NIST 800-53 REV 5 • PERSONNEL SECURITY

PS-6(2)Classified Information Requiring Special Protection

Verify that access to classified information requiring special protection is granted only to individuals who: Have a valid access authorization that is demonstrated by assigned official government duties; Satisfy associated personnel security criteria; and Have read, understood, and signed a nondisclosure agreement.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Supplemental Guidance

Classified information that requires special protection includes collateral information, Special Access Program (SAP) information, and Sensitive Compartmented Information (SCI). Personnel security criteria reflect applicable laws, executive orders, directives, regulations, policies, standards, and guidelines.

Practitioner Notes

Access to classified information requires specific nondisclosure agreements beyond standard access agreements. These are typically government-mandated forms with legal force behind them.

Example 1: Ensure every person with access to classified information has a signed SF-312 (Classified Information Nondisclosure Agreement) on file. The agreement must be signed before access is granted and a copy provided to the individual. The original goes in their security file.

Example 2: For compartmented access (SCI, SAP), execute program-specific nondisclosure agreements in addition to the SF-312. Track each agreement in your security management database and verify at least annually that all personnel with classified access have current agreements on file.

More Personnel Security Controls

PS-1 Policy and Procedures PS-2 Position Risk Designation PS-3 Personnel Screening PS-3(1) Classified Information