APEX SECURITY MANUALS FOR GOVERNMENT/INDUSTRY-CIA COMMENTS(Sanitized)

Approved For Release 2004/QCMDMIRDP85T00788R00010006001 A NATIONAL FOREIGN ASSESSMENT CENTER MEMORANDUM FOR: FROM SUBJECT REFERENCE WASHINGTON, D. C. 20505 Chairman NFIB Working Group on Comp/artmentation 16 October 1979 Chief, Requirements and Evaluation Staff/NFAC : APEX Secrtylanuals for Government/Industry--CIA Comments : Walsh Memo to Working Group re APEX Security Manuals, 28 September 1979 1. This memorandum contains the comments of the NFAC, the D/SU, the D/O, and the D/A, respectively, on the draft APEX manuals for government and industry (annexes I and II to the APEX report), dated May 1979. Several comments are rather general owing to a lack of specificity in the text of the manuals. Presumably these general guideline portions of the manuals will be spelled out prior to further NFIB consideration of the manuals as called for in the minutes of the 58th NFIB meeting, 25 September 1979. 2. A number of the NFAC comments, which are with one exception limited to the government manual, relate to the potential additional resource burden of accounting for APEX documents and the role of the Senior Intelligence Officers (SI0s). The D/SU defers to the approp- riate program plam.Is for comments on the industry manual. The EVO focuses an the category. The DIA's comments range widely from the impact on the reproduction of cables to the impact on OC's ComSec efforts. Approved For Release 2004/05CONFORNEM5T00788R000100060010-7 Do 9 2462/ 25 25 25 Approved For Release 2004/6WAPTADP85T00788R000100060010-7 ? Directorate Positions. -- NFAC: 3. The NTAC comments do not address the sanitization and decompartmentation guidelines, which are the most critical issue for it and other producers of finished intelligence. Also, there are concerns within NFAC about the abolishment ofl but the NFAC defers to the pro am manager and the security specialists for de- tailed comments. 4. The industry manual makes no mention of Contracting Officers' Technical Representatives (COTRs). Because they often are more involved than contract officers it would seem that they too should be included in the text, with guidance provided on handling materials, among other special considerations. 5. There is a generalized concern in NFAC that the govern- ment manual wording appears headed to the control of SCI raw-data and processed-information documents, especially cables such as those issued by the National Security Agency, in the manner of those that are "green-sheet-covered" Top Secret. This would impose a very serious problem for the Center. One office recently undertook a small study of the implications of controlling SCI cables through its registry system. The study indicated a need for a minimum of five additional people to provide satisfactory control of the system including the reproduction, distribution, and file maintenance of this document flow. This resource issue needs careful attention as ways are sought to impose more strict document control. 6. NFAC/OCR has reviewed the government security manual and finds that it causes immediate problems for two new systems: its Automated Document Storage and Retrieval (ADSTAM system and SAFE. OCR will begin in November 1979 the conversion of the last three years (CY 1977-79) of its document holdings from present format to the ADSTAR blip-coded 16mm microfilm. The APEX manual suggests that there could be changes in the requirements for the handling of the SCI documents now on file. Therefore, OCR needs to know what these changes will be before it undertakes a costly conversion process that may have to be redone. APEX poses other problems for ADSTAR. They are raised below, along with the specific comments of the other NFAC entities. -2- Approved For Release 2004/0CMHEAME85T00788R000100060010-7 CONFIDENTIAL Approved For Release 2004/05/12: CIA-RDP85T00788R000100060010-7 a. Page 1, INTRODUCTION. This manual needs a better explanation of specifically what APEX is. It would be use- ful to say what special access systems are covered. For example "APEX was established to control what has been re- cently known as Sensitive Compartmented Information, and _specifically cavers...." In this paragraph, and throughout the manual, the effort to keep the classification of the =Dual at the lowest possible level had led to a lack of clarity. The second paragraph of the Introduction talks about classification of terms; the manual itself is not properly classified?it needs portion markings or a general state- ment. Paragraph three suggests that changes may become necessary in the handling of what are now termed SCI materials. Any-substantial change in the handling of these materials could have a major change on OCR's central document respository and bibliographic index. (This is a general problem for all of NFAC but specifically for OCR.) It is particularly important that OCR understands how present SCI materials will be handled in the future as it begins the conversion of the three most recent years of document holdings for ADSTAR. b. Page 2, Organizational Structure. A clear