by order of the commander air force...
TRANSCRIPT
BY ORDER OF THE COMMANDER
HQ AIR FORCE PERSONNEL CENTER
AIR FORCE PERSONNEL CENTER
INSTRUCTION 31-100
5 AUGUST 2014
Security
SECURITY PROGRAM
COMPLIANCE WITH THIS PUBLICATION IS MANDATORY
ACCESSIBILITY: Publications and forms are available for downloading or ordering on the
e-Publishing website at http://www.e-publishing.af.mil.
RELEASABILITY: There are no releasability restrictions on this publication.
OPR: HQ AFPC/DSHC
Supersedes: AFMA OI 31-2,
1 December 2011
Certified by: HQ AFPC/DS
(Mr. Michael K. Gamble)
Pages: 37
This instruction establishes procedures for the proper handling, processing, and safeguarding of
classified and controlled unclassified information entrusted to or under the jurisdiction of the
Commander. Furthermore, it supplements DoDM 5200.1, Volume 1 thru 4, Information Security
Program; DoD 5220.22-M, National Industrial Security Program Operating Manual
(NISPOM); DoD 5220.22-R, Industrial Security Regulation; AFI 31-401, Information Security
Program Management; AFI 31-501, Personnel Security Program Management; AFI 31-601,
Industrial Security Program Management and other applicable security directives. Computer
Security (COMSEC) material protection and accountability is exempt from the requirements of
this OI. It applies to all permanent or temporary military, civilians, and contractor personnel
assigned or attached to, or conducting official business at AFPC. This publication applies to Air
Force Reserve Command Units (AFRC). This publication applies to the Air National Guard
(ANG). This publication may not be supplemented or further implemented/extended.
Ensure all records created as a result of processes prescribed in this publication are maintained in
accordance with (IAW) AFMAN 33-363, Management of Records, and disposed of IAW Air
Force Records Information Management System (AFRIMS) Records Disposition Schedule
(RDS). Refer recommended changes and questions about this publication to Office of Primary
Responsibility (OPR) using the AF Form 847, Recommendation for Change of Publication; route
AF Form 847 from the field through the appropriate functional chain of command.
The authorities to waive wing/unit level requirements in this publication are identified with a
Tier (“T-0, T-1, T-2, T-3”) number following the compliance statement. See AFI 33-360,
Publications and Forms Management, for a description of the authorities associated with the Tier
2 AFPCI31-100 5 AUGUST 2014
numbers. Submit requests for waivers through the chain of command to the appropriate Tier
waiver approval authority, or alternately, to the Publication OPR for non-tiered compliance
items. Vigilance must be taken to protect Personally Identifiable Information (PII) when
submitting or sending nominations, applications or other documents to DoD agencies through
government Internet, software applications, systems, e-mail, postal, faxing or scanning. Refer to
attachment 1 for a glossary of references and supporting information.
Chapter 1— POLICY AND PROGRAM MANAGEMENT 6
1.1. Roles and Responsibilities. ..................................................................................... 6
1.2. AFPC Facilities. ...................................................................................................... 6
1.3. The Commander will: ............................................................................................. 6
1.4. The Director will: .................................................................................................... 6
1.5. The Security Monitor: ............................................................................................. 6
1.6. Oversight. ................................................................................................................ 7
Chapter 2— CHALLENGE TO CLASSIFICATION OF A DOCUMENT 8
2.1. Classification Challenge. ........................................................................................ 8
2.2. The Directorate Security Monitor will take the following actions: ........................ 8
2.3. Classification Level. ............................................................................................... 8
2.4. The Directorate Security Monitor will keep ........................................................... 8
Chapter 3— ACCESS TO CLASSIFIED INFORMATION 9
3.1. Personnel may ......................................................................................................... 9
3.2. If access................................................................................................................... 9
3.3. In all other instances ............................................................................................... 9
3.4. Classified information will not ............................................................................... 9
3.5. The following must be made................................................................................... 9
3.6. Secret Internet Protocol Router Network (SIPRNET) ............................................ 9
Chapter 4— SAFEGUARDING CLASSIFIED INFORMATION 10
4.1. Safeguarding classified ........................................................................................... 10
4.2. Do not ..................................................................................................................... 10
4.3. Store classified ........................................................................................................ 10
AFPCI31-100 5 AUGUST 2014 3
4.4. All safes .................................................................................................................. 10
4.5. All classified material ............................................................................................. 10
4.6. The safes located ..................................................................................................... 10
4.7. Personnel ................................................................................................................. 11
4.8. In the event.............................................................................................................. 11
Chapter 5— HANDLING OF CLASSIFIED INFORMATION 12
5.1. Clean Desk Policy. .................................................................................................. 12
5.2. Cellphones, palm pilots, cameras, tape recorders, etc ............................................ 12
5.3. Removal of Classified. ............................................................................................ 12
Chapter 6— COMPROMISE OF CLASSIFIED INFORMATION 14
6.1. Policy. ..................................................................................................................... 14
6.2. Definitions. ............................................................................................................. 14
6.3. Information System (IS) Deviations. ...................................................................... 14
6.4. Reporting and Notifications. ................................................................................... 14
Chapter 7— PROCESSING CLASSIFIED INFORMATION 16
7.1. Incoming Mail. ........................................................................................................ 16
7.2. Outgoing Mail. ........................................................................................................ 16
Chapter 8— MARKING CLASSIFIED INFORMATION 17
8.1. Classified material .................................................................................................. 17
8.2. Normally, ................................................................................................................ 17
8.3. Overall and Page Marking. ..................................................................................... 17
8.4. Marking Components. ............................................................................................ 17
8.5. Portion Marking. ..................................................................................................... 17
8.6. Automated data ....................................................................................................... 17
8.7. Miscellaneous Material. .......................................................................................... 17
8.8. Working papers ....................................................................................................... 17
8.9. Notebooks, binders, ................................................................................................ 17
Chapter 9— REPRODUCTION OF CLASSIFIED INFORMATION 19
9.1. Procedures. .............................................................................................................. 19
4 AFPCI31-100 5 AUGUST 2014
Chapter 10— DESTRUCTION OF CLASSIFIED INFORMATION 20
10.1. Only personnel ........................................................................................................ 20
10.2. Classified Waste. .................................................................................................... 20
10.3. Destruction Process. ................................................................................................ 20
Chapter 11— SECURITY EDUCATION AND BRIEFING 21
11.1. In addition to the Information Protection Computer Based Training (CBT) .......... 21
11.2. The AFPC Security Office will: ............................................................................. 21
11.3. The Directorate Security Monitor will: ................................................................... 21
Chapter 12— CONDUCTING CLASSIFIED BRIEFINGS 22
12.1. Classified Meetings and Conferences [Reference DoDM 5200.1-Volume 3]. ....... 22
Chapter 13— CONTROLLED UNCLASSIFIED INFORMATION 23
13.1. For Official Use Only (FOUO). .............................................................................. 23
13.2. FOR OFFICIAL USE ONLY Law Enforcement Sensitive. ................................... 24
13.3. Markings. ................................................................................................................ 24
Chapter 14— PERSONNEL SECURITY 26
14.1. Submitting Security Clearances. ............................................................................. 26
14.2. Continuing Evaluation. ........................................................................................... 26
14.3. Any changes in a Security Access Requirement (SAR) ......................................... 26
Chapter 15— INDUSTRIAL SECURITY 27
15.1. The AFPC Security Office manages the Industrial Security Program for AFPC. .. 27
15.2. Contractors .............................................................................................................. 27
15.3. AFI 31-601 .............................................................................................................. 27
15.4. The contracting office ............................................................................................. 27
15.5. Draft copy of DD Form 254.................................................................................... 27
15.6. Final copy ............................................................................................................... 27
15.7. The Security Office ................................................................................................. 27
15.8. All long-term cleared/uncleared ............................................................................. 27
AFPCI31-100 5 AUGUST 2014 5
Attachment 1— GLOSSARY OF REFERENCES AND SUPPORTING INFORMATION 28
Attachment 2— TRANSMITTING CLASSIFIED MATERIAL 32
Attachment 3— EMERGENCY PROTECTION PLAN (EPP) 34
Attachment 4— SECURITY TRAINING PLAN 36
6 AFPCI31-100 5 AUGUST 2014
Chapter 1
POLICY AND PROGRAM MANAGEMENT
1.1. Roles and Responsibilities. The AFPC Security Office (AFPC/DSHC): Provides
direction, guidance, and advice for the AFPC Security Program.
