U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

  1. Home
  2. Irmpo

IRMPO Incident Report Form

Employer of Individual(s):
Employer of Observers:
Privacy Act Statement
Privacy Act Statement

The collection, maintenance, and disclosure of this information may be governed by the Privacy Act of 1974 (5 U.S.C. § 552a).  See the “Voluntary Disclosure” section below for additional information.

AUTHORITIES: The U.S. Department of Commerce (the Department) is authorized to collect this information pursuant to authorities that include, but are not limited to:  50 U.S.C. 3381(e); E.O.s 13587, 10450, 12968, and 13526; National Security Directive 42; Security Executive Agency Directive 3; and the Presidential Memorandum of November 21, 2012, National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs.

PURPOSES: the Department will use this information to assist the Department’s Office of Intelligence and Security, Insider Risk Management Program Office detect and mitigate impacts of a trusted insider who misuses their access to damage the security of the Department’s personnel, information, assets, technologies, capabilities, and resources.

ROUTINE USES: In addition to those disclosures generally permitted under the Privacy Act of 1974, as amended, 5 U.S.C. § 552a(b), records maintained as part of this system of records – COMMERCE/DEPT-27 – may be disclosed to any source from which additional information is requested, either private or governmental, to the extent necessary to solicit information relevant to any inquiry; to the appropriate agency, whether federal, state, or local, charged with the responsibility of investigating or prosecuting a violation or potential violation of law or contract or charged with enforcing or implementing the statute or contract, or rule, regulation or order issued pursuant thereto, or protecting the interest of the Department; or to any Federal agency following a response to its subpoena or to a prosecution request that such record be released for the purpose of its introduction to a grand jury.  A complete set of routine disclosures is included in the system of records notice, published both in the Federal Register (82 FR 816) and on the Department’s website at: www.commerce.gov/privacy.

VOLUNTARY DISCLOSURE:  For most people, disclosing this information to the Department is voluntary.  However, any person who has knowledge of a security incident involving Classified National Security Information (CNSI), such as CNSI having been lost, possibly compromised, or disclosed to an unauthorized person(s), shall immediately report the circumstances to the Office of Security (OSY).  Failure to report such information may result in administrative action.  Individuals have the option to submit incident report information anonymously by phone through the tip line to the Department’s Insider Risk Management Program Office.  If the individuals choose to submit the information by email or through the online reporting form while logged into a Department account, or if the individuals provide their names or other identifying information in their report, a record with their identifier may, in certain circumstances, become part of COMMERCE/DEPT-27. 
 
Privacy Act Statement
Privacy Act Statement

The collection, maintenance, and disclosure of this information may be governed by the Privacy Act of 1974 (5 U.S.C. § 552a).  See the “Voluntary Disclosure” section below for additional information.

AUTHORITIES: The U.S. Department of Commerce (the Department) is authorized to collect this information pursuant to authorities that include, but are not limited to:  50 U.S.C. 3381(e); E.O.s 13587, 10450, 12968, and 13526; National Security Directive 42; Security Executive Agency Directive 3; and the Presidential Memorandum of November 21, 2012, National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs.

PURPOSES: the Department will use this information to assist the Department’s Office of Intelligence and Security, Insider Risk Management Program Office detect and mitigate impacts of a trusted insider who misuses their access to damage the security of the Department’s personnel, information, assets, technologies, capabilities, and resources.

ROUTINE USES: In addition to those disclosures generally permitted under the Privacy Act of 1974, as amended, 5 U.S.C. § 552a(b), records maintained as part of this system of records – COMMERCE/DEPT-27 – may be disclosed to any source from which additional information is requested, either private or governmental, to the extent necessary to solicit information relevant to any inquiry; to the appropriate agency, whether federal, state, or local, charged with the responsibility of investigating or prosecuting a violation or potential violation of law or contract or charged with enforcing or implementing the statute or contract, or rule, regulation or order issued pursuant thereto, or protecting the interest of the Department; or to any Federal agency following a response to its subpoena or to a prosecution request that such record be released for the purpose of its introduction to a grand jury.  A complete set of routine disclosures is included in the system of records notice, published both in the Federal Register (82 FR 816) and on the Department’s website at: www.commerce.gov/privacy.

VOLUNTARY DISCLOSURE:  For most people, disclosing this information to the Department is voluntary.  However, any person who has knowledge of a security incident involving Classified National Security Information (CNSI), such as CNSI having been lost, possibly compromised, or disclosed to an unauthorized person(s), shall immediately report the circumstances to the Office of Security (OSY).  Failure to report such information may result in administrative action.  Individuals have the option to submit incident report information anonymously by phone through the tip line to the Department’s Insider Risk Management Program Office.  If the individuals choose to submit the information by email or through the online reporting form while logged into a Department account, or if the individuals provide their names or other identifying information in their report, a record with their identifier may, in certain circumstances, become part of COMMERCE/DEPT-27. 
 
CAPTCHA
11 + 1 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.