definition for Senior Intelligence Officers (SIOs) is needed. In the unified and specified commands, there are SIOs at a variety of levels. In contrast, CIA has only one SIO--the (Deputy) Director of NFAC who advises the DCI on questions of ? compartmentation. This factor becomes extremely important when an SIO, for example, can waive certain investigative requirements (VIII.c) if he wishes to authorize an individual access to the APEX system prior to the completion of a full investigation. The SIO also has a number of other important powers. Unless the SIOs' responsibilities are more strin- ? gently defined and the level at which they operate the SIOs in a number of agencies and departments may well have far more authority than, necessary. c. Page 2, Paragraph 8. It would be useful to know whether APEX Control Facilities are bounded physically or organizationally. d. Page 2, Penultimate Paragraph. The difference between the ACO and ASO is not clear. Suggest rewording to say: "Because of the separate responsibilities of the ACO Approved For For Release 2004/05M4FM6085T00788R000100060010-7 Approved For Release 2004/05/12: CIA-RDP85T00788R000100060010-7 CONFIDENTIAL and the ASO [see page 8], it is preferable that these positions not be held by the same individual...." At what organizational level will they be located? e. Page 3, Second Paragraph. This paragraph indicates a variety of different compartments in APEX but only one, 25X1 is addressed in the manual. The sigificance and implications of the other compartments should be addressed. (See relevant D/0 comments below.) The NFAC suggests that same examples be provided for use of category terms, code- words, and special designators. f. Page 4, Paragraph c. Should an annual approval review for accesses be required, NFAC would have to cope with more than 8,000 clearances under today's systems. Most recently, such an exercise required four man-months of one security officer's time in ddi ti1on to the time expended by the NFAC components. g. Paga 4, Paragraph e. It would appear impossible for anyone in CCR (or other processing units) to account for all APEX documents under his/her control or cognizance should a': SCI docunents retroactively be converted to APEX. For e-.4inple, a number of supervisors up the line have respon- snility for the central library of 11 million documents. offices in NFAC will have similar problems becauzz: the ? materials are held in a large number of safes or cabinets undzr the control of individual analysts. 25X1 Ii. Page 4, Paragraph g. Under existing procedures for granting access to compartmented information, the Department of Defense and the unified and specified commands demand access to compartmented information down to relatively low-level units. The need to know for many of these units is very questionable, The NFAC would, therefore, favor even more restrictive language in this paragraph; otherwise sensitive information would continue to flow to levels that do not require it. : i. Page 5, Paragraph h. The two phases of APEX- GENERAL access seem unnecessary, and poorly defined. A computer technician can have access to more APEX material than a file clerk. The establishment of a general access -4- Approved For Release 2004/Wforni4.\fe85T00788R000100060010-7 Approved For Release 2004/05/12: CIA-RDP85T00788R000100060010-7 seems questionable. The file clerk, document control clerk, and computer technician--with broad access to a variety of APEX documents--present a greater security risk than does the analyst with full access to a limited number of documents. (If phases are to be differentiated, "groups" or "classes" seem to be more appropriate terms.) j. Page 8, Paragraph VII.a.2.&3. The ACO is identified as the exclusive control point for receipt and dispatch. This is almost impossible in an operation as large as OCR. Suggest rewording to say that the ACO ensures the proper receipt and dispatch.... Additionally, note if, as stated previously on page 2, the ACO and ASO are not the same individual, a great duplication of effort will result. The ACO duties 4 and S are parallel to ASO duty 2. ? k. Page 10, Paragraph d. There are formidable political and perhaps legal obstacles to obtaining agree- ment from other agencies and departments on administering ? polygraph tests to individuals having access to APEX material. The NTAC believes, however, that agencies should ? have a reserve power to insist upon administering poly- graph tests when derogatory information or inconsistencies arise that could impact on an individual's security status. ? The right to selective use of the polygraph on individunls having access to APEX information would be a minimal safe- guard if the US c1,1.E.ument is to stem the current flood of 25X1 security leaks. 1. Pages 9-16. The almost seven pages on security standards, with the heavy emphasis on investigation and reinvestigation, offer a stark contrast to the two pages on security education. All the checks and controls in a ? security control system are for naught if the people within the system do not understand and participate in the system. This requires a vigorous program of security education and awareness at all levels. 