PUBLICATION OF DOCUMENTS
Document Type:
Collection:
Document Number (FOIA) /ESDN (CREST):
CIA-RDP91B00390R000300220033-7
Release Decision:
RIPPUB
Original Classification:
K
Document Page Count:
22
Document Creation Date:
December 27, 2016
Document Release Date:
August 26, 2013
Sequence Number:
33
Case Number:
Publication Date:
July 25, 1988
Content Type:
MEMO
File:
Attachment | Size |
---|---|
CIA-RDP91B00390R000300220033-7.pdf | 693.57 KB |
Body:
STAT
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
STAT
STAT
STAT
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
STAT
NATIONAL SECURITY AGENCY
FORT GEORGE G. MEADE, MARYLAND 20755-6000
EXECUTIVE STEERING GROUP
for Strategic INFOSEC Planning
OS REGISTRY
Serial: Q1-2106-88
25 July 1988
MEMORANDUM FOR THE MEMBERS, EXECUTIVE STEERING GROUP
MEMBERS, JOINT WORKING GROUP
SUBJECT: Publication of Documents
1. Enclosed for your retention are the final versions
of the documents developed by the Joint Working Group and
approved by the Executive Steering Group. They include:
a. the Charter, which represents a collective
commitment to achieve a successful INFOSEC posture through
the combined efforts of both the military and civil sectors
of the government;
b. the Terms of Reference, which provides projected
milestones for accomplishing the effort; and
c. the Goals and Objectives, representing the heart
of the plan, and providing a broad, coherent strategy for
INFOSEC government-wide. Specific subobjectives are tied to
the development of secure products, mission-specific secure
systems, and support services.
2. Through efforts already under way, the Joint Working
Group is proceeding with plan development as directed by the
steering group.
3 Ends:
a/s
/7/4( Px/eg
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
STAT
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in Part - Sanitized CopyApproved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
EXECUTIVE STEERING GROUP
for Strategic INFOSEC Planning
CHARTER
for the
Executive Steering Group
and
Joint Working Group
for
Strategic INFOSEC Planning
?
? July IS, 1988
4: Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26 : CIA-RDP91B00390R000300220033-7
,
CHARTER
for the
EXECUTIVE STEERING GROUP
and
JOINT WORKING GROUP
for
STRATEGIC INFOSEC PLANNING
1. AUTHORITY: The Director, National Security Agency, in his role as the
National Manager, NTISS, began a joint planning effort to develop a National
Information Systems Security Plan (NISSP). In collaboration with the National
Bureau of Standards and their responsibilities under Public Law 100-235, the plan
will provide protection strategies for all categories of classified and sensitive
information generated, stored, processed, transferred, or communicated by Federal
telecommunications and automated information systems. The plan will focus on
broad goals and specific objectives which must be attained to achieve an acceptable
information systems security posture for the U.S. over a term spanning
approximately 10-15 years beyond current initiatives. The National Manager
established a Joint Executive Steering Group to direct this effort, and a Joint
Working Group to develop the plan.
2. EXECUTIVE STEERING GROUP: The Executive Steering Group is
chaired by a senior NSA executive, with voluntary representatives from:
Assistant Secretary of Defense (Command, Control, Communications
& Intelligence)
Central Intelligence Agency
Commandant, Marine Corps
Defense Investigative Service
Department of the Army
Department of Commerce
Department of Energy
Department of State
Department of Treasury
Federal Bureau of Investigation
General Services Administration
Joint Chiefs of Staff
National Aeronautics and Space Administration
page 1
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26 : CIA-RDP91B00390R000300220033-7
?-",1
National Bureau of Standards
?-r.:National Communications System
National Security Agency
The steering group is staffed with senior agency and departmental representatives
who have both subject matter expertise and the ability to speak authoritatively for the
agencies or departments they represent?the idea is to expedite the development of
conclusive solutions to issues and to expedite the process of interagency coordination
of the plan. The steering group will provide direction and guidance during
development of the plan; is authorized to task the working group, as appropriate;
will vote on issues as they surface; and will serve as advisors to the working group.
