SECURITY - 106

State the THREATCON recognition and Force Protection levels and discuss what each represents - Charlie

An incident has occurred or that intelligence has been received indicating that some form of terrorist action is imminent.

State the THREATCON recognition and Force Protection levels and discuss what each represents - Bravo

An increased and more predictable threat of terrorist action

Define the following terms: AntiTerrorism:

AntiTerrorism: Defensive measures used to reduce the vulnerability of individuals and property to terrorist acts, to include limited response and containment by local military forces. The antiterrorism program is one of several security-related programs that fall under the overreaching Force Protection and Combating Terrorism programs. An antiterrorism program is a collective effort that seeks to reduce the likelihood that Department of Defense personnel, their families, facilities and material will be subject to a terrorist attack, and to prepare a response to the consequences of such attacks if they occur.

State the type of investigation and how often it is updated for access to the following classification levels - Secret/Confidential:

Secret/Confidential: The investigative basis for Secret or Confidential clearance eligibility is a favorably completed NACLC OR ANCACI. Clearance eligibility established based on ENTNAC'S, NAC'S OR NACI'S prior to NACLC or ANACI implementation remain valid. For Secret and confidential clearance, the investigation is updated every 10 and 15 years respectively.

Identify what a SAER is and its purpose

Security Access Eligibility Report •Used when trying to get a SCI clearance but have to explain something in detail (Negative marks on a credit report). •Used when one has a SCI but has something Negative come up like unexpected debt.

Define SCI

Sensitive Compartmented Information (SCI) •Classified information concerning or derived from intelligence sources, methods, or analytical processes, which is required to be handled within formal access control systems established by the Director of Central Intelligence.

State the type of investigation and how often it is updated for access to the following classification levels - Sensitive Compartmented Information (SCI):

Sensitive Compartmented Information (SCI): The investigative requirement for SCI is a favorably adjudicated SSBI. A SSBI-PR is required to be submitted every 5 years. The requirements for SCI access are established under Director of National Intelligence (DNI) authority (reference (d) applies). When military personnel are ordered to billets requiring SCI access, the transfer orders will identify the requirement. The losing command's Security Manager/SSO must ensure the required investigative requests are submitted promptly prior to transfer. If an individual is indoctrinated for SCI access, the Commanding Officer may not administratively lower the individual's security clearance below the Top Secret level without approval of the DONCAF.

Identify who can be a CSM.

The security manager can be an officer or civilian employee GS-11 or above, with sufficient authority and staff to manage the programs for the command. The security manager must be a U.S. citizen and have been the subject of a favorably adjudicated SSBI completed within the previous 5 years

State the THREATCON recognition and Force Protection levels and discuss what each represents - Alpha:

A general threat of possible terrorist activity against installations and personnel. The exact nature and extent are unpredictable, and circumstances do not justify full implementation of THREATCON Bravo. Implication of selected THREATCON BRAVO measures as a result of intelligence or as a deterrent may be necessary.

State the THREATCON recognition and Force Protection levels and discuss what each represents - Delta

A terrorist attack has occurred or that intelligence indicates that a terrorist action against a specific location is likely. Normally this THREATCON is declared as a localized warning.

State who can give the order to initiate Emergency Destruction.

Commanding Officer

Describe the procedures for preparing hard copy classified material for transportation via: DCS

DCS •Shall not weigh over 300 pounds, or exceed dimensions 45 1/2" X 26" X 22. •The minimum size of a "flat" (envelope) entered into the DCS shall meet the standard 8 1/2" X 11" in size; small boxes and/or packages shall have a minimum total dimension of 26". •Items shall be addressed with the standardized DCS two-line address; •Envelopes, labels, or tags with visible "postage and fees paid" indicia shall not be used. •Security classification markings, special security caveats, and other extraneous markings must not appear on the outer wrapper. •Nickname and/or special project markings previously approved by the DCS must be placed on the outer wrapper. •Detailed information on wrappings, marking, and preparing material for movement is available from the servicing DCS station. •Generally, all packaging materials are permissible if they afford contents with concealment and protection, preclude physical and/or visual access, are sturdy, and pose no hazard to handlers. Use of metal strapping is specifically prohibited. •U.S. Postal Service bags, pouches, or sacks shall not be used for DCS material.

State the purpose of the DCS.

