Information Systems Security Manager (ISSM) - Marine Corps ...

More documents

Recommendations

Info

NAVSO P-5239-04SEPTEMBER 1995This document establishes the IRM Standards and Guidelines Program and authorizes thedevelopment and distribution of publications. The IRM Program is the primary meansthrough which technical direction is exercised. The program is designed to facilitate the rapidpublication of standards and guidelines covering all aspects of the management of informationresources, including INFOSEC.Executive Office/Congress and National BranchExecutive Order 12 958, Classified National Security Information, 17 April 1995.This document established a system for classifying, declassifying, and safeguarding nationalsecurity information. It identifies classification authorities and describes their generalresponsibilities for the origination and handling of classified information.National Security Decision 42 , National Policy for the Security of National SecurityTelecommunications and Information Systems, Executive Office of the President, July 1990.This document establishes initial objectives, policies, and an organizational structure to guidethe conduct of activities to secure national security systems from exploitation; establishes amechanism for policy development and dissemination; and assigns responsibilities forimplementation.National Telecommunications and Information Systems Security Policy No. 200 ,National Policy on Controlled Access Protection, National Telecommunications andInformation Systems Security Committee, July 1987.This document, under the authority of NSDD 145, National Telecommunications andInformation Systems Security Policy (NTISSP) No. 200 , defines the minimum level ofprotection for ISs processing classified or sensitive unclassified information. It prescribes theC2 class criteria of DOD 5200.28-STD as the minimum level of protection for such systems,with additional protection required if warranted by a system risk assessment.Public Law 100-235 , Computer Security Act of 1987, 8 January 1988.This document redefines the role of the National Institute of Standards and Technology(formerly the National Bureau of Standards) and establishes a new Computer System Securityand Privacy Advisory Board. It requires each federal agency to provide for mandatoryperiodic training in computer security awareness and accepted computer security practices;identify each federal computer system and system under development that contains sensitiveinformation; establish a plan for security and privacy of such systems.Joint StaffChairman of the Joint Chiefs of Staff Instruction CJCSI 6510.01 , Joint and CombinedCommunications Security, 1 September 1993.A-4
NAVSO P-5239-04SEPTEMBER 1995This document establishes policy and procedures for planning and conducting joint andcombined COMSEC, and presents the following applicable policy to joint and combinedapplications: Transmission of Sensitive Information, System Planning, Operational Planning,Joint Coordination, Urgent Need, Foreign Release, Foreign Sales, Radios, Special-PurposeCryptographic equipment, Manual Systems Cryptonet Size, Cryptoperiod, Radio Frequencies,Call Signs, Field Generation and Over-The Air Distribution (OTAD) of Tactical Key,Intertheater COMSEC Package Key, Assessments, COMSEC Monitoring and TEMPEST.JCS Memorandum MJCS-38-89 , Use of Standard Embedded Cryptography, 2 March 1989.This document encourages maximum use of standard embedded cryptography products infuture communications and computer systems that require cryptographic security features.National Computer Security Center*CSC-STD-002-85 , Department of Defense Password Management Guideline, 12 April1985.This document assists in providing credibility of user identity by presenting a set of goodpractices related to the design, implementation , and use of password-based user authenticationmechanisms. It is intended that the features and practices described in the guideline beincorporated into DOD ADP systems for processing classified or other sensitive information.*CSC-STD-003-85 , Computer Security Requirements - Guidance for Applying theDepartment of Defense Trusted Computer System Evaluation Criteria in SpecificEnvironments, National Computer Security Center, June 1985.This document provides guidance for specifying computer security requirements for the DODby identifying the minimum class of system required for a given risk index.*CSC-STD-004-85 , Technical Rationale Behind CSC-STD-003 -85: Computer SecurityRequirements - Guidance for Applying the Department of Defense Trusted Computer SystemEvaluation Criteria in specific Environments, National Computer Security Center, June 1985.This document provides background discussion and rationale for CSC-STD-003-85, andprovides additional and more detailed guidance for specifying computer security requirementsfor the DOD by identifying the minimum class of system required for a given risk index fordifferent environments.*CSC-STD-005 , Department of Defense Magnetic Remanence Security Guideline, 15November 1985.This document provides procedures and guidelines for declassifying and clearing ADPmagnetic memory and other ADP magnetic storage media.A-5
Page 1:
Department of the Navy NAVSO P-5239
Page 5:
NAVSO P-5239-04SEPTEMBER 1995FOREWO
Page 8 and 9: NAVSO P-5239-04SEPTEMBER 1995TABLE
Page 10 and 11: NAVSO P-5239-04SEPTEMBER 1995· Sec
Page 12 and 13: NAVSO P-5239-04SEPTEMBER 1995techni
Page 14 and 15: NAVSO P-5239-04SEPTEMBER 1995ISEASS
Page 16 and 17: NAVSO P-5239-04SEPTEMBER 19953.0 IN
Page 18 and 19: NAVSO P-5239-04SEPTEMBER 1995· Sit
Page 20 and 21: NAVSO P-5239-04SEPTEMBER 1995the DO
Page 22 and 23: NAVSO P-5239-04SEPTEMBER 19953.2 Ri
Page 24 and 25: NAVSO P-5239-04SEPTEMBER 1995workin
Page 26 and 27: NAVSO P-5239-04SEPTEMBER 19953.3 Ac
Page 28 and 29: NAVSO P-5239-04SEPTEMBER 19953.4 Ad
Page 30 and 31: NAVSO P-5239-04SEPTEMBER 1995Virus
Page 32 and 33: NAVSO P-5239-04SEPTEMBER 19953.5 Tr
Page 34 and 35: NAVSO P-5239-04SEPTEMBER 1995- Expl
Page 36 and 37: NAVSO P-5239-04SEPTEMBER 19953.6 Ph
Page 38 and 39: NAVSO P-5239-04SEPTEMBER 1995· Eva
Page 40 and 41: NAVSO P-5239-04SEPTEMBER 19953.7 Au
Page 42 and 43: NAVSO P-5239-04SEPTEMBER 19953.8 In
Page 44 and 45: NAVSO P-5239-04SEPTEMBER 19953.9 Se
Page 46 and 47: NAVSO P-5239-04SEPTEMBER 19953.10 C
Page 48 and 49: NAVSO P-5239-04SEPTEMBER 19953.11 S
Page 50 and 51: NAVSO P-5239-04SEPTEMBER 199542
Page 52 and 53: NAVSO P-5239-04SEPTEMBER 1995update
Page 55 and 56: NAVSO P-5239-04SEPTEMBER 1995Securi
Page 57: NAVSO P-5239-04SEPTEMBER 1995SECNAV
Page 61 and 62: NAVSO P-5239-04SEPTEMBER 1995NCSC-T
Page 63 and 64: NAVSO P-5239-04SEPTEMBER 1995NTISSP
Page 65 and 66: NAVSO P-5239-04SEPTEMBER 1995primar
show all

Information Systems Security Manager (ISSM) - Marine Corps ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?