DOCSLIB.ORG

Bs En 9223‑102:2018

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Bs En 9223‑102:2018 BS EN 9223‑102:2018 BSI Standards Publication Programme Management – Configuration Management Part 102: Configuration status accounting WB11885_BSI_StandardCovs_2013_AW.indd 1 15/05/2013 15:06 BS EN 9223‑102:2018 BRITISH STANDARD EN 9223-102 National foreword EUROPEAN STANDARD This British Standard is the UK implementation of EN 9223‑102:2018. NORME EUROPÉENNE March 2018 The UK participation in its preparation was entrusted to Technical Committee ACE/1, International and European Aerospace Policy EUROPÄISCHE NORM and Processes. ICS 35.080; 49.020 A list of organizations represented on this committee can be obtained on request to its secretary. English Version This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application. Programme Management - Configuration Management - © The British Standards Institution 2018 Part 102: Configuration status accounting Published by BSI Standards Limited 2018 Management de Programme - Gestion de la Programm-Management - Konfigurationsmanagement Configuration - Partie 102 : Enregistrement de la - Teil 102: Konfigurationsbuchführung ISBN 978 0 580 90025 9 configuration ICS 35.080; 49.020 This European Standard was approved by CEN on 1 October 2017. Compliance with a British Standard cannot confer immunity from CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this legal obligations. European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN This British Standard was published under the authority of the member. Standards Policy and Strategy Committee on 31 March 2018. This European Standard exists in three official versions (English, French, German). A version in any other language made by Amendments/corrigenda issued since publication translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management Centre has the same status as the official versions. Date Text affected CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels © 2018 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN 9223-102:2018 E worldwide for CEN national Members. BS EN 9223‑102:2018 EN 9223-102 EUROPEAN STANDARD NORME EUROPÉENNE March 2018 EUROPÄISCHE NORM ICS 35.080; 49.020 English Version Programme Management - Configuration Management - Part 102: Configuration status accounting Management de Programme - Gestion de la Programm-Management - Konfigurationsmanagement Configuration - Partie 102 : Enregistrement de la - Teil 102: Konfigurationsbuchführung configuration This European Standard was approved by CEN on 1 October 2017. CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN member. This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management Centre has the same status as the official versions. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels © 2018 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN 9223-102:2018 E worldwide for CEN national Members. BS EN 9223‑102:2018 EN 9223-102:2018 (E) Contents Page European foreword ....................................................................................................................................................... 3 Introduction .................................................................................................................................................................... 4 1 Scope .................................................................................................................................................................... 5 2 Normative references .................................................................................................................................... 5 3 Terms and definitions ................................................................................................................................... 5 4 The configuration status accounting process and its place in the overall programme Configuration Management ......................................................................................................................... 6 4.1 Configuration status accounting process overview ............................................................................ 6 4.2 Nature of the configuration status accounting process ..................................................................... 7 4.3 Recording initialisation ................................................................................................................................ 8 4.4 Configuration status accounting and lifecycle ...................................................................................... 9 5 Records associated with the configuration identification process ............................................... 9 6 Records associated with the configuration control process ........................................................ 10 7 Records associated with the configuration verification, review and audit process ............ 11 8 Relationship with other processes ........................................................................................................ 12 8.1 Scope ................................................................................................................................................................. 12 8.2 Relationship with need specification process ................................................................................... 12 8.3 Relationship with preliminary design process ................................................................................. 13 8.4 Relationship with the detailed design process.................................................................................. 13 8.5 Relationship with qualification process .............................................................................................. 14 8.6 Relationship with industrialisation and production processes .................................................. 14 8.7 Relationship with operational in use process ................................................................................... 15 8.8 Relationship with the disposal process ............................................................................................... 16 9 Requirements for exchanging and/or sharing data ........................................................................ 16 10 Implementation of traceability requirements in the configuration status accounting process ............................................................................................................................................................. 