Library of FAQs

Program Planning and Management: S&S program planning and management is integrated with other programs such as physical protection, protective force (PF), information security, personnel security, and nuclear material control & accountability (MC&A). The following FAQs will help in better understanding some of the common topics within program planning and management.

Q: I've heard that the Program Planning and Management Manual (DOE M 470.4-1) is being revised. Who is working on that revision and when will the new version be available for review?

A: HSS has initiated a major zero based policy review effort to examine the content and format of the core safeguards and security directives in the 470.4 series. As part of that effort, the Program Planning and Management Manual is undergoing a comprehensive review by three working groups consisting of subject matter experts from throughout the DOE complex. Because of the complexity of this Manual, each group is looking at a single topical area.

When all of the groups have finished their reviews and initial drafts of their topical areas, the drafts will be combined and reviewed by an implementation focused "red team." A review of the approach DOE uses for safeguards and security planning, which began in late 2007, delayed the final draft and review of the by the "red team". It is anticipated that the new planning document will be accepted in early July and work on the Manual will resume in mid-summer.

Q: Several DOE 470.4 series Manuals use the term "Departmental element." What does that term mean?

A: The term "Departmental Element" is a common-use term from the DOE directives system. DOE M 251.1-1B, Departmental Directives Program Manual defines Departmental Element: "First-tier organizations reporting directly to the Secretary, Deputy Secretary, or Under Secretaries. The National Nuclear Security Administration is a Departmental element. First-tier organizations at Headquarters include the Secretary, Deputy Secretary, Under Secretaries, and Secretarial Officers (Assistant Secretaries and staff Office Directors). First-tier organizations include managers of the field offices and Administrators of the Power Marketing Administrations." The latest list of Departmental Elements can be found at: http://www.directives.doe.gov/pdfs/reftools/org-list.pdf.

Q: Are there any resources available within DOE for people involved in developing and managing a security awareness program as required in DOE M 470.4-1?

A: Yes. The National Training Center (NTC) offers a four and one-half day introductory course, Safeguards and Security Awareness Coordinators' Training, for individuals who are involved in developing, implementing, and maintaining security awareness programs. More information on the course is available on the NTC website at http://www.ntc.doe.gov/ntc/docs/NTCCourseCatalog_Final.pdf. The Security Awareness Special Interest Group (SASIG) is an active networking group of Federal and contractor personnel involved with safeguards and security awareness programs. The members of SASIG work to promote safeguards and security awareness within the DOE, assist sites and facilities in carrying out the security awareness program requirements and share security awareness resources. Membership is open to anyone with a work-related interest in promoting security awareness, and there is no membership fee. More information about SASIG, including how to join the group, is available on the SASIG website at http://www.orau.gov/sasig/.

Q: What is expected of an organization which assumes security cognizance for another site? Are there specific duties and services that the organization with security cognizance has to provide?

A: An organization which is listed as the cognizant security authority for another location is expected to be able to perform specific security functions on behalf of the client location. Those security duties and services include but may not be limited to surveys to determine security requirements, review and storage of safeguards and security plans and other documents, oversight activities, FOCI considerations, registration of a facility clearance, personnel security clearance activities, and SSIMS entries. In accordance with DOE M 470.4-1 and the requirements of the NISPOM, the security authority must possess a facility security clearance at the same level or higher as an office over which it exercises responsibility. This means that the cognizant security organization must be surveyed and registered in SSIMS, and must set up a limited area and classified processing capabilities. The organization must meet the requirements and be capable of undertaking the security activities itself; there is no provision for establishing a Memorandum of Agreement or other vehicle as a "paper" designation to allow the security activities to be performed by another organization on behalf of the organization with security cognizance.

Q: Some forms that DOE uses in connection with various activities (such as the Visit Request form and the Security Acknowledgement and Termination Statements) are really outdated. Are there any plans to revise these forms and bring them up to date?

A: As the zero-based policy review proceeds, some review of the forms used in connection with specific activities is being conducted. The Security Acknowledgment and Terminations Statements, which are used primarily in connection with the DOE personnel security program but which also have security awareness applications, are currently being revised to reflect changes to the DOE personnel security program (new drug testing requirements, revised personnel security and foreign travel reporting requirements), and to reflect current requirements pertaining to prepublication review of materials prepared by individuals who hold or previously held a DOE security clearance. Since questions have been raised concerning the Visit Request form, used in the classified visits program, we will review this form and update it as necessary. Questions pertaining to other forms which are referenced in the security directives may be addressed to HS-71.

Q: I have a question regarding the Outside Director (OD) for a company under a Security Control Agreement. Can the OD do consultant work for one of the foreign owners after he has been approved by the Office of Security? DOE M 470.4-1 Part 2, Section H, Chapter IV, FOCI Mitigation Action Plans, 3.,c.,(2) Security Control Agreement, (b) 1: "Appointment of one or more outside directors who must meet the eligibility requirements set forth in paragraph 3.b(1)(b), above. This reference reads: "Be completely disinterested individuals with no prior involvement with the cleared U. S. organization, its foreign-owned tier parent(s), or any of its foreign-owned affiliate(s). This reference, as stated, applies to "before" approval, but, what about after approval? Is this a conflict of interest? We have been told that one of our ODs has been doing consulting work for one of the parents in his company.

