NASA Procedures and Guidelines
This Document is Obsolete and Is No Longer Used. Check the NODIS Library to access the current version: http://nodis3.gsfc.nasa.gov

NPR 2810.1A
Effective Date: May 16, 2006
Cancellation Date:
Responsible Office: JA

Table of Contents

Change History

Preface

P.1 Purpose
P.2 Applicability
P.3 Authority
P.4 Applicable Documents
P.5 Measurement/Verfication
P.6 Cancellation

Chapter 1 Information Security Management

1.1 Overview
1.2 Roles and Responsibilities

Chapter 2 Management Controls

2.1 Program Management (PM)
2.2 Security Assessment and Authorization (CA)
2.3 Planning (PL)
2.4 Risk Assessment (RA)
2.5 System and Services Acquisitions (SA)

Chapter 3 Operational Controls

3.1 Awareness and Training (AT)
3.2 Configuration Management (CM)
3.3 Contingency Planning (CP)
3.4 Incident Response and Management (IR)
3.5 Maintenance (MA)
3.6 Media Protection (MP)
3.7 Physical and Environmental Protection (PE)
3.8 Personnel Security (PS)
3.9 System and Information Integrity (SI)

Chapter 4 Technical Controls

4.1 Access Control (AC)
4.2 Audit and Accountability (AU)
4.3 Identifcation and Authentication (IA)
4.4 System and Communications Protection (SC)

Appendix A Definitions
Appendix B Acronym
Appendix C Responsibility Cross-Walk
Appendix D Role Definitions
Appendix E References

DISTRIBUTION:
NODIS