SORT: 5240.11
DOCI: DODI 5250.11
DATE: 19911223
TITL: DODI 5250.11 Damage Assessments, December 23, 1991, ASD(c31)
A. PURPOSE
This Instruction, under reference (a):
1. Establishes policy, assigns responsibilities, and prescribes
procedures for the reporting, review, and analysis of comprehensive damage
assessments of both the compromise of US. classified intelligence
(sources and methods) and non intelligence US. classified defense
information resulting from espionage, as opposed to unauthorized
disclosure.
2. Establishes the Department of Defense Damage Assessment Committee
(DoDDAC).
3. Establishes a continuing, comprehensive interagency assessment of
the impact of espionage cases worldwide with emphasis on US. and North
Atlantic Treaty Organization (NATO) military capabilities and the
implications for US. and NATO resources, plans, and arms control
negotiation positions.
B. APPLICABILITY
This Instruction applies to the Office of the Secretary of Defense
(OSD), the Military Departments, the Chairman of the Joint Chiefs of Staff
and the Joint Staff, the Unified and Specified Commands, and the Defense
Agencies (hereafter referred to collectively as `-the DoD Components"). C.
DEFINITIONS
Terms used in this Instruction are defined in enclosure 2.
D. POLICY
It is DoD policy that:
1. In accordance with E.O. 12333 (reference (b)) and DoD Directive
5240.2 (reference (c)), the DoD Components shall refer counterintelligence
(CI) matters involving assigned military personnel to the concerned
Military Department for appropriate investigation and disposition. The
Components shall refer CI matters involving civilian personnel in the
United States to the Federal Bureau of Investigation (FBI) and, when
overseas, to the Military Department responsible for providing
administrative and logistical support. The Military Departments' CI
Agencies shall perform the necessary CI activities to resolve any
allegations of espionage and coordinate with the FBI in accordance with
the Department of Justice Memorandum (reference (d)). In accordance with
DoD Instruction 5240.4 (reference (e)), all significant CI incidents shall
be reported by the Components to the Deputy Assistant Secretary of Defense
(Counterintelligence) (DASD(CI)), regardless of whatever Agency ultimately
assumes investigative jurisdiction, and regardless of whether they involve
active duty or retired military personnel, currently employed or retired
DoD civilian personnel, or current or former DoD contractors.
2. The DoDDAC shall:
a. Ensure the timely dissemination of data relating to
potentially compromised information to all affected DoD Components and
other Executive Branch Agencies.
b. Review and evaluate all DoD single Component damage
assessments and damage control reports.
c. Coordinate, review, and evaluate all DoD Component damage
assessments conducted within the Department in which more than one DoD
Component is affected by the compromise of classified information.
d. Ensure that DoD espionage information that relates to the loss
or compromise of intelligence sources or methods are referred in
accordance with Director of Central Intelligence Directive 3/16 (reference
(f)).
3. A DoDDAC damage assessment review is the final step in a lineal
process. It is conducted after a security review and classification
review and usually follows prosecutorial or administrative actions.
4. Nothing in this Instruction is intended to delay or inhibit
responsible DoD Components from conducting damage control actions
immediately following the discovery or disclosure of espionage, or
conducting damage assessments in accordance with DoD 5200.1-R
(reference(g)).
5. The DoDDAC shall coordinate with appropriate DoD investigative
agencies and legal entities before initiating action and developing or
disseminating data information systems so as not to hamper or interfere
with investigative, legal, or administrative actions or future legal
remedies.
E. RESPONSIBILITIES
1. The Assistant Secretary of Defense for Command, Control,
Communications, and Intelligence shall designate the DASD(CI) to chair the
DoDDAC and exercise policy formulation and oversight over the committee's
activities and to implement paragraphs E.1.a through E.1.d., below.
a. Provide notice of espionage and significant CI incidents, as
defined in enclosure 2,- affecting the Department of Defense to the
DoDDAC.
b. Establish a formal system within the OSD for the conduct of
damage assessments of information, materials, or equipment compromised
through foreign espionage activity.
c. Ensure that this system within the OSD is responsive to the
DoDDAC.
d. Provide ad hoc augmentees to DoDDAC subcommittees as required.
2. The Under Secretary of Defense (Acquisition); the Assistant
Secretary of Defense for Command, Control, Communications, and
Intelligence; the Under Secretary of Defense for Policy; and the General
Counsel of the Department of Defense each shall designate a senior
official to sit as a member of the DoDDAC and provide ad hoc augmentees to
DoDDAC subcommittees as required.