Defense Courier Service The DCS, organized under DoD Directive 5200.33 (reference (a)), shall establish, staff, maintain, and operate an international network of couriers and courier stations for the expeditious, cost-effective and secure transmission of qualified classified documents and material. In all instances, security of material shall be of paramount importance. As a total quality organization, the DCS shall be responsive to the needs of its customers.

Explain and state the purpose of Emergency Destruction Procedures.

Emergency Destruction Planning •Three categories of COMSEC material that may require destruction in hostile emergencies are: COMSEC keying material, COMSEC related material (e.g., maintenance manuals, operating instructions, and general doctrinal publications), and equipment. -Precautionary Destruction (Priority List A&B): When precautionary destruction is necessary, destroy keying material and non-essential manuals in accordance with this Annex and the EAP?EDP. -Complete Destruction Priority List ©: When sufficient personnel and facilities are available, assign different persons to destroy the material in each category by means of separate destruction facilities and follow the priorities listed herein as incorporated into your EAP/EDP.

Explain how and in what order, material is destroyed during Emergency Destruction.

Emergency Destruction Priorities: •(1) Superseded keying material and secondary variables. -(a) TOP SECRET primary keying material. -(b) SECRET, CONFIDENTIAL, and Unclassified primary keying material. •(2) Future (reserve on board) keying material for use one or two month in the future. -(a) Maintenance manuals. -(b) Operating manuals -© Administrative manuals.

State the THREATCON recognition and Force Protection levels and discuss what each represents - FPCON

FPCON •Normal: Applies when a general global threat of possible terrorist activity exists and warrants a routine security posture. At a minimum, access control will be conducted at all DoD installations and facilities. •Alpha: Applies when there is an increased general threat of possible terrorist activity against personnel or facilities and the nature and extent of the threat are unpredictable. Alpha measures must be capable of being maintained indefinitely. •Bravo: Applies when an increased or more predictable threat of terrorist activity exists. Sustaining BRAVO measures for a prolonged period may affect operation capability and military-civil relationships with local authorities. •Charlie: Applies when an incident occurs or intelligence is received indicating some form of terrorist action or targeting against personnel or facilities is likely. Prolonged implementation of CHARLIE measures may create hardship and affect the activities of the unit and its people. •Delta: Applies in the immediate area where a terrorist attack has occurred or when Intel has been received that terrorist action against a specific location or person is imminent. This FPCON is usually declared as a localized condition. FPCON DELTA measures are not-intended to be sustained for an extended duration.

Define the following terms: Force Protection:

Force Protection: Security program designed to protect service members, civilian employees, family members, facilities and equipment, in all locations and situations, accomplished through planned and integrated application of combating terrorism, physical security, operations security, personal protective services and supported by intelligence, counterintelligence and other security programs.

Describe the procedures for preparing hard copy classified material for transportation via: Hand Carry

Hand Carry •Use a classified material cover sheet, file folder, or other covering to prevent inadvertent disclosure when hand carrying classified material within the command. •Double-wrap the classified information when hand carrying outside the command. •Second echleon commands shall approve escorting or hand carrying of classified information aboard commercial aircraft traveling outside the U.S., its Territories, and Canada. •The courier is liable and responsible for the information being escorted; •The information is not, under any circumstances, to be left unattended; •During overnight stops, classified information is to be stored at a U.S. embassy, military, or appropriately cleared DoD contractor facility and shall not, under any circumstances, be stored unattended in vehicles, hotel rooms, or hotel safes; •The information shall not be opened enroute; •The information shall not be discussed or disclosed in any public place or conveyance; •The courier shall not deviate from the authorized travel schedule; •The courier is responsible for ensuring that personal travel documentation (passport, courier authorization, and medical documents) are complete, valid and current; •There is no assurance of immunity from search by security, police, customs and/or immigration officials on domestic or international flights. Carry-on bags and packages may be subjected to X-raying and inspection by customs or airline/airport security officials. •Upon return, the courier shall return all classified material in a sealed package with receipts for any information that is not returned;

Explain what is meant by 'need to know'

Need-to-know is a determination that an individual requires access to specific classified information in the performance of (or assist in the performance of) lawful and authorized government functions and duties.

State the THREATCON recognition and Force Protection levels and discuss what each represents - Normal:

No known threat indicated

Define the following terms: Personnel Security Program (PSP):

Personnel Security Program (PSP): Is to authorized initial and continued access to classified information and/or initial and continued assignments to sensitive duties to those persons whose loyalty, reliability and trustworthiness are such that entrusting them with classified information or assigning them to sensitive duties is clearly consistent with the interests of national security. Additionally PSP ensures that no final unfavorable personnel security determination will be made without compliance with all procedural requirements.

