DAO 207-1 SECURITY PROGRAMS
Effective Date: June 24, 1991
Note: Changes made as per DAO 207-1/Amendment 1/ Effective Date: September 6, 1991
Department Administrative Order 207-1, dated June 25, 1991, is hereby amended as shown below. The amendment makes technical corrections to inaccurate references within the text of the DAO.
SECTION 3. DATA DISSEMINATION.
SECTION 5. DEVELOPMENT, ISSUANCE, AND MAINTENANCE OF THE MANUALS.
SECTION 6. DISTRIBUTION OF THE MANUALS.
SECTION 7. SUPPLEMENTARY REQUIREMENTS AND GUIDANCE.
SECTION 8. EFFECT ON OTHER ORDERS.
.01 This Order consolidates certain major Department of Commerce (DOC) security programs in a single directive. It prescribes programs management responsibilities and requirements for the preparation, issuance, and maintenance of manuals associated with each of these security programs.
.02 This Order also established the Department's Operations Security (OPSEC) Program to implement National Security Decision Directive 298, "National Operations Security Program," dated January 22, 1988.
.03 This revision changes the title of the Order and significantly extends its scope to include five major security programs. It continues the delegations made on September 14, 1982, by the Secretary of Commerce under Executive Order 12356. It is a complete rewrite of the Order; therefore, text change highlighting, prescribed by DAO 200-3, does not apply.
The provisions of this Order comply with and implement applicable Executive Orders, statutes, and directives and regulations issued within the Federal government which pertain to security.
SECTION 3. DATA DISSEMINATION.
This Order provides for the preparation, issuance, and maintenance of separate manuals covering policies, procedures, and responsibilities for each security program (see Section 4. of this Order). These manuals have the status and effect of Department Administrative Orders, and apply to all DOC employees and to all others who interact with DOC.
.01 The Director, Office of Security (the "Director of Security") is responsible for managing the DOC security programs, and:
a. is authorized to develop and issue certain manuals to cover various program elements of the DOC Security Programs. The program elements, and the manuals relating to them, are:
1. The DOC Information Security Program, which ensures the protection of information from unauthorized disclosure, implemented by the National Security Information Manual and the Sensitive Information Manual;
2. The DOC Personnel Security and Suitability Program, which ensures employees are suitable for employment and are trustworthy, implemented by the Personnel Security Manual;
3. The DOC Physical Security Program, which ensures protection of Departmental assets, implemented by the Physical Security Manual;
4. The DOC Industrial Security Program, which ensures protection of information provided to contractors, implemented by the Industrial Security Manual; and
5. The DOC Operations Security Program, which ensures the integrity of operations and information, implemented by the Operations Security Manual.
b. shall participate in and chair a Departmental Security Council, consisting of Security Officers from each Operating Unit and a lead Regional Security Officer from an Administrative Support Center (ASC) to represent all Centers.
c. has certain responsibilities related to telecommunications, communications, and computer security. The Director of Security shall coordinate with the Director, Office of Information Resources Management, to ensure appropriate coverage of the program elements listed in subparagraph 4.01a. of this Order, within the stated areas of security.
.02 The Director, Office of Information Resources Management shall coordinate with the Director of Security to provide for coverage of the program elements listed in subparagraph 3.01a. of this Order within the Information Technology Security Program, and other related areas of security.
.03 The head of each operating unit is responsible for ensuring the integrity of security programs within the unit. To carry out this responsibility, the head shall designate a qualified employee to serve as the Operating Unit Security Officer (OUSO), and shall provide the name, title, address, and telephone number of this employee to the Director of Security. (For the purpose of administering the DOC security programs, the Office of the Secretary is considered an "operating unit" and is subject to policy and procedural requirements levied on all other DOC units. The Director of Security shall serve as the OUSO for the Office of the Secretary.)
.04 The OUSO, on behalf of the operating unit head, shall:
a. implement and administer the Department's security programs within the operating unit;
b. administer a comprehensive security program within the unit's headquarters component;
c. supplement as necessary the DOC security programs with unit-specific procedures and requirements;
d. coordinate with and support the ASC Regional Security Officers (RSOs) who service the unit's field offices;
e. coordinate computer and telecommunications security matters with information technology security officials within the unit's jurisdiction;
f. review periodically the effectiveness of unit security programs, including areas serviced by an ASC, report findings, and make recommendations to the appropriate unit or ASC officials;
g. conduct investigations at the request of the Director of Security; and
h. maintain liaison when necessary with local, state, and national law enforcement agencies within the local area.
