How must each combination, PIN, and password be documented?

Each combination, PIN, and password should be documented on separate SF-700s, which are official forms used for the storage and handling of security information. This practice ensures that sensitive information is kept distinct and organized, allowing for easier tracking and management. By using SF-700 forms, which are designed specifically for securing and recording combinations, PINs, and passwords, it adds an extra layer of security and accountability. This method adheres to COMSEC policies that emphasize the safe documentation of critical security information, preventing unauthorized access and ensuring that sensitive data is handled appropriately.

Other options such as documenting on a single document or within an electronic file might compromise the security of the information by consolidating sensitive data where it can be more vulnerable to unauthorized access. Using secure emails could also introduce risks related to interception or unauthorized access during transmission. Therefore, the use of separate SF-700 forms is the most secure and compliant method for documentation in this context.