| Rec # | Recommendation | Implementation / Status |
| JSC_039B | Polygraphs for all contractor personnel | Recommendation rejected due to reciprocity of polygraph examinations between |
| working at contractor facilities be | polygraph agencies. The Forum on 27 Aug 1998 approved a polygraph MOA, |
| conducted under the auspices of a single | that was signed by 12 of the 13 agencies that conduct polygraph programs. The |
| entity. | MOA which addresses the 13 JSC recommendations was signed by an agency |
| official, not lower than Director of Security, that maintains a polygraph program. |
| JSC_040 | Certify polygraph examiners under the | The Forum on 27 Aug 1998 approved a polygraph MOA, that was signed by |
| auspices of a single entity. | 12 of the 13 agencies that conduct polygraph programs. The MOA which |
| addresses the 13 JSC recommendations was signed by an agency official, not |
| lower than Director of Security, that maintains a polygraph program. |
| JSC_041 | Consolidate CIA polygraph school into | The CIA school was integrated with the DoD Polygraph Institute in September |
| the DoD polygraph institute. | 1995. |
| JSC_042 | Establishment of a robust, centrally | Beginning in FY2000, Intelligence and DoD to sponsor additional Personnel |
| funded polygraph research program. | Security research. DoDPI currently has $100K in its yearly budget for |
| polygraph research. |
| JSC_043 | Two-levels of storage protection for all | Recommendation for classified material protection not adopted in E.O. 12958 |
| classified material or information. | issued 20 Apr 1995. |
| JSC_044 | Create a database to record certified | The policy for "Reciprocity for Facility Use and Inspection" was approved by |
| facilities | President Clinton 16 Sep 1997. Due to the sensitivity of a document that would |
| contain a list of all facilities, the user community opted to develop a list of |
| POCs with knowledge of facilities within their respective organizations. A |
| database of POCs is maintained by the SPB Staff and periodically updated. |
| JSC_045 | No replacement or retrofit of containers | This recommendation only affects DoD and the plan for implementation via a |
| and locks currently approved for use | prioritization matrix developed within DoD and implemented via DOD 5200.1R |
| was accepted by the SPB. |
| JSC_046 | Routine industrial security re-inspections | The "National Policy on Reciprocity of Use and Inspection of Facilities" |
| should be eliminated. | approved by President Clinton limits the frequency of inspections. |
| JSC_047 | Eliminate employment of domestic | NSTISSI 7000 issued 29 Nov 1993 implemented requirements that drastically |
| tempest countermeasures except in | reduced the use of domestic TEMPEST countermeasures for collateral and SCI |
| response to specific threat data | and greatly reduced its use for SAP s. All requests must be reviewed by a |
| Certified Tempest Technical Authority. |
| JSC_048A | Eliminate routine domestic Technical | The "National Policy for Technical Surveillance Countermeasures" was approved |
| Security Countermeasures (TSCM) | by President Clinton on 16 Sep 1997, requires that all programs and |
| inspections in favor of increase emphasis | inspections be risk base managed and threat driven and that the TSCM be |
| overseas. | authorized by agency head. The policy is implemented through a series of |
| Procedural Guides and overseen by a working group of program managers. |
| JSC_048B | The government should fund a | To ensure a continued high level of training, the TSCM training activity has |
| coordinated TSCM R&D and training | been transferred to the NSA/NCS as the executive agent for TSCM training. |
| program to support overseas inspections | Funding to further training and more importantly R&D, remains an issue and a |
| and future technology. | long term strategy is under development. |
| JSC_049 | Develop a Central Clearance Verification | The SII and DCII databases were successfully linked in February 1999. |
| database to be made available to |
| government and industry. |
| JSC_050 | Abolish government certification of need | The NISPOM implemented the recommendation, with the exception of |
| to know for contractor visits at the | non-contract-related visits. These visits require government certification of |
| collateral level. | contractor need-to-know. Approved by the U.S. Security Policy Board on 24 |
| April 1995. |
| JSC_051 | Develop a uniform badge system for the | The Facilities Protection Committee through its Facility Access WG has |
| government's cleared community. | developed a strategy for a common badge concept and an MOA for the creation of |
| a Configuration Control Board to oversee the strategies development. Work is |
| underway to resolve remaining differences in MOA wording. |
| 23 Aug 1999 |