E-mail a link to this directive

DIRECTOR FOR SECURITY

Number: DOO 20-6
Effective Date: 2016-04-11

SECTION 1.  PURPOSE.

.01          This Order prescribes the functions and responsibilities of the Office of Security (OSY).  (The position of Director for Security is authorized in DOO 10-5, “Chief Financial Officer and Assistant Secretary for Administration.”)

.02          This revision:  updates the structure of OSY by describing functions to be performed in various program activities; retitles the Physical Security Program and the Overseas Security Program to the Security Compliance Program; moves the staff and functions from the Client Security Services Division to the Plans, Programs and Compliance Division which reports to the Deputy Director; and standardizes program titles and organizational alignment below the Division and Office levels.

 

SECTION 2.  STATUS AND LINE OF AUTHORITY.

.01          The Office of Security, a Departmental office, is headed by a Director, who reports to and is responsible to the Chief Financial Officer and Assistant Secretary for Administration (the Assistant Secretary) and to the Deputy Assistant Secretary for Administration (the Deputy Assistant Secretary).

.02          The Director shall be assisted by a Deputy Director who shall participate with the Director in management of activities of OSY and who shall perform all functions of the Director in his/her absence.

.03          The head of each operating unit is responsible for ensuring the security of the personnel, facilities, property, information and assets of their respective organizations in accordance with applicable laws, regulations, Executive Orders (E.O.s), and directives.  The Director is responsible for advising and assisting heads of operating units.  Additionally, the Director will provide security services when it is more practical or economical to consolidate them at the Department of Commerce (the Department) level.  (For the purpose of administering the Department’s security programs, the Office of the Secretary is considered an "operating unit" and is subject to policy and procedural requirements levied on all other Departmental units. The Director shall serve as the Security Officer for the Office of the Secretary.)

.04          Departmental facility and senior office managers are responsible for ensuring the security of the personnel, facilities, property, information and assets of their respective facilities in accordance with applicable laws, regulations, E.O.s, and directives.  Security officers providing client security services to bureaus and operating units will assist facility managers in carrying out these responsibilities.

.05          The Director will head the Department’s Security Council composed of representatives from each operating unit.  The representatives will communicate security requirements from their respective operating units, exchange security-related information, and coordinate security services. Designating an employee to assist in performing security activities will not relieve the operating unit head, senior facility manager, or servicing security officer of their responsibilities.

.06           The Director may redelegate the authority prescribed by this Order to designated personnel in OSY and to the operating units of the Department.

 

SECTION 3.  FUNCTIONS.

.01            Pursuant to the authority vested in the Assistant Secretary in DOO 10-5, and subject to such policies and directives as the Assistant Secretary may prescribe or other delegations by the Secretary, the Director is hereby delegated the following authorities:

a.              Department-wide staff management responsibility for establishing policies and procedures for:  personnel security; industrial security; the safeguarding of classified and sensitive documents and information; protection of Department personnel, facilities, property, assets and activities; identification, assessment and mitigation of threats; security risk assessments; emergency actions and preparedness; physical security; executive protection; communications security; operations security; security education, awareness, and training; and compliance with security policies and procedures.

b.              Provide services in the functional areas, outlined in subparagraph a. above, as required by the Office of the Secretary and all Department organizations and personnel.

c.              Coordinate, establish, and maintain a Departmental Occupant Emergency Program (OEP) in accordance with the provisions of the General Services Administration's (GSA) Federal Management Regulations (FMR 102-74.230 to 102-74.260) at 41 CFR 102-74.230 to 102-74.260 pertaining to the OEP.

d.              Serve as the principal Departmental official for coordinating and assisting in the establishment and continuation of a Department-wide emergency action program, to include emergency management, particularly as applicable to the requirements of E.O. 12656, Assignment of Emergency Preparedness Responsibilities.

e.              Serve as the principal Departmental official for matters involving security, mission-critical threats, executive protection, and function as the Department’s liaison with agencies of federal, state, and local government in security, executive protection, and Departmental counterintelligence issues.

f.               Conduct investigations under the authorities, functions, and responsibilities of OSY.

g.               Provide support to the Department’s facility managers on security matters related to facility management and provide advice and assistance to facility management staff as required for security purposes.

 

SECTION 4.  SPECIFIED AUTHORITY.

