[Directives and Handbooks]
NASA Handbook
NHB 1600.6
Effective Date: May 1, 1993
Expiration Date:
Responsible Office: JL / Security, Logistics, & Industrial Relations Division
NASA COMMUNICATIONS SECURITY (COMSEC) MANUAL
PREFACE
The NASA Communications Security (COMSEC) Manual provides basic
information for assignment of individual communications security
responsibilities within NASA. It sets forth minimum standards,
procedures, specifications, and guidelines for safeguarding and
control of COMSEC material in NASA's possession. It expands upon
and further specifies NASA security policy in NMI 1600.2, "NASA
Security Program."
This Manual implements the provisions concerning the National
Policy for the Security of National Security Telecommunications
and Information Systems, dated July 5, 1990, and National
Communications Security Instruction 4005, "Safeguarding and
Control of COMSEC Material," dated October 12, 1979. This Manual
will be used by NASA COMSEC Custodians in place of the National
Security Agency Manual 90-2, "COMSEC Material Control Manual,"
dated October 1989, and will provide core guidance for NASA's
COMSEC operations.
Comments or suggestions concerning this Manual should be
addressed to the Chief, NASA Security Office, Code JIS, NASA
Headquarters, Washington, DC 20546.
This Manual is issued in loose-leaf form and will be revised by
page changes.
Jeffrey E. Sutton
Director, Security, Logistics
and Industrial Relations Division
DISTRIBUTION:
SDL 1 (SIQ)
TABLE OF CONTENTS
Page
CHAPTER 1: INTRODUCTION . . . . . . . . . . . . . . . . . . .1-1
100 General . . . . . . . . . . . . . . . . . . . . . . . . .1-1
101 Purpose . . . . . . . . . . . . . . . . . . . . . . . . .1-1
102 Applicability and Scope . . . . . . . . . . . . . . . . .1-1
103 References. . . . . . . . . . . . . . . . . . . . . . . .1-2
104 Objectives. . . . . . . . . . . . . . . . . . . . . . . .1-3
105 Definitions . . . . . . . . . . . . . . . . . . . . . . .1-3
106 Revisions . . . . . . . . . . . . . . . . . . . . . . . .1-3
CHAPTER 2: COMMUNICATIONS SECURITY (COMSEC)
MATERIAL CONTROL . . . . . . . . . . . . . . . . .2-1
200 General . . . . . . . . . . . . . . . . . . . . . . . . .2-1
1. Channels of Communication. . . . . . . . . . . . . .2-1
2. Responsibilities and Organization. . . . . . . . . .2-1
201 The COMSEC Account. . . . . . . . . . . . . . . . . . . .2-4
1. Requirement for a COMSEC Account . . . . . . . . . .2-4
2. Request to Establish a COMSEC Account. . . . . . . .2-4
3. COMSEC Account Approval. . . . . . . . . . . . . . .2-4
4. COMSEC Custodian and Alternate COMSEC
Custodian Training . . . . . . . . . . . . . . . . .2-5
5. Selecting a COMSEC Custodian and Alternate
Custodian. . . . . . . . . . . . . . . . . . . . . .2-5
6. Duties of the COMSEC Custodian and Alternate
Custodian. . . . . . . . . . . . . . . . . . . . . .2-5
7. Witness. . . . . . . . . . . . . . . . . . . . . . .2-8
8. Temporary Absence of the COMSEC Custodian. . . . . .2-8
9. Return of the COMSEC Custodian from Temporary
Absence. . . . . . . . . . . . . . . . . . . . . . .2-9
10. Change of COMSEC Custodian . . . . . . . . . . . . .2-9
11. Change of Alternate Custodian. . . . . . . . . . . 2-10
12. Sudden, Indefinite, or Permanent Departure
of the COMSEC Custodian. . . . . . . . . . . . . . 2-10
13. Sudden, Indefinite, or Permanent Departure
of the Alternate COMSEC Custodian. . . . . . . . . 2-11
14. COMSEC Officer, COMSEC/TEMPEST Point of
Contact. . . . . . . . . . . . . . . . . . . . . . 2-11
202 COMSEC Material . . . . . . . . . . . . . . . . . . . . 2-12
1. Short Titles . . . . . . . . . . . . . . . . . . . 2-12
2. Accounting Numbers . . . . . . . . . . . . . . . . 2-13
3. Edition. . . . . . . . . . . . . . . . . . . . . . 2-13
4. CRYPTO Marking . . . . . . . . . . . . . . . . . . 2-13
5. Subdivisions of Equipment. . . . . . . . . . . . . 2-13
203 COMSEC Material Accountability. . . . . . . . . . . . . 2-13
1. COMSEC Material in the National Security Agency
(NSA) COMSEC Material Control System . . . . . . . 2-13
2. Accounting Legend Code (ALC) . . . . . . . . . . . 2-14
204 COMSEC Material Control . . . . . . . . . . . . . . . . 2-15
1. Forms, Reports, and Files. . . . . . . . . . . . . 2-15
2. COMSEC Register File . . . . . . . . . . . . . . . 2-17
3. Preparing COMSEC Accounting Reports. . . . . . . . 2-18
4. Receipt of COMSEC Material . . . . . . . . . . . . 2-19
5. Procedures for Handling Keying Material. . . . . . 2-23
6. Transferring COMSEC Material . . . . . . . . . . . 2-24
7. Military Department Accounting Headquarters. . . . 2-27
8. Packaging COMSEC Material. . . . . . . . . . . . . 2-28
9. Authorized Modes of Transportation . . . . . . . . 2-29
10. Shipping Unclassified COMSEC Material. . . . . . . 2-32
11. Authorized Modes of Transportation for Controlled
Cryptographic Item (CCI) Equipment and Components
Within CONUS, U.S. Territories and Possessions . . 2-34
12. Hand Receipts. . . . . . . . . . . . . . . . . . . 2-37
13. Possession Reports . . . . . . . . . . . . . . . . 2-39
14. Converted COMSEC Material. . . . . . . . . . . . . 2-39
15. Inventory Report . . . . . . . . . . . . . . . . . 2-40
16. Destruction. . . . . . . . . . . . . . . . . . . . 2-43
17. Accounting for and Entering Amendments to
COMSEC Publications. . . . . . . . . . . . . . . . 2-44
18. Accounting for COMSEC Material Launched into
Space. . . . . . . . . . . . . . . . . . . . . . . 2-45
205 Audit of COMSEC Accounts. . . . . . . . . . . . . . . . 2-46
1. Basis. . . . . . . . . . . . . . . . . . . . . . . 2-46
2. Notification . . . . . . . . . . . . . . . . . . . 2-46
3. Auditor Access . . . . . . . . . . . . . . . . . . 2-46
4. Scope of the Audit . . . . . . . . . . . . . . . . 2-46
5. Audit Report . . . . . . . . . . . . . . . . . . . 2-47
206 Closing a COMSEC Account. . . . . . . . . . . . . . . . 2-47
CHAPTER 3: CONTROLLING AUTHORITIES. . . . . . . . . . . . . .3-1
300 General . . . . . . . . . . . . . . . . . . . . . . . . .3-1
301 Keying Material Source. . . . . . . . . . . . . . . . . .3-1
302 Establishing the Cryptonet and Designating the
Controlling Authority . . . . . . . . . . . . . . . . . .3-1
303 NASA Contractors Currently Designated as
Controlling Authorities . . . . . . . . . . . . . . . . .3-2
304 Controlling Authority Responsibilities. . . . . . . . . .3-2
1. Cryptonet Management . . . . . . . . . . . . . . . .3-2
2. Evaluating COMSEC Incidents. . . . . . . . . . . . .3-5
3. Reacting to Incidents. . . . . . . . . . . . . . . .3-8
305 Considerations When Establishing a Cryptonet. . . . . . 3-11
306 Keying Material Support Plan (KMSP) . . . . . . . . . . 3-11
307 Contents of the KMSP. . . . . . . . . . . . . . . . . . 3-12
308 Annual Reviews of the KMSP. . . . . . . . . . . . . . . 3-13
309 Defective Keying Material . . . . . . . . . . . . . . . 3-14
CHAPTER 4: COMSEC INFORMATION ACCESS REQUIREMENTS . . . . . .4-1
400 Criteria for Access to COMSEC Information . . . . . . . .4-1
401 COMSEC Briefing Requirements. . . . . . . . . . . . . . .4-1
CHAPTER 5: TWO-PERSON INTEGRITY/NO-LONE ZONE CONTROLS . . . .5-1
500 General . . . . . . . . . . . . . . . . . . . . . . . . .5-1
501 Procedures for Handling and Safeguarding. . . . . . . . .5-1
TOP SECRET Keying Material. . . . . . . . . . . . . . . .5-1
1. Transportation . . . . . . . . . . . . . . . . . . .5-1
2. TPI Handling of Packages Received. . . . . . . . . .5-2
3. Wrapping TOP SECRET Material . . . . . . . . . . . .5-2
4. Storage. . . . . . . . . . . . . . . . . . . . . . .5-2
5. Use. . . . . . . . . . . . . . . . . . . . . . . . .5-3
6. Record of Combinations . . . . . . . . . . . . . . .5-3
CHAPTER 6: COMSEC INCIDENT REPORTING REQUIREMENTS . . . . . .6-1
600 General . . . . . . . . . . . . . . . . . . . . . . . . .6-1
601 Types of COMSEC Incidents . . . . . . . . . . . . . . . .6-1
602 Types of Written Reports. . . . . . . . . . . . . . . . .6-4
603 Reporting Incidents . . . . . . . . . . . . . . . . . . .6-5
604 Report Addressing . . . . . . . . . . . . . . . . . . . .6-6
605 Format and Content of Written COMSEC Incident
Reports . . . . . . . . . . . . . . . . . . . . . . . . .6-7
CHAPTER 7: ROUTINE DESTRUCTION OF COMSEC MATERIAL . . . . . .7-1
700 General . . . . . . . . . . . . . . . . . . . . . . . . .7-1
701 Training Destruction Personnel. . . . . . . . . . . . . .7-1
702 Routine Destruction Procedures for COMSEC
Material. . . . . . . . . . . . . . . . . . . . . . . . .7-1
703 Routine Destruction Methods and Standards . . . . . . . .7-3
704 Approved Routine Destruction Devices. . . . . . . . . . .7-3
705 Reporting Routine Destruction . . . . . . . . . . . . . .7-3
CHAPTER 8: SECURE TELECOMMUNICATIONS FACILITIES . . . . . . .8-1
800 Physical Security Requirements for Classified
and Unattended Keyed CCI Equipment. . . . . . . . . . . .8-1
801 CCI Access Controls . . . . . . . . . . . . . . . . . . .8-2
802 Storage Requirements. . . . . . . . . . . . . . . . . . .8-3
803 Record of Individuals Having Knowledge of
Combinations to Containers Storing Classified
COMSEC Material . . . . . . . . . . . . . . . . . . . . .8-3
CHAPTER 9: SECURE TELEPHONE UNIT (STU) III's. . . . . . . . .9-1
900 General . . . . . . . . . . . . . . . . . . . . . . . . .9-1
901 Responsibilities. . . . . . . . . . . . . . . . . . . . .9-1