Define the following terms: RAM:

RAM: To maximize the effectiveness and deterrence value, RAM should be implemented without a set pattern, either in terms of the measures selected, time, place, or other variables. RAM, at a minimum. Shall consist of the random implementation of higher FPCON measures in consideration of the local terrorist capabilities. Random use of other physical security measures should be used to supplement FPCON measures.

Identify the use of the following forms: SF-153 COMSEC Material Report

SF-153 COMSEC Material Report

Identify the use of the following forms:SF-312 Classified Information Nondisclosure Agreement

SF-312 Classified Information Nondisclosure Agreement The SF-312 is a contractual agreement between the U.S. Government and a cleared employee that must be executed as a condition of access to classified information. By signing the SF-312, the cleared employee agrees never to disclose classified information to an unauthorized person.

Identify the use of the following forms: SF-700 Security Container Information

SF-700 Security Container Information The SF-700 is a form that contains vital information about the security container in which it is located. This information includes location, container number, lock serial number, and contact information if the container is found open and unattended.

Identify the use of the following forms: SF-701 Activity Security Checklist

SF-701 Activity Security Checklist The SF-701 is a checklist that is filled out at the end of each day to insure that classified materials are secured properly and allows for employee accountability in the event that irregularities are discovered.

Identify the use of the following forms: SF-702 Security Container Check Sheet

SF-702 Security Container Check Sheet The SF-702 provides a record of the names and times that persons have opened, closed and checked a particular container that holds classified information.

Identify the use of the following forms: SF-703 Top Secret Cover Sheet

SF-703 Top Secret Cover Sheet

State the responsibilities of the TSCO

TSCO Top Secret Control Officer •Maintain a system of accountability (e.g., registry) to record the receipt, reproduction, transfer, transmission, downgrading, declassification and destruction of command Top Secret information, less SCI and other special types of classified information. •Ensure that inventories of Top Secret information are conducted at least once annually , or more frequently when circumstances warrant. As an exception, repositories, libraries, or activities that store large volumes of classified documents may limit their annual inventory to that which access has been given in the past 12 months and 10 percent of the remaining inventory.

Explain the security requirements for the following: Tactical-Sensitive Compartmented Information Facilities (T-SCIF):

Tactical-Sensitive Compartmented Information Facilities (T-SCIF): -The Tactical SCIF shall be located within the supported headquarters defensive perimeter and preferably, also within the Tactical Operations Center (TOC) perimeter. -The T-SCIF shall be established and clearly marked using a physical barrier. -The perimeter shall be guarded by walking or fixed guards to provide observation of the entire controlled area. Guards shall be armed with weapons and ammunition. -Access to the controlled area shall be restricted to a single gate/entrance, which will be guarded on a continuous basis. -An access list shall be maintained -The Tactical SCIF shall be staffed with sufficient personnel as determined by the on-site security authority based on the local threat conditions. -Emergency destruction and evacuation plans shall be kept current. -SCI material shall be stored in lockable containers when not in use. -Communications shall be established and maintained with backup response forces, if possible. -The SSO, or designee, shall conduct an inspection of the vacated Tactical SCIF area to ensure SCI materials are not inadvertently left behind when the T-SCIF moves. -Reconciliation of T-SCIF activation and operational data shall be made not more than 30 days after SCIF activation. Interim reporting of SCIF activities may be to the CSA.

Identify who has overall authority of, and controls access to, a SCIF.

The SSO will be responsible for SECNAV M- 5510.30 June 2006 2-7 the operation of the Sensitive Compartmented information Facility (SCIF) and the security control and use of the SCIF. All SCI matters shall be referred to the SSO.

State the type of investigation and how often it is updated for access to the following classification levels - Top Secret:

Top Secret: The Investigative basis for Top Secret eligibility is a favorably completed SSBI, SSBI-PR or PPR. For those who have continuous assignment or access to Top Secret, critical sensitive positions, SCI Presidential Support Activities, COSMEC Top Secret, LAA, PRP, IT-1 duties or SIOC-ESI, the SSBI must be updated every 5 years by a PR.

State when safe combinations should be changed.

