














































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
(1) Issue and disseminate security classification guidance for each system, plan, program, project, or mission involving classified information ...
Typology: Study notes
1 / 54
This page cannot be seen from the preview
Don't miss anything!















































April 2, 2013 Incorporating Change 2, Effective September 15 , 2020
USD(I&S)
SUBJECT: Instructions for Developing Security Classification Guides
References: See Enclosure 1
a. Under Secretary of Defense for Intelligence and Security (USD(I&S)). The USD(I&S) shall, in accordance with Reference (c), oversee the DoD Information Security Program, which includes the development, distribution, maintenance, revision, and cancellation of security classification guides.
b. Original Classification Authorities (OCAs). OCAs, as required by Reference (f), shall:
(1) Issue and disseminate security classification guidance for each system, plan, program, project, or mission involving classified information under their jurisdiction.
Change 2, 09/15/2020 2
(2) Review security classification guidance issued under their authority once every 5 years to ensure currency and accuracy, or sooner when necessitated by significant changes in policy or in the system, plan, program, project, or mission, and update the guides as required.
(3) Revise, whenever necessary for effective derivative classification, the security classification guides issued under their authority.
(4) Provide copies of any security classification guides issued under their authority as required by Enclosure 6 of Volume 1of Reference (f).
(5) Cancel security classification guides when all information the guide specified as classified has been declassified, or when a new classification guide incorporates the classified information covered by the old guide and there is no reasonable likelihood that any information not incorporated by the new guide shall be the subject of derivative classification.
(6) Coordinate, pursuant to part 1045 of title 10, CFR (Reference (g)), with the Department of Energy (DOE), Office of Classification, through the Deputy Assistant Secretary of Defense for Nuclear Matters (DASD(NM)), whenever they develop or revise security classification guides with Restricted Data (RD) or Formerly Restricted Data (FRD) information.
a. The title of the Under Secretary of Defense for Intelligence to the Under Secretary of Defense for Intelligence and Security in accordance with Public Law 116-92 (Reference (h)).
b. Additional organizational changes reflecting direction in statute or Secretary and Deputy Secretary of Defense direction.
Change 2, 09/15/2020 5 CONTENTS
Change 2, 09/15/2020 7 ENCLOSURE 1
(a) DoD 5200.1-H, “Department of Defense Handbook for Writing Security Classification Guidance,” November 1999 (hereby cancelled) (b) DoD Directive 5143.01, “Under Secretary of Defense for Intelligence and Security (USD(I&S)),” October 24, 2014, as amended (c) DoD Instruction 5200.01, “DoD Information Security Program and Protection of Sensitive Compartmented Information (SCI),” April 21, 2016, as amended (d) Executive Order 13526, “Classified National Security Information,” December 29, 2009 (e) Part 2001 of title 32, Code of Federal Regulations (f) DoD Manual 5200.01, “DoD Information Security Program,” February 24, 2012, as amended (g) Part 1045 of title 10, Code of Federal Regulations (h) Public Law 116-92, “National Defense Authorization Act for Fiscal Year 2020,” December 20, 2019 (i) DoD Instruction 5230.09, “Clearance of DoD Information for Public Release,” January 25, 2019 (j) DoD Instruction 8170.01, “Online Information Management and Electronic Messaging,” January 2, 2019 (k) Sections 2014 and 2162, et seq., of title 42, United States Code (also known as “The Atomic Energy Act of 1954, as amended”) (l) DoD Instruction 5210.02, “Access to and Dissemination of Restricted Data and Formerly Restricted Data,” June 3, 2011, as amended (m) DoD Instruction 5230.24, “Distribution Statements on Technical Documents,” August 23, 2012, as amended (n) National Security Decision Directive 189, “National Policy on the Transfer of Scientific, Technical and Engineering Information,” September 21, 1985 (o) Under Secretary of Defense for Acquisition, Technology, and Logistics Memorandum, “Fundamental Research,” May 24, 2010^1 (p) DoD Instruction 5200.39, “Critical Program Information (CPI) Protection Within Research, Development, Test, and Evaluation (RDT&E), May 28, 2015, as amended
(^1) Available from the Office of the Under Secretary of Defense for Research and Engineering.
