Headquarters Information Security Program

Office of Headquarters Security Operations

HSO SPOTLIGHT No. 003-2008 Accountable Classified Removable Electronic Media (ACREM)

In response to questions regarding the appropriate handling of and accounting for ACREM, the Office of Headquarters Security Operations (HS-1.31) would like to summarize the basic requirements for the control of ACREM within Headquarters facilities. We request that all ACREM custodians review these requirements and self-assess their ACREM Standard Operating Procedures and ACREM holdings. All ACREM general and specific procedures are now contained within:

• DOE M 470.4-4 (change 1, 6-29-2007), Section A, Chapter I, Paragraph 8;
• DOE M 470.4-4 (change 1, 6-29-2007), Section A, Chapter II, Paragraph 4
• Headquarters Facilities Master Security Plan (December 2007), Section 21
• Your Elemental-specific Standard Operating Procedure

Definition
ACREM is any Classified Removable Electronic Media (CREM), which is required to be marked as S/RD or higher classification, or which is otherwise accountable. Classified Removable Electronic Media is any item or material (medium) that (1) can retain digital information; (2) is required to be marked as classified; (3) requires electric power to function as intended; and (4) is designed, intended, or permitted to be removed or transported by a user of the medium.

ACREM Custodians
All ACREM custodians must be “Q” cleared. At least one appointed and trained ACREM custodian and one appointed and trained alternate ACREM custodian must be assigned for each vault, vault-type-room, GSA-approved security repository, or file cabinet used to store ACREM (DOE M 470.4-4, Section A, Chapter II, Para 4c). (A custodian may be assigned multiple repositories.) An appropriately trained emergency custodian should also be identified in the event the custodian or alternate is not available. This individual must be listed on the SF700, Record of Security Container Combination, along with the other custodians with authorized access to the combination. The emergency custodian will not have previously been given the combination to the repository. When the immediate or emergency requirement for access is terminated, the combination to the repository must be changed.

Training
Specific training in ACREM procedures is required for custodians, alternate custodians, and emergency notification custodians. The ACREM custodian training must include all aspects of the ACREM processes as indicated in the Elemental-approved ACREM Standard Operating Procedure. Some of these areas include: ACREM identification and usage requirements, strict and limited access to ACREM security containers, ACREM marking, signature accountable check-in/check-out of ACREM matter ensuring a current and real-time audit trail, inventory, transfer of ACREM, incident reporting, emergency procedures, ACREM reproduction, storage requirements including XO-series lock audit feature and required recording on SF702, and the ACREM destruction process. This documented training may be administered locally by the HSO provided all aspects of the ACREM subject matter material are addressed.

The ACREM Process Checklist

• Elemental Standard Operating Procedure has been published and is readily available and understood by all ACREM custodians.
• A custodian, alternate custodian, and emergency notification custodian have been formally appointed (see ACREM Custodians above), and that all custodian changes and assignments are published.
• All custodians have been appropriately trained (see Training above).
• All ACREM users must be appropriately briefed in the organizational procedures and rules regarding check-out/check-in and handling and control of ACREM to include prohibitions on reproduction and copying to any other media including personally convenient flash drives.
• All ACREM has been placed into formal accountability and is associated with a designated control station.
• Daily sign-in/sign-out logs have been prepared and are being used for all ACREM transactions and transfers. (Please see DOE M 470.4-4 for ACREM use across work shifts.)
• A self-assessed, self-administered performance test should be conducted on a recurring basis in conjunction with the ACREM inventory to locate all pieces of ACREM.
• A valid current inventory is available and signed by one of the custodians. Former inventories with appropriate signatures and dates must be retained for two years for Secret and five years for Top Secret. Inventories must be of the front/back check format:
• Inventory listing compared to that ACREM on hand, and
• All ACREM on hand compared to the inventory listing.
• A 31-day (maximum) inventory is maintained and conducted (unless the time interval is formally extended by the Headquarters or NNSA Cognizant Security Authority).
• All receipts pertaining to ACREM must be retained for two years for Secret and five years for Top Secret.
• The SF702 for an ACREM repository has been appropriately marked “ACREM” and contains uninterrupted XO-series lock sequential audit numbers (see SF702 example following). (Note: locked filing cabinets contained within an accredited vault or vault-type-room do not utilize the XO-series lock.)
• The SF700 for an ACREM repository combination has been:
• Appropriately and predominantly marked ACREM on the outside of Part 2;
• Contains the names of all authorized custodians to include the emergency notification custodian (Note: the emergency notification custodian position must be so indicated);
• Contains at least one emergency notification custodian and is so marked. The emergency notification custodian must be knowledgeable of the SF700 storage location for the ACREM repositories under his/her emergency custodial responsibility;
• Has been appropriately stored in another security repository authorized for storage of the highest level and category of the matter that the SF700 is protecting.
• Note 1: Storage with another ACREM custodian is not required.
• Note 2: The custodian of the repository in which the ACREM SF700 is stored must be knowledgeable that the ACREM SF700 may not under any circumstance be released to anyone other than those custodians listed on the front of the applicable SF700.
• Repository combinations are changed when there is a change of custodians or when the emergency notification custodian is relieved of activated temporary custodial duties. The mechanical operation of placing new combination numbers into an XO-series combination lock must be performed only by the repository custodian or alternate repository custodian for the affected security container.
• All ACREM custodians must be proficient in the use of the XO-series security container locks to include the audit feature which is recorded after each opening on the SF702. ACREM custodians must also be proficient in opening, closing, and checking security containers and in activating and deactivating premise alarms, as applicable.
• All ACREM custodians are knowledgeable of emergency procedures, e.g., extended, after-hours use of checked out ACREM, missing or unaccounted-for ACREM and associated procedures and reporting timelines/parameters, etc.
• Reproduction of ACREM is restricted (see DOE M 470.4-4 for specific requirements). Written reproduction authorizations are maintained when CSA approval is required to reproduce ACREM.
• Destruction certificates are executed by an ACREM custodian and a cleared witness. Destruction certificates are maintained two years for Secret and five years for Top Secret and are annotated on the required inventory. (Note: ACREM designated for destruction may NOT be taken to the Headquarters DOE classified destruction holding vaults. Appointments must be made with the Headquarters Central Classified Destruction Facility for personally witnessed destruction.)

SF702 used on each ACREM repository depicting use of the Sequential
audit feature of the XO-series security container

Example of daily sign-out/sign-in register of organizational ACREM