Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
Most agencies lacking in classification policy
Friday - 4/22/2011, 7:07pm EDT
Federal News Radio
The Information Security Oversight Office (ISOO) found more than half of the agencies have failed to produce a uniform system for classifying, safeguarding and declassifying national security information.
President Obama required agencies to develop such a system under a 2010 memo implementing an Executive Order. The President required 41 agencies to submit drafts of security information policies within 180 days for ISOO to review. All agencies did submit a draft. However, as of March 15, ISOO reported only 19 agencies submitted their final policies.
"ISOO sees this as the biggest impediment to implementing the reforms called for by the President and as a real threat to the efficient and effective implementation of the overall classification system," wrote William Cira, acting director of the ISOO in the report. Agencies, however, improved in other areas of the directive.
The memo called for agencies to reduce the number of employees with classification authority. ISOO reports agencies now have 2,378 original classification authorities, a seven percent decrease from 2009.
In addition, agencies also improved in limiting the amount of time documents are classified for. Agencies reported that out of more than 220,000 original classification decisions, 74 percent of them were determined to be eligible for declassification in 10 years or less. ISOO said this is the highest percentage to date.
While agencies have been asked to provide new policy around document security, the current guidelines that are in place are required to be updated every five years. Agencies reported that only 25 percent of those guidelines went without revision, an improvement from 46 percent without revision last year.
The classification process has been an important subject for administration.
Earlier this year, the Office of Management and Budget also sent a memo to agencies asking them to assess their procedures in safeguarding classified information. ISOO worked with the Office of the Director of National Security (ODNI) and OMB on this measure.
The President's memo not only asked agencies to look at their classification process but also their declassification process. Agencies reported looking at more than 330,000 pages that were mandatory declassification review (MDR) requests in 2010 and declassified more than 212,000 of those pages.
Overall, agencies reported more than 45.3 million were considered automatic declassification documents in 2010 declassified more than 24.2 million of those pages.
ISOO also included in their report and overall assessment of 15 agencies whose declassification processes were the largest. Agencies' declassification processes were graded out of a possible 100 points.
Six agencies received perfect scores of 100 points:
- Federal Bureau of Investigation
- Joint Staff
- Missile Defense Agency
- National Security Agency
- Office of the Secretary of Defense
- Department of State
Among the agencies that didn't score well were the CIA and the Navy with 76 points each, while the Air Force had the lowest score of 50 points.
While some agencies are further along than others, ISOO determined some overall objectives that need to be addressed to fulfill the President's directive. ISOO will continue to make sure agencies are:
- Conducting an initial fundamental classification guidance review
- Updating security education and training programs
- Updating electronic marking tools and document templates
- Conducting self-inspections
- Holding personnel that work with classified information accountable
John Buckner is an intern with Federal News Radio.
(Copyright 2011 by FederalNewsRadio.com. All Rights Reserved.)