In addition, the steering group will support implementation of the plan, as
appropriate, at all levels of the government.
3. JOINT WORKING GROUP: The Joint Working Group is co?chaired
by NSA and a civil agency. Since NBS has concluded that a shortage of manpower
resources precludes them from assuming co?chairmanship at this time, GSA was
selected to serve as co?chair for the short?term. NBS is expected to assume the
co?chair in the future. Voluntary representatives serving on this group include:
Air Force Cryptologic Support Center
Assistant Secretary of Defense (Command, Control, Communications,
and Intelligence)
Central Intelligence Agency
Commandant, U.S. Coast Guard
Commander, Naval Security Group
Defense Investigative Service
Defense Logistics Agency
Department of Agriculture
Department of the Army
Department of Commerce
Department of Energy
Department of State
Department of Transportation
Department of Treasury
Federal Bureau of Investigation
General Services Administration
Headquarters, Electronic Security Command
Headquarters, Intelligence and Security Comand
Headquarters, U.S. Air Force
page 2
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Headquarters, U.S. Marine Corps
.Joint Chiefs of Staff
_
National Aeronautics and Space Administration
National Bureau of Standards
National Security Agency
? Office of Chief of Naval Operations
Stategic Defense Initiative Office
Joint Working Group representatives will volunteer to serve on Working Teams
(each with a Team Leader) established by the co?chairmen to address specific
areas/issues/objectives of the plan. Team Leaders will brief the Executive Steering
Group, as necessary, on the progress of their efforts; and are responsible for the
timely completion of their assigned tasks.
4. OPERATING PROCEDURES:
a. Frequency or Meetings:
(1) The Executive Steering Group will meet at least once every
three months, or as directed by the Chairman. Alternates may attend
for primary members; however, Joint Working Group members will
not serve as alternates on the Executive Steering Group.
(2) The Joint Working Group will meet at least once every two
months, or as determined by the Co?Chairmen. Alternate members
should be designated to provide complete coverage.
(3) Working Teams will meet on an as required basis, to be
determined by the Team Leader.
b. Voting: Each member of the Executive Steering Group is
permitted one vote. Voting decisions will be made by a majority. The Chair
will vote in the event of a tie.
c. The Executive Secretary, Joint Working Group will provide the
agenda for and summations of both steering and working group meetings,
together with the action items which result.
d. Members of both the steering and working groups may propose
agenda issues, as the need arises, through their respective Chairmen.
page 3
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26 : CIA-RDP91B00390R000300220033-7
e; All Working Team actions will have the consensus of the Joint
Working Group membership before presentation to the Executive Steering
Group.
f. The Co?chairs, Joint Working Group, will follow?up on all
actions assigned and provide to the Executive Steering Group periodic reports
on their status.
g. Prior to commencing plan development, the Joint Working Group
will prepare for steering group approval:
(I) Terms of Reference (TOR) that will describe briefly the
composition of the plan?i.e., the plan objective, scope, anticipated
product, milestones, etc., and
(2) Broad goals and specific objectives which represent those
capabilities that the U.S. will require to assure the security and
integrity of telecommunications and automated information systems.
5. The Joint Working Group will ensure that the National Information
Systems Security Plan is kept current and is responsive to national requirements and
priorities by proposing modifications to established tasks and recommending
additional tasks when needed.
page 4
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
_
Declassified in Part-Sanitized Copy Approved for Release 2013/08/26 : CIA-RDP91B00390R000300220033-7
EXECUTIVE STEERING GROUP
for Strategic. INFOSEC Planning
TERMS OF REFERENCE
*-3
for the
National Information Systems Security Plan
July 15, 1988
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: 6IA-RDP91B0039-0R060300226033-7
TERMS OF REFERENCE
for the
AL INFORMATION SYSTEMS SECURITY PLAN
I. PLAN OBJECTIVE:
The objective of the National Information Systems Security Plan (NISSP) is
to focus on broad goals and specific objectives that can be sufficiently linked to the
U.S. objectives, and effectively drive future information systems security program
actions.
