12 FAM 600
information security technology
12 FAM 610
CYBER SECURITY Roles and responsibilities
(CT:DS-252; 02-03-2016)
(Office of Origin: DS/SI/CS)
12 FAM 611 Purpose and Scope
12 FAM 611.1 Purpose
(CT:DS-250; 01-13-2016)
The subchapter identifies specific cyber security roles
and responsibilities as they relate to the 1 FAM and the implementation of 12
FAM 600 policies and procedures.
12 FAM 611.2 Scope
(CT:DS-250; 01-13-2016)
The subchapter applies to all entities that manage,
administer, support, protect, or access Department information and information
systems that process strictly unclassified, Sensitive But Unclassified (SBU),
and classified (up to Top Secret collateral) information.
12 FAM 612 AUTHORITIES
(CT:DS-250; 01-13-2016)
The following authorities apply (public laws are as
amended):
a. Intelligence Reform and Terrorism Prevention Act of
2004, P.L. 108458
b. Federal Information Security Management Acts of 2002
(Title III of P.L. 107-347) and 2014 (P.L. 113-283) (FISMA)
c. Counterintelligence Enhancement Act of 2002, Title
IX of P.L. 107-306
d. Privacy Act of 1974, 5 U.S.C. 552a(e)(10)
e. Federal Manager's Financial Integrity Act, 31 U.S.C.
1352
f. Homeland Security Act of 2002, P.L. 107-296
g. Paperwork Reduction Act, 44 U.S.C. Chapter 35
h. Counterintelligence and Security Enhancements Act of
1994, Title VIII of P.L. 103-359
i. Computer Fraud and Abuse Act of 1986, P.L. 99-474
j. Omnibus Diplomatic Security and Antiterrorism Act
of 1986, P.L. 99-399
k. Inspector General Act of 1978, 5 U.S.C. Appendix
l. National Security Act of 1947, P.L. 80-253
m. Executive Order (E.O.) 13556, Controlled
Unclassified Information, November 2010
n. E.O. 13636, Improving Critical Infrastructure Cyber
Security, February 12, 2013
o. E.O. 13526, Classified National Security
Information, December 29, 2009
p. E.O. 13467, Reforming Processes Related to
Suitability for Government Employment, Fitness for Contractor Employees, and
Eligibility for Access to Classified National Security Information, June 30,
2008
q. E.O. 12829, National Industrial Security Program,
January 6, 1993
r. Homeland Security Presidential Directive No. 12,
Policies for a Common Identification Standard for Federal Employees and
Contractors, August 27, 2004
s. Presidential Policy Directive No. 21 (PPD-21),
Critical Infrastructure Security and Resilience, February 12, 2013
t. Office of Management and Budget Circular A-130 (OMB
A-130)
u. Office of Management and Budget Circular A-123 (OMB
A-123)
v. 12 FAH-6 H-540,
Automated Information Systems (AISs) (Technical Threat Category) (All Threat
Levels)
w. Delegation of Authority 247-1, dated August 14,
2004, Delegation of FISMA Authorities from the Secretary of State to the Chief
Information Officer
X. Other authorities, as appropriate
12 FAM 613 Cyber security ROLES
(CT:DS-250; 01-13-2016)
Training requirements for some of the roles listed in this
section can be found on the Office of Training and Performance Standards (DS/T/TPS)
website.
12 FAM 613.1 System Owner
(CT:DS-250; 01-13-2016)
The system owner is responsible for the confidentiality,
integrity, and availability of information system (s) under their purview.
12 FAM 613.2 Information Owner
(CT:DS-250; 01-13-2016)
Information owners have statutory or operational authority
for specified information and responsibility for establishing the controls for
its generation, collection, processing, dissemination, and disposal.
12 FAM 613.3 System Administrator
(CT:DS-250; 01-13-2016)
System administrators and other information systems
support roles that have elevated system privileges (e.g., network
administrator, database administrator, programmer) are responsible for
complying with and implementing all appropriate 12 FAM 600 cyber security
policies and procedures to ensure both the security of the systems they support
and the integrity of the privileged role in which they serve.
