Information Security: National Archives and Records Administration (NARA) Needs to Implement Key Program Elements and Controls
DIANE Publishing, May 1, 2011 - 42 pages
NARA is responsible for preserving access to gov't. documents and other records of historical significance and overseeing records management throughout the fed. gov't. NARA relies on the use of info. systems to receive, process, store, and track gov't. records. As such, NARA is tasked with preserving and maintaining access to increasing volumes of electronic records. This report determined whether NARA has implemented info. security controls (ISC) to protect the confidentiality, integrity, and availability of the info. and systems that support its mission. The report concludes that NARA has not effectively implemented ISC to protect the confidentiality, integrity, and availability of the info. and systems. A print on demand publication.
What people are saying - Write a review
We haven't found any reviews in the usual places.
access controls access rights adequately agency’s agencywide information security appropriate Archives and Records Archivist categorized Chief Information Officer computer security configuration management contingency plans cryptography degausser determine disclosure document effectively employees and contractors encryption ensure facilities federal agencies FIPS firewalls FISMA requires Gaithersburg impact level incident response methodology individuals information and information information and systems information security controls information security program Information Services information systems information technology integrity logs monitoring NARA has developed NARA policy requires NARA systems NARA’s ability NARA’s network NARANET National Archives NIST guidance nondisclosure agreements Office of Information organization’s passwords physical security POA&Ms policies and procedures protect the confidentiality Records Administration risk assessments risk of unauthorized security awareness training security incidents security policies segregation of duties sensitive information staff support its mission system security plans systems that support technical controls tested unauthorized access US-CERT users weaknesses