SPECIAL ACCESS PROGRAM TRAINING BULLETIN

t ~si4?Si?i _ .1tl8... v. ~ f.:_ Approved For Release 2000/08 007898002600220012-7 DIAC SPECIAL, ACCESS PRQG RAM TRAINING BULLETIN DS-800, DIAC PROGRAM DEVELQPMENT OFFICE Number 9 202-373-4073 March 1991 Reporting Security Violations During the recent DUSD(SP} inspection of DIA SAPmanagementprocedures, the caminent was made that each program's security plan should contain procedures for reporting, investigating, and resolving security violations. "Security violation" is a commonly used term that implies a loss or compromise of classified information and subsequent corrective or disciplinary action. Each program's securityplan should contain procedures for reporting, investigating, and resolving security violations. Procedures used in investigating and resolving possible compromises of ,classified information are explained in DoD 5200.1-Rand DIAR 50-2. The DIA SAP Manual, DIAM 56- 3 (draft), contains further guidance for when the passible compromise involves SAP material. The following is a brief summary of steps to take to report a possible security violation involving SAP material (refer to abovereferences far a complete explanation); 1. Report. IfyoususpectthatSAl'infarnlation may have been ~~~riused, inform the program compromise i vo ves computer security, 4the program control officer will inform DS. 2, Investigate. The program control officer ensures that a preliminary inquiry is conducted. The program director and the OSC VADD review the results of the preliminary inquiry to determine whether a compromise took place, to determine if any further investigation is necessary, to correct any systemic problems that may have contributed to the violation, and to direct a damage assessment if appropriate. 3, Resolve. Afinalreportaftheinvestigation is made to the DIA SAPOC which may recommend further remedies and relief from accountability of any lost materials. While few security violations result in a compromise, a1I violations should be reported and investigated. The violation not reported may do the most damage. Ifprocedures forreporting security violations are not in your security plan, include them when the manual is updated. SAP Training Seminar 27 March 1991 0930 Room DS-800 Approved For Release 2000/08/08 :CIA-RDP96-007898002600220012-7  Approved For Release 2000/08/08 :CIA-RDP96-007898002600220012-7 SPECIAL ACCESS PROGRAM TRAINING BULLETIN DS-500, DIAC PROGRAM DEVELOPMENT OFFICE Number 9 Reporting Security Violations During the recent DUSD(SP) inspection of DIA S AP management procedures, the comment was made that each program's security plan should contain procedures far reporting, investigating, and resolving security violations. "Security violation" is a commonly used term that implies a loss or compromise of classified information and subsequent corrective ar disciplinary action. Each program's security plan should contain procedures for reporting, investigating, and resolving security violations. Procedures used in investigating and resolving possible: compromises of classified information are explained in DoD 5200.1-Rand DIAR 50-2. The DIA SAP Manual, DIAM 56- 3 (draft), contains further guidance for when the possible compromise involves SAP material. The following is a brief summary of steps to take to report a possible security violation involving SAP material (referto abovereferences for a complete explanation): 1. Report. If you suspect that SAP information may have been con~ised, inform the program security officer nr nrr,~a.,, ^^^tral officer and the OSC VADD f the suspected compromise invo ves computer security, the program control officer will inform DS. 2. Investigate. The program control officer ensures that a preliminary inquiry is conducted. The program director and the OSC VADD review the results of the preliminary inquiry to 202-373-4073 March 1991 determine whether a compromise took place, to determine if any further investigation is necessary, to correct any systemic problems that may have contributed to the violation, and to direct a damage assessment if appropriate. 3. Resolve. A final report of the investigation is made to the DIA SAPOC which may recommend further remedies and relief from accountability of any lost materials. While few security violations result in a compromise, all violations should be reported and investigated. The violation not reported may da the most damage. Ifprocedures far reporting security violations are not ira ~-aur security plan, include them when the manual is updated. SAP Training Seminar 27 March 1991 0930 Room DS-S00 Approved For Release 2000/08/08 :CIA-RDP96-007898002600220012-7