Change 2, 09/15/2020 8 ENCLOSURE 2
a. Classification management procedures call for the timely issuance of comprehensive guidance regarding classification of information concerning any system, plan, program, project, or mission under the jurisdiction of the OCA, the unauthorized disclosure of which reasonably could be expected to cause damage to national security. Precise classification guidance is prerequisite to effective and efficient information security and assures that security resources are expended to protect only that which truly warrants protection in the interests of national security. Reference (d) and its implementing guidance, Reference (e), provide general requirements and standards concerning the issuance of security classification guides while Reference (f) provides DoD guidance on development, promulgation, distribution, maintenance, and cancellation of security classification guides.
b. Information is classified, in accordance with guidance in References (d), (e), and (f), to provide an appropriate level of protection. Therefore, it is essential that a classification guide identify the specific items of information and the levels of protection required, as well as the time periods for which protection must be provided.
c. A classification guide will be issued as early as practical in the life cycle of the classified system, plan, program, project, or mission. The requirements of Reference (f) regarding classification, declassification, downgrading, marking, and security classification guides should be reviewed and understood in preparation for writing a security classification guide.
d. DoD information that does not, individually or in compilation, require classification, must still be reviewed in accordance with DoDI 5230.09 (Reference (i)), prior to any release to the public. In addition, such information must also be reviewed for compliance with the provisions of DoDI 8170.01 (Reference (j)), prior to its placement on any publicly accessible Internet site. Information that does not require classification may nevertheless be exempt from release to the public or have other restrictions applied when released to other U.S. Government agencies.
e. RD and FRD are unique categories of classified information defined by section 2014 of title 42, United States Code (U.S.C.) (also known and hereinafter referred to as “The Atomic Energy Act of 1954, as amended” (Reference (k))) and for which program guidance is provided in Reference (g). Guides containing RD or FRD topics must be coordinated with DOE, through the DASD(NM); see part 1045.37(c) of Reference (g) and DoDI 5210.02 (Reference (l)) for further guidance. Note also that RD and FRD are never automatically declassified and such information must not include declassification instructions (however, see Reference (f) for further guidance when RD or FRD and national security information (NSI) are co-mingled).
f. Where applicable, guides should be marked with the appropriate distribution statement required by DoDI 5230.24 (Reference (m)). Additionally, as needed, guides should provide
Change 2, 09/15/2020 10 ENCLOSURE 2
(g) Vulnerabilities or capabilities of systems, installations, infrastructures, projects, plans, or protection services relating to the national security (subsection 1.4(g)); or
(h) The development, production, or use of weapons of mass destruction (subsection 1.4(h)).
(4) For classification and declassification of nuclear weapon information (i.e., RD and FRD), see References (g) and (l).
(5) Pursuant to National Security Decision Directive 189 (Reference (n)), fundamental research not clearly related to the national security shall, to the maximum extent possible, remain unrestricted. However, when control is required for national security reasons, classification is the appropriate mechanism. Refer to Reference (n) and Under Secretary of Defense for Acquisition, Technology, and Logistics Memorandum (Reference (o)) for additional guidance.
(6) Although information developed by contractors under an independent research and development (IR&D) effort typically does not qualify for classification, it is possible for classified information to be generated by IR&D efforts. This may occur when contractors use properly classified information in their IR&D efforts to explore technological advancements and state-of-the-art improvements. Information that is generated by or results from an IR&D effort and is derived from properly classified information requires derivative classification in accordance with Reference (d). Classification guides developed in accordance with this Manual can be used by contractors as a source of up-to-date classification guidance for information used in or generated by their IR&D efforts. Recognition of such use by developers of classification guides, particularly those addressing leading edge or breakthrough technology, can help to ensure that information related to national security is consistently protected.
(7) An OCA determines whether specific information should be classified, using the steps shown in Appendix 1 to this enclosure. These steps may be laid out as a series of questions, as identified in subparagraphs 2.a.(7)(a) through 2.a.(7)(e). OCAs should review the following questions throughout the process:
(a) Is the information owned by, produced by or for, or under the control of the U. S. Government? If the answer to this question is no, the information cannot be classified.