1.1.1. Provides direction, guidance, and advice for the AFPC Security Program.
1.1.2. Serves as the approval authority for waiver requests for the AFPC Security Program.
1.1.3. Establishes guidance and procedures for the AFPC Security Program.
1.2. AFPC Facilities. All AFPC facilities (Randolph & Lackland AFB) are controlled access
facilities; a proximity card is required for entry and exit points. During normal duty hours
(0700-1700) a proximity card is not required at the main entrance of Building # 499. After
normal duty hours, unaccompanied visitors will not be allowed to enter the building. During
non-duty hours, weekends and holidays, visitors are required to be escorted at all times.
1.3. The Commander will:
1.3.1. Appoint a primary and alternate security manager for AFPC.
1.4. The Director will:
1.4.1. Appoint a security monitor and at least one alternate to administer the unit’s
information security program. Appointees (military/civilian) must have a current security
clearance and valid investigation. Note: Contractor personnel may not be appointed. (T-3)
1.4.2. Notify the AFPC Security office in writing when either primary or alternate security
monitors are changed.
1.4.3. Appoint in writing a Unit Self Inspector.
1.5. The Security Monitor:
1.5.1. Implements AFI 31-401 and AFI 31-501 within the unit.
1.5.2. Develops internal operating instructions (OIs) for the protection and handling of
classified material.
1.5.3. Ensures semi-annual self-inspections are conducted.
1.5.4. Assists the unit commander in monitoring security incident investigations.
1.5.5. Develops an annual training plan for the information security program, and ensures
security education requirements of DoDM 5200.1, Volume 3/AFI 31-401, chapter 8 are met.
1.5.6. Posts Computer Generated Visual Aid, AETCVA 31-9, Security Manager
Designation. (T-3)
1.5.7. Maintains the Security Monitor’s Handbook.
1.5.8. IAW AFI 31-401, ensures all personnel who require access to classified information
sign or have signed a Standard Form (SF) 312, Classified Information Non-disclosure
AFPCI31-100 5 AUGUST 2014 7
Agreement (NDA), within 30 days of assignment or have one on file in their electronic
personnel record.
1.5.8.1. When a person refuses to sign a NDA, the Security Monitor will annotate refusal
on the NDA. The Security Monitor will also deny the individual access to classified
information and takes steps to deny or revoke the person’s security clearance eligibility
by setting up a Security Information File (SIF) IAW AFI 31-501, chapter 7.
1.5.9. Manages the Joint Personnel Accountability System (JPAS) within their organization.
1.5.9.1. In-processes and out-processes all unit personnel.
1.5.9.2. Monitors and acts on system notifications.
1.5.9.3. Ensures personnel submit for security clearances as required.
1.5.10. Ensures safe custodians perform visual maintenance inspection annually, or in
conjunction with combination changes or maintenance actions. The AFTO Form 36,
Maintenance Record For Security Type Equipment will be used to document these actions.
1.5.11. Foreign Disclosure. Before providing any information to foreign persons, contacts
the AFPC Security Office for a foreign disclosure briefing.
1.5.12. Will ensure all personnel in-process with the directorate prior to the AFPC Security
Office.
1.6. Oversight.
1.6.1. 502 ABW OLB/IP will conduct a program review once each year unless prior
arrangements are made to extend the review.
1.6.2. Security Self-Inspections: Semiannual security self-inspections are required to
evaluate information security program effectiveness.
1.6.2.1. The Commander will appoint an individual, in writing, other than the unit
security monitor or alternate, to conduct a semiannual security inspection.
1.6.2.2. The AFPC Security Office will provide a copy of the appointment letter and
results of the inspection to 502 ABW OLB/IP.
8 AFPCI31-100 5 AUGUST 2014
Chapter 2
CHALLENGE TO CLASSIFICATION OF A DOCUMENT
2.1. Classification Challenge. Any person may challenge the classification of a document
he/she believes is under or over classified, or marked incorrectly. Personnel must notify the
AFPC Security Office that they are going to challenge the classification. If the information is
Air Force related, personnel shall contact the person that received the information (by secure
communications or in writing) and tell them why you believe the classification is incorrect. If
the originator thinks the classification is correct, but you still believe it is incorrect, contact the
AFPC Security Office for guidance in formalizing the challenge.
2.2. The Directorate Security Monitor will take the following actions:
2.2.1. Ensure the material is protected at the highest level originally assigned until a
determination is made.
2.2.2. Obtain all available information concerning the material and the reason for challenge.
2.2.3. Review any source documents available, including classification guides, to determine
the appropriate level of classification of the material.
2.3. Classification Level. If the appropriate classification level cannot be determined locally,
make contact with the AFPC Security Office. Review DoDM 5200.1, Volume 1/AFI 31-401 for
specific guidance.
2.4. The Directorate Security Monitor will keep the identity of the challenger anonymous if
the challenger requests it.
AFPCI31-100 5 AUGUST 2014 9
Chapter 3
ACCESS TO CLASSIFIED INFORMATION
3.1. Personnel may receive classified information from any office when required in the
performance of official duties and when they have the appropriate level of eligibility/access and
Need-To-Know for the information. The directorate Security Monitor will verify individual’s
clearance using the JPAS roster.
3.2. If access to classified material is required by a visitor, a visit request from the individual’s
security manager should have been sent through JPAS. If not, obtain approved identification
media (i.e. government issued identification) and verify security clearance status in JPAS prior to
release of the information.
3.3. In all other instances , the official having custody of the material will verify the identity,
eligibility/access level and need-to-know of the individual prior to release of classified
information by contacting the individual’s unit/agency security manager or supervisor.
3.4. Classified information will not be discussed or talked around in any form on the
telephone, video teleconference or radio. A secure voice system will be used for discussion of
classified information. Those individuals required to brief or discuss classified information will
ensure that the material is properly marked and that the overall classification and limitation are
briefed at the beginning and end of their briefing or discussion. They will ensure their audience
has the proper clearance and need-to-know.
3.5. The following must be made clear prior to disseminating classified information:
3.5.1. What effect the information has on the national security of the United States
(Confidential, Secret, Top Secret).
3.5.2. Whether or not its disclosure is prohibited by law.
3.5.3. The information must be safeguarded according to its classification.
3.5.4. Whether or not its release to foreign entities is subject to espionage laws and brief
these laws if it is.
3.6. Secret Internet Protocol Router Network (SIPRNET) system will be marked with a
Standard Form SF 707. The TACLANE key will NOT be stored in the same room as the
SIPRNET terminal. Note: Once the TACLANE key is inserted it becomes classified and cannot
be left unattended.
10 AFPCI31-100 5 AUGUST 2014
Chapter 4
SAFEGUARDING CLASSIFIED INFORMATION
4.1. Safeguarding classified information is the responsibility of all personnel.
4.2. Do not discuss classified information with anyone who does not have the proper clearance,
need-to-know, and a signed NDA on file. Contact the directorate security monitor to verify
clearance and NDA status.
