili-ties for the DoD Information Security Program under references (b) and (c). 1.2. Replaces references (d) through (f) . 1.3. Continues to authorize the publication of DoD 5200.1-R (reference (g)), in accordance with DoD 5025.1-M (reference (h)). 2. APPLICABILITY This Directive applies to the Office of the Secretary of Defense, the Military Departments, the Chairman of the Joint Chiefs of Staff, the Combatant Commands, the Inspector General of the Department of Defense, the Defense Agencies, and the DoD Field Activities (hereafter referred to collectively as “the DoD Components”). 3. DEFINITIONS 3.1. Compromise. A communication or physical transfer of classified information to an unauthorized recipient. 3.2. Information. Any knowledge that may be communicated or documentary material, regardless of its physical form or characteristics, that is owned by, produced by or for, or is under the control of, the Department of Defense. 3.3. National Security. The national defense or foreign relations of the United States. 4. POLICY It is DoD policy that: 4.1. National security information shall be classified, declassified and safeguarded, in accordance with national-level policy issuances. Misclassification shall be avoided. 4.2. Declassification of information shall receive equal attention with classification to ensure that information remains classified only as long as required by national security considerations. 4.3. The volume of classified national security information shall be reduced to the minimum necessary to meet operational requirements. 4.4. An active security education and training program shall be established and maintained to ensure that DoD military and civilian personnel who require access to classified national security information in the conduct of official business are familiar with their responsibilities for protecting such information from unauthorized disclosure. 5. RESPONSIBILITIES 5.l. The Assistant Secretary of Defense for Command, Control, Communications, and Intelligence shall: 5.1.1. Serve as the Senior Agency Official for the Department of Defense under subsection 5.6.(c) of E.O. 12958, as amended (reference (b)). 5.1.2. Direct, administer, and oversee the DoD Information Security Program to ensure that the program is efficient, recognizes assigned authorities and responsibilities, and that appropriate management safeguards are in place to prevent fraud,waste, and abuse. 5.1.3. Approve, when appropriate, requests for exceptions to DoD Information Security Program policies and procedures. 5.1.4. Approve and publish DoD Instructions and Publications, as necessary, to guide, direct, or help DoD Information Security Program activities, consistent with DoD 5025.1-M (reference (h)). 5.1.5. Encourage liaison between the DoD Components and industry; professional associations; academia; Federal, State, and local government organizations; and international organizations to acquire information that may be of use in improving the DoD Information Security Program. 5.1.6. Assist the Under Secretary of Defense for Acquisition and Technology, as required, in implementing the DoD Acquisition Systems Protection Program, both by establishing security policy and providing technical security support to that program. 5.2. The Under Secretary of Defense for Policy shall: 5.2.1. Direct, administer and oversee that portion of the DoD Information Security Program pertaining to Special Access Programs, foreign government (including North Atlantic Treaty Organization) classified information, the National Disclosure Policy and security arrangements for international programs. 5.2.2. Approve, when appropriate, requests for exception to policy involving any programs listed in paragraph 5.2.1., above. 5.3. The Assistant Secretary of Defense for Public Affairs shall: 5.3.1. Direct and administer a DoD Mandatory Declassification Review Program under subsection 3.6. of E.O. 12958 (reference (b)). 5.3.2. Establish policies and procedures for processing mandatory declassification review requests, including appeals consistent with subsection 3.6.(d) of reference (b) and Section 2001.13 of the Information Security Oversight Office Directive (reference (c)), which make maximum use of DoD Component resources and systems established to implement DoD Directive 5400.7 (reference (i)). 5.4. The Under Secretary of Defense for Acquisition and Technology shall serve as the office of primary responsibility and provide day-to-day direction and management of the DoD Acquisition Systems Protection Program. 5.5. The Secretaries of the Military Departments, as Agency Heads under reference (b), and the Heads of the Other DoD Components, shall: 5.5.1. Designate a senior agency official for their respective Departments who shall be responsible for the direction and administration of the Department’s information security program, to include active oversight, classification, declassification and security education and training programs to ensure effective implementation of reference (b) and DoD 5200.1-R (reference (g)). 5.5.2. Ensure that funding and resources are adequate to carry out such oversight, classification, declassification and security education and training programs. 5.5.3. Consider and take action on complaints and suggestions from persons in or outside the Government regarding the Department’s Information Security Program. 