H. SCOPE:
The plan will provide protection strategies for all categories of classified and
sensitive information generated, stored, processed, transferred, or communicated by
U.S. Government telecommunications and automated information systems.
III. ANTICIPATED PRODUCT:
The National Information Systems Security Plan (NISSP) will focus on broad
goals and specific objectives that can be sufficiently linked to the U.S. objectives,
and effectively drive future information systems security program actions. Strategies
will be provided that address the current and projected environment, and how we
expect to approach it in order to achieve the specific objectives. Resource
projections to adequately support the objectives will be identified, together with
impact statements for not achieving the objectives.
IV. PROJECTED MILESTONES:
15 May 1988 Charter Approved by Executive Steering Group
15 May 1988 Terms of Reference (TOR) Approved by
Executive Steering Group
15 May 1988 Goals and Objectives Approved by Executive
Steering Group
page 1
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
15 MR, 1988: Structure/Format Approved by Executive
Steering Group
1 Jun 1988 Begin Plan Development
15 Jan 1989 Draft Plan Completed
15 Jan 1989 Begin Plan Coordination Process
15 Jan 1990 Plan Approved by Executive Steering Group
1 Feb 1990 Plan Promulgated by Director, National Bureau
of Standards and Director, National Security
Agency
15 Feb 1990 Plan Published
V. PLAN COORDINATION:
The Executive Steering Group will ensure extensive coordination throughout
the Federal community. The co?chairs of the Joint Working Group are charged to
effect such coordination throughout the community of interest as identified by the
Executive Steering Group.
VI. IMPLEMENTATION RESPONSIBILMES:
Implementation of the plan is the responsibility of the heads of departments
and agencies of the U.S. Government. The Executive Steering Group will monitor
community implementation.
VII. LINKAGES TO OTHER PLANS AND DOCUMENTS:
The plan must be consistent with existing National Policy, Goals, and
Objectives; near and mid?term programmatic actions; and current and projected
user requirements. Also, the plan must be compatible with other plans within the
community. Inputs from the following documents and initiatives were considered
and, in most cases. incorporated:
page 2
II Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26 : CIA-RDP91B00390R000300220033-7
. ? -.4
Annual Assessment of the Status of Telecommuncations and
Automated Information Systems Security Within the United
States Government.
B. Director, NSA's Five INFOSEC Thrusts.
C. NSDD 145.
D. NSDD 238.
E. Public Law 100-235 (Computer Security Act of 1987)
F. National INFOSEC Manual.
G. DCI Intelligence Community Automated Information Systems
(AIS) and Networks Threat Statement.
H. Final Report of the Industry Information Security (IIS) Task
Force titled Industry Information Protection, June 1988.
page 3
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
?c(
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
EXECUTIVE STEERING GROUP
for Strategic INFOSEC Planning
GOALS AND OBJECTIVES
for the
National Information Systems Security Plan
July 15, 1988
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
FOR OFFICIAL USE ONLY
GOALS AND OBJECTIVES
for the
NATIONAL INFORMATION SYSTEMS SECURITY PLAN
GOAL:
TO ACHIEVE A U.S. INFORMATION SYSTEMS SECURITY PROGRAM THAT PROVIDES FOR THE PROTECTION OF INFORMATION GENERATgD,
STORED, PROCESSED, TRANSFERRED, OR COMMUNICATED IN TELECOMMUNICATIONS AND/OR AUTOMATED INFORMATION SYSTEMS.
OBJECTIVES:
I. Devise planning, development, and production
strategies which will ensure a rich mix of inter?
operable, user?acceptable security products and
systems.
SUBOBJECTIVES:
A. Secure all classified and, where applicable,
sensitive telephone communications by significantly
increasing the availability of secure telephones.
