Incorporated

Policy changes from this SAMM E-Change memo have been incorporated into the SAMM.

DoD Shield

DEFENSE SECURITY COOPERATION AGENCY
201 12th STREET SOUTH, STE 203
ARLINGTON, VA 22202-5408

 7/25/2012

MEMORANDUM FOR :

DEPUTY UNDER SECRETARY OF THE AIR FORCE FOR INTERNATIONAL AFFAIRS
DEPUTY ASSISTANT SECRETARY OF THE ARMY FOR DEFENSE EXPORTS AND COOPERATION
DEPUTY ASSISTANT SECRETARY OF THE NAVY FOR INTERNATIONAL PROGRAMS
DIRECTOR, DEFENSE CONTRACT MANAGEMENT AGENCY
DIRECTOR FOR SECURITY ASSISTANCE, DEFENSE FINANCE AND ACCOUNTING SERVICE - INDIANAPOLIS OPERATIONS
DIRECTOR, DEFENSE INFORMATION SYSTEMS AGENCY
DIRECTOR, DEFENSE LOGISTICS AGENCY
DIRECTOR, DEFENSE LOGISTICS INFORMATION SERVICE
DIRECTOR, DEFENSE LOGISTICS AGENCY DISPOSITION SERVICES
DIRECTOR, DEFENSE THREAT REDUCTION AGENCY
DIRECTOR, NATIONAL GEOSPATIAL - INTELLIGENCE AGENCY
DEPUTY DIRECTOR FOR INFORMATION ASSURANCE, NATIONAL SECURITY AGENCY

SUBJECT :

Revised Notes for Communications Security (COMSEC) Enhanced End-Use Monitoring (EEUM), DSCA Policy 12-42 [SAMM E-Change 204]

The attached change to the Security Assistance Management Manual (SAMM) deletes the EEUM note for Controlled Cryptographic Items (CCI) and revises existing COMSEC EEUM notes to distinguish separate requirements for North Atlantic Treaty Organization (NATO) Members, Australia, and New Zealand from those for other countries and international organizations for both normal Foreign Military Sales (FMS) Letters of Offer and Acceptance (LOAs) and Building Partner Capacity Program (BPC) pseudo-LOAs. These revisions highlight the fact that countries and international organizations other than NATO, Australia, and New Zealand may purchase COMSEC services (the use of the COMSEC products) but not the COMSEC products themselves. In all such cases, the United States retains legal title to the COMSEC products and can recall the COMSEC products at any time without reimbursement to the customer.

In addition, the National Security Agency (NSA) has requested that all LORs directed to NSA be submitted electronically to the following email address: DLFMSLOR@nsa.gov. USASAC also has a new LOR Inbox: usarmy.redstone.usasac.mbx.lor-inbox@mail.mil

This change will take effect immediately. Appendix 6 of the SAMM will be updated as reflected in the attachment, and this change will be included in the online version of the SAMM found on the DSCA Web Page, www.dsca.mil/samm/, as SAMM E-Change 203. If you have questions regarding this policy please contact Ms. Holly Haverstick, DSCA/PGM/WPN, at (703) 604-6601 or e-mail: holly.haverstick@dsca.mil. For questions on the SAMM, please contact Mr. Mike Slack, DSCA/STR/POL, at (703) 601-3842 or e-mail: michael.slack@dsca.mil. Implementing Agencies should disseminate this policy to supporting activities.

Scott Schless
Principal Director
Strategy

ATTACHMENT :
As stated

CC :

STATE/PM-RSAT
AFRICOM
CENTCOM
EUCOM
JFCOM
NORTHCOM
PACOM
SOCOM
SOUTHCOM
TRANSCOM
USASAC
SATFA TRADOC
NAVICP
NETSAFA
AFSAC
AFSAT
DISAM

SECURITY ASSISTANCE MANAGEMENT MANUAL (SAMM), E-CHANGE 203

Revision to Table C5.T2. IA's Authorized to Receive Letters of Request (LORs)

  1. In the third row, replace USASAC-LOR-INBOX@conus.army.mil with: usarmy.redstone.usasac.mbx.lor-inbox@mail.mil

  2. In the final row, replace the postal address for submission of LORs with the following email address: DLFMSLOR@nsa.gov.

Revisions to Appendix 6 Enhanced End-Use Monitoring Notes for COMSEC Products

  1. Delete the following notes:

    • Controlled Cryptographic Item (CCI)
    • Communication Security (COMSEC) Equipment End-Use Monitoring (EUM) - BPC
    • Communication Security (COMSEC) Equipment End-Use Monitoring (EUM) - FMS

     

  2. Add the following four notes:

COMMUNICATIONS SECURITY (COMSEC) ENHANCED END-USE MONITORING (EEUM) - BPC - NATO MEMBERS, AUSTRALIA, OR NEW ZEALAND

Note Usage

Mandatory for BPC LOAs to NATO members, Australia, or New Zealand that include COMSEC equipment.

Mandatory for Amendments and Modifications that add COMSEC equipment.

Mandatory for Amendments that add no additional COMSEC equipment if the note on the current implemented version of the case varies from this text.
References

See Chapter 8.
Note Input Responsibility

CWD
Note Text

"This LOA provides COMSEC products that require physical security and accountability as set forth in the following agreements and documents (not all may be applicable):

  1. 1. NATO Security Agreements including implementing directives and policies promulgated by the NATO Military Committee, NATO Communications and Information Agency, (NCI Agency), NATO Office of Security, and other NATO organizations.

