News Bits

Engineers on
the Move

Feature Articles

Guest Articles


Engineering Consultants

Manufacturers Representatives and Distributors

Contractor Services

Professional Services

Professional Equipment and
Supply Firms

Engineering Resources

Virginia Schools

Engineering Societies

Career Listings

Home > Guest Articles >

The Virginia Engineer's Guest Articles

Handling and Protecting Sensitive But Unclassified Information

April, 2007

Handling and Protecting Sensitive But Unclassified Information
Knowing The Risks and Uncertainty Involved

By J. Michael Littlejohn and J. R. Steele

Since 9/11, dealing with information security issues has become more difficult in the construction world. Construction contractors, project managers, design-build firms, and subcontractors on major federal, state, and local government projects are increasingly seeing project documents designated as: “Critical Infrastructure Information” (CII), “Sensitive Security Information” (SSI), or “Sensitive But Unclassified” (SBU). In addition, these indicators are often times accompanied with contract clauses, Non-Disclosure Agreements, and/or certifications that require adequate protection of this information during the course of the project. Many contractors, engineers, and architects working on federal projects are familiar with the procedures and requirements for handling information classified by the federal government as “Confidential,” “Secret,” or “Top Secret.” However, responsibilities in handling sensitive but unclassified information is not so clear. Moreover, sensitive information is frequently shared with state, local municipalities, subcontractors, and consultants during the course of the project making management and protection of this information even more of a challenge. This lack of clarity combined with the fact that disclosure of this information can result in dire consequences should be of great concern for contracting, engineering, and architectural businesses.

What Is Sensitive But Unclassified Information?

For companies used to dealing with federal contracts, classified material handling is governed by the National Industrial Security Operating Manual (NISPOM). The government has determined that classified material is the type of information that if released could compromise national security. All federal agencies use the NISPOM and contractors, subcontractors, consultants, and employees who have access to classified information must first complete a background check and be granted an appropriate security clearance. Additionally, the NISPOM sets forth specific guidelines for the protection and storage of classified information. In general, the NISPOM guarantees a certain level of uniformity within the government when dealing with this classified material.

Unfortunately, this is not the case for Sensitive But Unclassified (SBU) type information. SBU