COMNAVRESINTCOMINST 5510.6A

04

5 May 1996

COMNAVRESINTCOM INSTRUCTION 5510.6A

Subj: INFORMATION AND PERSONNEL SECURITY PROGRAM POLICIES AND PROCEDURES FOR THE COMMAND HEADQUARTERS

Ref: (a) OPNAVINST 5510.lH

(b) SECNAVINST 5239.2

(c) COMNAVRESINTCOM 5510.2C

(d) COMNAVRESINTCOM 5510.4B (e) COMNAVRESINTCOM 5239.1B

(f) COMNAVRESINTCOMINST 5450.1D

Encl Encl: (1) COMNAVRESINTCOM Headquarters Information Security

Manual

1. Purpose. To establish standard policies and procedures, as a supplement to references (a) through (e), for the effective protection and control of classified material at the headquarters of Commander, Naval Reserve Intelligence Command (COMNAVRESINTCOM).

2. Cancellation. COMNAVRESINTCOMINST 5510.6.

3. Applicability. This instruction applies to all members of COMNAVRESINTCOM staff, both active and reserve.

4. Responsibility. All members of COMNAVRESINTCOM staff, both active and reserve, who handle classified material or personnel security matters will become familiar with and comply with the contents of this instruction. These members will also initiate updates, additions, and modifications to the instruction as required.





B. A. BLACK

Distribution: (See COMNAVRESINTCOMINST 5216.1J)

List VIII

RIAC, Area 6



COMNAVRESINTCOM HEADQUARTERS INFORMATION SECURITY MANUAL


TABLE OF CONTENTS


CHAPTER: SUBJECT

SECTION CHAPTER 1: PROGRAM MANAGEMENT

1-1 COMNAVRESINTCOM Security Organization

1-2 Internal Security Inspections

1-3 Security Violation Reporting

CHAPTER 2: ACCOUNTING AND CONTROL OF CLASSIFIED

MATERIAL

2-1 Physical Security - External

2-2 Physical Security - Internal

2-3 Incoming Classified Material

2-4 Safe Combinations

2-5 Required Recordkeeping

2-6 Destruction of Classified Material

2-7 Automated Information System (AIS) Security

CHAPTER 3: PERSONNEL SECURITY

3-1 Basic Policy

3-2 Policy for New Affiliates

3-3 Policy for Periodic Reviews

3-4 Security Termination

ATTACHMENTS

1-1 Security Education Program Audit

1-2 Classified Material Control Audit

1-3 Security Violation Reporting

2-1 Letter of Authority to Courier Classified Material

2-2 Personally-Owned Microcomputer Hardware/Software

User Agreement/Authorization

3-1 Letter for Failure to Submit SSBI/PR Package







CHAPTER 1: PROGRAM MANAGEMENT


1-1. Command Security Organization

a. Deputy Chief of Staff (DCOS) for Intelligence Support and Security. Performs functions as outlined in reference (f). He/she also reviews all security violations reported by Reserve Intelligence Areas (RIAs). This review is done to ensure accuracy of reporting, assess seriousness of the violation, determine subsequent actions to be taken, and develop strategies to prevent future violations and strengthen security awareness and education policies throughout the Naval Reserve Intelligence Program.

b. Command Security-Manager. The active duty Chief Staff officer is designated in writing as the command's Security Manager. He/she is responsible for the administration of the command's information and personnel security program at the headquarters.

c. Assistant Security Manager. The active duty Intelligence Specialist is designated as the Assistant Security Manager and the classified material control officer (CMCO). His/Her responsibilities include accounting for and controlling classified material at the headquarters, implementing the security education and awareness program, verifying clearances of all personnel visiting COMNAVRESINTCOM headquarters, and passing clearances of command personnel to units being visited.

d. Reserve Unit Security Manager. The DCOS for Mutual Support and Security will designate a security manager for NR ONIHQ 0170. He/She will work with the active duty security manager to ensure compliance with references (a) through (e) as well as this instruction, review and correct Single Scope Background Investigation (SSBI)/Periodic Review (PR) packages prior to submission to RIA Six SSO, and ensure required security briefings are given to unit members.

1-2. Internal Security Inspections. The command Security Manager will conduct a security inspection annually, including security education and classified material control. Attachments 1-1 and 1-2 will be used as a checklist for this inspection.