•A combination lock is first installed or used •A combination has been subjected, or believed to have been subjected to compromise; and when considered necessary by the CSA. •Every 2 years safe and container combinations should be changed at a minimum •All combinations to SCIF entrance doors should be stored in another SCIF of equal or higher accreditation level. When this is not feasible, alternate arrangements will be made in coordination with the CSA.

Discuss the need for access lists, required documentation logs, and two-person integrity.

•Access List: Access rosters listing all persons authorized access to the facility shall be maintained at the point of entry. Electronic systems, including coded security identification cards or badges may be used in lieu of security access rosters. •Required Documentation Logs: A series of official and legally binding documents. Each entry is usually arranged by date and marked with the time of an event or action of significance. (e.g. access, receipt of materials) •Two-Person Integrity: Prevents single person access. Two persons must be in constant view of each other and the material.

Discuss each of the following, giving their definition and purpose of each.

•COMSEC Communications Security: Protective measures taken to deny unauthorized persons information derived from telecommunications of the U.S. Government concerning national security, and to ensure the authenticity of such telecommunications. [NOTE: COMSEC includes crypto security, emission security, transmission security and physical security of COMSEC material and COMSEC information]. •INFOSEC Information Security: Information Security Systems (INFOSEC), a subset of IA, is the protection of information and information systems against unauthorized access or modification, whether in storage, processing, or transit, and against the denial of service to authorized users, including those measures necessary to detect, document and counter such threats. •COMPUSEC Computer Security: Measures and controls that ensure confidentiality, integrity, and availability of the information processed and stored by a computer.

List items prohibited in a SCIF and the security risks associated with them.

•Cellphone •Camera •Removable HDD, USB, etc. •Two way radio •IPOD •Playstation, gameboy •PDA •No PED (Personal Electronic Devices).(TVs and DVD players pending SSO approval, cannot have a record function (DVD-R or CD-R).

State the responsibilities of the DDA.

•Designated Disclosure Authority (DDA) •The DDA has the authority and responsibility to control disclosures of Classified Military Information and Controlled Unclassified Information to foreign governments and international organizations and their representatives or persons sponsored by them.

Explain the DoD escort policy.

•Escort of an uncleared person: If you are an escort you are required to stay with that individual or group you are escorting until they leave. In addition you are to ensure they stay out of secure spaces unless authorized. •The movement of all visitors shall be controlled to ensure that access to classified information is deliberate and consistent with the purpose of the visit. If an escort is required for the visitor, a military, civilian, or a cleared contractor assigned to the command being visited may be assigned escort duties. •As a matter of convenience and courtesy, flag officers, general officers, and their civilian equivalents are not required to sign visitor records or display identification badges when being escorted as visitors. •Identification of these senior visitors by escorts will normally be sufficient. The escort should be present at all times to avoid challenge and embarrassment and to ensure that necessary security controls are met. If the visitor is not being escorted, all normal security procedures will apply

Explain and state the purpose of a EAP

•Every command that holds classified COMSEC or CCI material must prepare and maintain a current, written emergency plan for safeguarding such material in the event of an emergency •All SCIFs require a Emergency Action Plan very similar to SECNAVINST 5510.36 but with focus on SCI. •All CONUS activities that hold classified COMSEC or CCI material will maintain a current, written Emergency Plan for protection of COMSEC material appropriate for natural disasters likely to occur in their region of the country (e.g., hurricanes in the South, tornadoes and floods in the mid-West, fires in the West, etc.).

Identify the events that should be reported to the SSO.

•Financial issues. •Legal issues. •U/A. •Mental Illness. •Marriage to a foreign national.. •Anything that could question your character, integrity, physical and mental health needs to be reported.

Explain vault recertification and recurring inspections.

•GSA approved containers and vault doors must have a GSA label affixed on the outside of the door or front of the control drawer (drawer with the combination lock). The label should have the words "GSA Approved Security Container" or "Vault Door" (as appropriate). If the container or vault door does not have the label, it may have been removed because the container/door is no longer approved. •The container or vault door must be inspected and recertified by a person specifically trained and authorized by the GSA before it can be used to protect classified material. Upon completion of the inspection, a "GSA Approved Recertified Security Container" label will be applied and the container/vault door is then considered authorized for storage/protection of classified material. •If the container fails inspection, it must be repaired In accordance with SECNAV M-5510.36 June 2006 10-5 with Federal Standard 809, "Federal Standard Neutralization and Repair of GSA-Approved Security Containers" before the recertification label can be applied. •Information on availability and location of technicians may be obtained from the DoD Lock Program (800-982-1219) or from the GSA Furniture Center, www.gsa.gov.

