Search Legislation

Advanced Search

Commission Decision of 29 November 2001 amending its internal Rules of Procedure (notified under document number C(2001) 3031) (2001/844/EC, ECSC, Euratom) (repealed)

Help about what version

What Version

Close

This is a legislation item that originated from the EU

After exit day there will be three versions of this legislation to consult for different purposes. The legislation.gov.uk version is the version that applies in the UK. The EU Version currently on EUR-lex is the version that currently applies in the EU i.e you may need this if you operate a business in the EU.

The web archive version is the official version of this legislation item as it stood on exit day before being published to legislation.gov.uk and any subsequent UK changes and effects applied. The web archive also captured associated case law and other language formats from EUR-Lex.

Changes to legislation:

There are currently no known outstanding effects for the Commission Decision of 29 November 2001 amending its internal Rules of Procedure (notified under document number C(2001) 3031) (2001/844/EC, ECSC, Euratom) (repealed). Help about Changes to Legislation

Close

Changes to Legislation

Revised legislation carried on this site may not be fully up to date. At the current time any known changes or effects made by subsequent legislation have been applied to the text of the legislation you are viewing by the editorial team. Please see ‘Frequently Asked Questions’ for details regarding the timescales for which new effects are identified and recorded on this site.

  1. Introductory Text

  2. Article 1.The Commission's provisions on security, the text of which is...

  3. Article 2.This Decision shall enter into force on the day of...

    1. ANNEX

      COMMISSION PROVISIONS ON SECURITY

      1. Whereas:

      2. In order to develop Commission activities in areas which require...

      3. Article 1.The Commission's rules on security are set out in the...

      4. Article 2.(1) The Member of the Commission responsible for security matters...

      5. Article 3.Third states, international organisations and other bodies shall be allowed...

      6. Article 4.In keeping with the basic principles and minimum standards of...

      7. Article 5.As from the date of their application, these provisions shall...

      8. Article 6.As from the date of application of these provisions, all...

      9. ANNEX

        RULES ON SECURITY

        1. PART I: BASIC PRINCIPLES AND MINIMUM STANDARDS OF SECURITY

          1. 1. INTRODUCTION

          2. 2. GENERAL PRINCIPLES

          3. 3. FOUNDATIONS OF SECURITY

          4. 4. PRINCIPLES OF INFORMATION SECURITY

            1. 4.1. Objectives

            2. 4.2. Definitions

            3. 4.3. Classification

            4. 4.4. Aims of security measures

          5. 5. ORGANISATION OF SECURITY

            1. 5.1. Common minimum standards

            2. 5.2. Organisation

          6. 6. SECURITY OF PERSONNEL

            1. 6.1. Clearance of personnel

            2. 6.2. Records of personnel clearances

            3. 6.3. Security instruction of personnel

            4. 6.4. Management responsibilities

            5. 6.5. Security status of personnel

          7. 7. PHYSICAL SECURITY

            1. 7.1. Need for protection

            2. 7.2. Checking

            3. 7.3. Security of buildings

            4. 7.4. Contingency plans

          8. 8. SECURITY OF INFORMATION

          9. 9. COUNTER-SABOTAGE AND CONTROL OF OTHER FORMS OF MALICIOUS WILFUL DAMAGE...

          10. 10. RELEASE OF CLASSIFIED INFORMATION TO THIRD STATES OR INTERNATIONAL ORGANISATIONS...

