Nato Security Requirements

1. A NATO Facilities Release Certificate shall be required to enable any contractor to negotiate or perform a NATO contract or subcontract. A U.S. contractor is eligible for release of NATO assets if it has equivalent authorization from the United States, if its personnel requiring access have been informed of NATO procedures, and if they meet NISPOM requirements. The Defence Industrial Security Clearance Office (DISCO) issues the NATO Facility Clearance Certificate to the requesting NATO command or agency. 5. Organisations shall keep a separate register of all Facility personnel who have had access to NATO classified information. Before an employee is granted access to NATO classified information, the Company Security Officer (CSO) must discuss the following with an employee: 3. This Chapter sets out the security requirements for NATO classified information. For simplicity, it combines references to NATO found in other chapters of this manual.

Facility Security Clearances (FSCs) can be approved at Restricted NATO, NATO Confidential, NATO Secret or COSMIC Top Secret level. ARCHIVED – Chapter 3: Security Audits of Facilities, Part II – Facility Security Clearance (Classified) of this manual describes the requirements and procedures for obtaining an FSC security clearance for personnel. In addition, ARCHIVED – Annex 3-C: Facility Security Clearance Requirements (North Atlantic Treaty Organization Classified Information) of this manual provides full details on personnel security clearances required by Senior Officials (CSOs), CSOs and NATO personnel for each level and type of NATO CSF. 2. Where extracts of NATO information appear in a non-NATO document prepared by a U.S. contractor or DoD component, the document shall bear U.S. classification marks. The overall classification of the document reflects the highest classification of the material contained in the document, NATO or United States. The warning “THE DOCUMENT CONTAINS NATO INFORMATION (CLASSIFICATION LEVEL)” must also be indicated on the front of the document or on the first page if there is no envelope. In addition, each paragraph or part containing NATO information shall bear the corresponding NATO classification mark, abbreviated in parentheses (e.g. NS) before the part or paragraph. The “Release On” line of the document displays “Determination of Agency of Origin Required” or “RED”, unless the original NATO document contains a specific date of declassification.

If information is extracted from NATO and U.S. sources with conflicting classification requirements, contact the Chief Security Officer for CSO or DoD components, as appropriate. 1. A Canadian security cleared employee does not automatically have access to NATO information. A separate application is required for NATO security clearance. Access to these levels of NATO classified information requires a security clearance for personnel at the level of control of classified documents under a Top Secret, NATO Secret or Confidential NATO Command (COSMIC) level. b. The subcontractor must have the required security clearance of the facility, personnel requiring access must be informed of NATO procedures, and a NATO facility security clearance certificate must be issued prior to subcontracting. The contractor may sponsor a potential subcontractor for a release of NATO assets only after approval of the subcontractor has been granted. 3. For non-Canadians, NATO clearance does not include a right of access to non-NATO Canadian classified information. A Canadian security clearance must be obtained separately.

For more information, see the procedures for applying for security clearances for individuals in ARCHIVED – Chapter 2: Security Screening, Part II – Security Clearances for Persons in this guide. 1. General. Subject to the cases described below, visits by Ministry of Defence personnel and defence contractors to NATO organisations and visits by NATO personnel to Ministry of Defence facilities and contractors shall be treated in accordance with Chapter 7 of this manual. The DoD Component Security Office (for Department of Defense employees) or DISCO (for contractors) provides NATO security agencies with the required NATO Security Clearance certification. 2. The NATO Facility Security Clearance Certificate is not required for DoD component contracts involving access to NATO classified information. A NATO country may be required to provide NATO classified documents to a U.S. contractor in support of a non-NATO treaty.

However, all personnel who require access must be informed in accordance with the requirements of Section D below, including the requirement for an information certificate, prior to gaining access to NATO classified information. The NATO Treaty Agency usually provides security requirements in the form of a NATO letter on security aspects. If, in accordance with the Treaty, an entity is to continue to protect classified information from NATO and beyond, it must be established as a NATO Control Point (PCN) in the DCSA sub-register. 2. Classification levels. NATO`s security regulations prescribe four levels of security: COSMIC TOP SECRET (CTS), NATO SECRET (NS), NATO CONFIDENTIAL (NC) and NATO RESTRICTED (NR). The terms COSMIC and NATO indicate that the material is the property of NATO. Another mark, “ATOMAL”, is applied to U.S.

RESTRICTED DATA or FORMERLY RESTRICTED DATA and UK atomic information submitted to NATO. Atomic information is labeled COSMIC TOP SECRET ATOMIC (CTSA), NATO SECRET ATOMIC (NSA) or NATO CONFIDENTIAL ATOMIC (NCA). NATO Screening Officer A Senior Screening Officer and at least one Deputy Screening Officer will be appointed to manage the security requirements of the NATO NCP program. Some important tasks: 1. This chapter sets out the basic security requirements necessary to comply with procedures established by the U.S. National Security Agency for the North Atlantic Treaty Organization (NASCU) to protect NATO information used in international programs. DoD 5100.55 (reference hhh) contains the terms of reference, which designate the Secretary of Defense as the USSAN for the U.S. government. The requirements in this Chapter are consistent with USSAN Instructions 1-69 and 1-70, as implemented by DoD Directive 5100.55 and DoD Section C-5220.29 (reference iii) and NISPOM (Reference aa). The above documents should be consulted for more details. One. The material must be sent to a U.S.

organization to NATO (e.g., the U.S. Mission to NATO, the U.S. National Military Representative to Supreme Headquarters Allied Powers Europe (SHAPE), the U.S. Representative to NAMSA), which will bring the equipment into NATO security channels. The equipment must be accompanied by a letter to the U.S. organization containing the necessary transfer instructions and assuring that the equipment has been authorized to be handed over to NATO. The material is properly packaged as described in NISOM and DoD 5100.55 (reference hhh). However, the inner packaging shall be addressed to the intended NATO consignee; the outer packaging must be addressed to the U.S. organization to NATO. (4) NATO RESTRICTED information extracted may be included in unclassified US documents, provided that the above applicable marking requirements are met.

In addition, the U.S. document must be marked. “THIS DOCUMENT CONTAINS INFORMATION RESTRICTED BY NATO.” The document must be verified in accordance with DoD policy 5100.55 and ISM/NISPOM. As a member of NATO, Canada has agreed to abide by the security rules that apply to NATO classified information.