902 STU-III Security Education. . . . . . . . . . . . . . . .9-3
903 Protecting CIK's. . . . . . . . . . . . . . . . . . . . .9-4
904 Incidents . . . . . . . . . . . . . . . . . . . . . . . .9-5
905 STU-III Terminal Keying and Rekeying. . . . . . . . . . .9-6
906 Secure Data Mode. . . . . . . . . . . . . . . . . . . . .9-6
907 Sensitive Compartmented Information
Facilities (SCIF's) . . . . . . . . . . . . . . . . . . .9-7
908 Installations in Residences, Hotels, or
Commercial Conference Facilities. . . . . . . . . . . . .9-8
909 Vehicle Installations . . . . . . . . . . . . . . . . . .9-8
910 Acoustic Security . . . . . . . . . . . . . . . . . . . .9-8
CHAPTER 10: COMSEC EMERGENCY ACTION PROCEDURES. . . . . . . 10-1
1000 Requirements. . . . . . . . . . . . . . . . . . . . . . 10-1
1001 Preparedness. . . . . . . . . . . . . . . . . . . . . . 10-1
1002 Preparing the Emergency Plan. . . . . . . . . . . . . . 10-2
1003 Emergency Action Procedures Review. . . . . . . . . . . 10-2
APPENDIXES
APPENDIX A Definitions. . . . . . . . . . . . . . . . . . . .A-1
APPENDIX B Sample Communications Security (COMSEC)
Briefing . . . . . . . . . . . . . . . . . . . . .B-1
APPENDIX C Sample Cryptographic Access Certification. . . . .C-1
Cryptographic Access Termination . . . . . . . . .C-2
Privacy Act Statement. . . . . . . . . . . . . . .C-3
Attachment to Appendix C . . . . . . . . . . . . .C-4
Pertinent Provisions of Title 18 of the
United States Codes. . . . . . . . . . . . . . . .C-4
APPENDIX D Sample Emergency Action Plan . . . . . . . . . . .D-1
APPENDIX E Figures. . . . . . . . . . . . . . . . . . . . . .E-1
1 Sample Change of COMSEC Custodian
Inventory (SF 153) . . . . . . . . . . . . . . . .E-1
2 Table of TSEC Nomenclature System Designators. . .E-2
3 COMSEC Material Record (L6061) . . . . . . . . . .E-4
4 DCS Station Addresses. . . . . . . . . . . . . . .E-5
5 Sample Report of COMSEC Material Transferred
to a Military Account (SF 153) . . . . . . . . . .E-6
6 Sample Report of COMSEC Material Transferred to
an Account Other than Military (SF 153). . . . . .E-7
7 Sample COMSEC Material Identification Markings . .E-8
8 Sample COMSEC Material Hand Receipt (SF 153) . . .E-9
9 Sample Possession Report Prepared When
COMSEC Material is Received Without Transfer
Paperwork (SF 153) . . . . . . . . . . . . . . . E-10
10 Sample Preprinted Inventory with Supplement. . . E-11
10a Supplement to Preprinted Inventory (SF 153). . . E-12
11 Sample Destruction Report (SF 153) . . . . . . . E-13
12 COMSEC Material Destruction Standards. . . . . . E-14
APPENDIX F Classification Guide . . . . . . . . . . . . . . .F-1
CHAPTER 1: INTRODUCTION
100 GENERAL
The United States Communications Security (COMSEC) effort is
controlled and managed under a separate set of security
standards and procedures from those that apply to other
classified information. The reasons for this are that
COMSEC techniques and materials are used to protect other
information, and because the loss of U.S. COMSEC information
and materials can seriously damage the national interest.
Also, a significant body of information indicates that TOP
SECRET keying material is a high-priority target for
exploitation by hostile intelligence services and,
therefore, must be afforded special attention.
101 PURPOSE
This Manual contains COMSEC information and guidance
necessary for the successful day-to-day operations of NASA's
COMSEC Program.
102 APPLICABILITY AND SCOPE
The provisions of this Manual apply to NASA Headquarters and
Field Installations. It specifically applies to all NASA
COMSEC Custodians, security organizations, and other
personnel using or otherwise having access to COMSEC
materials at NASA Field Installations and NASA Headquarters.
This Manual also supports contractors, as appropriate, under
law and/or contract as implemented by the appropriate
contracting officer. Contractor COMSEC Custodians and
Alternates of NASA COMSEC accounts come under the purview of
this document, and the responsibilities are identical to
civil service COMSEC Custodians and Alternates. This Manual
will be used in lieu of National Security Agency (NSA)
Manual 90-2 and supersedes the NASA COMSEC Accounting Guide,
dated January 1978. Whenever system doctrine requirements
conflict with procedures in this Manual, the system doctrine
requirements take precedence.
1. This Manual is not site specific; it outlines minimum
standards and is intended to be used as guidance by
COMSEC Custodians and Chiefs of Security in formulating
and implementing effective COMSEC operations. Each
site is encouraged to supplement this Manual with
procedures, duties, and titles to tailor this guidance
to their unique environments.
2. This Manual specifically addresses COMSEC Custodians
and Alternate COMSEC Custodians of COMSEC accounts
designated and established by NASA, and those
custodians who fall under the purview of the NASA
COMSEC Central Office of Record (COR).
103 REFERENCES
1. NCSC-1, "National Policy for Safeguard and Control of
COMSEC Material," January 16, 1981.
2. NACSI 4005, "Safeguarding and Control of COMSEC
Material," October 12, 1979.
3. NACSI 4007, "Management of Manual Crypto Systems."
4. NACSI 4008, "Safeguarding COMSEC Facilities," March 4,
1983.
5. NCSC-9, "National COMSEC Glossary," September 1, 1982.
6. NTISSI 3013, "Operational Security Doctrine for the
Secure Telephone Unit III (STU-III) Type 1 Terminal,"
February 8, 1990.
7. NTISSI 4001, "Controlled Cryptographic Items (CCIs),"
March 25, 1985.
8. NTISSI 4002, "Classification Guide for COMSEC
Information," June 5, 1986.
9. NTISSI 4003, "Reporting and Evaluating COMSEC
Incidents," December 2, 1991.
10. NTISSI 4004, "Routine Destruction and Emergency
Protection of COMSEC Material," March 11, 1987.
11. NTISSI 4005, "Control of TOP SECRET Keying Material,"
July 17, 1987.
12. NTISSI 4006, "Controlling Authorities for COMSEC
Material," December 2, 1991.
13. National Policy for the Security of National Security
Telecommunications and Information Systems,
July 5, 1990.
14. NMI 1600.2, "NASA Security Program."
15. DoD 5200.28M, "Department of Defense Automatic Data
Processing Security Manual."
16. DoD 5220.22M, "Industrial Security Manual for
Safeguarding Classified Information."
17. NTISSP No. 3, "National Policy for Granting
Access to U.S. Classified Cryptographic
Information," December 19, 1988.
104 OBJECTIVES
This Manual is intended to help attain objectives essential
to maintaining the integrity of COMSEC material used to
protect sensitive or classified Government communications,
as follows:
1. To provide instructions for controlling accountable
COMSEC material furnished, to or generated by, an
activity, in order to deny access to unauthorized
persons or organizations.
2. To ensure timely disposition of Government-furnished
and contractor-generated accountable COMSEC material no
longer required for performing a contract.
105 DEFINITIONS
See definitions of terms used in this Manual in Appendix A.
106 REVISIONS
This Manual will be revised as required by Executive orders,
statutes, direction from the National Security Agency (NSA),
and the development of new and improved security concepts.
Changes to this Manual are specifically prohibited unless
officially promulgated by the NASA COMSEC Manager. NASA
Field Installations, NASA Headquarters security organiza-
tions, and NASA COMSEC Custodians may request copies of the
National Communications Security Instruction and National
Telecommunications Information System Security Instruction
containing policies and procedures governing cryptographic
operations and the physical security of COMSEC material from
the NASA COMSEC Manager.
CHAPTER 2: COMMUNICATIONS SECURITY (COMSEC) MATERIAL CONTROL
200 GENERAL
This Chapter establishes minimum COMSEC accounting
procedures to be followed by NASA COMSEC Custodians and all
other personnel using or otherwise having access to
accountable COMSEC material.
1. Channels of Communication
a. Because timely and accurate COMSEC accounting and
reporting are so necessary, direct communications
between the NASA Central Office of Record (COR)
and NASA COMSEC accounts are authorized on all
routine COMSEC accounting matters (e.g., inability
to resolve inventory discrepancies, COMSEC
incident reports, tracer actions, etc.). Send
direct communications to the NASA COR at the
following address:
NASA Headquarters
Code JIS/NASA COMSEC Manager
Washington, DC 20546
Telephone: STU-III 202/358-2455
FAX: secure 202/358-3237
nonsecure 202/358-3238
Message address: RUEANAT/NASA HQ WASHINGTON
DC//JACK SYMANEK/CODE JIS//
b. Direct communications between NASA COMSEC accounts
and the National Security Agency (NSA) Central
Office of Record (COR), Y131; NSA Central
Accounting Office (CAO), Y18 (STU III key only);
and the Insecurities, Evaluation, and Reporting
Branch, X71A, are authorized for COMSEC accounting
matters involving the direct shipment of COMSEC
material. Send direct communications to the NSA
at the following address:
Director, National Security Agency
ATTN: (appropriate office designator)
Fort George G. Meade, MD 20755-6000
Message address: RUETIAA/DIRNSA FT. GEORGE G
MEADE, MD//appropriate office
designator//
c. Direct communications are authorized between NASA
COMSEC accounts and any other COMSEC accounts
involving direct shipment of COMSEC material.
