Have you ever stared at a multiple-choice question and felt like all the answers could be true? That’s the exact feeling most people get when they hit a question about derivative classification. Think about it: you know the one — it shows up in security training, in the annual refresher, on the exam for a new billet. And the question reads: "Which of the following is true concerning derivative classification? " And suddenly, four options blur together like a bad photocopy Worth keeping that in mind. Which is the point..
Let’s fix that.
Here’s the thing — once you understand what derivative classification actually is, the answer becomes obvious. The practical, real-world answer that keeps you out of trouble and helps you handle classified information correctly. And not just the test answer. So let’s walk through it.
What Is Derivative Classification
Derivative classification isn’t a complicated concept. Now, in practice, it’s pretty straightforward. You take information that’s already been classified — a secret report, a top secret cable, a confidential memo — and you incorporate that information into something new. A briefing slide. That said, a summary. A database entry. A new document that pulls from the old one And that's really what it comes down to..
The key word here is derivative. You’re deriving the classification from an existing source. Consider this: you didn’t decide the information was classified in the first place. That was an original classification authority (OCA). You’re just carrying that classification forward into a new product.
Turns out, a lot of people get nervous about this. They worry they’re doing something wrong. So or they over-classify just to be safe. Or worse, they under-classify and leak something sensitive without realizing it.
The Short Version
Let me give you the cleanest way to think about it. Derivative classification happens when you:
- Extract classified information from an authorized source document
- Paraphrase that classified information into a new form
- Or restate it in a new format, like converting a report into a bullet list
The classification level doesn’t change unless you add new information. If the source says “Secret,” your new document says “Secret” — assuming you used the same classified content and didn’t add anything new Practical, not theoretical..
Original vs. Derivative — The Big Difference
Original classification is when a government official with specific authority decides that certain information needs protection. They mark it. They stamp it. They decide the level — Confidential, Secret, or Top Secret. That’s a big deal. Only certain people can do it.
Derivative classification is different. You don’t need special authority. You just need the source document and the ability to follow the rules. Almost anyone with access to classified information can do it. But here’s the catch — you are still responsible for getting it right. The burden doesn’t disappear just because you didn’t originate the classification That's the part that actually makes a difference..
Why It Matters
Honestly, this is the part most guides get wrong. That's why they dive into definitions and procedures without explaining why anyone should care. So let me spell it out The details matter here. Which is the point..
Mishandling classified information isn’t a minor paperwork error. On top of that, it can compromise operations. In practice, it can cost lives. And for the person who made the mistake, it can mean losing a clearance, losing a job, or facing legal consequences. Derivative classification matters because it’s where most mistakes actually happen Not complicated — just consistent..
Think about it. And analysts do it. Original classification is rare and tightly controlled. Administrative staff do it when they compile reports. Security managers do it. Even contractors do it. Worth adding: that happens every day. But derivative classification? The volume is massive, and so is the potential for error Most people skip this — try not to..
A Real Example
Say you’re pulling data from a Top Secret intelligence report to build a weekly summary for your team. Think about it: you write a sentence that uses the same facts but different wording. And ” You write “enemy forces are repositioning to the northern sector. The source says “intelligence indicates three battalions are moving north.” Same classified information, repackaged.
If you don’t mark that correctly in your new document, you’ve made a mistake. And if that document gets released to a lower classification level or to someone without the need-to-know, you’ve just caused a spillage Simple, but easy to overlook. And it works..
How It Works
So how do you actually do this correctly? Let’s break it down step by step. This isn’t theory — this is the process you’d follow on a Tuesday morning at your desk.
Step 1: Identify Your Source
You need an authorized source of classification guidance. That means:
- A properly marked original document
- A Security Classification Guide (SCG) for your program or topic
- A DD Form 254 (for contractors)
- Or a properly marked source that was itself derived from an authorized source
You can’t guess. You can’t rely on memory. You need the actual document or guide in front of you.
Step 2: Determine What’s Classified
This sounds obvious, but it’s where people trip up. Because of that, not everything in a classified document is necessarily classified. Sometimes a report contains unclassified information mixed in. So naturally, you need to identify exactly which portions are classified and at what level. Source documents should have markings that show this — banner lines, portion marks, classification authority blocks.