4.3. Store classified material only in General Services Administration (GSA) approved
containers. Security containers/secure areas are located in DPA, DPW, DS, SV, MA and
AFPOA. (T-3)
4.4. All safes and office areas where classified material is used will be checked at the end of
each work day to ensure classified material is properly protected. The check will be recorded on
the SF 701, Activity Security Checklist. The director will designate in writing, procedures for
another person to conduct the check if the designated individual is not available. (T-3)
4.5. All classified material within an office will be placed in assigned security containers. As
a minimum, the following will be accomplished to ensure material is properly stored.
4.5.1. All desk tops, file baskets, cabinet tops, trash containers, etc., will be inspected for
presence of classified material.
4.5.2. All classified shorthand notes, carbon paper, printer and typewriter ribbons, rough
drafts, and similar papers will be retrieved for proper storage or destruction.
4.6. The safes located in all AFPC facilities are approved for storage of classified material
Secret and below. The following procedures apply:
4.6.1. The Director will appoint safe custodians, in writing, for each security container. The
custodians will be responsible for controlling the combinations to the safe. The combination
will be changed when placed in use, at least annually when it contains North Atlantic Treaty
Organization (NATO) material or COMSEC, whenever an individual knowing the
combination no longer requires access, or whenever the combination has been subject to
possible compromise. Combination changes will be recorded on SF 700, Security Container
Information. (Note: This form will be maintained inside another security container). The
AFTO FM 36 will also reflect a combination change and visual inspection was conducted.
(T-3)
4.6.2. After ensuring the SF 702 has been checked for all security containers and after
performing inspections for each designated office area, annotate applicable blocks on the SF
701, enter the time of the final area inspection, and initial the form in the designated day
column.
4.6.3. In cases where personnel work during non-duty hours, action required to complete the
SF 702 or other designated forms may be done by the office member. This procedure will be
used only when there is no other staff member readily available to complete the required
actions.
AFPCI31-100 5 AUGUST 2014 11
4.6.3.1. The custodian will be responsible for destruction of classified material as
required.
4.6.3.2. The custodian will verify the clearance and need-to-know of anyone requesting
access to classified information that is stored in the container and will ensure a NDA has
been signed. Verification of the clearance and SF 312 will be made through the JPAS
roster.
4.6.3.3. The safe will be opened only when necessary and will be closed as quickly as
practical. When the safe is opened, personnel with the appropriate clearance level will be
in the room at all times.
4.7. Personnel who are designated to make end-of-day security checks will complete the
following actions:
4.7.1. Ensure all classified material is stored in the authorized container.
4.7.2. Check wastebaskets for classified material.
4.7.3. Check desktops for classified material.
4.7.4. Check all classified printers for classified material.
4.7.5. Check the latching mechanism on each safe drawer to ensure it is in the locked
position.
4.7.6. Turn the combination at least four complete turns in either direction.
4.7.7. Complete SF 702, Security Container Check on the safe and the SF 701, Activity
Security Checklist posted near the door of the room concerned. Rooms that are continuously
staffed (e.g., Casualty Services) are not required to complete the SF 701, IAW AFI 31-401,
AETC Sup 1, paragraph 5.5.1.
4.8. In the event of natural disaster, civil disturbance, or other emergency, classified material
will be safeguarded in accordance with Attachment 3, Emergency Protection Plan (EPP). In a
case of a security incident, contact the AFPC Security Office, commander, or 502 ABW OLB/IP,
and see AFI 31-401, chapter 9.
12 AFPCI31-100 5 AUGUST 2014
Chapter 5
HANDLING OF CLASSIFIED INFORMATION
5.1. Clean Desk Policy. Personnel working on classified material will not have any other
papers, etc., on top of the desk. All classified material will be covered with the appropriate
classified cover sheet unless it is in use. This ensures classified material is not mixed with
unclassified papers or improperly stored or disposed. It also prevents persons entering the room
from having access to the material. Post AETC VA 31-10, Classified Work in Progress, in a
conspicuous manner when processing classified information to reduce or prevent inadvertent
access to the information. (T-3)
5.2. Cellphones, palm pilots, cameras, tape recorders, etc . are prohibited within 3 meters of
where classified is produced or processed. These items may not be present when classified is
discussed. When Nonclassified Internet Protocol Router Network (NIPRNET) webcams are
present, ensure these devices are disconnected from the computer when classified is processed or
discussed, to prevent them from being activated remotely.
5.3. Removal of Classified.
5.3.1. Classified material removed from authorized storage locations must be kept under
positive control, have a cover sheet, be taken directly to the work area, and returned directly
to the storage container when the work is completed. If the classified data is contained on
digital media, ensure the media is permanently marked with the highest classification of the
contents, and the media has a case with the appropriate Standard Form (SF 706, Top Secret
Label; SF 707, Secret Label; SF 708, Confidential Label), as well as an SF 711, Data
Descriptor Label. Also, classified material will not be removed from the confines of the
installation without the permission of the commander or higher authority. When removing
classified storage devices and other removable Automated Information System (AIS) storage
systems from the safe, they will be signed out and signed back in upon return using a log
form.
5.3.2. Classified material may be removed from the work center only for the following
reasons:
5.3.2.1. When removal is required in cases of compelling necessity for mission
accomplishment and provided that maximum protection of the material can be guaranteed
under the prevailing circumstances.
5.3.2.2. Use by appropriate cleared personnel for duty-hour working purposes. SF Form
704 or 705, Cover Sheet for Confidential or Secret Information, and AF Form 614,
Charge Out Record, will be used. Also verbal or written authorization as outlined by
DoDM 5200.1, Volume 3/AFI 31-401, chapter 8 is required. (T-3)
5.3.2.3. Hand-Carrying or Escorting Classified Material Aboard Commercial Passenger
Aircraft. The unit commander or equivalent, or staff agency chief authorizes
appropriately cleared couriers to hand-carry classified material on commercial flights.
The Security Monitor will provide the appropriate training. (T-3)
5.3.2.4. Transmission of material on or off the installation according to existing
directives.
AFPCI31-100 5 AUGUST 2014 13
5.3.2.4.1. Courier designation letters will be accomplished for personnel who must
hand-carry material off the installation in the performance of official duties.
5.3.2.4.2. Before departure, individuals authorized to hand-carry Secret/Confidential
information will be briefed by the Directorate Security Monitor on the protective
requirements of DoDM 5200.1, Volume 3/AFI 31-401, chapter 6.
14 AFPCI31-100 5 AUGUST 2014
Chapter 6
COMPROMISE OF CLASSIFIED INFORMATION
6.1. Policy. [Reference DODM 5 200.1, Volume 3]
6.1.1. Whenever classified material is mishandled, lost or compromised, a security incident
will be initiated and thoroughly investigated to minimize any possible damage to national
security. The investigation will identify appropriate corrective actions that will be
immediately implemented to prevent future security incidents. Further, if the security
incident leads to the actual or potential compromise of classified information, a damage
assessment will be conducted to judge the effect that the compromise has on national
security.
6.1.2. Personnel will report suspected instances of unauthorized public disclosure of
classified information promptly. The commander will initiate an investigation to determine
the nature and circumstances of the suspected disclosure, the extent of the damage to national
security, and the corrective and disciplinary action to be taken [DoDD 5210.50, paragraph
4.].
6.2. Definitions.
6.2.1. Security incidents may be categorized as:
6.2.1.1. Security Violation: Any knowing, willful or negligent action:
6.2.1.1.1. That could reasonably be expected to result in an unauthorized disclosure
of classified information.
