Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Information Security Oversight Office’s Report for Fiscal Year 2014

“The Information Security Oversight Office’s (ISOO) Report for Fiscal Year 2014, as required by Executive Order 13526, “Classified National Security Information” (the Order). This report provides statistics and analysis of the system of classification and declassification based on ISOO’s review of Departments’ and Agencies’ programs. It also contains the status of agency self-assessment reporting, the National Industrial Security Program, the Controlled Unclassified Information Program, and the cost of security classification activity. ISOO fulfills Executive Agent (EA) responsibilities for the CUI Program, which were designated by Executive Order 13556 to the National Archives and Records Administration. During the past year, ISOO continued to advance its policy development strategy, and submitted a proposed Federal CUI rule (the future 32 Code of Federal Regulations 2002) into the Office of Management and Budget (OMB)-managed Federal rule-making process. The EA also initiated a CUI Program appraisal process to assist Executive branch agencies in preparing for implementation by providing agency planners with a baseline. In addition, the EA developed an updated training module clarifying the distinction between the CUI Program and the provisions of the Freedom of Information Act. We successfully partnered with the National Institute of Standards and Technology (NIST) to produce a joint publication, NIST Special Publication 800-171, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organization.” This publication, expected to be finalized in 2015, provides information system protection standards for CUI in the non-Federal environment. After completion of the CUI Federal rule and NIST publication, we will propose a Federal Acquisition Regulation rule to provide agencies with a standard approach for applying these CUI requirements to their contractors. The EA plans to issue a National Implementation Plan for the executive branch, which will provide a timeline of phased implementation for all agencies. With regard to its oversight of Classified National Security Information, ISOO continues to develop and refine its ability to monitor agency efforts to perform self-assessment of their classified information programs. The agency self-inspection reports were much more responsive in this, the third year of detailed reporting required by E.O. 13526. This improvement is due, in large part, to the use of a new reporting form. Further improvement is needed in the quality of the reports from some agencies. ISOO will continue to use the self-inspection reporting process and its on-site assessment authority to prompt agencies to evaluate and improve their classified national security information programs. The Interagency Security Classification Appeals Panel had another successful year adjudicating declassification appeals and posting the decisions on a publicly available website. The Panel decided upon 451 documents that had been received as mandatory declassification review appeals. Furthermore, the Panel has now posted 538 documents to its online database that serves to inform the public and agency declassification reviewers of the Panel’s decisions.”

Sorry, comments are closed for this post.