5.6. The Director, National Security Agency, shall, as the designee of the Secretary of Defense, when necessary, impose special requirements on the classification, declassification, marking, reproduction, distribution, accounting, and protection of and access to classified cryptologic information. 6. EFFECTIVE DATE This Directive is effective immediately. Enclosures - 1 1. References E1. ENCLOSURE 1 REFERENCES, continued (e) DoD Instruction O-5230.22, “Security Controls on the Dissemination of Intelligence Information,” August 17, 1988 (hereby canceled) (f) DoD Directive 5200.12, “Conduct of Classified Meetings,” July 27, 1992 (hereby canceled) (g) DoD 5200.1-R, “Department of Defense Information Security Program Regulation,” January 17, 1997 authorized by this Directive (h) DoD 5025.1-M, “DoD Directives System Procedures,” August 1994, authorized by DoD Directive 5025.1, June 24, 1994 (i) DoD Directive 5400.7, “DoD Freedom of Information Act Program,” May 13, 1988
Department of Defense DIRECTIVE NUMBER 5205.8 February 20, 1991 ASD(C3I) SUBJECT: Access to Classified Cryptographic Information References: (a) National Telecommunications and Information Systems Security Policy (NTISSP) No. 3, "National Policy for Granting Access to U.S. Classified Cryptographic Information," December 19, 1988 (b) Executive Order 12333, "United States Intelligence Activities," December 4, 1981 (c) National Telecommunications and Information Systems Security Instruction (NTISSI) No. 4001, "Controlled Cryptographic Items," March 25, 1985 (d) DoD 5200.l-R, "Information Security Program Regulation," June 1986, authorized by DoD Directive 5200.1, June 7, 1982 (e) through (i), see enclosure E1. 1. PURPOSE This Directive establishes under reference (a) a program to govern the granting of access to classified cryptographic information that is owned, produced by or for, or is under the control of the Department of Defense and is in accordance with reference (b) to protect national security information. 2. APPLICABILITY AND SCOPE This Directive: 2.1. Applies to the Office of the Secretary of Defense (OSD), the Military Departments, the Chairman of the Joint Chiefs of Staff and the Joint Staff, the Unified and Specified Commands, the Defense Agencies, and the DoD Field Activities (hereafter referred to collectively as "the DoD Components"). 2.2. Applies to all members of the U.S. Armed Forces, civilian employees of the Department of Defense and employees of agents of the DoD Components who have access to classified cryptographic information. The term "agents," as used herein, refers to contractors, consultants, and other persons affiliated with the Department of Defense. 2.3. Pertains to persons whose duties require continuing access to classified cryptographic information. (See section 3., below.) Accordingly, this Directive concerns those persons assigned: 2.3.1. As cryptographic material custodians, alternates, or their equivalents. 2.3.2. As producers or developers of cryptographic key or logic. 2.3.3. As cryptographic maintenance, engineering, or installation technicians. 2.3.4. To supply points where cryptographic keying materials are generated or stored, and to those having access to such materials. 2.3.5. To secure telecommunications facilities located on the ground, on board ship, or on communications support aircraft and whose duties require keying of cryptographic equipment. 2.3.6. To prepare, authenticate, or decode nuclear control orders (valid or exercise). 2.3.7. Any responsibility requiring or enabling access to classified cryptographic media. 2.4. Is not applicable to individuals whose duties are to operate (not to key or maintain) systems using cryptographic equipment. 2.5. Excludes Controlled Cryptographic Items as defined in NTISSI No. 4001 (reference (c)). 3. DEFINITION 3.1. Classified Cryptographic Information, with respect to this access program, is specified as: 3.1.1. Cryptographic key and authenticators that are classified pursuant to DoD 5200.l-R (reference (d)) and are designated as SECRET CRYPTO, or TOP-SECRET CRYPTO. 3.1.2. Classified cryptographic media that embody, describe, or implement a classified cryptographic logic, to include, but not be limited to, full maintenance manuals, cryptographic descriptions, drawings of cryptographic logic, specifications describing a cryptographic logic, and cryptographic computer software. 4. POLICY It is DoD policy that a person may be granted access to classified cryptographic information, as specified in sections 2. and 3., above, only if that person: 4.1. Is a U.S. citizen; 4.2. Is a civilian employee of the Department of Defense, a member of a Military Service, a DoD-cleared contractor or employee of such contractor, or is employed as a DoD representative (including consultants of the Department of Defense); 4.3. Requires access to perform official duties for, or on behalf of, the Department of Defense; 4.4. Possesses a security clearance and personnel security investigation appropriate to the level of the classified cryptographic information to be accessed, in accordance with DoD 5200.2-R (reference (e)); 4.5. Receives a security briefing appropriate to the cryptographic information to be accessed; 4.6. Acknowledges the granting of access by signing a cryptographic access certificate; 4.7. Agrees to report foreign travel and any form of contact with foreign citizens, in accordance with DoD 5200.2-R (reference (e)); and 4.8. Acknowledges the possibility of being subject to a non-lifestyle, counterintelligence scope polygraph examination administered in accordance with DoD Directive 5210.48 (reference (f)). 