DATE: November 29, 2006
ADMINISTRATIVE EDIT: September 16, 2013
SUBJECT: Department of the Treasury Intelligence Information System Security Policy Manual
- PURPOSE. This Directive authorizes the issuance of the Department of the Treasury Intelligence Information System (IS) Security Policy Manual.
- SCOPE. This Directive applies to all bureaus, offices and organizations in the Department of the Treasury that electronically process, store, produce, and communicate foreign intelligence information. The policy applies to all Treasury Department employees, consultants, detailees, temporary employees, interns, and contractors performing work for the Department of the Treasury, its offices, and bureaus, whenever the individual is working in a government-designated office, traveling, or working from home on behalf of the Department. The provisions of this Directive shall not be construed to interfere with or impede the authorities or independence of the Department’s Inspectors General.
- DEFINITIONS.
- Intelligence Information System - any system meeting one or more of the following criteria:
- All systems handling Sensitive Compartmented Information (SCI);
- All Special Access Program under the cognizance of the Office of the Director of National Intelligence (ODNI); and,
- All intelligence systems (regardless of classification) operated and accredited by Intelligence Community (IC) components, except for Department of Defense (DoD) non-SCI intelligence systems reported through the DoD.
- Foreign Intelligence – information relating to the capabilities, intentions, or activities of foreign governments or elements thereof, foreign organizations, or foreign persons, or international terrorist activities.
- IC Element Head - the Assistant Secretary for Intelligence and Analysis, Office of Terrorism and Financial Intelligence.
- Intelligence Information System - any system meeting one or more of the following criteria:
- RESPONSIBILITIES.
- The IC Element Head shall:
- 1) approve for publication security policy and procedures for the security of intelligence information systems in the Treasury Intelligence IS Security Policy Manual, TD P 15-03;
- 2) review and approve bureau issuances implementing and/or supplementing the Treasury Intelligence IS Security Policy Manual; and,
- 3) act for Departmental Offices with respect to the Intelligence IS Security Program.
- Heads of those Bureaus that electronically process, store, produce, and communicate foreign intelligence information shall:
- 1) carry out the policies and procedures set forth in the Treasury Intelligence IS Security Policy Manual; and
- 2) submit new or revised bureau security directives, regulations, handbooks or publications implementing or supplementing the Treasury Intelligence IS Security Policy Manual to the IC Element Head for review and approval prior to publication.
- No issuance listed above shall be published, implemented, adopted or used until approved by the IC Element Head. Bureau issuances currently in use shall be reviewed for compliance with the Treasury Intelligence IS Security Manual and updated where appropriate. Such existing issuances must be submitted to the IC Element Head, whenever revised or rewritten.
- The Assistant Secretary for Management (in his/her capacity as the Senior Agency Official for Privacy and Chief Privacy and Civil Liberties Officer) shall:
- 1) review and approve for privacy and civil liberties the impact of any new or revised bureau security directives, regulations, handbooks or publications implementing or supplementing the Treasury Intelligence IS Security Policy Manual in support of the IC Element Head’s approval of the publication.
- The IC Element Head shall:
- SECURITY MANUAL. The Treasury Department’s IC Element Head is authorized to approve Department-wide policy for the security of intelligence information systems. The Office of the Chief Information Officer will develop and publish the Treasury Intelligence IS Security Policy Manual (Treasury Department Publication (TD P 15-03) as binding on all Treasury bureaus and offices. Any reference to TD 15-03 shall be deemed to include this directive and the Treasury Intelligence IS Security Policy Manual. The Department of the Treasury Intelligence IS Security Policy Manual shall:
- provide uniform policies, standards and general procedures to be used by the bureaus and offices to carry out their respective responsibilities in the area of security for intelligence information systems in accordance with applicable standards and guidelines issued by the Treasury Department, the Office of the Director of National Intelligence, the Office of Management and Budget, the Committee on National Security Systems, and the Information Security Oversight Office of the National Archives and Records Administration.
- implement and supplement where necessary, Executive Orders, IC policies, homeland and national security directives, and other U.S. Government policies or regulations by providing guidance when such policies or regulations are not sufficiently specific, or details are left to individual departments and/or agency discretion; and,
- supersede existing office and bureau policy in the area of security for intelligence information systems. Any existing policy will stay in effect until a corresponding security manual section is issued and notice given that a specific directive is canceled.
- APPLICABILITY. The Department of the Treasury Intelligence IS Security Policy Manual is binding on all bureaus and offices in setting forth minimum standards and requirements for the security functions identified therein. The policies and procedures contained in the Department of the Treasury Intelligence IS Security Policy Manual may not preclude a bureau or office from applying more stringent internal requirements where necessary to accomplish its mission, provided such additional standards or procedures are consistent with those in the Department of the Treasury Intelligence IS Security Policy Manual and approved by the IC Element Head.
- AVAILABILITY. The Department of the Treasury Intelligence IS Security Policy Manual and its amendments are maintained by the Office of the Assistant Secretary for Intelligence and Analysis and are available to those bureaus and offices that handle intelligence information. The Manual will be posted and made available electronically via the Treasury Department Intranet.
- OFFICE OF PRIMARY INTEREST. Office of the Under Secretary, Terrorism and Financial Intelligence, IC Element Head and the Assistant Secretary for Intelligence and Analysis.
/S/
Janice B. Gardner
Treasury Department Senior of the Intelligence Community and
Assistant Secretary for Intelligence and Analysis