Information Security Oversight Office (ISOO)

Home > Information Security Oversight Office (ISOO) > About ISOO > About ISOO Programs and Groups

About ISOO Programs and Groups

Classified National Security Information

ISOO’s CNSI Oversight team ensures protection of our nation’s Classified National Security Information by evaluating federal agency compliance with Executive Order 13526 “Classified National Security Information” and its implementing Directive, 32 CFR Part 2001. We assess whether government agencies are appropriately implementing stringent and uniform measures to protect classified information from mishandling or unauthorized disclosure, while still ensuring appropriate and necessary information sharing.  We make annual reports of oversight compliance findings to the President of the United States.

ISOO expertly conducts its CNSI oversight mission by:

  • Conducting on-site agency CNSI program reviews to evaluate effectiveness.
  • Reviewing agency training materials and Security Classification Guides to determine completeness and compliance with applicable laws and executive orders.
  • Performing classified document audits to assess agency adherence to marking and handling requirements.
  • Evaluating agency Original Classification Authority (OCA) delegations, to include assessing requirements for OCA and reviewing classification and declassification decisions and documentation.
  • Conducting annual data calls to determine the size and scope of all agency CNSI programs, including associated requirements compliance rates for each.
  • Investigating complaints of agency noncompliance with applicable executive orders.

Controlled Unclassified Information

The Controlled Unclassified Information (CUI) Program established under Executive Order 13556 requires safeguarding or dissemination controls for the protection of categories of information that, while sensitive and subject to applicable limitations, do not meet the standards for classification on national security grounds under Executive Order 13526 of December 29, 2009, or any successor order, or the Atomic Energy Act, as amended.

Classified Outside Government Control

 

Pursuant to Executive Order 13526 and 32 CFR 2001, ISOO manages the Classified Outside Government Control program. As authorized in 32 CFR 2001.36(b), “Anyone who becomes aware of organizations or individuals who possess potentially classified national security information outside of government control must contact the Director of ISOO for guidance and assistance. The Director of ISOO, in consultation with other agencies, as appropriate, will ensure that the safeguarding and declassification requirements of the Order are met.”

ISOO has issued ISOO Notice 2023-01 that provides guidance concerning what to do when organizations or individuals outside of government control come across potentially classified records in their holdings or possession.

 

Interagency Security Classification Appeals Panel (ISCAP)

The ISOO Director also acts as executive secretary for the ISCAP, which was created through Executive Order 12958, as amended. The ISCAP acts as an appellate authority for:

  • classification challenges; and
  • mandatory declassification requests.

Further, the ISCAP approves, denies or amends agency exemptions from automatic declassification. ISCAP decisions are critical to the implementation of the Order, because its decisions will ultimately establish the cutting edge between what information is declassified and what information remains classified.

Public Interest Declassification Board

The ISOO Director serves as executive secretary for the PIDB and ISOO staff provides support. The PIDB was established in 2000 by Public Law (PL) 106-567 "Intelligence Authorization Act for 2001" The Board advises the President of the United States regarding issues pertaining to national classification and declassification policy. The PIDB has the official mandate of promoting the fullest possible public access to a thorough, accurate, and reliable documentary record of significant U.S. national security decisions and activities. The PIDB advises the President and other executive branch officials on the identification, collection, review for declassification, and release of declassified records and materials of archival value. The PIDB also advises the President and other executive branch officials on policies deriving from the issuance by the President of Executive orders regarding the classification and declassification of national security information.

National Industrial Security Program (NISP) & National Industrial Security Program Policy Advisory Committee (NISPPAC)

Executive Order 12829, as amended, created a Government and industry wide program with a goal of achieving cost savings while protecting classified information held by contractors, licensees, and grantees of the United States Government. ISOO is required to exercise policy oversight on behalf of the National Security Council and ISOO's responsibilities include:

  • Monitoring the industrial security program and overseeing agency, contractor, licensee, and grantee actions to ensure compliance with the Order;
  • reviewing implementing regulations for the NISP;
  • conducting on-site reviews of the at each participating agency, contractor, licensee, and grantee that has access to or stores classified information; and
  • reporting annually to the President on the status of the NISP.

The NISPPAC, established by Executive Order 12829, as amended, advises the ISOO Director, who serves as the Chair, on all matters and policies related to the National Industrial Security Program and represents a true partnership between Government and industry. The NISPPAC also serves as a forum for discussing policy issues in dispute.

State, Local, Tribal, and Private Sector Policy Advisory Committee (SLTPS-PAC)

Chaired by the Director of ISOO, the SLTPS-PAC chartered December 15, 2010 serves as a forum to discuss SLTPS Program-related policy issues in dispute in order to facilitate their resolution, to otherwise recommend changes to policies and procedures in order to remove undue impediments to the sharing of information under the Program.

 

Top