Policies |
Document Title
|
Reference # or Description
|
National Policy for Safeguarding and Control of Communications Security Material September 2004
|
CNSSP-1
|
National Policy for Granting Access to U.S. Classified Cryptographic Information October 2007
|
CNSSP-3
|
National Policy on Use of Cryptomaterial by Activities Operating in High Risk Environments January 1981
|
NCSC-5
|
National Policy on Certification and Accreditation of National Security Telecommunications and Information Systems October 2005
|
CNSSP-6
|
Fact Sheet for the National Information Assurance Acquisition Policy July 2003
|
NSTISSP-11
|
National Information Assurance Policy for Space Systems Used to Support National Security Missions March 2007
|
CNSSP-12
|
National Policy Governing the Release of Information Assurance (IA) Products and Services to Authorized U.S. Persons or Activities that are Not a Part of the Federal Government November 2002
|
CNSSP-14
|
Fact Sheet No. 1 for the National Policy on the Use of the Advanced Encryption Standard (AES) to Protect National Security Systems and National Security Information June 2003
|
CNSSP-15
|
National Information Assurance (IA) Policy on Wireless Capabilities August 2005
|
CNSSP-17
|
National Policy on Classified Information Spillage June 2006
|
CNSSP-18
|
National Policy Governing the Use of High Assurance Internet Protocol Encryptor (HAIPE) Products February 2007
|
CNSSP-19
|
National Information Assurance Policy on Enterprise Architectures for National Security Systems March 2007
|
CNSSP-21
|
Information Assurance Risk Management Policy for National Security Systems February 2009
|
CNSSP-22
|
National Policy For Public Key Infrastructure in National Security Systems March 2009
|
CNSSP-25
|
National Policy on Securing Voice Communications September 1999
|
NSTISSP-101
|
National Policy on Controlled Access Protection July 1987
|
NSTISSP-200
|
Directives |
Document Title
|
Reference # or Description
|
Information Assurance (IA) Education, Training, and Awareness August 2006
|
CNSSD-500
|
National Training Program for Information Systems Security (INFOSEC) Professionals November 1992
|
NSTISSD-501
|
National Directive On Security of National Security Systems December 2004
|
CNSSD-502
|
Governing Procedures of the Committee on National Security Systems (CNSS) December 2004
|
CNSSD-900
|
National Security Telecommunications and Information Systems Security (CNSS) Issuance System December 2004
|
CNSSD-901
|
Instructions |
Document Title
|
Reference # or Description
|
National COMSEC Instruction June 1984
|
NACSI-6002
|
National Information Assurance Certification and Accreditation Process April 2000
|
NSTISSI-1000
|
National Instruction On Classified Information Spillage February 2008
|
CNSSI-1001
|
Operational Security Doctrine for the FORTEZZA User PCMCIA Card December 2001
|
NSTISSI-3028
|
Communications Security (COMSEC) Utility Program November 2007
|
CNSSI-4007
|
Program for the Management and Use of National Reserve Information Assurance Security Equipment March 2007
|
CNSSI-4008
|
National Information Assurance Glossary May 2003
|
CNSSI-4009
|
National Training Standard for Information Systems Security (INFOSEC) Professionals June 1994
|
NSTISSI-4011
|
National Training Standard for Designated Approving Authority (DAA) August 1997
|
NSTISSI-4012
|
National Information Assurance Training Standard for Senior Systems Managers June 2004
|
CNSSI-4012
|
National Information Assurance Training Standard For System Administrators (SA) March 2004
|
CNSSI-4013
|
Information Assurance Training Standard for Information Systems Security Officers April 2004
|
CNSSI-4014
|
National Training Standard for Systems Certifiers December 2000
|
NSTISSI-4015
