Classified National Security Information (CNSI), regardless of form, is afforded a level of protection against loss or unauthorized disclosure commensurate with the level of classification (Confidential, Secret, Top Secret) and shall be secured under conditions adequate to prevent access by unauthorized persons.

Accredited areas used to process, transmit, destroy, store, and/or discuss CNSI, as well those that contain COMSEC components and classified computer networks, are designated as “Secure Spaces.” Secure spaces shall be supported by a certification binder, an accreditation inspection of the area in its operational environment, an Approval to Operate Memo, an Accreditation report, and local Standard Operating Procedures (SOP).

Construction and accreditation of a collateral-level Open Storage Secure Space is considered only when the volume or bulk of classified material, or the functions associated with processing the classified material, make the use of GSA-approved security containers impractical. Secure Spaces that have received final accreditation prior to the publication of the Construction and Accreditation Standards for Secure Spaces (CASSS) Handbook are not reaccredited unless a change has been made that affects the structure or measures in place at the time of the original accreditation.

If an Operating Unit determines a Secure Space is required to either process, handle, and/or discuss CNSI, a Secure Space Accreditation Request Form must be submitted to the Information Security Division (ISD) at osy_NSI@doc.gov. The Secure Space Accreditation Request Form is reviewed by ISD and the client to develop a timeline for the project through inspections of the space before and after construction has been completed. The request form is sent to the Field Servicing Security Office (FSSO) by the office requesting the accreditation or ISD for bureaus that are not supported by an FSSO. The request for accreditation facilitates the following:

• Requestor contacts Facility Management and/or the contractor concerning any required structural modifications to the area.

• Upon completion of necessary physical security requirements, the requestor contacts the ISD for a final walkthrough of the area, also verifying safeguarding requirements have been met for CNSI holdings, which are outlined in the room’s SOP.

• Once all the recommendations from the physical security reviews are complete, the Inspection Official (or designee) produces a Draft Accreditation Memorandum, outlining the certification and storage requirements of the room, for the Responsible Official to review and sign.

• Open storage areas shall only be approved for operational reasons, not for convenience. Where open storage is requested to satisfy the installation of a classified information system, unless otherwise justified and approved, the open storage authorization is limited to systems only. All documents and removable media require closed storage in an appropriate security container.

Initial Accreditation

Upon approval, accreditation shall be awarded from the Responsible Official with a memorandum citing:

• The specific location;

• Building number or other identifier;

• Room number;

• Highest level of CNSI authorized to be stored, viewed, discussed, etc. in the secure Area;

• Restrictions, if any; and

• Other information deemed appropriate.

Note: The program responsible for the Secure Space requests, through the ISD to the Responsible Official, any construction, modification, classification level changes, or procedural changes, involving the room prior to implementation.

Re-accreditation

Re-accreditation is required when there have been modifications or damage to the structure of the accredited space affecting the integrity of the original accreditation or if a change in usage of the space is requested. A change in usage could include upgrading the classification level (i.e., from Secret to Top Secret), change in the storage requirements (from Open to Closed Storage), or change in systems requirements.

De-Accreditation

At the direction of their Responsible Official, or if an accredited area is no longer required, the responsible Program (Operating Unit) will request an accreditation withdrawal (De-accreditation) through the FSSO. The ISD coordinates a survey to verify that all physical safeguards for the space have been removed. These safeguards include, but are not limited to, locking controls on entrance doors, and verification that COMSEC components and systems have been removed, transferred, and/or decommissioned.

In the event a request for de-accreditation has been made, but a classified system or any of its components have not yet been removed, the space will not be recommended for de-accreditation until the removal of all active systems and components have occurred.

The Information Security Program oversees the survey process to determine whether proposed spaces have the appropriate CNSI safeguards in place, personnel who will use the space have the appropriate clearance levels, the required security checklists for activities related to the space via an Active Security Checklist Standard Form (SF) 701 is documented and that a Security Container Check Sheet, SF 702 is used to annotate the locking and unlocking of the exterior door and any security container used in the space. Lastly, the Office of the Chief Information Officer's National Security Solutions and Services oversees and/or coordinates the installation of classified national security systems and COMSEC equipment.