DSCA 07 - Draft SORN

Download: doc | pdf

DEPARTMENT OF DEFENSE

Office of the Secretary of Defense

Narrative Statement on a New System of Records

Under the Privacy Act of 1974

1. System identifier and name: DSCA 07, entitled “Security Assistance Network (SAN)”

2. Responsible official: Ernest McCallister, PhD, Director of International Studies, Defense Institute of Security Management, 2475 K Street, Wright-Patterson AFB, Ohio 45433, telephone (937) 713-3340.

3. Purpose of establishing the system: The SAN is a network used to exchange Security Cooperation personnel management, training and budget information between overseas Security Cooperation Offices, Geographical Combatant Commands, Military Departments, Defense Security Cooperation Agency, Defense Finance and Accounting Services, DoD Schoolhouses, Regional Centers, and International Host Nation Organizations. The SAN hosts the Security Assistance Automated Resource Management Suite (SAARMS) and the Security Cooperation International Resource Management System (SCIRMS), both of which are budget programs that do not collect personally identifiable information (PII). In addition, the SAN hosts the Security Cooperation Training Management System (SC-TMS) which are tools used by the Security Cooperation community to manage IMS training data.

The SAN also includes the Security Cooperation Workforce Database (SCWD) and International Affairs Certification Database (IACD) which tracks and provides the status of training for the Security Cooperation workforce certification levels.

4. Authority for the *maintenance (maintained, collected, used, or disseminated) of the system: 10 U.S.C. 134, Under Secretary of Defense for Policy; DoD Directive 5105.65, Defense Security Cooperation Agency (DSCA); DSCA Security Assistance Management Manual, Chapter 10, International Training; DoD Directive 5101.1, DoD Executive Agent; DoD Directive 5132.03, DoD Policy and Responsibilities Relating to Security Cooperation; Joint Security Cooperation Education and Training (JSCET) regulation, (AR12-1, SECNAVINST 4950.4B, AFI 16-105); Foreign Assistance and Arms Export Act § 548.

5. Provide the agency’s evaluation on the probable or potential effect on the privacy of individuals: In reviewing this SORN, the Defense Security Cooperation Agency reviewed the safeguards established for the system to ensure they are compliant with the DoD’s requirements and are appropriate to the sensitivity of the information stored within the system. There are no specific routine uses identified for this system of records and use of any DoD Blanket Routine Uses will be reviewed for consistency with this SORN before implementation.

6. Is the system, in whole or in part, being maintained, (maintained, collected, used or disseminated) by a contractor? Yes.

7. Steps taken to minimize risk of unauthorized access: Records are maintained in a controlled facility. Physical entry is restricted by the use of locks, and is accessible only to authorized personnel. Access to records is limited to person(s) responsible for servicing the record in performance of their official duties and who are properly screened and cleared for need-to-know. Access to computerized data is restricted by centralized access control to include the use of CAC, passwords (which are changed every 60 days), file permissions, and audit logs.

8. Routine use compatibility: In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, as amended, the records contained herein may specifically be disclosed outside the DoD as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

The DoD Blanket Routine Uses set forth at the beginning of the Office of the Secretary of Defense (OSD) compilation of systems of records notices may apply to this system.

9. OMB public information collection requirements:

OMB collection required: YES

OMB Control Number (if approved): Pending

Expiration Date (if approved) or Data Submitted to OMB:

Provide titles of any information collection requests (e.g., forms and number, surveys, interviews scripts, etc.) contained in the systems of records.

1. SC-TMS Training Form

If collecting on members of the public and no OMB approval is required, state the applicable exception(s): N/A

10. Name of IT system (state NONE if paper records only):

Security Assistance Network (SAN)

System identifier: DSCA 07

System name: Security Assistance Network

System location: Institute for Defense Analysis (IDA), 4850 Mark Center Drive, Alexandria, VA 22311.

Categories of individuals covered by the system:

DoD military and civilian employees, DoD contractors, Foreign Service Nationals, Industry students, and other within the Security Cooperation Community. Although not covered by

5 U.S.C. 552a, The Privacy Act of 1974, the system also contains data on non-US citizen participating in military training opportunities in US.

Categories of records in the system:

Security Assistance Network (SAN) - International Military Students (IMS) Data: Name and alias, full face photograph, gender, citizenship, nationality, date and place of birth, physical descriptions, email addresses, work and home addresses, work and home telephone numbers, marital status, military rank and date of rank, branch of military service, identification and control numbers, clearance, passport and visa information, health information, lodging and travel information, emergency contact(s), language capabilities, educational and employment information, academic evaluation, religious affiliation, preferences (i.e., food, entertainment, etc.), activity remarks, and dependency data (if accompanied).

US Personnel (including Foreign Service National) and Foreign Official at Minnistry of Defense (MoD): Name, organization, office telephone and fax numbers, point of contact function, and military rank.