6.2.1.1.2. To classify or continue the classification of information contrary to the
requirements of this order or it’s implementing directives.
6.2.1.2. Security Infraction: Any knowing, willful or negligent action that is not a
security violation.
6.2.2. A compromise of classified information occurs when unauthorized individuals have
had access to the classified information. Unauthorized individuals include those individuals
with the appropriate security clearance but do not have a valid need-to-know.
6.2.3. A potential compromise of classified information is when an investigating official
concludes that a compromise of classified information has more than likely occurred as a
result of a security incident.
6.3. Information System (IS) Deviations. Report all security deviations involving automated
information systems to the security office and the Information Assurance office (AFPOA/DPH)
to begin an evaluation on the impact of the incident to national security and the organization’s
operations. If COMSEC material is involved, refer to AFI 33-201, Volume 2, COMSEC User
Requirements). If classified is found on the NIPRNET, DO NOT delete the file(s), print the
documents, or forward/reply. Ensure a cleared individual guards the equipment until it can be
properly secured.
6.4. Reporting and Notifications.
AFPCI31-100 5 AUGUST 2014 15
6.4.1. Personnel who learn of a security incident must immediately report it to their
commander or equivalent, supervisor, or security manager who will in-turn report the
incident to 502 ABW/IP by the end of the first duty day.
6.4.1.1. The Directorate Security Monitor will notify the sending activity regarding the
incident, complete a memorandum for record, and file it in the security manager’s
handbook.
6.4.1.2. A copy of all notifications, coordination’s, etc., will be documented in the report
of investigation.
16 AFPCI31-100 5 AUGUST 2014
Chapter 7
PROCESSING CLASSIFIED INFORMATION
7.1. Incoming Mail. Personnel who receive mail deliveries must have a Secret clearance and be
aware of appropriate handling procedures for incoming classified mail. Personnel authorized to
open/handle first class and registered mail will ensure, if mail is not opened during duty hours, it
is properly secured in a classified storage container until its contents are verified. Secret and
Confidential materials received through the mail will be handled as follows:
7.1.1. When receiving mail, personnel will determine if packages have been tampered with
and sign for the package. Classified (Secret/Confidential) materials will either be
registered/certified mail (respectively), U.S. Postal Service (USPS) Express Mail, or FedEx
overnight delivery, and must be signed for. (Note: To ensure the USPS never leaves the
material unattended, the “Waiver of Signature and Indemnity” block on the USPS
Express Mail Label 11-B will never be executed.) Any mail of this nature should be
delivered directly to the addressee, and if this is not possible, the material should be stored in
the nearest approved classified storage container. The classification will not be indicated on
the outer wrapper, so treat it as SECRET until the true classification is determined upon
opening by the addressee. If the addressee is not clear on the outer wrapper, the outer
wrapper may be removed to determine if further addressing exists on the inner wrapper.
Once this has been done, maintain control of the material and deliver it to the appropriate
person or office. If this is not possible, take the material to the nearest approved classified
storage container and have it secured until the addressee is available.
7.1.2. Mail reflecting special access program markings on the inner wrapper/container will
be hand-carried to the security monitor for disposition. The security monitor will sign
necessary receipts.
7.1.3. Mail marked “DO NOT FORWARD” will be delivered directly to the addressee. If it
cannot be delivered, it will be secured in a classified storage container until it can be
delivered.
7.2. Outgoing Mail.
7.2.1. Transmission of classified material must follow AFI 31-401, chapter 7. Secret
material may be sent by registered mail through the USPS/FedEx between the US and its
territories, with certain provisions. Confidential material is sent through USPS/FedEx first
class certified mail and the outer envelope will be endorsed “Postmaster: Do Not Forward.”
The material will be sealed in an inner wrapper with the classification annotated, and in an
outer wrapper not marked with classification. Both wrappers will be sealed in such a way as
to indicate tampering. Refer to Attachment 2 for additional guidance.
AFPCI31-100 5 AUGUST 2014 17
Chapter 8
MARKING CLASSIFIED INFORMATION
8.1. Classified material and sensitive material will be marked IAW AFI 31-401 and Controlled
Access Program Coordination Office (CAPCO) marking guide. This includes SIPRNET e-mails
and interior files located on the classified systems hard drives. (T-3)
8.2. Normally, unclassified materials shall not be marked or stamped “unclassified” unless it is
essential to convey to a recipient of such material that it has been examined with a view to
imposing a security classification, and that it has been determined that it does not require
classification.
8.3. Overall and Page Marking. The overall classification of a document shall be
conspicuously marked, stamped or affixed permanently at the top and bottom center on the
outside of the front cover (if any), on the title page (if any), on the first page, and on the outside
of the back cover (if any). Each interior page shall be marked on the top and bottom according
to its contents.
8.4. Marking Components. The major components of some complex documents are likely to
be used separately. In such instances, each major component shall be marked as a separate
document. Examples include each annex, appendix, or similar component of a plan, program,
operations order, etc.
8.5. Portion Marking. Each section, part, paragraph, or similar portion of a classified
document shall be marked to show the level of classification of the information contained in or
revealed by it, or that it is unclassified. Portions of documents shall be marked in a manner that
eliminates doubt as to which of its portions contains or reveals classified information. In
marking sections, parts, paragraphs, or similar portions, the parenthetical symbols “(TS)” for Top
Secret, “(S)” for Secret, “(C)” for Confidential, “(U)” for Unclassified and “(FOUO)” For
Official Use Only shall be used.
8.6. Automated data processing and word processing storage media must be labeled with
Standard Form 706 (TOP SECRET), (SECRET), (CONFIDENTIAL) or SF 701
(UNCLASSIFIED), whichever is appropriate. Files and folders located on SIPRNET hard drives
must have the overall classification listed first in the title, with the portion marking for the
classification of the title at the end (i.e., [C] Global War on Terrorism [GWOT] Expenditures
(U).xls).
8.7. Miscellaneous Material. Documents and materials such as rejected copies, typewriter
ribbons, carbons, slides, and similar items developed in connection with handling, processing,
production of classified information shall be handled in a manner that assures adequate
protection of the classified information involved and destruction at the earliest practical time.
8.8. Working papers must be dated when created, list the OPR, be marked with the overall
classification and marked as a finished document or destroyed at 180 days.
8.9. Notebooks, binders, files, folders and similar holders containing classified information
will be conspicuously marked with the highest classification of material contained within. The
appropriate classified cover sheet will be affixed to the front and back of the binder, notebook, or
holder. Also, the spine on binders, notebooks, or holders will be marked with the overall
18 AFPCI31-100 5 AUGUST 2014
classification. Cover sheets will not be attached to the document when filed in a security
container. (T-3)
AFPCI31-100 5 AUGUST 2014 19
Chapter 9
REPRODUCTION OF CLASSIFIED INFORMATION
9.1. Procedures. The following procedures will be strictly adhered to:
9.1.1. Currently AFPC does not have a copier available for classified reproduction. In the
event a copier is designated for classified reproduction, it will be marked with the appropriate
level of classified reproduction and the rules for their use posted nearby. Users should be
aware of the requirements for copying classified information before using the machine. Use
of copiers with permanent memory is strictly PROHIBITED. (T-3)
9.1.2. Copier users will ensure:
9.1.2.1. Classified material is rigidly safeguarded at all times during reproduction and
unauthorized personnel are not permitted to have visual access to the material being
reproduced.
9.1.2.2. The document to be reproduced does not have any reproduction prohibition,
either on the document or by applicable regulations.
9.1.2.3. Authority has been received from the appropriate authorized individual to
reproduce classified material.
