APPENDIX D
HAND-RECEIPT HOLDER, USER, AND WITNESS RESPONSIBILITIES

D-1. BRIEFING STATEMENT

a. Communications security (COMSEC) hand-receipt holders will be assigned according to AR 380-40. The custodian will brief hand-receipt holders and users and witnesses for COMSEC key destruction and provide written instructions on COMSEC procedures.

b. Custodians will require hand-receipt holders, users, and witnesses to sign a briefing statement (fig D-1). This briefing statement should fit the user's needs (for example, destruction or inventory witnesses, areas of special interest, protection of Top Secret material, daily inventories).

c. The signed briefing statement may be destroyed once the hand-receipt holder, user, or witness has been cleared for permanent change of station (PCS) or estimated time of separation (ETS) by COMSEC custodian.

___________________________________________________________________________

                              BRIEFING STATEMENT

 (This figure will be used as a sample only and will not be reproduced.)

As a communications security (COMSEC) (hand-receipt holder, user, 
witness) I will ensure that--

   a. COMSEC material received from the COMSEC custodian is safeguarded 
according to current Army directives.

   b. Material is properly handled, stored, inventoried, and destroyed 
when authorized. Two-person integrity (TPI) will be implemented when 
necessary.

   c. Access is based on clearance and a need to know.

   d. Material is inventoried shift-to-shift, daily, or just before 
locking the container where the material is stored, as applicable. DA 
Form 2653-R (COMSEC Account-Daily Shift Inventory (LRA)) or a similar 
form will be used to record inventories.

   e. Superseded keying material is destroyed immediately according to 
Technical Bulletin (TB) 380-41 (local commanders may grant an extension 
up to 72 hours only when facilities are not available for use after duty 
hours). Destruction will be timely, witnessed, recorded, and complete to 
prevent COMSEC incidents.

     (1) Users and witnesses will be briefed on applicable security 
procedures and responsibilities in this briefing statement before 
destruction.

     (2) Witnesses will have the appropriate level clearance to be 
granted access for destruction.

     (3) Destruction will be made according to TB 380-41. Hand-receipt 
holders destroying complete editions of ALC 1 key will prepare a 
destruction report using SF 153 (COMSEC Material Report) (TB 380-41).

     (4) DA Form 5941-R (COMSEC Material Disposition Record (LRA)) is 
completed for destruction of key-tape segments, marked CONFIDENTIAL for 
classified key and FOR OFFICIAL USE ONLY for UNCLASSIFIED KEY, paragraph 
4.11.2a, TB 380-41, and returned to the custodian with the remainder of 
segments intact inside the canister.

   f. Files are maintained according to AR 25-400-2, The Modern Army 
Recordkeeping System (MARKS). Superseded and obsolete COMSEC files will 
be destroyed only during the month of January in the year following the 
inactive year.

   g. Keying material and publications are page-checked according to TB 
380-41 and as directed by the COMSEC custodian. Persons making page 
checks will sign and date the check.

   h. COMSEC material is transported as follows:

     (1) COMSEC material will be transported according to AR 380-40, TB 
380-41, and USAREUR Regulation 380-40.

     (2) Equipment will be transported according to AR 380-5, paragraph 
8-200b(2); AR 380-40; TB 380-41, paragraph 5.12; and USAREUR Regulation 
380-40.

   i. COMSEC incidents are reported immediately to the COMSEC custodian.

   j. Cryptographic operational operating manuals (KAOs), if applicable, 
will be read on receipt and reviewed once a year. Written records of 
these reviews will be maintained in file 380-40q.

   k. COMSEC files are maintained according to AR 25-400-2.

   l. COMSEC material is not subhand-receipted without the written 
permission of the COMSEC custodian.

   m. COMSEC material is ready for review or inspection at all times by 
the COMSEC custodian, command inspector, and auditor.

   n. Discrepancies noted on inspections and audits are corrected 
immediately and corrective actions are reported to the COMSEC custodian. 
(Failure to correct discrepancies found during COMSEC inspections and 
audits may result in the removal of the material and return of control 
to the COMSEC custodian.)

   o. COMSEC material is maintained separately from other classified 
documents in security containers and is easily identifiable during 
inventories and emergencies.

   p. A plan is developed to protect COMSEC material in emergencies (for 
example, natural disasters, fires, bomb threats, riots, enemy action). 
Emergency plans will include methods for secure storage, procedures for 
the evacuation, and, if necessary, destruction of the material.

   q. Evacuation routes are clearly defined. (Hand-receipt holders may 
combine their emergency plans with the parent-unit emergency plan.)

   r. Unused or undestroyed portions of keying materials are returned to 
the COMSEC custodian according to TB 380-41.

   s. Questions about procedures or other COMSEC matters are directed to 
the COMSEC custodian.

   t. Instructions from the COMSEC custodian are followed.

