Information Security Oversight Office (ISOO)

Frequently Asked Questions

The Information Security Oversight Office (ISOO) logo

New to ISOO?  This page contains answers to some of the questions most frequently asked by security professionals.  If you have a question that is not listed here please visit our individual programs or Contact Us.

 

Executive Order 13526

What is Classified National Security Information?

In E.O. 13526, section 4.1(f)(3)(B) who determines "standardized electronic formats?" 

​What is the difference between a "confidential human source" and a "human intelligence source?"

Is there a standard procedure for notifying the Archivist in case of reclassification?

According to section 3.3(j)(1)(C) of E.O. 13526, who is responsible for verifying "a specific and independently verifiable event?"

In E.O. 13526, section 3.7(b)(1), how is "timely" defined?

Who do we contact for information on the SF 312, Nondisclosure Agreement?

Are there any circumstances when I might be allowed to take classified documents home with me? 

Who should be the SAO for an agency?

 

What if a member of the public or a non-governmental archives finds what looks like classified national security information in their collections?

How does Classified Information end up in Private Collections?

How can I identify Classified National Security Information?

How is Classified National Security Information stored and protected?

How is Classified National Security Information transmitted?

How do I file a Mandatory Declassification Review (MDR) request?

How do I find out the MDR Results and Appeal Options?

 

Marking

What are the requirements for the use of the 50X and 75X exemptions?

What happens to the documents marked 50X-HUM and WMD after 50 years?

What marking goes on the "declassify on" line for derivative documents, if the source document is marked 25X1-Human?

How is a derivative document marked if the source document has no date?

What happens if a document does not have any declassification instructions?

How are dynamic documents portioned marked?

How are documents being declassified remarked?

Can a classification be extended?

If an agency has a current exemption, does it need to be reapproved? 

If a security declassification guide has an instruction to mark certain information for declassification for 25 years, is it from the date of the guide or the date of the document?

If we receive a classified document and notice the classification level is not on the top and bottom of every page is it okay to mark the top and bottom with the appropriate classification level of the document even though we did not create the document?

When were portion markings first required on classified documents?

If individual PowerPoint© slides within a classified presentation have an overall classification of unclassified, is it really necessary to mark the portions as unclassified?

May an agency derivatively classify information from a document prepared/classified by a different agency prior to the effective date of Executive Order 13526 which is not portion marked as would be required under E.O. 13526?

 

Original Classification Authority (OCA) and Derivative Classification

Is the statement, "original classification authority may extend the duration of classification up to 25 years from the date of the origin of the document" intended to allow an OCA to extend declassification for another 25 years (total 50 years)?

Must anyone who creates derivative work be pre-designated as "authorized" to do so and if so, at what level should the training be?

If an agency is delegated original classification authority (OCA) from another agency (e.g. the ODNI delegating OCA authority to NRO), which agency reports to the Director of ISOO in accordance with the Memorandum for the Heads of Executive Departments and Agencies? Is the ODNI to report, or NRO, or both?

Who can derivatively mark documents?

Who is responsible for providing Original Classification Authority (OCA) training to those designated specifically by the President?

 

Other Frequently Asked Questions re: National Security Information

What is a "national security system" (NSS)?

Can Secret and Confidential information be transmitted by an overnight delivery service within the U.S. and its Territories?

Where can I get additional information on the NSS, incidents, and spills?

Where can I contact the Committee on National Security Systems (CNSS)?

 

 

Executive Order 13526 

What is Classified National Security Information?

Classified national security information is information created or received by an agency of the federal government or a government contractor that would damage national security if improperly released. Since 1940, the President has managed the system of classifying information by executive order (E.O.); the most recent order concerning classified national security information is E.O. 13526, signed by President Obama on December 29, 2009.

Information can only be classified if an official determination is made that its unauthorized release would damage the national security. Levels of classification correspond to levels of supposed damage. E.O. 13526 specifies that information whose release would cause “exceptionally grave damage to the national security” is classified TOP SECRET; information whose release would cause “serious damage” is classified SECRET; CONFIDENTIAL is the lowest category of classified information currently in use. RESTRICTED is an obsolete category that was discontinued in 1953.

Classified information may take any form. Though paper documents are most common, there are classified photographs, maps, motion pictures, videotapes, databases, microfilms, hard drives, CDs, etc. Regardless of medium, classified information requires protection until it is formally declassified.