A: Based on the situation you've described, it appears there may be a conflict of interest here. As you have stated above, the Manual requires that when setting up the Security Control Agreement one of the stipulations for the Outside Director (OD) is that he/she must, "Be completely disinterested individuals with no prior involvement with the cleared U.S. organization, its foreign-owned tier parent(s), or any of its foreign-owned affiliate(s)." If the OD is getting paid to do work for a foreign parent, he/she is no longer a "completely disinterested individual." I think the term completely disinterested is the key to the requirement. "No prior involvement" is one characteristic of being completely disinterested. However, I don't believe it is the sole characteristic. The key to being disinterested is that the person must be unbiased by personal interest. If the OD is hired by the foreign parent, he/she is no longer disinterested.

Q: What is meant by the term cognizant security authority used in the DOE 470.4 series? Can this authority be further delegated? Does this need to be a formal appointment?

A: As used in the Manuals in this series, the term Cognizant security authority refers to DOE and NNSA Federal and contractor employees who have been granted the authority to commit security resources or direct the allocation of security personnel or approve security implementation plans and procedures in the accomplishment of specific work activities. "DOE cognizant security authority" is used when intended to apply specifically to a Federal authority. When specifically requiring a contractor to fulfill the role, the phrase "contractor cognizant security authority" is used, and when neither DOE nor contractor is specified, the authority may be assigned to either. Further delegation is typically acceptable by definition (Federal/Contractor constraints maintained) since DOE and contractor line management designate their cognizant security authorities. Any exceptions to this will be specified in the corresponding sections of the manuals. Likewise formal appointment is not required, although delegations of authority must be documented in the appropriate safeguards and security management plan. Whether the cognizant security authority role can be delegated or requires formal appointment for any particular action is determined on a Program/site-specific basis according to applicable contracts, directives, and/or security plans. Under DOE O 470.4A, the Under Secretary for Science, the Under Secretary for Energy, and the Associate Administrator for Defense Nuclear Security are designated as the DOE cognizant security authorities for their organizations and may delegate this authority as necessary to carry out the associated responsibilities.

Q: Why does the Office of Security Policy (HS-70), Office of Health, Safety and Security, need a copy of our approved S&S deviations?

A: HS-70 is responsible for establishing the requirements and responsibilities found in S&S directives, including the requirements for the deviations process. HS-70 must be aware of deviations from these provisions for the following reasons: 1) to assure that the deviations process is being implemented correctly; e.g., that a deviation is not labeled a "variance" because of its easier requirements, when, in fact, it is a waiver or an exception; 2) to assure that the provision is one from which a deviation is allowed; e.g., that it is not a statutory, regulatory, Executive order, or Presidential directive requirement from which no deviation is allowed without further process; and 3) to evaluate the portion of the directive from which a deviation is requested to determine if the directive needs to be revised or canceled.

Q: Former policy addressed recurring classified visits by local FBI personnel; however, current policy does not. Why was this language removed? Can we establish local procedures to allow such recurring classified visits?

A: Current policy for the Classified Visits provisions is found in DOE M 470.4-1, Section L. Under this section "continuing visitor access approval" is now required when it is known that an individual's classified visits will be frequent. DOE M 470.4-1, Section L, paragraph 2.a.(3) reads: "Line management must establish local procedures for the control of classified visits. Procedures must ensure... (3) Continuing visitor access approval is necessary for individuals who frequently visit DOE facilities. However, the locally approved access approval cannot exceed a period of 1 year or the final day of a contract, whichever is less. The approval may be renewed annually (at least every 12 months)." This provision would apply to recurring visits by local FBI personnel.

Q: Can local implementation be more restrictive than DOE S&S policy?

A: The S&S directives establish the minimum requirements. Local implementation may be more restrictive, but any action beyond what is required may have to be justified by a cost/benefit analysis to satisfy financial requirements.

Q: Can a DOE Site/Office receive a deviation from an Executive Order or a regulation?

A: If there is a process for deviating from the requirements of a higher directive, that process must be followed. The deviations process in DOE M 470.4-1 covers only deviations from a DOE S&S policy requirement. When the S&S requirement is also an Executive or regulatory requirement from which a deviation is not authorized, the DOE M 470.4-1 process can be used in a limited manner only. A deviation may be considered from a DOE-originated requirement that is intended to implement a general requirement of a national-level directive, so long as the modified implementation achieves the full implementation of the national-level requirement. A deviation from an Executive or regulatory requirement can only be considered under the specific processes, if any, included in the Executive or regulatory language

Q. When the Office of Health, Safety and Security was established, the Office of Security no longer existed organizationally. Who should I contact to complete actions required in the DOE 470.4 directive series since there is no longer a position identified as the Director of Security?

A: The Office of Security Directors' responsibilities, with the establishment of the Office of Health, Safety and Security, fall under the Chief Health, Safety and Security Officer, Glenn S. Podonsky and the Deputy Chief for Operations, Michael A. Kilpatrick.

Q: If there is a change in policy, will official documentation be sent through the proper channels and forwarded to all NNSA and DOE sites?

A: Any changes to DOE S&S policy will be made through the DOE Directives System, which is established by DOE P 251.1A, Departmental Directives Program Policy, DOE O 251.1, Departmental Directives Program, and DOE M 251.1-1B, Departmental Directives Program Manual. Notifications can be received when actions are taken on DOE directives of interest by signing up for E-Mail Notification in the middle of the Directives Home Page. The web address is http://directives.doe.gov/alertmain.html. You may also want to let your Directives Point of Contact (DPC) know of your interest in particular directives. The DPC list is found on the Directives Home Page under "References" (bottom of the left side). The web address is http://www.directives.doe.gov/pdfs/doegeninfo/final/dpclist.pdf.

