Short Answer 
To classify information using derivative classification, one must identify authorized sources such as the Security Classification Guide (SCG), properly marked source documents, and NISPOM. Understanding each source’s role and recognizing non-sources, like DODM 5100.76 and security personnel, is crucial to avoid classification errors.
Step 1: Identify Authorized Sources
To properly classify information using derivative classification, it is essential to start by recognizing the key authorized sources. These include:
- Security Classification Guide (SCG): This document provides specific instructions on how to categorize various types of information.
- Properly Marked Source Documents: These documents already contain classified information and have the necessary annotations for classification levels.
- NISPOM: The National Industrial Security Program Operating Manual offers guidance on security requirements necessary for protecting classified information in defense contexts.
Step 2: Understand the Role of the Sources
Each authorized source plays a unique role in ensuring that classified information is handled correctly. Understanding these roles is crucial:
- The SCG outlines what information needs to be classified and the criteria for doing so.
- Source documents provide precedence for classification and details on how to apply the classifications.
- NISPOM includes broader security requirements essential for safeguarding classified data within the defense industry.
Step 3: Recognize Non-Sources
It’s also important to identify what does not qualify as an authorized source for derivative classification. This aids in avoiding errors:
- DODM 5100.76: Though focusing on protecting sensitive military items, it does not serve as a source for derivative classification.
- Facility Security Officers and Security Managers: They are responsible for overseeing security but do not provide classification guidance.