5. RESPONSIBILITIES 5.1. The Assistant Secretary of Defense for Command, Control, Communications, and Intelligence shall oversee and review the implementation of this Directive. 5.2. The Heads of the DoD Components shall: 5.2.1. Control access to classified cryptographic information in accordance with section 4., above. 5.2.2. Establish, implement, and administer a cryptographic access program within their respective organizations. This program shall include providing Cryptographic Access Briefings (sample in enclosure E2.) and executing Cryptographic Access Certificates (sample in enclosure E3). 5.2.3. Implement, in accordance with DoD Directive 5210.48 (reference (f)), a counterintelligence scope polygraph examination program in support of this Directive. 5.2.4. Maintain records on all individuals who have been granted cryptographic access or have had their cryptographic access withdrawn, and arrange for retention of Cryptographic Access Certificates or legally enforceable facsimiles in accordance with the DoD Component records disposition schedules. 5.2.5. Accept as valid the cryptographic access granted by other DoD Components. 5.2.6. Deny or withdraw cryptographic access to those individuals who fail to agree to or comply with the specific criteria identified in section 4., above. 6. EFFECTIVE DATE This Directive is effective immediately. Enclosures - 3 1. References, continued 2. Sample - Cryptographic Access Briefing 3. SD Form 572 - Cryptographic Access Certification and Termination E1. ENCLOSURE 1 REFERENCES, continued (e) DoD 5200.2-R, "DoD Personnel Security Program," January 1987, authorized by DoD Directive 5200.2, December 20, 1979 (f) DoD Directive 5210.48, "DoD Polygraph Program," December 24, 1984 (g) DoD Directive 5220.22, "DoD Industrial Security Program," December 8, 1980 (h) DoD 5220.22-R, "Industrial Security Regulation," December 1985, authorized by DoD Directive 5220.22, December 8, 1980 (i) DoD 5220.22-M, "Industrial Security Manual for Safeguarding Classified Information," March 1989, authorized by DoD Directive 5220.22, December 8, 1980 E2. ENCLOSURE 2 SAMPLE CRYPTOGRAPHIC ACCESS BRIEFING You have been selected to perform duties that will require access to classified cryptographic information. It is essential that you be made aware of certain facts relevant to the protection of this information before access is granted. You must know the reason why special safeguards are required to protect classified cryptographic information. You must understand the Directives that require these safeguards and the penalties you may incur for the unauthorized disclosure, unauthorized retention, or negligent handling of classified cryptographic information. Failure to properly safeguard this information could cause serious or exceptionally grave damage, or irreparable injury, to the national security of the United States or could be used to advantage by a foreign nation. Classified cryptographic information is especially sensitive because it is used to protect other classified information. Any particular piece of cryptographic keying material and any specific cryptographic technique may be used to protect a large quantity of classified information during transmission. If the integrity of the cryptographic system is breached at any point, all information protected by the system may be compromised. The safeguards placed on classified cryptographic information are a necessary component of Government programs to ensure that our nation's vital secrets are not compromised. Because access to classified cryptographic information is granted on a strict need-to-know basis, you will be given access to only that cryptographic information necessary in the performance of your duties. You are required to become familiar with (insert, as appropriate, Department or Agency implementing Directives covering the protection of cryptographic information). Cited Directives are attached in a briefing book for your review at this time. Especially important to the protection of classified cryptographic information is the timely reporting of any known or suspected compromise of this information. If a cryptographic system is compromised, but the compromise is not reported, the continued use of the system can result in the loss of all information protected by it. If the compromise is reported, steps can be taken to lessen an adversary's advantage gained through the compromise of the information. As a condition of access to classified cryptographic information, you must acknowledge that you may be subject to a non-lifestyle, counterintelligence scope polygraph examination. This examination will be administered in accordance with DoD Directive 5210.48 and applicable law. The relevant questions in this polygraph examination will only encompass questions concerning espionage, sabotage, or questions relating to unauthorized disclosure of classified information or unreported foreign contacts. If you do not, at this time, wish to sign such an acknowledgment as a part of executing a cryptographic access certification, this briefing will be terminated at this point and the briefing