Today, ISOO published its FY 2022 Annual Report to the President. Each year, ISOO reports to the President on the implementation of the Classified National Security Information (CNSI) and Controlled Unclassified Information (CUI) programs, following requirements in Executive Orders 13526 and 13556. These Reports summarize ISOO’s oversight activities and make key recommendations that seek to improve the effectiveness of how our Government manages and protects this information.
A major focus of this year’s Report is making recommendations for improvement of the programs surrounding CNSI, CUI, and the National Industrial Security Program (NISP), including potential changes to the existing Executive Orders and updates to ISOO’s responsibilities.
Another primary focus area is methods to prevent any future mishandling of CNSI, as has been reported significantly in the media over this past year. As the Director of ISOO, Mark A. Bradley, stated in his letter to the President, “even those who are serving in our government’s highest offices must follow the same security practices and requirements as the rest of us who have access to this kind of information.”
The CNSI data gathered from agencies for this year’s Report was once again obtained through ISOO’s multi-year project to modernize CNSI data collection methods. We identified a number of ways to improve this year’s collection format, including eliminating over 70 questions from last year whose results were either insignificant or superfluous, thereby reducing the workload on agencies and us. Additionally, we applied this same approach to gathering agency CUI data this year. Both collections are now completed electronically and we only gather information that is (1) valuable for oversight, (2) mandated to be collected, or (3) helpful to agencies to improve their own CNSI or CUI programs.
Other areas of focus in the FY 2022 report include CNSI and CUI program oversight and compliance, declassification modernization, NISP oversight for cleared industry, and the work of the Interagency Security Classification Appeals Panel (ISCAP) and the Public Interest Declassification Board (PIDB).