PRELIMINARY POSITION ON THE PROPOSED AMEND TO DCID 1/11

Declassified in Part - Sanitized Copy Approved for Release 2013/01/30: CIA-RDP89B01354R000200310030-3 22 March 1979 Preliminary .NSA Position .on the Proposed Amend to DCID 1/11. 1. A fully staffed and coordinated position of NSA has not yet been accomplished. Such action can be completed by the next regularly scheduled meeting of the Subcommittee. 2. The following comments are provided for your consideration; they have not yet been officially endorsed and therefore must be -considered asonly isuggestionS. . These probably represent the total comments from 4NSA. 3. At present there appears to be basic agreement with the intent of the amendment. That is, the subcommittee should be chartered to also concern itself with the ',intelligence data that is communicated by a computer.. 4. However, there As expressed .concern that the amendment does not conflict with already existing assignment of responsibilities for communications of intelligence.' In particular, DoD Dir 5100.20 and the CISR assign to the DIRNSA responsibility for the protection of the transmission of intelligence (COMINT and SIGINT). Similarly, DoD Dir 5030.58 M provides Criteria for consolidated R/Y (i.e., S. I. and Genser) communications facilities. A suggested rewording of the amendment to avoid conflict with the existing directives is: "Review, -formulate and recommend to the Director of Central Intelligence, policies, requirements and procedures which apply to ADP systems and .networks which are used to pro- cess, store and communicate intelligence data." (All regulations produced by the Subcommittee will be fully coordinated to assure compliance with existing authority or other regulatory documents in the area of Intelligence data handling.) This changes the subcommittee's prespective from the data being handled by computers to the computers themselves. (I believe this rewording needs to be analyzed for its broad impact, before adopted.) 5. Another suggested rewording which stems from a concern that the .charter does not limit the subcommittee's role to any specific application of computers, is: ...policies, standards and procedures to protect in- telligence data created, collected, processed, stored, communicated, displayed, or disseminated by computer." 6. Additionally, it is suggested that the similar revisions be made to DCID 1/16 to ensure that clear, comprehensive guidance is provided for the security of intelligence data in all ADP systems and networks. Declassified in Part - Sanitized Copy Approved for Release 2013/01/30: CIA-RDP89B01354R000200310030-3 Declassified in Part - Sanitized Copy Approved for Release 2013/01/30: CIA-RDP89B01354R000200310030-3 7. A-further amendment to:DCiD' .4/.11_ is proposed. 'Add .another. sentence to paragraph 6. which.wOuld.read:. ? "...Any COMSEC techniques (e.g., cryptography) employ- :ed.in ADP systems and networks for ,the protection of,. -Classified and unclassified information related to .national.security.will be approved by the Director,__ NSA." NSA Member NFIB Computer .Security .Subcommittee STAT Declassified in Part - Sanitized Copy Approved for Release 2013/01/30: CIA-RDP89B01354R000200310030-3