ECCM-1

ECCM-1 COMSEC

Overview

COMSEC activities comply with DoD Directive C-5200.5.

MAC / CONF	Impact	Subject Area
CLASSIFIED	High	Enclave Computing Environment

Details

Threat
Improper handling of COMSEC devices and encryption keys will affect the confidentiality, integrity, and availability of classified and sensitive information. This implementation guide is aimed to help COMSEC personnel implement controls regarding proper safeguard, operation and maintenance of COMSEC devices and encryption keys.

Guidance
1. The Communications Security Officer (CSO) shall ensure the development of a COMSEC Material Control Guide in accordance with DOD and NSA guidelines and organization specific COMSEC guide. This guide shall include the following information at a minimum: · COMSEC material identification and accountability · COMSEC material control (e.g., forms, accounting reports, hand receipts) · Accounting forms · Receipt and transfer of COMSEC material · Packaging and shipment of COMSEC material · Inventory of accountable COMSEC material · Storage and destruction of COMSEC material · Reporting of COMSEC incidents · Creating and closing a COMSEC account 2. The CSO shall establish a COMSEC account. 3. The CSO shall designate COMSEC custodian and alternate custodian in writing. 4. COMSEC custodians shall take security trainings relevant to COMSEC material controls and be familiar with COMSEC procedures.

Guidance

1. The Communications Security Officer (CSO) shall ensure the development of a COMSEC Material Control Guide in accordance with DOD and NSA guidelines and organization specific COMSEC guide. This guide shall include the following information at a minimum:
  · COMSEC material identification and accountability
  · COMSEC material control (e.g., forms, accounting reports, hand receipts)
  · Accounting forms
  · Receipt and transfer of COMSEC material
  · Packaging and shipment of COMSEC material
  · Inventory of accountable COMSEC material
  · Storage and destruction of COMSEC material
  · Reporting of COMSEC incidents
  · Creating and closing a COMSEC account
2. The CSO shall establish a COMSEC account.
3. The CSO shall designate COMSEC custodian and alternate custodian in writing.
4. COMSEC custodians shall take security trainings relevant to COMSEC material controls and be familiar with COMSEC procedures.

References

DoDD C-5200.5, Communications Security (COMSEC), 21 April 1990
NSA/CSS CSCM-1, NSA COMSEC Material Control Manual, February 1985
National COMSEC Instruction (NACSI) No. 4005, Safeguarding and Controls of Communications Security Material, 12 October 1979
NSTTSST No. 4000, Communications Security Equipment Maintenance and Maintenance, Training, 01 February 1991
NTISSI No. 4001, Controlled Cryptographic Items, March 1985
NTTSSI No. 4002, Classification Guide for COMSEC Information, 05 June 1985
NSTISSI No. 4003, Reporting and Evaluating COMSEC Incidents, 02 December 1991
NTISSI No. 4004, Routine Destruction and Emergency Protection of COMSEC Material, 11 March 1987
NTISSI No. 4005, Control of Top Secret Keying Material, 02 May 1989
NTISSI No. 4006, Controlling Authorities for COMSEC Material, 02 December 1991