I have been briefed, understand, and will fulfill my responsibilities as 
a hand-receipt holder and user.

Name: ___________________ Grade: __________ Office: ____________________

Date                                        Telephone
read: ___________________ Unit: ___________ Number: ____________________

Signature of hand-receipt holder and user: _____________________________

************************************************************************

Name: ___________________ Grade: __________ Office: ____________________

Date                                        Telephone
read: ___________________ Unit: ___________ Number: ____________________


Signature of COMSEC custodian or alternate: ____________________________
___________________________________________________________________________

Figure D-1. Sample Briefing Statement

D-2. PUBLICATIONS
The following publications will be available to hand-receipt holders and users responsible for COMSEC material.

a. AR 380-5 and USAREUR Supplement 1, Department of the Army Information Security Program.

b. AR 380-40, Policy for Safeguarding and Controlling Communications Security (COMSEC) Material.

c. DA Pamphlet 25-380-2, Security Procedures for Controlled Cryptographic Items.

d. Technical Bulletin 380-40 (C) Key Variable Management and Cryptonetting for Electronically Keyed COMSEC Systems (U).

e. Technical Bulletin 380-41, Procedures for Safe-guarding, Accounting, and Supply Control of COMSEC Material.

f. USAREUR Regulation 380-40, Safeguarding and Controlling Communications Security Material.

g. USAREUR Pamphlet 380-40, Communications Security (COMSEC) Custodian Guide.

D-3. FORMS
The following forms will be available to hand-receipt holders and users responsible for COMSEC material.

a. DA Form 1999-R (Restricted Area Visitor Register (LRA)), file number 380-40e. Hold this form for 1 inactive year and destroy according to AR 25-400-2, paragraph 7-3a(4).

b. DA Form 2653-R (COMSEC Account-Daily Shift Inventory), file number 380-40p. Hold this form until receipt of certificate of verification from the office of record.

c. DA Form 5941-R (COMSEC Material Disposition Record), file number 380-40q. This form will be used to issue and destroy key-tape segments.

d. SF 153 (COMSEC Material Report), file number 380-40q.

e. SF 700 (Security Container Information). SF 700 may be destroyed when superseded.

f. SF 701 (Activity Security Checklist). SF 701 may be destroyed when superseded, unless involved in an investigation.

g. SF 702 (Security Container Check Sheet). SF 702 may be destroyed 24 hours after it is completely filled up and removed from the container (usually about 30 days) unless an investigation is in progress. If an investigation is in progress, the form will be retained until the investigation is completed.

NOTE: Hand-receipt holders will maintain only forms that are appropriate to their operations.

D-4. FILES
COMSEC hand-receipt holders and users should keep the following files:

a. 1oo, Policies and precedents (standing operating procedures and plans; destroy each document when superseded or obsolete).

b. 380-40a, COMSEC facility approval file (to be destroyed when superseded or when the account closes).

c. 380-40e, Restricted area visitor register file (to be destroyed after 1 inactive year). File DA Form 1999-R in this file.

d. 380-40n, Cryptonet management file (destroy when superseded, obsolete, or no longer needed (normally 1 inactive year)).

e. 380-40p, Daily inventory files (destroy on receipt of certificate of verification from the office of record). File DA Form 2653-R in this file.

f. 380-40q, Hand-receipt file (destroy when superseded). File DA Form 5941-R and SF 153 in this file.

g. 380-40r, Inspection report file (to be destroyed when superseded or when the account closes).

APPENDIX E
SAMPLE KEY MANAGEMENT STANDING OPERATING PROCEDURE

This appendix provides guidance for USAREUR communications security (COMSEC) personnel involved in writing a key management standing operating procedure (SOP). It provides specific instructions and requirements that should be included in this type of SOP.

SAMPLE SOP

AETV-IM-CCMO (380-40n) 1 November 1996

Electronic Key Management Standing Operating Procedures (SOP)

1. PURPOSE
This standing operating procedure (SOP) defines security procedures for the control of electronic key. It does not supersede any DA guidance, Army regulation, or USAREUR regulation.

2. ELECTRONIC KEY
Electronic key is electronically generated information (usually a sequence of random binary digits) used--

a. To set up (and periodically to change) the operations performed in cryptoequipment for encrypting or decrypting electronic signals.

b. For determining electronic signals.

c. For determining electronic counter-measure patterns (frequency hopping or spread spectrum).

d. For producing other keys.

3. RESPONSIBILITIES

a. The V Corps communications security (COMSEC) Management Office (CCMO) will-


(1) Act as controlling authority (CONAUTH) for mobile subscriber equipment (MSE) electronic key generated in this command.