1-3. Security Violation Reporting. Any individual who becomes aware of a compromise, possible compromise, or other security violation shall immediately notify the command security manager, CO, or senior officer present. Attachment 1-3 can be used to gather information required, however, the first priority is to secure the classified information involved.













CHAPTER 2: ACCOUNTING AND CONTROL OF CLASSIFIED MATERIAL


2-1. Physical Security - External. External security is provided by NAS Dallas Security Department. In an alarm condition, it is required to respond within ten minutes.

2-2. Physical Security - Internal

a. All classified material will be stored in GSA-approved safes in the vault. Keys to the spaces are issued to all active staff and key members of the reserve staff.

b. The following active staff personnel are required to have knowledge of safe combinations in the normal course of their duties: Security Manager, Assistant Security Manager, Administrative Department Head, and all Administrative Department Yeomen. Routine access to classified material by reserve personnel is not required. Safes will always be locked unless a cleared member of the command is monitoring and controlling access to them.

c. Classified material control sheets. Whenever a SECRET item is removed from the safe, the borrower will sign for the item on the classified material control sheet. Then a copy of that sheet will be made and placed in that item's folder in the safe. When the material is returned, the original control sheet will be annotated and signed, and the place-holder copy will be removed and destroyed. If the borrower is someone who holds the safe combinations, then he/she will accomplish the above procedures. If the borrower is anyone else, then a combination holder will ensure these procedures are followed.

d. Securing for the day. At the end of the workday, the senior person in the duty section will verify that all classified material has been returned and will review the Security Checklist (Standard Form 701 (8-85)) to see if the safes have been secured and checked. If not, he will contact the last person working in the spaces to remind that person to secure the safes and initial the form.

2-3. Incoming Classified Material

a. All registered mail will be picked up by designated staff mail Yeomen. Registered packages shall be opened by the CMCO or by a cleared Yeoman if the CMCO is not present. If someone other than the CMCO opens the material, that person must return the receipt card, secure the item in the safe, and leave a note for the CMCO that the item is in the safe. Each piece of classified material shall be assigned a unique control number (CONFIDENTIAL material does not require a control number). The control number will be marked on the cover of the document and will consist of two parts. The first part will be a three-digit sequence number starting with 1100111 at the beginning of the calendar year and preceded by the letter "S." The second part will be the last two digits of the current calendar year.



EXAMPLE: For the third secret document received in 1993, the control number "S003-9311 would be assigned.

2-4. Safe Combinations. The CMCO will complete the Security Container Information form (SF-700) upon change of combination for each security container under his control. Part one of the form will be posted on the inside of the appropriate safe. The safe combination will be annotated on part two of the form, sealed in the envelope, and delivered to the NAS Communications Center in Building Two for safeguarding.

2-5. Recordkeepinq

a. Secret Control Log. This log will be used to assign , control numbers and locate material after it is received. The log will consist of Correspondence/Material Control Forms (OPNAV 5216/10 (6/78)) which will be completed upon receipt of the document. Material will also be electronically logged utilizing Automated Information Management Systems (AIMS) software.

b. Classified material transfer. Transfer from COMNAVRESINTCOM to other commands occurs infrequently; however, such transfers will be documented on the Correspondence/Material Control Forms as required. Couriering of classified material will only be done in an emergency. In such a case, use attachment 2-1 for authorization.

2-6. Destruction of classified material

a. All classified material shall be destroyed as soon as it is no longer required. Routine destruction of classified material can be authorized by the Deputy Commander, Security Manager, or Assistant Security Manager. Destruction of material classified "Secret" or above will be recorded on the OPNAV Form 5216/10 as well as in the "Secret" control log.

b. If shredding is feasible, the material will be shredded and witnessed by two appropriately cleared personnel who will sign the record of destruction. If shredding is not feasible, the material will be transferred to a burn bag. The two witnessing officials will sign the record of destruction when the material is actually placed in the burn bag. The burn bag, along with a copy of the record of destruction, will then be turned over to the RIA Six Staff for central destruction. The RIA Six staff member accepting the burn bag will sign a receipt for the bag, but will not sign the record of destruction as a witness.

