 REFERENCES
- (a) DoD
Directive 5200.28, "Security Requirements for Automated Information
Systems (AISs)," March 21, 1988
- (b) Public Law
100-235, "Computer Security Act of 1987," January 8, 1988
- (c) Office of
Management and Budget Circular No. A-130, "Management of Federal
Information Resources," February 8, 1996
- (d) Director of
Central Intelligence 1/16, "Security Policy on Intelligence
Information in Automated Systems and Networks," March 14, 1988
- (e) DoD
Directive 5220.22, "Industrial Security Program," November 1, 1986
- (f) DoD
5220.22-M, "National Industrial Security Program Operating Manual,"
January 1995, authorized by DoD Directive 5220.22
- (g) DoD
5220.22-M-Sup, "National Industrial Security Program Operating Manual
(NISPOMSUP)," December 29, 1994, authorized by DoDD 5220.22
- (h) Chairman,
Joint Chiefs of Staff S3231.01, "Safeguarding the Single Integrated
Operational Plan (U)," November 30, 1993
- (i) DoD
Directive 5000.1, "Defense Acquisition," March 15, 1996
- (j) DoD
8910.1-M, "DoD Procedures for Management of Information Requirements,"
November 28, 1986, authorized by DoD Directive 8910.1
- (k)
National Information Systems Security (INFOSEC) Glossary, National
Security Telecommunications and Information Systems Security
Instruction (NSTISSI) 4009, August 1997(1)
- (l) Subsection
552a of title 5, United States Code
- (m)
Memorandum on Information Management Definitions issued by the
Assistant Secretary of Defense, Command, Control, Communications and
Intelligence, 26 February 1994(2)
- (n)
Department of Defense Technical Architecture Framework for Information
Management (TAFIM), Volume 6, DoD Goal Security Architecture (DGSA),
30 April 1996(3)
|
