7.A: Security Policies
Implement security policies. Other Information:
Your agency is already required to implement security policies in OMB Circular A-130, Appendix III; OMB memorandum M-04-25,
"Reporting Instructions for the Federal Information Security Management Act and Updated Guidance on Quarterly IT Security
Reporting;" National Institute of Standards and Technology (NIST) Special Publication 800-44, "Guidelines on Securing Public
Web Servers;" and other associated guidance from NIST. For additional information see: http://www.whitehouse.gov/omb/circulars/a130/a130trans4.html,
http://csrc.nist.gov/policies/FISMA-final.pdf, http://www.whitehouse.gov/omb/memoranda/fy04/m04-25.pdf, http://csrc.nist.gov/publications/nistpubs/800-44/sp800-44.pdf
Indicator(s):
|
