| Rec # | Recommendation | Implementation / Status |
| JSC_052A | Eliminate requirements to internally | Safeguarding Directive Sec VI-Information Controls eliminates administrative |
| track/inventory documents . | control measures which may include internal tracking and inventory and periodic |
| inspections of classified documents, except when technical, physical and |
| personnel control measures are insufficient to deter and detect access by |
| unauthorized person. Safeguarding Directive is at the White House pending |
| approval. |
| JSC_052B | Contractors will be authorized routine | The NISPOM, Chapter 5, Section 7, para 5-702 allows retention of classified |
| retention of SECRET classified | material received or generated under a contract for a period of 2 years after contract |
| information. | completion provided the Government Contracting Activity (GCA) does not |
| advise to the contrary. |
| JSC_053 | Eliminate item-by-item document | Safeguarding Directive Sec VIII-Destruction, states that classified information is |
| destruction accountability | to be destroyed in accordance with procedures and methods prescribed by agency |
| heads. Safeguarding Directive is at the White House pending approval. |
| JSC_054 | Revise document transmittal rules | Safeguarding Directive Sec VII-Transmission, updates document transmittal |
| rules. Safeguarding Directive is at the White House pending approval. |
| JSC_055A | Integrate OPSEC into the normal security | The OPSEC and Risk Management Training Working Groups under the TPDC |
| staff structure & incorporate risk | have implemented a robust community training program. |
| management principles into security |
| training programs. |
| JSC_055B | Delete OPSEC requirements from | The NISP and the NISPOM have standardized the process. |
| contracts except those in response to |
| specific threat and only when authorized |
| by senior management. |
| JSC_055C | NSDD 298 be reviewed, revised or | A review of NSDD-298 by the TPDC resulted in a recommendation to the |
| rescinded in accordance with new OPSEC | Forum that revision of the NSDD was unnecessary. |
| requirements. |
| JSC_056 | Develop a coordinated FOCI policy | The International Security Working Group, under the PIC, reviewed the FOCI |
| policy and found it to be fundamentally sound. However, problems were found |
| regarding consistency of policy awareness and implementation. OUSD(Policy) |
| has incorporated FOCI training and awareness within the Defense Systems |
| Management College's program of instruction. |
| JSC_057 | Review existing data exchange programs | A review was conducted by OUSD(A&T), the DEA proponent. A set of |
| to ensure they are in concert with US | principles for administering DEAs has been established by DoD and |
| national security & economic goals | disseminated to the services and defense agencies pending staffing of a new DoD |
| directive on DEAs. |
| JSC_058 | Provide comprehensive, coordinated threat | An Intelligence Production Requirements Statement for SCM was agreed to in |
| analysis and intelligence support to | April 1997, and will be forwarded to the NSC for issuance. |
| facilitate risk management decisions. |
| JSC_059A | Centralize responsibility for coordinating | Responsibility for DoD foreign exchange programs and issues has been |
| & overseeing all foreign exchange | centralized within OUSD(Policy). |
| programs. |
| JSC_059B | Improve/update national disclosure policy | There is general agreement with the language needed to update the national |
| process. | disclosure policy. Final clearance of the new language was requested from the |
| State Department in 1997. |
| JSC_060A | DoD should expand access to the Foreign | OUSD(Policy) has expanded access to FORDTIS and continues expansion based |
| Disclosure and Technical Information | upon command and other consumer access requests/needs. |
| System (FORDTIS) to command and |
| other consumers. |
| JSC_060B | Ensure CI elements cross-check critical | A portion of the OUSD(Policy) international security training and awareness |
| systems and technologies against | program addresses this issue; however, ultimate utility of FORDTIS database is |
| FORDTIS. | dependent on consistency and accuracy of "user" (data provider) inputs. |
| 23 Aug 1999 |