Skip to content Skip to footer site map

Sign In
Home
Treasury For...
AboutExpand About
Resource CenterExpand Resource Center
Empty
ServicesExpand Services
InitiativesExpand Initiatives
CareersExpand Careers
Connect with Us

About

Treasury Order 105-20

DATE: August 9, 2013

SUBJECT: Insider Threat Program

  1. PURPOSE .  To establish a Department of the Treasury Insider Threat Program in accordance with Executive Order 13587, and its implementing policies and standards, as well as the other authorities set out in Section 7 below.

  2. SCOPE .  This Order applies to all bureaus, offices, and organizations of the Department of the Treasury, including the offices of Inspectors General, within the Department.  The provisions of this Order shall not be construed to interfere with or impede the authorities or independence of the Department's Inspectors General. 

  3. POLICY .  It is the policy of the Department of the Treasury to deter, detect, and mitigate insider threats that would do harm to the security of the United States.  These efforts include safeguarding classified national security information, while protecting the privacy, civil rights, and civil liberties of Treasury personnel.

  4. DELEGATION .  The Deputy Assistant Secretary for Security, or its successor position, is the Senior Official for establishing and managing the Insider Threat Program in accordance with the authorities set out in Section 7 below.

  5. STEERING COMMITTEE .  There is established an Insider Threat Steering Committee to advise the Senior Official on management of the Insider Threat Program.  The Steering Committee, chaired by the Senior Official, is composed of representatives of the Treasury Offices of the Chief Information Officer; Counterintelligence; General Counsel; Human Resources; Privacy, Transparency, and Records; Security Programs; and such other bureaus, offices, and organizations as the Senior Official shall prescribe.  The Treasury Inspector General will attend and observe the activities of the Committee, and provide input and oversight as appropriate.

  6. RESPONSIBILITIES

    • The Under Secretary for Terrorism and Financial Intelligence shall provide oversight of the Insider Threat Program.

    • The Senior Official shall, with the advice of the Steering Committee, establish and manage the Insider Threat Program in accordance with the authorities set out in Section 7 below, including the development and issuance in Treasury Directive Publication (TD P) 15-71 ("Treasury Security Manual") of policies and procedures as required.  In managing the Insider Threat Program, the Senior Official shall, among other things:

      1. Establish the Insider Threat Program as a centralized hub for reporting, analyzing, and responding to insider threat information.

      2. Assign personnel to the Insider Threat Program with training in counterintelligence and security functions as well as applicable investigative and civil liberties and privacy laws, regulations, and policies.

      3. Promulgate policies and procedures governing the Steering Committee.

      4. Establish definitional and reporting guidelines for bureaus, offices, and organizations to refer relevant insider threat information to the Insider Threat Program.

      5. Establish the capability to monitor user activity on all classified networks consistent with applicable law, regulations, and policies.

      6. Establish policies and procedures for properly protecting, storing, and limiting access to insider threat information to authorized personnel.

      7. Establish mechanisms for employees to report insider threat information directly to the Insider Threat Program.

      8. Provide insider threat awareness training to employees determined eligible for access to classified information upon entry on duty and annually thereafter.

      9. Establish policies and procedures in coordination with the Inspectors General, in accordance with their authorities, for the Inspectors General to report insider threat information and for the Insider Threat Program to refer matters as appropriate to the Inspectors General.

    • The Chief Information Officer and the heads of the Treasury Offices of Counterintelligence; Human Resources; Privacy, Transparency, and Records; Security Programs; or their successors; such additional bureaus, offices, and organizations prescribed by the Senior Official; and the Inspectors General, to the extent consistent with their authorities and Section 6.b.9 above, shall:

      1. Ensure the Insider Threat Program is provided with access to information within the bureau's, office's, and organization's area of administrative control, as directed by the Senior Official, that is necessary to identify, analyze, and resolve insider threat matters.  When providing access to information, bureaus, offices, and organizations will make every reasonable effort to provide access only to the information requested.

      2. Submit any dispute regarding the Senior Official's access to information to the Steering Committee for resolution.  The Under Secretary for Terrorism and Financial Intelligence shall resolve any request for reconsideration from the Steering Committee's decision.

    • All Treasury personnel:

      1. Shall report insider threat information to the Insider Threat Program as prescribed by the Senior Official.

      2. Are notified that their activity on any Department of the Treasury classified or unclassified network, to include portable electronic devices, is subject to monitoring and could be used against them in a criminal, security, or administrative proceeding.

    • The Assistant Secretary for Intelligence and Analysis shall, to the extent permissible, ensure the Insider Threat Program has timely access to intelligence and counterintelligence information pertaining to adversarial threats.

  7. AUTHORITIES.

    1. 31 U.S.C. 311 & 312
    2. 31 U.S.C. 321(b)
    3. The Inspector General Act of 1978, as amended
    4. Executive Order 13587, and its implementing policies and standards
    5. Executive Order 12968
    6. Executive Order 12333
    7. Executive Order 10450

  8. OFFICES OF PRIMARY INTEREST .  Office of the Under Secretary for Terrorism and Financial Intelligence; Office of Counterintelligence; Office of Security Programs.

      /S/
      Jacob J. Lew
      Secretary of the Treasury

      Last Updated: 9/10/2013 11:44 AM
      Untitled 1

      E-Mail Signup

      Sign Up to Receive Treasury.gov News src= Sign up to Receive
      Treasury.gov News