BY ORDER OF THE COMMANDER AIR FORCE ...static.e-publishing.af.mil/production/1/afpc/publication/...BY ORDER OF THE COMMANDER HQ AIR FORCE PERSONNEL CENTER AIR FORCE PERSONNEL CENTER

BY ORDER OF THE COMMANDER

HQ AIR FORCE PERSONNEL CENTER

AIR FORCE PERSONNEL CENTER

INSTRUCTION 31-100

5 AUGUST 2014

Security

SECURITY PROGRAM

COMPLIANCE WITH THIS PUBLICATION IS MANDATORY

ACCESSIBILITY: Publications and forms are available for downloading or ordering on the

e-Publishing website at http://www.e-publishing.af.mil.

RELEASABILITY: There are no releasability restrictions on this publication.

OPR: HQ AFPC/DSHC

Supersedes: AFMA OI 31-2,

1 December 2011

Certified by: HQ AFPC/DS

(Mr. Michael K. Gamble)

Pages: 37

This instruction establishes procedures for the proper handling, processing, and safeguarding of

classified and controlled unclassified information entrusted to or under the jurisdiction of the

Commander. Furthermore, it supplements DoDM 5200.1, Volume 1 thru 4, Information Security

Program; DoD 5220.22-M, National Industrial Security Program Operating Manual

(NISPOM); DoD 5220.22-R, Industrial Security Regulation; AFI 31-401, Information Security

Program Management; AFI 31-501, Personnel Security Program Management; AFI 31-601,

Industrial Security Program Management and other applicable security directives. Computer

Security (COMSEC) material protection and accountability is exempt from the requirements of

this OI. It applies to all permanent or temporary military, civilians, and contractor personnel

assigned or attached to, or conducting official business at AFPC. This publication applies to Air

Force Reserve Command Units (AFRC). This publication applies to the Air National Guard

(ANG). This publication may not be supplemented or further implemented/extended.

Ensure all records created as a result of processes prescribed in this publication are maintained in

accordance with (IAW) AFMAN 33-363, Management of Records, and disposed of IAW Air

Force Records Information Management System (AFRIMS) Records Disposition Schedule

(RDS). Refer recommended changes and questions about this publication to Office of Primary

Responsibility (OPR) using the AF Form 847, Recommendation for Change of Publication; route

AF Form 847 from the field through the appropriate functional chain of command.

The authorities to waive wing/unit level requirements in this publication are identified with a

Tier (“T-0, T-1, T-2, T-3”) number following the compliance statement. See AFI 33-360,

Publications and Forms Management, for a description of the authorities associated with the Tier

http://www.e-publishing.af.mil/

2 AFPCI31-100 5 AUGUST 2014

numbers. Submit requests for waivers through the chain of command to the appropriate Tier

waiver approval authority, or alternately, to the Publication OPR for non-tiered compliance

items. Vigilance must be taken to protect Personally Identifiable Information (PII) when

submitting or sending nominations, applications or other documents to DoD agencies through

government Internet, software applications, systems, e-mail, postal, faxing or scanning. Refer to

attachment 1 for a glossary of references and supporting information.

Chapter 1— POLICY AND PROGRAM MANAGEMENT 6

1.1. Roles and Responsibilities. ..................................................................................... 6

1.2. AFPC Facilities. ...................................................................................................... 6

1.3. The Commander will: ............................................................................................. 6

1.4. The Director will: .................................................................................................... 6

1.5. The Security Monitor: ............................................................................................. 6

1.6. Oversight. ................................................................................................................ 7

Chapter 2— CHALLENGE TO CLASSIFICATION OF A DOCUMENT 8

2.1. Classification Challenge. ........................................................................................ 8

2.2. The Directorate Security Monitor will take the following actions: ........................ 8

2.3. Classification Level. ............................................................................................... 8

2.4. The Directorate Security Monitor will keep ........................................................... 8

Chapter 3— ACCESS TO CLASSIFIED INFORMATION 9

3.1. Personnel may ......................................................................................................... 9

3.2. If access................................................................................................................... 9

3.3. In all other instances ............................................................................................... 9

3.4. Classified information will not ............................................................................... 9

3.5. The following must be made................................................................................... 9

3.6. Secret Internet Protocol Router Network (SIPRNET) ............................................ 9

Chapter 4— SAFEGUARDING CLASSIFIED INFORMATION 10

4.1. Safeguarding classified ........................................................................................... 10

4.2. Do not ..................................................................................................................... 10

4.3. Store classified ........................................................................................................ 10

AFPCI31-100 5 AUGUST 2014 3

4.4. All safes .................................................................................................................. 10

4.5. All classified material ............................................................................................. 10

4.6. The safes located ..................................................................................................... 10

4.7. Personnel ................................................................................................................. 11

4.8. In the event.............................................................................................................. 11

Chapter 5— HANDLING OF CLASSIFIED INFORMATION 12

5.1. Clean Desk Policy. .................................................................................................. 12

5.2. Cellphones, palm pilots, cameras, tape recorders, etc ............................................ 12

5.3. Removal of Classified. ............................................................................................ 12

Chapter 6— COMPROMISE OF CLASSIFIED INFORMATION 14

6.1. Policy. ..................................................................................................................... 14

6.2. Definitions. ............................................................................................................. 14

6.3. Information System (IS) Deviations. ...................................................................... 14

6.4. Reporting and Notifications. ................................................................................... 14

Chapter 7— PROCESSING CLASSIFIED INFORMATION 16

7.1. Incoming Mail. ........................................................................................................ 16

7.2. Outgoing Mail. ........................................................................................................ 16

Chapter 8— MARKING CLASSIFIED INFORMATION 17

8.1. Classified material .................................................................................................. 17

8.2. Normally, ................................................................................................................ 17

8.3. Overall and Page Marking. ..................................................................................... 17

8.4. Marking Components. ............................................................................................ 17

8.5. Portion Marking. ..................................................................................................... 17

8.6. Automated data ....................................................................................................... 17

8.7. Miscellaneous Material. .......................................................................................... 17

8.8. Working papers ....................................................................................................... 17

8.9. Notebooks, binders, ................................................................................................ 17

Chapter 9— REPRODUCTION OF CLASSIFIED INFORMATION 19

9.1. Procedures. .............................................................................................................. 19


Chapter 10— DESTRUCTION OF CLASSIFIED INFORMATION 20

10.1. Only personnel ........................................................................................................ 20

10.2. Classified Waste. .................................................................................................... 20

10.3. Destruction Process. ................................................................................................ 20

Chapter 11— SECURITY EDUCATION AND BRIEFING 21

11.1. In addition to the Information Protection Computer Based Training (CBT) .......... 21

11.2. The AFPC Security Office will: ............................................................................. 21

11.3. The Directorate Security Monitor will: ................................................................... 21

Chapter 12— CONDUCTING CLASSIFIED BRIEFINGS 22

12.1. Classified Meetings and Conferences [Reference DoDM 5200.1-Volume 3]. ....... 22

Chapter 13— CONTROLLED UNCLASSIFIED INFORMATION 23

13.1. For Official Use Only (FOUO). .............................................................................. 23

13.2. FOR OFFICIAL USE ONLY Law Enforcement Sensitive. ................................... 24

13.3. Markings. ................................................................................................................ 24

Chapter 14— PERSONNEL SECURITY 26

14.1. Submitting Security Clearances. ............................................................................. 26

14.2. Continuing Evaluation. ........................................................................................... 26

14.3. Any changes in a Security Access Requirement (SAR) ......................................... 26

Chapter 15— INDUSTRIAL SECURITY 27

15.1. The AFPC Security Office manages the Industrial Security Program for AFPC. .. 27

15.2. Contractors .............................................................................................................. 27

15.3. AFI 31-601 .............................................................................................................. 27

15.4. The contracting office ............................................................................................. 27

15.5. Draft copy of DD Form 254.................................................................................... 27

15.6. Final copy ............................................................................................................... 27

15.7. The Security Office ................................................................................................. 27

15.8. All long-term cleared/uncleared ............................................................................. 27


Attachment 1— GLOSSARY OF REFERENCES AND SUPPORTING INFORMATION 28

Attachment 2— TRANSMITTING CLASSIFIED MATERIAL 32

Attachment 3— EMERGENCY PROTECTION PLAN (EPP) 34

Attachment 4— SECURITY TRAINING PLAN 36


Chapter 1

POLICY AND PROGRAM MANAGEMENT

1.1. Roles and Responsibilities. The AFPC Security Office (AFPC/DSHC): Provides

direction, guidance, and advice for the AFPC Security Program.

