100 likes | 317 Views
Section Ten: Security Violations and Deviations Note: All classified markings contained within this presentation are for training purposes only. Security Violations and Deviations Definitions. Security Violation
E N D
Section Ten: Security Violations and DeviationsNote: All classified markings contained within this presentation are for training purposes only.
Security Violations and DeviationsDefinitions • Security Violation • Any failure to comply with an established policy or procedure that reasonably could result in the loss or compromise of classified or sensitive information • Acompromise is the disclosure of classified or sensitive information to an unauthorized person • Security Deviation • Any failure to comply with an established policy or procedure that would not result in the loss or compromise of classified or sensitive material • Any action that would have a negative impact on the {Company}’s security posture
Security Violations and Deviations Examples BE AWARE OF • A loss or compromise of classified information • Failure to protect the security of a computer or network • Failure to properly dispose classified material • Failure to properly secure a Closed Area or Security Container • Failure to secure classified materials • Failure to properly transport classified material, either internally or externally of the facility • Failure to properly mark classified material • Failure to sanitize a Closed Area prior to an uncleared visitor entering • Inadvertently disclosing classified information to individuals that do not have the proper need-to-know or security clearance • Failure to report a violation SECURITY VIOLATIONS
Security Violations and DeviationsContributing Factors The Path to Security Violations External personal circumstances Mechanical • Incomplete/mismarked classified information Lack of training Not following procedures • The human element • Distractions, fatigue, change in routine, and lack of focus
Security Violations and DeviationsPrevention Tips • Always ensure your security container is properly locked • Only remove classified material from your container when it is needed and returned immediately when not in use • Always check your entire area for the presence of classified material before leaving the area unattended • Use a Security Record as a reminder to check your container • Use the open/closed signs on Closed Area doors and security containers • Reduce your classified holdings to the absolute minimum TIPS
Security Violations and DeviationsPrevention Tips (cont.) • Do not work alone after normal working hours with classified material • If necessary, arrange with the Security Department first • Never delay placing the appropriate classification markings on rough drafts, working papers, etc. • Ensure notes extracted from classified documents are classified, appropriately marked and protected • Always use classified folders and coversheets, when material is removed from security containers • Ensure all electronic media is properly marked and secured after use TIPS
To maintain its security posture and meet its security obligations to the U.S. Government, {Company} retains the right to take immediate action to prevent the loss or compromise of classified or sensitive information Once individual culpability for a security violation or deviation is determined through investigation, the Security Department management will assess the implications of the event for the individual and the {Company} security posture {Company} has a graduated scale of administrative sanctions that will be taken for failing to adhere to established security rules and regulations Security Violations and Deviations {Company} Obligations
Sanctions are determined by the offense and are on a graduated scale (See local SPP for details) Sanction examples: Verbal or written counseling by Security, immediate supervisor, {Company} president or a combination Information restrictions Project access restrictions Required training Suspension without pay Clearance termination or job change Removal from contract Employment termination Imprisonment and/or fines Security Violations and Deviations Administrative Sanctions
Security Violations and Deviations Individual Culpability • Reporting individual culpability to the Department of Defense • {Company} is required to identify the culpable party(s) to a security violation where there is an issue of the individual’s future reliability • Determination to forward a culpability report occurs when one or more of the following factors are revealed: • The violation involved a disregard of security requirements, gross negligence in the handling of classified information, or a pattern of negligence or carelessness even though the incident was not deliberate • Security Violations are costly, but can be prevented by ensuring all individuals remain aware of their security responsibilities • Ignorance will not excuse you from disciplinary action or criminal prosecution