World Library  
Flag as Inappropriate
Email this Article

National Industrial Security Program

 

National Industrial Security Program

The National Industrial Security Program, or NISP, is the nominal authority (in the United States) for managing the needs of private industry to access classified information.

The NISP was established in 1993 by Executive Order 12829.[1] The National Security Council nominally sets policy for the NISP, while the Director of the Information Security Oversight Office is nominally the authority for implementation. Under the ISOO, the Secretary of Defense is nominally the Executive Agent, but the NISP recognizes four different Cognizant Security Agencies, all of which have equal authority: the Department of Defense, the Department of Energy, the Central Intelligence Agency, and the Nuclear Regulatory Commission.[2]

Contents

  • NISP Operating Manual (DoD 5220.22-M) 1
    • Data sanitization 1.1
  • References 2
  • External links 3

NISP Operating Manual (DoD 5220.22-M)

A major component of the NISP is the NISP Operating Manual, also called NISPOM, or DoD 5220.22-M.[3] The NISPOM establishes the standard procedures and requirements for all government contractors, with regards to classified information. As of 2010, the current NISPOM edition is dated 28 Feb 2006. Chapters and selected sections of this edition are:

Data sanitization

DoD 5220.22-M is sometimes cited as a standard for sanitization to counter data remanence. The NISPOM actually covers the entire field of government-industrial security, of which data sanitization is a very small part (about two paragraphs in a 141-page document).[4] Furthermore, the NISPOM does not actually specify any particular method. Standards for sanitization are left up to the Cognizant Security Authority. The Defense Security Service provides a Clearing and Sanitization Matrix (C&SM) which does specify methods.[5] As of the June 2007 edition of the DSS C&SM, overwriting is no longer acceptable for sanitization of magnetic media; only degaussing or physical destruction is acceptable.

Unrelated to NISP or NISPOM, National Institute of Standards and Technology (NIST) Computer Security Division Released Special Publication 800-88 Revision 1, Guidelines for Media Sanitization December 18, 2014 http://csrc.nist.gov/news_events/news_archive/news_archive_2014.html#dec18

References

  1. ^ "Executive Order 12829".  
  2. ^ "NISP Brochure" (PDF).   (59 KB)
  3. ^ "Download NISPOM".  
  4. ^   (1.92 MB)
  5. ^ "DSS Clearing & Sanitization Matrix" (PDF).   (98 KB)

External links

  • "National Industrial Security Program" PDF
  • [1]
This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and USA.gov, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for USA.gov and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
 
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
 
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.
 



Copyright © World Library Foundation. All rights reserved. eBooks from World eBook Library are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.