Information Security Oversight Office (ISOO)


Guidance for Handling and Reporting Incidents and Spillages of Classified National Security Information

The Director of the Information Security Oversight Office has provided guidance that was promulgated by the Committee on National Security Systems for determining, investigating and reporting data incidents and spills involving classified information onto information systems not accredited and certified to the appropriate level of the information’s classification.

Guidance on what to do if a member of the public or a non-governmental archives finds what looks like classified national security information in their collections

Please contact ISOO: the Director of ISOO is charged under 32 C.F.R. Part 2001.36(b) to provide guidance and assistance to anybody who possesses potentially classified national security information outside of government control.  ISOO has developed an information paper that provides more detail on this issue.

Guidance for transmission methods of Secret and Confidential information within and between the U.S., Puerto Rico, or a U.S. possession or territory

The Director of the Information Security Oversight Office has provided guidance that agency heads may authorize the use of current holders of the GSA contract, when a requirement exists, for the overnight delivery of Secret and Confidential information within and between the U.S., Puerto Rico, or a U.S. possession or territory.

Guidance on Executive Order 13526 

These reference questions pertain to E.O. 13526.

Please Contact ISOO if you have more questions concerning.

1.  In E.O. 13526, section 4.1(f)(3)(B) who determines "standardized electronic formats?"
An agency head or senior agency official, or with respect to the Intelligence Community, the Director of National Intelligence, makes this determination.  

2.What is the difference between a "confidential human source" and a "human intelligence source?"
The two terms are used interchangeably, but "confidential human source" is a term used by the FBI; "human intelligence source" is a term used by the intelligence community.  

3. Is the statement, "original classification authority may extend the duration of classification up to 25 years from the date of the origin of the document" intended to allow an OCA to extend declassification for another 25 years (total 50 years)?
There is no intent to allow an OCA to extend classification for another 25 years. This clause relates to information initially classified for less than 25 years. An OCA may extend the classification up to 25 years from the date of origin of the document. For example, on a document created on April 13, 2005, with a declassification date of April 13, 2015, an OCA may extend the duration of classification up to April 13, 2030.

4.Is there a standard procedure for notifying the Archivist in case of reclassification?
Notification of the Archivist would be accomplished in the same manner that official notifications are made to other heads of Executive branch agencies.

5. In E.O. 13526, section 1.9(a) is the statement, "within 2 years of the effective date of this Order" defined as June 27, 2012 or December 29, 2011?
For sections 1.7, 3.3, and 3.7, two years from the effective date of the Order is defined as December 29, 2011. For the remaining sections, two years from the effective date of the Order is defined as June 27, 2012.

6. According to section 3.3(j)(1)(C) of E.O. 13526, who is responsible for verifying "a specific and independently verifiable event?"
The OCA decides and sends the information to the Interagency Security Classification Appeals Panel (ISCAP) for approval.

7. In E.O. 13526, section 3.7(b)(1), how is "timely" defined?
The Director of the National Declassification Center (NDC) will determine when the referral is made; after which the agency will have one year to adjudicate.

8. Must anyone who creates derivative work be pre-designated as "authorized" to do so and if so, at what level should the training be?
No, there is no requirement in E.O. 13526 (the Order) to "pre-designate" an individual. Every agency determines the degree of training required with guidance that is provided in 32 CFR Part 2001.70.

9. If an agency is delegated original classification authority (OCA) from another agency (e.g. the ODNI delegating OCA authority to NRO), which agency reports to the Director of ISOO in accordance with the Memorandum for the Heads of Executive Departments and Agencies? Is the ODNI to report, or NRO, or both?
The agency that delegates the authority reports the delegation.

10. What are the requirements for the use of the 50X and 75X exemptions?
E.O. 13526, Section 3.3(h)(2) allows for agencies to seek the exemption of specific information from automatic declassification at 50 years in “extraordinary cases.” Records containing information exempted from declassification under this provision will be automatically declassified on December 31 of the year 75 years from the date of origin of those records, unless an agency seeks the exemption of specific information from automatic declassification at 75 years.

Section 3.3(h)(3) allows for agencies to seek the exemption of specific information from automatic declassification at 75 years. Proposals to seek an exemption at 50 or 75 years, shall be submitted to the Director of ISOO, serving as Executive Secretary of the ISCAP, 1 year before the information is subject to automatic declassification.

 Exemptions require ISCAP approval prior to use.

 Require a date or event. (50X1-HUM and 50X2-WMD are the only exemptions that can be used without a date)

 Must be included in agency declassification guide.

Example of requesting a 75X1 or 75X6 exemption:

 i. Description of Information: The identity of senior officials of foreign governments who provided intelligence information to the U.S. about those governments, with the expectation of confidentiality, between 1935 and 1942.

 ii. Explanation of Exemption: The declassification the identity of this confidential human source would prevent the U.S. Intelligence Community from collecting intelligence from confidential human sources, and would cause serious harm to the diplomatic relations of the U.S. Government if relationship of those officials to the U.S. Government at that time is not known by the current governments of those nations.

 iii. Date or Event for Declassification: Declassify no later than 90 years after the date of the record containing the exempted information.

11. What happens to the documents marked 50X-HUM and WMD after 50 years?
50X HUM and WMD are already exempted at 50 years and subject to automatic declassification at 75 years. They may be exempted beyond 75 years if the exemption is approved by the ISCAP.

12. What marking goes on the "declassify on" line for derivative documents, if the source document is marked 25X1-Human?

13. Who can derivately mark documents?
Anyone who has a security clearance and access to classified information as part of their job or who is working in a classified environment has derivative authority. They must also have the required derivative training

14. How is a derivative document marked if the source document has no date?
Mark the document 25 years from the date of the creation of the derivative document.

