PERSONNEL SECURITY SUBCOMMITTEE CHARTER

Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4 P ROUTING AND RECORD SHEETfjk% SUBJECT: (Optional) """ ILI. t i Personnel Security Subcom ' Ne Charter y FROM EXTENSION ' NO. U STA Chief, Policy and Plans o p DATE STA 4-E-70 Headquarters 19 April 1982 TO: (Officer designation, room number, and building) DATE OFFICER'S COMMENTS (Number each comment to show from whom FORWARDED RECEIVED INITIALS to whom. Draw a line across column after each comment.) iDa CIASTA h DDI SI F as t e represent at ve on the 2. Personnel Security Sub- ~ committee, has seen this, st?L of course. You may wish 3. to review it before we respond to the C/SECOM. V 7. Q 10. e ' ^rr'G7/d.c. 11. STA 12. 13. 14. 15. T T T T T FORM 61 O USE PREVIOUS 1-79 EDITIONS Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812 R000100250006-4  Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4 DIRECTOR OF CENTRAL INTELLIGENCE Security Committee SECOM-D-142 14 April 1982 MEMORANDUM FOR: Members, DCI Security~Commi-ttee airman SUBJECT: Personnel Security Subcommittee Charter Forwarded herewith is the newly written charter for the Personnel Security Subcommittee. It has been reviewed and unanimously approved by the members of the Personnel Security Subcommittee as their basic operating document. It is requested that members review this paper and if there are no objections to it, it will become this Subcommittee=s basic paper. If no response is received by myself or the Executive Secretary by Y 30 Agri l I982,awe will consider that you have approved the document. Attachment Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4 ' 67S  Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4 Iq Next 1 Page(s) In Document Denied STAT Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4  DIRECTOR OF CENTRAL INTELLIGENCE Security Committee SECOM-D-157 23 April 1982 MEMORANDUM FOR: Members, DCI Security Committee airman SUBJECT: SECOM Charter REFERENCE: My Memo to Members, SECOM-D-104, dated 23 March 1982 As promised at the 21 April meeting, this addresses comments received on the draft revision of the SECOM charter forwarded by reference: a. One member noted that the substance of the draft may not merit'classification. Comment: It is planned that the collection of revised DCIDs will be classified..- Accordingly, our charter will be classified as part of the package. STAT b. A suggestion was made that the second sentence of section four be changed to read "Senior Officials of the Intelligence Community" instead of "Intelligence Community principals." Comment: The Executive Secretary NFIB/NFIC chose the "Intelligence 'Community principals" terminology to permit continued representation on the SECOM and other DCI committees from organizations which do not come under "Senior Officials of the Intelligence Community" as that term is defined in Executive Order 12333. c. One member noted that security education and awareness is left to a working group and recommended'that this group be upgraded to permanent subcommittee status. Comment: This does not bear on the wording of the draft charter, which authorize the chairman to establish subcommittees, etc., as required. Under that authority, I accept the. recommendation contingent upon SECOM member endorse- ment and approval of a tasking charter. OS REGISTRY Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4  Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4 0 i o I d. It was suggested that the list of implementing guidelines be reformatted for the sake of clarity; be consolidated at some future date; and include "Minimum Standards for Security Awareness Programs in the Intelligence Community." Comment: Suggestions accepted. . e. A question was raised about the interpretation of section 2.b(2) on SECOM functions concerning investigations of unauthorized disclosures of classified intelligence. Comment: It is not intended that the SECOM charter contain authority to mandate what procedures shall be employed to investigate such disclosures. However, the DCI does have clear authority to protect intelligence and to obtain information on disclosures necessary to assess the impact on the intel- ligence process and to support development of corrective security measures. The Security Committee was originally formed to address leaks and compromises of intelligence. A 'significant part of the present (18 May 1976) SECOM charter addresses our role in unauthorized disclosures. Although overall Executive Branch procedures concerning unauthorized disclosures of classified information generally are dealt with in the findings and recommendations of the report the Attorney General sent the President on 31 March 1982, nothing is being considered now which would in any way reduce the DCI's authorities or responsibilities con- cerning disclosures of intelligence. Accordingly, I believe we should carry forward to the new draft the essential elements of our present tasking. If the White House directs stronger measures to prevent disclosures, we can change the SECOM charter as needed. In the interim we need to move promptly to agree on a final draft charter. If SECOM members find the language of section 2.b(2) of the present draft troublesome, the following adaptation of our present charter, to be a new section 2.c (in place of 2.b(2) and renumbering sections appropriately), may be helpful: "c. On behalf of the DCI, request and coordinate investigations by Intelligence Community components of unauthorized disclosures or compromises of classified intelligence; and determine and recommend corrective security measures needed to reduce the future likelihood of such disclosures or compromises." May I have members' thoughts on this approach? f. Several members advised of an error in section 2.c in stating the term "Sensitive Compartmented Information." Comment: Correction made. STAT Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4  Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4 14 APR 1982 I