1.1.1. Provides direction, guidance, and advice for the AFPC Security Program.

1.1.2. Serves as the approval authority for waiver requests for the AFPC Security Program.

1.1.3. Establishes guidance and procedures for the AFPC Security Program.

1.2. AFPC Facilities. All AFPC facilities (Randolph & Lackland AFB) are controlled access

facilities; a proximity card is required for entry and exit points. During normal duty hours

(0700-1700) a proximity card is not required at the main entrance of Building # 499. After

normal duty hours, unaccompanied visitors will not be allowed to enter the building. During

non-duty hours, weekends and holidays, visitors are required to be escorted at all times.

1.3. The Commander will:

1.3.1. Appoint a primary and alternate security manager for AFPC.

1.4. The Director will:

1.4.1. Appoint a security monitor and at least one alternate to administer the unit’s

information security program. Appointees (military/civilian) must have a current security

clearance and valid investigation. Note: Contractor personnel may not be appointed. (T-3)

1.4.2. Notify the AFPC Security office in writing when either primary or alternate security

monitors are changed.

1.4.3. Appoint in writing a Unit Self Inspector.

1.5. The Security Monitor:

1.5.1. Implements AFI 31-401 and AFI 31-501 within the unit.

1.5.2. Develops internal operating instructions (OIs) for the protection and handling of

classified material.

1.5.3. Ensures semi-annual self-inspections are conducted.

1.5.4. Assists the unit commander in monitoring security incident investigations.

1.5.5. Develops an annual training plan for the information security program, and ensures

security education requirements of DoDM 5200.1, Volume 3/AFI 31-401, chapter 8 are met.

1.5.6. Posts Computer Generated Visual Aid, AETCVA 31-9, Security Manager

Designation. (T-3)

1.5.7. Maintains the Security Monitor’s Handbook.

1.5.8. IAW AFI 31-401, ensures all personnel who require access to classified information

sign or have signed a Standard Form (SF) 312, Classified Information Non-disclosure


Agreement (NDA), within 30 days of assignment or have one on file in their electronic

personnel record.

1.5.8.1. When a person refuses to sign a NDA, the Security Monitor will annotate refusal

on the NDA. The Security Monitor will also deny the individual access to classified

information and takes steps to deny or revoke the person’s security clearance eligibility

by setting up a Security Information File (SIF) IAW AFI 31-501, chapter 7.

1.5.9. Manages the Joint Personnel Accountability System (JPAS) within their organization.

1.5.9.1. In-processes and out-processes all unit personnel.

1.5.9.2. Monitors and acts on system notifications.

1.5.9.3. Ensures personnel submit for security clearances as required.

1.5.10. Ensures safe custodians perform visual maintenance inspection annually, or in

conjunction with combination changes or maintenance actions. The AFTO Form 36,

Maintenance Record For Security Type Equipment will be used to document these actions.

1.5.11. Foreign Disclosure. Before providing any information to foreign persons, contacts

the AFPC Security Office for a foreign disclosure briefing.

1.5.12. Will ensure all personnel in-process with the directorate prior to the AFPC Security

Office.

1.6. Oversight.

1.6.1. 502 ABW OLB/IP will conduct a program review once each year unless prior

arrangements are made to extend the review.

1.6.2. Security Self-Inspections: Semiannual security self-inspections are required to

evaluate information security program effectiveness.

1.6.2.1. The Commander will appoint an individual, in writing, other than the unit

security monitor or alternate, to conduct a semiannual security inspection.

1.6.2.2. The AFPC Security Office will provide a copy of the appointment letter and

results of the inspection to 502 ABW OLB/IP.


Chapter 2

CHALLENGE TO CLASSIFICATION OF A DOCUMENT

2.1. Classification Challenge. Any person may challenge the classification of a document

he/she believes is under or over classified, or marked incorrectly. Personnel must notify the

AFPC Security Office that they are going to challenge the classification. If the information is

Air Force related, personnel shall contact the person that received the information (by secure

communications or in writing) and tell them why you believe the classification is incorrect. If

the originator thinks the classification is correct, but you still believe it is incorrect, contact the

AFPC Security Office for guidance in formalizing the challenge.

2.2. The Directorate Security Monitor will take the following actions:

2.2.1. Ensure the material is protected at the highest level originally assigned until a

determination is made.

2.2.2. Obtain all available information concerning the material and the reason for challenge.

2.2.3. Review any source documents available, including classification guides, to determine

the appropriate level of classification of the material.

2.3. Classification Level. If the appropriate classification level cannot be determined locally,

make contact with the AFPC Security Office. Review DoDM 5200.1, Volume 1/AFI 31-401 for

specific guidance.

2.4. The Directorate Security Monitor will keep the identity of the challenger anonymous if

the challenger requests it.


Chapter 3

ACCESS TO CLASSIFIED INFORMATION

3.1. Personnel may receive classified information from any office when required in the

performance of official duties and when they have the appropriate level of eligibility/access and

Need-To-Know for the information. The directorate Security Monitor will verify individual’s

clearance using the JPAS roster.

3.2. If access to classified material is required by a visitor, a visit request from the individual’s

security manager should have been sent through JPAS. If not, obtain approved identification

media (i.e. government issued identification) and verify security clearance status in JPAS prior to

release of the information.

3.3. In all other instances , the official having custody of the material will verify the identity,

eligibility/access level and need-to-know of the individual prior to release of classified

information by contacting the individual’s unit/agency security manager or supervisor.

3.4. Classified information will not be discussed or talked around in any form on the

telephone, video teleconference or radio. A secure voice system will be used for discussion of

classified information. Those individuals required to brief or discuss classified information will

ensure that the material is properly marked and that the overall classification and limitation are

briefed at the beginning and end of their briefing or discussion. They will ensure their audience

has the proper clearance and need-to-know.

3.5. The following must be made clear prior to disseminating classified information:

3.5.1. What effect the information has on the national security of the United States

(Confidential, Secret, Top Secret).

3.5.2. Whether or not its disclosure is prohibited by law.

3.5.3. The information must be safeguarded according to its classification.

3.5.4. Whether or not its release to foreign entities is subject to espionage laws and brief

these laws if it is.

3.6. Secret Internet Protocol Router Network (SIPRNET) system will be marked with a

Standard Form SF 707. The TACLANE key will NOT be stored in the same room as the

SIPRNET terminal. Note: Once the TACLANE key is inserted it becomes classified and cannot

be left unattended.

10 AFPCI31-100 5 AUGUST 2014

Chapter 4

SAFEGUARDING CLASSIFIED INFORMATION

4.1. Safeguarding classified information is the responsibility of all personnel.

4.2. Do not discuss classified information with anyone who does not have the proper clearance,

need-to-know, and a signed NDA on file. Contact the directorate security monitor to verify

clearance and NDA status.

