7 March 1997
MEMORANDUM FOR: Security Policy Forum Members
FROM: Peter D. Saderholm, Director, Security Policy Board Staff
1. I have informed the Cochairs of the Security Policy Board and Security Policy Forum that it is my intention to retire at the end of April. As I look back on two and a half years of security activity, this CIA Intelligence Analyst finds a lot of which to be proud. With your help, we have created a mechanism to raise issues of concern in the area of security and attempt to revise security policy in response to these concerns. I have not discovered in my 30 plus years of federal service an organization that has a similar breadth of membership and breadth of concerns as can be found in the Security Policy Forum and its committees. It has been my pleasure to provide executive management of this process.
2. It is not clear to me that the authors of Presidential Decision Directive-29 envisioned a process as democratic as the one we have attempted to create, nor is it clear to me that they comprehended the diversity of opinion amongst the various members of the Forum on most issues being discussed. This being said, however, I think it is a tribute to the members and their organizations that we have met frequently, discussed issues energetically, and resolved issues collegially. It is my assessment that the real value of this process is not yet fully understood.
3. The touchstone of the Joint Security Commission report is in its call for a totally new approach to security that will enable this nation to meet the challenges of the next century. It is my belief that we have struck upon this new approach in the current SPB process. I cite as my rationale evidence that abounds that security policies of the past, decreed from on high, are generally being very loosely interpreted throughout government and industry and, too often, not followed at all. I contrast this with the policies that have been developed to date under the SPB process. Despite the fact that virtually none have as of yet been formally implemented, all are functioning throughout the government and industry by virtue of voluntary compliance. This truly meets the test of ensuring the adequacy of security through a system that is simplified, more uniform, and more cost effective.
4. I would encourage all of you to continue with your support of this process in the future. Several goals should be held high: reciprocity, risk management, cost effectiveness, and a partnership with industry. I have continually preached that we could maintain a high degree of security but reduce costs by implementing reciprocity and risk management. The biggest concern that I think we have is trust between organizations and amongst security professionals.
Peter D. Saderholm
Cy Furn: PIC Members