2. Responsibilities and Organization. COMSEC material
control within the U.S. Government is based on a system
of centralized accounting and decentralized custody and
protection. Timely and accurate data is essential to
continuous, effective control of COMSEC material
entrusted to or produced for NASA.
a. The NSA is responsible for the operations of the
NSA COR; for specifying control criteria for all
COMSEC material; for distributing and accounting
for all accountable COMSEC material produced by or
entrusted to the NSA until transferred; for
receiving and processing requirements for
accountable COMSEC material; for excluding the
procurement of COMSEC equipment and spare parts;
for establishing and maintaining lead-time
schedules for distributing accountable COMSEC
material; for providing disposition instructions
for COMSEC material held but no longer required,
exclusive of material for which disposition is
provided by a superseding edition or Service
status publication (e.g., Air Force General COMSEC
Publication (AFKAG)), for receiving accountable
COMSEC material; and for providing assistance to
COMSEC Custodians regarding shipping methods and
schedules. The main NSA COMSEC Account is 880099,
and its address follows:
Middle River Facility
Building A-W Dock 2
2800 Eastern Boulevard
Middle River, MD 21220
b. NASA/Code JIS is responsible for the following
tasks:
(1) Performing as COR for NASA.
(2) Establishing and closing COMSEC accounts.
(3) Maintaining a record of NASA COMSEC accounts,
COMSEC Custodians, and Alternate Custodians.
(4) Processing requests to appoint or terminate
the appointments of COMSEC Custodians and
Alternates, and verifying their clearances.
(5) Verifying the inventory of each NASA
controlled COMSEC account semiannually.
(6) Maintaining master records of all NASA COMSEC
material entered into the NASA COMSEC
Material Control System.
(7) Maintaining the financial and property
accountability records for all accountable
COMSEC equipment owned by or entrusted to
NASA.
(8) Facilitating attendance at the formal NSA
COMSEC Custodian training course (CS-140) for
all newly appointed NASA COMSEC Custodians
and Alternates. If time does not permit
formal training, Code JIS will provide
informal briefings to prospective Custodians
and Alternates until attendance at the NSA
hosted COMSEC Custodian's Training Course
(CS-140) can be arranged.
(9) Establishing procedures for accounting for
COMSEC material held within NASA.
(10) Maintaining liaison with the NSA COR, civil
agencies, NASA contractor COMSEC accounts and
the Military Services on all matters
pertaining to controlling accountable COMSEC
material.
(11) Auditing NASA COMSEC accounts established at
NASA Installations at least every 24 months
or as deemed necessary.
(12) Providing guidance and assistance on all
procedural matters pertaining to controlling
accountable COMSEC material.
(13) Preparing and distributing COMSEC Procedural
and Material Control Bulletins.
c. The Chief of each organizational element has the
ultimate responsibility for controlling all COMSEC
material held within the organizational element.
This responsibility is, by the appointment of a
COMSEC Custodian and Alternate(s), delegated to
individuals by name. However, delegating this
authority in no way relieves any individual (e.g.,
the user, the Custodian's supervisor, and other
organizational chiefs, etc.) from the inherent
responsibility for controlling COMSEC material
held within the element. The Chief of the NASA
element is also responsible for ensuring that
Custodians and Alternates receive required
training.
d. The COMSEC Custodian is, through organizational
and supervisory channels, responsible to the Chief
of the element for controlling all accountable
COMSEC material charged to the element's account.
e. The individual user or holder of COMSEC material
is personally responsible for controlling and
safeguarding COMSEC material while it is entrusted
to his or her care, and is not authorized to lend
the material to another individual without a new
hand receipt issued from the COMSEC Custodian.
See Chapter 4 for access requirements to COMSEC
information.
201 THE COMSEC ACCOUNT
1. Requirement for a COMSEC Account. Any element
requiring accountable COMSEC material must obtain such
material through a COMSEC account. If an existing
COMSEC account cannot adequately support the
requirement for COMSEC material within an organization,
a new COMSEC account will be established.
2. Request to Establish a COMSEC Account. When a new
COMSEC account must be established, submit a written
request from the Chief of the NASA organization
requiring the account.
a. Submit the request through the local security
office to NASA/Code JIS, ATTN: NASA COR. Include
the title and complete address of the element in
which the account will be located; the purpose
(justification) for establishing the COMSEC
account; the specific items of COMSEC material
required, and the desired in-place date. The
request must also include a statement that the
minimum physical security standards for
safeguarding COMSEC material can be met, and the
names, grades, and social security numbers with
Privacy Act Notice of the individuals to be
appointed as the COMSEC Custodian and Alternate
COMSEC Custodians. Normally, a single Alternate
Custodian is sufficient at each account.
Appointments of more than two Alternate Custodians
should be coordinated with the NASA COR.
Subparagraphs 5a and b contain COMSEC Custodian
selection criteria. The request must also contain
certified clearance information on the individuals
nominated as the COMSEC Custodian and Alternate
COMSEC Custodian(s). When signature cards (Form
N2942B) are used for clearance information
certification, forward these cards with the
written request. The NASA COR will initiate
clearance verification.
b. Allow a minimum of 30 days for an account to be
established and appointments confirmed.
3. COMSEC Account Approval. The NASA COR will advise the
requesting element in writing by (sending an
information copy to the Installation Security Office)
when the account is established and the COMSEC
Custodian and Alternate COMSEC Custodian(s)
appointments are approved, and will assign an account
number. Reference the account number in all subsequent
correspondence or transactions relating to the COMSEC
account. The NASA COR provides accounting forms and,
when not submitted previously, signature cards (Form
N2942B) to be completed and returned to the COR.
4. COMSEC Custodian and Alternate COMSEC Custodian
Training. A newly appointed or changed COMSEC
Custodian or Alternate will attend the NSA COMSEC
Custodian training course (CS-140) as soon as possible.
This training is mandatory for all NASA COMSEC
Custodial appointees, with the exception of those
appointed to accounts established solely for STU-III,
or those who have attended equivalent training within 2
years.
5. Selecting a COMSEC Custodian and Alternate Custodian
a. Because of the sensitivity of COMSEC material and
the rigid controls required, individuals selected
as Custodians must:
(1) Be a responsible civil servant or contractor
qualified to assume the duties and
responsibilities of a COMSEC Custodian.
(2) Not be previously relieved of COMSEC
Custodian duties for reasons of negligence or
nonperformance of duties.
(3) Be in a position that will permit maximum
tenure (not less than 1 year) as a COMSEC
Custodian or Alternate COMSEC Custodian,
thereby reducing the possibility of frequent
replacement.
(4) Not be assigned duties that will interfere
with their duties as COMSEC Custodian and
Alternate Custodian.
(5) Be actually performing the custodial
functions on a day-to-day basis. The COMSEC
Custodian position will not be assumed solely
to maintain administrative or management
control of the account functions.
b. Personnel nominated as COMSEC Custodian or
Alternate will be in grade GS-7 or above, or a
contractor at an equivalent level. Where
personnel at the appropriate grade level are not
available, include full justification to support
the appointment in the appointment request.
6. Duties of the COMSEC Custodian and Alternate Custodian
a. The COMSEC Custodian. The COMSEC Custodian is
responsible for ensuring that all COMSEC material
issued to, or generated and held by, the COMSEC
account is safeguarded in accordance with national
requirements. This includes but is not limited to
the receipt, custody, issuance, safeguarding,
accounting and, when necessary, destruction of
COMSEC material. The COMSEC Custodian is further
responsible for maintaining up-to-date records and
submitting all required accounting reports. The
Custodian will be thoroughly familiar with the
procedures for handling COMSEC material outlined
in this Manual. The COMSEC Custodian is
authorized and encouraged to inspect user areas on
a regular basis (at least semiannually). The
COMSEC Custodian must have access to all
accountable material held by users. In cases
where the material is used within a Sensitive
Compartmented Information Facility (SCIF), and the
COMSEC Custodian is not indoctrinated for special
access (SI), the area must be sanitized or the
Custodian escorted to allow the Custodian to
fulfill his or her responsibilities. In
fulfilling his or her responsibilities, the
Custodian will perform the following duties:
(1) Protect COMSEC material and limit access to
individuals with the appropriate need-to-know
and clearance.
(2) Receive, give a receipt for, and ensure the
safeguarding and accounting of all COMSEC
material issued to the COMSEC account.
(3) Maintain COMSEC accounting and related
records as outlined in paragraph 204.
(4) With a witness, conduct an inventory,
semiannually and when a new COMSEC Custodian
is appointed, by physically sighting all
COMSEC material charged to the account, and
reconciling this inventory with the COR. The
COR or other competent authority may also
direct the conduct of an inventory.
(5) Perform routine destruction of COMSEC
material when required, or otherwise dispose
of material as directed by the COR or
controlling authority.
(6) Submit transfer, inventory, destruction, and
possession reports when required.
(7) Inspect the implemented protective
technologies upon initial receipt, during
each inventory, and prior to each use to
ensure the integrity of COMSEC material (key
or equipment).
(8) Ensure prompt and accurate entry of all
amendments to COMSEC publications held by the
account.
(9) Ensure that all accountable COMSEC material
shipped outside of the account's organization
is packaged and shipped as specified in
paragraph 204.6 of this Chapter. Ensure that
all material received is inspected for
evidence of tampering and, if any is found,
immediately submit a report of suspected
physical incident according to Chapter 6 of
this Manual.
(10) Be aware at all times of the location of
every item of accountable COMSEC material
held by the account and the general purpose
for which it is being used.
(11) Establish procedures to ensure strict control
of each item of keying material whenever
operational requirements necessitate that
material be turned over from one shift to
another or from one individual to another.
(12) Ensure that appropriate COMSEC material is
readily available to properly cleared and
authorized individuals whose duties require
its use. If the material is classified,
verify that the individuals are cleared to
the level of the material. Brief recipients
of the required protection and procedures for
safeguarding the material until it is
returned to the Custodian.
(13) Report immediately to the Installation
Security Officer any known or suspected
COMSEC incident as defined in Chapter 6, and
submit a report according to Chapter 6 of
this Manual.
(14) Verify the identification, clearance and
need-to-know of any individual requesting
access to the records and/or material
associated with the COMSEC account.