4.3. Store classified material only in General Services Administration (GSA) approved

containers. Security containers/secure areas are located in DPA, DPW, DS, SV, MA and

AFPOA. (T-3)

4.4. All safes and office areas where classified material is used will be checked at the end of

each work day to ensure classified material is properly protected. The check will be recorded on

the SF 701, Activity Security Checklist. The director will designate in writing, procedures for

another person to conduct the check if the designated individual is not available. (T-3)

4.5. All classified material within an office will be placed in assigned security containers. As

a minimum, the following will be accomplished to ensure material is properly stored.

4.5.1. All desk tops, file baskets, cabinet tops, trash containers, etc., will be inspected for

presence of classified material.

4.5.2. All classified shorthand notes, carbon paper, printer and typewriter ribbons, rough

drafts, and similar papers will be retrieved for proper storage or destruction.

4.6. The safes located in all AFPC facilities are approved for storage of classified material

Secret and below. The following procedures apply:

4.6.1. The Director will appoint safe custodians, in writing, for each security container. The

custodians will be responsible for controlling the combinations to the safe. The combination

will be changed when placed in use, at least annually when it contains North Atlantic Treaty

Organization (NATO) material or COMSEC, whenever an individual knowing the

combination no longer requires access, or whenever the combination has been subject to

possible compromise. Combination changes will be recorded on SF 700, Security Container

Information. (Note: This form will be maintained inside another security container). The

AFTO FM 36 will also reflect a combination change and visual inspection was conducted.

(T-3)

4.6.2. After ensuring the SF 702 has been checked for all security containers and after

performing inspections for each designated office area, annotate applicable blocks on the SF

701, enter the time of the final area inspection, and initial the form in the designated day

column.

4.6.3. In cases where personnel work during non-duty hours, action required to complete the

SF 702 or other designated forms may be done by the office member. This procedure will be

used only when there is no other staff member readily available to complete the required

actions.

AFPCI31-100 5 AUGUST 2014 11

4.6.3.1. The custodian will be responsible for destruction of classified material as

required.

4.6.3.2. The custodian will verify the clearance and need-to-know of anyone requesting

access to classified information that is stored in the container and will ensure a NDA has

been signed. Verification of the clearance and SF 312 will be made through the JPAS

roster.

4.6.3.3. The safe will be opened only when necessary and will be closed as quickly as

practical. When the safe is opened, personnel with the appropriate clearance level will be

in the room at all times.

4.7. Personnel who are designated to make end-of-day security checks will complete the

following actions:

4.7.1. Ensure all classified material is stored in the authorized container.

4.7.2. Check wastebaskets for classified material.

4.7.3. Check desktops for classified material.

4.7.4. Check all classified printers for classified material.

4.7.5. Check the latching mechanism on each safe drawer to ensure it is in the locked

position.

4.7.6. Turn the combination at least four complete turns in either direction.

4.7.7. Complete SF 702, Security Container Check on the safe and the SF 701, Activity

Security Checklist posted near the door of the room concerned. Rooms that are continuously

staffed (e.g., Casualty Services) are not required to complete the SF 701, IAW AFI 31-401,

AETC Sup 1, paragraph 5.5.1.

4.8. In the event of natural disaster, civil disturbance, or other emergency, classified material

will be safeguarded in accordance with Attachment 3, Emergency Protection Plan (EPP). In a

case of a security incident, contact the AFPC Security Office, commander, or 502 ABW OLB/IP,

and see AFI 31-401, chapter 9.

12 AFPCI31-100 5 AUGUST 2014

Chapter 5

HANDLING OF CLASSIFIED INFORMATION

5.1. Clean Desk Policy. Personnel working on classified material will not have any other

papers, etc., on top of the desk. All classified material will be covered with the appropriate

classified cover sheet unless it is in use. This ensures classified material is not mixed with

unclassified papers or improperly stored or disposed. It also prevents persons entering the room

from having access to the material. Post AETC VA 31-10, Classified Work in Progress, in a

conspicuous manner when processing classified information to reduce or prevent inadvertent

access to the information. (T-3)

5.2. Cellphones, palm pilots, cameras, tape recorders, etc . are prohibited within 3 meters of

where classified is produced or processed. These items may not be present when classified is

discussed. When Nonclassified Internet Protocol Router Network (NIPRNET) webcams are

present, ensure these devices are disconnected from the computer when classified is processed or

discussed, to prevent them from being activated remotely.

5.3. Removal of Classified.

5.3.1. Classified material removed from authorized storage locations must be kept under

positive control, have a cover sheet, be taken directly to the work area, and returned directly

to the storage container when the work is completed. If the classified data is contained on

digital media, ensure the media is permanently marked with the highest classification of the

contents, and the media has a case with the appropriate Standard Form (SF 706, Top Secret

Label; SF 707, Secret Label; SF 708, Confidential Label), as well as an SF 711, Data

Descriptor Label. Also, classified material will not be removed from the confines of the

installation without the permission of the commander or higher authority. When removing

classified storage devices and other removable Automated Information System (AIS) storage

systems from the safe, they will be signed out and signed back in upon return using a log

form.

5.3.2. Classified material may be removed from the work center only for the following

reasons:

5.3.2.1. When removal is required in cases of compelling necessity for mission

accomplishment and provided that maximum protection of the material can be guaranteed

under the prevailing circumstances.

5.3.2.2. Use by appropriate cleared personnel for duty-hour working purposes. SF Form

704 or 705, Cover Sheet for Confidential or Secret Information, and AF Form 614,

Charge Out Record, will be used. Also verbal or written authorization as outlined by

DoDM 5200.1, Volume 3/AFI 31-401, chapter 8 is required. (T-3)

5.3.2.3. Hand-Carrying or Escorting Classified Material Aboard Commercial Passenger

Aircraft. The unit commander or equivalent, or staff agency chief authorizes

appropriately cleared couriers to hand-carry classified material on commercial flights.

The Security Monitor will provide the appropriate training. (T-3)

5.3.2.4. Transmission of material on or off the installation according to existing

directives.

AFPCI31-100 5 AUGUST 2014 13

5.3.2.4.1. Courier designation letters will be accomplished for personnel who must

hand-carry material off the installation in the performance of official duties.

5.3.2.4.2. Before departure, individuals authorized to hand-carry Secret/Confidential

information will be briefed by the Directorate Security Monitor on the protective

requirements of DoDM 5200.1, Volume 3/AFI 31-401, chapter 6.

14 AFPCI31-100 5 AUGUST 2014

Chapter 6

COMPROMISE OF CLASSIFIED INFORMATION

6.1. Policy. [Reference DODM 5 200.1, Volume 3]

6.1.1. Whenever classified material is mishandled, lost or compromised, a security incident

will be initiated and thoroughly investigated to minimize any possible damage to national

security. The investigation will identify appropriate corrective actions that will be

immediately implemented to prevent future security incidents. Further, if the security

incident leads to the actual or potential compromise of classified information, a damage

assessment will be conducted to judge the effect that the compromise has on national

security.

6.1.2. Personnel will report suspected instances of unauthorized public disclosure of

classified information promptly. The commander will initiate an investigation to determine

the nature and circumstances of the suspected disclosure, the extent of the damage to national

security, and the corrective and disciplinary action to be taken [DoDD 5210.50, paragraph

4.].

6.2. Definitions.

6.2.1. Security incidents may be categorized as:

6.2.1.1. Security Violation: Any knowing, willful or negligent action:

6.2.1.1.1. That could reasonably be expected to result in an unauthorized disclosure

of classified information.

