DoDm 5200.01 volume 1 provides policy and assigns responsibilities for designating, marking, protecting and disseminating controlled unclassified information (CUI), classified national security information (CNSI), special access program information and sensitive compartmented information. Furthermore, this volume outlines acquisition and review procedures related to CNSI.
Every DoD activity with classified holdings must designate one day every year as the “clean out day”, when special efforts and attention will be put towards disposing of paper-based classified materials.
Definitions
DoDm 5200.01 volume 1 is a manual to implement policy, assign responsibilities, and establish procedures for designating, marking, protecting, disseminating and publishing controlled unclassified information (CUI) and classified material classified as collateral or sensitive compartmented information (SCI). Furthermore, it provides guidance for handling transmission publishing of this type of material as well as detailing DoD’s information security program including policy on classifying declassifying controlling classified and CUI technical data including classification declassification control policies – providing DoD Information Security Program policies as well as guidance.
This document defines terms used in the DoD Information Security Program:
* CUI stands for Classified Unclassified Information, or unclassified material which can be used to identify individuals, companies, organizations, or places both domestically and abroad. A CUI typically does not pose a threat to national security or military capability and often represents commercial products and services that do not fall under DoD regulation; often its source being private entities or individuals.
Classified information refers to any data not publicly known and that has been classified by the Directorate of Classification and Declassification at DoD. Typically, such classified information can only be made accessible to authorized individuals or entities.
No foreign persons or governments may use classified data for operating or maintaining U.S.-origin defense equipment; nor may it be released for study to decide whether production authorization should be sought; preparation for follow-on development or improvement of defense articles, components or derivatives produced within the United States; however classified planning information related to budget and future years may be released under FMS procedures if the supporting DSCA Director, Office of International Operations Global Execution Directorate Case Writing Division IOPS/WPN) receives concurrence from Department of State (State).
Unfortunately, I had an unpleasant surprise while shopping – they did have one or two good offers though! So here it goes… DoD components must review and take immediate steps to comply with these policies, such as restricting distribution lists on classified computer networks, only granting printing privileges upon exception for JWICS printing privileges, requiring proper information handling procedures including encryption of email messages, increasing inspections when people enter and leave Sensitive Compartmented Information Facilities, as well as adding verification and validation requirements for industry personnel. In addition, DoD components must establish and follow an ITAR review process prior to providing TDPs to foreign buyers.
Purpose
This manual serves to implement policy and assign responsibilities for classified information security programs, and to establish procedures for classifying, marking, protecting, disseminating, declassifying and declassifying controlled unclassified information (CUI), classified national security information (CNSI), collateral sensitive compartmented information (SCI), foreign government data as well as data protected by alternate compensatory control measures (ACCM).
It also establishes a framework for identifying and protecting sensitive unclassified information that cannot easily be protected through existing controls, as this information could be exploited by threat actors to gain unauthorized access to DoD-critical programs and systems without authorization. Furthermore, over-classification may reduce visibility into DoD programs and activities, while any disclosure of classified national security information could expose important defense capabilities to threat actors.
This volume of DoDm 5200.01 replaces DoD 5200.1-R, “DoD Information Security Program: Overview, Classification, and Declassification Manual,” with an amended text as specified by reference (c), while also including reference to DD Form 2024: Application for Access to Records Manuscripts or Documents and Confidentiality/Security Statement” as part of an application process for accessing classified national security information.
DoD Components must abide by a set of requirements when seeking access to OSD records for research. An explicit description, including accession and box numbers, of each file requested must also be given in this request, along with their purpose for being requested. Historically-minded researchers who seek access must include members of DOS’s Advisory Committee on Historical Diplomatic Documentation as well as cabinet level officials or former Presidential appointees who need records that they initiated or reviewed while serving an official capacity (e.g. information they initiated, reviewed or received while serving an official capacity).
DoD Components must notify CIA, NSC and any other non-OSD agency which expects its classified records to be filed with requested OSD records of their intent to grant historical researchers access. Furthermore, DOS Diplomatic Security staff must confirm in writing to the DoD Records Administrator that all security clearances for historical researchers remain current.
Requirements
DoD Components must also follow proper security protocols when creating and transmitting CNSI to other DoD components via email, physical mail or hardcopy. Contracting Officers may request that contractors remove personnel whose actions directly contradict with those of the Government while performing work under this contract.
Appendices
DoD Components must designate at least one day per year when specific attention and effort will be spent disposing of classified material that no longer requires their disposal. Shredders are usually preferred over incinerators; however, approval from local security officials must be obtained before using either one for destruction. When disposing of storage media such as thumb drives or zip disks for destruction. Detailed procedures for their destruction may need to be coordinated with information systems (IS) personnel in the area.
DoD Information Security Program. Identifying information requiring protection in the interest of national security (CNSI) and its classification level; developing policies, assigning responsibilities, and providing procedures for its identification, marking, protection, dissemination, marking for unclassification (CUI), classified national security information (CNSI), or information protected through alternate compensatory control measures – collectively this guidance constitutes DoD’s Information Security Program.
Process requests from members of the Advisory Committee on Historical Diplomatic Documentation with appropriate security clearances to access documents copied and used by DOS historians when compiling FRUS series volumes. DoD components must notify National Archives, Presidential library or military facility that houses documents that they’ve been authorized and given access conditions in order to facilitate these researchers.
FMS cases must be issued for foreign purchases of U.S. INFOSEC products and services when required under MILDEP FMS policy. Under certain conditions, with permission of a DOD Deputy Director, DoD Component CIOs may also submit to DTIC on behalf of MILDEPs a DD Form 2024 seeking written authorization to include specific pieces of equipment into FMS cases submitted with other DoD Components.