(15) Prepare for safeguarding COMSEC material
during emergency situations according to
Chapter 10.
(16) When COMSEC material is properly issued to
users, according to paragraph 204.11, the
COMSEC Custodian is relieved of personal
responsibility for the security of the
material.
b. The Alternate Custodian. Individuals appointed as
Alternate COMSEC Custodians are responsible for
assisting the COMSEC Custodian in performing his
or her duties and for providing continuity of
operations in the absence of the COMSEC Custodian.
Specific duties are as follows:
(1) Keeping aware of the day-to-day activity of
the COMSEC account in order to assume the
duties of the COMSEC Custodian, whenever
necessary, without undue interruption of
operations.
(2) Performing those duties outlined in subpara-
graph 201.6a during the temporary or
permanent absence of the COMSEC Custodian.
7. Witness
a. Inventory and Destruction by the COMSEC Custodian:
Physical inventory or destruction of COMSEC
material must be witnessed by an appropriately
cleared individual. The witness should normally
be the Alternate Custodian, but another
appropriately cleared and briefed individual may
act as a witness when the Alternate Custodian is
not available. When an inventory or destruction
is completed, the witness will sign the inventory
report, keying material usage/disposition record,
or destruction report, as appropriate, attesting
that the COMSEC material listed has been
inventoried or destroyed. The witness will sign
an inventory only after having personally sighted
the material being inventoried. A destruction
report can only be signed after having personally
witnessed the destruction of the material (refer
to paragraph 703 for an exception to witnessing a
material destruction by a user).
� b. Destroying keying material that has been hand
receipted to a user requires a witness to the
destruction of individual key settings. The
witness will initial the keying material usage
record attesting that the material has been
destroyed. Under no circumstances will the
witness initial a usage record without having
personally sighted the material being destroyed.
8. Temporary Absence of the COMSEC Custodian. When the
COMSEC Custodian is to be absent for a period not to
exceed 60 days, the Alternate Custodian will assume the
responsibilities and duties of the COMSEC Custodian.
An absence in excess of 60 days that has not been
coordinated with the NASA COR must be treated as a
permanent absence, and a new Custodian must be
nominated.
9. Return of the COMSEC Custodian from Temporary Absence.
The COMSEC Custodian will be informed of all changes to
the COMSEC account upon his or her return from a
temporary absence. If COMSEC material was transferred
to the account and accepted by the Alternate Custodian
during the absence, the COMSEC Custodian will inventory
the COMSEC material, and sign, date, and include the
remark "received from Alternate Custodian" on the front
side of the COMSEC account's copy of the transfer
report, thus relieving the Alternate Custodian of
accountability for the material. In those cases where
material was transferred from the account or destroyed,
the COMSEC Custodian should verify such actions by
comparing the transfer and destruction reports with his
or her Register File to assure the accuracy of the
actions affecting the material for which he or she is
held accountable.
10. Change of COMSEC Custodian. When it becomes necessary
to terminate the COMSEC Custodian's appointment, NASA
elements must submit a written request through the
local security office to the NASA COR and include
information and clearance certification about the
replacement nominee as prescribed in subparagraph
201.5. The training requirements specified in
subparagraph 201.4 also apply.
a. When written confirmation is received from the
NASA COR, the newly appointed COMSEC Custodian and
his or her predecessor will perform the following
duties:
(1) Conduct a physical (sight) inventory of all
COMSEC material held by the COMSEC account.
(The change of Custodian will be effective
the date the inventory is signed.)
(2) Prepare an SF 153 (see Figure 1 in Appendix
E) listing all COMSEC material to be
transferred to the new Custodian. Identify
the report in block 1 as a "change of
Custodian" and check both "received" and
"inventoried" in block 14. Address the
report from the COMSEC account (block 2) to
the NASA COR (block 3). The new Custodian
will sign in block 15 and the departing
Custodian will sign as the witness in block
17. Forward the signed original copy to the
NASA COR and retain a signed duplicate copy
in the COMSEC account's file. When an
account holds over 100 line items, a
Custodian may request a preprinted
inventory/transfer from the NASA COR. The
request for a preprinted inventory/transfer
should normally be included with the
nomination information.
b. Normally, the new COMSEC Custodian will have
received written confirmation of appointment
before action is initiated to transfer the COMSEC
account. However, if the confirmation is delayed
and the departure of his or her predecessor is
imminent, the transfer will be accomplished prior
to the receipt of written confirmation.
c. When the transfer is complete, the new Custodian
assumes full responsibility for the material
charged to the COMSEC account and for its
operation. The former COMSEC Custodian is
relieved of responsibility for only that COMSEC
material included on the transfer/inventory
report. He or she is not relieved of
responsibility for COMSEC material that is
involved in any unresolved discrepancy until a
clear COMSEC Inventory Reconciliation Report has
been received from the NASA COR.
d. Changes of COMSEC Custodian should be scheduled at
least 40 days before the former COMSEC Custodian
departs to allow for the receipt of a clear COMSEC
Inventory Reconciliation Report. However, the
former COMSEC Custodian may depart prior to the
return of the COMSEC Inventory Reconciliation
Report provided no discrepancies or irregularities
were evident when the inventory and transfer were
made. Responsibility for resolving discrepancies
discovered after a COMSEC Custodian has departed
rests with the Chief of the element.
� 11. Change of Alternate Custodian. When a change in
Alternate Custodian is necessary, NASA elements will
submit a written request through the local security
office to the NASA COR and will include information and
clearance certification about the replacement nominee
as prescribed in subparagraph 201.5. The training
requirements specified in subparagraph 201.4 also
apply. A change of Alternate Custodian should be made
before the departure of the present Alternate Custodian
unless impossible.
12. Sudden, Indefinite, or Permanent Departure of the
COMSEC Custodian
a. Under emergency circumstances such as the sudden,
indefinite or permanent departure of the COMSEC
Custodian, the Chief of the element will nominate
a new COMSEC Custodian (preferably the Alternate
Custodian) in compliance with the provisions of
subparagraph 201.5 and paragraph 200.2. The new
COMSEC Custodian and an appropriately cleared
witness will immediately conduct a complete
physical inventory of all COMSEC material held by
the COMSEC account. When the absence of the
COMSEC Custodian is unauthorized, the Chief of the
element will immediately report the circumstances
in accordance with Chapter 6.
b. Upon completion of the inventory, prepare an SF
153 Possession Report. Annotate the Possession
Report with the remark "Sudden, indefinite or
permanent departure of the COMSEC Custodian" or
"Unauthorized absence of the COMSEC Custodian," as
appropriate. The new COMSEC Custodian will sign
block 15 and the witness will sign block 17.
Forward the signed original copy of the report to
the NASA COR and retain a signed duplicate copy in
the COMSEC account's file.
13. Sudden, Indefinite, or Permanent Departure of the
Alternate COMSEC Custodian. The NASA COR should be
notified as soon as possible when an Alternate COMSEC
Custodian must be replaced due to a sudden, indefinite,
or permanent departure. An unauthorized absence must
be immediately reported in accordance with Chapter 6.
14. COMSEC Officer, COMSEC/TEMPEST Point of Contact.
Several Centers have designated a COMSEC Officer to
address policy issues and programmatic COMSEC
responsibilities beyond those specified for the COMSEC
Custodian. Although national policy does not require
the designation of a COMSEC Officer it has been NASA
policy to designate a civil servant to act as the
COMSEC and TEMPEST point of contact responsible for
ensuring oversight and implementation of NASA's COMSEC
and TEMPEST policy. It is important to emphasize,
however, that the responsibilities identified for the
COMSEC Custodian constitute minimum requirements and,
depending on the experience level of the COMSEC
Custodian, are balanced against each Center's
particular needs. These additional COMSEC/TEMPEST
duties can be performed by the same individual.
Regardless whether the COMSEC Custodian, COMSEC
Officer, or COMSEC/TEMPEST point of contact is
designated to perform these additional functions, it
must be stressed that NASA Installations not construe
this requirement as justification for establishing a
separate billet. The duties of the COMSEC Officer, or
COMSEC/TEMPEST point of contact, include the following:
a. Acting as the Installation's single focal point
for COMSEC and TEMPEST policy issues.
b. Administering one-time COMSEC briefings and/or
cryptographic access certification to civil
servants whose duties require access to COMSEC
material.
c. Ensuring that COMSEC awareness training is
integrated as part of the Installation's security
education program.
d. Providing technical assistance to Controlling
Authorities for cryptographic keying material
controlled by NASA and exercising oversight in
those instances where NASA contractor COMSEC
accounts have been established solely for the
purpose of supporting NASA.
e. Assisting project offices in the acquisition of
COMSEC material through coordination with the
supporting COMSEC Custodian and/or the NASA COMSEC
Manager.
f. Assisting the Installation's Security Office to
establish selection criteria to screen, interview,
and nominate candidates for the COMSEC Custodian.
g. Providing technical advice and assistance
concerning the use, installation, maintenance, and
procurement of STU-III's.
h. Conducting TEMPEST countermeasure determination
and coordinating with the NASA Security Office,
Code JIS, as required. NOTE: Formal training is
not required to perform countermeasure
determination using the NTISSI 7000, "TEMPEST
Countermeasures for Facilities."
202 COMSEC MATERIAL
1. Short Titles. For accounting purposes, COMSEC material
may be identified by short titles derived from the
Telecommunications Security (TSEC) nomenclature system
(see Figure 2); or bear a designator derived from the
Joint Electronics Type Designation System (JETDS); or a
Federal part number; or by short titles assigned by a
Military Department. In many cases, the Controlled
Crytographic Item (CCI) category may not be assigned
any short title, instead bearing the manufacturer's
commercial designator. This equipment will, however,
be marked "Controlled Cryptographic Item" or "CCI" and
will bear a Government Serial Number (GSN) label. The
GSN has been developed for accounting purposes and will
be the designator by which the COMSEC Custodian will
identify and control the CCI. The GSN is composed of
three fields; for example, the label may read "GSN:
PES-B4 192." The first field "PES" identifies the
manufacturer; the second field "B4" identifies the type
of product; and the third field "192" identifies the
serial number of the unit. For purposes of the SF 153
(using the above example), list the designator "PES-B4"
in the short title block and "192" in the accounting
number block. NOTE: The GSN for STU-III terminals
will vary from the above format.