6.2.1.1.2. To classify or continue the classification of information contrary to the

requirements of this order or it’s implementing directives.

6.2.1.2. Security Infraction: Any knowing, willful or negligent action that is not a

security violation.

6.2.2. A compromise of classified information occurs when unauthorized individuals have

had access to the classified information. Unauthorized individuals include those individuals

with the appropriate security clearance but do not have a valid need-to-know.

6.2.3. A potential compromise of classified information is when an investigating official

concludes that a compromise of classified information has more than likely occurred as a

result of a security incident.

6.3. Information System (IS) Deviations. Report all security deviations involving automated

information systems to the security office and the Information Assurance office (AFPOA/DPH)

to begin an evaluation on the impact of the incident to national security and the organization’s

operations. If COMSEC material is involved, refer to AFI 33-201, Volume 2, COMSEC User

Requirements). If classified is found on the NIPRNET, DO NOT delete the file(s), print the

documents, or forward/reply. Ensure a cleared individual guards the equipment until it can be

properly secured.

6.4. Reporting and Notifications.

AFPCI31-100 5 AUGUST 2014 15

6.4.1. Personnel who learn of a security incident must immediately report it to their

commander or equivalent, supervisor, or security manager who will in-turn report the

incident to 502 ABW/IP by the end of the first duty day.

6.4.1.1. The Directorate Security Monitor will notify the sending activity regarding the

incident, complete a memorandum for record, and file it in the security manager’s

handbook.

6.4.1.2. A copy of all notifications, coordination’s, etc., will be documented in the report

of investigation.

16 AFPCI31-100 5 AUGUST 2014

Chapter 7

PROCESSING CLASSIFIED INFORMATION

7.1. Incoming Mail. Personnel who receive mail deliveries must have a Secret clearance and be

aware of appropriate handling procedures for incoming classified mail. Personnel authorized to

open/handle first class and registered mail will ensure, if mail is not opened during duty hours, it

is properly secured in a classified storage container until its contents are verified. Secret and

Confidential materials received through the mail will be handled as follows:

7.1.1. When receiving mail, personnel will determine if packages have been tampered with

and sign for the package. Classified (Secret/Confidential) materials will either be

registered/certified mail (respectively), U.S. Postal Service (USPS) Express Mail, or FedEx

overnight delivery, and must be signed for. (Note: To ensure the USPS never leaves the

material unattended, the “Waiver of Signature and Indemnity” block on the USPS

Express Mail Label 11-B will never be executed.) Any mail of this nature should be

delivered directly to the addressee, and if this is not possible, the material should be stored in

the nearest approved classified storage container. The classification will not be indicated on

the outer wrapper, so treat it as SECRET until the true classification is determined upon

opening by the addressee. If the addressee is not clear on the outer wrapper, the outer

wrapper may be removed to determine if further addressing exists on the inner wrapper.

Once this has been done, maintain control of the material and deliver it to the appropriate

person or office. If this is not possible, take the material to the nearest approved classified

storage container and have it secured until the addressee is available.

7.1.2. Mail reflecting special access program markings on the inner wrapper/container will

be hand-carried to the security monitor for disposition. The security monitor will sign

necessary receipts.

7.1.3. Mail marked “DO NOT FORWARD” will be delivered directly to the addressee. If it

cannot be delivered, it will be secured in a classified storage container until it can be

delivered.

7.2. Outgoing Mail.

7.2.1. Transmission of classified material must follow AFI 31-401, chapter 7. Secret

material may be sent by registered mail through the USPS/FedEx between the US and its

territories, with certain provisions. Confidential material is sent through USPS/FedEx first

class certified mail and the outer envelope will be endorsed “Postmaster: Do Not Forward.”

The material will be sealed in an inner wrapper with the classification annotated, and in an

outer wrapper not marked with classification. Both wrappers will be sealed in such a way as

to indicate tampering. Refer to Attachment 2 for additional guidance.

AFPCI31-100 5 AUGUST 2014 17

Chapter 8

MARKING CLASSIFIED INFORMATION

8.1. Classified material and sensitive material will be marked IAW AFI 31-401 and Controlled

Access Program Coordination Office (CAPCO) marking guide. This includes SIPRNET e-mails

and interior files located on the classified systems hard drives. (T-3)

8.2. Normally, unclassified materials shall not be marked or stamped “unclassified” unless it is

essential to convey to a recipient of such material that it has been examined with a view to

imposing a security classification, and that it has been determined that it does not require

classification.

8.3. Overall and Page Marking. The overall classification of a document shall be

conspicuously marked, stamped or affixed permanently at the top and bottom center on the

outside of the front cover (if any), on the title page (if any), on the first page, and on the outside

of the back cover (if any). Each interior page shall be marked on the top and bottom according

to its contents.

8.4. Marking Components. The major components of some complex documents are likely to

be used separately. In such instances, each major component shall be marked as a separate

document. Examples include each annex, appendix, or similar component of a plan, program,

operations order, etc.

8.5. Portion Marking. Each section, part, paragraph, or similar portion of a classified

document shall be marked to show the level of classification of the information contained in or

revealed by it, or that it is unclassified. Portions of documents shall be marked in a manner that

eliminates doubt as to which of its portions contains or reveals classified information. In

marking sections, parts, paragraphs, or similar portions, the parenthetical symbols “(TS)” for Top

Secret, “(S)” for Secret, “(C)” for Confidential, “(U)” for Unclassified and “(FOUO)” For

Official Use Only shall be used.

8.6. Automated data processing and word processing storage media must be labeled with

Standard Form 706 (TOP SECRET), (SECRET), (CONFIDENTIAL) or SF 701

(UNCLASSIFIED), whichever is appropriate. Files and folders located on SIPRNET hard drives

must have the overall classification listed first in the title, with the portion marking for the

classification of the title at the end (i.e., [C] Global War on Terrorism [GWOT] Expenditures

(U).xls).

8.7. Miscellaneous Material. Documents and materials such as rejected copies, typewriter

ribbons, carbons, slides, and similar items developed in connection with handling, processing,

production of classified information shall be handled in a manner that assures adequate

protection of the classified information involved and destruction at the earliest practical time.

8.8. Working papers must be dated when created, list the OPR, be marked with the overall

classification and marked as a finished document or destroyed at 180 days.

8.9. Notebooks, binders, files, folders and similar holders containing classified information

will be conspicuously marked with the highest classification of material contained within. The

appropriate classified cover sheet will be affixed to the front and back of the binder, notebook, or

holder. Also, the spine on binders, notebooks, or holders will be marked with the overall

18 AFPCI31-100 5 AUGUST 2014

classification. Cover sheets will not be attached to the document when filed in a security

container. (T-3)

AFPCI31-100 5 AUGUST 2014 19

Chapter 9

REPRODUCTION OF CLASSIFIED INFORMATION

9.1. Procedures. The following procedures will be strictly adhered to:

9.1.1. Currently AFPC does not have a copier available for classified reproduction. In the

event a copier is designated for classified reproduction, it will be marked with the appropriate

level of classified reproduction and the rules for their use posted nearby. Users should be

aware of the requirements for copying classified information before using the machine. Use

of copiers with permanent memory is strictly PROHIBITED. (T-3)

9.1.2. Copier users will ensure:

9.1.2.1. Classified material is rigidly safeguarded at all times during reproduction and

unauthorized personnel are not permitted to have visual access to the material being

reproduced.

9.1.2.2. The document to be reproduced does not have any reproduction prohibition,

either on the document or by applicable regulations.

9.1.2.3. Authority has been received from the appropriate authorized individual to

reproduce classified material.