17 (informative) Information system prerequisite needed for configuration status accounting ....................................................................................................................................................... 18 (informative) Non exhaustive examples of attributes that allow to assure traceability ..................................................................................................................................................... 20 Bibliography ................................................................................................................................................................. 21 2 BS EN 9223‑102:2018 EN 9223-102:2018 (E) European foreword This document (EN 9223-102:2018) has been prepared by the Aerospace and Defence Industries Association of Europe - Standardization (ASD-STAN). After enquiries and votes carried out in accordance with the rules of this Association, this Standard has received the approval of the National Associations and the Official Services of the member countries of ASD, prior to its presentation to CEN. This European Standard shall be
Load more

Recommended publications
  • International Standards, Approaches and Frameworks Relevant to Software Quality Management and Software Process Improvement
    International standards, approaches and frameworks relevant to Software Quality Management and Software Process Improvement To help organizations managing software quality and improving software processes several standards, models, approaches and frameworks have been developed during the last decades. The most widely known and recognized of them are presented in this document. • Capability Maturity Model (CMM) • CMM Integration (CMMI) • Personal Software Process (PSP) and Team Software Process (TSP) • ISO 9000 standards family • TickIT • ISO/IEC TR 15504 Information Technology - Software Process Assessment (SPICE) • ISO/IEC 12207 Information Technology - Software Life-Cycle Processes • BOOSTRAP • Rational Unified Process CMM Publication Date: Version 1.1 - February 1993 Description: The Capability Maturity Model for Software (SW-CMM or CMM) is a model used by organizations for appraising the maturity of their software processes and for identifying practices that will increase the maturity of those processes. It was developed by the Software Engineering Institute, in cooperation with industry representatives. The Software CMM has become a de facto standard for assessing and improving software processes. Through the SW-CMM, the SEI and community have put in place an effective means for modeling, defining, and measuring the maturity of the processes used by software professionals. The Capability Maturity Model for Software describes the principles and practices underlying software process maturity and is intended to help software organizations
    [Show full text]
  • A Stone Man Version
    Guide to the Software Engineering Body of Knowledge AA SSttoonnee MMaann Veerrssiioonn (Version 0.7) April 2000 A project of the Software Engineering Coordinating Committee (Joint IEEE Computer Society - ACM committee ) Corporate support by: Project managed by: Executive Editors: Alain Abran, Université du Québec à Montréal James W. Moore, The MITRE Corp. Editors: Pierre Bourque, Université du Québec à Montréal Robert Dupuis, Université du Québec à Montréal Chair of the Software Engineering Coordinating Committee Leonard L. Tripp, IEEE Computer Society Copyright © 2000, Institute of Electrical and Electronics Engineers, Inc. All rights reserved. PREFACE TO THE SWEBOK GUIDE 1. Software engineering is an emerging discipline but there are unmistakable trends indicating an 10. Purpose increasing level of maturity: 11. The purpose of this Guide is to provide a 2. w McMaster University (Canada), the consensually-validated characterization of the Rochester Institute of Technology (US), the bounds of the software engineering discipline University of Sheffield (UK), the and to provide a topical access to the Body of University of New South Wales (Australia) Knowledge supporting that discipline. The Body and other universities around the world now of Knowledge is subdivided into ten Knowledge offer undergraduate degrees in software Areas (KA) and the descriptions of the KAs are engineering. designed to discriminate among the various important concepts, permitting readers to find 3. w The Software Capability Maturity Model and ISO 9000 are used to certify their way quickly to subjects of interest. Upon organizational capability for software finding a subject, readers are referred to key engineering. papers or book chapters selected because they succinctly present the knowledge.
    [Show full text]
  • Guide to the Software Engineering Body of Knowledge
    Guide to the Software Engineering Body of Knowledge AA SSttoonnee MMaann VVeerrssiioonn (Version 0.5) October 1999 A project of the Software Engineering Coordinating Committee (Joint IEEE Computer Society - ACM committee ) Corporate support by: Project managed by: Co-Executive Editors: Alain Abran, Université du Québec à Montréal James W. Moore, The MITRE Corp. Editors: Pierre Bourque, Université du Québec à Montréal Robert Dupuis, Université du Québec à Montréal Project Champion: Leonard L. Tripp, IEEE Computer Society Table of Contents INTRODUCTORY TEXT FROM THE EDITORIAL TEAM KNOWLEDGE AREA DESCRIPTION : - Software Configuration Management - Software Construction - Software Design - Software Engineering Infrastructure - Software Engineering Management - Software Engineering Process - Software Evolution and Maintenance - Software Quality Analysis - Software Requirement Analysis - Software Testing APPENDIX A KNOWLEDGE AREA DESCRIPTION SPECIFICATIONS FOR THE STONE MAN VERSION OF THE GUIDE TO THE SOFTWARE ENGINEERING BODY OF KNOWLEDGE – VERSION 0.25 INTRODUCTORY TEXT FROM THE EDITORIAL TEAM The IEEE Computer Society and the Association for Computing Machinery are working on a joint project to develop a guide to the Software Engineering Body Of Knowledge (SWEBOK). This is the current draft (version 0.5 completed in September 1999) of the Stoneman version of the Guide1. Articulating a body of knowledge is an essential step toward developing a profession because it represents a broad consensus regarding the contents of the discipline. Without such a consensus, there is no way to validate a licensing examination, set a curriculum to prepare individuals for the examination, or formulate criteria for accrediting the curriculum. The project team is currently working on an update to this draft version of the Guide based on the results of the second review cycle.