(2) Approve the use of electronic key for specific division, brigade, and battalion requirements.

(3) Monitor electronic key within the command to ensure compliance with AR 380-40, USAREUR Regulation 380-40, and this SOP.

(4) Distribute key to V Corps units except the 22d Signal Brigade (22d Sig Bde). 22d Sig Bde will function as a central distribution point for MSE key distributed to its battalions, the 123d and the 141st.

(5) Evaluate electronic key COMSEC incidents in the command.

(6) Manage electronic key within the command to ensure the use of AE Form 380-40C-R (Key-Management Worksheet) and AE Form 380-40B-R (COMSEC Custodian STU-III Key Accountability Record) for data-transfer over secure telephone unit-third generation (STU-III).

(7) Establish command cryptonets according to references and operational requirements.


b. Signal officers and COMSEC custodians will--


(1) Act as point of contact (POC) for electronic-generated key in their area of responsibility.

(2) Submit requests for electronically generated cryptonets to the V Corps CCMO, according to this SOP.

(3) Monitor electronic key in their respective areas of responsibility.

(4) Provide guidance and assistance to the cryptonet control stations (CNCSs) within their area of responsibility.

(5) Manage electronic key to ensure AE Form 380-40C-R is used.

(6) Control MSE electronic key distribution to ensure AE Form 380-40C-R (Key-Management Worksheet), AE Form 380-40B-R, or a similar form for the data transfer device (DTD) is used.


c. The COMSEC net control station will--


(1) Generate electronic key for its respective internal nets.

(2) Control the distribution of this electronic key using AE Form 380-40C-R for data transfers over STU-III.

(3) Report COMSEC incidents involving electronic key according to AR 380-40, and TB 380-41, paragraph 5.25.

(4) Submit key extension requests to the CONAUTH.

(5) Distribute electronic key only to CONAUTH-authorized stations.


d. The recipient of electronic key will--


(1) Control keyed COMSEC devices according to this SOP.

(2) Not distribute electronic key without permission of the CONAUTH.

4. GENERAL

a. Signal officers and custodians at each level of command will determine the requirements for COMSEC equipment using electronic key. Information about these nets will be recorded on AE Form 380-40C-R.

b. As a minimum, frequency modulation (FM) communications nets utilizing the SEVILLE family of secure equipment and those keys associated with MSE will be established.

c. Information of each net established will be on AE Form 380-40C-R. Copies of these worksheets will be sent to the CCMO within 10 days after completion of a field exercise.

d. Traffic encryption key (TEK) will be effective for 30 days or for the duration of the field exercise. Requests for extensions will be submitted to the V Corps CCMO for approval.

e. Electronic key will be classified as it is generated. The classification of the key will be determined by the level of security required by the net. Once generated, the fill device and key will be protected to the level designated (for example, electronic key designated to protect a net to the secret level will be protected as Secret crypto-material). This classification will not be changed after it is designated. If the net security requirement changes, the key will be superseded and a new key generated at the new security level.

f. Electronic fill devices will be marked according to the electronic key they hold. As a minimum, the following information will be recorded on these devices:


(1) Type of key (KEY ID), TEK/KEK.

(2) Edition.


g. Electronic key in the MSE system will use the same marking system with the addition of a three-digit number after the type of key. The number is the hardened unique storage (HUS) location associated with KGX-93A. This number will assist the MSE switch operator to identify the correct key to supersede if necessary.

h. Only the CNCS, or the alternate (when designated as the CNCS) will be authorized to give out keys for their associated nets. Users are not authorized to further pass these keys without permission of the CONAUTH. Requests to authorize users to give out keys should be sent to the 22d Sig Bde COMSEC office with full justification. These requests will be evaluated individually and approved when justified. When users are authorized to give out keys, they will maintain a AE Form 380-40C-R on the keys they give out.

i. The CNCS will verify the security clearance status of individuals who physically pick up electronic key. The status will be checked against the proper Security Clearance Access Roster (SCAR) and memorandum signed by their commander. Electronic key will be issued only to individuals with a final security clearance granted by the Commander, Central Clearance Facility, Fort Meade, Maryland.

j. The 22d Sig Bde COMSEC office will act as the CNCS for MSE key within the 22d Sig Bde. AE Form 380-40C-R will be kept to account for keys distributed for MSE devices.

k. Signatures are required for electronic key. Units will require couriers to sign for this key. Information on the courier will be recorded on AE Form 380-40C-R.

l. Electronic keys used for the KG-94, KG-84, and COMSEC systems (other than VINSON equipment) can only be generated by a KG-83 or KGX-93A that has been certified. Requests for cryptonets for these systems must include where the key for these nets will be generated.

m. Users will zeroize user devices (for example, KY-57/KY-99/KG-94s) when the device is unattended or the mission for that equipment is completed. Keyed user devices will not be left unattended for any reason.