2-7. Automated Information System (AIS) Security. Reference (e), provides detailed guidance which is summarized below for this headquarters:

a. No unauthorized hardware or software will be brought into COMNAVRESINTCOM spaces. All hardware used to process classified information, including printer ribbons, will be marked with the highest classification of information processed. Generally only the computer

(CPU) that processes formatted messages will be so marked. Removable media will be marked with the highest classification processed on the computer even if the information on the media is at a lower classification. All hardware and software will be used for official purposes only. Authorized software will be loaded on the network only by the Resources and Logistics staff. All classified removable hard drives and diskettes will be stored in safes during non-working hours. All unclassified hardware and diskettes will be marked with "Sensitive Unclassified" labels.

b. Personal equipment. Hardware and software owned by individuals may be used for government business upon written authorization of the Deputy Commander or unit CO, per reference (e). Attachment 2-2 shall be used to certify authorization to use personal computers. Per reference (e), the command Automated Data Processing Security Officer (ADPSO) will be notified of personal computers being used for official Navy business.

CHAPTER 3: PERSONNEL SECURITY


3-1. Basic Policy. All reservists assigned to COMNAVRESINTCOM must be eligible for access to Sensitive Compartmented Information (SCI). This is accomplished by submitting a Single Scope Background Investigation (SSBI) package to the Assistant Security Manager, to be forwarded to the Defense Investigative Service (DIS). Detailed guidance for completing an SSBI package is in reference (a). All SSBI paperwork will be typed.

3-2. Policy for new affiliates. New affiliates will be given the SSBI forms on their first drill weekend. Preparing these forms will be their number one priority until complete. A completed package will be delivered to the unit security manager by the start of their second drill weekend. It is best to have new members sign the SF-312 (Classified Information Nondisclosure Agreement Revision 1-91) when they turn in their SSBI package. This will prevent delays when they are eligible for an interim clearance. A newly affiliated member who does not submit the SSBI package by the start of his/her second drill weekend will be advised in writing by the unit CO that he/she will be terminated or transferred out of the Naval Reserve Intelligence Program (NRIP) pay billet (i.e., to IVTU or other non-intelligence unit) if his/her package is not received by the start of the third drill weekend. Termination/transfer will be accomplished if the package is not received by the third drill weekend and will remain in effect until adjudication of the SSBI (usually 6 - 12 months) per reference (d). Attachment 3-1 is an example of the C.O.'s notification letter.

3-3. Policy for periodic reinvestigations. Requirements for Periodic Reinvestigations (PR's) will be determined by the Defense Manpower Data Center and provide to DOD components the names of PR candidates on a quarterly basis. Periodic Reinvestigations may still be initiated if they are based on development of adverse information that may impact on the individual's continued eligibility for access to classified information.

3-4. Security termination. Upon a member's discharge or retirement from the Naval Reserve, the command/unit security manager is responsible for debriefing, having the member read and sign the OPNAV Form 5511/14, and forwarding it to the Security Manager with notification that the member was discharged/retired.





















SECURITY EDUCATION PROGRAM AUDIT



UNIT: _______________ DATE: _______________

1. Personnel assigned:

2. Personnel holding clearance:

3. Personnel who have completed

indoctrination brief:

4. Personnel who have completed

orientation brief:

5. Personnel who have completed

refresher brief within last 12 months:

6. Personnel who have completed

counterintelligence brief within

the last 24 months:

7. Are required security briefings given

and documented per COMNAVRESINTCOMINST

5510.2C?

8. What overall working knowledge do departmental supervisors have of the command information and personnel security program?