9.1.2.4. Only sufficient copies are reproduced to meet operational needs.

9.1.2.5. All copies are accounted for. Should there be any problems; the security

monitor will inspect the machine to locate any lost or jammed copies or to clear the

machine.

9.1.2.6. Upon completion of copying, take appropriate measures to delete any jobs in the

system to guard against inadvertent printing (some machines may require more). These

procedures should be posted nearby the copier in question on an AETC VA 31-5,

Classified Reproduction Authorized. All blank sheets will be destroyed as classified

waste. (T-3)

9.1.2.7. Use AETC VA 31-6, Unclassified Reproduction Only, on or near all copiers,

facsimile machines, and scanners NOT approved for reproduction of classified material.

(T-3)

9.1.2.8. All copies are properly marked with the reproduction authority and are

appropriately controlled and safeguarded.

9.1.2.9. Overruns or unsatisfactory copies are protected and destroyed as classified

waste.

9.1.2.10. All classified markings on the original are clearly shown on each reproduced

copy. If not, reapply the markings.

20 AFPCI31-100 5 AUGUST 2014

Chapter 10

DESTRUCTION OF CLASSIFIED INFORMATION

10.1. Only personnel with current security clearances (verified in JPAS) are authorized to

destroy classified material.

10.2. Classified Waste. Waste material, such as handwritten notes, carbon paper, typewriter

ribbons, working papers that contain classified information, and confidential material shall be

temporarily stored in a part of the safe until it can be destroyed.

10.3. Destruction Process.

10.3.1. Shredders authorized for classified destruction are found Bldg 499, 575, and 171.

10.3.2. When shredding classified, only National Security Agency (NSA) approved

shredders that cut no larger than 1/2 by 1/23 of an inch are used. Any particle larger than this

size will be sent through the shredder again. Secure Volume method will be used. (Twenty

sheets of unclassified will be destroyed until there is sufficient volume.).

10.3.2.1. Use AETC VA 31-7, Classified Destruction Only, on all shedders authorized

for destruction of classified information. (T-3)

10.3.2.2. Use AETC VA 31-8, Unclassified Destruction Only, on all shedders not

authorized to destroy classified information. (T-3)

10.3.3. Confidential. Only one authorized person needs to be involved in the destruction

process and a record of destruction is not required.

10.3.4. Secret. Only one authorized person needs to be involved in the destruction process

and a record of destruction is not required.

10.3.5. Top Secret/NATO Secret. Two people with Top Secret access are involved in the

destruction process. Destruction is recorded either on the AF Form 143; Top Secret Register

Page, AF Form 310, Document Receipt and Destruction Certificate; or AF Form 1565,

Entry, Receipt, and Destruction Certificate. The destruction record will be attached to the

AF Form 143 (used to account for the document) when the destruction is not recorded on the

AF Form 143 itself.

10.3.6. AFPC/CC has designated the first duty day in the month of May as the annual

classified clean out day. Directorate Security Monitors will check safes and determine if

classified material needs to be destroyed.

AFPCI31-100 5 AUGUST 2014 21

Chapter 11

SECURITY EDUCATION AND BRIEFING

11.1. In addition to the Information Protection Computer Based Training (CBT) on

Advanced Distributed Learning Service (ADLS), the Directorate Security Monitor will provide a

newcomer’s security orientation briefing within 30 days of arrival on station to satisfy the

indoctrination training required by DoDM 5200.1, Volume 3/AFI 31-401, chapter 8.

Supervisors will ensure all new personnel contact the security monitor during in-processing. The

training must include, but, is not limited to an initial briefing covering:

11.1.1. The unit’s involvement with classified material and the security requirements of their

particular assignment.

11.1.2. A review of the unit operating instruction outlining protection of classified material.

11.1.3. Classified material safeguard and control procedures.

11.1.4. Criteria for granting access to classified material.

11.1.5. Receipt and dissemination procedures.

11.1.6. Annual NATO training is conducted as part of the Information Protection Computer

Based Training.

11.2. The AFPC Security Office will:

11.2.1. Conduct Initial Security Orientation within 30 days of arrival.

11.2.2. Schedule personnel for briefings for special access information as needed.

11.2.3. Provide foreign travel briefings for personnel traveling abroad, whether on TDY,

PCS, or leave.

11.3. The Directorate Security Monitor will:

11.3.1. Provide refresher training (recurring training) as outlined in the Security Training

Plan at Attachment # 4.

11.3.2. Execute an AF Form 2587, Security Termination Statement, for personnel who

separate, retire, or have their access suspended or terminated.

11.3.3. Ensure security awareness bulletins and flyers are posted on bulletin boards and

distributed throughout the unit.

22 AFPCI31-100 5 AUGUST 2014

Chapter 12

CONDUCTING CLASSIFIED BRIEFINGS

12.1. Classified Meetings and Conferences [Reference DoDM 5 200.1-Volume 3].

12.1.1. Classified information at meetings, conferences, symposia, portions or sessions of

meetings, conferences, etc., during which classified information is to be disseminated shall

be limited to appropriately cleared U.S. Government or U.S. Government contractor

locations.

12.1.2. For hosting a briefing within the unit, the facility must afford adequate security

against unauthorized access from both physical intruders and sound emissions. Before

working with classified components or conducting classified meetings or briefings,

participants will turn off all wireless products (cell phones, pagers, beepers, hand-held radios,

wireless microphones, etc.) and place them in a holding area outside the location where

classified components are stored or briefed. Posting personnel from the sponsoring activity

will establish entry control and perimeter surveillance in and around the room or facility, as

necessary. (T-3)

12.1.3. Foreign Participation: Hosting officials refer to AFI 16-201, Air Force Foreign

Disclosure and Technology Transfer Program, for specific guidance.

AFPCI31-100 5 AUGUST 2014 23

Chapter 13

CONTROLLED UNCLASSIFIED INFORMATION

13.1. For Official Use Only (FOUO). FOUO is a designation that is applied to unclassified

information that is exempt from automatic release to the public under FOIA. See DoD 5400.7-

R/AF Supplement for further guidance [Ref: DoDM 5200.1, Volume 4].

13.1.1. Access to FOUO Information.

13.1.1.1. No person may have access to information designated as FOUO unless that

person has been determined to have a valid need for such access in connection with the

accomplishment of a lawful and authorized Government purpose.

13.1.1.2. The final responsibility for determining whether an individual has a valid need

for access to information designated as FOUO rests with the individual who has

authorized possession, knowledge or control of the information and not on the

prospective recipient.

13.1.1.3. Information designated as FOUO may be disseminated within the DoD

Components and between officials of DoD Components and DoD contractors,

consultants, and grantees to conduct official business for the DoD, provided that

dissemination is not further controlled by a Distribution Statement.

13.1.1.4. DoD holders of information designated as FOUO are authorized to convey such

information to officials in other Departments and Agencies of the Executive and Judicial

Branches to fulfill a government function. If the information is covered by the Privacy

Act, disclosure is only authorized if the requirements of AFI 33-332, Air Force Privacy

Program, are satisfied.

13.1.1.5. Release of FOUO information to Congress is governed by AFI 90-401, Air

Force Relations With Congress. If the Privacy Act covers the information, disclosure is

authorized if the requirements of DoD 5400.11-R are also satisfied.

13.1.1.6. DoD 7650.1-I, General Accounting Office (GAO) and Comptroller General

Access to Records, governs release of FOUO information to the GAO. If the Privacy Act

covers the information, disclosure is authorized if the requirements of DoD 5400.11-R

are also satisfied.

13.1.2. Protection of FOUO Information.

13.1.2.1. During working hours, reasonable steps shall be taken to minimize risk of

access by unauthorized personnel. After working hours, store FOUO information in

unlocked containers, desks or cabinets if Government or Government-contract building

security is provided. If such building security is not provided, store the information in

locked desks, file cabinets, bookcases, locked rooms, etc.