NNSA has statutory authority to establish NNSA-specific policy (including changes to DOE policy), unless disapproved by the Secretary. If you have questions concerning the process for changes in policy by NNSA, you may wish to contact NNSA. NNSA Policy Letter (NAP)-1 describes the process, and it is available on the NNSA website http://hq.na.gov/default.aspx?L=ITEM&ITEM=2375&CA=30&OT=86&PI=2317.

Return to Top of Page

Physical Protection: Questions involving DOE M 470.4-2 have arisen both the revised directives resulting from the streamlining initiative of August 2005 and the changes associated with elite force that were published in March 2006. Several of the questions of most general interest are provided below.

Q: Must I install high security padlocks on gates providing access to public and property protection areas?

A: No, high security padlocks are not required; but, DOE M 470.4-2, provides security criteria for Level III security locks and keys that are required for use on gates in fences, cargo containers and storage areas for the protection of Government property.

Q: Where can I find information about the Levels of federally approved locks and keys?

A: Federal specifications, appropriate for high security locks and keys securing public and property protection areas, are available at the Department of Defense Lock Program Technical Support organization. They provide information to DOE on security hardware and are available by accessing their web site at https://portal.navfac.navy.mil/go/locks or by calling (800) 290-7607 or (805) 982-1212.

Q: Is there an inventory requirement for Level IV locks and keys?

A: No. There are no DOE requirements to inventory Level IV locks and keys. However, a locally developed procedure addressing the issue, turn-in, loss, compromise and control of Level IV locks and keys is a sound business practice.

Q: I know that there is a new badge being issued - when can I expect to receive my new badge and how long will my current DOE badge remain effective?

A: DOE and DOE contractor employees possessing a DOE badge will be contacted when the identity verification processing is completed. This will be followed by the turn-in of the current badge in exchange for the new DOE badge. The current DOE badge will remain active until the new badge is issued.

Q: What are the national drivers for the posting of trespassing signs at DOE facilities, installations, and real property as prescribed by DOE M 470.4-2?

A: Section 229 of the Atomic Energy Act of 1954 (42 U.S.C. 2278a) as implemented by 10 CFR 860-Trespassing on Department of Energy Property provides details for posting the regulations and penalties. Those DOE activities located on property under the charge and control of the General Services Administration, 41 CFR 101-20.3, Conduct on Federal Property, and 41 CFR 102- 81, Security, provide the guidance on the rules and regulations involving the property. Chapter XIV, Posting Notices, DOE M 470.4-2, describes the requirements for the Posting of property owned by or contracted to the United States for DOE.

Q: Does the DOE-approved combination lock on my vault door require modification to permit one-handed operation for egress in the event of an emergency?

A: No. If the lock meets the requirement for installation on vault and vault-type-room (VTR) doors, it does not require modification. The approved lock has a built-in safety release which must be engaged upon opening the lock. It automatically releases the latch when the door is opened. Thus, there is no modification required to the existing lock. Before someone is allowed to work in a vault, he/she should be instructed in the operating procedures, including the opening, closing, and alarm shunting/activating, the notification procedures when the alarm is shunted/activated upon arriving/departing the vault/VTR, and the response procedures for incidents.

Q: What's DOE policy concerning leaving a badge in a vehicle? Could I leave it in my car, that way, I won't forget and leave it at home because it will always be in my vehicle when I return to work.

A: Paragraph 3.e of Chapter XV, DOE M 470.4-2, requires each badge-holder to protect "the security badge against loss, theft, or misuse" and to report "a lost, stolen, or misused badge to the cognizant security authority within 24 hours of discovery." It is a poor security practice to leave a DOE badge in your vehicle. DOE badges should be protected the same as you would protect/secure cash, check book or credit card. Under isolated, unavoidable circumstances, leaving the badge in your locked vehicle, out of sight may be necessary, but any available means must be employed to eliminate unauthorized access to the badge (e.g. placed in a glove box, kept out of sight, car parked in an access-controlled area).

Q: While on official travel hotel personnel ask to make a copy of my DOE badge (in addition to my official orders) to verify my DOE status in order to receive the official government rate. Should I allow them to make a copy of my DOE badge?

A: No. Your DOE travel orders, your Government credit card, and when asked, showing your DOE badge, are sufficient to validate the individual's status as a person on official government travel. Title 18 U.S. Code, Section 701, prohibits the photography, engraving, printing or impression in the likeness of any such badge, identification card, or any colorable imitation. Violations of this Code may result in a fine or imprisonment or both.

Return to Top of Page

Protective Force: Numerous questions have been received as a result of the recent changes in the DOE protective force (PF) policy. These Frequently Asked Questions (FAQ) are intended to provide context for the recent changes and to enhance Departmental uniformity regarding PF implementation.

In brief, DOE M 470.4-3, Protective Force, was issued in August 2005 and was updated in March 2006 (Change 1), to further the Secretarial initiative to enhance the capabilities of the DOE PFs. This change included tactical response force doctrine, structure, deployment, training, career progression plan, rules of engagement, revised PF categories (Security Police Officer (SPO)-I, -III, etc.), and detailing application of the Offensive Combative Standard and the Defensive Combative Standard.

Q: DOE M 470.4-3, Protective Force, Appendix A-3 states "The posting of perimeter signage that states, 'Halt: Deadly Force is Authorized Beyond This Point' is authorized. Signs must be posted at entrances and at such intervals along the perimeter of the property to ensure notification of persons about to enter." Is the installation of these signs required?

A: The signs are "authorized," not required. If they ARE posted, then the instructions for wording, placement, and intervals (which conform to the instructions in DOE M 470.4-2, Physical Protection, for perimeter signage) must be followed.