        2. PART II: THE ORGANISATION OF SECURITY IN THE COMMISSION

          1. 11. THE MEMBER OF THE COMMISSION RESPONSIBLE FOR SECURITY MATTERS

          2. 12. THE COMMISSION SECURITY POLICY ADVISORY GROUP

          3. 13. THE COMMISSION SECURITY BOARD

          4. 14. THE COMMISSION SECURITY DIRECTORATE

          5. 15. SECURITY INSPECTIONS

          6. 16. CLASSIFICATIONS, SECURITY DESIGNATORS AND MARKINGS

            1. 16.1. Levels of classification

            2. 16.2. Security designators

            3. 16.3. Markings

            4. 16.4. Affixing of classification

            5. 16.5. Affixing of security designators

          7. 17. CLASSIFICATION MANAGEMENT

            1. 17.1. General

            2. 17.2. Application of classifications

            3. 17.3. Downgrading and declassification

          8. 18. PHYSICAL SECURITY

            1. 18.1. General

            2. 18.2. Security requirements

            3. 18.3. Physical security measures

              1. 18.3.1. Security areas

              2. 18.3.2. Administrative area

              3. 18.3.3. Entry and exit controls

              4. 18.3.4. Guard patrols

              5. 18.3.5. Security containers and strong rooms

              6. 18.3.6. Locks

              7. 18.3.7. Control of keys and combinations

              8. 18.3.8. Intrusion detection devices

              9. 18.3.9. Approved equipment

              10. 18.3.10. Physical protection of copying and telefax machines

            4. 18.4. Protection against overlooking and eavesdropping

              1. 18.4.1. Overlooking

              2. 18.4.2. Eavesdropping

              3. 18.4.3. Introduction of electronic and recording equipment

            5. 18.5. Technically secure areas

          9. 19. GENERAL RULES ON THE NEED TO KNOW PRINCIPLE AND EU...

            1. 19.1. General

            2. 19.2. Specific rules on access to TRES SECRET UE/EU TOP SECRET...

            3. 19.3. Specific rules on access to SECRET UE and CONFIDENTIEL UE...

            4. 19.4. Specific rules on access to RESTREINT UE information

            5. 19.5. Transfers

            6. 19.6. Special instructions

          10. 20. SECURITY CLEARANCE PROCEDURE FOR COMMISSION OFFICIALS AND OTHER EMPLOYEES

          11. 21. PREPARATION, DISTRIBUTION, TRANSMISSION, COURRIER PERSONAL SECURITY AND EXTRA COPIES OF...

            1. 21.1. Preparation

              1. 1. The EU classifications shall be applied as established in Section...

              2. 2. Documents classified CONFIDENTIEL UE and above shall be typed, translated,...

              3. 3. The provisions regulating the computerised production of classified documents are...

            2. 21.2. Distribution

              1. 1. EU classified information shall be distributed only to persons with...

              2. 2. TRES SECRET UE/EU TOP SECRET documents shall be circulated through...

              3. 3. Documents classified SECRET UE and below may be redistributed by...

              4. 4. Every document classified CONFIDENTIEL UE and above shall, on arriving...

            3. 21.3. Transmission of EU classified documents

              1. 21.3.1. Packaging, receipts

                1. 1. Documents classified CONFIDENTIEL UE and above shall be transmitted in...

                2. 2. Only a Registry Control Officer (see Section 22.1), or his...

                3. 3. A receipt form shall be placed in the inner envelope....

                4. 4. The inner envelope shall be enclosed in an outer envelope...

                5. 5. For documents classified CONFIDENTIEL UE and above, couriers and messengers...

              2. 21.3.2. Transmission within a building or group of buildings

              3. 21.3.3. Transmission within a country

                1. 1. Within a country, TRES SECRET UE/EU TOP SECRET documents should...

                2. 2. Whenever a messenger service is used for the transmission of...

                3. 3. Exceptionally, TRES SECRET UE/EU TOP SECRET documents may be taken...

                4. 4. Within a given country, SECRET UE and CONFIDENTIEL UE documents...

                5. 5. The Commission Security Directorate will prepare instructions on the personal...

              4. 21.3.4. Transmission from one State to another

                1. 1. Material classified CONFIDENTIEL UE and above shall be conveyed by...

                2. 2. However, the personal carriage of material classified SECRET UE and...

                3. 3. The Member of the Commission responsible for security matters may...

                4. 4. The person designated to carry the classified material must read...

              5. 21.3.5. Transmission of RESTREINT UE documents

            4. 21.4. Courier personnel security

            5. 21.5. Electronic and other means of technical transmission

              1. 1. Communications security measures are designed to ensure the secure transmission...

              2. 2. Only accredited communications centres and networks and/or terminals and systems...

            6. 21.6. Extra copies and translations of and extracts from EU classified...

              1. 1. Only the originator may authorise the copy or translation of...

              2. 2. If persons without TRES SECRET UE/EU TOP SECRET clearance require...

              3. 3. Documents classified SECRET UE and lower may be reproduced and...

          12. 22. EUCI REGISTRIES, MUSTERS, CHECKS, ARCHIVE STORAGE AND DESTRUCTION OF EUCI...