  2. 2. Bilateral and/or multilateral Communications Security and other security agreements between the U.S. and the Benefitting Country.

 

The Benefitting Country is aware that upon U.S. Government request, the COMSEC products and their inventory and accountability records are to be made available to U.S. representatives for the purpose of conducting a compliance assessment with the requirements stated in applicable agreements and documents above. This assessment will not be a COMSEC account audit and will not include an inspection of keying material."

COMMUNICATIONS SECURITY (COMSEC) ENHANCED END-USE MONITORING (EEUM) - BPC - TO OTHER THAN NATO MEMBERS, AUSTRALIA, OR NEW ZEALAND

Note Usage

Mandatory for BPC LOAs to countries other than NATO members, Australia, or New Zealand that include COMSEC equipment.

Mandatory for Amendments and Modifications that add COMSEC equipment.

Mandatory for Amendments that add no additional COMSEC equipment if the note on the current implemented version of the case varies from this text.
References

See Chapter 8.
Note Input Responsibility

CWD
Note Text

Line item(s) [fill-in] are being procured under Foreign Military Sales-Cryptographic Device Services (FMS-CDS) procedures and are subject to foreign national ownership and use restrictions and limitations. FMS-CDS is the procurement of COMSEC services rather than COMSEC products.

The following restrictions and/or limitations apply to all FMS-CDS cases:

  1. The U.S retains legal title to the COMSEC products;

  2. The U.S. may recall the COMSEC products at any time without reimbursement to the purchaser;

  3. The COMSEC products must be used only to support specific U.S. validated or endorsed requirements; and

  4. Only U.S.-produced keying material may be used to key the device

COMSEC products procured under this LOA require physical security and accountability as set forth or referenced in the following agreements and documents (not all may be applicable):

  1. Communications Interoperability and Security Memorandum of Agreement;

  2. NAG-14C, Allied COMSEC Material Accounting Manual;

  3. NAG-18A, Safeguarding COMSEC Material and Facilities; and/or

  4. Bilateral and/or multilateral COMSEC and other applicable information security agreements

The Benefitting Country is aware that upon U.S. Government request, the COMSEC products and the purchaser's inventory and accountability records will be made available to U.S. representatives for the purpose of conducting a compliance assessment. The compliance assessment is not a COMSEC account audit or inventory, and does not include an inspection of keying material.

COMMUNICATIONS SECURITY (COMSEC) ENHANCED END-USE MONITORING (EEUM) - FMS - NATO MEMBERS, AUSTRALIA, OR NEW ZEALAND

Note Usage

Mandatory for FMS LOAs to NATO members, Australia, or New Zealand that include COMSEC equipment.

Mandatory for Amendments and Modifications that add COMSEC equipment.

Mandatory for Amendments that add no additional COMSEC equipment if the note on the current implemented version of the case varies from this text.
References

See Chapter 8.
Note Input Responsibility

CWD
Note Text

"This LOA provides COMSEC products that require physical security and accountability as set forth in the following agreements and documents (not all may be applicable).

  1. NATO Security Agreements including implementing directives and policies promulgated by the NATO Military Committee, NATO Communications and Information Agency, (NCI Agency), NATO Office of Security and other NATO organizations.

  2. Bilateral and/or multilateral Communications Security and other security agreements between the U.S. and the purchaser.

The purchaser agrees that, upon U.S. Government request, the COMSEC products and the purchaser's inventory and accountability records will be made available to U.S. representatives for the purpose of conducting a compliance assessment with the requirements in agreements and documents above (not all may be applicable). This assessment will not be a COMSEC account audit and will not include an inspection of keying material."

COMMUNICATIONS SECURITY (COMSEC) ENHANCED END-USE MONITORING (EEUM) - FMS -TO OTHER THAN NATO MEMBERS, AUSTRALIA, OR NEW ZEALAND

Note Usage

Mandatory for FMS LOAs to countries other than NATO members, Australia, or New Zealand that include COMSEC equipment.

Mandatory for Amendments and Modifications that add COMSEC equipment.

Mandatory for Amendments that add no additional COMSEC equipment if the note on the current implemented version of the case varies from this text.
References

See Chapter 8.
Note Input Responsibility

CWD
Note Text

Line item(s) [fill-in] are being procured under Foreign Military Sales-Cryptographic Device Services (FMS-CDS) procedures and are subject to foreign national ownership and use restrictions and limitations. FMS-CDS is the procurement of COMSEC services rather than COMSEC products.

The following restrictions and/or limitations apply to all FMS-CDS cases:

  1. The U.S retains legal title to the COMSEC products;

  2. The U.S. may recall the COMSEC products at any time without reimbursement to the purchaser;

  3. The COMSEC products must be used only to support specific U.S. validated or endorsed requirements; and

  4. Only U.S.-produced keying material must be used to key the device

COMSEC products procured under this LOA require physical security and accountability as set forth or referenced in the following agreements and documents (not all may be applicable):

  1. Communications Interoperability and Security Memorandum of Agreement;

  2. NAG-14C, Allied COMSEC Material Accounting Manual;

  3. NAG-18A, Safeguarding COMSEC Material and Facilities; and/or

  4. Bilateral and/or multilateral COMSEC and other applicable information security agreements

The purchaser agrees that, upon U.S. Government request, the COMSEC products and the purchaser's inventory and accountability records will be made available to U.S. representatives for the purpose of conducting a compliance assessment. The compliance assessment is not a COMSEC account audit or inventory, and does not include an inspection of keying material.