The Federal Government's current system of marking and controlling security-classified information dates from World War II. Very little pre-1941 information still meets the criteria for continued classification. Only very specific information dating from before 1942 controlled by the National Security Agency regarding signals intelligence, by the United States Secret Service regarding the protection of the President, and by the U.S. Mint concerning the gold bullion depository at Fort Knox remains classified.

 

In E.O. 13526, section 4.1(f)(3)(B) who determines "standardized electronic formats?"
An agency head or senior agency official, or with respect to the Intelligence Community, the Director of National Intelligence, makes this determination. 

 

What is the difference between a "confidential human source" and a "human intelligence source?"
The two terms are used interchangeably, but "confidential human source" is a term used by the FBI; "human intelligence source" is a term used by the intelligence community.

 

Is there a standard procedure for notifying the Archivist in case of reclassification?
Notification of the Archivist would be accomplished in the same manner that official notifications are made to other heads of Executive branch agencies.

 

According to section 3.3(j)(1)(C) of E.O. 13526, who is responsible for verifying "a specific and independently verifiable event?"
The OCA decides and sends the information to the Interagency Security Classification Appeals Panel (ISCAP) for approval.

 

In E.O. 13526, section 3.7(b)(1), how is "timely" defined?
The Director of the National Declassification Center (NDC) will determine when the referral is made; after which the agency will have one year to adjudicate.

 

Who do we contact for information on the SF 312, Nondisclosure Agreement? 
Please direct all questions regarding the SF 312 to SECEA@dni.gov

 

Are there any circumstances when I might be allowed to take classified documents home with me?
No.  Classified material must be safeguarded in accordance with the requirements in E.O. 13526, Part 4, Safeguarding; and 32 CFR 2001, Subpart E, Safeguarding.
You must not remove classified material from official premises except to conduct official meetings or conferences, and the material must be returned to safe storage facilities immediately upon the conclusion of the meeting or conference.  Residences are not considered official premises, and you must not remove classified material for reasons of personal convenience or keep it overnight in personal custody.

 

Who should be the SAO for an agency?
SAO is a senior official at the Assistant Secretary level or its equivalent who has direct responsibility for ensuring the department or agency efficiently and appropriately complies with all applicable records management statutes, regulations, NARA policy, and the requirements of the Directive.

The SAO must be located within the organization so as to make adjustments to agency practices, personnel, and funding as may be necessary to ensure compliance and support the business needs of the department or agency. A partial list of some current SAO job titles includes:

  • Assistant Secretary
  • Chief of Staff Chief
  • Financial Officer
  • Chief Information Officer
  • Chief Counsel
  • Chief Operating Officer
  • Director of Administration

 

What if a member of the public or a non-governmental archives finds what looks like classified national security information in their collections?

How does Classified Information end up in Private Collections?

Former government officials and contractors have been known to retain papers containing classified national security information and to eventually donate them to private archives. Often, it is not until these records are formally processed that archivists realize a collection contains classified information. If an archives or a library has not received Federal approval to store classified materials, continuing to store the records in an unapproved area could be endangering national security. In these instances, the institution should contact the Information Security Oversight Office (ISOO) at the National Archives and arrange for these records to be securely stored. ISOO will maintain temporary custody of the records through the declassification process.

By contacting ISOO you will be respecting the access restrictions placed on that information by the U.S. government. ISOO, in turn, will respect the rights of your institution to maintain the integrity of collections of donated personal papers.

 

How can I identify Classified National Security Information?

There are three basic tests which you can apply to determine whether a document contains classified information:

  • The information should concern the national security of the U.S. government. If the document was created by a private organization or a state government agency, it may contain classified national security information only if the organization or agency was serving as an agent of the Federal Government. Defense contractors and research laboratories are obvious examples. Also, the information should not concern personal, private, or purely political issues. Over the decades many documents have been stamped “Confidential” not because they would damage national security if released, but to indicate some other type of sensitivity. When in doubt, though, consider the document as classified.
  • There should be a classification marking on the top and bottom of every page of the document. Very old documents may have the markings only on the top of the first page. In more recent documents, individual paragraphs may also be marked with markings like “(S)” for Secret or “(C)” for Confidential.
  • The document should not be marked as declassified. A declassification marking should look like an official stamp that indicates the name and office of the person who authorized the declassification action. A copy of a declassified document from the National Archives and Records Administration should include a marking that includes a project number starting with “NND” or “NW.”

