Table of Contents
USO/AUSO Appointment Letter 1
Domestic Controlled Access (DCAA) &
Designated Unclassified Space (DUS)
USO/AUSO Security Requirements 3
Office Security Orientation and Acknowledgement 4
Assessment Results 5
USO Responsibilities are in 12 FAM 512.1-5 and 12 FAM 563.2. As a security representative,
you are responsible for ensuring classified information in your space is properly handled. In the
execution of these duties, USO and AUSO will perform the following duties:
1) Assists in the general administration of the security program within their assigned office.
2) Ensure the marking of all computer equipment, printers, fax machines, and laptops to show
the highest classification of information processed using approved classification labels per 12
3) Maintains the following documents:
a. SF 700, Security Container Information – Required to record the combination to all
locks guarding classified information and spaces where classified is maintained and/or
b. SF 701, Activity Security Check List – Used to record the end of day check.
c. SF 702, Security Container Check Sheet – Used to record the daily opening, closing, and
inspection of security containers.
4) Provide new employees an office security orientation brief.
The link below is a useful tool for USOs in the execution of their duties:
SECURITY CONTAINERS (SAFES) Per 12 FAM 532.2-3 individuals with a security
1) Use SF-700 to record combinations for all security containers storing classified information;
section 2a is given to the USO for storage.
2) Combination Change Procedures: Per 12 FAM 532 – Combinations are to be changed for the
a. When a container is first used to store classified information.
b. Upon the compromise of the container.
c. Annually or upon the departure of a person with access to that container.
d. When the container is taken out of service.
Offices may forego changing combinations if they have a means to limit individuals’ access to
the office after they move from a position requiring access to the security container.
In order to comply with this requirement while reducing cost and time, the bureau will conduct
an annual access audit, per 12 FAM 532.
3) Maintaining security container combinations. Members are not authorized to maintain the
combination in written or electronic form except:
a. SF-700 or
b. Master list, which must be handwritten and secured in a designated security container
with access limited to the person or persons responsible for the maintenance of the list
which may be the Office Director, Deputy Director, USO or Assistant USO. The
goal is to minimize or limit access to those who have a requirement for the items in
the specific safe they are being granted access to.
4) Individuals are responsible for all information in their space. It is recommended to complete
an inventory of the security container upon receiving access. If the security container shared,
the USO is responsible for ensuring an inventory is done.
5) Fill out and maintain SF-702 for 30 days. An individual should start a new form every
month regardless of how many blocks are completed; the old form or the previous months
form is maintained for 30 days at the end of each month. If the form is completed prior to
the end of the month, a new form is started and both will be closed out and maintained at the
end of the month.
6) 12 FAM 530 requires that “Open”/”Close” signs be placed on all storage containers.
Office Access: There are three tasks associated with administering an office access program:
granting, removing, and auditing access. All functions are essential elements in protecting the
office’s classified information, systems, and storage devices, as well as personnel.
1. BSO will provide a USO roster to the Access Office quarterly (January, April, July,
October) with the names of individuals authorized to grant access for their office.
2. Requesting Access: USO’s and AUSO’s can request office access for persons needing
unescorted access to their spaces. USO and AUSO’s must provide an email to
DS_DO_ACS at DS_DO_ACS@state.gov and CC the BSO with the following
• Last, First Name: Lett, Dave N.
• Badge number: 411812
• Security Level: S5
• Badge Expiration Date: OCT2017
• Access To: HST/ 5240
3. Removing Individual’s from Access: Utilizing the same format as above, you will request
to remove departing personnel from the office access roster.
4. Audits: In accordance with 12 FAM 532, each office will conduct an access audit to
ensure the access roster properly reflects persons with a working requirement to the entire
space without escort.
a. Access Audits will be conducted between March 1 through 15 each calendar year.
b. Audit Request Format:
As the USO/AUSO for (Office, Bureau) and in accordance with 12 FAM 532, I am requesting
the door access Roster room (#) to conduct an access audit.
c. Editing the roster:
i. Line through any names on the roster that no longer need access to the
ii. In order to add personnel to the roster, you will use the format above.
After Hours Checks 12 FAM 534.
1) The senior member of the office is ultimately responsible for the execution of After
Hours/Closing Procedures Checks.
2) Employees designated to conduct closing hours’ security checks will, at a minimum:
a. Ensure that all repositories containing classified material are secured;
b. Ensure that all classified drives, typewriter, printer ribbons and laser printer cartridges
c. Check the tops of all desks, including in and out boxes, and repositories to ensure that
all classified and controlled material has been put away; and
d. Make a visual check of the remainder of the office.
* Offices may modify this process to better fit their operational needs but the method must be
outlined in writing and maintained in the USO/AUSO binder.