i:iORANNDUxi FOR: Chairman, DCI Security Coi mittee FROM : CIA tienher, DCI Security Co awittee SU3Ja-CT: Draft SECOii Charter i EI ER.LiIGE: NeraoranduY from Chairiaan/LOCI SECOH, dated 23 March 1932, same subject (SECOU-D-1O4) Please be advised of the concurrence of the Central Intelligence Agency in the draft SECOU charter foruarded by reference. Distribution: Orig - Adse 1 - D/Sec C - OS Reg 1 - PPG Chrono OS/P&M/ cbt (12 April 82) Revise cbt (13 April 82) 05 a 0787-4 Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4  Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4 ROUTING AND RECORD SHEET SUBJECT: (Optional) ST Draft SECOM Charter FROM: EXTENSION NO. ST d Policy an Plans Group 4E-70, Hdqs. DATE TO: (Officer designation, room number, and building) DATE OFFICER'S COMMENTS (Number each comment to show from whom RECEIVED FORWARDED INITIALS to whom. Draw a line across column after each comment.) 1. C/PPG 2. 3. DD/PIM . ApeC 12 1982 4. 5. DD/SEC 12'11982 6. D/SEC 12 "9e . 14 A+9sa 8 9. 10. 11. 12. 13. 14. 15. AT AT FORM 61 A USE PREVIOUS _79 1 EDITIONS ,-79m Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4  Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4 .In io DIRECTOR OF CENTRAL INTELLIGENCE Security Committee f ~ e 2 `S SECOM-D-104 23 March 1982 MEMORANDUM FOR: Members,DCI Security Committee SUBJECT: SECOM Charter 1. As part of the ongoing effort to revise the Director of Central Intelligence Directives (DCIDs), Admiral Inman has approved an approach which looks to stating broad policy in new DCIDs and publishing implementing guidance, such as is found in many current DCIDs (e.g., DCIDs 1/14, 1/16 and 1/19), in attachments. The NFIB Executive Secretary and I cooperated in drafting a pro- posed revision of the SECOM charter (DCID 1/11) which reflects this approach. Admiral Inman has approved this revision for circulation to SECOM members. 2. The draft revision is attached. Members are requested to coordinate it within their departments and agencies and to provide me their concurrences or comments by 16 April 1982. Attachment Regraded UNCLASSIFIED When Separated from Attachment CONFIDENTIAL Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4  Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4 Iq Next 2 Page(s) In Document Denied Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4  Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4 ROUTING AND RECORD SHEET SUBJECT: (Optional) Revised SECOM Charter EXTENSION NO FROM: . Ch i e DATE 202 8 April 1982 c TO: (Officer designation, room number, and building) DATE OFFICER'S COMMENTS (Number each comment to show from whom RECEIVED FORWARDED INITIALS to whom. Draw a line across column after each comment.) 1. Chief/PPG 49 4? 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. FORM ~~ 0 USE PREVIOUS 1-79 EDITIONS STAT STAT Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4  Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4 8 April 1982 MEMORANDUM FOR: Chief, Policy and Plans Group Chief of Operations (PTAS) 1. Pursuant to your request for comments re Subject by 9 April, attached is a review/comment from the Chief, Information Systems Security Group. Additionally, we would like to point out that we are certainly in agreement with the intention and goals of SECOM, however, continue to feel that strong emphasis must be provided to upgrade security standards and criteria in the Community. The job of security daily seems to become more difficult in a permissive society with all its "leaks" and watered-down philosophies and attitudes. A job of SECOM, as we see it, is to disallow even the thought that standards and criteria are to be at the lowest common denominator level. 2. A minor point is pointed out that on page 2, paragraph 2(c), the expression "special compartmented information" is probably in error. If this statement refers to SCI, it should e compartmented information." REGRADE UNCLASSIFIED WHEN SEPARATED FR N CONFIDENTIAL ATTACHMENT rnim r~n a i " II Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4  Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4 MEMORANDUM FOR: FROM: SUBJECT : Chief of Operations Physical, Technical and Area Security Information Systems Security Group, OS Comments on Revised SECOM Charter REFERENCE: Routing and Record Sheet dated 24 March 1982 w/attachment 2. We have no problem with the approach as stated in reference which will separate broad policy from implementation guidance in the form of an Intelligence Community regulation provided that the effective date of the regulatory issuance conforms with the date of policy promulgation. If broad policy is published, for example, on the subject of computer security and there is a gap of time before the regulation to go with this policy is agreed to and published, agencies (and contractors) would be doing their "own thing" and chaos would ensue. There would be a breakdown in uniformity which we have been striving to achieve over these many years. Lack of such uniformity especially in the contractor world could and most probably would lead to increased dollar costs in processing community data (with different contractor requirements for instance and lack of Memoranda of Agreement(s) among member agencies). 3. The bright side in this proposed charter is that technology changes which oftentimes generate new computer security vulnerabilities (e.g., fixed storage devices, remote diagnostics, etc.) can be handled as revisions to the regulation(s) with the broad policy document kept intact without the necessity of constantly changing it. In short, the policy section would be somewhat fixed, with changes made when needed in the regulation instead of the whole document. Our concern is there always be a regulation to go with stated br oad policy. 25X1 25X1 Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4  Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4 ROUTING = Aida AtE o%, I i-7? Sanitized Copy Approved for Release 2010/06/08: CIA-RDP87-00812R000100250006-4