administrator will so annotate the cryptographic access certificate. Such refusal will not be cause for adverse action but will result in your being denied access to classified cryptographic information. You should know that intelligence services of some foreign governments prize the acquisition of classified cryptographic information. They will go to extreme lengths to compromise U.S. citizens and force them to divulge cryptographic techniques and materials that protect the nation's secrets around the world. You must understand that any personal or financial relationship with a foreign government's representative could make you vulnerable to attempts at coercion to divulge classified cryptographic information. You should be alert to recognize those attempts so that you may successfully counter them. The best personal policy is to avoid discussions that reveal your knowledge of, or access to, classified cryptographic information and thus avoid highlighting yourself to those who would seek the information you possess. Any attempt, either through friendship or coercion, to solicit your knowledge regarding classified cryptographic information must be reported immediately to (insert appropriate security office). In view of the risks noted above, unofficial travel to certain communist or other designated countries may require the prior approval of (insert appropriate security office). It is essential that you contact (insert appropriate security office) if such unofficial travel becomes necessary. Finally, you must know that, should you willfully or negligently disclose to any unauthorized persons any of the classified cryptographic information to which you will have access, you may be subject to administrative and civil sanctions, including adverse personnel actions, as well as criminal sanctions under the Uniform Code of Military Justice (UCMJ) and/or the criminal laws of the United States, as appropriate. E3. ENCLOSURE 3 SD FORM 572 - CRYPTOGRAPHIC ACCESS CERTIFICATION AND TERMINATION
Department of Defense DIRECTIVE NUMBER 5210.45 May 9, 1964 SUBJECT: Personnel Security in the National Security Agency References: (a) Public Law 88-290, An Act to Amend the Internal Security Act of 1950 1. PURPOSE The purpose of this directive is to prescribe policies and procedures to implement Public Law 88-290 the objective of which is to strengthen personnel security In the National Security Agency. 2. PERSONNEL SECURITY STANDARD No person shall be employed in, or detailed or assigned to, the National Security Agency, and no person shall have access to classified information of the Agency, unless his employment, detail, or assignment to the Agency, or his access to classified information of the Agency, is clearly consistent with the national security. 3. FULL FIELD INVESTIGATION 3.1. No person shall be finally employed in the National Security Agency until he has been the subject of a full field investigation. A person may, however, be provisionally employed before the completion of a full field investigation in his case, but he may not be given access to sensitive cryptologic information while he is so employed. His provisional employment is conditional upon the successful outcome of a full field investigation in his case. 3.2. No person shall be assigned or detailed to the Agency without the agreement of the Agency that its security requirements are met; each such person shall be the subject of a full field investigation in connection with such assignment or detail unless he has a current security clearance for sensitive cryptologic information which was granted under the same or equivalent standards as are prescribed by the Agency. 3.3. The Director of the Agency may, in an exceptional case, temporarily waive the requirement for a full field investigation if he personally determines in writing that such action is advisable in the national interest and is clearly consistent with the national security. In such a case priority shall be given to the full field investigation. This authority of the Director, NSA, cannot be redelegated. 4. BOARDS OF APPRAISAL 4.1. The Director of the Agency shall establish one or more boards of appraisal of three members each to be assigned personnel security responsibility as set forth below. Members of a board shall be senior officials with broad experience, shall be specially trained for their duties, and shall have been the subject of a full field investigation, and have been cleared for access to classified information, in connection with their appointment 4.2. The Director of the Agency shall refer to a board those cases in which he determines that there is a doubt as to eligibility for access to classified information of an employee or person assigned or detailed to the Agency. The board shall appraise the loyalty and suitability of persons whose cases have been referred to it and advise the Director whether access to classified information by such persons is clearly consistent with the national security. In applying the foregoing standard, the board shall use the criteria which have been prescribed by the U.S. Intelligence Board and Department of Defense Directive 5210.8 dated February 15, 1962. 