"Controlling access to the technically sophisticated cryptographic systems employed by the United States Government is a government-wide challenge. The systems can be compromised if individuals are not subject to reasonable controls regarding access to the U.S. classified cryptographic information supporting these systems. This policy supersedes NSTISS Policy No. 3, 'National Policy on Granting Access to U.S. Classified Cryptographic Information,' dated 19 December 1988. This policy establishes uniform criteria for minimizing the loss or unauthorized disclosure of U.S. classified cryptographic information. The policy makes reference to the possible use of a non-lifestyle, counterintelligence scope polygraph examination. It should be noted, however, that the polygraph is not intended to be used as a prescreening mechanism for determining cryptographic access. In accordance with the Federal Information Security Management Act (FISMA) of 2002, the Committee on National Security Systems (CNSS) Secretariat has initiated an Issuance Compliance Process for reporting annual status of Department and Agency implementation of new/revised CNSS Issuances. The first report for the attached policy is due six months following its issuance. Additional copies of this policy may be obtained from the Secretariat or the CNSS Website -- www.cnss.gov."
CNSS Policy No. 3
Committee on National Security Systems: http://www.cnss.gov/