n. Subscribers will report COMSEC incidents according to AR 380-40; TB 380-41, chapter 5; and USAREUR Pamphlet 380-40, appendix I. United States Army Communications-Electronics Command Communications Security Logistics Activity (USACCSLA) and Directory, National Security Agency (DIRNSA), will determine whether or not the incident is an insecurity. The USAREUR Sub-Control Office (IAPG-SAS) will evaluate each reported COMSEC incident for foreign intelligence service (FIS) involvement. V Corps, as the CONAUTH, will evaluate COMSEC incidents according to AR 380-40. Subscribers should make one of the following determinations: compromise, compromise cannot be ruled out, or no compromise. The decision to supersede or not to supersede the cryptomaterial will be based on the above determination of compromise.

o. If an electronic key may have been compromised, the CNCS will impose a minimize on the cryptonets affected until rekey operations can be done.

5. ELECTRONIC-KEYED CRYPTONETS

a. General. MSE equipment will replace many of the COMSEC-key short titles. Electronic-key generated by MSE large switches will replace the COMSEC-key short titles. These keys will have cryptoperiods established by the CONAUTH.

b. Scope. Corps signal officers will coordinate key requirements with the V Corps CCMO. Keys will be generated by the 15th of each month by the Brigade COMSEC Management Office (BCMO). These keys will be picked up by the COMSEC custodian or alternate custodian by the 1st day of the following month.

c. Key Assignments. Key assignments will be provided under separate cover when the COMSEC custodian picks up keys for that month.

d. AE Form 380-40B-R. Users will complete AE Form 380-40C-R twice.

e. The Brigade COMSEC Office of Record (BCOR). The BCOR is responsible for the generation and distribution of MSE keys to the area signal battalions, the CCOR, and the DCORs.

f. Over-The-Air-Distribution (OTAD). The OTAD of COMSEC key normally is not done. If necessary, the noncrytographic operational general publication 16D (NAG 16D) will be used as guidance.

g. Downloading from the CYZ-10. COMSEC custodians and alternates will follow the steps in (1) through (13) below when downloading from the CYZ-10 using the STU-III--

Step 1: Set up the STU-III for 2400 baud, synchronous.

Step 2: Connect data cable to STU-III and the DTD.

Step 3: Ensure your CIK is installed.

Step 4: Turn on the DTD.

Step 5: Go to the Main Menu.

Step 6: Pick APPL.

Step 7: Go to the Xmit-Recv-Delete-Menu.

Step 8: Pick Setup; then Protocol.

Step 9: Pick one of the following: CFD for common fill device, D101 for DTD to DTD, or R232 for STU-III.

Step 10: Pick R232.

Step 11: Note that the 232 is displayed in the right corner of the screen.

Step 12: Pick Xmit or Recv.

Step 13: Follow the menu.

APPENDIX F
COMMAND INSPECTIONS

F-1. INSPECTORS

a. The representative from the Office of the Deputy Chief of Staff, Intelligence, HQ USAREUR/7A, will inspect the USAREUR commands listed in table F-1 according to AR 380-40, USAREUR Regulation 380-40, and this pamphlet.



Table F-1 USAREUR Commands With COMSEC Accounts
Command	Account Number
V Corps	5CE016
21st Theater Army Area Command	5DE116
United States Army Southern European Task Force	5CE051
100th Area Support Group	5DR277
66th Military Intelligence Group (Provisional)	5CE061
94th Air Defense Artillery Brigade	5CE075
80th Area Support Group	5EE487
98th Area Support Group	5DE377
414th Signal Company	5CE041
Military Traffic Management Command Europe	5DE245
GTE Government Systems Corporation Regional Support Center	5GE498



b. USAREUR commanders (USAREUR Reg 10-5) will appoint command communications security (COMSEC) inspectors to conduct their inspections.

F-2. INSPECTION AREAS
USAREUR command COMSEC inspections will cover the areas in paragraphs F-3 and F-4. The areas to be inspected (D-3 and D-4) are numbered according to the inspector's checks. Units to be inspected will use this guidance to prepare for inspections.

F-3. OPERATIONS AND ACCOUNTABILITY

Facility Approval.
1. The United States Army Communications-Electronics Command, Communications Security Logistics Activity (USACCSLA) is the approving authority for COMSEC facility approval according to TB 380-41, chapter 2. Facility approval is permanent unless there is a physical change to the COMSEC facility.

File Number: 380-40a (AR 25-400-2).

Disposition: According to AR 25-400-2.

Document Markings: As a minimum, the CFAR is marked FOR OFFICIAL USE ONLY. "Protective marking is in accordance with (IAW) paragraph 4-200, exemption 2, AR 25-55" must be on the front page (AR 25-55).

