| Rec # | Recommendation | Implementation / Status |
| JSC_015B | Aside from limited exemptions, classified | Sec 1.6(b) of E.O. 12958 issued 20 April 1995 implements this principle but |
| information will be declassified after ten | does provide for eight exemption categories. |
| years if no date/event is specified. |
| JSC_015C | For a narrow category of information the | Sec 1.6(c) of E.O. 12958 issued 20 Apr 97 requires implementation of this |
| 10 year timeline for automatic | principle. ISOO Directive No. 1 provides further specific guidance. Such |
| declassification may be extended to 25 | extensions are exercised by the Original Classification Authority (OCA). |
| years. |
| JSC_015D | Specify that a very narrow category of | Sec 3.4(b) of E.O. 12958 issued 20 April 1995 requires implementation of this |
| information will be exempt from the 25 | principle. ISOO Directive No. 1 provides further specific guidance. Such |
| year timeline for automatic | extensions are exercised by the agency head, and reported through the ISOO to |
| declassification. | the President (for approval/reversal). |
| JSC_016A | Strong oversight is needed from the | Sections 5.3 and 5.4, E.O. 12958 issued 20 April 1995 require both agency and |
| security executive committee and at the | national-level oversight, with ISOO to monitor and report annually to the |
| agency level. | President on agency programs, and on overall program status. |
| JSC_016B | ISOO should be part of security executive | ISOO is a member of the Security Policy Forum created by PDD 29 and chairs |
| committee. | the Classification Management Committee. |
| JSC_016C | Agencies need to strengthen oversight and | E.O 12958 issued 20 April 1995 did not require an ombudsman, but requires |
| appoint a classification ombudsman. | agencies to designate an official responsible to direct and administer a program |
| for compliance with the order, to include an ongoing self-inspection program, |
| rating officials on performance of duties under the order. |
| JSC_017 | Establish process to evaluate sensitive but | This recommendation has been influenced by recent events. The PCCIP and |
| unclassified information within DoD and | PDD-63 have caused the Intelligence and DoD communities as well as the rest of |
| the IC. | government to address the issue of critical information' the aspects of which |
| share a common range of concerns with SBU. |
| JSC_018 | Establish the DCI's counterintelligence | PDD-24 issued 3 May 1994, established the National Counterintelligence |
| center as one-stop shop for CI & security | Center, which was identified as the primary source for threat information. The |
| countermeasures threat analysis | NACIC is providing foreign CI threat information. |
| JSC_019 | DCI's CI center create a community-wide | On 13 Nov 1997, NACIC established a Threat Information collaboration realm |
| CI/SCM database for government and | on the Extranet for Security Professionals (ESP). Anyone with ESP privileges |
| industry use | has access to this realm. The NACIC is currently in the process of populating |
| this realm with unclassified CI/SCM related information and creating links to |
| existing CI/SCM sites. Funding remains an issue with regard to the automated |
| systems. |
| JSC_020 | Clearances should be requested only for | Approved by SPB 24 April 1995. EO 12968 issued 7 August 1995, requires |
| personnel who require access to classified | this be implemented. |
| information or technology. |
| JSC_021 | Fee-for service mechanisms be instituted | DoD is in the process of implementing Fee-for-service for security clearances. |
| to fund security requests. | The CIA rejects the concept of fee-for-service. |
| JSC_022 | Formal prescreening of contractors be | NISPOMSUP (Feb 1995), para 2-205, addresses the recommendation in the |
| soley performed by the government or an | "Agent of the Government" concept. The Personnel Security Committee of the |
| independent contractor hired for that | SPB recommends that prescreening be a self-evaluating process without direct |
| purpose. | intervention from a third party. |
| JSC_023 | Staff and contract employees should be | The NISPOMSUP adequately addresses the recommendation for contractors. |
| formally presecreened for a clearance or | The same procedures should be extended to government employees. |
| access only with their knowledge and |
| consent. |
| JSC_024A | NISP Personnel Security Questionnaire | The recommendation is complete with the adoption of revised Standard Form |
| (PSQ) form be used throughout DoD and | (SF) 86 in September 1995. |
| the IC. |
| 23 Aug 1999 |