2. Accounting Numbers. Most COMSEC material is assigned
an accounting (register or serial) number at its point
of origin to facilitate accounting. However, COMSEC
material may be received that does not bear an
accounting number or for which accounting by number is
impractical, and therefore not required. An example of
this type of material is a printed circuit board with a
TSEC nomenclature, which may bear a manufacturer's
serial number, but which is only accounted for by
quantity and is listed in "accounting numbers" on
accounting reports as an "N/N" (no number) item.
3. Edition. COMSEC material may be further identified by
alphabetic or numeric edition. COMSEC material is
superseded when the new COMSEC material becomes
effective (effective edition). NOTE: Identification
of the currently effective edition of operational
keying material is considered "CONFIDENTIAL." The
general rule is that this information should not be
disclosed over a mode of communications that is not
secure. However, per NTISSI 4002, A-12, under certain
circumstances the effective edition may be transmitted
in the clear when necessary to ensure that all holders
are using the same key or when confusion exists about
the effective key.
4. CRYPTO Marking. COMSEC keying material that is used to
protect or authenticate telecommunications carrying
national security and Government-sensitive information
is identified by the bold marking CRYPTO. This marking
makes such material readily identifiable from other
material so that its dissemination can be restricted to
personnel whose duties require access and, if the
material is classified, to those who have been granted
a final security clearance equal to or higher than the
classification of the keying material involved.
5. Subdivisions of Equipment. Operational COMSEC
equipment is identified and accounted for by one short
title rather than by individual components and/or
subassemblies. Classified and CCI subassemblies,
elements, and microcircuits when not incorporated in an
equipment will, however, be accounted for by type and
quantity.
203 COMSEC MATERIAL ACCOUNTABILITY
1. COMSEC Material in the National Security Agency (NSA)
COMSEC Material Control System
a. Accountable COMSEC material enters the NASA COMSEC
Material Control System at the times indicated and
remains in the system until destruction or other
authorized disposition as follows:
(1) When material is received by a COMSEC
Custodian from another department, agency,
foreign government, international
organization, or other COMSEC account.
(2) When a possession report is completed for
COMSEC material that is in the possession of
a COMSEC Custodian but which is not charged
to his or her account.
b. Refer questions regarding whether material is
qualified for entry into the COMSEC Material
Control System and the method of accounting (i.e.,
by which accounting legend code) to the NASA COR.
2. Accounting Legend Code (ALC)
a. For accounting purposes, all COMSEC material is
identified by one of the following accounting
legends:
(1) ALC-1: Continuous accountability by
accounting (register or serial) number within
the COMSEC Material Control System.
(2) ALC-2: Continuous accountability by quantity
within the COMSEC Material Control System.
(3) ALC-3: COR notification of initial receipt
required. Maintain local accountability by
accounting (register or serial) number
thereafter.
(4) ALC-4: Initial receipt required; the
custodian will maintain local accountability;
issue to authorized users on hand receipt;
maintain COMSEC register cards until material
is disposed of; and if destroyed, a local
unnumbered (no transaction number assigned)
destruction report will be filed.
b. The ALC is assigned by the originating Government
department or agency and represents the minimum
accounting standard to be applied.
c. The ALC will appear on all accounting reports but
not necessarily on the material. Holders will not
apply accounting procedures less restrictive than
those specified by the ALC assigned unless
specifically authorized by the COR.
d. Nonaccountable COMSEC material. Material such as
correspondence, logs, reports, etc., are excluded
from the COMSEC Material Control System.
204 COMSEC MATERIAL CONTROL
This section outlines the procedures for COMSEC Custodians
during day-to-day account operations.
1. Forms, Reports, and Files
a. Forms. The forms used in the COMSEC Material
Control System are limited to the multipurpose
SF 153 ("COMSEC Material Report," rev. 9-88,
NSN 7540-00-935-5861), L6061 ("COMSEC Material
Record Card"), and equivalent NASA forms.
b. Accounting Reports. Prepare accounting reports on
an SF 153 to record transfer, possession,
inventory, and destruction of COMSEC material.
The required copies and distribution of accounting
reports are covered in the paragraphs of this
Manual, which outline the detailed preparation of
particular reports. The various reports and a
brief description of their use are as follows:
(1) Transfer Report: Records COMSEC material
transferred from one COMSEC account to
another.
(2) Destruction Report: Reports the physical
destruction or other authorized expenditure
of COMSEC material.
(3) Inventory Report: Reports the physical
(sight) inventory of COMSEC material.
(4) Possession Report: Reports the possession of
COMSEC material. Specific circumstances
requiring possession reports are prescribed
in subparagraph 204.12.
c. Hand Receipt. A hand receipt records the
acceptance of and responsibility for COMSEC
material issued to a user. An SF 153, or the
reverse side of Form L6061 or a NASA equivalent
may be used to hand receipt COMSEC material.
d. Sample Forms and Reports. Samples of the forms
and reports annotated with preparation
instructions are contained in Appendix E.
e. Files. Establish and maintain COMSEC accounting
and related files listed as follows:
(1) Accounting Files:
(a) Incoming transfer reports, possession
reports.
(b) Destruction and outgoing transfer
reports.
(c) Annual or semiannual, as appropriate,
inventory reports, and change of
custodian reports.
(d) Hand receipts.
(e) COMSEC Register File (L6061) or
comparable system approved by the
NASA COR.
(f) Transaction number log. If an approved
automatic system is used, a transaction
log is not required.
(2) Related files:
(a) Courier, mail, and package receipts.
(b) Correspondence including such records as
COMSEC Custodian and Alternate Custodian
appointment confirmation letters,
memoranda, messages, and other
documentation related to COMSEC
accounting.
f. Classification of COMSEC Account Inventory and
COMSEC Account Reports/Files.
(1) Prior to 1 May 1992, NSA classification
policy required the NSA COR to classify many
COMSEC account inventories CONFIDENTIAL. NSA
classification authorities recently
determined that only certain inventories need
to be classified. However, even unclassified
inventories reflect sensitive information
which is exempt from mandatory disclosure
under the Freedom of Information Act and must
be marked FOR OFFICIAL USE ONLY. Therefore,
effective 1 May 1992, all unclassified
account inventories provided by the NSA COR,
as well as those provided by the Key
Management System (KMS), will be marked FOR
OFFICIAL USE ONLY and will be transmitted via
U.S. first-class mail or equivalent parcel
service.
(2) All NSA COR printed COMSEC account
inventories that are presently marked
CONFIDENTIAL should be declassified and
marked FOR OFFICIAL USE ONLY. The following
statement should also be placed on the
inventory: "This document has been
declassified and marked For Official Use Only
by Authority of the Deputy Director for
Information Systems Security (DDI), Central
Accounting Office (CAO), (IAW NSA COR
Accounting Bulletin 2-92)."
(3) If it is determined that a compilation of
records can be declassified, the combined
file should be marked FOR OFFICIAL USE ONLY
and "This file has been declassified and
marked For Official Use Only by Authority of
the DDI CAO (IAW NSA COR Accounting Bulletin
2-92)."
(4) All files/reports marked FOR OFFICIAL USE
ONLY should also be marked "This document
contains information EXEMPT FROM MANDATORY
DISCLOSURE UNDER THE FOIA. Exemption 3
applies." (Note: This marking is not
required on the Government printed and
supplied SF-153 form with For Official Use
Only preprinted at the bottom. It is,
however, required for the front cover of a
file containing SF-153's that are FOR
OFFICIAL USE ONLY.)
(5) When in doubt about whether or not a
record/file may be declassified and marked
FOR OFFICIAL USE ONLY, please telephone the
NASA COR via a STU-III (if available), or
request NASA COR assistance by another secure
means of communication.
(6) The guidance in previous subparagraphs will
be implemented in handling NASA COR account
inventories, reports and files. In addition,
exemption "High Two" of FOIA may be used for
COMSEC account reports, files that are
sensitive but not classified. This exemption
protects from disclosure material that would
significantly risk circumvention of an Agency
regulation, statute, or mission.
(7) Appendix F is provided as a classification
guide.
2. COMSEC Register File. All COMSEC material held by an
account is controlled internally using a COMSEC
Register File. This file consists of an active section
and an inactive section, both of which should be
maintained in alphanumeric order. Normally this file
consists of L6061's (see Figure 3 in Appendix E); it
may be maintained on a personal computer with prior
NASA COR approval. If the file is automated, take
extreme care to control the data base as much as
possible, since unauthorized persons could alter/erase
information without the immediate knowledge of the
Custodian. Follow good computer security practices,
and maintain current backups of data.
a. The active section of the Register File consists
of one Form L6061 (manual file), or one line item
(automated file), for each accountable item
currently held in the account and must include the
following information:
(1) Short title, edition, quantity, and
accounting number (if any).
(2) Classification and ALC.
(3) Date of receipt, from whom received (account
number), and incoming transaction number.
(4) Hand receipt information (optional).
b. The inactive section of the register file consists
of one Form L6061 or one line item for each item
that has been removed from the account, and the
specific disposition data for the item, as
follows:
(1) The type of disposition (e.g., transfer,
destruction, etc.) (if transferred, also
include receiving account number).
(2) Date of action.
(3) Outgoing transaction number.
c. Give special attention to keeping the Register
File current and accurate; it is a convenient
reference and important tool for maintaining
strict control over all COMSEC material in the
account.
3. Preparing COMSEC Accounting Reports
a. Include in each report the official titles and
addresses of the elements involved; account,
transaction, contract (if applicable) numbers;
date of report (entered: year, month, day, e.g.,
880107 indicates January 7, 1988); typed or
stamped names of individuals signing reports; and
signatures in ink.
b. List all short titles in alphanumeric order,
omitting the prefix or suffix "TSEC." For
equipment controlled by Government Serial Number,
omit the prefix "GSN."
c. Single space all line item entries on a report.
Follow the last line item with the remark "NOTHING
FOLLOWS" in capital letters on the next line.
d. For items having accounting numbers running
consecutively, the inclusive accounting numbers
may be entered as a single line entry (e.g.,
1-10) in block 11.
e. Enter "N/N" in block 11 for items not having an
accounting number or for which accounting by
number is not required (i.e., ALC-2 material).
f. Ensure that consecutive accounting numbers agree
with the entries made in the "quantity" column.
g. Include any clarifying remarks deemed appropriate
for the receiving COMSEC Custodian or the COR in
Block 13 or below the "NOTHING FOLLOWS" line.
h. Initial all deletions or corrections in ink.
i. Assign each accounting report (i.e., incoming and
outgoing transfers, possession, inventory, and
destruction reports) a transaction number,
starting over with "1" each calendar year. When
using a manual system, maintain a log to ensure
that transaction numbers do not get duplicated.