NOTE: If the CFAR is classified, it must be marked according to AR 380-5. Enclosing facility diagrams is not recommended because of classification requirements.

Guidance: The approval memorandum is attached to the CFAR when filed; the physical security of the site is the same as the last approval; and the "approving agency" and "date of approval" are entered on DA Form 2012 (COMSEC Account Data).

2. Discrepancies from the previous inspection reports are reconciled (AR 380-40).

File Number: 380-40r (AR 25-400-2).

Disposition: According to AR 25-400-2.

3. Command COMSEC inspections are conducted at least once every 24 months (AR 380-40). All discrepancies noted on the last inspection must be corrected or otherwise adjudicated (USAREUR Reg 380-40).

File Number: 380-40r (AR 25-400-2).

Disposition: According to AR 25-400-2.

4. A standing operating procedure (SOP) is prepared according to TB 380-41, chapter 2.

File Number: 1oo (AR 25-400-2).

Disposition: According to AR 25-400-2.

Document Markings: As a minimum, the SOP is marked FOR OFFICIAL USE ONLY. "Protective marking is in accordance with (IAW) paragraph 4-200, exemption 2, AR 25-55" must be on the front page (AR 25-55).

Guidance: An SOP provides for secure and efficient conduct of COMSEC operations to include accounting, courier procedures, destruction, maintenance, and physical security (incident reporting). Some accounts require both an internal and an external SOP.

5. Supervisory personnel are aware of the requirements for technical surveillance countermeasure (TSCM) services (AR 380-40).

File Number: 380-40r (AR 25-400-2).

Disposition: According to AR 25-400-2.

Document Markings: The request (message or memorandum) will be classified Secret according to AR 381-14.

The following is an example of the marking:

         DERIVED FROM: Para E7a, DoD INSTR. 5420.5
            DTD 23 MAY 84.
         DECLASSIFY ON: Source Marked OADR
         DATE OF SOURCE: _____________________

Guidance: A TSCM service is requested according to USAREUR Regulation 380-85, appendix B. The message address is: CDRUSAREUR HEIDELBERG GE//AEAGB-CI-S//, INFO: CDR COLLECTION BN AUGSBURG GE//IAPG-VOT-T//.

6. Maintenance personnel are certified on DD Form 1435 (COMSEC Maintenance Training and Experience Record) according to AR 25-12, chapter 4.

7. COMSEC equipment is installed, maintained, and repaired according to National, DOD, and DA instructions for COMSEC equipment. Personnel who receive this training also receive COMSEC awareness training (AR 25-12, chap 2).

8. The requirements for access to COMSEC information are known and followed (AR 380-40), and security clearances are verified according to AR 380-67.

9. The following publications are available or are on requisition: AR 380-5, AR 380-40, AR 710-2, TB 380-41, USAREUR Regulation 380-40, and USAREUR Pamphlet 380-40.

File Number: 1jj (AR 25-400-2).

Disposition: According to AR 25-400-2.

10. Account personnel and hand-receipt holders understand the use of the caveat CRYPTO (TB 380-41, chap 5).

11. Account personnel and hand-receipt holders know limitations on the handling and release of unclassified COMSEC information (TB 380-41, chap 5). COMSEC information is marked and handled according to AR 25-55, paragraph 3-200.

12. The COMSEC custodian and alternate custodian are appointed on DA Form 2012 (TB 380-41, chap 2).

File Number: 380-40q (AR 25-400-2).

Disposition: According to AR 25-400-2.

Document Markings: COMSEC information is marked and handled according to AR 25-55, paragraph 3-200.

Guidance: Custodian and alternates have appropriate security clearance and access.

13. DA Form 2012 is filled out and sent out according to TB 380-41, chapter 2. If no changes are made on the semiannual inventory report (SAIR), the SAIR may be completed in one of the following ways:

a. Adding the statement, "There have been no changes to DA Form 2012. DDMMYY" after "NOTHING FOLLOWS" on the certification/correction (C/C) page.

b. Sending a memorandum to USACCSLA stating, "There have been no changes to DA Form 2012. DDMMYY".

c. Sending a copy of the current DA Form 2012 with the statement, "NO CHANGES" at the top of the form.

File Number: 380-40q (AR 25-400-2).

Disposition: According to AR 25-400-2.

Document Markings: COMSEC information is marked and handled according to AR 25-55, paragraph 3-200.

14. The COMSEC custodian and the alternate are graduates of the SCCC. Certificates of graduation are available in the COMSEC facility (AR 380-40 and USAREUR Reg 380-40, para B-1).

15. The COMSEC custodian has time to perform custodial duties (TB 380-41, chap 2) along with the other assigned duties.

16. Centrally accountable COMSEC material on hand is mission essential. Excess material and shortages are reported for corrective action through command channels (TB 380-41, para 3.7).