|
National Information Assurance Training Standard For Risk Analysts November 2005
|
CNSSI-4016
|
Guidelines for Voice Over Internet Protocol (VoIP) Computer Telephony April 2007
|
CNSSI-5000
|
Type-Acceptance Program for Voice Over Internet Protocol (VoIP) Telephones December 2007
|
CNSSI-5001
|
Protective Distribution Systems (PDS) December 1996
|
NSTISSI-7003
|
Advisory Memoranda |
Document Title
|
Reference # or Description
|
The Insider Threat to U.S. Government Information Systems July 1999
|
NSTISSAM INFOSEC 1-99
|
Advisory Memorandum for the Use of the Federal Information Processing Standards (FIPS) 140-1 Validated Cryptographic Modules in Protecting Unclassified National Security Systems February 2000
|
NSTISSAM INFOSEC 1-00
|
Advisory Memorandum for the Strategy for Using the National Information Assurance Partnership (NIAP) for the Evaluation of Commercial Off-The-Shelf (COTS) Security Enabled Information Technology Products February 2000
|
NSTISSAM INFOSEC 2-00
|
Advisory Memorandum on WebBrowser Security Vulnerabilities August 2000
|
NSTISSAM INFOSEC 3-00
|
Advisory Memorandum on Release of Communications Security Equipment October 1985
|
NSTISSAM COMSEC 1-85
|
AN/CYZ-10/10A Data Transfer Device Training August 1998
|
NSTISSAM COMSEC 1-98
|
Advisory Memorandum on Office Automation Security Guideline January 1987
|
NSTISSAM COMPUSEC 1-87
|
The Role of Firewalls and Guards in Enclave Boundary Protection December 1998
|
NSTISSAM COMPUSEC 1-98
|
Advisory Memorandum on the Transition From the Trusted Computer System Evaluation Criteria to the International Common Criteria for Information Technology Security Evaluation January 1987
|
NSTISSAM COMPUSEC 1-99
|
Maintenance and Disposition of TEMPEST Equipment December 2000
|
NSTISSAM TEMPEST 1-00
|
Advisory Memorandum for Information Assurance (IA) - Security Through Product Diversity July 2004
|
CNSSAM IA 1-04
|
Advisory Memorandum for Information Assurance (IA) - Retirement of Data Encryption Standard (DES) Based Cryptography to Protect National Security Systems March 2005
|
CNSSAM IA 2-04
|
TSG Standards |
Document Title
|
Reference # or Description
|
Introduction to Telephone Security March 1990
|
TSG STANDARD 1
|
TSG Guidelines for Computerized Telephone Systems March 1990
|
TSG STANDARD 2
|
NTSWG Guidelines for Computerized Telephone Systems Supplemental March 2001
|
NTSWG STANDARD 2a
|
Type-Acceptance Program for Telephones used with the Conventional Central Office Interface March 1990
|
TSG STANDARD 3
|
On-Hook Telephone Audio Security Performance Specification March 1990
|
TSG STANDARD 5
|
Telephone Security Group Approved Equipment March 1990
|
TSG STANDARD 6
|
Microphonic Response Criteria for Non-communications Devices October 1994
|
TSG STANDARD 8
|
TSG Information Series |
Document Title
|
Reference # or Description
|
Computerized Telephone Systems (CTSs): A Review of CTS Deficiencies, Threats and Risks January 1996
|
Executive Overview
|
Computerized Telephone Systems (CTSs): A Review of CTS Deficiencies, Threats and Risks November 1997
|
Central Office (CO) Interfaces
|
CNSS Report |
Document Title
|
Reference # or Description
|
Committee on National Security Systems (CNSS) Report: Progress Against 2008 Priorities April 2009
|
CNSS Report: Progress Against 2008 Priorities
|
2007/2008 Committee on National Security Systems (CNSS) Report: An Agenda for Safeguarding National Security Systems March 2008
|
CNSS Report: An Agenda for Safeguarding National Security Systems
|
Other |
Document Title
|
Reference # or Description
|
National Information Assurance (IA) Approach to Incident Management May 2007
|
CNSS-048-07
|
Frequently Asked Questions (FAQ) on Incidents and Spills August 2007
|
CNSS-079-07
|