EverySpec Standards
Home > Library > DoD > DoD-PUBLICATIONS > DODD 5200--28 21MAR88

DODD 5200.28, DEPARTMENT OF DEFENSE DIRECTIVE: SECURITY REQUIREMENTS FOR AUTOMATED INFORMATION SYSTEMS (AISs) (21-MAR-1988)

DODD 5200.28, DEPARTMENT OF DEFENSE DIRECTIVE: SECURITY REQUIREMENTS FOR AUTOMATED INFORMATION SYSTEMS (AISs) (21-MAR-1988)., This Directive: 1.1. Reissues and revises reference (a) to update uniform policy in addition to the policy set forth in reference (b) for the safeguarding of classified, sensitive unclassified, and unclassified information processed in AISs. 1.2. Updates the DoD-wide program for Automated Information System (AIS) security. 1.3. Provides mandatory, minimum AIS security requirements. More stringent requirements may be necessary for selected systems based on an assessment of acceptable levels of risk. 1.4. Promotes the use of cost-effective, computer-based (e.g., hardware, software, and firmware controls) security features for AISs. However, it is emphasized that system users have a personal responsibility to protect classified information under subparagraph 10-101.a. of reference (b). 1.5. Requires a more accurate specification of overall DoD security requirements for AISs that process classified or sensitive unclassified information. 1.6. Stresses the importance of a life-cycle management approach to implementing computer security requirements.

DODD 5200.28 Rev. 1988

    

Version:
198803-1988155.23 KB DODD_5200.28_21MAR88

Simple Search
MilSpec Search



About Us   |   Terms of Use   |   DMCA   |   Privacy   |   EverySpec LLC © 2009 - 2024   All rights reserved.