Q: Why is the posting of the warning signs recommended?

A: In addition to being a warning to the public and to adversaries, the signs are intended as a tool to assist sites in the development of defensive plans that include reasonable Rules of Engagement in order to minimize confusion and to maximize the ability of the protective force to respond adequately to an adversarial incursion.

Q: Does the posting of the warning signs justify the application of deadly force?

A: No. By and of themselves, they do not "justify" the application of deadly force, but they certainly contribute to the development of local Rules of Engagement which should describe the post-specific circumstances that would constitute hostile intent on the part of an adversary, thereby possibly justifying the application of force.

Q: Do the signs conform to the warning addressed in 10 CFR 1047, "Limited Arrest Authority and Use of Force by Protective Force Officers"?

A: No. The signs alone do not constitute the warning addressed in 10 CFR 1047; however, if those signs are clearly posted and ignored by an intruder, that action can then be considered an indicator of hostile intent. Taken together with other locally-defined factors, they could aggregate to a level that may justify a forceful reaction.

Q: Will DOE continue to have protective force standardized weapons identified by brand and caliber?

A: No. Protective force policy revisions under development identify authorized weapons by type, capability, and caliber or projectile size. This change will allow sites greater flexibility in meeting Design Basis Threat requirements without having to employ the deviation process.

Q: The current protective force manual seems to be written primarily for contractor forces. Will this be the case in the next revision?

A: No. The next revision will establish separate manuals for contractor and Federal protective forces. Additionally the Federal protective force manual will have individual annexes that will address the specific differences in Federal Agent, Federal Officer, and Special Agent requirements and operations.

Q: The current protective force manual includes courses of fire for various firearms. How will those be addressed in future revisions?

A: The next version of the manual will reference a Web page which will contain all DOE approved courses of fire (COFs). In the past, such COFs were promulgated in manual form. That method now has become far too time-consuming and unresponsive to keep pace with exigencies associated with the development of the Tactical Response Force (TRF) concept which is needed to facilitate the countering of an escalating DBT. Using this improved methodology, new COFs can be developed and validated within the complex. After appropriate staffing, they can be approved and employed.

Q: In the new protective force manuals, how will one find out which modifications to firearms are authorized?

Interested parties will be directed to a Web page that will contain the DOE Firearms Modification List, which addresses approved modifications for all weapon systems, live-fire, as well as, engagement simulation systems (ESS).

Q: Does the DOE Federal Officer Program still exist?

A: Yes. DOE M 470.4-3, Chg. 1, paragraphs A.I.3.a.(2) and (3)(a), provide for both unarmed and armed Federal Officers. Federal Officers must be Federal employees. Both armed and unarmed Federal Officers are authorized to conduct investigations and liaison with law enforcement, but only armed Federal Officers have Federal arrest authority.

Q: Department of Energy (DOE) protective force (PF) operations have been satisfactory and stable for years. Why is the change to an "elite force" or Tactical Response Force necessary?

A: As the events of 9/11 and subsequent events worldwide have shown, the adversary that we have consistently projected since 1983 is not likely to be the adversary we now expect to face. Today, we can anticipate facing an adversary with more resources and enhanced capabilities, and who routinely plans to use suicidal tactics as a portion of their overall tactical plan. In the past, we were able to demonstrate an adequate level of site defense by using a large number of PF personnel in dispersed positions to overwhelm the adversary upon detection. Even a small increase in projected adversary numbers makes this tactic unfeasible, both tactically and from a resource standpoint.

Q: What policy directives were changed to affect the Secretary's vision of an elite PF for the DOE?

A: Page change revisions to implement the elite PF initiative were made to the three most applicable manuals to ensure an integrated, systems approach to implementation of Tactical Response Forces at Category I/rollup and Threat Level 2 facilities (facilities where a denial strategy is applicable):

DOE M 470.4-1 Chg1, Safeguards and Security Program Planning and Management, now contains the new DOE Tactical Doctrine and other requirements for protection program planning.

DOE M 470.4-2 Chg1, Physical Protection, addresses physical security enhancements and more reliance on technology to augment PFs.

DOE M 470.4-3 Chg1, Protective Force, focuses on changes to PF structure, organization, deployment, training, supervision, equipment, performance testing, and tactical exercises. A career progression plan and new Rules of Engagement for the application of deadly force have been included within this manual.

Q: What is the Tactical Response Force concept of employment?

A: The tactical response force concept, combined with the integrated use of security technology and a well designed barrier plan, provides a solution that is less manpower intensive and, at the same time, is less sensitive to the number of adversaries encountered. It recognizes that there traditionally have been PF duties and posts that are primarily intended to support routine operations and, because of location or other considerations, are of secondary tactical value during an attack on a special nuclear material (SNM) location. The tactical response force concept redirects highly trained and tactically skilled PFs toward their primary mission. Similarly, the defense of an SNM location involves three equally important functions: early detection and assessment capabilities to enable early interdiction as far away from the target as possible; establishment of a formidable protective perimeter around the target before the adversary arrives; and deployment of highly mobile, heavily armed forces who assess early alarms, engage adversaries sufficiently to evaluate their main assault, and maneuver decisively against them when the assault team is fixed by fire from the defensive perimeter. Mobility and firepower for the maneuver forces are provided primarily by lightly armored vehicles with weapons providing high rates of fire, and secondarily by dismounted forces with lighter, high rate of fire weapons such as the squad automatic weapon. In general, mobile units will be covered by over watch elements with long range weapons on vehicles or within the static defensive perimeter.