NOTE: Do not assign transaction numbers to hand
receipts, accounting bulletins, reconciliation
statements or inventories.
j. Return preprinted inventories to the COR within 10
working days after receipt. Submit all other
reports within 48 hours after receipt or
preparation, or as otherwise directed.
k. Review all reports for completeness and accuracy,
and ensure each copy is legible.
4. Receipt of COMSEC Material
a. Sources. Accountable COMSEC material may be
received from the NSA, military departments, other
Government agencies, allied governments,
international organizations, and contractors.
b. DCS Form 10-R. The Defense Courier Service (DCS)
regulations require personnel who may be required
to accept DCS material to complete a DCS
Authorization Record (Form 10-R) before receipting
for material. DCS Form 10-R may be obtained from
the serving DCS station. Figure 4 lists DCS
addresses. Contact the NASA COR if necessary for
proper instructions to complete DCS Form 10-R.
c. Receiving Packages and Examining Containers (refer
to subparagraph g for equipment). Packages
receipted for by individuals other than the COMSEC
Custodian will be delivered to the Custodian
unopened. When COMSEC material is delivered,
examine the packages carefully for evidence of
tampering or exposure of the contents. If either
is evident and the contents are classified, CCI,
or marked CRYPTO, submit a COMSEC incident report
as required by Chapter 6 of this Manual. Do not
open packages showing evidence of tampering until
approval is received from the NASA COR.
(1) Report any discrepancy in short title,
accounting number, or quantity between the
contents of the package and the transfer
report to the sender and the COR. Correct
the transfer report to agree with the
material actually received. If the material
is classified, CCI, or marked CRYPTO, and the
discrepancy cannot be resolved with the
sender, submit a report of possible
compromise.
(2) When the incoming check has been completed,
sign and distribute the transfer report as
follows:
(a) One copy to the NASA COR.
(b) One copy to the shipment originator.
(c) One copy for file.
(d) Additional copies as directed by the
shipment originator.
NOTE: It may be necessary to reproduce additional
copies of the SF 153.
(3) When a package is received and the package
inner wrap is stamped TOP SECRET CRYPTO or
contains TOP SECRET keying material,
immediately initiate two-person integrity
(TPI) controls, and inspect the package for
evidence of damage or tampering. Both
individuals will then open the package and
compare the contents with the enclosed
"COMSEC Material Report" (SF 153). If
classification cannot be determined before
opening, and when material received is
routinely TOP SECRET, assume that the
material is TOP SECRET. If the contents are
TOP SECRET operational keying material, both
TPI participants will sign the SF 153 (Blocks
15 and 16) and immediately place the material
into TPI storage. Submit the SF 153 to the
NASA COR. If it is found that the contents
do not include TOP SECRET operational keying
material, follow standard receipting
procedures.
d. Receipting for keying material in protective
packaging. Certain items of COMSEC material are
protectively packaged at production time and will
not, in most cases, be opened until they are to be
employed by the actual user. To ensure the
integrity of key, inspect all protective
packaging. If no special handling instructions
are provided, though, open the keying material and
page check as outlined in subparagraph h.
Protective packaging applied to individual items
of TOP SECRET key must not be removed except under
TPI conditions. Inventory key tapes in canisters
by noting the short title and accounting number on
the leading edge of the tape segment, which
appears through the window of the plastic
canister. Do not remove tape or lists from key
tapes or key lists in protective canisters. Do
not open test keying material until it is to be
used. Report shipping discrepancies to the COR.
e. Receipting for Tapes (Magnetic/Paper). Upon
receipt of a shipment of tapes, inventory each
reel by short title, edition, and accounting
number. Report discrepancies to the COR.
f. Receipting for Hardware/Firmware Keying Material.
Upon receipt, inventory each item by short title,
edition, and accounting number. Report
discrepancies to the COR.
g. Receipting for Equipment
(1) Equipment received in sealed shipping cartons
that have not been opened or do not exhibit
signs of tampering may be receipted for
without physically sighting the material
inside as long as the label on the carton
agrees with the transfer report; if it does
not, the contents must be physically
inventoried. Inspect any implemented
protective technologies on the equipment.
Although certain types of material do not
need to be opened before actual use, allow
time between opening and use to obtain
replacements for incomplete or defective
items. Report shipping discrepancies to
the COR.
(2) Since the CCI category of COMSEC equipment
was introduced, much existing/new stand-alone
cryptographic equipment, telecommunications
and information handling equipment with
embedded cryptography, and associated
ancillary equipment, may now be controlled
outside of traditional COMSEC control
channels. When CCI equipment is received via
other than traditional COMSEC control
channels, sign the accompanying paperwork,
and return a copy to the shipper. Initiate
an SF 153 possession report for the receipted
material as prescribed in paragraph 204.12
and submit a copy to the COR.
h. Page Checking. Conduct page checks of unsealed
material to ensure the presence of all required
pages. Where the COMSEC account is so large that
the COMSEC Custodian cannot personally perform
page checks or post amendments, other
appropriately cleared individuals who have been
properly instructed by the COMSEC Custodian may
perform these actions. To conduct the page check,
verify the presence of each page against the "List
of Effective Pages" or the "Handling Instruc-
tions," as appropriate. Sign and date the "Record
of Page Checks" page; or, if the publication has
no "Record of Page Checks" page, place the
notation on the "Record of Amendment" page or the
cover.
(1) Key cards and/or key lists in sealed
transparent plastic wrap, and authenticators
shipped in envelopes, should not be opened
until 72 hours before the effective date;
therefore, do not page check until ready to
use. Do not open test keying material until
it is to be used. When preparing for actual
use, open and page check keying material
according to the handling instructions
provided with the material. If no special
handling instructions are provided, open and
page check the keying material. Do not
remove key tapes or key lists from
protective canisters for inventory or check
purposes.
(2) Other Material. Classified COMSEC
publications must be page checked according
to the handling instructions provided with
the material. If no special handling
instructions are provided, page check upon
initial receipt, when entering an amendment
that requires removing and/or inserting
pages, before destroying, before shipping to
another COMSEC account, and upon return from
an authorized hand receipt user.
(3) If any pages are missing upon initial
receipt, Y13 should be notified of a possible
production error. When page checking before
destroying, before shipping to another COMSEC
account, upon return from an authorized hand
receipt user or when entering an amendment,
annotate the "Record of Page Checks" page.
If the publication is classified, submit a
COMSEC incident report as outlined in
Chapter 6 of this Manual. Submit requests
for disposition instructions and a
replacement publication to the NASA COR.
(4) In the case of duplicate pages, remove and
destroy the duplicate page(s). Prepare one
copy of a destruction report citing the page
number and the accounting number of the basic
publication (e.g., duplicate page number 72
removed from KAM-130A, Number 813). No
notification to the NASA COR is required and
do not assign a COMSEC account transaction
number to this locally retained destruction
report. In addition, note the duplicate page
and the resultant destruction on the "Record
of Page Checks" page.
(5) When a change of COMSEC Custodian has
occurred, the incoming COMSEC Custodian must
perform a page check of all unsealed material
after the change of Custodian takes place.
Where the COMSEC account has a prohibitive
number of documents requiring page checks,
the incoming COMSEC Custodian must submit a
request for an extension to the NASA COR to
allow more time to complete all page checks.
It is recommended that the outgoing COMSEC
Custodian complete page checks before
transferring control of the COMSEC account to
the incoming COMSEC Custodian.
5. Procedures for Handling Keying Material. All keying
material must be stored in GSA-approved security
containers. Restrict access to the container storing
future editions of classified keying material marked
CRYPTO to the COMSEC Custodian and Alternate
Custodian(s). Where this restriction cannot be applied
because others must have access to the container for
either current editions of keying material or other
material in the container, store future editions of
keying material separately in a locked strongbox that
can be opened only by the COMSEC Custodian and
Alternate Custodian(s). Keep the strongbox in the
security container. Exceptions may be made in
operational areas to allow shift supervisors access to
the next edition of keying material, but not to later
editions. Routine destruction of keying material is
addressed in Chapter 7.
a. Key Lists/Key Tapes
(1) When it is necessary to relinquish physical
control of operational key lists to a user,
do so on a hand receipt. If issuing
individual settings is warranted, the hand
receipt user's signature or initials and the
date in the "ISSUED TO" column on the
"DISPOSITION RECORD" on the inside front
cover serves in lieu of a hand receipt.
(2) Key lists/key tapes packaged in protective
canisters will not be page checked. Annotate
the record of use card with the short title,
edition, and register number of the material.
Issue the entire canister to a user on a hand
receipt. The hand receipt user, however,
must not remove more tape segments from the
canister than are required for current use.
As each segment is removed, have the hand
receipt user sign or initial and date the
"USED" column of the "USAGE RECORD" card
applicable to the material.
NOTE: Do not affix labels to keying material
canisters or any other implemented protective
technology since it may hamper laboratory
inspections. Should additional identification of
the classification be necessary beyond that
visible through the window of the canister itself,
the preferred means is to mark or affix a label or
tag to a zip-lock bag, if available, or mark the
classification on the plastic canister using a
grease pencil. Zip-lock containers are available
through the Federal Stock System - Stock Number
8105-00-837-7754 (1000 per box).
6. Transferring COMSEC Material
a. General. COMSEC material may be transferred from
one COMSEC account to another only as prescribed
by the procedures in this Manual. Before
transferring accountable COMSEC material, verify
the receiving activity's official address, COMSEC
account number, and authorization to hold the
material being shipped. When the validity of a
shipping address or authority for shipment is in
question, contact the NASA COR before making the
shipment. Ensure that shipping is only by one of
the authorized modes of transportation prescribed
in this Manual.
(1) Do not ship accountable COMSEC material,
regardless of the accounting legend code
(ALC) assigned, unless a COMSEC account
number is provided with the shipping address.
