Security Department of the Army Information Security Program

Army Regulation 380?5

Security

Department of the Army Information Security Program

Headquarters Department of the Army Washington, DC 29 September 2000

UNCLASSIFIED

SUMMARY of CHANGE

AR 380?5 Department of the Army Information Security Program

This revision--

o Emphasizes the responsibilities of Headquarters Department of the Army, the Commander, the Command Security Manager, the Supervisor, and the Individual (chap 1).

o Updates information relating to Restricted Data, Formerly Restricted Data, Sensitive Compartmented Information, Communications Security Information, and Special Access Program Information (chap 1).

o Expands and clarifies exceptional situations and waivers (chap 1).

o Specifies the process for applying original classification (chap 2).

o Removes the declassification statement Originating Officials Determination Required or "OADR" (para 2-11).

o Changes the distribution process for security classification guides (para 218).

o Outlines the procedures for challenges to classification (para 2-22).

o Updates information regarding the Army Declassification Program (chap 3).

o Updates information relating to the deadline for automatic declassification, adding an additional 18 months (para 3-5).

o Gives clearer information in regards to destruction, declassification, purging, and clearing (chap 3).

o Replaces the statement "US ONLY" with "NOFORN" (para 4-6).

o Updates Warning Notices for printed documents and those on Automated Information Systems (para 4-12).

o Lists the obsolete restrictions and control markings (para 4-13).

o Outlines the requirements relating to For Official Use Only (FOUO) information (chap 5).

o Replaces the statement "Limited Official Use" with "Sensitive But Unclassified" (para 5-7).

o Outlines the requirements relating to Drug Enforcement Administration Sensitive Information (chap 5).

o Outlines the requirements relating to Department of Defense Unclassified Controlled Nuclear Information (chap 5).

o Outlines the requirements relating to sensitive information and the Computer Security Act of 1987 (chap 5).

o Outlines the requirements relating to distribution statements on scientific and technical documents (para 5-24).

o Outlines the requirements regarding the SF 312 (Classified Information Nondisclosure Agreement (NDA) (chap 6).

o Explains the requirements to access Department of the Army classified information by individuals or agencies outside the Executive Branch (para 68).

o Adds guidance to the use of speakerphones (para 6-14).

o Updates guidance on classified meetings, conferences, and acquisition meetings (para 6-18).

o Removes the requirement for the Entry/Exit Inspection Program and the TwoPerson Integrity Program (para 6-36).

o Updates the federal specifications for locks (para 7-4).

o Updates procedures for handcarrying of classified material (chap 8).

o Outlines requirements for transportation plans (para 8-7).

o Emphasizes annual refresher training requirements for the security education program (para 9-7).

o Rescinds DA Form 2134 (Security Violation(s) Report) (para 10-3).

o Updates security controls on dissemination and marking of warning notices on intelligence information to include the latest version of Director of Central Intelligence Directive 1/7 (app D).

o Addresses security procedures for documents created for and on automated information systems and Internet web-based display (app E).

o Updates the Management Control Evaluation Checklist (app F, section I).

o Lists and describes the modern army recordkeeping system file numbers associated with this Regulation (app F, section II).

o Updates information of Special Access Programs (app I).

o Updates the abbreviations and terminology lists (glossary).

Headquarters Department of the Army Washington, DC 29 September 2000

*Army Regulation 380?5

Effective 31 October 2000

Security

Department of the Army Information Security Program

History. This publication publishes a revision of this publication. Because the publication has been extensively revised, the changed portions have not been highlighted.

Summary. This regulation implements the policy set forth in Executive Order (E. O.) 12958, "Classified National Security Information", April 17, 1995, with amendments, and DOD 5200.1?R, "Information Security Program." It establishes

the policy for classification, downgrading, declassification, and safeguarding of information requiring protection in the interest of national security.

Applicability. This regulation applies to all military and civilian members of the Active Army, Army National Guard of the United States (ARNGUS), and U.S. Army Reserve (USAR) and Department of the Army (DA) personnel. During mobilization, chapters and policies contained in this regulation may be modified by the proponent.

Proponent and exception authority. The proponent of this regulation is the Deputy Chief of Staff for Intelligence. The Deputy Chief of Staff for Intelligence has the authority to approve exceptions to this regulation that are consistent with controlling law and regulation, and as stated in this regulation. Paragraph 1?20 of this regulation further delineates waiver and exception to policy authority.

Army management control process.

This regulation contains management control provisions and identifies key management controls that must be evaluated.

Supplementation. Supplementation of this regulation is permitted at command option, but is not required.