(b) Does the information fall within one or more of the categories of information identified in sections 1.4(a) through 1.4(h) of Reference (d) or, for nuclear information, meet the criteria in Reference (g)? If the answer to this question is no, the information cannot be classified. If the answer is yes, then the next question applies.
(c) Is there a reasonable possibility that the information can be protected from unauthorized disclosure? If the answer is no, the information cannot be classified. If the answer is yes, then the next question applies.
Change 2, 09/15/2020 11 ENCLOSURE 2
(d) Can the unauthorized disclosure of the information reasonably be expected to cause identifiable or describable damage to the national security? If the answer is no, the information cannot be classified. If the answer is yes, then the question in subparagraph 2.a.(7)(e) applies.
(e) What is the level of damage (i.e., damage, serious damage, or exceptionally grave damage) to the national security expected in the event of an unauthorized disclosure of the information? If the answer to this question is damage, classify the information “Confidential.” If the answer is serious damage, classify it “Secret.” If the answer is exceptionally grave damage, classify the information “Top Secret.”
(f) Where there is significant doubt about the need to classify information, it shall not be classified. If there is significant doubt about the appropriate level of classification, the information shall be classified at the lower level.
b. When to Declassify. The declassification decision determines how long the information will be protected (i.e., the duration of classification) and is as important as the original classification determination. Information is to be declassified as soon as it no longer meets the requirements for classification. When an item of information is originally classified, the OCA shall establish a specific date or event for declassification of the information based upon its national security sensitivity. The OCA must specify one of the following options, selecting, whenever possible, the option that will result in the shortest duration of classification:
(1) A date or independently verifiable event less than 10 years from the date of original classification.
(2) A date 10 years from the date of original classification.
(3) A date or independently verifiable event greater than 10 and less than 25 years from the date of original classification.
(4) A date 25 years from the date of original classification.
(5) “50X1-HUM,” designating a duration of up to 75 years, when classifying information that is clearly and demonstrably expected to reveal the identity of a confidential human source or a human intelligence (HUMINT) source.
(6) “50X2-WMD,” designating a duration of up to 75 years, when classifying information that is clearly and demonstrably expected to reveal key design concepts of weapons of mass destruction.
(7) “25X_” (where “_” is a number 1 through 9) with a date or event, designating a duration of up to 50 years when classifying information that clearly falls within an exemption from automatic declassification at 25 years that has previously been approved by the Interagency Security Classification Appeals Panel (ISACP). See Enclosure 5 of Volume 1 of Reference (f) for further guidance on use of exemptions before citing this duration.
Change 2, 09/15/2020 13 ENCLOSURE 2
(3) Once potentially similar information is identified, follow up as needed to understand whether the information is the same or different and, if the same, to ensure consistent, horizontal classification of the information. When there is a conflict in classification guidance between the guide being developed and a previously approved guide, there is a risk of unauthorized disclosure. Thus, it is important to understand and resolve such differences. Conflicts shall be resolved and the resulting guidance approved by the responsible OCAs. In cases where the data is similar but not the same, include an explanation of the differences in the data and their classification levels in the guide so that the users can clearly understand those differences and protect the information appropriately.
b. Step 2 - Determine the State-of-the-Art Status. Reasonable classification determinations cannot be made in the scientific and technical field without analysis of what has been accomplished, what is being attempted, and by whom. Use Appendix 3 to help with that analysis. Make use of scientific and information services. Consult technical and intelligence specialists. Obtain assistance available from any proper source. Learn about the state of the art, the state of development, attainment in the field of work, and what is known and openly published about it, including:
(1) The known or published status (foreign and domestic).
(2) The known but unpublished (possibly classified) status in the United States.
(3) The known but unpublished status in friendly and unfriendly countries.
(4) The extent of foreign knowledge of the unpublished status in the United States.
c. Step 3 - Identify National Advantage. The guide’s subject matter must be reviewed as a totality. Appendix 2 can also help with that review. Decide what the system, plan, program, project, or mission does or seeks to accomplish that will result in a net national advantage. Cover all the benefits, direct and indirect, accruing or expected to accrue to the United States. In the final analysis, the decision to classify will be related to one or more of the following factors that produce, directly or indirectly, the actual or expected net national advantage:
(1) Fact of interest by the U.S. Government in the particular effort as a whole or in specific parts that are being considered or emphasized.
(2) Fact of possession by the United States.
