FIPS 102

Citation
National Bureau of Standards, Guideline for Computer Security Certification and Accreditation (FIPS 102) (Sept. 1983) (full-text).

Overview
This Guideline describes how to establish and how to carry out a certification and accreditation program for computer security. Certification consists of a technical evaluation of a sensitive application to see how well it meets security requirements. Accreditation is the official management authorization for the operation of the application and is based on the certification process as well as other management considerations. A certification and accreditation program benefits an organization by improving management control over computer security and increasing awareness of computer security throughout the organization.