            1. 22.1. Local EUCI Registries

              1. 1. Within the Commission, in each department, as required, one or...

              2. 2. When a department does not have a Local EUCI Registry,...

              3. 3. Local EUCI Registries shall report to the Head of department...

              4. 4. They shall be subject to the supervision of the Local...

              5. 5. Officials assigned to the Local EUCI Registries shall be authorised...

              6. 6. Under the authority of the relevant Head of department the...

              7. 7. The Local EUCI Registries shall keep a register of the...

              8. 8. The general rules provided for in Section 21 shall apply...

            2. 22.2. The TRES SECRET UE/EU TOP SECRET Registry

              1. 22.2.1. General

                1. 1. A Central TRES SECRET UE/EU TOP SECRET Registry ensures the...

                2. 2. The Central TRES SECRET UE/EU TOP SECRET Registry will act...

                3. 3. When necessary, sub-registries shall be established, to be responsible for...

                4. 4. TRES SECRET UE/EU TOP SECRET sub-registries shall be set up...

                5. 5. Sub-registries may not transmit TRES SECRET UE/EU TOP SECRET documents...

                6. 6. All exchanges of TRES SECRET UE/EU TOP SECRET documents between...

              2. 22.2.2. The Central TRES SECRET UE/EU TOP SECRET Registry

              3. 22.2.3. TRES SECRET UE/EU TOP SECRET sub-registries

            3. 22.3. Inventories, musters and checks of EU classified documents

              1. 1. Every year, each TRES SECRET UE/EU TOP SECRET Registry as...

              2. 2. TRES SECRET UE/EU TOP SECRET Sub-registries shall forward the findings...

              3. 3. EU classified documents below the level of TRES SECRET UE/EU...

              4. 4. These operations shall afford the opportunity to secure holders' views...

            4. 22.4. Archive storage of EU classified information

              1. 1. EUCI shall be stored under conditions that comply with all...

              2. 2. To minimise storage problems, the Control Officers of all registries...

              3. 3. These rules also apply to any other form of authorised...

            5. 22.5. Destruction of EU classified documents

              1. 1. To prevent the unnecessary accumulation of EU classified documents, those...

              2. 2. SECRET UE documents shall be destroyed by the registry responsible...

              3. 3. CONFIDENTIEL UE documents shall be destroyed by the registry responsible...

              4. 4. RESTREINT UE documents shall be destroyed by the registry responsible...

            6. 22.6. Destruction in emergencies

              1. 1. The Commission departments shall prepare plans based on local conditions...

              2. 2. The arrangements for the safeguarding and/or destruction of SECRET UE...

              3. 3. The measures to be adopted for the safeguarding and destruction...

              4. 4. Instructions need to be available on the spot in a...

          13. 23. SECURITY MEASURES FOR SPECIFIC MEETINGS HELD OUTSIDE THE COMMISSION PREMISES...

            1. 23.1. General

            2. 23.2. Responsibilities

              1. 23.2.1. The Commission Security Directorate

              2. 23.2.2. Meeting Security Officer (MSO)

            3. 23.3. Security measures

              1. 23.3.1. Security areas

              2. 23.3.2. Passes

              3. 23.3.3. Control of photographic and audio equipment

              4. 23.3.4. Checking of briefcases, portable computers and packages

              5. 23.3.5. Technical security

              6. 23.3.6. Delegations' documents

              7. 23.3.7. Safe custody of documents

              8. 23.3.8. Inspection of offices

              9. 23.3.9. Disposal of EU classified waste

          14. 24. BREACHES OF SECURITY AND COMPROMISE OF EU CLASSIFIED INFORMATION

            1. 24.1. Definitions

            2. 24.2. Reporting breaches of security

            3. 24.3. Legal action

          15. 25. PROTECTION OF EU CLASSIFIED INFORMATION HANDLED IN INFORMATION TECHNOLOGY AND...

            1. 25.1. Introduction

              1. 25.1.1. General

              2. 25.1.2. Threats to, and vulnerabilities of systems

              3. 25.1.3. Main purpose of security measures

              4. 25.1.4. System-specific security requirement statement (SSRS)

              5. 25.1.5. Security modes of operation

            2. 25.2. Definitions

              1. Note:

              2. Note:

              3. Notes:

                1. (1) The common need-to-know indicates there is no mandatory requirement for...