Here’s what most people miss: if a document says “Top Secret” at the top, that doesn’t mean every sentence inside is Top Secret. Look for portion marks. Each paragraph, bullet, or section should be marked with (TS), (S), (C), or (U).
Step 3: Carry the Classification Forward
When you include classified information from your source into your new document, you apply the same classification level. If your source sentence is marked (S) for Secret, your paraphrased version should also be marked Secret in your new document Still holds up..
Do not downgrade it. Do not upgrade it. Match it exactly It's one of those things that adds up..
Step 4: Add Your Derivative Classification Block
Every new document you create needs a classification authority block. This is usually at the bottom of the first page or on the front cover. It shows:
- “Derived From: [source document or guide identifier]”
- “Declassify On: [date from the source]”
This tells anyone who picks up your document exactly where the classification came from. Here's the thing — it’s a trail of breadcrumbs. Without it, no one can verify your work The details matter here. Worth knowing..
Step 5: Mark It Properly
Banner lines — the big marking at the top and bottom of every page — need to match the highest classification of any content on that page. If one paragraph is Secret and the rest is Confidential, the whole page gets a Secret banner. That’s how it works Practical, not theoretical..
Common Mistakes
I’ve seen people make the same errors over and over. Here are the ones worth knowing about.
Over-Classification
This happens when someone isn’t sure so they just mark it higher than necessary. Consider this: “Better safe than sorry,” they think. But that’s wrong. Over-classification hurts information sharing and operational efficiency. It’s also technically a violation of policy. You are required to classify at the correct level, not a safer level.
Most guides skip this. Don't.
Forgetting the Derivative Classification Block
This is incredibly common. Someone creates a new document, marks the banner lines, portion marks every paragraph, but forgets the “Derived From” line entirely. That document is now inadequately marked. If an inspector finds it, you’ve got a finding.
Relying on Memory
“I know that report said Secret, so I’ll just mark it Secret.” But what if the specific fact you used was actually Confidential in the source? On the flip side, what if the source has since been declassified? You can’t work from memory. You need the actual source document in front of you.
Mixing Sources Without Reconciliation
Sometimes you pull from two or more source documents. One says Secret, the other says Top Secret. Your new document needs to reflect the highest of the two. And your derivative classification block needs to list both sources. Don’t just pick one.
Counterintuitive, but true Small thing, real impact..
Practical Tips
Alright, let’s keep this actionable. If you only remember a few things from this whole article, make it these Simple, but easy to overlook..
- Always have your source document open while you work. Do not close it. Do not work from recall. Have it right there.
- Portion mark as you go, not after. Mark each paragraph with (S), (TS), (C), or (U) the moment you write it. Don’t leave it for later — you’ll forget.
- Double-check your “Derived From” line. It should match the document identifier from your source. Not the title. Not a nickname. The actual document number.
- If you’re unsure, don’t guess. Ask your security manager. Ask your OCA. A five-minute question saves you a world of trouble later.
- Use the “Contained In” guide if your organization has one. Some agencies maintain guides that tell you exactly how to classify common topics. They’re gold.
FAQ
Who can perform derivative classification?
Anyone with access to classified information and proper training can perform derivative classification. You don’t need special appointment or authority. You just need an authorized source document and the knowledge to apply the rules correctly Simple, but easy to overlook..
What’s the difference between original and derivative classification?
Original classification is when a designated official decides that unclassified information needs protection. That's why derivative classification is when you take already-classified information and incorporate it into a new document. The key difference is who determines the classification in the first place Turns out it matters..
Can you downgrade information during derivative classification?
No. You cannot downgrade. The derivative product carries the same classification as the source. Only an original classification authority can downgrade or declassify information Nothing fancy..
Do you need a security clearance to perform derivative classification?
Generally, yes. You need access to the classified information in the source document to begin with. That requires the appropriate clearance level and a valid need-to-know.
What happens if you mark derivative classification incorrectly?
It depends on the severity. Minor mistakes might result in retraining or a security violation report. Major errors — like releasing classified information to an unclassified environment — can lead to clearance suspension, revocation, or legal action Less friction, more output..
Wrapping This Up
Derivative classification isn’t mysterious. That's why the true statement is almost always the one about carrying forward the classification from an authorized source. Follow the source, match the markings, document your authority, and don’t guess. And it’s a process. Worth adding: the test question about it? That’s the heart of it. Everything else is supporting detail Which is the point..