.05 The Under Secretary for Oceans and Atmospheric and Administrator of the National Oceanic and Atmospheric Administration (NOAA), through the ASCs, is responsible for ensuring integrity of the security programs of field locations serviced by the ASCs. To carry out this responsibility, the Director of each ASC shall designate a qualified employee to serve as the ASC Regional Security Officer, and shall provide the name, title, address, and telephone number of the RSO to the Director of Security and appropriate heads of operating units under the ASC's jurisdiction.
.06 The ASC RSO, on behalf of the ASC director, shall:
a. monitor implementation of the DOC and operating units' security programs within the ASC service area;
b. supplement as necessary the DOC and operating units' security programs with approved procedures and requirements to ensure the integrity and protection of operations, personnel, and information within the ASC service area. All supplements must be approved by the Director of Security, in coordination with the appropriate operating unit;
c. provide security guidance, service, and support to DOC offices within the jurisdiction of the ASC;
d. assist information technology security officials within the ASC's jurisdiction on computer and telecommunications security matters;
e. assist facility and field managers in the designation of Assistant Security Officers (ASOS), as prescribed in paragraph 4.08 of this Order;
f. coordinator as necessary with Ouzos and ASOS to ensure implementation of unit-specific security requirements at field offices within the ASCs jurisdiction;
g. review periodically the effectiveness of security programs implemented by the ASC and field offices, report findings, and make recommendations to facility and field managers, OUSO, and the Director of Security, as appropriate;
h. conduct investigations at the request of the Director of Security or an OUSO; and
i. maintain liaison when necessary with local, state, and national law enforcement agencies within the local area.
.07 Facility and office managers shall cooperate with the servicing security officer to ensure an effective security program within their area of responsibility. In locations where a security office cannot maintain effective administration of the security program, the facility or office manager shall designate an Assistant Security Officer to assist in carrying out security-related duties. The managers will provide the name, title, address, telephone number, and the designation of the area of responsibility to the appropriate servicing security officer. Designating an employee to act as an SAO will not relieve the operating unit head, ASC director, or servicing security officer of their responsibilities.
.08 The Assistant Security Officer, on behalf of the facility or office manager and within the assigned area of responsibility, shall:
a. plan and implement a facility or office-specific security program with emphasis on promoting security awareness and ensuring that all employees and other individuals who interact with DOC are given adequate instruction on security regulations and procedures;
b. develop and issue as necessary facility or office-specific security procedures (copy will be provided to the servicing security officer);
c. monitor and coordinate the transmittal of Department and contractor employee security forms to the servicing security officer;
d. coordinator reporting requirements as specified by the servicing security officer;
e. coordinate computer and telecommunications security matters with information technology security officials within his or her jurisdiction;
f. maintain liaison, as necessary, with local, state, and national law enforcement agencies within the local area; and
g. coordinate the issuance of forms of identification.
.09 Each employee shall comply with Departmental and other applicable security requirements.
SECTION 5. DEVELOPMENT, ISSUANCE, AND MAINTENANCE OF THE MANUALS.
.01 The Director of Security is authorized to develop and issue the manuals (see paragraph 4.01a.) In accordance with DAO 200-3.
.02 Prior to issuance, the manuals and their subsequent revisions will be reviewed by the Office of Inspector General and the Office of General Counsel.
.03 The manuals will be issued in loose-leaf form for ease of use and maintenance.
.04 A transmittal sheet will accompany each revision of a manual. Transmittal sheets will identify the materials being issued, cite any affected Department directives, and give other information to assist manual users. A separate series f transmittal sheets will be established for each manual, and each series of transmittal sheets will be numbered sequentially so that manual users can verify that all issuances of a manual have been received.
.05 The Director of Security will maintain the manuals, including preparation and issuance of changes and management of the system for manual issuance.
SECTION 6. DISTRIBUTION OF THE MANUALS.
.01 The Director of Security will develop and maintain a distribution list for each of the manuals and their subsequent revisions.
.02 Departmental offices, operating units, and ASCs will submit their copy requirement in accordance with instructions provided by the Director of Security.
.03 Manual issuance will be sent to a single point in each Departmental office, operating unit, and ASC. That point of contact will be responsible for internal distribution and control of the respective manuals within that organization.
SECTION 7. SUPPLEMENTARY REQUIREMENTS AND GUIDANCE.
Policies, procedures, or substantive written guidance developed by any DOC organization to supplement the provisions of this Order or its authorized manuals must be approved by the Director of Security prior to issuance. The Director of Security will review the supplement to determine appropriateness, technical accuracy, and compliance with DOC security regulations.