12 FAM 613.4 Information System
Security Officer
(CT:DS-250; 01-13-2016)
Information Systems Security Officers (ISSOs) are
responsible for implementing 12 FAM 600 policies and procedures on assigned
information systems. There are different types of ISSOs, to include: Domestic
ISSOs, and Application ISSOs. See the ISSO website for additional information.
12 FAM 613.5 Information Management
Officer
(CT:DS-250; 01-13-2016)
The information management officer (IMO) is responsible
for overall information system management, to include cyber security, for
Department systems at all post(s) under their purview.
12 FAM 613.6 Regional Cyber Security Officers (RCSOs)
(CT:DS-252; 02-03-2016)
Regional cyber security
officers (RCSOs) are foreign service security engineering officers (SEOs)
assigned overseas, and serve as Diplomatic Security representatives on all
matters of computer security. They conduct assessments of networks, provide
advice and guidance to ISSOs, system owners, and system administrators, assist
with regional security officer (RSO) cyber investigations, and facilitate the
implementation of Department computer security policies. See the RCSO website
for additional information.
12 FAM 613.7 Regional and Post
Security Officers
(CT:DS-250; 01-13-2016)
The regional or post security officer (RSO or PSO) is
responsible for security, including cyber security, related to personnel and
physical security at post. This includes ensuring that appropriate personnel
are in place and physical security measures are implemented (see 12 FAM 420 for
more information).
12 FAM 613.8 Supervisor
(CT:DS-250; 01-13-2016)
Supervisors are responsible for authorizing system access
and authorization levels for subordinate users based on business requirements.
12 FAM 613.9 User
(CT:DS-250; 01-13-2016)
Department computer users must abide by all Department
cyber security policies and procedures.
12 FAM 614 Organizational
responsibilities
(CT:DS-250; 01-13-2016)
The chief information officer (CIO), along with the Bureau
of Information Resource Management (IRM) and the Bureau of Diplomatic Security
(DS), have the primary responsibilities for implementing 12 FAM 600 policies
and procedures. Responsibilities and policies of IRM are located, among other
places, in Volume 5 of the FAM and FAH, and 12 FAM 614.2.
12 FAM 614.1 Bureau of Diplomatic
Security (DS)
12 FAM 614.1-1 Senior Coordinator
for Security Infrastructure (DS/SI)
(CT:DS-250; 01-13-2016)
See 1 FAM 262.7
for DS/SI responsibilities. These include providing management oversight and
support for: the Office of Cybersecurity (DS/SI/CS); the Office of Information
Security (DS/SI/IS); and the Office of Personnel Security and Suitability
(DS/SI/PSS). See the DS/SI website for additional information.
12 FAM 614.1-1(A) Office of
Cybersecurity (DS/SI/CS)
(CT:DS-250; 01-13-2016)
See 1 FAM 262.7-2
for DS/SI/CS responsibilities. These include implementing 12 FAM 600 policies
and procedures in the areas of: Cyber Threat Analysis; Engineering Security
Services; Monitoring and Incident Response; and Cyber Security Policy and
Awareness. See the DS/SI/CS website for additional information.
12 FAM 614.1-1(B) Office of
Information Security (DS/SI/IS)
(CT:DS-250; 01-13-2016)
See 1 FAM 262.7-1
for DS/SI/IS responsibilities. These include implementing 12 FAM 600 policies
and procedures in the areas of: National Industrial Security; and the Cyber
Security Incident Program (CSIP). See the DS/SI/IS website for additional
information.
12 FAM 614.1-1(C) Office of
Personnel Security and Suitability (DS/SI/PSS)
(CT:DS-250; 01-13-2016)
See 1 FAM 262.7-3
for DS/SI/PSS responsibilities. These include implementing 12 FAM 600 policies
and procedures in the area of personnel security and suitability. See the
DS/SI/PSS website for additional information.