9.1.2.4. Only sufficient copies are reproduced to meet operational needs.
9.1.2.5. All copies are accounted for. Should there be any problems; the security
monitor will inspect the machine to locate any lost or jammed copies or to clear the
machine.
9.1.2.6. Upon completion of copying, take appropriate measures to delete any jobs in the
system to guard against inadvertent printing (some machines may require more). These
procedures should be posted nearby the copier in question on an AETC VA 31-5,
Classified Reproduction Authorized. All blank sheets will be destroyed as classified
waste. (T-3)
9.1.2.7. Use AETC VA 31-6, Unclassified Reproduction Only, on or near all copiers,
facsimile machines, and scanners NOT approved for reproduction of classified material.
(T-3)
9.1.2.8. All copies are properly marked with the reproduction authority and are
appropriately controlled and safeguarded.
9.1.2.9. Overruns or unsatisfactory copies are protected and destroyed as classified
waste.
9.1.2.10. All classified markings on the original are clearly shown on each reproduced
copy. If not, reapply the markings.
20 AFPCI31-100 5 AUGUST 2014
Chapter 10
DESTRUCTION OF CLASSIFIED INFORMATION
10.1. Only personnel with current security clearances (verified in JPAS) are authorized to
destroy classified material.
10.2. Classified Waste. Waste material, such as handwritten notes, carbon paper, typewriter
ribbons, working papers that contain classified information, and confidential material shall be
temporarily stored in a part of the safe until it can be destroyed.
10.3. Destruction Process.
10.3.1. Shredders authorized for classified destruction are found Bldg 499, 575, and 171.
10.3.2. When shredding classified, only National Security Agency (NSA) approved
shredders that cut no larger than 1/2 by 1/23 of an inch are used. Any particle larger than this
size will be sent through the shredder again. Secure Volume method will be used. (Twenty
sheets of unclassified will be destroyed until there is sufficient volume.).
10.3.2.1. Use AETC VA 31-7, Classified Destruction Only, on all shedders authorized
for destruction of classified information. (T-3)
10.3.2.2. Use AETC VA 31-8, Unclassified Destruction Only, on all shedders not
authorized to destroy classified information. (T-3)
10.3.3. Confidential. Only one authorized person needs to be involved in the destruction
process and a record of destruction is not required.
10.3.4. Secret. Only one authorized person needs to be involved in the destruction process
and a record of destruction is not required.
10.3.5. Top Secret/NATO Secret. Two people with Top Secret access are involved in the
destruction process. Destruction is recorded either on the AF Form 143; Top Secret Register
Page, AF Form 310, Document Receipt and Destruction Certificate; or AF Form 1565,
Entry, Receipt, and Destruction Certificate. The destruction record will be attached to the
AF Form 143 (used to account for the document) when the destruction is not recorded on the
AF Form 143 itself.
10.3.6. AFPC/CC has designated the first duty day in the month of May as the annual
classified clean out day. Directorate Security Monitors will check safes and determine if
classified material needs to be destroyed.
AFPCI31-100 5 AUGUST 2014 21
Chapter 11
SECURITY EDUCATION AND BRIEFING
11.1. In addition to the Information Protection Computer Based Training (CBT) on
Advanced Distributed Learning Service (ADLS), the Directorate Security Monitor will provide a
newcomer’s security orientation briefing within 30 days of arrival on station to satisfy the
indoctrination training required by DoDM 5200.1, Volume 3/AFI 31-401, chapter 8.
Supervisors will ensure all new personnel contact the security monitor during in-processing. The
training must include, but, is not limited to an initial briefing covering:
11.1.1. The unit’s involvement with classified material and the security requirements of their
particular assignment.
11.1.2. A review of the unit operating instruction outlining protection of classified material.
11.1.3. Classified material safeguard and control procedures.
11.1.4. Criteria for granting access to classified material.
11.1.5. Receipt and dissemination procedures.
11.1.6. Annual NATO training is conducted as part of the Information Protection Computer
Based Training.
11.2. The AFPC Security Office will:
11.2.1. Conduct Initial Security Orientation within 30 days of arrival.
11.2.2. Schedule personnel for briefings for special access information as needed.
11.2.3. Provide foreign travel briefings for personnel traveling abroad, whether on TDY,
PCS, or leave.
11.3. The Directorate Security Monitor will:
11.3.1. Provide refresher training (recurring training) as outlined in the Security Training
Plan at Attachment # 4.
11.3.2. Execute an AF Form 2587, Security Termination Statement, for personnel who
separate, retire, or have their access suspended or terminated.
11.3.3. Ensure security awareness bulletins and flyers are posted on bulletin boards and
distributed throughout the unit.
22 AFPCI31-100 5 AUGUST 2014
Chapter 12
CONDUCTING CLASSIFIED BRIEFINGS
12.1. Classified Meetings and Conferences [Reference DoDM 5 200.1-Volume 3].
12.1.1. Classified information at meetings, conferences, symposia, portions or sessions of
meetings, conferences, etc., during which classified information is to be disseminated shall
be limited to appropriately cleared U.S. Government or U.S. Government contractor
locations.
12.1.2. For hosting a briefing within the unit, the facility must afford adequate security
against unauthorized access from both physical intruders and sound emissions. Before
working with classified components or conducting classified meetings or briefings,
participants will turn off all wireless products (cell phones, pagers, beepers, hand-held radios,
wireless microphones, etc.) and place them in a holding area outside the location where
classified components are stored or briefed. Posting personnel from the sponsoring activity
will establish entry control and perimeter surveillance in and around the room or facility, as
necessary. (T-3)
12.1.3. Foreign Participation: Hosting officials refer to AFI 16-201, Air Force Foreign
Disclosure and Technology Transfer Program, for specific guidance.
AFPCI31-100 5 AUGUST 2014 23
Chapter 13
CONTROLLED UNCLASSIFIED INFORMATION
13.1. For Official Use Only (FOUO). FOUO is a designation that is applied to unclassified
information that is exempt from automatic release to the public under FOIA. See DoD 5400.7-
R/AF Supplement for further guidance [Ref: DoDM 5200.1, Volume 4].
13.1.1. Access to FOUO Information.
13.1.1.1. No person may have access to information designated as FOUO unless that
person has been determined to have a valid need for such access in connection with the
accomplishment of a lawful and authorized Government purpose.
13.1.1.2. The final responsibility for determining whether an individual has a valid need
for access to information designated as FOUO rests with the individual who has
authorized possession, knowledge or control of the information and not on the
prospective recipient.
13.1.1.3. Information designated as FOUO may be disseminated within the DoD
Components and between officials of DoD Components and DoD contractors,
consultants, and grantees to conduct official business for the DoD, provided that
dissemination is not further controlled by a Distribution Statement.
13.1.1.4. DoD holders of information designated as FOUO are authorized to convey such
information to officials in other Departments and Agencies of the Executive and Judicial
Branches to fulfill a government function. If the information is covered by the Privacy
Act, disclosure is only authorized if the requirements of AFI 33-332, Air Force Privacy
Program, are satisfied.
13.1.1.5. Release of FOUO information to Congress is governed by AFI 90-401, Air
Force Relations With Congress. If the Privacy Act covers the information, disclosure is
authorized if the requirements of DoD 5400.11-R are also satisfied.
13.1.1.6. DoD 7650.1-I, General Accounting Office (GAO) and Comptroller General
Access to Records, governs release of FOUO information to the GAO. If the Privacy Act
covers the information, disclosure is authorized if the requirements of DoD 5400.11-R
are also satisfied.