4.3. Proceedings of a board shall not include notice to the individual, right to a hearing, or appeal from an adverse recommendation. A board shall submit to the Director a report and recommendation on each case referred to it. The report shall not be made available to the person. No person shall be cleared for access or continued access to Agency classified information contrary to the recommendation of a board except on the authority of the Director or, upon the referral by the Director, of the Secretary of Defense. In such a case, the Director or the Secretary shall make a determination in writing that the employment, detail, assignment or access is in the national Interest. 4.4. Appraisal by a board is not required before action may be taken under Section 14 of the Act of June 27, 1944, Chapter 287, as amended (5 U.S.C. 863), Section l of the Act of August 26, 1950, Chapter 803, as amended (5 U.S.C. 22-1), or any other similar provision of law. The objective in establishing the boards(s) is to assure further that the access of each person to classified information is clearly consistent with the national security in consonance with the requirements and standards of the U.S. Intelligence Board and the Department of Defense. 5. TERMINATION OF EMPLOYMENT 5.1. Section 303(a) of Public Law 88-290 authorizes the Secretary of Defense to terminate employment of any officer or employee of the National Security Agency in his discretion whenever (1) he considers such action to be in the interest of the United States, and (2) he determines that the procedures prescribed in other provisions of law that authorize the termination of employment of that officer or employee cannot be invoked consistently with the national security. The Secretary's action to terminate employment is final. The statute provides, however, that the individual whose employment has been terminated under this authority may seek or accept employment in any other Government Agency provided that the Civil Service Commission determines he is eligible for such employment. 5.2. When the two conditions cited above do not exist, the Director, NSA, shall, when appropriate, take action pursuant to other provisions of law, as applicable, to terminate the employment of a civilian officer or employee. The Director shall recommend to the Secretary of Defense the exercise of the authority of Section 303(a) only when the termination of the employment of a civilian officer or employee cannot, because of paramount national security interests, be carried out under any other provision of law. 6. IMPLEMENTATION Proposed implementing regulations of the National Security Agency shall be coordinated with the General Counsel of the Department of Defense prior to their publication. 7. EFFECTIVE DATE This directive becomes effective immediately.
Department of Defense DIRECTIVE NUMBER 5210.70 November 3, 1980 ASD(C3I) SUBJECT: DoD Cryptologic Training References: (a) National Security Council Intelligence Directive No.6 (NSCID No. 6) (b) DoD Directive S-5100.20, "The National Security Agency and the Central Security Service," December 23, 1971 (c) DoD Directive 5100.47, "National Cryptologic School," April 30, 1965 1. PURPOSE This Directive establishes uniform policies, standards, and procedures for the conduct of cryptologic training; and assigns responsibilities to ensure that adequate and responsive training within the various Components of the Department of Defense is carried out. 2. APPLICABILITY AND SCOPE 2.1. The provisions of this Directive apply to the Office of the Secretary of Defense (OSD), the Military Departments, the Organization of the Joint Chiefs of Staff, and the Defense Agencies (hereafter called "DoD Components"). As used herein, the term "Services" refers to the Army, Navy, Air Force, and Marine Corps. 2.2. Its provisions encompass all elements of the Department of Defense engaged in cryptologic and cryptologic-related training that supports operations contained in the Consolidated Cryptologic Program (CCP) or Tactical Cryptologic Program (TCP). 3. DEFINITIONS 3.1. Cryptologic Training. Institutional training in skills unique to the cryptologic mission. 3.2. Common Cryptologic Training. Training in identical skills that are essentially similar for personnel of more than one Military Department or for the National Security Agency/Central Security Service (NSA/CSS). 3.3. Unique Cryptologic Training. Training in cryptologic skills that is either used by only one of the DoD Components engaged in cryptologic operations, or sufficiently dissimilar among the DoD Components as to make consolidated or collocated intercomponent training infeasible. 3.4. Cryptologic-Related Training. Training that is a prerequisite for, or an adjunct to, cryptologic training and job performance when the subject matter is not in itself cryptologic but is of overriding importance to the conduct of cryptologic operations; the noncryptologic applications of such subjects are excluded. 4. POLICY The Director, National Security Agency/Chief, Central Security Service (DIRNSA/CHCSS), as principal signals intelligence advisor to the Secretary of Defense and the Joint Chiefs of Staff (NSCID No. 6. (reference (a)) and DoD Directive S-5100.20 (reference (b))), shall ensure the technical adequacy of all cryptologic training. 5. RESPONSIBILITIES 5.1. The Director, National Security Agency/Chief, Central Security Service, shall: 5.1.1. Submit requirements to the OSD for inclusion in the Consolidated Guidance (or Intelligence Annex thereto) for the direction of programming and budgeting for Military Department cryptologic and cryptologic-related training programs, and provide program manager's guidance for cryptologic training. 