    [Show full text]
  • Voluntary Voting System Guidelines VVSG 2.0 Recommendations for Requirements for the Voluntary Voting System Guidelines 2.0
    Voluntary Voting System Guidelines VVSG 2.0 Recommendations for Requirements for the Voluntary Voting System Guidelines 2.0 February 29, 202010, 2021 Prepared for the Election Assistance Commission At the direction of the Technical Guidelines Development Committee 1 Acknowledgements Chair of the TGDC: Dr. Walter G. Copan Director of the National Institute of Standards and Technology (NIST) Gaithersburg, MD Representing the EAC Standards Board: Robert Giles Paul Lux Director Supervisor of Elections New Jersey Division of Elections Okaloosa County Trenton, NJ Crestview, FL Representing the EAC Board of Advisors: Neal Kelley Linda Lamone Registrar of Voters Administrator of Elections Orange County Maryland State Board of Orange County, CA ElectionElections Annapolis, MD Representing the Architectural and Transportation Barrier, and Compliance Board (Access Board): Marc Guthrie Sachin Pavithran Public Board Member Public Board Member Newark, OH Logan, UT Representing the American National Standards Institute (ANSI): Mary Saunders Vice President, Government Relations & Public Policy American National Standards Institute Washington, DC Representing the Institute of Electrical and Electronics Engineers: Dan Wallach Professor, Electrical & Engineering Computer Science Rice University Houston, TX Representing the National Association of State Election Directors (NASED): Lori Augino Judd Choate Washington State Director of Elections State Elections Director Washington Secretary of State Colorado Secretary of State Olympia, WA Denver, CO 2 Requirements
    [Show full text]
  • Appendix A: Quality Models and Verification Methods
    Appendix A: Quality Models and Verification Methods As indicated in previous chapters, we have excluded discussions on the various verification methods which still exist in many publications. The following table may be useful in researching appropriate methods to deal with the different artefacts in the product lifecycle. We do not claim completeness in the methods but have provided common verification methods which we apply in our projects. Artefact type Quality model Verification methods Documentation DocQMod • Peer Review • Structured Group Review • Inspection • Walk Through • Technical Review • Informal Review Business BPQMod • Peer Review processes • Structured Group Review • Formal Inspection (on business process models, e.g. swimlanes, business and application process models) • Walk Through • GUI Prototyping • Test Modelling (based on business processes) • Early Test Case Design • Usability Testing Requirements ReqQMod • Management Review • Peer Review • Structured Group Review • Audit • Inspection • Walk Through • Technical Review • Informal review • GUI Prototyping • Test Modelling (based on requirements) • Test Case Specification (based on requirements) (continued) M. Wieczorek et al., Systems and Software Quality, 165 DOI 10.1007/978-3-642-39971-8, © Springer-Verlag Berlin Heidelberg 2014 166 Appendix A: Quality Models and Verification Methods Artefact type Quality model Verification methods Architecture ArchQMod • Peer Review • Structured Group Review • Formal Inspection • ATAM • Prototyping (including functional and non-functional testing) • FMEA Database DataQMod • Formal Inspection (on e.g. normalisation) • Peer Review (on indexing, SQL statements, stored procedures) • Structured Group Review • Functional Testing (by application) • Non-functional testing (including performance and security) Source code CodeQMod • Peer Review • Walk Through • Formal Inspection (e.g. style guides, coding standards) • Static Source Code Analysis (tool based) • Profiling (e.g.
    [Show full text]
  • Appendix G Systems General Requirements
    BROADWAY SUBWAY PROJECT Commercial in Confidence PROJECT AGREEMENT EXECUTION COPY SCHEDULE 4 Appendix G Systems General Requirements BROADWAY SUBWAY PROJECT Commercial in Confidence PROJECT AGREEMENT EXECUTION COPY SCHEDULE 4: APPENDIX G: SYSTEM GENERAL REQUIREMENTS - 2 - Table of Contents 1 APPENDIX G – Systems GENERAL REQUIREMENTS .................................................................. 7 1.1 Introduction .......................................................................................................................................... 7 1.2 Requirements Delivery ........................................................................................................................ 7 1.3 Standards .............................................................................................................................................. 8 1.4 Systems Plan ........................................................................................................................................ 8 1.5 Design Life of the Systems .................................................................................................................. 9 1.6 Systems Design Management .............................................................................................................. 9 1.6.1 Requirements Specification Overview ............................................................................................ 10 1.6.2 Requirements Analysis Overview ..................................................................................................
