U.S. Geological Survey Manual
CHAPTER 1. INTRODUCTION
1. Security Organization.
A. The Associate Director for Administrative and Policy Services, exercises the general authority delegated by the Director for security. Under the general supervision of the Chief, Office of Management Services, Administrative and Policy Services, the U.S. Geological Survey (USGS) Security Manager has been appointed to discharge these responsibilities.
B. Regional Directors are responsible for ensuring that security programs are carried out within their respective regions, assigning adequate resources to implement and maintain security programs, and designating a Regional Security Officer, alternate, and other appropriately cleared security officials to discharge these responsibilities.
C. The senior official or manager of a regional or field office is responsible for ensuring that security programs are carried out within his/her respective areas of responsibility or designating a security officer and other appropriate security officials to assist the Regional Security Officer and serve as the focal point for security programs.
D. The Personnel Officer is responsible for the suitability portion of the personnel security system, which encompasses the risk designation program, the assignment of public trust position designations, initiating required entry background investigations, and adjudicating suitability as delegated by the Office of Personnel Management (OPM).
E. Under the general supervision of the Associate Director Geospatial Information, Geographic Information Officer, the Bureau Information Technology Security Manager (BITSM) is responsible for the Information Technology (IT) security program. The BITSM is also responsible for establishing criteria and has oversight and review authority for designated IT positions at all levels of sensitivity and public trust.
2. Designated Security Officers.
A. Bureau Security Manager. The Bureau Security Manager provides complete, effective security management, oversight, policy formulation, and compliance and quality assurance for the bureau’s national security classification program to include management of foreign intelligence materials and sites; the personnel security program concerning the employment and retention of persons in sensitive positions; the contractor and volunteer background investigation suitability program; the physical security, law enforcement, and counter terrorism programs to include the establishment of the Homeland Security Advisory System nationwide; and the protection of the bureau’s facilities/sites, property assets to include mission-essential infrastructures, and approximately 10,000 personnel. The Bureau Security Manager is also designated as the FSO for the National Center, Reston, Virginia, responsible for all National Center physical security and law enforcement to include the contract management of National Center guard and physical security contracts.
B. Organizational Security Officers. Personnel designated as one of the following organizational security officers are responsible for familiarizing themselves with the applicable portions of this handbook and the Federal, departmental, and USGS security directives referenced herein, and for knowledgeably administering the security programs relevant to their respective activity. Unless the specific organizational security officer designation is used, the term security officer as used in this handbook shall apply to all organizational security officers.
(1) Regional Security Officer. Regional Security Officers are responsible for administering the security programs relevant to their respective region and coordinating regional compliance with and implementation of bureau security programs.
(2) Center Security Officer. Center Security Officers are responsible for coordinating compliance with the implementation of bureau security programs through the Regional Security Officer and serve as the primary focal point for all security issues within the center.
(3) Facility Security Officer (FSO). Designated by the senior USGS official having responsibility for the security of a Federal owned or leased space. The FSO serves as the Designated Official (as defined by the Federal Property Management Regulations (FPMR) Code of Federal Regulations (CFR) Title 41, Part 101-20.003) or assists the Designated Official and administers the physical security program through the Regional Security Officer or Center Security Officer as set forth in this handbook for an office, building, or other facility. At the National Center, the Chief, Office of Management Services, serves as the designated official, and the USGS Security Manager serves as the FSO.
(4) Assistant Security Officers. When appropriate, the responsible manager may designate one or more of the following assistant security officers to carry out a portion of the organization security officer’s duties.
(a) Personnel Security Officer. When designated, Personnel Security Officers are responsible for coordinating compliance with the implementation of the position risk and sensitive position programs, which includes ensuring that the required background investigations for sensitive positions are conducted.
(b) Information Security Officer. When designated, Information Security Officers are responsible for coordinating compliance with the regulations for safeguarding national security information, proprietary information, sensitive information, or Privacy Act records.
C. Other Security Officers.
(1) Primary Special Security Officer. The Primary Special Security Officer serves as the single point of contact for the coordination and administration of the special access program governing the Sensitive Compartmented Information (SCI) program operational activities within the USGS.
(2) Special Security Officer. The Special Security Officer administers the special access program policies, controls, and procedures governing the SCI program of an accredited Sensitive Compartmented Information Facility (SCIF).
D. Other Security Officials.
(1) Custodian, Foreign Intelligence Registry. The Special Security Officer, or a custodian under the supervision of a Special Security Officer, administers all the requirements governing foreign intelligence materials and for control of the receipt and dissemination of intelligence materials.
(2) Top Secret Control Officer. The Top Secret Control Officer receives, dispatches, and maintains an accountability register of Top Secret material in an approved Top Secret control center.
(3) Classified Document Custodian, Classified Control Station. The Classified Document Custodian of a Classified Control Station receives, dispatches, and maintains an accountability register of Secret and Confidential material in an approved classified control station.
(4) Derivative Classifiers. The Bureau Security Manager specifically designates employees that originate the production or generation of classified information as Derivative Classifiers.
E. Information Technology (IT) Security Officers. The IT Security Officers are responsible for development of IT and telecommunications security policies and standards along with making recommendations to management and assisting in discharge of their computer security responsibilities.
(1) Bureau Information Technology Security Manager (BITSM). The BITSM has overall program management responsibility of the USGS information systems security and control program. The BITSM is responsible to ensure that managers establish and enforce policies, standards, and procedures for the control and protection of IT assets. This program includes provisions for administrative controls, physical security, technical security, compliance with personnel Computer/IT position designations, and security training.
(2) Installation IT Security Officer. The Installation IT Security Officer designated at each installation is responsible for ensuring that the installation continuously meets all security requirements necessary to process the applications at that IT installation.
(3) Sensitive Application Security Officer. The Sensitive Application Security Officer appointed by each computer system owner for each level 2 or 3 sensitive application (see SM 600.5.7) is responsible for performing a high risk analysis as required and ensuring appropriate safeguards for the IT equipment and information stored in the computer system are in place and effective.
3. Security Office Designations. The responsible manager should designate security officers and officials as required or deemed appropriate. Each designation should be in writing and a copy of the designation provided to the Regional Security Officer. The Regional Security Officer should include the names of individuals designated as a security officer or official in the report of key security personnel provided annually to the USGS Security Manager.
A. Qualifications. Only responsible individuals with sufficient grade and experience, capable of performing the applicable duties set forth in this handbook, should be appointed as security officer.
B. Security Clearance. Security officers should as a minimum possess a national security clearance commensurate with the highest national security program relevant to their respective activity.
C. Training. For basic training, security officers should review and familiarize themselves with the contents of this handbook and the applicable Federal, departmental, and USGS security regulations referenced herein. In most instances, formal security training will not be necessary; however, all Classified Document Custodians and Derivative Classifiers must attend formal training reviewing the requirements of Executive Order 12958, National Security Information. At the discretion of the responsible manager, security officers may attend training courses on a variety of security subjects offered by a number of different agencies. Contact the Security Management Office for a list of available security courses.
4. Definitions. A glossary of terms and definitions, which relate to physical security is in Appendix A.
5. Statutory Requirements. Nothing is this handbook shall be construed as contrary to the provisions of any statute or other Federal regulation. In the event of conflict, specific statutory provisions shall apply.
6. Proposed Changes or Revisions. Users of this handbook are encouraged to submit, through the appropriate security officer, recommended changes and comments for the upgrading of this publication. Comments should reference the specific chapter and paragraph and should include a justification for the proposed change. Periodic revisions to this manual will be published as is necessary and practicable.