13.1.2. Protection of FOUO Information.
13.1.2.1. During working hours, reasonable steps shall be taken to minimize risk of
access by unauthorized personnel. After working hours, store FOUO information in
unlocked containers, desks or cabinets if Government or Government-contract building
security is provided. If such building security is not provided, store the information in
locked desks, file cabinets, bookcases, locked rooms, etc.
13.1.2.2. FOUO information and material may be transmitted via first class mail, parcel
post or, for bulk shipments, via fourth-class mail. Electronic transmission of FOUO
information, e.g., voice, data or facsimile, e-mail, shall be by approved secure
communications systems or systems utilizing access controls such as Public Key
Infrastructure (PKI), whenever practical.
24 AFPCI31-100 5 AUGUST 2014
13.1.2.3. FOUO information may only be posted to DoD Web sites consistent with
security and access requirements specified in Deputy Secretary of Defense
Memorandum, dated 25 November 1998, Subject: “Web Site Administration”.
13.1.2.4. Record copies of FOUO documents shall be disposed of according to the
Federal Records Act and the DoD Component records management directives. Non-
record FOUO documents may be destroyed by any of the means approved for the
destruction of classified information, or by any other means that would make it difficult
to recognize or reconstruct the information.
13.1.2.5. Unauthorized Disclosure. The unauthorized disclosure of FOUO does not
constitute an unauthorized disclosure of DoD information classified for security
purposes. However, appropriate administrative action shall be taken to fix responsibility
for unauthorized disclosure of FOUO whenever feasible, and appropriate disciplinary
action shall be taken against those responsible. Unauthorized disclosure of FOUO
information that is protected by the Privacy Act may also result in civil and criminal
sanctions against responsible persons. The Military Department or other DoD
Component that originated the FOUO information shall be informed of its unauthorized
disclosure.
13.2. FOR OFFICIAL USE ONLY Law Enforcement Sensitive.
13.2.1. Law Enforcement Sensitive is a marking sometimes applied, in addition
to/conjunction with the marking FOR OFFICIAL USE ONLY, by the Department of Justice
and other activities in the law enforcement community. It is intended to denote that the
information was compiled for law enforcement purposes and should be afforded appropriate
security in order to protect certain legitimate government interests, including the protection
of: enforcement proceedings; the right of a person to a fair trial or an impartial adjudication;
grand jury information; personal privacy including records about individuals requiring
protection under the Privacy Act; the identity of a confidential source, including a state,
local, or foreign agency or authority or any private institution which furnished information on
a confidential basis; information furnished by a confidential source; proprietary information;
techniques and procedures for law enforcement investigations or prosecutions; guidelines for
law enforcement investigations when disclosure of such guidelines could reasonably be
expected to risk circumvention of the law, or jeopardize the life or physical safety of any
individual, including the lives and safety of law enforcement personnel.
13.3. Markings.
13.3.1. In unclassified documents containing Law Enforcement Sensitive information, the
words “Law Enforcement Sensitive” shall accompany the words “FOR OFFICIAL USE
ONLY” at the top and bottom of the front cover (if there is one), the title page (if there is
one), and the outside of the back cover (if there is one).
13.3.2. In unclassified documents, each page containing FOR OFFICIAL USE ONLY Law
Enforcement Sensitive information shall be marked “FOR OFFICIAL USE ONLY Law
Enforcement Sensitive” at the top and bottom. Classified documents containing such
information shall be marked as required by chapter 5 of this instruction, DoDM 5200.1,
Volume 4, except that pages containing Law Enforcement Sensitive information but no
AFPCI31-100 5 AUGUST 2014 25
classified information will be marked “FOR OFFICIAL USE ONLY Law Enforcement
Sensitive” top and bottom.
13.3.3. Portions of DoD classified or unclassified documents that contain FOR OFFICIAL
USE ONLY Law Enforcement Sensitive information shall be marked “(FOUO-LES)” at the
beginning of the portion. This applies to classified, as well as to unclassified documents. If a
portion of a classified document contains both classified and FOR OFFICIAL USE ONLY
Law Enforcement Sensitive information, the appropriate classification designation is
sufficient to protect the information.
13.3.4. Access to FOR OFFICIAL USE ONLY Law Enforcement Sensitive. The criteria for
allowing access to FOR OFFICIAL USE ONLY Law Enforcement Sensitive are the same as
those used for FOUO information, except that if the information also bears the marking
“Originator Control” or “ORCON” the information may not be disseminated beyond the
original distribution without the approval of the originating office.
13.3.5. Protection of FOR OFFICIAL USE ONLY Law Enforcement Sensitive. Within the
DoD, FOR OFFICIAL USE ONLY Law Enforcement Sensitive shall be protected as
required for FOUO information.
13.3.6. Sensitive But Unclassified (SBU) Information. SBU information is information
originated within the Department of State that warrants a degree of protection and
administrative control and meets the criteria for exemption from mandatory public disclosure
under the Freedom of Information Act. When SBU information is included in DoD
documents, it shall be marked as if the information were FOUO [Ref: DoDM 5200.1, Volume
4].
13.3.7. Protection of Drug Enforcement Administration (DEA) Sensitive Information.
Unclassified information that is originated by the DEA and requires protection against
unauthorized disclosure to protect sources and methods of investigative activity, evidence,
and the integrity of pretrial investigative reports [Reference DoDM 5200.1, Volume 4].
26 AFPCI31-100 5 AUGUST 2014
Chapter 14
PERSONNEL SECURITY
14.1. Submitting Security Clearances. When notified by the Directorate Security Monitor,
personnel will provide information for accomplishing Electronic Questionnaire for Investigation
Processing (eQIP) or other security clearance paperwork within 14 duty days from date of
notification.
14.2. Continuing Evaluation.
14.2.1. Individuals will notify their supervisor, First Sergeant, AFPC Commander or
Security Monitor of all personal circumstances which could affect their continued access to
classified. These circumstances are listed in DoD 5200.2-R, Appendix 8. These include, but
are not limited to: financial problems or unexplained affluence, criminal investigations,
drug/alcohol abuse, etc.
14.2.2. Anyone with knowledge of adverse information concerning a person with a security
clearance must report the knowledge to their supervisor, First Sergeant, Commander or
Security Monitor.
14.2.3. With advice from the AFPC Security Office, the AFPC Commander will evaluate
each situation and make the determination on whether or not to establish a Security
Information File (SIF).
14.3. Any changes in a Security Access Requirement (SAR) code for a Unit Manpower
Document (UMD) position must be coordinated with the Security Office prior to submission to
AFPC/DSHM.
14.3.1. To ensure personnel have the appropriate security investigation the UMD position
number must be verified during in-processing.
AFPCI31-100 5 AUGUST 2014 27
Chapter 15
INDUSTRIAL SECURITY
15.1. The AFPC Security Office manages the Industrial Security Program for AFPC.
15.2. Contractors who work with or have access to classified information must comply with
the provisions of DoDM 5200.1, Volume 3 Information Security Program and DoD 5220.22-M.
AFPC offices sponsoring visiting contractors requiring access to classified information must
ensure an appropriate security clearance visit request has been received by the Security office.
15.3. AFI 31-601 is the only authorized source document that may be used for development of
the DD Form 254, DoD Contract Security Classification Specification.
15.4. The contracting office and the 502 ABW OL-B/IP must be notified of all new contracts
and DD Form 254s.