Q: What are the primary duties of the Tactical Response Force?

A: Application of the Tactical Response Force principles is dependent upon site-specific defense strategies, but tends to lead naturally to three categories of armed combatant: 1) armed personnel who are primarily assigned to routine duties but who assume key blocking positions upon attack; 2) armed personnel near target locations who assume prepared defensive positions upon attack; and 3) mobile forces who carry the fight to the adversary. The first two of these categories will generally not be required to move long distances under tactical conditions and are categorized as Security Police Officers (SPO)-I in the revised policy. Members of the mobile force whose primary duty is to fight using the capabilities and armament of the vehicle could also be designated as SPO-I. Mobile force members whose primary mission is to maneuver on and attack adversary forces on foot should be designated as SPO-II and therefore subject to more rigorous physical fitness standards. Members of either the static or mobile force who are designated as special response team members with responsibility for reentering areas defended by an adversary or other special response team duties, such as hostage rescue and pursuit, should be designated as SPO-III, with the accompanying training and physical fitness requirements.

Q: Is every site required to have a Tactical Response Force?

A: No. A Tactical Response Force is required only at sites where the PF is responsible for the security of Category I quantities of SNM; credible rollup of SNM to a Category I quantity; and those facilities that meet or exceed the Threat Level 2 criteria specified in DOE O 470.3A, Design Basis Threat Policy, for chemical, radiological, or biological thresholds. (At this time, none have been designated.)

Q: Who determines which categories of SPOs are needed at a site and in what numbers?

A: DOE policy provides sites/facilities the latitude, based on mission, vulnerability analyses, protection strategy, and response plans, to decide how many SPOs are needed in each category. Those decisions are made in conjunction with respective Headquarters Program Offices.

Q: Are all DOE PF personnel required to complete a one-mile run as part of their physical fitness qualifications?

A: No. DOE M 470.4-3 Chg1, Protective Force, requires that those personnel designated as SPO-II or SPO-III must meet the Offensive Combative Standard (OCS) specified in Title 10, CFR, Part 1046, "Physical Protection of Security Interests." Those designated as SPO-I are required only to meet the Defensive Combative Standard (DCS). The most significant difference between the OCS and DCS is a 1-mile run in 8 minutes 30 seconds for OCS versus the half-mile run in 4 minutes 40 seconds for DCS. Unarmed security officers have no physical fitness standard.

Q: What is the difference between offensive and defensive posts?

A: In general, at sites where a Tactical Response Force (TRF) is required, offensive posts are those manned by individuals who take the fight to adversaries and who meet the OCS fitness requirement. These are members of the active defense, or maneuver element, and would deploy from a vehicle or post with expectations of moving greater than 50 yards from that vehicle or post. Defensive posts are situated such that the adversaries must come to them and are staffed by personnel who meet the DCS fitness requirements. As part of the static or fixed defense, they may deploy from a vehicle or post with expectations of moving less than 50 yards from that vehicle or post. The cited distances associated with deployment are intended as general guidelines and are dependent upon the most tactically advantageous maneuver options available from the post or patrol at the time of deployment. They distinguish relatively short distances that could be negotiated by less physically-capable SPOs, as opposed to longer distances that might require more stamina. At sites where a TRF is not required, reaction distances for DCS-qualified personnel will vary depending on the post response plans. Line management is responsible for determining the likelihood of extended deployment zones for each assigned post, whether offensive or defensive.

Q: Why is there no longer a "grandfather clause" for the OCS so that PF personnel with age, illness, or injury issues can keep their jobs as SPO-IIs?

A: With the publication of DOE M 473.2-2, Protective Force Program Manual, on
6-30-00, the fitness requirement for SPO-IIs was established at the OCS as described in Title 10 CFR 1046, "Physical Protection of Security Interests." A "grandfather clause" was inserted that allowed incumbent SPO-II personnel to remain at the DCS. When DOE M 470.4-3, Protective Force, was published on 8-26-05, the grandfather clause was not included, because the original intent of the CFR was spelled out in more detail, noting that the fitness standard for an individual depended on assignment. DOE sites were to designate posts as either offensive or defensive in nature, with the intent that less physically demanding defensive posts could be staffed by those who could not meet the OCS.

Q: How do the new designations of SPO-I, II, and III relate to the old ones, especially with regard to physical fitness standards?

A: Previously, few sites used the SPO-I designation, but those who were so designated were required to meet the DCS contained in Title 10 CFR. The SPO-II designation was applied to more highly-trained PF personnel who, depending on duty assignment, might be required to meet either the DCS or the OCS specified in 10 CFR 1046. SPO-IIIs were even more highly trained, including certain specialized training, and required to meet the OCS. The revised categories and physical fitness standards are shown in the table below.

 

Previous Directives			Current Directives
Position Designation	Physical Fitness Standard		Position Designation	Physical Fitness Standard
SO	None		SO	None
SPO-I	Defensive Combative Standard		SPO-I	Defensive Combative Standard
SPO-II (Defensive)	Defensive Combative Standard
SPO-II (Offensive)	OffensiveCombative Standard		SPO-II	Offensive Combative Standard
SPO-III	Offensive Combative Standard		SPO-III	Offensive Combative Standard

Q: How are the older and more senior PF personnel supposed to be able to qualify as SPO-IIs?