3. The Secretaries of the Military Departments; the Chairman of the
Joint Chiefs of Staff; and the Director, National Security Agency, each
shall:
a. Designate a senior official to sit as a member of the DoDDAC
and provide ad hoc augmentees to DoDDAC subcommittees as required.
b. Establish a formal system within their respective Departments
for the conduct of damage assessments of information, materials, or
equipment compromised through foreign espionage activity.
c. Ensure that this system is responsive to the DoDDAC.
4. The Director, Defense Intelligence Agency, shall:
a. Designate a senior representative to sit as a member and serve
as Executive Secretary, DoDDAC.
b. Execute those functions and procedures relating to damage
assessment processes delineated in sections D., above, and F., below, on
behalf of the Chair, DoDDAC, as the Chair may direct.
c. Establish a formal system in the Agency for the conduct of
damage assessments of information, material, or equipment compromised
through espionage activity and ensure that this system within the Agency
is responsive to the DoDDAC.
5. The Directors of Defense Agencies, other than the Defense
Intelligence Agency and the National Security Agency, shall:
a. Establish a formal system in their Agencies for the conduct of
damage assessments of information, material, or equipment compromised
through espionage activity.
b. Ensure that the system within their Agencies is responsive to
the DoDDAC.
F. PROCEDURES
1. The Chairman of the DoDDAC shall be the DASD(CI).
2. The permanent DoDDAC membership shall include designated senior
representatives appointed by the principals of the following DoD
Components: Department of the Army; Department of the Navy (including a
representative for the Marine Corps); Department of the Air Force; the
Chairman of the Joint Chiefs of Staff; Office of the Under Secretary of
Defense (Acquisition); Office of the Assistant Secretary of Defense for
Command, Control, Communications, and Intelligence; Under Secretary of
Defense for Policy; National Security Agency (NSA); Defense Intelligence
Agency (DIA); and the Office of the General Counsel of the Department of
Defense.
3. The Chair, DoDDAC, may invite additional representatives from the
Department of Defense, the FBI, and the Central Intelligence Agency to
participate in committee actions on a case-by-case basis.
4. The representative of the Director, DIA, shall serve as Executive
Secretary of the DoDDAC and shall be responsible for:
a. Maintenance of records and minutes of DoDDAC meetings.
b. Maintenance of security controls over information and
personnel affiliated with the DoDDAC.
c. If required, and in coordination with DoD investigating
Agencies, receipt and review of reports on espionage and significant CI
matters where damage assessments were completed.
d. Receipt of espionage damage assessments and damage control
reports for review by DoDDAC members.
e. Establishment of subcommittees, ensuring participation from
affected DoD Components and external DoD agencies, as required, to:
(1) Conduct damage assessment analyses.
(2) Assist affected Components in the conduct of damage
assessments, when requested by that Component.
(3) Assist affected Components in damage control when
requested by that Component and directed by the Chair, DoDDAC.
(4) Make recommendations on damage assessment procedures to
the DoDDAC membership.
(5) Coordinate, review, and evaluate damage assessments and
review Component damage control actions.
(6) Provide a continuing and comprehensive aggregate
assessment, coordinated with DoDDAC members, on the impact of the damage
of foreign espionage activity worldwide on the Department of Defense.
(7) Maintain appropriate liaison with the DoD Components to
facilitate the timely transmittal of data relating to the compromise of
classified DoD information through espionage against allied countries.
f. Appointment of chairs of the subcommittees in coordination
with the Chair, DoDDAC.
g. Establishing and maintaining a comprehensive data base that
shall include a record of all damage assessments.
h. Ensuring actions by the DoDDAC are conducted in coordination
with appropriate investigating Agencies, legal entities, and affected DoD
Components.
5. Individual espionage events may impact on one or multiple DoD
Components. When this occurs:
a. A damage assessment shall normally be conducted by the DoD
Component that was the originator of, or has proprietary interest in, the
information, material, or equipment compromised by foreign espionage
activity. The affected Component shall be responsible for recommending to
the DASD(CI) changes to security policy based on lessons learned.
b. In cases where there are multiple DoD Components affected or
where other Executive Branch, Department, or Agency information is also
involved because of foreign espionage activity, the affected Components
shall appoint a single DoD Component to be responsible for the conduct of
the damage assessment with the participation of other affected parties as
stated in DoD 5200.1-R (reference (g)). The affected DoD Components shall
be responsible for recommending changes to security policy to the DASD(CI)
based upon lessons learned.