25X1 in. Page 18, Paragraph XI ..a.. An "APEX control organiza- tion" is identified. It should be described and stated where it is located. -S- CONFIDENTIAL Approved For Release 2004/05/12 : CIA-RDP85T00788R000100060010-7 CONFIDENTIAL Approved For Release 2004/05/12 : CIA-RDP85T00788R0001000600107 n. Page 18, Paragraph XI.b. Will the central record of APEX cleared personnel be a modification of SPECLE? OCR is using SPECTF data as the basis for its security access package, and changes to SPECLE could require changes in the OCR software for this package. 0. Page 19, Paragraph XII.a. In the last sentence, suggest deletion of "where normal management .sufficient Irclusion permits judgments to be made as to the sufficiency or "normal management and safeguarding procedures" to pro- tect intelligence?an incomprehensible situation. If compart- mented information is presented, it should be identified as 25X1 such. 25X1 ? lp,?Page 19, Paragraph XII.b. The definition of compart- mentation is confused by the inclusion of sanitization as a form of deca7partmentation. It would be preferable to use tlw definitions the sanitization and decompartmentation panel (Task Group 4) developed this past spring This paragraph states 9'6 the extent possible, materials protected under the APEX Security Control System will be deooTpartmented." The manual does not, however, dcuss bibliographic citations (numbering about 3 million), afl in portant concern of OCR?particularly in light of the current proposal that OCR's bibliographic index be reviewed as a possible Community system. The NPAC recommends that this manual contain a statement on bibliographic citations, and that this statement indicate that bibliographic citations for automated indexes can be handled outside the APEX system viz., that the citations themselves do not have to be treated as APEX materials. A. Page 21, Paragraphs XIII.a. and XIII.b.l. In the first, it would seem appropriate to include a statement? about derivative classification and the classification decisions of others. As for the second, a statement should be added to the last sentence to indicate that each article in aperiodi- cal should also be marked as a separate document. Approved For Release 2004/ORIFWV*85T00788R000100060010-7 CONFIDENTIAL Approved For Release 2004/05/12 : CIA-RDP85T00788R000100060010-7 T. Page 21, Paragraph XIII.b.2. Recommend that the "HANDLE VIA..." marking not be placed on each page. It would serve only to add more clutter to the information presented. ? Also suggest "back page, and first page" read "first page, and back page." s. Page 21, Paragraph XIII .b.4. The second sentence should be revised to indicate that control numbers are not necessary when a document has a unique identifying number. When a document has more than one number by which it can be identified, storage and retrieval are complicated. This is extremely important--it has cost implications as well as document control a/eats-land would be an improvement on the present system. t. Page 22, Paragraph 5. Suggest deletion of ambigu- ous "when it is necessary." 1.14 Page 22, Paragraph 6. The NFAC has some concern re- garding the reason for extended classification; can this manual be used as the reference, or should the reason be more closely tied to Executive Order 12065? v. Page 22, Paragraph 8. Will it be necessary to remark current files? will future acquisitions of raw traffic necessarily be treated in this fashion? Suggest the second sentence read "The classification and handling controls for such material...." w. Page 23, Paragraph XIII.c.5. The -To BE RETURNED..." marking is not as clear as the present "PROPERTY OF U.S. GOVERNMENT..." marking, which also includes a phone number. x. Pages 24 and 25. OCR, in particular, has concern about the reproduction and accountability of Top Secret CTS) documents. For years the control of collateral TS documents has been governed by tight accountability. If TS-compart- mented materials are to be treated also with this tight accountability, OCR's costs of handling these materials will sizably increase unless there is a decrease in the volume of this material. (001R currently disseminates about 900 NSA Approved For Release 2004/00PVICITAM085T00788R000100060010-7 Approved For Release 200gliC23ikDP85T00788R000100060010-7 hard-copy TS documents a month; in the process it must re- produce a number of copies of each document.) Some sort of reasonable modification of these guidelines is necessary in order for OCR to disseminate and to provide document service 25X1 effectively. 25X1 25X1 25X1 If strictly adhered to, this requirement would encumber the production process, in that most analysts at one time or another clip and paste. y. Page 24, Paragraph XIII.f. Suggest first sentence ? read "...has been served, APEX-controlled material will be destroyed as prescribed by existing record control policy and in a manner...." z. Page 25, Paragraph 3. The requirement for random audits of non-TS and non APEX documents appears to require that ISO maintain an Inventory of all APEX materials flied in its bio-raohic and organizational files--a totally i7possible task. aa. Page 25, Last Paragraph. This could be worded ?mcre clearly to say something like: "Dissemination records n.