(3) Capabilities of the resulting product in terms of quality, quantity, and location.
(4) Performance, including operational performance, as it relates to capabilities.
(5) Vulnerabilities, weaknesses, countermeasures, and counter-countermeasures.
(6) Uniqueness – exclusive U.S. knowledge.
(7) Lead time, related to state of the art.
Change 2, 09/15/2020 14 ENCLOSURE 2
(8) Surprise, related to possession and capability to use.
(9) Specifications – may be indicative of goals, aims, or achievements.
(10) Manufacturing technology.
(11) Associations with other data or activities.
d. Step 4 - Make Initial Classification Determination. Conducting the analysis outlined in paragraphs 3.b. and 3.c. of this section will help identify the net national advantage, and hence, what requires classification to protect that advantage. Although at this stage of the guide’s preparation the focus is primarily on information relating to the overall effort, consideration must be given to some of the more specific information or data that covers performance capabilities and possible vulnerabilities and weaknesses. Appendix 3 to this enclosure has been designed to help in that consideration.
(1) Before trying to identify specific items of information that require classification, some sense of what information about the system, plan, program, project, or mission needs protection is required. Use an engineering approach or view of the effort to group information about the effort into large categories and then consider each category in turn. One or more of the large categories may be able to be eliminated from further consideration with relative ease (i.e., none of the information in the category qualifies for or requires classification). A work breakdown structure or system architecture may help identify the categories. After the large categories are identified, they can be repetitively broken into smaller and smaller pieces until specific elements of information are identified.
(2) Additionally, be aware that the information that needs protection may change as a system, plan, program, project or mission progresses through its life-cycle. What needs to be classified in the early stages of a system, plan, program, project or mission (e.g., during research and development) may differ from that which requires classification in other life-cycle phases (e.g., system development, production, operations or execution). The effort must be regularly reevaluated to determine which information requires classification and the classification guidance updated as appropriate.
(3) Once the information that needs to be protected has been identified, do not forget to look at all the related processes (e.g., manufacturing, logistics, budgeting) to ensure the information is protected throughout execution of those processes (e.g., do the budget estimates need to be classified? does shipment of the end-item to certain locations reveal classified data?).
e. Step 5 - Identify Specific Items of Information That Require Classification
(1) The core of a classification guide is the identification of the specific items or elements of information warranting security protection. Regardless of the size or complexity of the subject matter of the guide, or the level at which the classification guide is issued, there are certain identifiable features of the information that create or contribute to actual or expected
Change 2, 09/15/2020 16 ENCLOSURE 2
(b) At certain stages in production or deployment, it may not be practical or possible to protect certain items of information from disclosure. It is also possible that design improvements may have eliminated exploitable vulnerabilities.
(c) Once a decision is made to release information to the public, it cannot remain classified.
(2) With these factors in mind, and considering the provisions of paragraph 2.b. of this enclosure, proceed with the determination of the appropriate declassification instructions for each item of classified information.
(3) Always consider the possibility of providing for downgrading of the classification that is assigned. Future downgrading is an option that is always open when information is originally classified at the “S” or “TS” levels. Consider it carefully in every instance and provide for downgrading at fixed future points in time or upon a specified event occurring when the damage that is expected to result from an unauthorized disclosure will be reduced to a level prescribed for lower classification.
g. Step 7 - Write the Guide. Once the specific items of information that warrant security classification have been identified, it is finally time to start writing the security classification guide. Use clear, precise language and statements to describe which items of information require classification.
(1) While there is no mandatory DoD-wide format for security classification guides, first consider using the format described in Enclosure 4 of this Manual.
(2) Security classification guides should be issued as documents within the OSD or DoD Component policy or regulatory structure (e.g., instructions, manuals, regulations) only in exceptional cases. Typically, the issuing office coordinates the guide with other subject matter experts and potential users prior to approval by the OCA and promulgation by the issuing office. This process facilitates timely update of the guide, as required by References (d) and (e).
(3) Comply with these administrative requirements:
(a) Place the most significant words of the guide’s title first, for example, “FA-5B Aircraft Security Classification Guide.”
(b) Identify the OCA who personally approved the guide in writing and has program or supervisory responsibility over the information addressed in the guide as well as the office of primary responsibility (OPR) that can be contacted for clarification or additional information.
