SECURITY VIOLATIONS OCCURRING AT NRO PROGRAM OFFICE CONTRACTOR FACILITIES - - DEFINITION OF AND REPORTING PROCEDURES

Approved For R21ease 2002 TIA-RDP96B01172RO01000150006-0 125OZ-78 of 8 6 FEB 1978 MEMORANDUM FOR: Director, National Reconnaissance office FROM: Robert W. Gambino SUBJECT: Director of Security Security Violations Occurring at NRO Program Office Contractor Facilities -- Definition of and Reporting Procedures iCE: ent for Reorganization of the NRP INK678-65) dated 11 August 1965 1. During security audits conducted at Agency-funded and NRO-funded contractors as a result of the Boyce/Lee Case, it has become apparent that some contractors have not operly interpreting Section 1, Paragraph 6a(3) of the Industrial Security Manual. Instead of reporting urity violations as required, many contractors have opted the policy of reporting only violations which have, in their judgment, resulted in compromise or which they felt could potentially result in compromise. They have not uniformly reported other matters such as open safes or unsecured classified material found by guards, preferring to regard them simply as security "discrepancies" rather than as violations. 2. The Director of Central Intelligence has expressed concern regarding this situation and agrees that such a lack of complete reporting is unacceptable.,.. The following policy will, therefore, apply with -regard to.tll'contracts under the cognizance of the Central Intelligence Agency: ."SECURITY VIOLATION: Any breach of security regulidatuans , raga resents , procedures or guides by an individual which subjects classified or sensitive material or information to compromise to unauthorized persons, or which places it 'in jeopardy where a com- promise could result, constitutes a reportable security violation. Such a breach includes both acts of omission Wf RNING re ed For SENSITIVE 1NTELLI E CE SOURCES 1' D METHODS INVOLV1 D E2 I HANDLE VI CL ~eleas@e~ff0-24~1 6B01172R0010001500 25X1 25X1 SECRET 25X1  Approved For Release 2002/0( -RDP96B01172R001000150006-0 such as failure to properly secure classified or sensitive material, and acts of commission such as discussion of classified or sensitive information over nonsecure telephone circuits. The information and materials referred to in this definition comprise Collateral classified, SCI classified, and those materials and information which are sensitive because they involve intelligence sources and methods." 3. Pursuant to paragraph ZC(5) of reference i i 90MM at you disseminate this definition to 6M 25X1 for their notification of the appropriate contractors. 4. Along with the definition, please forward a copy of the attached Security Violation Report Form. It may be repro- duced locally by each contractor as necessary. Please tell your Program Offices to inform their contractors that the Security Violation Report Forms, when filled in, are to be classified a minimum of SECRET because they relate to SCI contracts. Full Program names should not be used in reporting SCI violations on this Security Violation Report Form because the individual security files in which they will be maintained will not in every case be in a compartmented area. If it does become necessary for the contractor to report SCI details of a violation, those facts should be separately stated in an attach- ment which is to be maintained by the Program Office under SCI control. 5. Please advise this Office when the actions in paragraphs 3 and 4 have been accomplished. FOR THE DIRECTOR OF CENTRAL INTELLIGENCE: Attachment Distribution: Copy I - D NRO Z NRO 3 - D/Sec - DD/PTOS 5 - OS/Reg 6 - SSC 7 - C/ISB 8 - ISB chrono M ead F,o~- e~ease?2P02/01/06'7 1~P96B01172R001000150006-0 IS $  Approved For Release 2002/01/09 : CIA-RDP96B01172RO01000150006-0 Next 1 Page(s) In Document Exempt Approved For Release 2002/01/09 : CIA-RDP96BOl 172RO01 000150006-0