A: The ability to qualify as a SPO-II at the OCS is not so much a function of age, seniority, or gender as it is of physical conditioning resulting from a disciplined individual wellness and fitness program. Injuries or illness can produce exceptions, of course. The Secretary's elite force initiative resulted in a Tactical Doctrine and a Career Progression Plan that combine to provide DOE sites the opportunity to develop protection plans that include the establishment of both offensive and defensive posts. Personnel who can meet the OCS may be categorized as SPO-IIs or -IIIs and assigned to the offensive posts, while those who can qualify only at the DCS may be categorized as SPO-Is and assigned to defensive posts. This policy changes mainly the title, or categorization, of PF personnel. Those persons who previously worked SPO-II defensive posts may continue to be eligible to work those posts and remain valued and essential members of the PF; the new policy simply redesignates them as SPO-Is.

Q: Does DOE policy dictate which categories of PF personnel, and in what numbers, are to be assigned to a site?

A: Yes, Tactical Response Forces are required at sites with Category I quantities of SNM; credible rollup of SNM to a Category I quantity; and those facilities that meet or exceed the Threat Level 2 criteria specified in DOE O 470.3A, Design Basis Threat Policy, for chemical, radiological, or biological thresholds. Tactical Response Forces require some Offensive Combative Standard (OCS) qualified protective force personnel. Within this constraint, DOE policy provides sites/facilities the latitude, based on protective force mission, vulnerability analyses, protection strategy, and response plans, to decide how many SPOs are needed in each category. Those decisions are made in conjunction with respective Headquarters Program Offices. Threat Level 3 and 4 sites do not require OCS qualified protective force personnel.

Q: If circumstances warrant the designation of most or all PF personnel as SPO-IIs, thereby requiring the OCS, must all qualify at that standard immediately?

A: If management is committed to designating all or most of their PF personnel as SPO-IIs, then those so designated will be required to meet the OCS. Even at that, management will have the latitude to establish compliance milestones in their implementation plans to allow phase-in of the OCS. Paragraph 8 of the introductory section of DOE M 470.4-3, Chg. 1, states: "Requirements that cannot be implemented within 6 months of the effective date of this Manual or within existing resources must be documented by the cognizant security authority and submitted to the relevant program officers…" That provision allows the sites time to prepare PF personnel who will be assigned to offensive posts to attain the ability to complete the OCS.

Q: Why do the DOE physical fitness standards not allow for age and gender variations?

A: DOE policy does not discriminate based on age or gender with regard to the performance of assigned duties. All SPOs within specific categories, regardless of age or gender, must be able to perform the essential tasks of their assigned positions, whether offensive or defensive. This concept has been accepted within the DOE since the mid-1980s.

Q: Why doesn't the DOE adopt an approach to fitness standards such as that used by the military?

A: The military, although similar in some respects, is structured differently. With some exceptions, older, more senior individuals and females are generally more remote from direct engagement with the enemy than younger males. The vast infrastructure of the military demands that more experienced personnel advance into less tactically-oriented, and thus less physically demanding, roles; therefore, their fitness standards adjust accordingly. DOE PF organizations are not structured to accommodate large numbers of personnel whose primary duties do not revolve around tactical defense of a nuclear site. Any modifications to the current standards will comply with rulemaking requirements, to include addressing all public comments.

Q: Are the mile and half-mile run standards legitimate tests of a person's fitness to perform DOE PF duties?

A: The present standards were derived from a correlation between observed performance of a series of tactical scenarios and the selected evaluative criteria. The DOE Office of Security Policy is evaluating a revised standard that will be equally demanding, but will consist of tasks more closely resembling current PF duty requirements.

Q: Must the assignment of automatic weapons, particularly, crew-served firearms, be limited to PF personnel who have qualified at the OCS?

A: No. DOE policy does not limit the employment of automatic weapons to sites or posts designated as offensive. In fact, DOE Tactical Doctrine encourages the placement of crew-served automatic weapons in defensive emplacements protecting sensitive targets.

Q: Did the elite force policy revisions change the requirement for possession of a "Q" clearance to be assigned an automatic weapon?

A: No. The issue of the requirement to have a "Q" clearance to be armed with an automatic weapon was not affected by the elite force policy revisions. Title 10 Code of Federal Regulations (CFR) 1046.14 conveys two stipulations: "SPOs possessing less than "Q" access authorization shall not be assigned to offensive positions or (emphasis added) duties where fully automatic firearms are required." "Offensive positions" and "duties where fully automatic firearms are required" are not synonymous. It makes no difference whether an automatic weapon is deployed in a defensive or an offensive position; the SPO to which the weapon is assigned must have a "Q" clearance according to the CFR.

Q: What has been done to clarify the circumstances under which deadly force may be applied at the site level?

A: The March 2006 policy revisions included, for the first time, guidelines for rules of engagement (ROE) that require the development of site- and post-specific ROE incorporating the concept of "hostile intent." Such ROE must consider the type of materials being protected, site geography, building construction, PF strength and capability, adversary task times, adversary characteristics as described in the current DOE Design Basis Threat, and consequences of asset loss. The ROE must clearly state under what conditions the circumstances of hostile intent have been met for each post in order for deadly force to be applied. The posting of perimeter signage that states, "Halt, Deadly Force is Authorized Beyond This Point" is authorized. Completed ROE must be submitted to the DOE cognizant security authority for review and approval. The National Nuclear Security Administration requires that site ROE be reviewed by the local DOE Chief Counsel. Upon approval, examples of likely scenarios where the use of deadly force may and may not be authorized must be included in General and Post Orders.

Return to Top of Page

Information Security: DOE M 470.4-4, Information Security, establishes security requirements for the protection and control of information and matter required to be classified or controlled by statutes, regulations, or DOE directives. Change 1 to the manual updates, clarifies and modifies the directive in accordance with the needs/requests that have been received from throughout DOE, especially pertaining to eliminating unnecessary resource burdens while maintaining protection and accountability for accountable classified removable electronic media (ACREM). Common information security topics are addressed below.

