agreements referred to in Article 12(2)(a);

decisions authorising the release of EUCI to third States and international organisations;

an annual inspection programme proposed by the Secretary-General and recommended by the Security Committee for inspections of Member States’ services and premises and of EU agencies and bodies established under Title V, Chapter 2 of the TEU as well as of Europol and Eurojust, and assessment visits to third States and international organisations in order to ascertain the effectiveness of measures implemented for protecting EUCI; and

security policies as foreseen in Article 6(1).

implement the Council’s security policy and keep it under review;

coordinate with Member States’ NSAs on all security matters relating to the protection of classified information relevant for the Council’s activities;

grant EU PSCs to GSC officials and other servants in accordance with Article 7(3) before they may be granted access to information classified CONFIDENTIEL UE/EU CONFIDENTIAL or above;

as appropriate, order investigations into any actual or suspected compromise or loss of classified information held by or originating in the Council and request the relevant security authorities to assist in such investigations;

undertake periodic inspections of the security arrangements for protecting classified information on GSC premises;

undertake periodic inspections of the security arrangements for protecting EUCI in EU agencies and bodies established under Title V, Chapter 2, of the TEU, Europol, Eurojust, as well as in crisis management operations established under Title V, Chapter 2, of the TEU and by EU Special Representatives (EUSR) and the members of their teams;

undertake, jointly and in agreement with the NSA concerned, periodic inspections of the security arrangements for protecting EUCI in Member States’ services and premises;

coordinate security measures with the competent authorities of the Member States which are responsible for protecting classified information and, as appropriate, third States or international organisations, including on the nature of threats to the security of EUCI and the means of protection against them;

enter into the administrative arrangements referred to in Article 12(2)(b); and

undertake initial and periodic assessment visits to third States or international organisations in order to ascertain the effectiveness of measures implemented for protecting EUCI provided to or exchanged with them.

designate an NSA responsible for security arrangements for protecting EUCI in order that:

1. (i)

   EUCI held by any national department, body or agency, public or private, at home or abroad, is protected in accordance with this Decision;

2. (ii)

   security arrangements for protecting EUCI are periodically inspected;

3. (iii)

   all individuals employed within a national administration or by a contractor who may be granted access to information classified CONFIDENTIEL UE/EU CONFIDENTIAL or above are appropriately security cleared or are otherwise duly authorised by virtue of their functions in accordance with national laws and regulations;

4. (iv)

   security programmes are set up as necessary in order to minimise the risk of EUCI being compromised or lost;

5. (v)

   security matters related to protecting EUCI are coordinated with other competent national authorities, including those referred to in this Decision; and

6. (vi)

   responses are given to appropriate security clearance requests from EU agencies and bodies established under Title V, Chapter 2 of the TEU, Europol, Eurojust, as well as crisis management operations established under Title V, Chapter 2, of the TEU and EUSRs and their teams.

NSAs are listed in Appendix C;

ensure that their competent authorities provide information and advice to their governments, and through them to the Council, on the nature of threats to the security of EUCI and the means of protection against them.