(a) The DHS Chief Security Officer (hereafter “Chief Security Officer”) is designated as the Senior Agency Official as required by section 5.4(d) of Executive Order 13526, and, except as specifically provided elsewhere in this part, is authorized to administer the DHS Classified National Security Information program pursuant to Executive Order 13526.

(b) To the extent that 32 CFR part 2001 refers to the agency head or “designee,” the Chief Security Officer is such designee unless determined otherwise by the Secretary. The Chief Security Officer may further delegate the associated authorities.

(c) The Chief Security Officer shall, among other actions:

(1) Oversee and administer the DHS's program established under Executive Order 13526;

(2) Promulgate implementing regulations;

(3) Establish and maintain DHS-wide security education and training programs, to include implementation and management of mandatory training for DHS officials who have been delegated original classification authority and those who perform derivative classification actions and suspension of such authority for failure to attend such training;

(4) Establish and maintain an ongoing self-inspection program that shall include regularly reviewing representative samples of DHS's original and derivative classification actions, correcting instances of misclassification, and reporting annually to the Director of ISOO on the DHS self-inspection program;

(5) Establish procedures to prevent unnecessary access to classified information, including procedures that:

(i) Require that a need for access to classified information is established before initiating administrative procedures to grant access; and

(ii) Ensure that the number of persons granted access to classified information is limited to the minimum necessary for operational and security requirements and needs;

(6) Develop special contingency plans for the safeguarding of classified information used in or near hostile or potentially hostile areas;

(7) Coordinate with the DHS Chief Human Capital Officer, as appropriate, to ensure that the performance contract or other system used to rate personnel performance includes the management of classified information as a critical element or item to be evaluated in the rating of:

(i) Original classification authorities;

(ii) Security managers or security specialists; and

(iii) All other personnel whose duties significantly involve the creation or handling of classified information, including persons who apply derivative classification markings;

(8) Account for the costs associated with implementing this part and report the cost to the Director of ISOO;

(9) Assign in a prompt manner personnel to respond to any request, appeal, challenge, complaint, or suggestion concerning Executive Order 13526, that pertains to classified information that originated in a DHS component that no longer exists and for which there is no clear successor in function;

(10) Establish a secure capability to receive information, allegations, or complaints regarding over-classification or incorrect classification and to provide a ready source for guidance on proper classification;

(11) Report violations, take corrective measures and assess appropriate sanctions as warranted, in accordance with Executive Order 13526;

(12) Oversee DHS creation and participation in special access programs authorized under Executive Order 13526;

(13) Direct and administer DHS's personnel security program in accordance with Executive Order 12968 and other applicable law;

(14) Direct and administer DHS implementation and compliance with the National Industrial Security Program in accordance with Executive Order 12829 and other applicable guidance; and

(15) Perform any other duties as the Secretary may designate.

(d) The Chief Security Officer shall maintain a current list of all officials authorized pursuant to this part to originally classify or declassify documents.

(e) The Chief Security Officer shall establish and maintain a means for appointing, tracking, and training DHS officials who do or will perform original and derivative classification actions.

(f) The Chief Security Officer shall administer a program for the implementation, management, and oversight of access to and safeguarding of classified information provided to state, local, tribal, and private sector personnel pursuant to Executive Order 13549, “Classified National Security Information Program for State, Local, Tribal, and Private Sector Entities,” and its implementing directives.

(g) Nothing in this part will be interpreted to abrogate or affect the responsibilities of the Director of National Intelligence under the National Security Act of 1947, Public Law 235 (1947), as amended, and E.O. 12333, United States Intelligence Activities (1981), as amended, or any responsibilities of the Under Secretary for Intelligence and Analysis conferred by presidential or intelligence community directive implicating those authorities, insofar as those authorities concern classified sources, methods, and activities, classified national intelligence, or sensitive compartmented information and are executed consistent with delegations or designations of authority issued pursuant to the statutory authority of the Secretary.

Each DHS component shall appoint a security officer or security liaison to implement this part. The security officer/security liaison shall:

(a) Implement, observe, and enforce security regulations or procedures within their component with respect to the classification, declassification, safeguarding, handling, and storage of classified national security information;

(b) Report violations of the provisions of this part to the Chief Security Officer committed by employees of their component, as required by implementing directives;

(c) Ensure that employees of their component attend mandatory security education and training, as required by the DHS classified information security procedures, to include those component officials delegated the authority to classify information originally and those who perform derivative classification actions;

(d) Continuously review the requirements for personnel access to classified information as a part of the continuous need-to-know evaluation, and initiate action to administratively withdraw or reduce the level of access authorized, as appropriate; and

(e) Cooperate fully with any request from the Chief Security Officer for assistance in the implementation of this part.

(a) Any person who suspects or has knowledge of a violation of this part, including the known or suspected loss or compromise of classified information, shall promptly report such violations or possible violations, pursuant to requirements set forth in DHS directives.

(b) DHS employees and detailees may be reprimanded, suspended without pay, terminated from classification authority, suspended from or denied access to classified information, or subject to other sanctions in accordance with applicable law and DHS regulations or directives if they:

(1) Knowingly, willfully, or negligently disclose to unauthorized persons information properly classified under Executive Order 13526, or its predecessor orders;

(2) Knowingly, willfully, or negligently classify or continue the classification of information in violation of Executive Order 13526, or its implementing directives; or

(3) Knowingly, willfully, or negligently create or continue a special access program contrary to the requirements of Executive Order 13526; or,

(4) Knowingly, willfully, or negligently violate any other provision of Executive Order 13526, or DHS implementing directives, or;

(5) Knowingly, willfully, or negligently grant eligibility for, or allow access to, classified information in violation of Executive Order 13526, or its implementing directives, this part, or DHS implementing directives promulgated by the Chief Security Officer.

(a) Any DHS official or organization, except for the Office of Inspector General in matters involving the Office of Inspector General only, receiving an order or subpoena from a federal or state court, or an administrative subpoena from a federal agency, to produce classified information (see 6 CFR 5.41 through 5.49), required to submit classified information for official DHS litigation purposes, or receiving classified information from another organization for production of such in litigation, shall notify the Office of the General Counsel, unless the demand for production is made by the Office of the General Counsel, and immediately determine from the agency originating the classified information whether the information can be declassified. If declassification is not possible, DHS representatives will take appropriate action to protect such information, pursuant to the provisions of this section.

(b) If a determination is made under paragraph (a) of this section to produce classified information in a judicial proceeding in any manner, the DHS General Counsel attorney, or the Office of Inspector General attorney, if the matter involves the Office of Inspector General only, in conjunction with the Department of Justice, shall take appropriate steps to protect classified information in judicial proceedings and retrieve the information when the information is no longer required in such judicial proceedings, in accordance with the Department of Justice procedures, and in Federal criminal cases, pursuant to the requirements of Classified Information Procedures Act (CIPA), Public Law 96-456, 94 Stat. 2025, (18 U.S.C. App.), and the “Security Procedures Established Pursuant to Public Law 96-456, 94 Stat. 2025, by the Chief Justice of the United States for the Protection of Classified Information,” and other applicable authorities.