Suggested Improvements. Users are invited to send comments and suggestions on DA Form 2028, Recommended Changes to Publications and Blank Forms, through command channels to HQDA DCSINT (DAMI?CH), 2511 Jefferson Davis Highway, Suite #9300, Arlington, VA 22209?3910.

Distribution. This publication is available in electronic media only and is intended for command levels A, B, C, D, and E for the Active Army, the Army National Guard, and the U.S. Army Reserve.

Contents (Listed by paragraph and page number)

Chapter 1 General Provisions and Program Management, page 2

Section I Introduction, page 1 Purpose ? 1?1, page 1 References ? 1?2, page 1 Explanation of abbreviations and terms ? 1?3, page 1

Section II Responsibilities, page 1 Secretary of the Army ? 1?4, page 1 Headquarters Department of the Army (HQDA) ? 1?5, page 1 The Commander ? 1?6, page 2 The Command Security Manager ? 1?7, page 2 The Supervisor ? 1?8, page 3

*This regulation supersedes AR 380?5, 25 February 1988; AR 380?150, 15 September 1982; AR 381?1, 12 February 1990; DA Pamphlet 380?1, 23 March 1990, and rescinds DA Form 2134, Security Violation(s) Report, January 1983.

AR 380?5 ? 29 September 2000

i

UNCLASSIFIED

Contents--Continued

The Individual ? 1?9, page 3

Section III Program Management, page 4 Applicability definition ? 1?10, page 4 General principles ? 1?11, page 4 Legal authority ? 1?12, page 4 Recordkeeping Requirements ? 1?13, page 4

Section IV Program Direction, page 4 Background ? 1?14, page 4 Information Security Oversight Office Responsibility ? 1?15, page 5

Section V Special Types of Information, page 5 Atomic Energy Information (Restricted Data (RD)/Formerly Restricted Data (FRD)) ? 1?16, page 5 Sensitive Compartmented Information, Communications Security Information, and Special Access Programs

Information ? 1?17, page 5

Section VI Exceptional Situations, page 5 Military Operations, Exercises, and Unit Deactivations ? 1?18, page 5 Waivers and Exceptions to Policy ? 1?19, page 5

Section VII Corrective Actions and Sanctions, page 6 General ? 1?20, page 6 Sanctions ? 1?21, page 6 Reporting of Incidents ? 1?22, page 6

Section VIII Reports, page 7 Reporting Requirements ? 1?23, page 7 Command security inspections ? 1?24, page 7

Chapter 2 Classification, page 7

Section I Classification Principles, page 7 Original vs. derivative classification ? 2?1, page 7 Policy ? 2?2, page 8 Delegation of authority ? 2?3, page 8 Required Training ? 2?4, page 8

Section II Derivative Classification, page 8 Policy ? 2?5, page 8 Accuracy responsibilities ? 2?6, page 8

Section III The Original Classification Process, page 9 General ? 2?7, page 9 Classification criteria ? 2?8, page 9 Possibility of Protection ? 2?9, page 9

ii

AR 380?5 ? 29 September 2000

Contents--Continued

Levels of classification ? 2?10, page 10 Duration of classification ? 2?11, page 10 Communicating the Classification Decision ? 2?12, page 11 Compilation ? 2?13, page 11 Acquisition Systems ? 2?14, page 11 Limitations and prohibitions ? 2?15, page 11

Section IV Security Classification Guides, page 12 Policy ? 2?16, page 12 Content ? 2?17, page 12 Approval, distribution, and indexing ? 2?18, page 12 Review, revision, and cancellation ? 2?19, page 12

Section V Non?Government Information, page 13 Policy ? 2?20, page 13 Classification determination ? 2?21, page 13 Classification challenges ? 2?22, page 14

Chapter 3 Declassification, Regrading, and Destruction, page 15

Section I Army Declassification Program, page 15 General ? 3?1, page 15 Special Program Manager ? 3?2, page 15 Declassification of Restricted Data and Formerly Restricted Data ? 3?3, page 15 Declassification of other than Army information ? 3?4, page 15

Section II The Automatic Declassification System, page 16 General ? 3?5, page 16 Exemption from automatic declassification ? 3?6, page 16 Marking of documents exempted from automatic declassification at 25 years ? 3?7, page 17

Section III Mandatory Review for Declassification, page 17 General ? 3?8, page 17 General ? 3?9, page 17

Section IV Regrading, page 17 Downgrading information ? 3?10, page 17 Downgrading policy ? 3?11, page 17 Upgrading ? 3?12, page 18

Section V Classified Material Destruction Standards, page 18 General ? 3?13, page 18 Concepts of destruction ? 3?14, page 18 Approved routine methods of destruction ? 3?15, page 18 Appropriate material destruction techniques and methods for non paper?based material ? 3?16, page 19 Technical advice on approved destruction devices and methods ? 3?17, page 20 Clearing, purging, declassifying, and destroying media ? 3?18, page 20