6. The DoDDAC shall develop and recommend to the DoD Components
uniform guidance to be used in the conduct of damage assessments.
7. Notification to the DoDDAC, through the DASD(CI), of the loss of
any classified information through espionage or significant CI incidents
as defined in enclosure 2 is required immediately. Additionally, the
DoDDAC shall be notified when a damage assessment has begun within 30 days
of the start of the assessment.
8. The heads of the DoD Components conducting damage assessments
shall ensure that these activities are completed and the results will be
reported in writing to the Chair of the DoDDAC via the Executive Secretary
in a timely manner.
9. The Chair, DoDDAC, shall ensure that the continuing assessments
are provided to the Secretary of Defense and to affected DoD Component(s),
as required.
10. The Chair, DoDDAC, shall ensure that all damage assessments are
coordinated and integrated with the Department of Defense and Department
of Justice CI investigative and prosecutorial activities.
G. EFFECTIVE DATE AND IMPLEMENTATION
This Instruction is effective immediately. Forward one copy of
implementing documents to the Assistant Secretary of Defense for Command,
Control, Communications, and Intelligence within 120 days.
Duane P. Andrews
Assistant Secretary of Defense
(Command, Control, Communications,
and Intelligence)
Enclosures - 2
1. References
2. Definitions
REFERENCES, continued
(e) DoD Instruction 5240.4, "Reporting of Counterintelligence
and Criminal Violations," June 22, 1987
(f) Director of Central Intelligence Directive 3/16,
(Classified Title) May 1988
(g) DoD 52OO.1-R, "Information Security Program Regulation,"
June 1986, authorized by DoD Directive 5200.1, June 7, 1980
(h) Public Law 96-456, "Classified Information Procedures
Act," Oct 15, 1980 (94 State 2025) (18 U.S.C.(1982))
(i) Military Rule of Evidence 505, Manual for Courts-Martial,
page 11-26, 1984
(j) Secretary of Defense Memorandum, "Strengthening Defense
Intelligence", March 15, 1991
DEFINITIONS
1. Classification Review. A formal finding that information subjected to
loss or compromise is (was) legally classified at the time of the
compromise. The review usually includes an assessment of the probability
(risk) of damage to national security resulting from disclosure of this
information or material to an unauthorized person. A classification
review is obtained in all national security cases and is necessary when a
determination must be made on the use of classified information as trial
evidence under the Classified Information Procedures Act or Military Rule
of Evidence 505 (references (h) and (i)), respectively.
2. Compromise. The known or suspected exposure of classified information
or material or clandestine personnel to an unauthorized person.
3. Counterintelligence (CI) Investigation. The systematic collection of
information on a person or group that is, or may be, engaged in espionage
or other clandestine intelligence activity, sabotage, international
terrorist activities, or assassinations conducted for, or on behalf of,
foreign powers, organizations, or persons.
4. Damage Assessment. A multidisciplinary analysis to determine the
effect of a compromise of classified information on the national security.
A damage assessment is normally a long-term, post-prosecution effort to
determine in great detail the practical effects of an espionage-related
compromise on operations, systems, materials, and intelligence. In
special circumstances (e.g., the suspect escapes or flees US.
jurisdiction), a damage assessment may be conducted pre-prosecution. The
damage assessment is not to be confused with the classification review,
normally performed in support of an espionage prosecution, or damage
control performed immediately on the discovery or disclosure of espionage.
5. Damage Control. Those actions taken immediately by the affected
Component after the discovery of a loss of classified information to
minimize risk, limit damage, and/or prevent further loss.
6. Espionage. Activity designed to obtain, deliver, communicate, or
transmit information relating to the national defense with the intent or
reason to believe it will be used to the injury of the United States or to
the advantage of a foreign nation.
7. Intelligence Method. Any process, mode of analyses, means of
gathering data, or processing system or equipment used to produce
intelligence.
8. Intelligence Source. A person or technical means that provides
intelligence.
9. Military Department Counterintelligence Agencies. The US. Army
counterintelligence units, the Naval Investigative Service Command, and
the Air Force Office of Special Investigations.
10. Security Review. An administrative determination of whether certain
information is classified. Usually performed before publication or public
release of defense information.
11. Significant Counterintelligence (CI) Incident. Include either of the
following:
a. Investigation into the compromise of classified information
wherein a reasonable belief has been established that the information has
been made available to a foreign entity with interests inimical to the
United States; or
b. Investigation of Espionage.
---------------------------------