LEADER 03141nam  2200469   450 
001 9910698253903321
005 20230307102222.0
035   $a(CKB)3890000000002789
035   $a(NjHacI)993890000000002789
035   $a(OCoLC)70786552
035   $a(EXLCZ)993890000000002789
100   $a20230307d2006      uy             0
101 0 $aeng
135   $aur|||||||||||
181   $ctxt$2rdacontent
182   $cc$2rdamedia
183   $acr$2rdacarrier
200 10$aGuide for Developing Security Plans for Federal Information Systems /$fMarianne Swanson, Joan Hash, Pauline Bowen
205   $aRevision 1.
210  1$aGaithersburg, MD :$cNational Institute of Standards and Technology (NIST),$d2006.
215   $a1 online resource (vii, 41 pages)
225 1 $aNIST special publication
300   $aTitle from title screen (viewed on July 18, 2006).
300   $a"February 2006."
320   $aIncludes bibliographical references and index.
330   $aThe objective of system security planning is to improve protection of information system resources. All federal systems have some level of sensitivity and require protection as part of good management practice. The protection of a system must be documented in a system security plan. The completion of system security plans is a requirement of the Office of Management and Budget (OMB) Circular A-130, "Management of Federal Information Resources," Appendix III, "Security of Federal Automated Information Resources," and Title III of the E-Government Act, entitled the Federal Information Security Management Act (FISMA), The purpose of the system security plan is to provide an overview of the security requirements of the system and describe the controls in place or planned for meeting those requirements. The system security plan also delineates responsibilities and expected behavior of all individuals who access the system. The system security plan should be viewed as documentation of the structured process of planning adequate, cost-effective security protection for a system. It should reflect input from various managers with responsibilities concerning the system, including information owners, the system owner, and the senior agency information security officer (SAISO). Additional information may be included in the basic plan and the structure and format organized according to agency needs, so long as the major sections described in this document are adequately covered and readily identifiable.
410  0$aNIST special publication.
606   $aInformation technology$xSecurity measures$zUnited States
606   $aComputer security$zUnited States
615  0$aInformation technology$xSecurity measures
615  0$aComputer security
676   $a005.8
700   $aSwanson$b Marianne$01352963
702   $aBowen$b Pauline
702   $aHash$b Joan
712 02$aNational Institute of Standards and Technology (U.S.)
801  0$bNjHacI
801  1$bNjHacl
906   $aBOOK
912   $a9910698253903321
996   $aGuide for Developing Security Plans for Federal Information Systems$93211919
997   $aUNINA