AR 380?5 ? 29 September 2000

iii

Contents--Continued

Chapter 4 Marking, page 21

Section I Marking Documents, page 21 Purpose and policy ? 4?1, page 21 Exceptions ? 4?2, page 21 Requirements ? 4?3, page 22 Overall classification marking ? 4?4, page 22 Date, command, office of origin, and agency ? 4?5, page 22 Page and portion marking ? 4?6, page 22 Sources of classification ? overview ? 4?7, page 23 Sources of classification ? procedures ? 4?8, page 24 Reason for original classification ? 4?9, page 24 Declassification instructions--"Declassify on" line ? 4?10, page 25 Sources that were created prior to 1976 ? 4?11, page 27 Warning notices ? 4?12, page 27 Obsolete Restrictions and Control Markings ? 4?13, page 29 Downgrading instructions ? 4?14, page 29 The Modern Army Recordkeeping System ? 4?15, page 29

Section II Marking Special Types of Documents, page 30 Documents with component parts ? 4?16, page 30 Transmittal documents ? 4?17, page 30 Classification by compilation ? 4?18, page 30 Translations ? 4?19, page 30 Electronically transmitted messages ? 4?20, page 30 Documents marked for training purposes ? 4?21, page 31 Files, folders, and groups of documents ? 4?22, page 31 Printed documents produced by AIS equipment ? 4?23, page 31

Section III Marking Special Types of Material, page 31 General policy ? 4?24, page 31 Telephone or communications directories ? 4?25, page 32 Blueprints, schematics, maps, and charts ? 4?26, page 32 Photographs, negatives, and unprocessed film ? 4?27, page 32 Slides and transparencies ? 4?28, page 32 Motion picture films and videotapes ? 4?29, page 32 Sound recordings ? 4?30, page 32 Microfilms and microfiche ? 4?31, page 32 Removable AIS storage media ? 4?32, page 33 Fixed and internal AIS storage media ? 4?33, page 33 Standard form (SF) labels ? 4?34, page 33

Section IV Changes in Markings, page 34 Downgrading and declassification in accordance with markings ? 4?35, page 34 Downgrading and declassification earlier than scheduled ? 4?36, page 34 Upgrading ? 4?37, page 34 Posted notice on bulk quantities of material ? 4?38, page 34 Extensions of duration of classification ? 4?39, page 34

iv

AR 380?5 ? 29 September 2000

Contents--Continued

Section V Remarking and Using Old Classified Material, page 35 Old markings ? 4?40, page 35 Earlier declassification and extension of classification ? 4?41, page 35

Section VI Safeguarding Joint Chiefs of Staff Papers, page 35 General ? 4?42, page 35 References ? 4?43, page 35 Responsibilities ? 4?44, page 35 Requirements ? 4?45, page 35 Access ? 4?46, page 35 Familiarization requirements ? 4?47, page 35 Distribution of JCS documents ? 4?48, page 36 Release and Distribution of Joint Strategic Planning System Documents ? 4?49, page 36 Release and Distribution of Joint Operation Planning System Documents ? 4?50, page 36 Release of JCS information to Army Service Schools ? 4?51, page 36 Release of information to organizations outside DA ? 4?52, page 37 Reproduction of JCS documents ? 4?53, page 37

Section VII Foreign Government Information, page 37 Policy ? 4?54, page 37 Equivalent U.S. classification designations ? 4?55, page 37 Marking NATO documents ? 4?56, page 37 Marking Other Foreign Government Documents ? 4?57, page 37 Marking Foreign Government Information Provided in Confidence ? 4?58, page 38 Marking of Foreign Government Information in Department of the Army Documents ? 4?59, page 38

Chapter 5 Controlled Unclassified Information, page 57

Section I For Official Use Only Information, page 57 General ? 5?1, page 57 Description ? 5?2, page 57 Marking ? 5?3, page 58 Access to FOUO information ? 5?4, page 58 Protection of FOUO information ? 5?5, page 58 Further guidance ? 5?6, page 58

Section II Sensitive But Unclassified and Limited Official Use Information, page 59 Description ? 5?7, page 59 Marking ? 5?8, page 59 Access to SBU information ? 5?9, page 59 Protection of SBU information ? 5?10, page 59

Section III Drug Enforcement Administration Sensitive Information, page 59 Description ? 5?11, page 59 Marking ? 5?12, page 59 Access to DEA sensitive information ? 5?13, page 59 Protection of DEA sensitive information ? 5?14, page 60

AR 380?5 ? 29 September 2000

v

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download