Which Of The Following Are Authorized Sources For Derivative Classification: Complete Guide

Which of the following are authorized sources for derivative classification?
It’s a question that pops up in every briefing, every training manual, and on every exam. The short answer is: it depends on the agency, the document, and the level of sensitivity. But the rule of thumb is simple: only those who are clearly authorized by policy or law can add, modify, or remove classification markings on a derivative work.

Below is a deep dive into what that means, why it matters, how to spot the red flags, and the practical steps you can take to stay compliant. Whether you’re a new analyst, a seasoned manager, or just a curious reader, this guide will give you the tools you need to handle the maze of derivative classification.

What Is Derivative Classification?

Derivative classification happens when you take an existing classified document—say a National Intelligence Estimate or a military operation plan—and produce a new document that contains the same or similar information. So naturally, the new document inherits the classification level and any special handling instructions from the original. Think of it like copying a top‑secret memo into a PowerPoint deck: the deck now carries the same “Top Secret” tag and must be handled accordingly.

The key point: you’re not allowed to “declassify” a piece of information just because you’re re‑formatting it. Here's the thing — the classification stays intact unless a higher authority explicitly lifts it. That’s why the chain of authorization is so strict.

Why It Matters / Why People Care

Real talk: a single misstep in derivative classification can trigger a cascade of problems.

• Legal exposure – Misclassifying a document can lead to violations of the National Security Act, the Executive Order 12333, or agency‑specific regulations. Penalties range from reprimands to criminal charges.
• Operational risk – If you inadvertently downgrade a document, you might expose sensitive details to the wrong audience. Conversely, over‑classifying can stifle cooperation and waste resources.
• Reputation damage – A high‑profile leak, even if accidental, erodes trust in the agency and can have geopolitical consequences.

In short, derivative classification isn’t just a bureaucratic checkbox; it’s a gatekeeper for national security.

How It Works (or How to Do It)

1. Identify the Source Document

The first step is to trace the information back to its original classified source. Here's the thing — that might be a classified report, a classified email, a classified database entry, or an unclassified document that contains classified data (often called “dual‑use” material). The source’s classification level, handling instructions, and any special controls (like “SCI” or “TS/SCI”) are the baseline for the derivative No workaround needed..

2. Check the Authority to Derive

Not every handler can create a derivative. The authority to derive is usually granted by:

• The source document’s author or original classifier.
• A senior official (e.g., a director or deputy) who has delegated authority.
• A specific policy or regulation that authorizes a class of documents to be re‑used (e.g., “All technical reports derived from classified material may be classified as TS/SCI unless otherwise directed”).

If you’re unsure, the safest route is to ask. A quick email to the author or the classification office can save hours of confusion later Small thing, real impact..

3. Apply the Correct Classification

Once you have the authority, you apply the same classification level unless you have explicit instructions to adjust it. The rules are:

• Same level – Most derivatives keep the original level.
• Higher level – Rarely needed, but may occur if the derivative adds new sensitive context.
• Lower level – Only possible if the derivative removes all controlled information, which is uncommon and requires a formal reclassification.

4. Add Handling Instructions

Derivatives must carry the same handling instructions (e., “Dissemination Only to TS/SCI personnel, Do Not Distribute to HQ” or “SCI Controlled”). Here's the thing — g. If the source document has a “No Further Dissemination” tag, the derivative inherits that restriction.

5. Mark the Derivative Properly

The marking should include:

• Classification level (e.g., TOP SECRET).
• Handling instructions (e.g., SCI).
• Authorizing official (if required by policy).
• Date and document number.

The format follows the agency’s style guide. Here's one way to look at it: the DoD uses the “Classification Statement” block at the top of the page.

Common Mistakes / What Most People Get Wrong

1. Assuming “Unclassified” Means “Safe to Share”

If a source document is unclassified but contains classified data, the derivative is still classified. Many people skip the classification step because the file is in a shared folder Practical, not theoretical..

2. Skipping the Authority Check

Every derivative needs a clear authorization. Relying on “I think it’s fine” is a recipe for compliance failure.

3. Mixing Classification Levels

Copying a section from a TS document into a TS/SCI document without adjusting the classification is a no‑no. The derivative must match the highest level of any included content.

4. Forgetting Handling Instructions

You can have the right classification level, but if you drop the handling instructions, the document becomes a security hazard. Here's one way to look at it: a TS/SCI document without the “SCI” tag could end up in the wrong hands.

5. Over‑Deriving

Creating too many derivatives of the same source can clutter the classification system and create confusion. Stick to a single, well‑documented derivative unless multiple versions are truly necessary.

Practical Tips / What Actually Works

1. Use a Checklist – Before finalizing a derivative, run through a quick checklist: Source identified? Authority obtained? Classification level correct? Handling instructions present? Sign off.

2. use Classification Software – Many agencies have automated tools that flag classification mismatches. Train yourself to use them; they catch errors before you hit “save.”

3. Keep a Derivative Log – Maintain a simple spreadsheet or database that tracks each derivative: source doc, derivative doc, classification, handling instructions, and authorizing official. It’s a lifesaver during audits.

4. Ask for Clarification – If you’re ever in doubt, contact the Classification Review Board (CRB) or the Office of Classified Information (OCI). Better to ask than to risk a misclassification.

5. Educate Your Team – Run short, informal refresher sessions. Use real examples from recent projects to illustrate pitfalls.

6. Document the Derivation Path – Include a brief note in the derivative stating “Derived from [Source Doc] on [Date] by [Your Name]”. It adds traceability and accountability And that's really what it comes down to..

FAQ

Q1: Can I create a derivative from an unclassified document that contains classified information?
A1: Only if you have explicit authority and the resulting derivative remains classified. The presence of classified content automatically makes the derivative classified.

Q2: What if the source document’s classification changes after I’ve already created a derivative?
A2: The derivative must be re‑classified to match the new level. Notify the relevant authority and update the handling instructions accordingly.

Q3: Is it okay to downgrade a derivative if I remove the classified portion?
A3: Not unless you have a formal reclassification order. Removing a classified segment does not automatically lower the document’s overall classification.

Q4: Do I need to re‑classify a derivative if I only add a small, unrelated paragraph?
A4: No, unless that addition introduces new classified information. The derivative’s classification remains tied to the original content Took long enough..

Q5: Who reviews my derivative before it’s released?
A5: Typically, the Classification Review Board or the Office of Classified Information will perform a final check. Make sure to submit it through the proper workflow.

Closing

Derivative classification is a small but mighty part of the classified information ecosystem. Consider this: by following the steps above, double‑checking your sources, and keeping a habit of asking when in doubt, you’ll stay on the right side of the law and protect the information that matters most. It’s all about respecting the chain of authority and ensuring that sensitive data stays where it belongs. Remember: the simplest mistake can have the biggest fallout, so treat every derivative with the same care you’d give to the original.