13.1.2.2. FOUO information and material may be transmitted via first class mail, parcel

post or, for bulk shipments, via fourth-class mail. Electronic transmission of FOUO

information, e.g., voice, data or facsimile, e-mail, shall be by approved secure

communications systems or systems utilizing access controls such as Public Key

Infrastructure (PKI), whenever practical.

24 AFPCI31-100 5 AUGUST 2014

13.1.2.3. FOUO information may only be posted to DoD Web sites consistent with

security and access requirements specified in Deputy Secretary of Defense

Memorandum, dated 25 November 1998, Subject: “Web Site Administration”.

13.1.2.4. Record copies of FOUO documents shall be disposed of according to the

Federal Records Act and the DoD Component records management directives. Non-

record FOUO documents may be destroyed by any of the means approved for the

destruction of classified information, or by any other means that would make it difficult

to recognize or reconstruct the information.

13.1.2.5. Unauthorized Disclosure. The unauthorized disclosure of FOUO does not

constitute an unauthorized disclosure of DoD information classified for security

purposes. However, appropriate administrative action shall be taken to fix responsibility

for unauthorized disclosure of FOUO whenever feasible, and appropriate disciplinary

action shall be taken against those responsible. Unauthorized disclosure of FOUO

information that is protected by the Privacy Act may also result in civil and criminal

sanctions against responsible persons. The Military Department or other DoD

Component that originated the FOUO information shall be informed of its unauthorized

disclosure.

13.2. FOR OFFICIAL USE ONLY Law Enforcement Sensitive.

13.2.1. Law Enforcement Sensitive is a marking sometimes applied, in addition

to/conjunction with the marking FOR OFFICIAL USE ONLY, by the Department of Justice

and other activities in the law enforcement community. It is intended to denote that the

information was compiled for law enforcement purposes and should be afforded appropriate

security in order to protect certain legitimate government interests, including the protection

of: enforcement proceedings; the right of a person to a fair trial or an impartial adjudication;

grand jury information; personal privacy including records about individuals requiring

protection under the Privacy Act; the identity of a confidential source, including a state,

local, or foreign agency or authority or any private institution which furnished information on

a confidential basis; information furnished by a confidential source; proprietary information;

techniques and procedures for law enforcement investigations or prosecutions; guidelines for

law enforcement investigations when disclosure of such guidelines could reasonably be

expected to risk circumvention of the law, or jeopardize the life or physical safety of any

individual, including the lives and safety of law enforcement personnel.

13.3. Markings.

13.3.1. In unclassified documents containing Law Enforcement Sensitive information, the

words “Law Enforcement Sensitive” shall accompany the words “FOR OFFICIAL USE

ONLY” at the top and bottom of the front cover (if there is one), the title page (if there is

one), and the outside of the back cover (if there is one).

13.3.2. In unclassified documents, each page containing FOR OFFICIAL USE ONLY Law

Enforcement Sensitive information shall be marked “FOR OFFICIAL USE ONLY Law

Enforcement Sensitive” at the top and bottom. Classified documents containing such

information shall be marked as required by chapter 5 of this instruction, DoDM 5200.1,

Volume 4, except that pages containing Law Enforcement Sensitive information but no

AFPCI31-100 5 AUGUST 2014 25

classified information will be marked “FOR OFFICIAL USE ONLY Law Enforcement

Sensitive” top and bottom.

13.3.3. Portions of DoD classified or unclassified documents that contain FOR OFFICIAL

USE ONLY Law Enforcement Sensitive information shall be marked “(FOUO-LES)” at the

beginning of the portion. This applies to classified, as well as to unclassified documents. If a

portion of a classified document contains both classified and FOR OFFICIAL USE ONLY

Law Enforcement Sensitive information, the appropriate classification designation is

sufficient to protect the information.

13.3.4. Access to FOR OFFICIAL USE ONLY Law Enforcement Sensitive. The criteria for

allowing access to FOR OFFICIAL USE ONLY Law Enforcement Sensitive are the same as

those used for FOUO information, except that if the information also bears the marking

“Originator Control” or “ORCON” the information may not be disseminated beyond the

original distribution without the approval of the originating office.

13.3.5. Protection of FOR OFFICIAL USE ONLY Law Enforcement Sensitive. Within the

DoD, FOR OFFICIAL USE ONLY Law Enforcement Sensitive shall be protected as

required for FOUO information.

13.3.6. Sensitive But Unclassified (SBU) Information. SBU information is information

originated within the Department of State that warrants a degree of protection and

administrative control and meets the criteria for exemption from mandatory public disclosure

under the Freedom of Information Act. When SBU information is included in DoD

documents, it shall be marked as if the information were FOUO [Ref: DoDM 5200.1, Volume

4].

13.3.7. Protection of Drug Enforcement Administration (DEA) Sensitive Information.

Unclassified information that is originated by the DEA and requires protection against

unauthorized disclosure to protect sources and methods of investigative activity, evidence,

and the integrity of pretrial investigative reports [Reference DoDM 5200.1, Volume 4].

26 AFPCI31-100 5 AUGUST 2014

Chapter 14

PERSONNEL SECURITY

14.1. Submitting Security Clearances. When notified by the Directorate Security Monitor,

personnel will provide information for accomplishing Electronic Questionnaire for Investigation

Processing (eQIP) or other security clearance paperwork within 14 duty days from date of

notification.

14.2. Continuing Evaluation.

14.2.1. Individuals will notify their supervisor, First Sergeant, AFPC Commander or

Security Monitor of all personal circumstances which could affect their continued access to

classified. These circumstances are listed in DoD 5200.2-R, Appendix 8. These include, but

are not limited to: financial problems or unexplained affluence, criminal investigations,

drug/alcohol abuse, etc.

14.2.2. Anyone with knowledge of adverse information concerning a person with a security

clearance must report the knowledge to their supervisor, First Sergeant, Commander or

Security Monitor.

14.2.3. With advice from the AFPC Security Office, the AFPC Commander will evaluate

each situation and make the determination on whether or not to establish a Security

Information File (SIF).

14.3. Any changes in a Security Access Requirement (SAR) code for a Unit Manpower

Document (UMD) position must be coordinated with the Security Office prior to submission to

AFPC/DSHM.

14.3.1. To ensure personnel have the appropriate security investigation the UMD position

number must be verified during in-processing.

AFPCI31-100 5 AUGUST 2014 27

Chapter 15

INDUSTRIAL SECURITY

15.1. The AFPC Security Office manages the Industrial Security Program for AFPC.

15.2. Contractors who work with or have access to classified information must comply with

the provisions of DoDM 5200.1, Volume 3 Information Security Program and DoD 5220.22-M.

AFPC offices sponsoring visiting contractors requiring access to classified information must

ensure an appropriate security clearance visit request has been received by the Security office.

15.3. AFI 31-601 is the only authorized source document that may be used for development of

the DD Form 254, DoD Contract Security Classification Specification.

15.4. The contracting office and the 502 ABW OL-B/IP must be notified of all new contracts

and DD Form 254s.

15.5. Draft copy of DD Form 254 and statement of work shall be forwarded to the Security

Office to ensure all security requirements and contents are annotated properly. (T-3)

15.6. Final copy must be provided to the Security Office. Information received will be used to

prepare a Visitor Group Security Agreement (VGSA). The VGSA will be completed by the

government. The VGSA gives additional security requirements for contractors working in

AFPC. Contractor will also provide the government with a Visit Authorization Letter (VAL) on

an annual basis. The VAL will identify all personnel working on the contract. VALs will be

submitted via JPAS. (T-3)

15.7. The Security Office will maintain a hard copy of the DD Form 254, VGSA, and VAL.

The Security Office conducts security inspections on all AFPC visitor group agreements on an

annual basis. Contracting companies must update their visitor’s group agreement annually.