-)t required for the normal distribution and processing ora , intelligence APEX data provided it remains under the conttol...." Moreover, illustrations of "raw intelligence data" should be provided. bb. Page 27, Paragraph c. It would seem that among the elements on each microfiche readable without magnifica- tion would be the APEX control and copy numbers. cc. Page 27, Paragraph d. The requirements for target pages and extra labeling of microfilm containers will slow down the production of film for ADSTAR, whose basic purpose is to provide faster service. The value of target pages is question- able for any microfilm; it is particularly so for ADSTAR. Film will be stored in cassettes that are mounted in storage modules. Viewing of this film is only through a computer-assisted re- trieval process, which limits an individual's access to only those documents for which he/she has a clearance. -8- CONFIDENTIAL Approved For Release 2004/05/12 : CIA-RDP85T00788R000100060010-7 Approved For Release 2004/0WiSgcrlitlyr85T00788R000100060010-7 dd. Page 26, Paragraph XIV.b. Suggest the more general term "opaque" vice "metal." New materials are now in develop- 25X1 ment. The requirement for marking the outside of those microfilm cassettes that are stored in the ADSTAR modules seems unnecessary also. It provides no further security protection for this system. ee. Page 31, Paragraphs XV1I.b.2. and 3. Although this is a continuation of similar TICH policy the NFAC does not believe it to be the best policy nor does it reflect the current concern over disclosures. If APEX is designed to permit greater noncompartmented dissemination, then infor- mation that remains in APEX compartments should be protected to the greatest degree possible. Even though these are after- the-fact procedures, they should be more specific as to the responsibilities of the ASO. Ideally, all disclosures and compromises, real or suspected, should be reported and inves- 25X1 tigated. Directorate Positions. -- EVSU: 7. The comments of the D/SU are general; it is assumed that most of the specific details will be worked out prior to the approval of these manuals. a. It is recommended that adoption of the APEX security manuals be on condition that the standards and responsibilities be defined more fully--with NFIB approval required--before their implementation. For example, Senior Intelligence Officers (SI0s) are responsible for implementing ? the procedures in the APEX system but "SIOs" are not further ? defined or identified. 25X1 b. It is further recommended that security guides and implementation handbooks be published by the APEX control organization for each topical area, e.g.,I as the terms become better defined', and in concert with community implementation. Each of the present sensitive, compartmented programs are handled in special channels. Documents in these programs are now separately stored, with a full-time custodian responsible for logging, Approved For For Release 2004/05/12 : CIA-RDP85T00788R000100060010-7 CONFIDENTIAL 25 25 Approved For Release 2009MAIPa&DP85T00788R000100060010-7 filing, and granting access to the file by those formally cleared to review this material. It is not clear whether same or all of these programs may be encompassed in the 25X1 new APEX (andl system(s). c. These handbooks* should be published at each phase of theAPEX implementation schedule to assure that community- wide understanding, and more importantly consistency, is achieved. The proposed manual offers general guidelines, but does not attempt to explain step-by-step implementation pro- cedures. The D/SE1T was advised earlier that it is anticipated that many months of briefings and training by representatives of the Security Committee would be necessary to accomplish this task, and in its view this material could best be pre- sented in the form of implementation handbooks. .Directorate Positions. -- D/O: S. With respect to the Security Manual for Industry -- .. a. All reference to the compartment should be deleted -from this manual. Page 1, I. INTRODUCTION, third paragraph, delete "and the especially sensitive material designators in the category." This re=mendation is made on the basis that material is not appropriate for dissemination to contractors. 25X1 is not mentioned elsewhere in this manual. I b. It is noted that the document numbering systems for contractors and Government differ, which is bound to result in confusion and compound the complexity of the system. Therefore, it is recommended that both contrac- tors and Goveinatent use the ACS-prefix for the document 25X1 numbering system. I I ????-?