This preview shows page 1. Sign up to view the full content.
Unformatted text preview: 01/01/96 Search this book:
Go! Previous Table of Contents Next
----------- The official “Memorandum of Understanding” (MOU) between the two agencies reads: MEMORANDUM OF UNDERSTANDING BETWEEN THE DIRECTOR OF THE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY AND THE DIRECTOR OF THE NATIONAL SECURITY AGENCY CONCERNING THE IMPLEMENTATION OF PUBLIC LAW 100-235 Recognizing that: A. Under Section 2 of the Computer Security Act of 1987 (Public Law 100-235), (the Act), the National Institute of Standards and Technology (NIST) has the responsibility within the Federal Government for: 1. Developing technical, management, physical, and administrative standards and guidelines for the cost-effective security and privacy of sensitive information in Federal computer systems as defined in the Act; and, 2. Drawing on the computer system technical security guidelines of the National Security Agency (NSA) in this regard where appropriate. B. Under Section 3 of the Act, the NIST is to coordinate closely with other agencies and offices, including the NSA, to assure: 1. Maximum use of all existing and planned programs, materials, studies, and reports relating to computer systems security and privacy, in order to avoid unnecessary and costly duplication of effort; and, 2. To the maximum extent feasible, that standards developed by the NIST under the Act are consistent and compatible with standards and procedures developed for the protection of classified information in Federal computer systems. C. Under the Act, the Secretary of Commerce has the responsibility, which he has delegated to the Director of NIST, for appointing the members of the Computer System Security and Privacy Advisory Board, at least one of whom shall be from the NSA. Therefore, in furtherance of the purposes of this MOU, the Director of the NIST and the Director of the NSA hereby agree as follows: I. The NIST will: 1. Appoint to the Computer Security and Privacy Advisory Board at least one representative nominated by the Director of the NSA. 2. Draw upon computer system technical security guidelines developed by the NSA to the extent that the NIST...
View Full Document
- Fall '10