IC Tech Spec – for ICD/ICS 705
Technical Specifications for Construction and Management of Sensitive Compartmented Information Facilities
Purpose
This Intelligence Community (IC) Technical Specification sets forth the physical and technical security specifications and best practices for meeting standards of Intelligence Community Standard (ICS) 705-01 (Physical and Technical Standards for Sensitive Compartmented Information Facilities). When the technical specifications herein are applied to new construction and renovations of Sensitive Compartmented Information Facilities (SCIFs), they shall satisfy the standards outlined in ICS 705-01 to enable uniform and reciprocal use across all IC elements and to assure information sharing to the greatest extent possible. This document is the implementing specification for Intelligence Community Directive (ICD) 705 (Sensitive Compartmented Information Facilities), ICS 705-01, and ICS 705-02 (Standards for Accreditation and Reciprocal Use of Sensitive Compartmented Information Facilities.
The specifications contained herein will facilitate the protection of Sensitive Compartmented Information (SCI) against compromising emanations, inadvertent observation and disclosure by unauthorized persons, and the detection of unauthorized entry.
Applicability
IC Elements shall fully implement this standard within 180 days of its signature.
- SCIFs that have been de-accredited but controlled at the SECRET level (IAW 32 Code of Federal Regulations (CFR) parts 2001 and 2004) for less than one year may be re-accredited. The IC SCIF repository shall indicate that the accreditation was based upon the previous standards.
- When the technical specifications herein have been applied to new construction, renovations, and operation of Special Access Program Facilities (SAPFs), those facilities shall satisfy the standards outlined in ICD 705 to enable uniform use across all IC elements for accreditation by IC elements as a Sensitive Compartmented Information Facility.
- Accreditation of a SAPF as a SCIF will be based upon a review of all required SCIF construction documentation to ensure all ICD 705 requirements were met in the construction, maintenance, and operation of the SAPF.
- The Accrediting Official (AO) will conduct a review of all SAPF accreditation documentation for compliance with the technical specifications herein.
- If all required documentation is available and correct, the AO will issue SCIF accreditation.
- If all required documentation is not available and correct, or waivers have been authorized, the AO is not required to issue SCIF accreditation.
- If the facility is to be maintained as a SAPF and co-utilized as a SCIF, the security posture of the facility will be to the highest requirement of the two.
- The AO may issue a more restrictive accreditation based upon the SCI requirements associated with the new SCIF accreditation. For example, 5 minute response versus 15 minutes, or Closed Storage versus Open Storage.
- Program indoctrination will be coordinated as part of the co-utilization agreement. Compartmented Areas may be utilized, but no other sub- division of the facility will be permitted. Facilities requiring additional protections are not suitable for co-utilization.
4. Radio Frequency Protection for Perimeter Walls
- RF protection shall be installed at the direction of the CTTA when a SCIF utilizes electronic processing and does not provide adequate RF attenuation at the inspectable space boundary. It is recommended for all applications where RG interference from the outside of the SCIF is a concern inside the SCIF.
- Installation of RF protection should be done using either the drawings or Best Practices Guidelines for Architectural Radio Frequency Shielding, prepared by the Technical Requirements Steering Committee under the Center for Security Evaluation. This document is available through the Center for Security Evaluation, Office of the Director of National Intelligence (NCSC/CSE).
5. Vault Construction Criteria
GSA-approved modular vaults meeting Federal Specification AA-V-2737 or one of the following construction methods may be used:
- Reinforced Concrete Construction
- Walls, floor, and ceiling will be a minimum thickness of eight inches of reinforced concrete.
- The concrete mixture will have a comprehensive strength rating of at least 2,500 pounds per square inch (psi)
- Reinforcing will be accomplished with steel reinforcing rods, a minimum of ⅝ inches in diameter, positioned centralized in the concrete pour and spaced horizontally and vertically six inches on center; rods will be tied or welded at the intersections.
- The reinforcing is to be anchored into the ceiling and floor to a minimum depth of one-half the thickness of the adjoining member.
- Steel-Lined Construction Where Unique Structural Circumstances Do Not Permit Construction of a Concrete Vault
- Construction will use ¼ inch-thick steel alloy-type plates having characteristics of high-yield and high-tensile strength.
- The steel plates are to be continuously welded to load-bearing steel members of a thickness equal to that of the plates.
- If the load-bearing steel members are being placed in a continuous floor and ceiling of reinforced concrete, they must be firmly affixed to a depth of one-half the thickness of the floor and ceiling.