- * Published for each major subject, access approvals, classifica- tion guidelines, document controls, etc., that develops during the preimplementation process is one possibility to assure community-wide consistency. -10- MINFIDENTIAL Approved For Release 2004/05/12 : CIA-RDP85T00788R000100060010-7 CONFIDENTIAL Approved For Release 2004/05/12 : CIA-RDP85T00788R000100060010-7 9. And with respect to the Security Manual for Government a. The sensitive material designators for infor- 25X1 mation in the category should be classified. It is recommended, therefore, that the second paragraph, page 1, I. INTRODUCTION, Line 5 be changed to read as follows after the word TECHNICAL: "The codewords that identify highly sensitive collection EI2i2ts and the sensitive material designators for the! !compartment may be used outside the APEX control system but must be pro- tected by the standard classification level of 25X1 CONFIDENTIAL." 25X1 25X1 25X1 25X1 25X1 25X1 25X1 25X1 25X1 25X1 b. Page 5, Section VI. I I--Add the following sentence to paragraph 1: material may not be provided to contractors." C, Page 7, c.4.(b) storage?Add the following sentence to bring the protection in line with the current approved handling of sensitive HUNaNT, ? which has been designated for inclusion, within the compartment: "Storage facilities in separate edicated rooms may be required for designated categories at the discretion of the originator." ?d. Page 24, g. Reproduction?AM to second ? paragraph:1 !compartment material may not be ? reproduced. Additional copies must be obtained from the originator." e. Page 26, a. Automatic Data Processing--Add the following: controlled material may not be included in ADP systems." f.? Page 27, c. Microfiche--Add the following: controlled material may not be included in microfiches." g. Page 27, d. Microfilm--Md the following: controlled material may not be included in microfilms." -11- Approved For Release 2004/05WagT1085T00788R000100060010-7 25 25 25 25 25 25 Approved For Release 2004/M2I:DM-FAPP85T00788R000100060010-7 ? 10. These comments reflect the EVO's concern for the han- tiling and control of sensitive HDMINT information that will appear 25X1 in the I Icompartment. The general provisions of the security manuals were previously coordinated with the D/O, and contain 'basically the same information and restrictions as are now in effect for the various SCI compartments. ?Directorate Positions. -- 11. There is an absence of any mention of establishing billets within the APEX Control? System corresponding to positions where the "need-to-know" access to APEX-controlled information can be predeter- ? mined and justified. Whether this was deliberate in the belief that it would further complicate the systems is unknown. The idea of a billet system is not new for it would provide a mechanism uhereby the APEX Special Access Control System could be policed and, permit easier periodic evaluation of an organization's access require- 25X1 merits. 12, With respect to aspects of records and classification manage- ment, the D/A has identified the following problem areas. a. The manual should be portion marked to be in conformance with section 1-504 of Executive Order 12065. I I 25X1 b. Section XIII.b.6. provides a classification auth- ority and duration marking (described as a "Declassification Review Notice") for all APEX materials. The elements of the marking consist of: -- the identity of the classification authority by the use of "CLASSIFIED BY", -- the date for declassification review by the use of "REVIEW ON", or "REM" in electrically transmitted messages, and -- the reason for classification is extended be- yond 6 years by the use 'of "*REASON FOR EXTENDED CLASSIFICATION." (I) The above is incomplete. Most notably there is missing a requirement to identify the office of origin and -12- Approved For Release 2004/05/12: CIA-RDP85T00788R000100060010-7 CONFIDENTIAL 25X1 Approved For Release 2004/Ott/MiffarrIND85T00788R000100060010-7 the official who authorized the classification extension beyond six years, as specified in E.O. 12065, sections 1-501 and 1-502. Additionally, section 1-501 (c) of the Order provides for an event of declassification as well as a date. 4 (2) An additional concern is that if this portion of the manual becomes obligatory, CIA regulations on classification markings will have to be amended either to eliminate the markings currently in effect or to add the new ones. No matter which way it is done, the end result will be a system of markings that is not as good as the one CIA has; this is probably true in other Government 25X1 agencies as well. (3) The D/A suggests that instead of dictating what all the national security markings on APEX materials are ? to be the manual state only that the markings must be in conformance with. Agency requirements under E.O. 12065 for non-APEX (collateral?) material, and spell out only the requirements such as codeword designations that are unique 25X1 to APEX. c. Section XIII.f. states that as soon as possible after its purpose has been served, all APEX-controlled material will be destroyed. Destruction times are also provided in the seventh and eighth paragraphs of this same section under h. (1) Title 44 USC 33 and FPNIR 101-11.4 require that destruction of records be approved by the Archivist of the United States in the form