5.1.2. Review Military Department program submissions on cryptologic and cryptologic-related training. 5.1.3. Provide technical guidance, minimum standards, and support for all course development and all ongoing cryptologic and cryptologic-related training. 5.1.4. Review course documentation to ensure the technical adequacy of cryptologic and cryptologic-related course content. 5.1.5. Maintain and operate the National Cryptologic School (NCS) in accordance with DoD Directive 5100.47 (reference (c)). 5.1.6. Coordinate, with the Military Departments, proposed changes to training requirements, resources, and courses as initiated by NSA/CSS, to include training development for new systems and the procurement of technical training equipment. 5.1.7. Establish, in coordination with the Military Departments, policy, missions, objectives, standards, curricula, and types and sources of training used to satisfy requirements. 5.1.8. In cooperation with the Military Departments, provide for the periodic review and analysis of all common and unique cryptologic training courses to determine the potential for interservice or intercomponent consolidation and/or collocation. When such action is determined to maintain or enhance the effectiveness of training and to be economical, arrange for the consolidations and/or collocations or, as appropriate, make recommendations to the Secretary of Defense for decisions on specific courses of action. 5.1.9. Establish, in coordination with the Military Departments, an evaluation and information feedback system that incorporates Military Service evaluation methods. 5.1.10. Establish a Cryptologic Training Council to provide a forum wherein policy matters, training issues, and other related topics may be addressed. The Council shall be chaired by the Training Director, NSA/CSS (TDNC), and be composed of representatives from each Military Department and the NSA/CSS. 5.1.11. Prescribe administrative procedures for compliance with appropriate security directives pertaining to special clearance requirements for all NSA/CSS personnel involved with cryptologic training and curriculum development. 5.2. The Training Director, National Security Agency/Central Security Service shall serve as the principal executive for DIRNSA/CHCSS in matters related to cryptologic training. 5.3. The Secretaries of the Military Departments shall: 5.3.1. Incorporate guidance from OSD and the NSA/CSS in the development of cryptologic training, planning, programming, and budgeting documents. 5.3.2. Coordinate, with NSA/CSS, deviations and proposed changes to training requirements, resources, and courses initiated by the Military Departments, to include training development for new systems and the procurement of technical training equipment that affect the capability to execute training programs. 5.3.3. Assemble and maintain, for all DoD Components, a current record of all DoD common and unique training requirements and programs under their cognizance. 5.3.4. Establish, maintain, and operate cryptologic training schools that provide training for DoD Components agreed upon among the Military Departments and the DIRNSA/CHCSS. 5.3.5. Provide cryptologic instructional material for Reserve components, correspondence students, and proficiency training for all military personnel. 5.3.6. Provide facilities for the use of DoD Components for training that can be effectively and efficiently conducted on a collocated basis. 5.3.7. Coordinate actions with NSA/CSS and maintain liaison with other DoD Components and appropriate Government Departments and Agencies on matters that affect the conduct and development of assigned cryptologic training programs. 5.3.8. Prescribe administrative procedures for compliance with appropriate security directives pertaining to special clearance requirements for all personnel of their respective Military Departments involved with cryptologic training and curriculum development. 6. PROCEDURES 6.1. Personnel shall be assigned to the staffs and faculties of the cryptologic training schools by their respective Military Services. 6.2. Manpower authorizations for joint Service staffs and faculties shall be prorated among the Military Departments, based upon participation in terms of student weeks. 6.3. The Military Departments and NSA/CSS shall program and budget for all expenses incidental to the operation, maintenance, and base-operating support of their respective cryptologic training schools. 6.4. The pay, allowances, and permanent change of station travel and per diem costs of Military Department personnel assigned as faculty or staff of the cryptologic training schools shall be borne by the sponsoring DoD Component. 6.5. NCS administrative financial functions shall be conducted in accordance with DoD Directive 5100.47 (reference (c)). 6.6. The regulatory controls for cryptologic training shall be defined in a series of NSA/CSS circulars that shall be initiated by DIRNSA/CHCSS and coordinated with the Military Departments. 7. EFFECTIVE DATE AND IMPLEMENTATION This Directive is effective immediately. Forward two copies of implementing documents to the Assistant Secretary of Defense (Command, Communications, Control and Intelligence) within 120 days.