                2. (2) Other security features (for example, physical, personnel and procedural) shall...

              4. Notes:

                1. (1) The evaluation investigates the presence of required security functionality and...

                2. (2) The evaluation determines the extent to which the security requirements...

              5. Note:

              6. Notes:

                1. (1) An IT network can use the services of one or...

                2. (2) An IT network is called ‘local’ if it links several...

              7. Notes:

                1. (1) This is taken to mean an assembly of facilities, configured...

                2. (2) Such systems may be in support of consultation, command, control,...

                3. (3) The boundaries of a system will generally be determined as...

                4. (4) An IT system may contain subsystems some of which are...

              8. Notes:

                1. (1) This mode of operation permits, currently, the handling of information...

                2. (2) The fact that not all individuals are cleared to the...

              9. Notes:

                1. (1) The lack of common need-to-know indicates that there is a...

                2. (2) Other security features (for example, physical, personnel and procedural) shall...

                3. (3) All information handled or being available to a system under...

            3. 25.3. Security responsibilities

              1. 25.3.1. General

              2. 25.3.2. The Security accreditation authority (SAA)

              3. 25.3.3. The INFOSEC Authority (IA)

              4. 25.3.4. The Technical Systems Owner (TSO)

              5. 25.3.5. The Information Owner (IO)

              6. 25.3.6. Users

              7. 25.3.7. INFOSEC training

            4. 25.4. Non technical security measures

              1. 25.4.1. Personnel security

              2. 25.4.2. Physical security

              3. 25.4.3. Control of access to a system

            5. 25.5. Technical security measures

              1. 25.5.1. Security of information

              2. 25.5.2. Control and accountability of information

              3. 25.5.3. Handling and control of removable computer storage media

              4. 25.5.4. Declassification and destruction of computer storage media

              5. 25.5.5. Communications security

              6. 25.5.6. Installation and radiation security

            6. 25.6. Security during handling

              1. 25.6.1. Security operating procedures (SecOPs)

              2. 25.6.2. Software protection/configuration management

              3. 25.6.3. Checking for the presence of malicious software/computer viruses

              4. 25.6.4. Maintenance

            7. 25.7. Procurement

              1. 25.7.1. General

              2. 25.7.2. Accreditation

              3. 25.7.3. Evaluation and certification

              4. 25.7.4. Routine checking of security features for continued accreditation

            8. 25.8. Temporary or occasional use

              1. 25.8.1. Security of microcomputers/personal computers

              2. 25.8.2. Use of privately-owned IT equipment for official Commission work

              3. 25.8.3. Use of contractor-owned or nationally-supplied IT equipment for official Commission...

          16. 26. RELEASE OF EU CLASSIFIED INFORMATION TO THIRD STATES OR INTERNATIONAL...

            1. 26.1.1. Principles regulating the release of EU classified information

            2. 26.1.2. Levels

            3. 26.1.3. Security agreements

        3. Appendix 1

        4. Appendix 2

          PRACTICAL CLASSIFICATION GUIDE

          1. This guide is indicative and may not be construed as...

          2. Classification When Who Affixing Downgrading/declassification/destruction Who When TRES SECRET UE/EU...

        5. Appendix 3

          Guidelines for the release of EU classified information to third States or international organisations: Level 1 cooperation

          1. PROCEDURES

            1. 1. The authority to release EU classified information to countries that...

            2. 2. Pending the conclusion of a security agreement, the Member of...

            3. 3. In doing so he/she:

            4. 4. The Member of the Commission responsible for security matters shall...

          2. SECURITY PROVISIONS TO BE APPLIED BY BENEFICIARIES

            1. 5. The Member of the Commission responsible for security matters shall...

            2. 6. The decision to release shall come into force only when...

            3. 7. Personnel

            4. 8. Transmission of documents

            5. 9. Registration

            6. 10. Destruction

            7. 11. Protection of documents

            8. 12. Copies, translations and extracts

            9. 13. Breaches of security

            10. 14. Inspections

            11. 15. Reporting

        6. Appendix 4

          Guidelines for the release of EU classified information to third States or international organisations: Level 2 cooperation

          1. PROCEDURES

            1. 1. The authority to release EU classified information to third States...

            2. 2. In principle, it is restricted to information classified up to...

