compliances , networking , security

Common Referenced Related Laws, Regulations, and Policies

January 11, 2008
The following Federal laws, directives, regulations provide guidance pertaining to the security automated information systems:
  • Privacy Act of 1974 (Public Law [PL] 93-579, United States Code [U.S.C.] 552A)
  • Freedom of Information Act (5 U.S.C.522)
  • Paperwork Reduction Act of 1986 (44 U.S.C. 35)
  • Electronic Communications Privacy Act of 1986 (PL 99-508)
  • Computer Fraud and Abuse Act of 1986, (PL 99-474, 18 U.S.C. 1030)
  • Information Technology Management Reform Act of 1996 (Clinger-Cohen Act) (Division E of PL 104-106, 4 U.S.C. 35)
  • Title III of the E-Government Act (PL 107-347): Federal Information Security Management Act of 2002 (FISMA)
  • Office of Management and Budget (OMB) Circular A-123, Management Accountability and Control, Attachment Section II, June 21, 1995
  • OMB Circular A-127, Financial Management Systems, revised July 23, 1993
  • OMB Circular A-130, Appendix III, Transmittal #4, Security of Federal Automated Information Resources, February 8, 1996
  • Presidential Decision Directive (PDD) 67, Continuity of Government (COG) and Continuity of Operations (COOP) Plans Practices for Securing Critical Information and Information Systems and Networks, 1988
  • Executive Order (EO) 12656, Assignment of Emergency Preparedness Responsibilities (COOP Plans), November 18, 1988, as amended by EO 13074
  • EO 13011, Federal Information Technology, July 16, 1996
  • Homeland Security Presidential Directive (HSPD) 7, December 17, 2003

FIPS PUBs, including:

  • FIPS PUB 199,  Standards for Security Categorization of Federal Information and Information Systems
  • FIPS PUB 200, Minimum Security Requirements for Federal Information and Information Systems

NIST SPs, including:

  • NIST SP 800-18, Revision 1, Guide for Developing Security Plans for Federal Information Systems
  • NIST SP 800-37, Guide for the Security Certification and Accreditation of Federal information Systems
  • NIST SP 800-53, Recommended Security Controls for Federal Information Systems, and referenced supplemental guidance documents
  • NIST SP 800-60, Guide for Mapping types of Information and Information Systems to Security Categories

https://www.bestitdocuments.com/Samples