- If floor and/or ceiling construction is less than six inches of reinforced concrete, a steel liner is to be constructed the same as the walls to form the floor and ceiling of the vault. Seams where the steel plates meet horizontally and vertically are to be continuously welded together.
All vaults shall be equipped with a GSA-approved Class 5 vault door.
Floor and Ceiling Construction Criteria
- Floors and ceilings shall be constructed to meet the same standards for force protection and acoustic protection as walls.
- All floor and ceiling penetrations shall be kept to a minimum.
SCIF Door Criteria
- Door type definitions:
- Primary door: A SCIF perimeter door recognized as the main entrance.
- Secondary door: A SCIF perimeter door employed as both an entry and egress door that is not the Primary door.
- Emergency egress-only door: A SCIF perimeter door employed as an emergency egress door with no entry capability.
- Primary door criteria:
- There shall be only one Primary door to a SCIF
- The Primary door shall be equipped with the following:
- A GSA-approved pedestrian door deadbolt meeting the most current version of Federal Specification FF-L-2890. Previously AO-approved FFL-2740 integrated locking hardware may be used. Additional standalone and flush- mounted dead bolts are prohibited.
- A combination lock meeting the most current version of Federal Specification FFL- 2740. Previously AO-approved combination lock or deadbolt lock type may be used.
- An approved access control device (see Chapter 8). May be equipped with a by-pass keyway for use in the event of an access control system failure.
- Include requirements in E.5 below:
- Secondary door criteria:
-
- Secondary doors may be established with AO approval and as required by building code, safety and accessibility requirements,
- Secondary doors shall:
- Be equipped with a GSA-approved pedestrian door egress device with deadbolt meeting the most current version of Federal Specification FF-L-2890 for secondary door use. An AO-approved alternate device with similar functionality may be authorized. Additional standalone and flush-mounted deadbolts are prohibited.
- Have approved access control hardware (see Chapter 8). The access control system must be deactivated when the SCIF is not occupied, or as determined by the
- Include requirements in E.5 below:
- Be equipped with a GSA-approved pedestrian door egress device with deadbolt meeting the most current version of Federal Specification FF-L-2890 for secondary door use. An AO-approved alternate device with similar functionality may be authorized. Additional standalone and flush-mounted deadbolts are prohibited.
- Secondary doors shall:
- Secondary doors may be established with AO approval and as required by building code, safety and accessibility requirements,
- Emergency Egress-only doors shall:
- Be installed as required by building code, safety and accessibility requirements.
- Be equipped with GSA-approved pedestrian door emergency egress device with deadbolt configuration meeting the most current version of Federal Specification FF- L-2890 for exit only door use. An AO-approved alternate device with similar functionality and no exterior hardware may be authorized. Additional standalone and flush-mounted deadbolts are prohibited.
- Be alarmed 24/7 and have a local audible annunciator that must be activated if the door is opened.
- Include requirements in E.5 below:
-
- Criteria for all SCIF perimeter doors:
- All SCIF perimeter doors shall comply with applicable building code, safety, and accessibility requirements as determined by the Authority Having Jurisdiction.
- Ensure SCIF Standard Operating Procedures (SOP) includes procedures to ensure all doors are secured at end of day.
- All SCIF perimeter pedestrian doors shall be equipped with an automatic, non- hold door-closer which shall be installed internal to the SCIF.
- Door hinge pins that are accessible from outside of the SCIF shall be modified to prevent removal of the door, e.g., welded, set screws, dog bolts, etc.
- SCIF perimeter doors and frame assemblies shall meet acoustic requirements as described in Chapter 9 unless declared a non-discussion area.
- All SCIF perimeter doors shall be alarmed in accordance with Chapter 7.
- SCIF Perimeter doors shall meet TEMPEST requirements per CTTA guidance.
- When practical and permissible, SCIF entry doors should incorporate a vestibule to preclude visual observation and enhance door acoustic protection.
- SCIF door fabrication and unique criteria:
- Wooden SCIF doors shall be 1 ¾ inch-thick solid wood core (i.e. wood stave, structural composite lumber).
- Steel doors shall meet following specifications:
- 1 ¾ inch-thick face steel equal to minimum 18-gauge steel
- Hinges reinforced to 7-gauge steel and preferably a lift hinge.
- Door closure installation reinforced to 12-gauge steel.
- Lock area predrilled and/or reinforced to 10-gauge steel.
- Vault doors shall not be used to control day access to a facility. To mitigate both security and safety concerns, a vestibule with an access control device may be constructed for the purpose of day access to the vault door.