While these are the primary means of identifying classified information, those who suspect they have classified materials in their collections should also be careful to examine documents for:

  • “Restricted Data” and “Formerly Restricted Data” markings. These designations refer to categories of classified information concerning nuclear weapons design and utilization. Despite the misleading nature of the phrase “Formerly Restricted Data,” documents with this marking remain sensitive and must be protected.
  • Unmarked Classified National Security Information. Records of national security officials should be reviewed and handled carefully, as the classification marking requirements were not always executed on informal records such as handwritten notes. In all cases, it is the sensitivity of the information that determines classification. An unmarked, handwritten page can just as easily contain classified national security information as a document containing classification markings. When in doubt, treat handwritten notes concerning intelligence, military, diplomatic, or emergency planning matters as classified national security information.
  • Declassification Dates. Some documents may have been originally marked with a date on which the document may be declassified. These dates are useful in determining the relative sensitivity of the information contained in the document, but occasionally these markings are erroneous or invalid. Remember that regardless of markings, only a U.S. government declassification authority can declassify classified information.
  • Foreign Government Information. Foreign governments routinely share classified information with the U.S. government. Foreign government information received by a U.S. government agency with a promise of non-disclosure should remain protected, but in some cases information may be declassified and released. Many foreign markings resemble U.S. markings.
  • Controlled Unclassified Information. Federal agencies have designated some types of information as requiring a degree of control that does not rise to the level as that for information that would damage national security if released. These types of markings include “For Official Use Only,” “Limited Official Use,” or “Sensitive but Unclassified.” These types of markings do not designate classified national security information. Archivists processing papers containing U.S. Government information should not release out for social security numbers for living people, health care information, and other personal information collected from private citizens.
  • Closed Congressional Information. Archivists processing the papers of former congressmen should be aware that the rules of the U.S. Senate and the House of Representatives restrict public access to certain types of closed committee and investigative records, regardless of whether they contain classified national security information, for up to 50 years.
  • Codeword Information. Since World War II, when the British used the word “Ultra” to designate intelligence obtained by cracking the German Enigma encryption machine, the most sensitive types of information of the U.S. government has been identified by special codewords. These include intercepts of encoded enemy radio signals, information about satellite reconnaissance programs, and human intelligence programs. If you see words like “Umbra,” “Talent-Keyhole,” “Ruff,” or “Gamma” on records also carrying a “Secret” or “Top Secret” classification marking, you should realize that you have in your collections something particularly damaging to national security if improperly released, regardless of the age of the records.

 

How is Classified National Security Information stored and protected?

If you discover classified materials in your collection and your institution does not have federally approved secure storage, immediately remove the records from public review and restrict access to as few staff members as possible. Until they are ready for transmittal to ISOO, the records should be locked in a safe, filing cabinet, or other secure area.

 

How is Classified National Security Information transmitted?

Transmittal requirements for classified materials vary depending on the classification level of the information they contain. In all instances, the use of street side mailboxes is prohibited.

CONFIDENTIAL materials may be sent via U.S. Postal Service certified, first class, express, or registered mail or government courier service.

SECRET materials may ONLY be sent via U.S. Postal Service express or registered mail or government courier service.

When mailing materials to ISOO, please adhere to the following guidelines:

Wrap the body of records in opaque paper. Heavy brown paper or brown mailing envelopes are best. CONFIDENTIAL and SECRET materials may be wrapped together.

Seal all seams with filament tape.

Address the package to:

Director, Information Security Oversight Office
National Archives and Records Administration
700 Pennsylvania Avenue NW, Room 100
Washington, DC 20408

Provide a return address.

Label the front and back of the package with the highest classification marking of the documents it contains.

Wrap the entire package ONCE MORE in opaque paper.

Again, address the package to the Director of ISOO as indicated above and provide a return address.

On this outer wrapper, do NOT write the classification level of the materials contained within.

Again, seal all seams with filament tape.

TOP SECRET materials may NOT be sent via U.S. mail and may only be transmitted by authorized government courier service. ISOO can make the necessary arrangements on your institution’s behalf.

ISOO staff will give more detailed instructions regarding the shipment of classified records and regarding the temporary retention of records by ISOO pending declassification.

 

How do I file a Mandatory Declassification Review (MDR) request?

If ISOO determines that the records provided require declassification review by equity-holding agencies, a non-governmental repository will be encouraged to file a Mandatory Declassification Review (MDR) request. The request should come in the form of a formal letter to the Director of ISOO explaining that the institution is filing an MDR for those records furnished to ISOO for temporary custody. ISOO will then contact all equity-holding agencies and provide them with copies of the records for their review.