15. What happens if a document does not have any declassification instructions?
Try to go back to the document originator and obtain the declassification information. If the information can not be traced, review for declassification at 25 years from creation of the document.

16. How are dynamic documents portioned mark?
Portion mark the sections or portions that you can, and the overall marking of the document. If a section or portion can not be marked, it can not be used a derivative source document.

17. How are documents being declassified remarked?
The only documents "allowed" to be remarked are those being requested for FOIA, MDR or other public access, and that are still in control of the agency. Do not remark any documents that are subject to automatic declassification or that have been accessioned to the National Archives.  For guidance on remarking declassified documents, refer to the ISOO Marking Book.

18. Can a classification be extended?
Only an OCA with jurisdiction over the information may extend the duration of classification for up to 25 years from the date of the origin of the document. In cases where an extension is made, the “Declassify On” line shall be revised to include the new declassification instructions and shall include the identity of the person authorizing the extension and the date of the action.

19. If an agency has a current exemption, does it need to be reapproved? All current 10 and 25 year exemptions should be updated with the ISCAP.

20. If a security declassification guide has an instruction to mark certain information for declassification for 25 years, is it from the date of the guide or the date of the document?
The "25 years" denotes 25 years from the date of document creation, not the date of the security classification guide.

21. Who do we contact for information on the SF 312, Nondisclosure Agreement? 
Please direct all questions regarding the SF 312 to

22. If we receive a classified document and notice the classification level is not on the top and bottom of every page is it okay to mark the top and bottom with the appropriate classification level of the document even though we did not create the document?
Yes, you should go ahead and mark the document properly, but you should also let the sender know so that they can mark the original document properly.

23. Are there any circumstances when I might be allowed to take classified documents home with me?

No.  Classified material must be safeguarded in accordance with the requirements in E.O. 13526, Part 4, Safeguarding; and 32 CFR 2001, Subpart E, Safeguarding.

You must not remove classified material from official premises except to conduct official meetings or conferences, and the material must be returned to safe storage facilities immediately upon the conclusion of the meeting or conference.  Residences are not considered official premises, and you must not remove classified material for reasons of personal convenience or keep it overnight in personal custody.

24. When were portion markings first required on classified documents?

E.O. 11652, Classification and Declassification of National Security Information and Material, June 8, 1972, signed by Richard Nixon

The following rules shall apply to classification of information under this order:
(A) Documents in General. Each classified document shall show on its face its classification and whether it is subject to or exempt from the General Declassification Schedule. It shall also show the office of origin, the date of preparation and classification and, to the extent practicable, be so marked as to indicate which portions are classified, at what level, and which portions are not classified in order to facilitate excerpting and other use. Material containing references to classified materials, which references do not reveal classified information, shall not be classified.

E.O. 12065, National Security Information, June 28, 1978, signed by Jimmy Carter

1.504 In order to facilitate excerpting and other uses, each classified document shall, by marking or other means, indicate clearly which portions are classified, with the applicable classification designation, and which portions are not classified.  The Director of the Information Security Oversight Office may, for good cause, grant and revoke waivers of this requirement for specified classes of documents or information.

25. If individual PowerPoint© slides within a classified presentation have an overall classification of unclassified, is it really necessary to mark the portions as unclassified?

When you are marking a classified document, it is critical that all portions be appropriately marked so as to avoid any confusion about the classification of each portion.  32 CFR 2001.21(c) states that each portion...shall be marked to indicate which portions are classified and which portions are unclassified.  This remains true regardless of the overall classification of that page.  If you were to take an unmarked portion out of one briefing and place that portion into another briefing, and there is no accompanying marking, you have created a classification problem.

26. Who is responsible for providing Original Classification Authority (OCA) training to those designated specifically by the President?

Those who are responsible to the Senior Agency Official for implementation of the program should provide required training to the OCAs and everyone else in the organization.

27. If I have a classified document that was prepared/classified by a DIFFERENT government agency PRIOR to E.O. 13526, and which is not portion marked as it would be required under E.O. 13526, that the holding (using) agency is not obligated to push back to the producing/classifying agency to correct the document, as it is in essence Grandfathered, so to speak, but that there would be a requirement for a note to be made on the Grandfathered document saying something to the effect that “This document may not be used to produce other derivatively classified documents…”

There is an inherent responsibility to go back to the originating agency and request proper markings.  However, if this is not possible, then you are correct in that the document cannot be used as a source document for other derivatively classified documents and must contain a statement stating so.

28. Can Secret and Confidential information be transmitted by an overnight delivery service within the U.S. and its Territories?

Yes. Agency heads may, on an exceptional basis and when an urgent requirement exists for overnight delivery within the U.S. and its Territories, authorize the use of the current holder of the General Services Administration contract for overnight delivery of information for the Executive Branch [Ref. Section 2001.45 (c) (ii) of ISOO's Classified National Security Information Directive 1]. View the current contractors

29. Who should be the SAO for an agency?

SAO is a senior official at the Assistant Secretary level or its equivalent who has direct responsibility for ensuring the department or agency efficiently and appropriately complies with all applicable records management statutes, regulations, NARA policy, and the requirements of the Directive.

The SAO must be located within the organization so as to make adjustments to agency practices, personnel, and funding as may be necessary to ensure compliance and support the business needs of the department or agency.

A partial list of some current SAO job titles includes:

Assistant Secretary
Chief of Staff
Chief Financial Officer
Chief Information Officer
Chief Counsel
Chief Operating Officer
Director of Administration