state the levels if INFOCON and what each signifies

•INFOCON 5: Describes a situation where there is no apparent hostile activity against computer networks. Operational performance of all information systems is monitored, and password systems are used as a layer of protection. • INFOCON 4: describes an increased risk of attack. Increased monitoring of all network activities is mandated, and all Department of Defense and users must make sure their systems are secure. Internet usage may be restricted to government sites only, and backing up files to removable media is ideal •INFOCON 3: Describes when a risk has been identified. Security review on important systems is a priority, and the Computer Network Defense System's alertness is increased. All Unclassified dial-up connections are disconnected. •INFOCON 2: Describes when an attack has taken place but the computer Network Defense system is not at its highest alertness. Non-essential networks my be taken off-line, and alternate methods of communications may be implemented. •INFOCON 1: Describes when attacks are taking place and the Computer Network Defense system is at maximum alertness. Any compromised systems are isolated from the rest of the network.

Explain why the U.S. Navy only uses ".mil" email addresses on government systems.

•In the Domain Name System (DNS) naming of computers, there is a hierarchy of names. There is a set of "top-level domain names" (TPDs). These are generic TLDs and the two letter country codes from International Organization for Standardization (ISO) Standard Number 3166. The Internet Assigned Numbers Authority (IANA) provides a list of the generic TLDs that presently includes twenty domains and descriptions. •The Navy uses .mil for its e-mail addresses because the I.S. Department of Defense has exclusive use of this domain.

Explain the purpose of JPAS

•Joint Personnel Adjudication System. A website which is used to hold personnel information involving security clearances, •The Joint Personnel Adjudication System (JPAS) is a DoD system that use NIPERNET to conned all DoD security personnel around the world with their Central Adjudication Facility (CAF). The JPAS website runs on a secured port with secured socket layer (SSL) 128-bit encryption.

Discuss the security rules and procedures for magnetic electronic media.

•Removable storage media includes magnetic tape reels, diskettes, CD-ROMs, removable hard disks, disk cartridges, optical disks, paper tape reels, magnetic cards, tape cassettes and micro-cassettes, and any other device on which data is stored and which normally is removable from the system by the user or operator. •All such devices bearing classified information must be conspicuously marked with the highest level on classification stored on the device and any special control notices that apply to the information using one of the labels specified in paragraph C5.4.10. •As an exception, in the case of CD-ROMs, the label may be affixed to the sleeve or container in which the CD-ROM is stored.

Discuss the procedures of sanitizing an area.

•Sanitizing: The removal of information from the media or equipment such that data recovery using any known technique or analysis is prevented. Sanitizing shall include the removal of data from the media, as well as the removal of all classified labels, markings, and activity logs. Properly sanitized media may be subsequently declassified upon observing the organization's respective verification and review procedures. •Example: You're escorting someone who has a Secret clearance and he needs to go into the SCIF to fix something. You first have to announce him coming and wait until all computer screens, paperwork and whatever classified is put away.

Define the difference between a security violation and a practice dangerous to security.

•Security violation: A compromise of classified information to persons not authorized to receive it or a serious failure to comply with the provisions of security regulation in this manual which is likely to result in a compromise. A security violation requires an investigation. •Practice Dangerous to Security: A failure to comply with the provisions of security regulation or this manual which causes a potential compromise to classified information.

Explain the security requirements for the following: Sensitive Compartmented Information Facilities (SCIF):

•Sensitive Compartmented Information Facilities (SCIF): -Physical Security Preconstruction Review and Approval Accreditation -Personnel Controls -Control of Combinations -Entry/Exit Inspections -Control of Electronic Devices and Other Items -CONSTRUCTION -SOUND ATTENUATION - ENTRANCE, OUT, AND ACCESS DOORS -PHYSICAL PROTECTION OF VENTS, DUCTS, AND PIPES -WINDOWS

List the duties and responsibilities of the SSO.