Updated document will be provided to the Security office.

15.8. All long-term cleared/uncleared contractor personnel will require initial/annual security

training, IAW AFI 31-401. (T-3)

MARGARET B. POORE, Maj General, USAF

Commander

28 AFPCI31-100 5 AUGUST 2014

Attachment 1

GLOSSARY OF REFERENCES AND SUPPORTING INFORMATION

References

DoD 5200.01-M, Volume 1, DoD Information Security Program: Overview, Classification, and

Declassification, 24 February 2012

DoD 5200.01-M, Volume 2, DoD Information Security Program: Marking of Classified

Information, 24 February 2012, Incorporating Change 1, March 21, 2013

DoD 5200.01-M, Volume 4, DoD Information Security Program: Controlled Unclassified

Information (CUI), 24 February 2012

DoD 5200.1-PH, DoD Guide to Marking Classified Documents

DoD 5220.22-M, National Industrial Security Program Operating Manual (NISPOM), 28

February 2006, Incorporating Change 1, March 28, 2013

DoD 5220.22-R, Industrial Security Regulation, 1 December 1985

DoD 5400.11-R, Department of Defense Privacy Program, 14 May 2007

DoD 7650.1-I, General Accounting Office (GAO) and Comptroller General Access to Records,

27 Jan 2009, Incorporating Change 1, August 24, 2011

AFI 16-201, Air Force Foreign Disclosure And Technology Transfer Program, 1 December

2004

AFI 31-401, Information Security Program Management, 1 November 2005

AFI 31-501, Personnel Security Program Management, 27 January 2005

AFI 31-601, Industrial Security Program Management, 29 June 2005

AFI 33-201, Volume 2, Communication Security (COMSEC) User Requirements (FOUO), 26

April 2005

AFI 33-332, The Air Force Privacy and Civil Liberties Program, 5 June 2013

Air Force Records Disposition Schedule - https://afrims.amc.af.mil/rds_series.cfm

Adopted Forms

AETCVA 31-9, Security Manager Designation

AETC VA 31-10, Classified Work in Progress

AETC VA 31-5, Classified Reproduction Authorized

Use AETC VA 31-6, Unclassified Reproduction Only

AETC VA 31-7, Classified Destruction Only

AF Form 143, Top Secret Register Page

AF Form 144 Top Secret Access Record

AF Form 310, Document Receipt and Destruction Certificate

https://afrims.amc.af.mil/rds_series.cfm

AFPCI31-100 5 AUGUST 2014 29

AF Form 614 Charge-Out Record

AF Form 847, Recommendation for Change of Publication

AF Form 1109, Visitors Register Log

AF Form 1297, Temporary Hand Receipt

AF Form 1565, Entry, Receipt and Destruction Certificate

AF Form 2587, Security Termination Statement

AFTO Form 36, Maintenance Record For Security Type Equipment

DD Form 254, DoD Contract Security Classification Specification

DD Form 2501, Courier Authorization

SF 86, Questionnaire For National Security Positions

SF 312, Non-Disclosure Agreement

SF 700, Security Container Information

SF 701, Activity Security Checklist

SF 702, Security Container Check Sheet

SF 704, Secret Cover Sheet

SF 705, Confidential Cover Sheet

SF 706, Top Secret Label

SF 707, Secret Label

SF 708, Confidential Label

SF 710, Unclassified Label

SF 711, Data Descriptor Label

Abbreviations and Acronyms

ADLS—Advanced Distributed Learning Service

AFB—Air Force Base

AFI—Air Force Instruction

AFPC—Air Force Personnel Center

AFMAN—Air Force Manual

AIS—Automated Information System

ANG—Air National Guard

CAPCO—Controlled Access Program Coordination Office

CBT—Computer Based Training

COMSEC—Computer Security

30 AFPCI31-100 5 AUGUST 2014

DEA—Drug Enforcement Administration

EPP—Emergency Protection Plan

FOUO—For Official Use Only

GAO—General Accounting Office

GSA—General Services Administration

GWOT—Global War on Terrorism

IAW—In Accordance With

IS—Information Systems

JBSA—Joint Base San Antonio

JPAS—Joint Personnel Adjudication System

eQIP—Electronic Questionnaires for Investigations Processing

NATO—North Atlantic Treaty Organization

NDA—Non-disclosure Agreement

NIPRNET—Nonclassified Internet Protocol Router Network

NSA—National Security Agency

OI—Operating Instruction

OPR—Office of Primary Responsibility

ORCON—Originator Control

PII—Personally Identifiable Information

PKI—Public Key Infrastructure

SAR—Security Access Requirement

SBU—Sensitive But Unclassified (SBU)

SF—Standard Form

SIF—Security Information File

SIPRNET—Secret Internet Protocol Router Network

UMD—Unit Manpower Document

USPS—United States Postal Service

VAL—Visit Authorization Letter

VGSA—Visitor Group Security Agreement

VTC—Video Teleconference

AFPCI31-100 5 AUGUST 2014 31

Terms

Tier 0 (T-0)—Determined by respective non-AF authority (e.g. Congress, White House, Office

of Secretary of Defense, Joint Staff). The waiver authority is non-applicable, or external to AF.

Tier 1 (T-1)—Non-compliance puts Airmen, Commanders or the USAF strongly at risk of

mission or program failure, death, injury, legal jeopardy or unacceptable fraud, waste or abuse.

The waiver authority is the MAJCOM/CC, delegable no lower than MAJCOM Director, with the

concurrence of the AFI Certifying Official.

Tier 2 (T-2)—Non-compliance may degrade mission or program effectiveness or efficiency and

has potential to create moderate risk of mission or program failure, injury, legal jeopardy or

unacceptable fraud, waste or abuse. The waiver authority is the MAJCOM/CC (delegable no

lower than MAJCOM Director).

Tier 3 (T-3)—Non-compliance may limit mission or program effectiveness or efficiency and has

a relatively remote potential to create risk of mission or program failure, injury, legal jeopardy or

unacceptable fraud, waste, or abuse. The waiver authority is the Wing/DRU/FOA/CC (delegable

no lower than Group/CC or equiv).

32 AFPCI31-100 5 AUGUST 2014

Attachment 2

TRANSMITTING CLASSIFIED MATERIAL

A2.1. Top Secret material is transmitted by an approved courier system (Defense Courier

Service), message or personal hand carrying by a designated representative. Never use US mail

or FedEx to transmit Top Secret material. Always use receipts when transferring Top Secret

material. AF Form 143 (for Top Secret only), AF Form 310, and AF Form 1565 are the most

common receipt forms used for classified documents. Complete an AF Form 310, Document

Receipt and Destruction Certificate, to provide a receipt of change accountability as necessary.

A2.1.1. Secret materials can be transmitted by:

A2.1.1.1. An authorized component courier service.

A2.1.1.2. An authorized electronic system, e.g. a STE.

A2.1.1.3. Hand-carried (with proper authorization).

A2.1.1.4. Registered mail (within US and within its territories - it can be sent to an

APO/FPO address only if you can ensure that the mail will not pass out of US control

during its trip).

A2.1.1.5. Protective Security Service for large bulky items (check with the Security

office).

A2.1.1.6. United States Parcel Service Express Mail and FEDEX (check with the

Security office for limitations).

A2.1.2. Confidential materials may be transmitted by:

A2.1.2.1. An authorized component courier service.