of records control schedules. Any destruction of records without this 25X1 approval is illegal. & Section XIV.b. needs clarification. Should slides be labelled on the images themselves or on the slide mount? If the slide mount needs to be labelled, it will be very labor-intensive. Should the filmtnegatives and/or negative holders be marked? Also, it appears that instead of metal containers, what is really meant is opaque containers. Most film containers are now plastic and may be either opaque or 25X1 transparent. -13- Approved For Release 2004/05/12 : CIA-RDP85T00788R000100060010-7 CONFIDENTIAL CONFIDENTIAL Approved For Release 2004/05/12 : CIA-RDP85T00788R000100060010-7 e. Does section XIV.d. mean that a classification. eye-readable target should appear before and after each - document on the roll of film? If so, this is not possible on COM-produced material and would require a lot of time and effort on source document-produced material. Addition- ally, not all COM recorders will produce eye-readable titles on roll film. 13.. The.. Officeof Communications has reviewed the draft of the sUbject manual and requests the following changes thereto: a. Page 18, Paragraph X.c. Delete the draft para- graph and replace with the following: "c. Compromising Emanations Control (TEMPEST ,Sectuity). All equipment and facilities used to transmit or process APEX information electrically, including communications, word-processing and automatic data-processing systems, must satisfy the requirements of: 1. NEL-HreK 232 - RED/BLACK Engineering - Guidelines. Note: NIL-HDBK 232 will be used vital NACSEM 5203 - TEMPEST Guidelines for Facility Design is published at which time the latter document will replace NaL-1110BK 232. 2. KAG-30 - Compromising Emanations Standard for Cryptographic Equipment. Compromising emanations from equipment and wire lines pro- cessing APEX information must be contained within a control zone that is under sufficient physical and technical control to preclude a successful hostile intercept attack." b. Page 23, Paragraph XIII.d. Modify as indicated below: "d. Electrical Transmissions". "APEX material transmitted..." no change to draft. "The transmission of APEX..." delete and replace with: "Electrical transmission of APEX information shall be limited to specifically designated and accredited communications circuits -14- Approved For Release 2004/0P9EIVE14151:)85T00788R000100060010-7 25X1 Approved For Release 2004/0RF:185085T00788R000100060010-7 secured by a government-approved cryptographic system and/or protected distribution systems. Electrical communications facilities used for the transmission of APEX information shall be accredited by the cognizant APEX Security Officer in coordination with the department or agency communications security activity." "Electrical transmission of APEX..." delete. "Material transmitted by accredited..." no change in draft. "The first item..." no change to draft. 14. The above changes are necessary to: a. Make the document more specific and hence, more useful to the user; b. Eliminate citations of outdated policy documents; and, c. Delegate electrical transmission equipment, and facility accreditation from the DCI to the cognizant APEX Security Officer in coordination with his or her support ing COMSEC activity. IS. OC notes that the appendices that are listed in the table of contents and mentioned throughout the text are not included in 25X1 the manual. 16. In addition to the specific language changes requested in ? paragraphs 13.a and 13.b above, OC has these general concerns: a. Page 5, Paragraph h. Consideration should be given to removing the examples of personnel cited in Phase I and Phase II to eliminate confusion at a later date. The definitions of Phase I and II could end, in both cases, after the first sentence. The inclusion of, communications personnel in Phase I is not, for example, a good illustration. Most communicators who process AMC information do have access to substantive APEX material. 25X1 -15- Approved For Release 2004/05WRATA5T00788R000100060010-7 CONFIDENTIAL Approved For Release 2004/05/12 : CIA-RDP85T00788R000100060010-7 b. Page 24, the 4th subparagraph of Paragraph d. It is assumed that the requirements for marking electrical transmissions as stated will not preclude the printing of the acronym APEX on the side of each disseminated cable to replace the "SCI" acronym currently used. c. Page 24, subparagraph e. It is assumed that the requirement for cover sheets does not extend to cover- sheeting cable receipts. If it does, the Cable Secretariat 25X1 Branch of OC1 accommodate require additional personnel resources to coversheeting. d. Page 24, subparagraph f. It is assumed that the ? requirement to maintain destruction records does not include cables, routinely destroyed during processing and reproduc- tion within the Cable Secretariat Branch. e. Page 24, subparagraph g. The requirement that per- -mission be obtained to reproduce Top Secret APEX material should not include cables. If it does, again, there would be serious resources implications for the Cable Secretariat Branch, and unnecessary time delays in the centralized cable 25X1 dissemination actility.1_,Suggest that cables be excluded from this requirement. 