.01             In addition to the authority implicit in and essential to carrying out the functions hereby assigned, the Director shall:
a.               Exercise authorities vested in the Secretary as well as obtain other authority under law as necessary (such as special deputation from the United States Marshal) for the authorization to carry firearms and make arrests in order to perform the functions and responsibilities assigned to the Director and certain members of OSY. 

b.               Ensure effective implementation of E.O. 13526, Classified National Security Information, as amended, or successor policy, as the senior agency official designated by the Secretary of Commerce (the Secretary) under the provisions of § 5.4. (d) of that E.O.

c.               Ensure effective implementation of E.O. 12968, Access to Classified Information, or successor policy, as the senior agency official designated by the Secretary under the provisions of § 6.1. (a) of that E.O.

d.               Ensure effective implementation of National Security Decision Directive 298, National Operations Security Program, or successor policy, as the Departmental planner for Operations Security.

e.               Ensure effective implementation of E.O. 12829, National Industrial Security Program, January 6, 1993, or successor policy, as senior agency official to direct and administer the Department’s implementation of and compliance with the National Industrial Security Program.

f.                Ensure effective implementation of E.O. 10450, as amended, Security Requirements for Government Employment, April 27, 1953, and 5 CFR Part 732, National Security Positions, and their successor policies, as the senior agency official designated by the Secretary.

g.               Ensure effective implementation of E.O. 13467, June 30, 2008, Reforming Processes Related to Suitability for Government Employment, Fitness for Contractor Employees, and Eligibility for Access to Classified National Security Information, or successor policy, as senior agency official designated by the Secretary.

h.               Ensure effective implementation of E.O. 13488, January 16, 2009, Granting Reciprocity on Excepted Service and Federal Contractor Employee Fitness and Reinvestigating Individuals in Positions of Public Trust, or successor policy, as senior agency official designated by the Secretary.

i.                Ensure effective implementation of Presidential Policy Directive 19 (PPD-19) so that employees who have access to classified information can effectively report waste, fraud, and abuse, while protecting classified information, as designated by the Secretary. 

j.                Ensure effective implementation of E.O. 13556, November 4, 2010, Controlled Unclassified Information, or successor policy, as senior agency official designated by the Secretary.

k.               Ensure effective support of the National Foreign Intelligence Program as required by E.O. 12333, United States Intelligence Activities (1981), as amended by E.O. 13284 (2003), E.O. 13355 (2004) and E.O. 13470 (2008).

l.                Ensure effective support for an implementation of E.O. 13587, Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information; assisting the Chief Financial Officer and Assistant Secretary for Administration in his/her role as the senior agency official designated by the Secretary under the provisions of § 2.1 of that E.O.

m.              Ensure effective support for E.O. 12656, Assignment of Emergency Preparedness Responsibilities.

 

SECTION 5.  ORGANIZATION.

The Director shall advise and represent the Assistant Secretary on policies and procedures for assessing threats to the mission, operations and activities of the Department and provide guidance and assistance to Departmental offices and operating units on the protection of personnel, facilities, property, assets and activities as well as classified and sensitive information.  Except for those functions maintained in the immediate Office of the Director, the functions of OSY shall be organized and carried out under the direction and supervision of the Director through the following security components:

.01             The Executive Security Protection Division and its related program staff coordinate and provide, as requested and authorized, physical protection for the Secretary, visiting foreign officials, and official guests during Department functions.

.02             The Investigations and Threat Management Division and its related program staff conduct investigations and analyses to identify and/or assess critical threats to the Department’s mission, operations, or activities; prevent or mitigate such threats from adversely affecting Department personnel, facilities, property, or assets through strategic and tactical approaches; and collaborate with other national security and law enforcement entities as appropriate.  Staff produce and present reports, assessments, and briefings involving mission-critical threats to the Secretary, Deputy Secretary, Assistant Secretary, Director, and national security or prosecutorial officials, and may require and receive assistance from Department personnel while performing mission-critical threat functions. 

.03             The Information and Personnel Security Division will consist of the Personnel Security Program as well as the Information and Industrial Security Program:

a.               The Personnel Security Program staff:  receive and process requests for personnel security clearances for job applicants, employees, and other individuals requiring access to classified national security information at any Department location worldwide; request investigations for security clearances in accordance with E.O. 10450, as amended, E.O. 12968 and 5 CFR Chapter 1, Parts 731, 732, and 736; review and determine the status of cases involving the evaluation of adverse information in connection with the issuance of certificates of security clearance, the imposition of security restrictions on individuals, and other decisions affecting security clearances; take action as appropriate, on withholding or withdrawing the security clearance of job applicants, employees, contractors, grantees, or other individuals, and, for employees, recommend action under the provisions of 5 U.S.C. § 7312 and 7531-32 and E.O.s 12968 and 10450, as amended; as requested by responsible Department officials, assist in the verification, review and evaluation of adverse information concerning Department employees, job applicants, and other individuals for the purpose of making suitability determinations (in accordance with 5 CFR Part 731 and other regulations promulgated pursuant to 5 U.S.C. § 301); and review, evaluate, and take appropriate action under the provisions of E.O. 10450, as amended, and E.O. 12968, with regard to any notifications of investigation of employee misconduct received by the Director from the Office of Inspector General. 

b.               Information and Industrial Security Program staff:  develop, coordinate, and disseminate all Departmental policies relating to the handling and protection of classified information including coordination of responses to Mandatory Declassification Reviews; manage the Department’s program that provides for the protection of classified national security in accordance with E.O. 13526, as amended, Intelligence Community Directives, and other applicable laws, E.O.s, directives, and regulations; develop professional standards and comprehensive security education and awareness program activities to enhance employee knowledge of security requirements, including personal protection, hostile intelligence threats, proper management of classified and sensitive information, and means of countering threats to Departmental facilities and personnel; and manage the Departmental Secure Telecommunications Program.  Program staff also administer the provisions of the National Industrial Security Program as set forth in the National Industrial Security Program Operations Manual (NISPOM).  Program staff also maintain liaison with operating unit and bureau program managers and the Defense Security Service in order to provide appropriate input and response required to maintain the NISPOM.