Annual Security Training:
1) Refresher Training - All cleared personnel are required to attend Annual Refresher Training
per 12 FAM 564.2.
Original Classification Authorities (OCA) Training – Those designated as OCAs must conduct
training annually which may be found by going to
http://diplopedia.state.gov/index.php?title=Original_Classification_Authority or going to
PK323, Classified and Sensitive But Unclassified Information: Identifying and Marking via the
FSI online training portal.
2) All others with access to classify information are Derivative Classifiers and must complete
PK323 every two years.
Program Evaluation Requirements:
12 FAM 512 identifies assessments as a key method to test the viability of the security program
and ensure compliance with security regulations. Evaluations of the program also serve to build
the knowledge of security professionals and others, as well as foster a positive working
relationship. There are two types of inspections, compliance and management inspection.
1) Annual Self-Assessment Program – Designated by Executive Order 13526 and Information
Security Oversight Office (ISOO) Directive Number 1, all agencies must have a self-inspection
program, now referred to as the self-assessment program.
a. At the bureau level, the self-assessment program should be administered by the senior
security representative within that bureau.
b. The self-assessment is a management level review which serves to aid internal controls,
prepare for compliance inspections, and ensure that security measures are implemented in a costeffective
and consistent manner.
2) Office of the Inspector General Inspection – An agency level formal review that evaluates an
agency’s effectiveness and adherence to security policy. The inspection is conducted based on
the agency’s guidelines. Department of State attempts to conduct OIG Inspections every three to
3) Information Security Oversight Office (ISOO) – Senior agency within the Executive Branch
responsible for ensuring all Executive agencies are in compliance with senior security guidance.
Evaluations are usually conducted every five years, but annual reporting on the status of the
organization’s security program is required.
Security Incident Program: All members of the cleared community have a responsibility
to report suspected security incidents. As a USO/AUSO you also have a minor role in the
security incident process which is governed by 12 FAM 550 and used to hold members
accountable for mishandling classified material within the Department of State:
1. OF-118, Record of Incident (RoI) – In the event of a security incident, the BSO emails
the RoI to the member cited for the security incident and courtesy copies the USO/AUSO and the
office director/supervisor. Upon receipt of the document, the employee has 5 days to return the
completed form to the BSO. (See below for example)
Good morning, attached is your OF-118 for the security incident on (date). Your OF-118 serves
as a formal notice that DS is reviewing the incident and collecting the pertinent data before the
case is adjudicated. The document must be returned to me within five business days from the
date of this email. You have the following rights:
You may sign the document
You may refuse to sign the document in which case, the USO will make a note on the
form stating your refusal to sign and return within five business days.
You have the right to submit matters in extenuation and mitigation or rebuttal.
Once the matter is adjudicated, if found guilty of an offense you will be given
opportunity to refute the findings. Instructions will be provide on the letter of
Prior to you signing or refusing to sign the document, you may request to speak with your BSO
and/or Office director. You will sign along with your Office Manager and USO/AUSO, who
will then brief you on corrective action/s. The document will then be returned to the BSO via
hardcopy or electronically. Please feel free to contact me if you have any questions.
2. Signing the document:
a. Employee and USO will sign Part 1A for Security Incident and 1B for Cyber Security
b. The BSO will work with the USO/AUSO to make a statement about any corrective action
which is required in Part 2 of the OF-118.
c. Employee and Supervisor signs Part 2
d. USO completes Part 3, sign and return to BSO.
3. The USO will also include a copy of the SF-701, confirming After Hours Security Checks
were completed on the date in question. If an After Hours Roster is not maintained for the given
date, USO/AUSO must provide a statement explaining the missing document. If for any reason
this matter cannot be completed in five business days, please notify me and we will work on
obtaining an extension
STANDARD SECURITY OPERATING PROCEDURES (SOP)
SECURITY IN WHA/EX/FRC FORT LAUDERDALE
All employees working in the WHA/EX/FRC, 4000 N Andrews Ave, Oakland Park Florida should be aware
of the following security information and should follow these security procedures.
A. SECURITY OFFICERS
Bureau Security Officer: DS/IS/APD - Charles Joseph
Unit Security Officer (USO): WHA/EX/FRC – Charles M Vinnedge
Alternate Unit Security Officer (AUSO): WHA/EX/FRC - TBD
B. ACCESS TO THE WHA/EX/FRC
DCAA: The WHA/EX/FRC facilities 2 nd floor is a Domestic Controlled Access Area (DCAA) in it entirety
because of the classified systems and storage it contains. The 2 nd floor of the facility does not have any
unclassified space. The front door remains closed at all times.
Employees: All WHA/EX/FRC employees must have security clearances and their badge must be visible
at all times. Employees use their SMART badge and pin code to enter the facility.
