Policies and procedures will be established to protect sensitive information from either accidental, unauthorized or intentional modification, destruction or disclosure during input, processing or output operations.
The handling of sensitive input data will be limited to properly screened persons, and will be controlled by formal procedures which will provide an audit trail of the data as it passes from person to person or point to point in the process. The audit trail must assure personal accountability from initial receipt to distribution or destruction of the final products.
Procedures must be established to ensure that only authorized users pick up or deliver sensitive input and output data and media. Procedures for sensitive information should include such controls as signed receipts, registered mail and locked or monitored user "boxes".
Printouts, containers, tape reels, disk packs, floppy disks and similar data storage media should be clearly identified as to contents and sensitivity. The purpose of this is to prevent accidental release for reuse, inadvertent disclosure of sensitive information and to notify the users of the need for continuous protection. Classified information should be labeled and protected as specified in the "DOC National Security Information Manual."
Subject to the capabilities of the system, inadvertent destruction (e.g., overwriting) should be prevented by the use of "write protect" rings, internal labels, floppy disk tabs or similar safeguards. Operator instructions for each application should clearly specify the actions to be taken in the event of inadvertent damage or destruction, as well as incidents which cause physical damages to the media.
All sensitive and/or critical data stored on media such as magnetic tape, disk, and similar devices, should be stored and controlled in the media library when not required for processing. Only authorized and properly screened individuals will be allowed entry to the library. Controls should be in place to assure that these individuals can be held accountable for data resources under their control. In addition to the library, sensitive data may only be stored in an authorized, secure off-site location or temporarily in the computer area during processing. Procedural instructions, inventories and audit trails will be implemented to assure that these controls are in place and are effective. If a media library is not justified, as in the case of a PC, the sensitive diskettes and tapes should be stored in a locked safe or cabinet with all other controls in place.
Section 10.19 of this document and Section 19 of the "DOC IT Security Manual" describe the approved methods of clearing and/or declassifying storage media which has been used for classified national security information. Sensitive, but unclassified data will be handled as follows: