Information Security Oversight Office (ISOO)
IMPORTANT NOTICE in regards to Standard Form 312 (SF312). In accordance with the National Counterintelligence and Security Center, Office of the Director of National Intelligence, the following guidelines are provided: 1) Previously executed SF 312s do not need to be re-signed by incumbent individuals, and are still enforceable provided agencies give employees notice of the required statutory statement, 2) Both the 32 CFR § 2001.80, Subpart H as well as ISOO Notice 2009-16 prohibits use of Electronic Signatures on the SF 312 and both are still in effect; Currently the ODNI has no plans to update the policy, and 3) This announcement and instructions apply equally to all agencies, facilities and persons who have previously executed a SF 312 whether Civil Service, Military or Civilian Contractor. Please direct all inquiries regarding the SF 312 to SECEA@dni.gov. Additional information can be found at https://www.ncsc.gov/sea/forms/SF312.html.
ISOO is responsible to the President for policy and oversight of the Government-wide security classification system and the National Industrial Security Program. ISOO receives authority from:
- Executive Order 12829, as amended, "National Industrial Security Program", further amended by section 6 of E.O. 13691 [ PDF] [ HTML]
- "Classified National Security Information," Executive Order 13526 was released by the White House on December 29, 2009
- Executive Order 13549,"Classified National Security Information Program for State, Local, Tribal, and Private Sector Entities."
- Executive Order 13556 "Controlled Unclassified Information"
- Executive Order 13587,"Structural Reforms To Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information."
ISOO is a component of the National Archives and Records Administration (NARA) and receives policy and program guidance from the National Security Council (NSC).
ISOO has three components:
- The Classification Management Staff:
Develops security classification policies for classifying, declassifying and safeguarding national security information generated in Government and industry.
- The Operations Staff:
Evaluates the effectiveness of the security classification programs established by Government and industry to protect information vital to our national security interests.
- The Controlled Unclassified Information (CUI) Staff:
Develops standardized CUI policies and procedures that appropriately protect sensitive information through effective data access and control measures.