            3. 3. Pending the conclusion of a security agreement, the Member of...

            4. 4. In doing so he/she:

            5. 5. The Commission Security Policy Advisory Group's opinion shall be on...

            6. 6. The Member of the Commission responsible for security matters shall...

          2. SECURITY RULES TO BE APPLIED BY BENEFICIARIES

            1. 7. The Member of the Commission responsible for security matters shall...

            2. 8. The decision to release shall come into force only when...

            3. 9. The following rules of protection shall apply unless the Commission,...

            4. 10. Personnel

            5. 11. Transmission of documents

            6. 12. Registration on arrival

            7. 13. Return of documents

            8. 14. Protection

            9. 15. Physical security

            10. 16. Breaches of security

            11. 17. Inspections

            12. 18. Reporting

        7. Appendix 5

          Guidelines for the release of EU classified information to third States or international organisations: Level 3 cooperation

          1. PROCEDURES

            1. 1. From time to time, the Commission may wish to cooperate...

            2. 2. The authority to release EU classified information to third States...

            3. 3. The Commission shall consider the wisdom of releasing classified information,...

            4. 4. If the Commission is in favour, the Member of the...

            5. 5. The Commission Security Policy Advisory Group's opinion shall be on...

            6. 6. The documents released to the States or organisations covered in...

            7. 7. The member of the Commission responsible for security matters shall...

            8. 8. Once the Commission has approved the release of EU classified...

            9. 9. The Member of the Commission responsible for security matters shall...

            10. 10. The Commission Security Directorate shall take all the necessary measures...

          2. SECURITY PROVISIONS TO BE APPLIED BY BENEFICIARIES

            1. 11. The Member of the Commission responsible for security matters shall...

            2. 12. The decision shall come into force only when the beneficiaries...

            3. 13. Transmission of documents

            4. 14. Registration on arrival

            5. 15. Use and protection of the classified information exchanged

            6. 16. Destruction

            7. 17. Breaches of security

        8. Appendix 6

Back to top

Options/Help

Print Options

You have chosen to open the Whole Decision

The Whole Decision you have selected contains over 200 provisions and might take some time to download. You may also experience some issues with your browser, such as an alert box that a script is taking a long time to run.

Would you like to continue?

You have chosen to open Schedules only

The Schedules you have selected contains over 200 provisions and might take some time to download. You may also experience some issues with your browser, such as an alert box that a script is taking a long time to run.

Would you like to continue?

Close

Legislation is available in different versions:

Latest Available (revised):The latest available updated version of the legislation incorporating changes made by subsequent legislation and applied by our editorial team. Changes we have not yet applied to the text, can be found in the ‘Changes to Legislation’ area.

Original (As adopted by EU): The original version of the legislation as it stood when it was first adopted in the EU. No changes have been applied to the text.

Point in Time: This becomes available after navigating to view revised legislation as it stood at a certain point in time via Advanced Features > Show Timeline of Changes or via a point in time advanced search.

Close

Opening Options

Different options to open legislation in order to view more content on screen at once

Close

More Resources

Access essential accompanying documents and information for this legislation item from this tab. Dependent on the legislation item being viewed this may include:

  • the original print PDF of the as adopted version that was used for the EU Official Journal
  • lists of changes made by and/or affecting this legislation item
  • all formats of all associated documents
  • correction slips
  • links to related legislation and further information resources
Close

Timeline of Changes

This timeline shows the different versions taken from EUR-Lex before exit day and during the implementation period as well as any subsequent versions created after the implementation period as a result of changes made by UK legislation.

The dates for the EU versions are taken from the document dates on EUR-Lex and may not always coincide with when the changes came into force for the document.

For any versions created after the implementation period as a result of changes made by UK legislation the date will coincide with the earliest date on which the change (e.g an insertion, a repeal or a substitution) that was applied came into force. For further information see our guide to revised legislation on Understanding Legislation.

Close

More Resources

Use this menu to access essential accompanying documents and information for this legislation item. Dependent on the legislation item being viewed this may include:

  • the original print PDF of the as adopted version that was used for the print copy
  • correction slips

Click 'View More' or select 'More Resources' tab for additional information including:

  • lists of changes made by and/or affecting this legislation item
  • confers power and blanket amendment details
  • all formats of all associated documents
  • links to related legislation and further information resources