12 FAM 614.1-2 Deputy Assistant
Secretary and Assistant Director for Countermeasures (DS/C)
(CT:DS-250; 01-13-2016)
See 1 FAM 262.1
for DS/C responsibilities. These include assisting in the implementation of
the Departments Cyber Security Program and providing management oversight and
support for: the Office of Security Technology (DS/C/ST) and the Office of
Physical Security Programs (DS/C/PSP). See the DS/C website for additional
information.
12 FAM 614.1-2(A) Office of
Security Technology (DS/C/ST)
(CT:DS-250; 01-13-2016)
See 1 FAM 262.1-2
for DS/C/ST responsibilities. These include implementing 12 FAM 600 policies
and procedures in the areas of: technical surveillance countermeasures and
TEMPEST. See the DS/C/ST website for additional information.
12 FAM 614.1-2(B) Office of
Physical Security Programs (DS/C/PSP)
(CT:DS-250; 01-13-2016)
See 1 FAM 262.1-1
for DS/C/PSP responsibilities. These include implementing 12 FAM 600 policies
and procedures in the area of worldwide physical security standards. See the
DS/C/PSP website for additional information.
12 FAM 614.1-3 Deputy Assistant
Secretary and Assistant Director for Training (DS/T)
(CT:DS-250; 01-13-2016)
See 1 FAM 262.5
for DS/T responsibilities. These include assisting in the implementation of
the Departments role-based cybersecurity program and providing management
oversight and support for DS/T/TPS. See the DS/T website for additional
information.
12 FAM 614.1-4 Office of Training
and Performance Standards (DS/T/TPS)
(CT:DS-250; 01-13-2016)
See 1 FAM 262.5-2
for DS/T/TPS responsibilities. These include implementing 12 FAM 600 policies
and procedures in the area of role-based cybersecurity training. See the
DS/T/TSP website for additional information.
12 FAM 614.1-5 Deputy Assistant
Secretary and Assistant Director for Domestic Operations (DS/DO)
(CT:DS-250; 01-13-2016)
See 1 FAM 262.4
for DS/DO responsibilities. These include providing management oversight and
support for the Office of Investigations and Counterintelligence (DS/DO/ICI).
See the DS/DO website for additional information.
12 FAM 614.1-6 Office of
Investigations and Counterintelligence (DS/DO/ICI)
(CT:DS-250; 01-13-2016)
See 1 FAM 262.4-1
for DS/DO/ICI responsibilities. These include implementing 12 FAM 600 policies
and procedures in the area of criminal investigations. See the DS/DO/ICI
website for additional information.
12 FAM 614.2 Bureau of Information
Resource Management (IRM)
12 FAM 614.2-1 Chief Information
Officer (CIO)
(CT:DS-250; 01-13-2016)
See FISMA, Delegation of Authority 247-1, and 1 FAM 271 for
the CIO responsibilities. The CIO has primary responsibility for all
information technology, including cybersecurity, matters within the
Department. Organizationally, the CIO provides management oversight and
support for: the Office of Information Assurance/Chief Information Security
Officer (CISO IRM/IA) and Deputy Chief Information Officer for Operations/Chief
Technology Officer (DCIO IRM/OPS). See the CIO website for additional
information.
12 FAM 614.2-2 Office of
Information Assurance/Chief Information Security Officer (CISO IRM/IA)
(CT:DS-250; 01-13-2016)
See 1 FAM 272 for
CISO IRM/IA responsibilities. These include implementing 12 FAM 600 policies
and procedures in the areas of: Certification & Accreditation; FISMA
compliance; and the Information System Security Officer (ISSO) Program, which
provides guidance and direction to ISSOs. See the CISO IRM/IA website for
additional information.
12 FAM 614.2-3 Deputy Chief
Information Officer for Operations/Chief Technology Officer (DCIO IRM/OPS)
(CT:DS-250; 01-13-2016)
See 1 FAM 275 for
DCIO IRM/OPS responsibilities. These include implementing 12 FAM 600 policies
and procedures in the area of information resources management operations. See
the DCIO IRM/OPS website for additional information.
12 FAM 615 THROUGH 619 UNASSIGNED