17. In COMSEC facilities with 24-hour operation, the SF 702 (Security Container Check Sheet) is annotated at the end of each shift change (TB 380-41, para 5.4.1c).

18. The COMSEC accounting system provides security control and handling of accountable COMSEC material (TB 380-41, chap 4).

Guidance: Perform an audit trail on material received to ensure proper accounting of receipt through posting, storage, operation, and destruction including STU-III key. Accounting legend code (ALC) 3 material should be issued, not hand-receipted.

Control and Handling: When the COMSEC custodian returns from an absence, the alternate custodian formally turns over material received during the absence according to TB 380-41. COMSEC records have the correct signatures and are properly marked (if required). Audits should cover 100 percent of the material.

19. Authorized quantities of classified cryptoequipment on hand or ordered are being used and are required for mission accomplishment (TB 380-41).

20. Mandatory modifications to classified COMSEC equipment are applied and equipment modification record plates document the modification according to TB 43-0001-06 series.

21. COMSEC records are maintained according to AR 25-400-2. COMSEC accounting reports are filed in 380-40q.

22. Personnel are aware of the procedures for checking packages for evidence of tampering or content exposure (TB 380-41, chap 4).

23. Account personnel, including hand-receipt holders, are aware of page-check requirements (TB 380-41, chap 4).

Guidance: Page-checks are made--

a. When receiving and inventorying documents.

b. After posting amendments.

c. Before transferring documents to be destroyed.

d. When changing a custodian.

e. When directed by the COMSEC custodian.

24. The manner of inventorying keying material assures continuous protection and control (TB 380-41, chap 4).

File Number: 380-40p (AR 25-400-2).

Disposition: According to AR 25-400-2.

Document Markings: DA Form 2653-R (COMSEC Account--Daily Shift Inventory (LRA)) is marked FOR OFFICIAL USE ONLY. If the form identifies effective dates of a cryptosystem or the complete holder or copy distribution list, it must be marked CONFIDENTIAL. The implementation or supersession date of a single item of key also is marked CONFIDENTIAL (TB 380-41, chap 5).

Guidance: Inventories must be complete and accurate. DA Form 2653-R must be checked. Inventory date must coincide on the SF 701 (Activity Security Checklist), SF 702, and SF 153 (when material is received). Destruction records must be checked.

25. Inventories of ALC 3 and ALC 4 material are recorded on item register (IR) cards or an SF 153. The SF 153 must be prepared, signed, and witnessed and should list ALC 3 or ALC 4 by account (TB 380-41, chap 4).

File Number: 380-40q (AR 25-400-2).

Disposition: According to AR 25-400-2.

Document Markings: COMSEC information is marked and handled according to AR 25-55, paragraph 3-200.

Guidance: For manual accounts, IR cards or inventory reports are prepared, signed, and witnessed for each SAIR and change-of-custodian inventory report (CCIR). If a SF 153 is used, it should be attached to the basic report. Army COMSEC Commodity Logistics Accounting and Information Management System (ACCLAIMS) inventory printouts must have valid dates and signatures.

26. COMSEC material (including amendment residue) is destroyed according to the schedule and procedures in TB 380-41, chapter 4. Superseded key is completely destroyed by burning or by using destruction devices and methods according to the guidance in TB 380-41, chapters 4 and 5.

Guidance: Maintenance manuals and operating instructions are destroyed not later than 15 days after the item was superseded and posted to an IR card or an asset inventory and destruction report. Destroyed items are removed from DA Form 2653-R. Every effort is made to destroy COMSEC material within 12 hours after supersession according to TB 380-41, paragraph 4.22. Destruction reports must be signed. DA Form 2011 (COMSEC Aids Items Register (Using Unit)) must be signed and witnessed when used for whole destruction of material. Inspect the burning and shredding area; run a test if necessary. Classified microfiche are only destroyed by burning or an approved chemical solution according to TB 380-41. If double cut shredders are used to destroy paper, the material is considered destroyed if CHAD (residue) is not more than 1.2mm X 13mm or not more than .73mm X 22.2mm (TB 380-41, para 4.22.2).

27. COMSEC publications, if applicable, are posted with the latest changes and amendments and are page-checked (TB 380-41, chap 4).

Guidance: Reference publications are filed under 1jj according to AR 25-400-2. COMSEC publications must be checked for the latest amendments and changes according to DA Pamphlet 25-35. Amendments should be posted within 48 hours (2 workdays) of receipt, in sequence, and page-checked after posting. The message or memorandum amendment file number is: 1nn (AR 25-380-2).

28. Local accounting procedures for the issue and hand-receipt of COMSEC material are known and properly implemented (TB 380-41).

Guidance: ALC 3 and ALC 4 (category-2) are permanently issued, not hand-receipted. Issues are either from DA Form 2011 or SF 153. The COMSEC custodian ensures recipients have the correct security clearance and have a need-to-know. All hand-receipted ALC 1, ALC 2, and category-1 ALC 4 materials are annotated in pencil on DA Form 2011 (TB 380-41, pages 4-71).

29. Cryptosystems used by the command are either locally generated electronic key or preprinted key produced by the National Security Agency (NSA). The authentication system must be NSA-approved.

Guidance: Keying material approved for use within the U.S. Army must be produced by NSA (TB 380-41, chap 3).

30. The keying material on hand is routinely used or is held for a valid contingency (TB 380-41, para 3.7).

Guidance: The amount of key issued to accounts by a controlling authority (CONAUTH) is reviewed four times a year to ensure that minimum stock levels are consistent with the operations and contingency plans on hand. The custodian coordinates with the CONAUTH to decide if a distribution change is required (TB 380-41, chap 3).

31. The number of editions and the quantity of each key held are no more than the minimum required (TB 380-41, chap 3).

Guidance: Guidance is in TB 380-41, paragraph 3.9.1.

a. Monthly, regularly superseded key should not exceed a 6-month supply.

b. Other than monthly superseded key, accounts are authorized the effective edition plus three future editions.

32. Training cryptosystems and authentication systems are used only as prescribed in AR 380-40.

33. Users know the identity and address of the CONAUTH for the key held.

NOTE: The CONAUTH must know cryptonet members and identify user problems with the keying material. The COMSEC custodian informs each hand-receipt holder (user) of CONAUTH information (TB 380-41, chap 3).

34. COMSEC account personnel operating cryptosystems in the COMSEC facility must be able to use the systems and the cryptoequipment, or a training program must be in effect (TB 380-41).

NOTE: Personnel in operational accounts should read the cryptographic operational operating manual (KAO) or technical manual (TM) semiannually and verify that they have read the publications on a signature sheet.

35. The CONAUTH should complete the annual review and have required documentation on hand.

Guidance: The CONAUTH completes the annual crypto-evaluation report (CER) review and keeps a copy on file.

36. Custodians who are also CONAUTHs should take appropriate action to adjust the key-copy count, based on information from users.

37. Personnel enrolled in the Department of the Army Cryptographical Access Program (DACAP) are briefed and DACAP "certification memorandums" are signed, according to AR 380-40.

Guidance: A roster of personnel enrolled in DACAP should be sent to the appropriate security office. Personnel no longer qualified under DACAP should sign the "termination of access" portion of the DACAP certification memorandum. A copy of the memorandum should be sent to the appropriate security office.

38. A command COMSEC inspector is appointed in writing (AR 380-40).

39. The command COMSEC inspector is a graduate of the TRADOC-approved SCCC (AR 380-40).

40. The commander confirms that each COMSEC account under the jurisdiction of the command receives a command COMSEC inspection at least once every 24 months (AR 380-40).

Guidance: Property-book officers and users receive a command inspection of CCI records to ensure compliance with AR 710-2, AR 710-3, AR 380-40, and DA Pamphlet 25-380-2.

F-4. PHYSICAL SECURITY

41. If a secure room is used for operations, it meets the minimum requirements in TB 380-41, chapter 5.

Guidance: Verify the CFAR using TB 380-41, chapter 2.

42. When the COMSEC facility is unoccupied, it has the necessary safeguards, determined by the commander, to protect against unauthorized entry (TB 380-41, chap 5). There must be General Services Administration (GSA)-approved security containers available, a trained guard force, and an emergency plan that reflects both issues.

43. Unsecured telephones and other transmitting devices on site are not more than the number required for operations (TB 380-41, para 5.5.3).

44. Government-owned tape recorders, radios, television receivers, and cameras are required for facility operations or are authorized by the commander as mission essential (TB 380-41, para 5.3.5).

45. Installation and operation of electronic, access-control devices (cipher locks) meet the requirements in TB 380-41, chapter 5. Combinations are changed every 3 months. A modified SF 700 (Security Container Information) (top part) is posted, and panel buttons are kept clean.

46. All COMSEC key is stored according to TB 380-41, chapter 5.

NOTE: Future key cannot be stored in unattended facilities (AR 380-40).

Guidance: Current and future editions of key are stored in separate drawers. If only a one-drawer security container is available, current and future key are separated by a file divider.

47. Physical security of stored, classified cryptokey is modified to prevent unauthorized access to the storage container or COMSEC facility (TB 380-41, chap 5).

48. Containers used for storing classified COMSEC information meet original procurement specifications for physical security (TB 380-41, chap 5).