II. Improve the countermeasure techniques available
for achieving mission specific information systems
security protection ensuring connectivity, survivability
and endurability.
A. Upgrade national leadership information systems
security, including those associated with continuity of
government, by integrating appropriate state?of?the?
art technologies.
FOR OFFICIAL USE ONLY
III. Achieve a significant improvement in the
support services necessary to effectively and
efficiently satisfy the users' information systems
security needs.
A. Encourage and support research and
development in the technology of computer
security; and develop guidelines and operational
doctrine for trusted computer systems.
page 1
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26 : CIA-RDP91B00390R000300220033-7
FOR OFFICIAL USE ONLY
SUBOBJECTIVES: (continued)
? B. Provide automated key management systems
that are secure, user?friendly and interoperable.
C. Encourage the development of embedded
secure products, including vendor standard
product offerings, in order to provide low?cost,
transparent, user?friendly security for
telecommunications and automated information
systems.
D. Expeditiously secure unprotected radio systems
that carry government classified and/or sensitive
information.
E. Continue U.S. dominance in developing and
marketing cryptology, thus facilitating and
promoting interoperability.
F. Develop methodologies to facilitate design,
manufacturing, programming, and testing of AISS
in a trusted fashion.
G. Speed up the implementation of secure
automated information systems which include
adequate system security features.
B. Provide necessary mechanisms to secure
selected financial information systems and
networks, to include all Federal electronic funds
transfer systems.
C. Provide protection to improve the utility and
survivability of both U.S. and Allied space systems.
D. Develop a comprehensive program to secure
data networks and associated office automation
equipment.
E. Identify and implement countermeasures needed
to offset hazards created by the presence of foreign
nationals in sensitive government and industrial areas
in the U.S. and abroad, pursuant to provisions of
international treaties and other agreements.
FOR OFFICIAL USE ONLY
B. Improve and expand the methods and
technologies needed to assess and disseminate
awareness of security risks, threats,
vulnerabilities and countermeasure req ems
of telecommunications and automated
information systems.
C. - Develop alternative mechanisms for funding
information systems security acquisition
initiatives which benefit the Federal Government.
D. Develop procurement mechanisms to
significantly improve the acquisition of
information system products.
E. Increase information systems security
awareness such that it becomes a permanent
and necessary feature of Federal operations;
establish education and training programs,
with meaningful career incentives for the
associated professionals.
F. Develop physical security technologies to
minimize control and safeguarding requirements,
while reducing the vulnerability of systems to the
human intelligence (HUMINT) threats.
nsi OP
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
EXECUTIVE STEERING GROUP
for Strategic I EC, Planning4
MEMBERSHIP ROSTER
?
?
July 15, 1988
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Chairman
ASD(C31)
?TAT CIA
STAT
EXECUTIVE STEERING GROUP
FOR STRATEGIC INFOSEC PLANNING
Dr. William A. Thayer (CHAIR)
Ms. D. Diane Fountaine
CMC COL W. M. Lazar, USMC
DIS Mr. J. William Leonard
DA COL Albert J. Kondi, USA
D/Commerce Mr. Thomas W. Zetty
DOE Mr. David W. Rowland
D/State Mr. F. Lynn McNulty
D/Treasury Mr. J. Martin Ferris
FBI Mr. William A. Bayse
GSA Mr. Jon P. Stairs
JCS MGen Wayne 0. Jefferson, Jr., USAF
NASA Mr. Arthur L. C. Sigust
NBS Dr. Dennis Branstad
COL Charles L. Gordon, USA
NCS
NSA/S
301-688-7154
202-695-7181
202-694-1197
202-475-0931
202-697-1492-
202-377-1332
301-353-4620
202-653-9858
202-5662679
202-324-5350
202-426-2100
202-695-1369
202-453-2008
301-975-2913
202-692-3762
301-688-6745
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declas?sified in Part -Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
STAT
301-688-7726
EX/SEC) 301-688-5168
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in'Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
STAT
STAT
STAT
Chairman
ASD(C31)
EXECUTIVE STEERING GROUP
FOR STRATEGIC INFOSEC PLANNING
Director of Plans
National Security Agency
Fort George G. Meade, MD 20755
Ms. D. Diane Fountaine
Director, Information Systems
The Pentagon, Room 3E187
Washington, DC 20301
CIA (Inside Envelone)
CMC
Deputy Director, Office of Communications
Central Intelligence Agency
Langley, VA 20505
(Outside Envelope)
Office of Communications
Central Intelligence Agency
Langley, VA 20505
Colonel W. M. Lazar, USMC
Head, Telecommunications Branch
C4 Systems Division
Headquarters, Marine Corps
Washington, DC 20380
301/688-7154
202/695-7181
202/694-1197
page I
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
DISH....