Q: Does classified matter that is going to be destroyed have to be protected (but not stored) and controlled until it is finally destroyed?

A: Yes, classified matter must be protected and controlled until it is finally destroyed. For classified matter to be protected and controlled, it must either be "in use" (constantly attended by, or under the control of, a person possessing the proper security clearance and need-to-know) or securely stored in an approved secure storage repository (i.e. vault, safe or vault-type room).

Q: I am the ACREM Custodian, do I have to destroy my ACREM or can I delegate it to someone?

A: As ACREM Custodian, you would not have to destroy your ACREM personally unless it is required by local procedures. However, an individual who is authorized access to the ACREM must accompany the matter to the destruction site and witness the destruction to include inspecting the residue. To remove the ACREM from accountability, a copy of the destruction certificate certifying the ACREM was destroyed would have to be presented to you as the ACREM Custodian. The certificate must include the name of the individual who validated the destruction.

Q: Why was non-standard storage removed from the current Information Security Manual (DOE M 470.4-4)?

A: By definition, non-standard storage (NSS) differs from normal storage conditions and ability to meet typical requirements. Given this divergence from the norm and the wide dissimilarities from one instance of NSS conditions to the next, policy was changed such that NSS was intended to be treated as a deviation rather than an ordinary process. Due to the size, shape or other characteristics of certain classified matter in DOE, the need for NSS policy or requirements continues to be explored. New policy on NSS is being drafted and will be included the next version of the Information Security Manual.

Q: What is the NISPOM and how does it apply to DOE?

A: The National Industrial Security Program Operating Manual (NISPOM) is the implementing directive for the National Industrial Security Program (NISP), which was established by Executive Order 12829, to achieve common standards for protecting classified information that is held by contractors, licensees, and grantees of the Federal Government. National security requires that this information be safeguarded equivalent to its protection within the executive branch. The NISP is applicable to all executive branch departments and agencies. Under the Atomic Energy Act of 1954, as amended (AEA), DOE is responsible for controlling the protection, classification, dissemination and declassification of Restricted Data. Concurrently, under the NISPOM, the Secretary of Energy retains authority over the information classified under the provisions of the Atomic Energy Act of 1954, as amended. Moreover, the security cognizance over the Department remains with the Department of Energy. Thus, DOE retains responsibility for security administration regarding classified activities and contracts under its purview.

Q: Why must I remove my DOE/Site parking pass/DOE Badge from open view when I leave DOE property?

A: Your parking pass and badge reveal information about you. There are several reasons to remove parking passes from open view (and similarly protecting badges). These include considerations of personal safety as well as personal and organizational security. From a safety perspective, a parking pass hanging from a rear-view mirror can obstruct a driver's vision. Additionally, the parking pass or badge provides information about you that may be useful to a stranger who intends you harm, or to an adversary or competitor of your organization or the Federal Government. Significant concerns include turning you and/or your car and its contents into a target of opportunity (breaking into your vehicle to steal the pass; or creating a counterfeit pass or badge based on visual access to yours). Such release of relatively small amounts of information (e.g. parking passes, individuals who possess them and how they are used) may be combined with other public or unprotected information to permit an aggressor to defeat access control processes, disrupt missions/operations, or otherwise compromise important activities.

Q: What is the difference between the terms Electronic Storage Media (ESM) and Classified Removable Electronic Media (CREM), as used in DOE M 470.4-4, Information Security?

A: Electronic storage media (ESM) refers to all electronic storage media. It does not have to be classified or removable, whereas CREM must be both classified and removable. Additionally, the term ACREM is used for accountable classified removable electronic media. Given these definitions, ACREM is a subset of CREM and CREM is a subset of ESM.

Q: When may I consider classified electronic storage media (ESM) to be unclassified?

A: Generally, DOE M 470.4-4, Information Security, does not permit classified ESM to be removed from accountability, downgraded or declassified if the ESM provides any potential access to information that made/makes it accountable or classified at a specific level and/or category. The basic performance requirement is that no classified information is present or recoverable before any of these actions are permissible. The DOE Office of the Chief Information Officer promulgates policy indicating approved methods for accomplishing the sanitization, clearing and destruction of electronic media for use in determining the proper classification and accountability status of ESM.

Q: What is PII and how can I learn more about it?

A: According to the Office of Management and Budget (OMB) memorandum M-06-16, Protection of Sensitive Agency Information, the term Personally Identifiable Information (PII) means any information about an individual maintained by an agency, including, but not limited to, education, financial transactions, medical history, and criminal or employment history and information which can be used to distinguish or trace an individual's identity, such as their name, social security number, date and place of birth, mother's maiden name, biometric records, etc., including any other personal information which is linked or linkable to an individual. Within DOE, PII is considered a sub-set of Official Use Only (OUO) information. This type of information has been considered OUO since the inception of OUO in DOE, but was uniquely identified as PII throughout the Executive Branch at the direction of OMB. Additional information regarding OUO can be found in DOE O 471.3, DOE M 471.3-1, and DOE G 471.3-1, all of which concern Identifying and Protecting Official Use Only Information.

Return to Top of Page

Nuclear Material Control and Accountability: DOE M 470.4-6, Nuclear Material Control and Accountability, was issued on August 26, 2005, and page changes were issued to that manual as Change 1 on August 8, 2006. The most frequently asked questions concern credible roll-up and tritium, which are answered briefly below.