 

How do I find out the MDR Results and Appeal Options?

ISOO will communicate the results once all agencies have completed their reviews or after one year’s time, whichever comes first. If an institution is not satisfied with the results of an agency’s review, it may appeal the agency’s initial determination. If an agency or agencies fail to review the records within a year, ISOO will notify the requesting institution of its right to appeal directly to the Interagency Security Classification Appeals Panel (ISCAP) for a final determination on the records’ classification status.

 

Marking

What are the requirements for the use of the 50X and 75X exemptions?
E.O. 13526, Section 3.3(h)(2) allows for agencies to seek the exemption of specific information from automatic declassification at 50 years in “extraordinary cases.” Records containing information exempted from declassification under this provision will be automatically declassified on December 31 of the year 75 years from the date of origin of those records, unless an agency seeks the exemption of specific information from automatic declassification at 75 years.

 

Section 3.3(h)(3) allows for agencies to seek the exemption of specific information from automatic declassification at 75 years. Proposals to seek an exemption at 50 or 75 years, shall be submitted to the Director of ISOO, serving as Executive Secretary of the ISCAP, 1 year before the information is subject to automatic declassification.

  • Exemptions require ISCAP approval prior to use.
  • Require a date or event. (50X1-HUM and 50X2-WMD are the only exemptions that can be used without a date)
  • Must be included in agency declassification guide.

Example of requesting a 75X1 or 75X6 exemption:

  1. Description of Information: The identity of senior officials of foreign governments who provided intelligence information to the U.S. about those governments, with the expectation of confidentiality, between 1935 and 1942.
  2. Explanation of Exemption: The declassification the identity of this confidential human source would prevent the U.S. Intelligence Community from collecting intelligence from confidential human sources, and would cause serious harm to the diplomatic relations of the U.S. Government if relationship of those officials to the U.S. Government at that time is not known by the current governments of those nations.
  3. Date or Event for Declassification: Declassify no later than 90 years after the date of the record containing the exempted information.

 

What happens to the documents marked 50X-HUM and WMD after 50 years?
50X HUM and WMD are already exempted at 50 years and subject to automatic declassification at 75 years. They may be exempted beyond 75 years if the exemption is approved by the ISCAP.

 

What marking goes on the "declassify on" line for derivative documents, if the source document is marked 25X1-Human?
 “50X1-HUM”

 

How is a derivative document marked if the source document has no date?
Mark the document 25 years from the date of the creation of the derivative document.

 

What happens if a document does not have any declassification instructions?
Try to go back to the document originator and obtain the declassification information. If the information can not be traced, review for declassification at 25 years from creation of the document.

 

How are dynamic documents portioned marked?
Portion mark the sections or portions that you can, and the overall marking of the document. If a section or portion can not be marked, it can not be used a derivative source document.

 

How are documents being declassified remarked?
The only documents "allowed" to be remarked are those being requested for FOIA, MDR or other public access, and that are still in control of the agency. Do not remark any documents that are subject to automatic declassification or that have been accessioned to the National Archives.  For guidance on remarking declassified documents, refer to the ISOO Marking Book.

 

Can a classification be extended?
Only an OCA with jurisdiction over the information may extend the duration of classification for up to 25 years from the date of the origin of the document. In cases where an extension is made, the “Declassify On” line shall be revised to include the new declassification instructions and shall include the identity of the person authorizing the extension and the date of the action.

 

If an agency has a current exemption, does it need to be reapproved? 

All current 10 and 25 year exemptions should be updated with the ISCAP.

 

If a security declassification guide has an instruction to mark certain information for declassification for 25 years, is it from the date of the guide or the date of the document?
The "25 years" denotes 25 years from the date of document creation, not the date of the security classification guide.

 

If we receive a classified document and notice the classification level is not on the top and bottom of every page is it okay to mark the top and bottom with the appropriate classification level of the document even though we did not create the document?
Yes, you should go ahead and mark the document properly, but you should also let the sender know so that they can mark the original document properly.

 

When were portion markings first required on classified documents?

E.O. 11652, Classification and Declassification of National Security Information and Material, June 8, 1972, signed by Richard Nixon

The following rules shall apply to classification of information under this order:
(A) Documents in General. Each classified document shall show on its face its classification and whether it is subject to or exempt from the General Declassification Schedule. It shall also show the office of origin, the date of preparation and classification and, to the extent practicable, be so marked as to indicate which portions are classified, at what level, and which portions are not classified in order to facilitate excerpting and other use. Material containing references to classified materials, which references do not reveal classified information, shall not be classified.