CCI equipment may, however, be transferred to
a Military Department standard logistics
system account. Verify account numbers and
shipping addresses by contacting the
appropriate Military Department's Accounting
Headquarters. Use an SF 153 for such
transfers, just as with any other outgoing
transaction of COMSEC material. Ensure that
equipment and page checking provisions
outlined in subparagraphs g and h are
accomplished before packing COMSEC material
for transfer, and that shipping is only by
authorized modes. Conduct page and equipment
checks no earlier than 48 hours before
packing.
(2) When transferring Government-furnished
equipment (GFE) to a contractor COMSEC
account, annotate the SF 153 in block 13 to
identify those items as GFE, and identify the
contract number on the form.
NOTE: Transfer of material to external
organizations (e.g., civil agencies, contractors,
etc.) is authorized to expedite delivery of
material and eliminate unnecessary handling of the
material between locations. The shipping COMSEC
Custodian assumes full responsibility for all
aspects of the shipment. When transfers are made
to an organization external to NASA, include the
following information in the "Remarks" portion of
the transfer report: ownership of the equipment,
purpose of the transfer, contract numbers, project
name, and instructions for the receiving
Custodian. Prepare and forward copies of the SF
153 as outlined below, as appropriate:
(a) Transferring COMSEC Material to the U.S.
Military Departments. Prepare five
copies of the SF 153 and enclose the
original and one copy with the shipment
(see Figure 5 in Appendix E). Put the
notation "ADVANCE COPY" on two copies,
and immediately forward one to the NASA
COR and one to the appropriate Military
Department Accounting Headquarters.
Retain the final copy for file. Include
the following notations, as appropriate,
on all copies of transfer reports going
to the U.S. military departments:
equipment owner (NASA, Air Force, etc.);
purpose of the transfer/loan; length of
loan; repayment of loan; transfer of
ownership and authority for the
transfer; and the contract
number/project name (if appropriate).
Place the following statement on all
SF 153s reporting the transfer of COMSEC
material:
"Custodian:
Sign all copies and distribute as prescribed by
the accounting instructions of your service. This
shipment consists of ________ containers."
(b) Transferring of COMSEC Material to All
Other Activities. Prepare four copies
of the SF l53 (see Figure 6) and enclose
the original and one copy with the
shipment. Note "ADVANCE COPY" on the
third copy and forward it to the NASA
COR. Retain the fourth copy for file.
Put the following notation on all copies
of transfer reports going to activities
other than the U.S. Military
Departments:
"Custodian:
Sign all copies. Return original copy to:
National Aeronautics and Space Administration
NASA Security Office
Code: JIS/COMSEC Manager
Washington, DC 20546
Dispose of remaining copies as prescribed by the
accounting instructions of your organization. This
shipment consists of ________ containers."
(c) Transfer of Material Between NASA
Accounts. Prepare four copies of the
SF 153 and enclose the original and one
copy with the shipment. Note "ADVANCE
COPY" on the third copy and forward it
immediately to the NASA COR. Retain the
fourth copy for file. The material may
be transferred through internal mail
channels provided it is properly
packaged, handled as controlled mail,
and the package is covered by a
transmittal receipt.
b. Receipt/Transfer Responsibility. When COMSEC
material is shipped to a military activity, the
NASA COR and the Military Department Accounting
Headquarters, when appropriate, are responsible
for ensuring that the material is received by the
intended recipient on a timely basis. When an
"ADVANCE COPY" of an SF 153 is received, a receipt
suspense date is established by the NASA COR and
the Military Department Accounting Headquarters,
who take any subsequent tracer action required.
Tracer actions for shipments to military
department standard logistics accounts are handled
solely with the appropriate Military Service
Accounting Headquarters. The shipping Custodian
is not responsible for ensuring that the material
reaches the intended recipient, provided
packaging, addressing, and shipping instructions
are correct. This procedure in no way relieves
the shipping Custodian of responsibility for
errors that normally can be detected only when the
recipient opens the package (e.g., shipping the
wrong item, incorrect nameplate, etc.). In lieu
of a signed copy of the transfer report, recorded
proof of shipment is the file copy of the transfer
report combined with a signed transmittal form,
Government Bill of Lading (SF 1103), U.S.
Registered Mail receipt, or other shipping
document. The NASA COR will not initiate tracer
actions for material shipped from other
agencies/departments unless requested to do so.
NOTE: In order to avoid tracer action, COMSEC
Custodians of NASA COMSEC accounts will: upon
receipt of COMSEC material shipped from a
contractor COMSEC account send a copy of the
SF 153 to NSA (Y-131) as well as to the NASA COR.
c. Nonroutine Disposition of COMSEC Material. Remove
accountable COMSEC material that is lost,
compromised, or inadvertently destroyed, from a
COMSEC account only with the specific written
approval of the NASA COR.
7. Military Department Accounting Headquarters
a. Army Accounting Headquarters:
Commander
U.S. Army Communications Electronics Command
Communications Security Logistics Activity
ATTN: SELCL-NICP-OR
Fort Huachuca, AZ 85613
b. Navy, Marine, and Coast Guard Accounting
Headquarters:
Director
COMSEC Material System
3801 Nebraska Avenue, NW
Washington, DC 20390
c. Air Force Accounting Headquarters:
Headquarters
U.S. Air Force Cryptologic Support Center
ATTN: MMIA
San Antonio, TX 78243
Verify Air Force standard logistics system account
numbers and shipping addresses by calling
(512) 925-2771.
8. Packaging COMSEC Material
a. Securely package classified COMSEC material for
shipping in two opaque wrappers with no indication
of the classification on the outside wrapper. Use
packaging material strong and durable enough to
provide secure protection while in transit,
prevent items from breaking through the container,
and facilitate detecting tampering with the
container. Mark each wrapper with the "TO" and
"FROM" addresses. The outer wrapper must never
carry identification of the contents that directly
discloses a cryptographic or COMSEC association
(e.g., a system indicator, the acronym "TSEC,"
etc.). Instead, label the crate or outer wrapper
with the short title of the equipment, less the
"TSEC" designation, followed by the accounting
number (e.g., KW-59/101) to identify the contents.
Identify assemblies, ancillary devices, elements,
and subassemblies shipped individually by short
titles, accounting numbers, and the short titles
of the equipment in which the items are to be
used. Identify items not accountable by
accounting number by short title and quantity.
Figure 7 provides examples of COMSEC material
identification markings. Ensure that the markings
on the crate or outer wrapper identifying the
COMSEC material within agree with the accompanying
"COMSEC Material Report" (SF 153). When material
is to be hand-carried, a briefcase, pouch, or box
is an appropriate outer wrapper. Specialized
shipping containers for COMSEC equipment, such as
locked and twice-banded repair kits, may be
considered the outer wrapper.
b. Mark the inside wrapper of classified
cryptographic material with the designator
"CRYPTO" and the classification. If the shipment
contains keying material designated for "U.S. Use
Only," mark the inner wrapper with the remark
"SPECIAL HANDLING REQUIRED, NOT RELEASABLE TO
FOREIGN NATIONALS." If the shipment contains
keying material that is releasable, mark the inner
wrapper with the remark "SPECIAL HANDLING
REQUIRED, FOR U.S. AND SPECIFIED ALLIES ONLY."
Mark the inside wrapper of all accountable COMSEC
material with the notation "TO BE OPENED ONLY BY
THE COMSEC CUSTODIAN." If the classified material
is an internal component of an unclassified
packable equipment, the outside equipment shell
may be considered as the component's inner
wrapper; that is, only one additional wrapper is
required.
c. Mark all transfer reports and other forms covering
an individual DCS shipment with the individual
shipment control number; affix the reports to the
inner wrapper of the package. NOTE: Do not place
the transfer report inside the sealed container
with the COMSEC material because this defeats the
purpose of marking the short title and accounting
numbers on the outside of the container. For
multiple package shipments, number each container
beginning with package Number 1, followed by a
slash and the total number of packages making up
the shipment (e.g., for a shipment consisting of
three packages, the first box would be marked 1/3;
the second one marked 2/3; and the third (last)
one marked 3/3). Affix the shipping document (SF
153) to the inner wrapper of the first package of
multiple package shipments. Do not annotate the
serial package number(s) and transaction number in
the immediate vicinity of DCS control numbers.
d. Package keying material separately from its
associated cryptographic equipment, unless the
application or design of the equipment is such
that the corresponding keying material cannot be
physically separated from it.
e. Securely package CCI equipment in a way that
reveals tampering and guards against damage in
transit. Annotate the equipment designator on the
package. The "CCI" marking may be placed on the
exterior of the package if so requested. Place
the accompanying paperwork in an envelope securely
fastened to the outside of the package and mark
the envelope with the "TO" and "FROM" addresses,
including the account number, without the word
"COMSEC."
f. Wrap unclassified COMSEC material, except keying
material marked CRYPTO, as any other unclassified
material according to packaging requirements of
the agency or activity.
9. Authorized Modes of Transportation. An appropriately
cleared individual may move COMSEC material locally
(e.g., within an Installation). Various modes of
transportation are authorized for COMSEC material. The
authorized mode for each specific type of COMSEC
material is as follows:
a. Shipping Classified Keying Material and Classified
COMSEC Equipment. In time-critical situations, on
a case-by-case basis, the NASA COR, in conjunction
with the appropriate NASA Installation Security
Officer, may approve using commercial passenger
aircraft within the United States to transport
current or superseded keying material as long as
the material is hand-carried by an appropriately
cleared individual and provided that departmental
and Federal Aviation Authority procedures are
followed. This policy does not apply to the use
of NASA-owned and -operated aircraft, which may be
used to transport material within the continental
United States with approval from the Installation
Security Officer. When commercial passenger
aircraft must be used, written courier
authorization is required.
(1) Classified Keying Material. When practical,
limit individual shipments to not more than
three editions or 3 months' supply of a
particular item of keying material (whichever
is the greater amount). This restriction
does not apply to packaged irregularly
superseded materials. The NASA COR may waive
this restriction when material is issued to a
newly established account or in cases where
supply is difficult and the number of
shipments is limited. The NASA COR may
authorize using U.S. Registered Mail to ship
individual editions of CONFIDENTIAL keying
material, provided the material does not at
any time pass out of U.S. citizen control,
and does not pass through a foreign postal
system or any foreign inspection. Do not
send keying material classified SECRET or
higher through the mail without prior
approval of the NASA COR. Except when using
systems specifically designed for electronic
rekeying, transmit operational keying
variables electrically only under emergency
conditions and only when the communications
system provides end-to-end encryption equal
to the classification of the transmitted key
setting, and the key setting does not appear
in plain text anywhere in the communications
path. Under normal conditions, ship
classified keying material only by one of the
following means:
(a) Defense Courier Service (DCS).