.04             The Security and Emergency Management Division and its related program staff develops a comprehensive program for emergency programs; coordinates and reviews emergency preparedness plans and programs for utility and responsiveness to E.O. 12656; and oversees the development and implementation of Occupant Emergency, Continuity of Operations and Continuity of Government plans for the Department.

a.               The HCHB Security Program staff:  establish and maintain HCHB security procedures including oversight of the HCHB guard contract and perimeter security locking system and equipment; coordinate security for non-standard building events; maintain a service center to issue Identification Cards and provide assistance with the implementation of Homeland Security Presidential Directive 12 (HSPD-12); issue room keys, electronic key cards and repair locks; process foreign national visitor requests; assist with protective operations for visiting dignitaries in HCHB; oversee response and follow-up to building incidents; and conduct crime prevention programs and implement procedures to protect persons and property.

b.               The Continuity and Emergency Programs staff:  manage the Department’s headquarters facility Security Operations Center and Departmental Emergency Operations Center housed in the Herbert C. Hoover Building (HCHB), as well as oversee the Occupant Emergency Program for the Department and the HCHB Occupant Emergency Plan.  Staff also assists with the Department’s continuity missions by supporting the Continuity of Government (COG) and Continuity of Operations (COOP) functions as required by Homeland Security Presidential Directive 20 (HSPD-20) and Federal Continuity Directive-1 (FCD-1) while also facilitating the involvement of the Department’s leadership in interagency senior level exercises associated with the National Exercise Program.

.05             The Client Security Services Division will consist of all field security offices.  The field security offices shall be responsible for providing security oversight to operating units including developing, implementing, and maintaining a program of reviews throughout the Department to ensure appropriate compliance with all security policies promulgated by OSY; coordinating searches, evacuations, and other procedures to protect persons, property and information; overseeing the emergency responses and investigations of security incidents at all Departmental facilities; conducting a comprehensive security education and awareness program to enhance employee knowledge of security requirements; facilitating requests for personnel security clearances for job applicants, employees, and other individuals requiring access to classified national security information at any Department location worldwide; and reviewing investigations for fitness determinations for Department contractors.

.06             The Project and Administrative Management Division and its related program staff provide strategic solutions for Departmental issues including budget, personnel, training, procurement and administration support to enable OSY to perform risk mitigation functions more efficiently.

.07             The Plans, Programs and Compliance Division and its related support and program staff provide oversight of a comprehensive security compliance and inspection program responsible for ensuring proper alignment with Interagency Security Committee and other stakeholder guidelines; coordinate development and updates to policies/procedures, performance metrics, internal controls, and responses to Freedom of Information Act as well as Privacy Act requests, among others.  Staff also coordinate physical security initiatives related to Homeland Security Presidential Directive 12 (HSPD-12); ensure compliance with Federal standards and regulations regarding the physical protection of the agency’s facility, property, information, and personnel assets; evaluate and certify risk assessment surveys; prioritize the physical security effort; and recommend funding for countermeasures.  Staff also support the delivery of services to the Unites States and Foreign Commercial Service; and, with the Department of State, coordinates the provisions of all State-Commerce security agreements.

 

SECTION 6.  EFFECT ON OTHER ORDERS.

.01             This Order supersedes Department Organization Order 20-6, dated June 18, 2014.

.02             Nothing in this Order shall have the effect of, or be construed as, an exception to the responsibility and authority of the Office of the General Counsel under DOO 10-6, “Office of the General Counsel” for policy and operating guidance on legal matters.  With respect to such security matters that involve legal issues, the Director for Security shall consult with the Office of the General Counsel.

.03             Nothing in this Order shall have the effect of, or be construed as, an exception to the responsibility and authority of the Department's Office of Inspector General under DOO 23-1, “Office of the Inspector General” to conduct investigations to prevent and detect fraud, waste, and abuse.  With respect to such security matters that involve such issues, the Director for Security shall consult with the Office of Inspector General, which has the right of first refusal in investigating allegations involving any Department employee, contractor, or grantee.

 

Signed By: Chief Financial Officer and Assistant Secretary for Administration

Questions and Comments

Send Questions or Comments on the Commerce Directives Management program to Directives@doc.gov.

Office of Privacy and Open Government
Office of the Chief Financial Officer and Assistant Secretary for Administration
U.S. Department of Commerce

 

Page last updated:August 9, 2017