POOR FAIR GOOD EXCELLENT OUTSTANDING

9. Rate overall unit security awareness.

POOR FAIR GOOD EXCELLENT OUTSTANDING

10. Rate overall unit organizational support for information and personnel security program.

POOR FAIR GOOD EXCELLENT OUTSTANDING











Attachment 1-1

CLASSIFIED MATERIAL CONTROL AUDIT


1. Can classified material easily be tracked from the point it enters the unit until after it is

destroyed/transferred? Y / N

2. Are destruction reports and classified material transmittals kept on file for

2 years? Y / N

3. Are messages properly documented and destroyed? Y / N

4. Are working papers properly controlled and destroyed? Y / N

5. Is all classified correspondence properly marked?

6. Are SF 700 and SF 702 being utilized on all safes? Y / N

7. Have safe combinations been changed within the past year? Y / N

8. Are diskettes properly marked and controlled? Y / N

9. When was the last full inventory completed?_______________

10. Have custodian find at least two items on inventory. Does items location match location on

inventory? Y / N

Discrepancies:__________________________________________________________________

______________________________________________________________________________

______________________________________________________________________________

Remarks:______________________________________________________________________

______________________________________________________________________________

______________________________________________________________________________

______________________________________________________________________________

11. Rate overall unit classified material control system:

POOR FAIR GOOD EXCELLENT OUTSTANDING



Attachment 1-2

SECURITY VIOLATION REPORTING


1. Personnel aware of a violation of the provisions of this instruction and higher directives regarding information and personnel security shall report the suspected violation immediately to the command's security manager, CO, or senior officer present. The following information should be provided:

PERSON REPORTING INCIDENT: _______________________________________________

DATE: __________ TIME: __________ PLACE: ___________________________________

PERSONNEL INVOLVED/WITNESSES:___________________________________________

HAS A COMPROMISE OCCURRED? _____________________________________________

CLASSIFIED MATERIAL INVOLVED: ___________________________________________

_____________________________________________________________________________

_____________________________________________________________________________

WHO HAS BEEN INFORMED OF THIS INCIDENT? ________________________________

_____________________________________________________________________________

INCIDENT BEING REPORTED: _________________________________________________

_____________________________________________________________________________

DETAILS OF INCIDENT: _______________________________________________________

_____________________________________________________________________________

_____________________________________________________________________________

_____________________________________________________________________________

_____________________________________________________________________________

ACTION TAKEN: _____________________________________________________________

_____________________________________________________________________________

Attachment 1-3

DATE/SERIAL

From: Commander, Naval Reserve Intelligence Command

To:

Subj: AUTHORITY TO COURIER CLASSIFIED MATERIAL

Ref: (a) OPNAVINST 5510.lH

1. Per reference (a), the below named individual(s) is/are authorized to courier classified material up to and including SECRET for purposes of training and briefing support.

2. The following information is provided for identification:

a. Name:

b. SSN:

c. Rank:

d. Clearance/Access:

SBI/NAC Date

e. Command telephone:

3. Authority is granted for (Date).





CO SIGNATURE

Copy to:

Unit File

Individual (s)

















Attachment 2-1


PERSONALLY-OWNED MICROCOMPUTER HARDWARE/SOFTWARE

USER AGREEMENT/AUTHORIZATION


Name___________________________________ Code_________________________________

Telephone #______________________________ Bldg./Rm._____________________________

Title__________________________________________________________________________

Computer make________________ Model__________ Serial #__________________________

Primary Application/Software_____________________________________________________

_____________________________________________________________________________

_____________________________________________________________________________

1. No classified data is or will be processed or stored on this personally-owned microcomputer.

2. The government is relieved of any liability for theft/damage to the personally-owned computer hardware and software.

3. All applications programs developed to manipulate or process Government business, financial, property, or personal data on this personally-owned computer are government property.

4. The owner certifies on the bottom of this form that all Government property and data is removed from storage in this personally-owned computer and the system is sanitized while not being used for Government business.

The undersigned accepts the above responsibilities to use their personally-owned computer hardware (and software) for Government use.

Date requested:_______________ Signature:_________________________________________

ADPSO approval:_______________________________________________

Unit CO approval:_______________________________________________

Copy to:

ADPSO

Member



Attachment 2-2


SAMPLE FORMAT OF WARNING LETTER

FOR FAILURE TO SUBMIT SSBI/SSBI-PR ON TIME


5521

Ser

Date

From: Commander, Naval Reserve Intelligence Command

To: (Member)

Subj: SINGLE SCOPE BACKGROUND INVESTIGATION/PERIODIC

REVIEW SUBMISSION

Ref: (a) COMNAVRESINTCOMINST 5510.4A

1. Per reference (a), you have failed to meet the requirements for submission of your Single Scope Background Investigation (SSBI) or Single Scope Background Investigation Periodic Review (SSBI-PR).

2. You are hereby notified that if your package is not turned in by your next drill weekend, (date), you will be transferred to a non-pay unit (IVTU or VTU) until adjudication of your SSBI or SSBI-PR.





Deputy Commander's Signature

Copy to:

DCOS Mutual Support and Security



























Attachment 3-1