17. Although the foregoing comments are offered in the context of the CIA Cable Secretariat, the same concerns would probably be shared by cable dissemination centers throughout the Intelligence 25X1 ??immunity. 18. The Office of Data Processing finds the manuals well written anc clear, for the most part, but the depth of treatment of various aspects of APEX is uneven. It assumes subsequent manuals or hand- books within member agencies will provide working-level guidance. OOP's area of greatest concern, naturally, is ADP. The simple ,statement on computer security in para. b. of Section X, while reasonable on the surface, is a dangerous gloss. DCID 1/16 is not a completely workable directive at this time, nor is it expected to be in the near future. The DCI 's .covering memo (effective 6 June 1978) on the current version of DCID 1/16 recognized this fact by stating: - -16- Approved For Release 2004/00Fialk1445185T00788R000100060010-7 25X1 LUNFIMNIIAL Approved For Release 2004/05/12: CIA-RDP85T00788R000100060010-7 The diversity and complexity of such computer systems now in place in the Community and those designed for future placement may not provide for compliance with the requirements of the directive in their entirety. Recog- nizing both the validity of the requirements and the difficulty involved in their applica- tion to currently installed and already designed ADP system, the extent to which the exceptions to the requirements of this Directive are applied to such systems is left to the determination of each National Foreign Intelligence Board (NFIB) member in view of his ultimate responsibility for the protection of intelligence information. The implementers of APEX should be aware that DCID 1/16 was written ? with the full knowledge that CIA computer systems (existing and planned) could not comply in a strict sense to all its rovisions, ? particularly if SCI or APEX information was involved. 19. Areas of principal concern for ODP are access approvals for ADP personnel programming and operating computer systems that process APEX material, access approvals for users of computer sys- tems that process APEX material, marking and control of hard-copy (printer) output that is APEX-controlled, marking and control of magnetic media containing APEX data, and header information for ? microfiche or COM output of APEX data. a. ODP's current practice for SCI-access approvals for ODP personnel is to give everyone SI/TKj ]and to request individual compartment accesses for those with a need to 'know because of projects they are working on. How this would be handled under APEX is not clear. ? b. Until recently, because ODP could not ensure that ODP terminal users would not be exposed to SCI material accidentally, they were required to have SI/ TK access also. The Office of Security relaxed this requirement so that only those terminal users who actually process SCI material are. required to have SCI accesses. Again, how this would be handled under APEX is not clear. -17- CONFIDENTIAL Approved For Release 2004/05/12: CIA-RDP85T00788R000100060010-7 25 25 25 25 25 25X1 LUNFIMNIIAL Approved For Release 2004/05/12: CIA-RDP85T00788R000100060010-7 The diversity and complexity of such computer systems now in place in the Community and those designed for future placement may not provide for compliance with the requirements of the directive in their entirety. Recog- nizing both the validity of the requirements and the difficulty involved in their applica- tion to currently installed and already designed ADP system, the extent to which the exceptions to the requirements of this Directive are applied to such systems is left to the determination of each National Foreign Intelligence Board (NFIB) member in view of his ultimate responsibility for the protection of intelligence information. The implementers of APEX should be aware that DCID 1/16 was written ? with the full knowledge that CIA computer systems (existing and planned) could not comply in a strict sense to all its rovisions, ? particularly if SCI or APEX information was involved. 19. Areas of principal concern for ODP are access approvals for ADP personnel programming and operating computer systems that process APEX material, access approvals for users of computer sys- tems that process APEX material, marking and control of hard-copy (printer) output that is APEX-controlled, marking and control of magnetic media containing APEX data, and header information for ? microfiche or COM output of APEX data. a. ODP's current practice for SCI-access approvals for ODP personnel is to give everyone SI/TKj ]and to request individual compartment accesses for those with a need to 'know because of projects they are working on. How this would be handled under APEX is not clear. ? b. Until recently, because ODP could not ensure that ODP terminal users would not be exposed to SCI material accidentally, they were required to have SI/ TK access also. The Office of Security relaxed this requirement so that only those terminal users who actually process SCI material are. required to have SCI accesses. Again, how this would be handled under APEX is not clear. -17- CONFIDENTIAL Approved For Release 2004/05/12: CIA-RDP85T00788R000100060010-7 25 25 25 25 25 CONFIDENTIAL Approved For Release 2004/05/12 : CIA-RDP85T00788R000100060010-7 21. What is the APEX policy on polygraph interviews of per- sonnel being granted access? Section VIII. paragraph d-, subpara- graph 13. leaves room for this requirement but does not state it explicitly. ODP would argue strongly for polygraphs for personnel with access to APEX, especially through ADP systems. 