15.5. Draft copy of DD Form 254 and statement of work shall be forwarded to the Security
Office to ensure all security requirements and contents are annotated properly. (T-3)
15.6. Final copy must be provided to the Security Office. Information received will be used to
prepare a Visitor Group Security Agreement (VGSA). The VGSA will be completed by the
government. The VGSA gives additional security requirements for contractors working in
AFPC. Contractor will also provide the government with a Visit Authorization Letter (VAL) on
an annual basis. The VAL will identify all personnel working on the contract. VALs will be
submitted via JPAS. (T-3)
15.7. The Security Office will maintain a hard copy of the DD Form 254, VGSA, and VAL.
The Security Office conducts security inspections on all AFPC visitor group agreements on an
annual basis. Contracting companies must update their visitor’s group agreement annually.
Updated document will be provided to the Security office.
15.8. All long-term cleared/uncleared contractor personnel will require initial/annual security
training, IAW AFI 31-401. (T-3)
MARGARET B. POORE, Maj General, USAF
Commander
28 AFPCI31-100 5 AUGUST 2014
Attachment 1
GLOSSARY OF REFERENCES AND SUPPORTING INFORMATION
References
DoD 5200.01-M, Volume 1, DoD Information Security Program: Overview, Classification, and
Declassification, 24 February 2012
DoD 5200.01-M, Volume 2, DoD Information Security Program: Marking of Classified
Information, 24 February 2012, Incorporating Change 1, March 21, 2013
DoD 5200.01-M, Volume 4, DoD Information Security Program: Controlled Unclassified
Information (CUI), 24 February 2012
DoD 5200.1-PH, DoD Guide to Marking Classified Documents
DoD 5220.22-M, National Industrial Security Program Operating Manual (NISPOM), 28
February 2006, Incorporating Change 1, March 28, 2013
DoD 5220.22-R, Industrial Security Regulation, 1 December 1985
DoD 5400.11-R, Department of Defense Privacy Program, 14 May 2007
DoD 7650.1-I, General Accounting Office (GAO) and Comptroller General Access to Records,
27 Jan 2009, Incorporating Change 1, August 24, 2011
AFI 16-201, Air Force Foreign Disclosure And Technology Transfer Program, 1 December
2004
AFI 31-401, Information Security Program Management, 1 November 2005
AFI 31-501, Personnel Security Program Management, 27 January 2005
AFI 31-601, Industrial Security Program Management, 29 June 2005
AFI 33-201, Volume 2, Communication Security (COMSEC) User Requirements (FOUO), 26
April 2005
AFI 33-332, The Air Force Privacy and Civil Liberties Program, 5 June 2013
Air Force Records Disposition Schedule - https://afrims.amc.af.mil/rds_series.cfm
Adopted Forms
AETCVA 31-9, Security Manager Designation
AETC VA 31-10, Classified Work in Progress
AETC VA 31-5, Classified Reproduction Authorized
Use AETC VA 31-6, Unclassified Reproduction Only
AETC VA 31-7, Classified Destruction Only
AF Form 143, Top Secret Register Page
AF Form 144 Top Secret Access Record
AF Form 310, Document Receipt and Destruction Certificate
AFPCI31-100 5 AUGUST 2014 29
AF Form 614 Charge-Out Record
AF Form 847, Recommendation for Change of Publication
AF Form 1109, Visitors Register Log
AF Form 1297, Temporary Hand Receipt
AF Form 1565, Entry, Receipt and Destruction Certificate
AF Form 2587, Security Termination Statement
AFTO Form 36, Maintenance Record For Security Type Equipment
DD Form 254, DoD Contract Security Classification Specification
DD Form 2501, Courier Authorization
SF 86, Questionnaire For National Security Positions
SF 312, Non-Disclosure Agreement
SF 700, Security Container Information
SF 701, Activity Security Checklist
SF 702, Security Container Check Sheet
SF 704, Secret Cover Sheet
SF 705, Confidential Cover Sheet
SF 706, Top Secret Label
SF 707, Secret Label
SF 708, Confidential Label
SF 710, Unclassified Label
SF 711, Data Descriptor Label
Abbreviations and Acronyms
ADLS—Advanced Distributed Learning Service
AFB—Air Force Base
AFI—Air Force Instruction
AFPC—Air Force Personnel Center
AFMAN—Air Force Manual
AIS—Automated Information System
ANG—Air National Guard
CAPCO—Controlled Access Program Coordination Office
CBT—Computer Based Training
COMSEC—Computer Security
30 AFPCI31-100 5 AUGUST 2014
DEA—Drug Enforcement Administration
EPP—Emergency Protection Plan
FOUO—For Official Use Only
GAO—General Accounting Office
GSA—General Services Administration
GWOT—Global War on Terrorism
IAW—In Accordance With
IS—Information Systems
JBSA—Joint Base San Antonio
JPAS—Joint Personnel Adjudication System
eQIP—Electronic Questionnaires for Investigations Processing
NATO—North Atlantic Treaty Organization
NDA—Non-disclosure Agreement
NIPRNET—Nonclassified Internet Protocol Router Network
NSA—National Security Agency
OI—Operating Instruction
OPR—Office of Primary Responsibility
ORCON—Originator Control
PII—Personally Identifiable Information
PKI—Public Key Infrastructure
SAR—Security Access Requirement
SBU—Sensitive But Unclassified (SBU)
SF—Standard Form
SIF—Security Information File
SIPRNET—Secret Internet Protocol Router Network
UMD—Unit Manpower Document
USPS—United States Postal Service
VAL—Visit Authorization Letter
VGSA—Visitor Group Security Agreement
VTC—Video Teleconference
AFPCI31-100 5 AUGUST 2014 31
Terms
Tier 0 (T-0)—Determined by respective non-AF authority (e.g. Congress, White House, Office
of Secretary of Defense, Joint Staff). The waiver authority is non-applicable, or external to AF.
Tier 1 (T-1)—Non-compliance puts Airmen, Commanders or the USAF strongly at risk of
mission or program failure, death, injury, legal jeopardy or unacceptable fraud, waste or abuse.
The waiver authority is the MAJCOM/CC, delegable no lower than MAJCOM Director, with the
concurrence of the AFI Certifying Official.
Tier 2 (T-2)—Non-compliance may degrade mission or program effectiveness or efficiency and
has potential to create moderate risk of mission or program failure, injury, legal jeopardy or
unacceptable fraud, waste or abuse. The waiver authority is the MAJCOM/CC (delegable no
lower than MAJCOM Director).
Tier 3 (T-3)—Non-compliance may limit mission or program effectiveness or efficiency and has
a relatively remote potential to create risk of mission or program failure, injury, legal jeopardy or
unacceptable fraud, waste, or abuse. The waiver authority is the Wing/DRU/FOA/CC (delegable
no lower than Group/CC or equiv).
32 AFPCI31-100 5 AUGUST 2014
Attachment 2
TRANSMITTING CLASSIFIED MATERIAL
A2.1. Top Secret material is transmitted by an approved courier system (Defense Courier
Service), message or personal hand carrying by a designated representative. Never use US mail
or FedEx to transmit Top Secret material. Always use receipts when transferring Top Secret
material. AF Form 143 (for Top Secret only), AF Form 310, and AF Form 1565 are the most
common receipt forms used for classified documents. Complete an AF Form 310, Document
Receipt and Destruction Certificate, to provide a receipt of change accountability as necessary.
A2.1.1. Secret materials can be transmitted by:
A2.1.1.1. An authorized component courier service.
A2.1.1.2. An authorized electronic system, e.g. a STE.
A2.1.1.3. Hand-carried (with proper authorization).
A2.1.1.4. Registered mail (within US and within its territories - it can be sent to an
APO/FPO address only if you can ensure that the mail will not pass out of US control
during its trip).
A2.1.1.5. Protective Security Service for large bulky items (check with the Security
office).
A2.1.1.6. United States Parcel Service Express Mail and FEDEX (check with the
Security office for limitations).
A2.1.2. Confidential materials may be transmitted by:
A2.1.2.1. An authorized component courier service.
