Security of Information Technology

Citation
NASA, Security of Information Technology (NPR 2810.1A) (May 19, 2011) (full-text).

Overview
The purposes of this document are to:


 * Establish the information security requirements for the National Aeronautics and Space Administration (NASA) relative to the policy set forth in NASA Policy Directive (NPD) 2810.1, NASA Information Security Program. The procedural requirements, herein prescribe roles, responsibilities, and conditions that directly or indirectly promote information security throughout the life cycle of all NASA information and information systems.


 * Identify information security policies, procedures, and practices which are appropriate to NASA's mission, and are consistent with applicable federal laws, executive orders, directives, policies, and regulations.


 * Serve as a reference to the NASA community regarding specific information security roles and responsibilities, and provide resources where more detailed information may be found.


 * Satisfy security policy guidance as outlined by National Institute of Standards Technology (NIST), Special Publication (SP) 800-53. Recommended Security Controls for Federal Information Systems and Organizations.