(b) Appropriately cleared Government
personnel who have been designated in
writing to act as couriers for
cryptographic material.
(c) U.S. Diplomatic Courier Service.
(d) Appropriately cleared and briefed
contractor personnel who have been
designated in writing by competent
authority to act as couriers, provided
the material is classified no higher
than SECRET. For TOP SECRET keying
material, courier authorization must be
obtained from the appropriate NASA
Installation Security Officer on a
case-by-case basis.
NOTE: Two-person integrity (TPI) controls
must be applied whenever local couriers
transport TOP SECRET keying material from one
location to another. See Chapter 5.
(2) Classified COMSEC Equipment and Components.
Do not ship classified COMSEC equipment and
components in a keyed condition unless the
physical configuration of the equipment makes
segregating the keying material impossible.
For equipment using a Crypto-Ignition Key
(CIK), removing the CIK permits the equipment
to be treated as unkeyed. Ship the CIK
separately from the equipment. Transport
COMSEC equipment and components classified
higher than CONFIDENTIAL by any of the means
identified for keying material, or by a
cleared commercial carrier under Protective
Security Service (PSS). Transport COMSEC
equipment and components classified
CONFIDENTIAL by any of the means specified
above, or any of the following:
(a) U.S. Registered Mail, provided it does
not at any time pass out of U.S. control
and does not pass through a foreign
postal system or any foreign inspection.
(b) Commercial carriers (or U.S. military or
military contractor air service)
provided a continuous chain of
accountability and custody for the
material is maintained while it is in
transit.
(c) U.S. military or military-contractor air
service (e.g., MAC, LOGAIR, QUICKTRANS),
provided the requirements for DoD CSS
are observed.
b. Other Classified COMSEC Material. Transport
classified material, other than keying material
and COMSEC equipment, as follows:
(1) Use one of the methods below to transport
media that embodies, describes, or implements
a classified cryptographic logic, such as
full maintenance manuals, cryptographic logic
descriptions, drawings of cryptographic
logics, specifications describing a
cryptographic logic, cryptographic computer
software, and operating manuals. These items
may not be transported through any postal
system.
(a) Defense Courier Service (DCS).
(b) Appropriately cleared and briefed U.S.
Government, contractor or military
personnel who have been designated in
writing by proper authority to act as
courier for the material.
(2) Use any of the means below to transport media
that does not embody, describe, implement, or
contain a classified cryptographic logic.
NOTE: Using Standard First Class Mail service
is not acceptable for transporting any
classified COMSEC material.
(a) Any of the means authorized in
subparagraph 9a.
(b) U.S. Registered Mail or by a cleared
commercial carrier using PSS for media
classified SECRET.
(c) U.S. Registered Mail or U.S. Postal
Service Certified Mail for media
classified CONFIDENTIAL.
10. Shipping Unclassified COMSEC Material
a. Unclassified Keying Material Marked CRYPTO.
Within CONUS, transport unclassified material
marked CRYPTO by U.S. Registered Mail or
authorized U.S. Government, contractor, or
military personnel. Outside CONUS, use authorized
department, agency, or contractor couriers; U.S.
Diplomatic Courier Service; or the Defense Courier
Service. Where practical, limit shipments of
unclassified keying material marked CRYPTO
transported by courier to no more than three
editions; when shipped by U.S. Registered Mail, no
more than one edition.
b. Shipping Controlled Cryptographic Item (CCI)
Material. Do not transport CCI material in a
keyed condition, unless the equipment is designed
to operate with a permanently installed hard-wired
key. Ship CCI material by the following means:
(1) Within CONUS:
(a) Authorized department, agency, or
contractor courier.
(b) U.S. Registered Mail.
(c) Authorized U.S. Government courier
service (e.g., Diplomatic Courier
Service).
(d) Commercial carrier providing DoD
Constant Surveillance Service (CSS).
Coordinate the shipment with the
Transportation Officer.
(2) Outside CONUS. CCI equipment may be sent by
U.S. Registered Mail if the package will
remain in U.S. mail channels (e.g., mailed to
an APO or FPO address) or be carried by an
individual who has been briefed as a courier.
The courier must be briefed on proper
security procedures and be aware of all
requirements for access and the physical
security of the equipment or materials.
Transportation may be by any means that
permits the courier to maintain continuous
accountability and provide protection against
loss and unauthorized access while in
transit. Where transportation is by
commercial aircraft, the CCI equipment should
be stowed in the cabin where the courier can
maintain constant surveillance. If equipment
bulk will not permit cabin storage or creates
an excessive burden for the courier, CCI
circuit boards may be removed for cabin
storage, and the remainder of the equipment
may be checked as hold baggage. CCI
equipment must not be transported through
countries other than those authorized to
receive the equipment. All incidents of
impoundment, seizure, or loss of CCI
equipment while it is being couriered must be
reported in accordance with Chapter 6 of this
Manual.
c. All other unclassified COMSEC material may be
shipped by any means that will reasonably assure
safe and undamaged arrival at the destination.
Ship unclassified COMSEC items as classified
COMSEC material when an operational need exists to
provide both types of material together.
11. Authorized Modes of Transportation for Controlled
Cryptographic Item (CCI) Equipment and Components
Within CONUS, U.S. Territories and Possessions
a. NSA has noticed an increasing number of reported
incidents (within the COMSEC community) involving
CCI equipment and components being shipped by
improper means. The majority of these incidents
involve either material improperly shipped through
the United States Postal Service (USPS), or
material improperly transported via commercial
carrier within CONUS. They believe this has been
caused by a general lack of understanding of the
proper procedures to be followed. Although
unkeyed CCI equipment and components are not
classified, they do require controls while in
transit. These controls must ensure continuous
accountability of the material.
b. When CCI equipment and components are shipped by
the USPS, Registered Mail must be used. Items
shipped by USPS Registered Mail must not at any
time pass out of U.S. control nor pass through any
foreign postal system. There are, however,
certain restrictions governing the size and weight
of packages that can be shipped via USPS
Registered Mail. These restrictions may preclude
using this service. It is suggested that the
responsible individual check with USPS authorities
to determine whether the package material
qualifies. USPS First Class Mail, Fourth Class
Mail, Parcel Post, Certified Mail, Insured Mail,
and Express Mail are not authorized for shipping
CCI equipment/components.
c. When using commercial carriers to transport CCI
equipment and components, an adequate degree of
physical control and accountability for the
material must be maintained while it is in
transit. However, the small number of commercial
carriers that provide an approved constant
surveillance service (CSS) has greatly restricted
the ability of shipping activities to move CCI
material. Therefore, the existing requirement
that commercial carriers must provide approved CSS
is being modified to allow shipping activities to
use commercial carriers that can satisfy the
requirements set forth below. This change only
applies to shipments within CONUS, U.S.
territories and possessions.
(1) CCI equipment and components may be
transported by any commercial carrier that
warrants in writing to the shipping activity
that it can satisfy all of the following
requirements. The carrier must:
(a) Be a firm incorporated in the United
States that provides door-to-door
service;
(b) Guarantee delivery within a reasonable
number of days based on the distance to
be traveled;
(c) Have a means of tracking individual
packages within its system to the extent
that should a package become lost, the
carrier can, within 24 hours following
notification, provide information
regarding the package's last known
location;
(d) Guarantee the integrity of the vehicle's
contents at all times (e.g., while a
driver is making pickup/delivery stops,
the vehicle must be locked); and
(e) Guarantee that the package will be
stored in a security cage should it
become necessary for the carrier to make
a prolonged stop at a carrier terminal.
(2) In addition to satisfying the above
requirements, the carrier must either:
(a) Use a signature/tally record that
accurately reflects a continuous chain
of accountability and custody by each
individual who assumes responsibility
for the package/shipment while it is in
transit (the carrier may either provide
its own signature/tally record form or
agree to use the DD Form 1907 or Form
AC-10); or
(b) Use an electronic tracking system that
reflects a chain of accountability and
custody similar to that provided by a
manually prepared signature/tally
record. Positive identification of the
actual recipient of the material at the
final destination must be indicated. A
hard-copy printout shall be provided as
proof of service and the printout must
reflect those points, during transit,
where electronic tracking of the
package/shipment occurred.
d. Regardless of the method of transportation
selected, the NASA activity shipping CCI
equipment/components shall provide the receiving
custodian with timely notification of a scheduled
shipment. Preferably, notification should be
provided at least 24 hours prior to the estimated
delivery date. This procedure will help to
readily identify any shipment that might unduly
delayed or lost enroute. It is emphasized that
CCI equipment/components may only be shipped to
authorized activities/contractors and shall be
labeled in a way that will ensure delivery to an
individual who is designated to accept custody of
the material at the contractor facility/activity.
Do not use the individual's name on the delivery
label; rather, use functional designators such as
office symbols or mail station codes. If using a
commercial carrier, the accompanying shipping
documents will provide an emergency telephone
number(s) of an individual(s) authorized to
receipt for the material in the event the carrier
attempts to make delivery during other than normal
duty/work hours.
e. If a shipment of CCI equipment/components has not
been received by the intended recipient within
five working days following the expected delivery
date, the originating shipper's custodian will be
contacted immediately. Unless there is a valid
explanation for the delay, tracer action shall be
initiated on the shipment by the shipping
custodian. If its location cannot be determined,
the CCI equipment/components shall be assumed to
be lost in transit and reported in accordance with
the guidelines provided below.
f. The following types of incidents involving CCI
shipments shall be reported to NSA, ATTN: X71
(COMSEC Incidents), for evaluation. An
information copy shall be forwarded to NASA
Headquarters, Code JIS.
(1) When tracer actions have determined that a
CCI equipment/components is lost in transit;
and
(2) Shipments that are received that show
evidence of possible tampering, or
unauthorized access to the CCI
equipment/components.
g. All other incidents involving improper shipment or
handling of CCI equipment/components (e.g., CCI
shipped via certified mail; shipping activity
failed to request signature/tally service; etc.)
shall be considered administrative in nature and
reported in accordance with the guidelines set
forth below. If a commercial carrier is involved,