Guidance: Containers must not be damaged (for example, drilled). Locks must function properly and containers that are modified for two locks must meet the prescribed specifications of USAREUR Regulation 380-40, paragraph 7e. Check containers against TB 380-41, paragraph 5.8.

49. Containers and secure rooms used to store classified COMSEC material have built-in combination locks or approved combination padlocks according to TB 380-41, chapter 5.

50. When not installed in an operational configuration, classified cryptoequipment and components are securely stored (TB 380-41, chap 5).

51. When installed in an operational configuration, unattended, unkeyed cryptoequipment is left installed and protected in a manner approved by the commander according to TB 380-41, chapter 5.

52. Classified documents are stored securely (TB 380-41, chap 5). Open and closed signs are used on security containers according to AR 380-5.

53. Lock combinations are changed every 12 months. For containers storing NATO material, combinations are changed every 6 months according to TB 380-41, chapter 5. Combinations also are changed when an individual knowing the combination no longer needs access (AR 380-5).

54. Lock combinations are given as few authorized personnel as possible (TB 380-41, chap 5).

55. Access to the COMSEC facility is granted and controlled according to the provisions of TB 380-41, chapter 5.

Guidance: Personnel have a "need-to-know" and a current DA Form 1999-R (Restricted Area Visitor Register (LRA)) is completed correctly. The 1999-R for the last calendar year is closed out and filed (USAREUR Pam 380-40, para 6-1a(7)).

56. Daily security checks are made at the end of each work-day and on non-workdays as required (TB 380-41, chap 5).

57. Classified COMSEC material is properly prepared and packaged for shipment (TB 380-41, chap 5). Custodians and alternates are aware of the special procedures for shipments through the defense courier service (DCS).

58. Authorized means of transporting classified COMSEC material are known and followed (TB 380-41, chap 5).

Guidance: The DCS is used whenever possible; unit couriers have DD Form 2501 (Courier Authorization Card) and an SOP is available.

59. The emergency plan includes provisions from TB 380-41, chapter 5, determined as appropriate by the commander.

File Number: 500-4a (AR 25-400-2).

Disposition: According to AR 25-400-2.

Document Markings: The minimum marking for this file is FOR OFFICIAL USE ONLY.

Guidance: the plan should be realistic, simple, and workable. The plan must be signed by the commander and contain the required provisions of TB 380-41.

NOTE: Task cards are recommended. The commander decides whether or not to use task cards.

60. The emergency plan is compatible with the command emergency plans.

Guidance: The emergency plan has a coordination sheet for signatures from units and elements that support the plan. The plan is coordinated with the command emergency plan to ensure evacuation, storage, and destruction of key will be effectively and securely performed in the event of an actual emergency (TB 380-41, chap 5, and app D).

61. The emergency plan procedures provide for the immediate destruction of superseded key, according to TB 380-41, chapter 5. Emergency procedures are exact for the destruction of keying material. Plan task cards are correct and prioritized.

62. Adequate emergency destruction material and devices are available and working (TB 380-41, chap 5).

Guidance: The recommended types of destruction methods and devices are covered in TB 380-41, chapter 5. Whenever COMSEC equipment is used, destruction tools (for example, an axe, pick, sledge hammer) are available.

63. Briefings and dry runs of the emergency plan are held four times a year and are documented. Account personnel know their responsibilities in an emergency, according to AR 380-40.

File Number: 350-28a (AR 25-400-2).

Disposition: According to AR 25-400-2.

Document Marking: The minimum marking for this file is FOR OFFICIAL USE ONLY.

Guidance: COMSEC custodians will document emergency-plan dry-runs by giving the date of training, the portion of plan to be tested (for example, evacuation, destruction, secure storage), the training results, and the names of participating personnel and witnesses. This document is signed by the commander and the COMSEC custodian. Any discrepancy found during the dry run is corrected immediately and the plan changed accordingly (AR 380-40).

64. Sensitive pages of COMSEC cryptographic operational maintenance manuals (KAM) are prepared for quick removal where required, and personnel are familiar with the emergency implementing procedures (TB 380-41, chap 5).

65. Personnel are familiar with reportable incidents pertaining to cryptosystems and associated material (AR 380-40).

Guidance: Personnel know what constitutes an incident, the types of incidents, and how to prevent them. This information is part of the local COMSEC SOP.

66. Supervisory personnel are familiar with the requirements and time limits for reporting incidents according to AR 380-40. The local SOP contains added information for reporting incidents.

67. Users are aware of the requirement to report all circumstances, occurrences, or acts that could lead to a compromise of key, directly to the appropriate CONAUTH (TB 380-41, chap 5).

Guidance: Custodian, alternates, and hand-receipt holders know the message address, the mailing address, and the telephone number of the CONAUTH. This information is included in the local SOP.