Q: What is the purpose of an MC&A plan?

A: MC&A plans can serve as a planning document for the facility to use in carrying out its MC&A program and budgeting for its operations. Additionally, MC&A plans have several purposes:

Q: Who approves MC&A plans?

A: DOE M 470.4-6 requires that a specific DOE cognizant security authority (which could be the site security director, site manager or MC&A program manager depending on formal delegation) be designated as the DOE approving authority for MC&A plans, activities, and documents - including the MC&A plan, but does not specify who the approving authority should be. Program and site offices decide at what level of their organization MC&A approval authorities should reside based upon their resources and management structure. More generally, DOE O 470.4A designates the Departmental Under Secretaries as the overall cognizant security authorities for their organizations, and allows them to delegate those authorities to lower level DOE/NNSA officials. The delegations of authority are required to be in writing, and should be addressed in documents describing program functions, responsibilities, and authorities.

Q: What are Reporting Identification Symbols (RISs) and how are they used?

A: RISs are three or four letter codes assigned to DOE offices and contractors that possess nuclear materials, as well as NRC office and licensees that possess these materials. RISs for DOE offices and contractors are assigned by the Office of Information Management, HS-1.22. RISs for NRC offices and Licensees are assigned by the NRC Office of Nuclear Material Safety and Security. They are used for reporting nuclear materials inventories and transactions to the NMMSS. All DOE offices and contractors possessing reportable quantities of nuclear materials are required to have an RIS. They are also required to have a nuclear materials representative (NMR) for the RIS; the NMR is responsible for submitting site/facility data to NMMSS.

There is a rough correspondence between DOE sites and RISs, but the correspondence is not exact for several reasons: Different RISs are required for each DOE contractor possessing nuclear materials, and sites can have more than one contractor that possesses materials. Different RISs are used for waste areas than for processing and storage areas on the same site. Materials under the International Atomic Energy Agency (IAEA) are reported to NMMSS using a different RIS from other site RISs. Many DOE site offices have their own RIS separate from contractor RISs. For these reasons, most major DOE sites have more than one RIS. Additionally, some offsite materials may be included in the DOE office's or contractor's RIS.

Q: What nuclear materials does DOE M 470.4-6 address?

A: These nuclear materials include: Americium-241, americium-243, berkelium, californium-252, curium, deuterium, depleted uranium, normal uranium, enriched uranium, uranium-233, enriched lithium, plutonium, neptunium-237, thorium, and tritium.

DOE M 470.4-6 focuses on plutonium, enriched uranium, uranium-233, separated americium, and separated neptunium-237, because of their proliferation potential, but requires MC&A programs for all these materials.

Plutonium, enriched uranium, and uranium-233 are defined or designated as special nuclear material (SNM) by the Atomic Energy Act of 1954 and have long been considered material of concern for nuclear proliferation. More recently the International Atomic Energy Agency recommended that separated americium and separated neptunium-237 be treated the same as SNM for safeguards purposes, and DOE has adopted this recommendation into its regulations.

Q: What are the MC&A requirements for non-SNM?

A: Requirements for tritium, separated americium, and separated neptunium, are based on those for SNM. Requirements and graded safeguards thresholds for separated neptunium-237 and separated americium are identical to those for U-235. Tritium is treated as either Category III or IV SNM depending on its form, quantity, and isotopic purity.

MC&A requirements for non-SNM materials other than tritium, separated neptunium-237, and separated americium, are largely at the discretion of the DOE cognizant security authority responsible for MC&A. The only specific requirements are that

Q: Are DOE-owned nuclear materials at NRC licensee facilities reported to NMMSS under DOE requirements or NRC requirements?

A: They are reported using DOE requirements. This is based on an agreement between DOE and NRC and is reflected in NRC regulatory documents NUREG/BR-0006, Instructions for Completing Nuclear Material Transaction Reports, and NUREG/BR-0007, Instructions for the Preparation and Distribution of Material Status Reports. Additionally, the requirement to report pursuant to DOE instructions is usually reflected in contract and lease agreements for use of DOE-owned materials by NRC licensees.

Q: What does the term "credible roll-up" mean with regard to MC&A?

A: Roll-up is the accumulation to a higher safeguards category of special nuclear material (SNM) from lower category locations. Roll-up is credible if the materials can be accumulated and removed from the site prior to interruption and defeat by site personnel, including protective forces.

Q: I'm confused by tritium "reportable quantity" vs. "reporting unit." Table I-2 of Section A of DOE M 470.4-6, Chg 1, lists the "reportable quantity" for tritium as 1 gram, but Table XV-1 of Section B of same manual lists the "reporting unit" for tritium as 1/100 of a gram. Why are these two quantities different?

A: Reporting unit and reportable quantity are different concepts. Reporting unit is the mass unit that facility/site nuclear material accounting systems use for recording and reporting inventories and transactions. Reportable quantity is the minimum amount of a material that a facility must have to be subject to requirements of DOE M 470.4-6 for that material. Except for tritium, the reporting units and reportable quantity for nuclear materials are same. Historically, a hundredth of a gram was both the reporting unit and the reportable quantity for tritium. In 2003, the reportable quantity of tritium was changed to a gram in order to exempt facilities with less than that amount (primarily research facilities) from the MC&A requirements for tritium. The reporting unit was being maintained at 1/100 of a gram at the request of our larger tritium facilities and to maintain compatibility with historical MC&A record-keeping systems. Facilities with more than a gram of tritium are still required to report transactions of 1/100 of gram or more.

Return to Top of Page