Current through November 30, 2024
Section 1203.202 - Responsibilities(a) The Chairperson, NASA Information Security Program Committee (NISPC) (Subpart I of this part), who is the Assistant Administrator for Protective Services, or designee, is responsible for:(1) Directing the NASA Information Security Program (NISP) in accordance with NASA policies and objectives and applicable laws and regulations.(2) Ensuring effective compliance with and implementation of "the Order" and the Information Security Oversight Office Directive No. 1 relating to security classification matters.(3) Reviewing, in consultation with the NASA Information Security Program Committee NISPC, questions, suggestions, appeals and compliance concerning the NISP and making determinations concerning them.(4) Coordinating NASA security classification matters with NASA Centers and component facilities and other Government agencies.(5) Ensuring Security Classification Guides for NASA are developed for NASA programs and projects.(6) Developing, maintaining and recommending to the Administrator guidelines for the systematic review covering all classified information under NASA's jurisdiction.(7) Reviewing and coordinating with appropriate offices all appeals of denials of requests for records under sections 552 and 552a of Title 5, United States Code (Freedom of Information and Privacy Acts) when the denials are based on the records' continued classification.(8) Recommending to the Administrator appropriate administrative action to correct abuse or violations of any provision of the NISP, including notifications by warning letter, formal reprimand and to the extent permitted by law, suspension without pay and removal.(b) All NASA employees are responsible for bringing to the attention of the Chairperson of the NISPC any information security problems in need of resolution, any areas of interest wherein information security guidance is lacking, and any other matters likely to impede achievement of the objectives prescribed in this section.(c) Each NASA official to whom the authority for original classification is delegated shall be accountable for the propriety of each classification (see subpart H) and is responsible for:(1) Ensuring that classification determinations are consistent with the policy and objectives prescribed above, and other applicable guidelines.(2) Bringing to the attention of the Chairperson, NISPC, for resolution, any disagreement with classification determinations made by other NASA officials.(3) Ensuring that information and material which no longer requires its present level of protection is promptly downgraded or declassified in accordance with applicable guidelines within a reasonable period.(d) Other supervisors of NASA offices are responsible for:(1) Ensuring that classified information or material prepared within their respective offices is appropriately marked.(2) Ensuring that material proposed for public release is reviewed to redact classified information contained therein.(e) Chiefs of Protective Services at NASA Centers are responsible for:(1) Developing proposed Security Classification Guides and submitting the guide to the Office of Protective Services for review and approval.(2) Ensuring that classified information or material prepared in their respective Center is appropriately marked.(3) Ensuring that material proposed for public release is reviewed to redact classified information.(4) Coordinating all security classification actions with the Center's Protective Services Office.(f) The Director of the Office of Protective Services, NASA Headquarters, who serves as a member and Executive Secretary of the NISPC, is responsible for the NASA-wide coordination of security classification matters.(g) The Information Security Program Manager, Office of Protective Services (OPS), is responsible for establishing procedures for the safeguarding of classified information or material (e.g., accountability, control, access, storage, transmission, and marking) and for ensuring that such procedures are systematically reviewed; and those which are duplicative or unnecessary are eliminated.44 FR 34913, June 18, 1979, as amended at 45 FR 3888, Jan. 21, 1980; 48 FR 5890, Feb. 9, 1983; 53 FR 41318, Oct. 21, 1988; 64 FR 72535, Dec. 28, 1999; 78 FR 5117 , Jan. 24, 2013