•Special Security Officer: The SSO serves as the focal point for the receipt, control and accountability of SCI and overseas SCI security functions for subordinate SCIFs. The SSO will be a military commissioned officer, Warrant Officer, or civilian (GS-9 or above). •Example of duties: -Supervises the operation of the Special Security Office and administers the SCI security program to include SCI security oversight for the other local SCIFs under the organizational SCI security cognizance. -Maintain applicable SCI directives, regulations, manuals, and guidelines to adequately discharge SSO duties and responsibilities. -Ensures all SCI is properly accounted for, controlled, transmitted, transported, packaged and safeguarded. Ensures all SCI is destroyed in authorized destruction facilities and in accordance with DoD 5105.21 M-1. -Ensures SCI is disseminated only to persons authorized access to the material and having and established need-to-know. -Serves as the official channel for passing SCI access certifications.

Define the following classification categories, how they differ, and the color codes used to identify each one.

•TOP SECRET (ORANGE)is the classification level applied to information whose unauthorized disclosure could reasonably be expected to cause exceptionally grave damage to the national security. •SECRET (RED)is the classification level applied to information whose unauthorized disclosure could reasonably be expected to cause serious damage to the national security. •CONFIDENTIAL (BLUE)is the classification level applied to information whose unauthorized disclosure could reasonably be expected to cause damage to the national security. •UNCLASSIFIED (GREEN) Example, publications available on the internet.

Explain and state the responsibilities of DONCAF

•The Department of the Navy Central Adjudication Facility (DONCAF), a Naval Criminal Investigative Service (NCIS) organization, is responsible for determining who within the Department of the Navy is eligible to hold a security clearance, to have access to Sensitive Compartmented Information (SCI), or to be assigned to sensitive duties. The aggregate body of DON personnel consists of Active Duty and Reserve components of the United States Navy and Marine Corps, as well as civilians and contractors. In addition, DONCAF makes SCI eligibility determinations for select contractor personnel. Collateral clearance determinations for contractor personnel are established by DISCO (Defense Industrial Service Clearance Office). •DONCAF also maintains an extensive database of its security decisions and provides overall operational support to the Navy's personnel security program.

State the purpose of the ICD system.

•The Director of National Intelligence (DNI) established Intelligence Community Directives (ICDs) as the principal means by which the DNI provides guidance, policy, and direction to the Intelligence Community.

Identify SSO Navy

•The Director, Security and Corporate Services (ONI-05) as special security officer for the CON (SSO Navy) has bee designated as the Cognizant Security Authority (CSA). •As CSA, SSO Navy is responsible for implementing SCI security policy and procedures and performs management and oversight of the Department's SCI security program.

Discuss the purpose of personnel security.

•The objective of the PSP is to authorize initial and continued access to classified information and/or initial and continued assignment to sensitive duties to those persons whose loyalty, reliability and trustworthiness are such that entrusting them with classified information or assigning them to sensitive duties is clearly consistent with the interests of national security. •Additionally, the PSP ensures that no final unfavorable personnel security determination will be made without compliance with all procedural requirements.

State the duties and responsibilities of a CSM

•The security manager is responsible for implementing the ISP and shall have direct access to the Commanding Officer. •Serves as the principal advisor and representative to the Commanding Officer in matters pertaining to the classification, safeguarding, transmission, and destruction of classified information. •Develop a written command security instruction, to include provisions for safeguarding classified information during military operations or emergency situations. •Ensure that personnel in the command who perform security duties are kept abreast of changes in policies and procedures, and provide assistance in problem solving. •Formulate, coordinate, and conduct the command security education program •Ensure that threats to security and other security violations are reported, recorded, and when necessary investigated. •Ensure that all security violations or incidents involving the possible compromise of classified information, to include those involving information technology (IT) systems, are investigated and reported. •Maintain liaison with the command Public Affairs Officer (PAO) to ensure that proposed press releases and information intended for public release are subjected to a security review. •Develop security measures and procedures regarding visitors who require access to classified information.

Discuss how long a Commanding Officer can administratively suspend access before DONCAF revokes a clearance.

•When information of obvious security concern develops, the appropriate commander or director will immediately determine if it is interest of national security to retain a person in-status, or to take interim action to suspend access to SCI pending final resolution of the issue by the SOIC or designee. If a determination is made that suspension is necessary, the commander or head component or adjudicative authority must notify the individual, in writing, if the suspension of SCI access and the reason for such action consistent with the interests of national security. The SCI security officer will expeditiously report the circumstances of the suspension to the cognizant SOIC or designee and the cognizand CAF via SSO channels. •SCI access suspension is a temporary measure designed to safeguard sensitive classified information or facilities. Suspension of SCI access will not exceed 90 days without express consent of the SOIC or designee. Forward follow-ups and final reports of investigation to the cognizant SOIC CAF.