DA
Mr. J. William Leonard
Chief, Programs Management Division
Defense Investigative Service
1900 Half Street, S.W.
Washington, DC 20324-1700
Colonel Albert J. Kondi, USA
Chief, Information Systems Security Office
Department of the Army
The Pentagon, Room 1A474
Washington, DC 20301-0107
D/Commerce Mr. Thomas W. Zetty
Chief, Telecommunications Management Division
Department of Commerce
Room 6625
14th and Constitution Avenue, N.W.
Washington, DC 20230
DOE
D/State
Mr. David W. Rowland
Director of ADP & Telecommunications
Planning & Integrity
Department of Energy
MA-254 GTN
Washington, DC 20545
Mr. F. Lynn McNulty
Department of State
DS/ST/ISS
Room 2430 N.S.
Washington, DC 20520
page 2
202/475-0931
202/697-1492
202/377-1332
301/353-4620
202/653-9858
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
Declassified in Part - Sanitized CopyApproved for Release 2013/08/26: CIA-RDP91B00390R000300220033-T
D/Treasu
FBI
GSA
JCS
NASA
J. Martin Ferris
Stant Director, Security Programs
partment of Treasury
Room 2415
1500 Pennsylvania Avenue, N.W.
Washington, DC 20220
Mr. William A. Bayse
Assistant Director, Technical Services Division
Federal Bureau of Investigation
Room 7159
10th & Pennsylvania Avenue, N.W.
Washington, DC 20305 -
Mr. Jon P. Stairs
Director, Information Security Management
Division
General Services Administration
Room 5680,
7th and D Streets, S.W.
Washington, DC 20407
MGen Wayne 0. Jefferson, Jr., USAF
Deputy Director for Defense?Wide C3 Support
OJCS
The Pentagon, Room 2D860
Washington, DC 20301
Mr. Arthur L. C. Sigust
HQ, National Aeronautics and Space
Administration
Code TS
600 Independence Avenue, S.W.
Washington, DC 20546
page 3
202/566-2679 '
202/324-5350
202/426-2100-
202/695-1369
202/453-2008
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7
)44
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26 : CIA-RDP91B00390R000300220033-7
STAT
NBS
NCS
r. Dennis Branstad
nology A-216
anal Bureau of Standards
Gaithersburg, MD 20899
tPs
NSA/S
STAT NSA (T)
STAT
Ex/Sec
(Classified)
National Bureau of Standards
Gaithersburg, MD 20899
ATTN: Mrs. Dovey Kaetzel
Security Office
Admin A-700
Colonel Charles L. Gordon, USA
Assistant Deputy Manager
National Communications System
Washington, DC 20305
Assistant Deputy Director for Information
Security for Business Development
National Security Agency
Fort George G. Meade, MD 20755-6000
Telecommunications and Computer
Services Organization
National Security Agency
Fort George G. Meade, MD 20755-6000
Office of National Plans
National Security Agency
Fort George G. Meade, MD 20755
page 4
301/975-2913
202/692-3762
301/688-6745
301/688-7726
30 1/688-5 168
Declassified in Part - Sanitized Copy Approved for Release 2013/08/26: CIA-RDP91B00390R000300220033-7