A2.1.2.2. An authorized electronic system, e.g. a STE.
A2.1.2.3. Hand carried (with proper authorization).
A2.1.2.4. Registered mail (for NATO; for APO/FPO outside US; when uncertain if
destination within US; to DoD contractor or other Executive Branch agency, when
appropriate).
A2.1.2.5. First Class Mail between DoD activities within US and territories - do not use
for mail to DoD contractors or other Executive Branch agency.
A2.1.2.6. Certified Mail (to DoD contractor or other Executive Branch Agency).
A2.1.2.7. Constant Surveillance Service for large bulky items (check with the unit
security monitor).
A2.2. Packaging Classified Material. The procedures listed below for the inner and outer
wrapping of classified material will be followed.
A2.2.1. Inner Wrapping:
A2.2.1.1. Use opaque material to wrap classified material.
A2.2.1.2. Highest classification and warning notices placed on wrapping.
AFPCI31-100 5 AUGUST 2014 33
A2.2.1.3. Wrapped to make detection of tampering easy.
A2.2.1.4. Address and return address, plus accountable container number and AF Form
310. (T-3)
A2.2.1.5. Name of POC may be placed on inner envelope.
A2.2.2. Outer Wrapping:
A2.2.2.1. Use Opaque wrapping material. Locked briefcase when hand carrying.
A2.2.2.2. Wrapped to make detection of tampering easy.
A2.2.2.3. No classification markings.
A2.2.2.4. “RETURN SERVICE REQUESTED” on First Class Mail for Confidential
Material.
A2.2.2.5. Address to activity, not person (do not put a person’s name in the address).
A2.2.2.6. Return address.
A2.3. Incoming bulk/accountable mail will be treated as classified until it is delivered to the
addressee. Accountable mail will be stored in a GSA-approved security container.
A2.4. To transfer files from NIPRNET to SIPRNET go to https://dots.dodiis.mil/. This is a
Department of Defense site that will forward a link containing the data to your SIPRNET
address.
34 AFPCI31-100 5 AUGUST 2014
Attachment 3
EMERGENCY PROTECTION PLAN (EPP)
A3.1. General. This guidance will assist GSA-approved security container custodians in the
formulation of an EPP. GSA-approved security container custodians should be thoroughly
familiar with procedures as outlined in AFI 31-401, DoD 5200-1.R and this OI. This instruction
will be used for the emergency protection or removal of classified material in the event of a
natural disaster or civil disturbance, terrorist activity, etc. A copy of this instruction will be near
(not attached) to the GSA-approved security container in each area that classified material is
stored or processed. These procedures also apply to North Atlantic Treaty Organization Secret
material and above. (T-3)
A3.2. Situation. Severe weather phenomena such as tornadoes, thunderstorms, hailstorms, flash
floods and hurricanes can pose a threat to Joint Base San Antonio (JBSA) Randolph & Lackland
AFB. The possibility of fire always exists. Civil disturbances may consist of a small group or
groups of dissidents to large-scale riots. In any of these cases, classified material becomes
vulnerable to compromise due to loss or theft and requires additional protection.
A3.3. Emergency Protection.
A3.3.1. Fire. If time permits before evacuation of an area, secure classified material in a
vault or GSA-approved security container within the immediate area. Personnel will not,
however, risk injury or loss of life to secure classified material. If classified material cannot
be properly stored, personnel will evacuate the area to the limits established by emergency
response forces. If this occurs, place the material in or on a desk, or if possible, hand-carry
the information out of the area. Personnel will notify their primary or alternate security
monitor of any classified left unsecured at the time of evacuation. Immediately after the
emergency and authorization by emergency response forces, personnel will return to their
area and check for unsecured classified material. If material is missing or inadvertent access
or compromise is suspected, security monitor will comply with DoD 5200, 1-R, chapters 6
and 9. Emergency response forces will be debriefed if after the situation is terminated.
A3.3.2. Natural Disasters. If severe weather occurs without warning, secure classified as
prescribed in chapter 4. If AFPC does receive advance warning, personnel should limit the
hand-carrying of classified information outside of the immediate work area and take steps to
secure all classified in GSA-approved security containers prior to the arrival of severe
weather.
A3.3.3. Civil Disturbance. Normally, base support agencies such as the Air Force Office of
Special Investigation and security forces receive advance warning of rallies, strikes or
demonstrations on or near the installation. AFPC personnel should plan for the increased
security of classified material before the disturbance based on sources provided. Suspend
hand-carry of classified documents outside the work area. Maintain classified material
within the work area until termination of the incident.
A3.3.4. Emergency Removal. Normally, emergency removal is ordered in overseas areas if
advance notice of a terrorist attack is received, or if there is knowledge of the base being
overrun by an overwhelming force. If valid reasons for the emergency removal of classified
from AFPC is warranted the order will be given by either the JBSA Commander or the AFPC
AFPCI31-100 5 AUGUST 2014 35
Commander. To ensure the most important and sensitive materials are evacuated/destroyed
first, the following priorities are assigned:
A3.3.4.1. PRIORITY ONE: TOP SECRET
A3.3.4.2. PRIORITY TWO: SECRET
A3.3.4.3. PRIORITY THREE: CONFIDENTIAL
36 AFPCI31-100 5 AUGUST 2014
Attachment 4
SECURITY TRAINING PLAN
A4.1. General. It is imperative that all personnel understand the compelling need to protect
classified and sensitive resources. To accomplish this, the Security office provides an initial
security briefing to all personnel on basic security policies, principles and practices during in-
processing.
A4.2. Cleared personnel must have this training prior to being granted access to classified
information.
A4.3. Training should be accomplished continually to reinforce the policies, principles and
procedures covered in initial, continuing/refresher and specialized training. A listing of
personnel who completes the required training will be provided to the Security office by each
directorate security monitor.
A4.4. Security training can include films, handouts, computer presentations, videos, and guest
speakers.
A4.4.1. Continuing/Refresher Security Education and Training Standards.
A4.4.2. This continuing/refresher security education and training standard will be used to
provide refresher training to those personnel who create, process or handle classified
information. Refresher training should reinforce the applicable policies, principles and
procedures covered in initial and specialized training and should be conducted throughout the
individual’s duty assignment. Training will be conducted on a quarterly basis.
A4.4.3. Quarterly Training Topics:
A4.4.3.1. Suggested topics for first session (Jan-Mar). Security Program Roles &
Responsibilities.
A4.4.3.1.1. Purpose and Policies.
A4.4.3.1.2. Classified Information Definition.
A4.4.3.1.3. Classification Authority.
A4.4.3.1.4. Classification Challenges.
A4.4.3.1.5. Transmission of Classified Information.
A4.4.3.1.6. Disposal and Destruction.
A4.4.3.1.7. Classified Storage.
A4.4.3.2. Suggested topics for second session (Apr-Jun).
A4.4.3.2.1. Security Incidents.
A4.4.3.2.2. Safeguarding.
A4.4.3.2.3. End-Of-Day Security Checks.
A4.4.3.2.4. Reproducing Classified Information.
A4.4.3.3. Suggested topics for third session (Jul-Sep).
AFPCI31-100 5 AUGUST 2014 37
A4.4.3.3.1. Personnel Security.
A4.4.3.4. Suggested topics for fourth session (Oct-Dec).
A4.4.3.4.1. Emergency Protection of Classified.
A4.4.3.4.1.1. Security Clearance/Access Verification Procedures.
A4.4.3.4.1.2. Foreign Travel Requirements.
A4.4.3.4.1.2.1. Classified Meetings.
A4.4.3.4.1.2.2. Controlled Unclassified Information.