A2.1.2.2. An authorized electronic system, e.g. a STE.

A2.1.2.3. Hand carried (with proper authorization).

A2.1.2.4. Registered mail (for NATO; for APO/FPO outside US; when uncertain if

destination within US; to DoD contractor or other Executive Branch agency, when

appropriate).

A2.1.2.5. First Class Mail between DoD activities within US and territories - do not use

for mail to DoD contractors or other Executive Branch agency.

A2.1.2.6. Certified Mail (to DoD contractor or other Executive Branch Agency).

A2.1.2.7. Constant Surveillance Service for large bulky items (check with the unit

security monitor).

A2.2. Packaging Classified Material. The procedures listed below for the inner and outer

wrapping of classified material will be followed.

A2.2.1. Inner Wrapping:

A2.2.1.1. Use opaque material to wrap classified material.

A2.2.1.2. Highest classification and warning notices placed on wrapping.

AFPCI31-100 5 AUGUST 2014 33

A2.2.1.3. Wrapped to make detection of tampering easy.

A2.2.1.4. Address and return address, plus accountable container number and AF Form

310. (T-3)

A2.2.1.5. Name of POC may be placed on inner envelope.

A2.2.2. Outer Wrapping:

A2.2.2.1. Use Opaque wrapping material. Locked briefcase when hand carrying.

A2.2.2.2. Wrapped to make detection of tampering easy.

A2.2.2.3. No classification markings.

A2.2.2.4. “RETURN SERVICE REQUESTED” on First Class Mail for Confidential

Material.

A2.2.2.5. Address to activity, not person (do not put a person’s name in the address).

A2.2.2.6. Return address.

A2.3. Incoming bulk/accountable mail will be treated as classified until it is delivered to the

addressee. Accountable mail will be stored in a GSA-approved security container.

A2.4. To transfer files from NIPRNET to SIPRNET go to https://dots.dodiis.mil/. This is a

Department of Defense site that will forward a link containing the data to your SIPRNET

address.

https://dots.dodiis.mil/

34 AFPCI31-100 5 AUGUST 2014

Attachment 3

EMERGENCY PROTECTION PLAN (EPP)

A3.1. General. This guidance will assist GSA-approved security container custodians in the

formulation of an EPP. GSA-approved security container custodians should be thoroughly

familiar with procedures as outlined in AFI 31-401, DoD 5200-1.R and this OI. This instruction

will be used for the emergency protection or removal of classified material in the event of a

natural disaster or civil disturbance, terrorist activity, etc. A copy of this instruction will be near

(not attached) to the GSA-approved security container in each area that classified material is

stored or processed. These procedures also apply to North Atlantic Treaty Organization Secret

material and above. (T-3)

A3.2. Situation. Severe weather phenomena such as tornadoes, thunderstorms, hailstorms, flash

floods and hurricanes can pose a threat to Joint Base San Antonio (JBSA) Randolph & Lackland

AFB. The possibility of fire always exists. Civil disturbances may consist of a small group or

groups of dissidents to large-scale riots. In any of these cases, classified material becomes

vulnerable to compromise due to loss or theft and requires additional protection.

A3.3. Emergency Protection.

A3.3.1. Fire. If time permits before evacuation of an area, secure classified material in a

vault or GSA-approved security container within the immediate area. Personnel will not,

however, risk injury or loss of life to secure classified material. If classified material cannot

be properly stored, personnel will evacuate the area to the limits established by emergency

response forces. If this occurs, place the material in or on a desk, or if possible, hand-carry

the information out of the area. Personnel will notify their primary or alternate security

monitor of any classified left unsecured at the time of evacuation. Immediately after the

emergency and authorization by emergency response forces, personnel will return to their

area and check for unsecured classified material. If material is missing or inadvertent access

or compromise is suspected, security monitor will comply with DoD 5200, 1-R, chapters 6

and 9. Emergency response forces will be debriefed if after the situation is terminated.

A3.3.2. Natural Disasters. If severe weather occurs without warning, secure classified as

prescribed in chapter 4. If AFPC does receive advance warning, personnel should limit the

hand-carrying of classified information outside of the immediate work area and take steps to

secure all classified in GSA-approved security containers prior to the arrival of severe

weather.

A3.3.3. Civil Disturbance. Normally, base support agencies such as the Air Force Office of

Special Investigation and security forces receive advance warning of rallies, strikes or

demonstrations on or near the installation. AFPC personnel should plan for the increased

security of classified material before the disturbance based on sources provided. Suspend

hand-carry of classified documents outside the work area. Maintain classified material

within the work area until termination of the incident.

A3.3.4. Emergency Removal. Normally, emergency removal is ordered in overseas areas if

advance notice of a terrorist attack is received, or if there is knowledge of the base being

overrun by an overwhelming force. If valid reasons for the emergency removal of classified

from AFPC is warranted the order will be given by either the JBSA Commander or the AFPC

AFPCI31-100 5 AUGUST 2014 35

Commander. To ensure the most important and sensitive materials are evacuated/destroyed

first, the following priorities are assigned:

A3.3.4.1. PRIORITY ONE: TOP SECRET

A3.3.4.2. PRIORITY TWO: SECRET

A3.3.4.3. PRIORITY THREE: CONFIDENTIAL

36 AFPCI31-100 5 AUGUST 2014

Attachment 4

SECURITY TRAINING PLAN

A4.1. General. It is imperative that all personnel understand the compelling need to protect

classified and sensitive resources. To accomplish this, the Security office provides an initial

security briefing to all personnel on basic security policies, principles and practices during in-

processing.

A4.2. Cleared personnel must have this training prior to being granted access to classified

information.

A4.3. Training should be accomplished continually to reinforce the policies, principles and

procedures covered in initial, continuing/refresher and specialized training. A listing of

personnel who completes the required training will be provided to the Security office by each

directorate security monitor.

A4.4. Security training can include films, handouts, computer presentations, videos, and guest

speakers.

A4.4.1. Continuing/Refresher Security Education and Training Standards.

A4.4.2. This continuing/refresher security education and training standard will be used to

provide refresher training to those personnel who create, process or handle classified

information. Refresher training should reinforce the applicable policies, principles and

procedures covered in initial and specialized training and should be conducted throughout the

individual’s duty assignment. Training will be conducted on a quarterly basis.

A4.4.3. Quarterly Training Topics:

A4.4.3.1. Suggested topics for first session (Jan-Mar). Security Program Roles &

Responsibilities.

A4.4.3.1.1. Purpose and Policies.

A4.4.3.1.2. Classified Information Definition.

A4.4.3.1.3. Classification Authority.

A4.4.3.1.4. Classification Challenges.

A4.4.3.1.5. Transmission of Classified Information.

A4.4.3.1.6. Disposal and Destruction.

A4.4.3.1.7. Classified Storage.

A4.4.3.2. Suggested topics for second session (Apr-Jun).

A4.4.3.2.1. Security Incidents.

A4.4.3.2.2. Safeguarding.

A4.4.3.2.3. End-Of-Day Security Checks.

A4.4.3.2.4. Reproducing Classified Information.

A4.4.3.3. Suggested topics for third session (Jul-Sep).

AFPCI31-100 5 AUGUST 2014 37

A4.4.3.3.1. Personnel Security.

A4.4.3.4. Suggested topics for fourth session (Oct-Dec).

A4.4.3.4.1. Emergency Protection of Classified.

A4.4.3.4.1.1. Security Clearance/Access Verification Procedures.

A4.4.3.4.1.2. Foreign Travel Requirements.

A4.4.3.4.1.2.1. Classified Meetings.

A4.4.3.4.1.2.2. Controlled Unclassified Information.