SECTION 8. EFFECT ON OTHER ORDERS.
.01 The delegations cited in paragraph 1.03 notwithstanding, this Order supersedes Department Administrative Order 207-1 dated December 3, 1984, and Department Administrative Order 207-2 dated September 14, 1982, as amended.
.02 Other Department Administrative Orders may be affected as the manuals and subsequent changes are issued. The transmittal sheet (see paragraph 5.04 of this Order) accompanying each issuance of a manual will indicate any such effects or state that none exist for the particular issuance.
.03 Nothing in this Order shall have the effect of, or be construed as, an exception to the
responsibilities and authorities of the Department's General Counsel under Department
Organization Order 10-6, the Department's Inspector General under the provisions of the
Inspector General Act of 1987, or the responsibilities of the Inspector General under DAO 207-10.
(signed)
Assistant Secretary for Administration
Office of Primary Interest
Office of Security
Index Changes
Add
| Assistant Security Officer | 207-1 |
| Industrial Security Manual, Department of Commerce | 207-1 |
| Industrial Security Program | 207-1 |
| Information Security Program | 207-1 |
| Manuals | |
| National Security Information | 207-1 |
| Personnel Security | 207-1 |
| Sensitive Information | 207-1 |
| National Security Information Manual | 207-1 |
| Operations Security Manual | 207-1 |
| Operations Security Program | 207-1 |
| Personnel Security Manual | 207-1 |
| Physical Security Manual | 207-1 |
| Physical Security Program | 207-1 |
| Security | |
| Officer | 207-1 |
| Officer, Assistant
Programs Sensitive Information Manual |
207-1
207-1 207-1 |
| Admittance to the Department of Commerce after Regular Hours | 207-2 (HB) |
| Building Passes for Main Commerce | 207-2(HB) |
| Building Security Plan | 207-8 |
| Classified Information and Material, Handling of | 207-2(HB) |
| Executive Order 10450, Security Requirements for Government Employment | 207-4
207-5 |
| Executive Order 11652, Classification and Declassification of National Security Information and Material | 207-2(HB) |
| For Official Use Only - Materials Requiring Restricted Handling | 207-2(HB) |
| Foreign Nationals, Security Requirements Applicable to | 207-3 |
| Guest Workers, Security Requirements | 207-3 |
| Handbooks - Security Regulations and Procedures, of | 207-2 |
| Information and Material, Handling of Classified | 207-2(HB) |
| Information and Physical Security Programs | 207-2 |
| Keys | 207-2(HB) |
| Limited Official Use | 207-2(HB) |
| Magnetic Door Cards | 207-2(HB) |
| Marking of Restricted or Security Classified Materials | 207-2(HB) |
| National Agency Check | 207-4 |
| National Security | 207-5 |
| Nonsensitive Position | 207-4 |
| NSC Directive on Classification, Downgrading, Declassification and Safeguarding of National Security Information | 207-2(HB) |
| Pass, Building, for Main Commerce | 207-2(HB) |
| Personnel | |
| Security Regulations | 207-5 |
| Physical Security Program, Information and | 207-5 |
| Records and Files of Classified Security Information and Materials | 207-2(HB) |
| Research Associates, Security Requirements for | 207-3 |
| Restricted Handling, Unclassified Material | 207-2(HB) |
| Restricted Hours, Admittance to the Department During | 207-2(HB) |
| Safeguarding Unclassified Materials Requiring Restricted handling | 207-2(HB) |
| Security | |
| Checks and Investigations | 207-4 |
| Classification | 207-2(HB) |
| Classified Information and Material | 207-2(HB) |
| Hearing Boards | 207-5 |
| Investigations | 207-5 |
| Officer | 207-2(HB) |
| Plan for the Protection of the President, the Vice President, and the Family of the President | 207-8 |
| Regulations and Procedures | 207-2 |
| Regulations, Personnel | 207-5 |
| Requirements for Research Associates, Guest Workers Trainees | 207-3 |
| Sensitive Position | 207-4
207-5 |
| Standards | 207-5 |
| Services Procured by Contract | 207-4 |
| Suitability Investigation of Persons | 207-4 |
| Trainees, Security Requirements | 207-3 |
| Unclassified Materials Requiring Restricted
Handling Safeguarding
United States National, Security Requirements Applicable to |
207-2(HB)
207-3 |
(signed)
Chief Financial Officer and Assistant
Secretary for Administration