22. Section IX. paragraph b. is somewhat ambiguous as to who does accreditation for whom. Possibly better punctuation would 25X1 clarify this point. 23. Representatives of the Office of Security have submitted comments and suggested changes to previous drafts of the APEX Security Manuals, some of which appear to have been incorporated in the most recent draft, some of which have not. This memorandum does not reiterate those previous suggested changes relating to syntax, grammar, or minor alterations. OS, however, does wish to express a general concern regarding the lack of specifici of the manuals and also suggest three specific changes. 24. Regarding the lack of specificity, one of the most re- curring comments received by representatives of the Office of Security during discussions with corporate security officers is the lack of uniformity among the various Intelligence Community customers concerning security procedures or directives. These corporate representatives express a desire to have a manual that provides specific policies, procedures and detailed guidance that can uniformly be applied to various SCI customers. The proposed manuals provide guidelines for the security and control of APEX material, but agencies are expected to "continue to provide basic direction and classification guidance." There are several instances of vague terminology in the manual, e.g., "timely submission," "as soon as possible," "as soon as feasible," etc, which beg the issuance of a host of implementing directives--probably in conflict with one another--from several Govelallent agencies engaged in compartmented activities and which may well result in a lack of uniformity. 25X1 25. Three specific changes requested by the Office of Security are as follows: -19- CONFIDENTIAL Approved For Release 2004/05/12 : CIA-RDP85T00788R000100060010-7 Approved For Release 2004/WI:OMRP85T00788R000100060010-7 a. Courier Procedures. The proposed manuals prohibit transmittal of material via non-US Covernment-operated or charter aircraft except when the Armed Forces Courier Services (AFC0S) are used. The Security Staff, OD&E/DDSZT, operates an extensive courier system that carries a large volume of SCI material on both domestic and international air routes. They are required to utilize commercial air carriers frequently. In addition, professional security officers of the Office of Security are occasionally dispatched in response to special courier requirements and require use of commercial ? air carriers. It is requested that the restriction on trans- ? mittal of APEX material via non-US Government-operated or Chartered aircraft be removed. b. Termination Secrecy Agreements. The manuals require Termination Secrecy-Agreements be executed for individuals being debriefed from APEX access. The Office of Security endorses this concept, but requests the form be entitled Termination of Access/Security Reminder vice Termination Secrecy Agreement. This is compatible with recent legal decisions that the term "Security Reminder" is preferable to a "Secrecy Agreement" because there really is no valid agreement (i.e., contract) upon termination owing to a lack of consideration, in the legal sense. The Office of Security is in the process of having the present form revised along the lines suggested. c. Congressional Access. Section XVI, paragraph 5, page 20, of the Government manual states requests for exceptions to Clearance standards in the case of nonelected persons in the Legislative Branch should be referred to the DCI Legislative Counsel for resolution. The Office of Security takes the position, that exceptions to clearance standards are not the prerogative of the Legislative Counsel although OLC could be the channel for obtaining an exception. Therefore, OS recommends the words "for resolution" be deleted. -20- Approved For Release 2004/05/12: CIA-RDP85T00788R000100060010-7 ,,CONFIDENTIAL ? /Approved For Release 2004WIFEMAIRDP85T00788R000100060010-7 SUBJECT: APEX Security Manuals for Government/Industry?CIA Comments DISTRIBUTION: 1 - Address 1 - EVNFAC 1 - D/OCO 1 - D/OSR 1 - D/OGCR 1 - D/OW1 1 - D/OER 1 - D/OPA 1 - D/OSI 1 - D/OIA 1 - D/OCR 1 - C/PPG 1 - C/Admin Staff 1 - C/RES 3 - DDO/J 3 - DDS' 5 - DDA 1 - OGC 1 - Executive Registry 1 - NFAC Registry 1 I Ichrono 1 RES SPG Project File 1 - RES/SPG Chrono NFAC/RES/SPG (APEX) jp:160ctober1979 -21- CONFIDENTIAL Approved For Release 2004/05/12 : CIA-RDP85T00788R000100060010-7