SUGGESTED AGENDA TOPICS AND COMMENTS ON PROPOSED PROCEDURES FOR THE NTISSC AND ITS TWO PERMANENT SUBCOMMITTEES
Document Type:
Collection:
Document Number (FOIA) /ESDN (CREST):
CIA-RDP97M00248R000500170028-8
Release Decision:
RIPPUB
Original Classification:
U
Document Page Count:
6
Document Creation Date:
December 27, 2016
Document Release Date:
June 8, 2010
Sequence Number:
28
Case Number:
Publication Date:
November 1, 1984
Content Type:
MEMO
File:
Attachment | Size |
---|---|
![]() | 181.58 KB |
Body:
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170028-8
F0'ITROL N0.E $y ~m2 !
ROSS REF:
RIOR PAPERS 04 THIS SUBJECT: NO YES
PRIOR CORRES SENT T0:
0THER CO ?E'TS :
EXECJTI~! EGISTRY FILE NO: L - ///
L7
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170028-8
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170028-8
MEMORANDUM FOR:
xecu ive Secretary, National Telecommunications
and Information Systems Security Committee,
National Security Agency
FROM: James H. Taylor
Executive Director, CIA
SUBJECT: Suggested Agenda Topics and Comments on Proposed
Procedures for the NTISSC and Its Two
Permanent Subcommittees
REFERENCE: Chairman, NTISSC Ltr (COMSEC 1-2/150), dtd 5 Oct 1984,
Subject: NTISSC Representation
1. This memorandum provides a suggested agenda item and comments on the
proposed procedures for the National Telecommunications and Information
Systems Security Committee (NTISSC) and its two permanent subcommittees. The
Executive Director, CIA, will represent the DCI, including his Intelligence
Community responsibilities.
2. We recommend that a comprehensive telecommunications and automated
information systems security threat briefing be provided to the NTISSC,
including a summary of the security vulnerabilities in DOD systems which were
identified in a recently completed survey for the SECDEF.
3. We reviewed the proposed charter for the NTISSC and its two permanent
subcommittees and believe that the changes noted in the attachment provide
clarification and ensure consistency with the NSDD. We particularly note that
paragraph 7e of the proposed Subcommittee on Automated Information Systems
Security (SAISS) charter defines guidance to include program and budget
matters. NSDD/145, however, makes a clear distinction in the program and
budget responsibilities of the System Security Steering Group, the Executive
Agent, and the National Manager with respect to automated information systems
security vice telecommunications security. Automated information security
program and budget recommendations, for example, are only to be reviewed in
aggregate. Therefore, we believe that it is inappropriate for the SAISS to
provide program and budget guidance to the departments and agencies. Our
concerns can be accommodated by changing the second sentence of paragraph 7e
of the SAISS charter to read as follows:
IINri ACCTFTFn
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170028-8
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170028-8
"Guidance as defined herein refers to a policy, direction,
decision, instruction or advice which concerns planning or applying
automated information systems security requirements, standards,
criteria, and equipments."
^ 4. I look forward to participating in the first meeting of the NTISSC on
James H. Taylor
Attachment: a/s
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170028-8
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170028-8
SUBJECT: Suggested Agenda Topics and Comments on Proposed
Procedures for the NTISSC and Its Two
Permanent Subcommittees
Distribution:
Orig - Adse (Return to ICS/IHC)
1 - EXDIR/CIA
1 - DC I
1 - DOCI
1 - D/ICS
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170028-8
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170028-8
Recommended Changes to the NTISSC
and Its Two Permanent Subcommittees
o Change last sentence of paragraph 7, Section VII, of the NTISSC charter to
read: "Following receipt by the chair, the reports and recommendations
shall be forwarded to the full NTISSC for review, formal approval or
disapproval, and forwarded as appropriate."
Rationale: Clarification of roles and responsibilities of NTISSC
o Change last two sentences of paragraph 5a of the proposed operating
procedures of both subcommittees to read: "The chair shall vote in the
event of a tie. Dissenting views, with supporting rationale, may be
provided by any representative, brought to the attention of the NTISSC
Secretariat, and forwarded to the full Committee."
Rationale: Clarification of voting procedures and handling of dissenting
views
o Delete the specific identification of the chairman of the subcommittees
and replace with: "The Chairman of the NTISSC, with the concurrence of a
majority of the NTISSC voting members, will nominate the chairmen of the
subcommittees."
Rationale: To ensure future flexibility in determining chairmen of
sucommittees. Also, should be accomplished by memorandum from the NTISSC
Chairman rather than included in the charter.
o Insert the following sentence at the beginning of paragraph 3, Section II,
of the NTISSC charter: "The Committee shall make recommendations to the
Steering Group on Committee membership."
Rationale: Consistency with NSDD/145
o Delete the first nine words of paragraph 1, Section VII, of the NTISSC
charter and insert the following: The Committee shall submit annually an
evaluation of the status of national telecommunications and automated
information systems security with respect to established objectives and
priorities. Included in the evaluation will be . . . ."
Rationale: Consistency with NSDD/145
o Replace paragraph 4, Section VII of the NTISSC charter with corresponding
language from paragraph 5b(4) of NSDD/145: "The Committee shall identify
systems which handle sensitive, non- government information, the loss and
exploitation of which could adversely affect the national security
interest, for the purpose of encouraging, advising and, where appropriate,
assisting the private sector in applying security measures."
Rationale: Consistency with NSDD/145
UNCLASSIFIED
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170028-8
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170028-8
o Insert in second paragraph, first line of STS charter after the word
matters, "relating to telecommunications security" so that this paragraph
reads: "Matters relating to telecommunications security under the
cognizance of the STS and subject to the deliberations and actions of the
STS include . . . ."
Rationale: Consistency with NSDD/145
o Change the second sentence, paragraph 7e, of the SAISS charter to read:
"Guidance as defined herein refers to a policy, direction, decision,
instruction or advice which concerns planning or applying automated
information systems security requirements, standards, criteria, and
equipments."
Rationale: Consistency with NSDD/145
nwri ^CCTCTGn
Sanitized Copy Approved for Release 2010/06/08: CIA-RDP97M00248R000500170028-8