Regulations last checked for updates: Nov 24, 2024
Title 32 - National Defense last revised: Nov 18, 2024
§ 148.1 - Interagency reciprocal acceptance.
Interagency reciprocal acceptance of security policies and procedures for approving, accrediting, and maintaining the secure posture of shared facilities will reduce aggregate costs, promote interoperability of agency security systems, preserve vitality of the U.S. industrial base, and advance national security objectives.
§ 148.2 - Classified programs.
Once a facility is authorized, approved, certified, or accredited, all U.S. Government organizations desiring to conduct classified programs at the facility at the same security level shall accept the authorization, approval, certification, or accreditation without change, enhancements, or upgrades. Executive Order, Safeguarding Directives, National Industrial Security Program Operating Manual (NISPOM), the NISPOM Supplement, the Director of Central Intelligence Directives, interagency agreements, successor documents, or other mutually agreed upon methods shall be the basis for such acceptance.
§ 148.3 - Security review.
After initial security authorization, approval, certification, or accreditation, subsequent security reviews shall normally be conducted no more frequently than annually.
Additionally, such reviews shall be aperiodic or random, and be based upon risk management principles. Security reviews may be conducted “for cause”, to follow up on previous findings, or to accomplish close-out actions. Visits may be made to a facility to conduct security support actions, administrative inquiries, program reviews, and approvals as deemed appropriate by the cognizant security authority or agency.
§ 148.4 - Policy documentation.
Agency heads shall ensure that any policy documents their agency issues setting out facilities security policies and procedures incorporate the policy set out herein, and that such policies are reasonable, effective, efficient, and enable and promote interagency reciprocity.
§ 148.5 - Identification of the security policy board.
Agencies which authorize, approve, certify, or accredit facilities shall provide to the Security Policy Board Staff a points of contact list to include names and telephone numbers of personnel to be contacted for verification of authorized, approved, certified, or accredited facility status. The Security Policy Board Staff will publish a comprehensive directory of points of contact.
§ 148.6 - Agency review.
Agencies will continue to review and assess the potential value added to the process of co-use of facilities by development of electronic data retrieval across government. As this review continues, agencies creating or modifying facilities databases will do so in a manner which facilitates community data sharing, interest of national defense or foreign policy.
authority: E.O. 12968 (60 FR 40245,
3 CFR 1995 Comp., p. 391.)
source: 63 FR 4580, Jan. 30, 1998, unless otherwise noted.
cite as: 32 CFR 148.6