- Roll-up Doors shall be minimum 18-gauge steel and shall be secured inside the SCIF using dead-bolts on both the right and left side of the door and alarmed in accordance with Chapter 7.
- SCIF perimeter Double Door Specifications:
- The fixed leaf shall be secured at the top and bottom with deadbolts.
- An astragal shall be attached to one door.
- Each leaf of the door shall have an independent security alarm contact.
- Adjacent SCIF adjoining doors:
- Doors that join adjacent SCIFs, not required for emergency egress, shall:
- Be dead bolted on both sides.
- Be alarmed on both sides according to chapter 7.
- Meet acoustic requirements as required.
- Be covered by AO SOP.
- Doors that join adjacent SCIFs, not required for emergency egress, shall:
- Other door types shall be addressed on an individual basis as approved by the AO.
Alarm Response Time Criteria for SCIFs within the U.S.
Response times for Intrusion Detection Systems (IDS) shall meet 32 CFR Parts 2001 and 2004.
- Closed Storage response time of 15 minutes.
- Open Storage response time within 15 minutes of the alarm annunciation if the area is covered by SID or a five minute alarm response time if it is not.
Secure Working Areas (SWA)
SWAs are accredited facilities used for discussing, handling, and/or processing SCI, but where SCI will not be stored.
- The SWA shall be controlled at all times by SCI-indoctrinated individuals or secured with a GSA-approved combination lock.
- The SCIF shall be alarmed in accordance with Chapter 7 with an initial alarm response time of 15 minutes.
- Access control shall be in accordance with Chapter 8.
- Perimeter construction shall comply with section 3.C. above.
- All SCI used in an SWA shall be removed and stored in GSA-approved security containers within a SCIF, a vault, or be destroyed when the SWA is unoccupied.
Chapter 4. SCIFs Outside the U.S. and NOT Under Chief of Mission (COM) Authority
- General
- Requirements outlined here apply only to SCIFs located outside of the U.S., its territories and possessions that are not under COM authority.
- The application and effective use of SID may allow AOs to deviate from this guidance at Category II and III facilities.
- Establishing Construction Criteria Using Threat Ratings
- The Department of State’s (DoS) Security Environment Threat List (SETL) shall be used in the selection of appropriate construction criteria based on technical threatening.
- If the SETL does not have threat information for the city of construction, the SETL threat rating for the closest city within a given country shall When only the capital is noted, it will represent the threat for all SCIF construction within that country.
- Based on technical threat ratings, building construction has been divided into the following three categories for construction purposes:
- Category I – Critical or High Technical Threat, High Vulnerability Buildings
- Category II – High Technical Threat, Low Vulnerability Buildings
- Category III – Low and Medium Technical Threat
- Facilities in Category I Areas
- Open Storage Facilities
- Open storage is to be avoided in Category I areas. The head of the IC element shall certify mission essential need and approve on case-by-case basis. When approved, open storage should only be allowed when the host facility is manned 24-hours-per-day by a cleared U.S. presence or the SCIF is continuously occupied by U.S. SCI-indoctrinated personnel.
- SCI shall be contained within approved vaults or Class M or greater modular vaults.
- The SCIF shall be alarmed in accordance with Chapter 7.
- Access control shall be in accordance with Chapter 8.
- An alert system and/or duress alarm is recommended.
- Initial alarm response time shall be five minutes.
- Closed Storage Facilities
- The SCIF perimeter shall provide five minutes of forced-entry protection. (Refer to Wall B or Wall C construction methods)
- The SCIF shall be alarmed in accordance with Chapter 7.
- Access control system shall be in accordance with Chapter 8.
- SCI shall be stored in GSA-approved containers or in an area that meets vault construction standards.
- Initial alarm response time shall be within 15 minutes.
- Continuous Operation Facilities
- An alert system and duress alarm is required.
- The capability shall exist for storage of all SCI in GSA-approved security containers or vault.
- The emergency plan shall be tested semi-annually.
- Perimeter walls shall comply with enhanced wall construction methods in accordance Wall B or C standards.
- The SCIF shall be alarmed in accordance with Chapter 7.
- Access control shall be in accordance with Chapter 8.
- Initial response time shall be five minutes.
- SWAs
- Open Storage Facilities
Construction and use of SWAs is not authorized for facilities in Category I areas because of the significant risk to SCI.
-
-
- TSWAs
-
Construction and use of TSWAs is not authorized for facilities in Category I areas because of the significant risk to SCI.
The above standard is met with our GSA AA-V-2737 Vaults and AA-D-600D Vault Doors. Contact International Vault to learn more about our products and compliance with ISD/ICS 705