(c) Specify, clearly and concisely, the reason(s) for classification, the level of classification, and a declassification instruction(s) for each item to be classified. A table format is recommended for identifying this information as well as any downgrading instructions and other needed comments and instructions. While the format used throughout this Manual is the recommended format, the format can vary for clarity or to best suit the needs of the system, plan,
Change 2, 09/15/2020 17 ENCLOSURE 2
program, project, or mission. The Appendix to Enclosure 4 of this Manual illustrates some format variations.
(d) Classify the guide if required by its contents. If the guide does not require classification, it must be marked and protected as FOR OFFICIAL USE ONLY (FOUO). Security classification guides shall not be released to the public.
(4) Ensure that the security classification guide:
(a) Precisely states the specific information elements to be protected. Use clear, precise language or statements to describe which items of information require classification. It is also advisable to include items that are designated as controlled unclassified information (CUI) (e.g., FOUO) or that are unclassified, when that will assure users of the guide that this information is, in fact, CUI or unclassified and was not inadvertently omitted.
(b) Identifies the classification levels (“TS,” “S,” or “C”) and any additional dissemination control marking or special handling caveats such as RD, FRD, Releasable To (REL TO), or Not Releasable to Foreign Nationals (NOFORN), that may apply to each element of information. When it will serve a useful purpose or reassure the user, specify that the information is “U” (Unclassified) or cite the specific CUI control (such as FOUO).
(c) Identifies the reason for classification, using the number of the applicable subsection of section 1.4 of Reference (d).
(d) Specifies the duration of classification for each element of information, except for information that qualifies as RD or FRD. As RD and FRD are not subject to the automatic declassification requirements of Reference (d), no declassification instruction should be entered for RD or FRD information unless co-mingled with NSI. Alternatively, when not co-mingled with NSI, “Excluded from automatic downgrading/declassification” may be cited in the “Declassify On” column for clarity. When co-mingled, see Volume 2 of Reference (f) for further guidance.
(e) States any downgrading action that is to occur, and when such action is to take place (date or event).
(f) Includes amplifying comments whenever appropriate to explain the exact application of classification.
(5) Provide any additional guidance required for effective use of the guide. Use the general instructions in section 1 of the guide to address general topics (e.g., foreign disclosure considerations, public affairs guidance, dissemination, and reproduction information) that provide overall guidance for the users.
Appendixes
Change 2, 09/15/2020 19 APPENDIX 1 TO ENCLOSURE 2
Figure 1. Original Classification Process Flow Chart
NO
YES
Is there a reasonable
disclosure?
possibility that the information can be protected from unauthorized
YES
fall within one or more of the^ NO categories in Section 1.4 of E.O. 13526?
Does the information
YES
cause damage to the national
information reasonably be expected to
Can the unauthorized disclosure of the
security?
NO
NO
NO
YES
YES
NO
Is the information owned by, produced by or for, or under the control of, the U.S. Government?
guidance already exist for the
Does applicable classification subject area of interest?
The information does not qualify for classification.
Describe the damage that would becaused by unauthorized disclosure.Use existing classification guidance. already
Use existing classification guidance.^ already
Assign a level of classification based on the degree of damage.
Use existing classification guidance.^ already
Determine the duration of classification, including downgrading instructions.
Use existing classification guidance.^ already
The OCA resolves classification conflicts as needed, and documents and communicates the decision in written classification guidance.
YES
jurisdiction over the information?
Classification Authority and
you have Original
Do
Use existing classification guidance.
You are not authorized to classify the information. Identify and contact the OCA with jurisdiction over the information.
Change 2, 09/15/2020 20 APPENDIX 2 TO ENCLOSURE 2
The questions, answers, and follow-up actions shown in Figure 2 are provided to assist in systematically determining whether certain broad aspects of an effort warrant security classification. Users are cautioned that the outcomes specified in the flow chart are not absolute; judgment must be applied in all cases. Additionally, when using Figure 2 it may be necessary to consider the questions for both the overall effort and, at a high level, for the individual technologies used. For example, the fact that a new weapon system (the overall effort) is being developed may be public knowledge and therefore not classifiable, but aspects of specific technologies used in the weapon system may warrant protection and, therefore, be classifiable. If the resulting determination is that the information is classifiable, see Appendix 3 to Enclosure 2 for guidance on determining which specific details of the effort warrant classification.