SAN account holders: Name, Electronic Data Interchange Personal Identifier (EDIPI), user group number, organization, job title, office code, country/location code, status (e.g., government employee (American citizen), SAN affiliation-organization, responsibilities, mailing and email addresses, work, dsn and fax telephone numbers.

Security Cooperation Training Management System (SC-TMS): Full name, student numbers, gender, nationality, organization and mailing addresses, work number, country name, combatant command, area of expertise and duty type, civilian grade, service branch, military rank, diploma, test scores, supervisor name, email address, and work number, course type, registration date, level and status, certificates.

Security Cooperation Workforce Database (SCWD): Name, EDIPI, military rank, position number, source and title, funding source, billet category, higher headquarters, current service, organization, country/ state, rotate date, minimal training, and level of training.

International Affairs Certification Database (IACD):

Student Information - Full name, email address, mailing addresses, telephone and fax numbers, major command and mailing address, name of organization, office symbol/code, job title, job function, grade/rank, job series, military specialty, start date, total months in International Affairs related work, billet information, current certification level, highest education completed, and field of study.

Supervisor information - First and last name, email address, organization, office symbol, work phone and fax number

Authority for maintenance of the system:

10 U.S.C. 134, Under Secretary of Defense for Policy; DoD Directive 5105.65, Defense Security Cooperation Agency (DSCA); DSCA Security Assistance Management Manual, Chapter 10, International Training; DoD Directive 5101.1, DoD Executive Agent; DoD Directive 5132.03, DoD Policy and Responsibilities Relating to Security Cooperation; Joint Security Cooperation Education and Training (JSCET) regulation, (AR12-1, SECNAVINST 4950.4B, AFI 16-105); Foreign Assistance and Arms Export Act § 548.

Purpose(s):

The SAN is a network used to exchange Security Cooperation training and budget information between overseas Security Cooperation Offices, Geographical Combatant Commands, Military Departments, Defense Security Cooperation Agency, Defense Finance and Accounting Services, DoD Schoolhouses, Regional Centers, and International Host Nation Organizations. The SAN hosts the Security Assistance Automated Resource Management Suite (SAARMS) and the Security Cooperation International Resource Management System (SCIRMS), both of which are budget programs that do not collect personally identifiable information (PII). In addition, the SAN hosts the SC-TMS which are tools used by the Security Cooperation community to manage IMS training data.

The SAN also includes the SCWD and IACD which tracks and provides the status of training for the Security Cooperation workforce certification levels.

Routine uses of records maintained in the system, including categories of users and the purposes of such uses:

In addition to disclosures permitted by 5 U.S.C. § 552a(b), of the Privacy Act of 1974, the records may be disclosed outside of DoD as a routine use pursuant to 5 U.S.C. § 552a(b)(3) as follows:

The DoD “Blanket Routine Uses” set forth at the Office of the Secretary of Defense’s compilation of systems of records notices apply to this system.

Policies and practices for storing, retrieving, accessing, retaining, and disposing of records in the system:

Storage:

Electronic and paper media

Retrieval of records:

By name of individual

Safeguards:

Records are maintained in a controlled facility. Physical entry is restricted by the use of locks, and is accessible only to authorized personnel. Access to records is limited to person(s) responsible for servicing the record in performance of their official duties and who are properly screened and cleared for need-to-know. Access to computerized data is restricted by centralized access control to include the use of CAC, passwords (which are changed every 60 days), file permissions, and audit logs.

Retention and disposal:

Disposition pending (until the National Archives and Records Administration approve the retention and disposition of these records, treat as permanent).

System manager(s) and address:

SAN System Administrator; Defense Institute of Security Management, 2475 K. Street, Bldg. 52, Wright-Patterson AFB, Ohio 45433-7641.

Notification procedure:

Individuals seeking to determine whether information about themselves is contained in this system of records should address written inquiries to Defense Institute of Security Management, ATTN: Director of International Studies or Director of Research, 2475 K Street, Wright-Patterson AFB, Ohio 45433.

Written requests should include the full name, EDIPI (if available), current address and telephone number, and the number of the system of records notice and be signed.

Record access procedures:

Individuals seeking access to records about themselves contained in this system should address written inquiries to the Office of the Secretary of Defense/Joint Staff, Freedom of Information Act Requester Services, 4800 Mark Center Drive, Alexandria, VA 22350-3100.

Written requests should include the full name, EDIPI number (if available), current address and telephone number, and the number of the system of records notice and be signed.

Contesting record procedures:

The OSD rules for accessing records, for contesting contents and appealing initial agency determinations are published in OSD Administrative Instruction 81; 32 CFR Part 311; or may be obtained from the system manager.

Record source categories:

Individual or service organization

Exemptions claimed for the system:

None

File Type	application/msword
File Modified	2016-03-22
File Created	2016-03-22