E.O. 12065, National Security Information, June 28, 1978, signed by Jimmy Carter

1.504 In order to facilitate excerpting and other uses, each classified document shall, by marking or other means, indicate clearly which portions are classified, with the applicable classification designation, and which portions are not classified.  The Director of the Information Security Oversight Office may, for good cause, grant and revoke waivers of this requirement for specified classes of documents or information.

 

If individual PowerPoint© slides within a classified presentation have an overall classification of unclassified, is it really necessary to mark the portions as unclassified?

When you are marking a classified document, it is critical that all portions be appropriately marked so as to avoid any confusion about the classification of each portion.  32 CFR 2001.21(c) states that each portion...shall be marked to indicate which portions are classified and which portions are unclassified.  This remains true regardless of the overall classification of that page.  If you were to take an unmarked portion out of one briefing and place that portion into another briefing, and there is no accompanying marking, you have created a classification problem.

 

May an agency derivatively classify information from a document prepared/classified by a different agency prior to the effective date of Executive Order 13526 which is not portion marked as would be required under E.O. 13526?

There is an inherent responsibility to go back to the originating agency and request proper markings.  If this is not possible, then the document cannot be used as a source document for other derivatively classified documents and must contain a statement stating so.

 

Original Classification Authority (OCA) and Derivative Classification

Is the statement, "original classification authority may extend the duration of classification up to 25 years from the date of the origin of the document" intended to allow an OCA to extend declassification for another 25 years (total 50 years)?
There is no intent to allow an OCA to extend classification for another 25 years. This clause relates to information initially classified for less than 25 years. An OCA may extend the classification up to 25 years from the date of origin of the document. For example, on a document created on April 13, 2005, with a declassification date of April 13, 2015, an OCA may extend the duration of classification up to April 13, 2030.

 

Must anyone who creates derivative work be pre-designated as "authorized" to do so and if so, at what level should the training be?
No, there is no requirement in E.O. 13526 (the Order) to "pre-designate" an individual. Every agency determines the degree of training required with guidance that is provided in 32 CFR Part 2001.70.

 

If an agency is delegated original classification authority (OCA) from another agency (e.g. the ODNI delegating OCA authority to NRO), which agency reports to the Director of ISOO in accordance with the Memorandum for the Heads of Executive Departments and Agencies? Is the ODNI to report, or NRO, or both?
 The agency that delegates the authority reports the delegation.

 

Who can derivatively mark documents?
Anyone who has a security clearance and access to classified information as part of their job or who is working in a classified environment has derivative authority. They must also have the required derivative training.

 

Who is responsible for providing Original Classification Authority (OCA) training to those designated specifically by the President?

Those who are responsible to the Senior Agency Official for implementation of the program should provide required training to the OCAs and everyone else in the organization.

 

Other Frequently Asked Questions re: National Security Information

What is a "national security system" (NSS)?

44 USC 3552 (b)(6)(A), Federal Information Security Management Act  of 2014 (FISMA), Public Law 113-283, December 18, 2014, defines a "national security system" as:

Any information system (including any telecommunications system) used or operated by an agency or by a contractor of any agency, or other organization on behalf of an agency, (i) the function, operation, or use of which:

(I) Involves intelligence activities;

(II) Involves cryptologic activities related to national security;

(II) Involves command and control of military forces;

(IV) Involves equipment that is an integral part of a weapon or weapon system; or

(V) Subject to subparagraph B, is critical to the direct fulfillment of military or intelligence missions; or (ii) is protected at all times by procedures established for information that have been specifically authorized under criteria established by an Executive Order or an Act of Congress to be kept classified in the interest of national defense or foreign policy.

(B) Subparagraph (A)(i)(V) does not include a system that is to be used for routine administrative and business applications (including payroll, finance, logistics, and personnel management applications).

 

Can Secret and Confidential information be transmitted by an overnight delivery service within the U.S. and its Territories? 
Yes. Agency heads may, when a requirement exists for overnight delivery within the U.S. and its Territories, authorize the use of the current holder of the General Services Administration contract for overnight delivery of information for the Executive Branch [Ref. Section 2001.46 (c)(2) of 32 C.F.R. Part 2001]. View the current contractors

 

Where can I get additional information on the NSS, incidents, and spills?

See Federal Incident Reporting Guidelines

 

Where can I contact the Committee on National Security Systems (CNSS)?

See Committee on National Security Systems

 

Top