Visitors: All visitors without security clearances must be escorted at all times. An escort cannot leave a
visitor alone without finding a replacement escort.
C. OPENING THE FACILITY IF ALARM IS ARMED
Employees entering the facility when the facility alarm is armed – i.e. the red sign says “Alarm is ‘on’” –
should take the following steps:
1) Unlock the door to the WHA/EX/FRC facility. Alarm will be beeping.
2) Walk into the facility and enter SMART Badge and pin code to disarm the alarm.
3) Beeping will stop. Turn the sign around so it is GREEN and says “Alarm is ‘off’.”
D. PROTECTING CLASSIFIED INFORMATION
Documents and information: Classified documents and information must be protected in accordance
with their classification level. Cover sheets should be used. At no time should classified documents be
left unattended. This means that classified documents and information should not be:
Left on an individual’s desk if the individual is not present;
Left unsecured at the end of the work day;
Taken out of the building without following proper procedures;
Reviewed or discussed in a place not authorized for the level of classification of the documents
and/or information; or
Stored at home, or in a hotel or other facility without proper protection for the level of
classification of the documents and/or information.
Disposal: Employees must shred classified documents to dispose of them. The WHA/EX/FRC facility
does not use burn bags.
Top Secret information: There are no/no documents classified at the Top Secret level in the
WHA/EX/FRC facility. Note that DS requires Top Secret cover sheets on all Top Secret documents.
Equipment: All pieces of equipment (i.e., computer equipment, scanners, printers, copiers) have been
marked with the highest level classification of the information that can be processed on it. For example,
the scanner has an “UNCLASSIFIED” sticker so classified information may not be scanned on it.
Phones: The phones in the facility are all unclassified. Employees may not disclose classified
information via these phones.
E. SECURITY CONTAINERS/SAFES
Combinations: The WHA/EX/FRC Director, USO and AUSO have master lists of combinations of all
security containers/safes in the facility. Employees are responsible for memorizing the combination of
the safe in which they store their computer hard drive or classified documents. Employees must not
write the combination down anywhere.
Magnetic Strips: Employees should turn over the magnetic OPEN/CLOSED or UNLOCKED/LOCKED strips
on safes, as appropriate.
SF-702: An SF 702 (Security Container Check Sheet) must be affixed to each safe. If an employee opens
or closes a safe, they must fill out the appropriate column on the SF 702. SF 702s will be replaced
F. PROTECTING COMPUTER SYSTEMS
Classified and unclassified computer systems must be safeguarded. Employees can protect these
Not sharing log-on information;
Not allowing others to utilize a computer the employee is logged into;
Ensuring that no device is attached to the computer without the Information Security
Applying information security guidance when opening emails or clicking on links; and
Closing window blinds when accessing the classified/high side, if the monitor screen faces
G. WHA/EX/FRC OPEN STORAGE AREA (AKA STRONG ROOM)
Employees must read the WHA/EX/FRC SOP for the Open Storage Area, attached.
H. END OF DAY CLOSING PROCEDURES
All WHA/EX/FRC employees: All employees must put their classified hard drive and any other classified
materials in their safe, lock up, and fill out the SF 702, as noted above. All employees must remove their
SMART badge and PKI card from the card readers before leaving the facility.
SF 701: The SF 701 (Activity Security Checklist) is in a plastic “envelope” mounted to the wall by the
Last employee remaining: The last employee remaining in the facility must:
Check the strong room door;
Check individual offices for hard drives, SMART badges, and PKI cards/IDs;
Look in individual offices for classified documents or files;
Check that all safes are locked;
Check classified printer and shred anything left there;
Sign the SF 701 by the front door;
Arm the alarm by entering his or her SMART Badge and pin code; and
Turn the sign around so it is RED and says “Alarm is ‘on’” before leaving.
I. CLOSING THE WHA/EX/FRC FACILITY AT OTHER TIMES
Rearming the alarm before opening of business: If an employee has arrived early and disarmed the
alarm, that employee should rearm the alarm if he or she subsequently leaves the facility before
another employee arrives.
Locking up if facility will be empty: If an employee is aware that the facility will be empty during
business hours, the employee should remove his or her hard drive and lock his or her facility before
leaving the facility. The last employee remaining should arm the alarm.
Drafted: WHA/EX/FRC – Charles M Vinnedge
January 31, 2017
Approved: WHA/EX/FRC – OFFICE DIRECTOR – Hellen H. Hahn
Security Orientation Acknowledgement
Office Security Orientation Memorandum
By signing below, I acknowledge they have read, understand, and agree to follow the
Individual Security Responsibilities as stated in the Office Security Orientation
LAST, FIRST, MIDDLE
DOE, JOHN, A
Signature Date EMPLOYMENT STATUS