    [Show full text]
  • The Evolution of Software Configuration Management
    ISSN 2278-3091 Syahrul Fahmy et al., International Journal of AdvancedVolume Trends 9, No.1. in Computer3, 2020 Science and Engineering, 9(1.3), 2020, 50 - 63 International Journal of Advanced Trends in Computer Science and Engineering Available Online at http://www.warse.org/IJATCSE/static/pdf/file/ijatcse0891.32020.pdf https://doi.org/10.30534/ijatcse/2020/0891.32020 The Evolution of Software Configuration Management 1 2 3 1 1 Syahrul Fahmy , Aziz Deraman , Jamaiah Yahaya , Akhyari Nasir , Nooraida Shamsudin 1University CollegeTATI, Malaysia, [email protected] 2Universiti Malaysia Terengganu, Malaysia 3Universiti Kebangsaan Malaysia, Malaysia processing and implementation status, and verify compliance ABSTRACT with specified requirements” [3]. Software Configuration Management (SCM) is a discipline in “a management activity that applies technical and software engineering for managing changes to software administrative direction over the life cycle of a product, its products using standard processes and tools. This article configuration items, and related product configuration presents the evolution of SCM since its inception, information. It provides identification and traceability, the highlighting the components, application to other areas, status of achievement, and access to accurate information in change management and software quality. Research and all phases of the life cycle” [4]. development in SCM are highly motivated by the problems at hand in software development. SCM process and activities are This paper presents the evolution of SCM, discussing its sound, guided by international standards and industry best components, application to other areas, change management practice. Commercial and proprietary tools are aplenty, and and software quality. the underlying techniques are no longer confined to SCM.
    [Show full text]
  • Manual on the Quality Management System for Aeronautical Information Services ______
    Doc 9839 AN/xxx Manual on the Quality Management System for Aeronautical Information Services ________________________________ Approved by the Secretary General and published under his authority First Edition — XXXX International Civil Aviation Organization Published in English, .................... by the INTERNATIONAL CIVIL AVIATION ORGANIZATION 999 University Street, Montréal, Quebec, Canada H3C 5H7 For ordering information and for a complete listing of sales agents and booksellers, please go to the ICAO website at www.icao.int Doc 9839, Manual on the Quality Management System for Aeronautical Information Services Order Number: ISBN © ICAO 2010 All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, without prior permission in writing from the International Civil Aviation Organization. AMENDMENTS Amendments are announced in the supplements to the Catalogue of ICAO Publications; the Catalogue and its supplements are available on the ICAO website at www.icao.int. The space below is provided to keep a record of such amendments. RECORD OF AMENDMENTS AND CORRIGENDA AMENDMENTS CORRIGENDA No. Date Entered by No. Date Entered by TABLE OF CONTENTS Page Foreword .......................................................................................................................................................... (vii) Acronyms ........................................................................................................................................................
    [Show full text]
  • Parameterization, Analysis, and Risk Management in a Comprehensive Management System with Emphasis on Energy and Performance (ISO 50001: 2018)
    energies Article Parameterization, Analysis, and Risk Management in a Comprehensive Management System with Emphasis on Energy and Performance (ISO 50001: 2018) P. Pablo Poveda-Orjuela 1,*, J. Carlos García-Díaz 2 , Alexander Pulido-Rojano 3 and Germán Cañón-Zabala 4 1 ASTEQ Technology, 53 Street No. 53-15, Barranquilla 080020, Colombia 2 Centre for Quality and Change Management, Universitat Politècnica de València, Camino de Vera, s/n. 46022 Valencia, Spain; [email protected] 3 Industrial Engineering Department, Universidad Simón Bolívar, Av. 59 No. 59-92, Barranquilla 080020, Colombia; [email protected] 4 QUARA Group, 157 Street No. 13 B-20, Bogotá 110121, Colombia; [email protected] * Correspondence: [email protected] or [email protected]; Tel.: +57-3008897111 Received: 7 September 2020; Accepted: 13 October 2020; Published: 26 October 2020 Abstract: The future of business development relies on the effective management of risks, opportunities, and energy and water resources. Here, we evaluate the application of best practices to identify, analyze, address, monitor, and control risks and opportunities (R/O) according to ISO 31000 and 50000. Furthermore, we shed light on tools, templates, ISO guides, and international documents that contribute to classifying, identifying, formulating control, and managing R/O parameterization in a comprehensive management system model, namely CMS QHSE3+, which consists of quality (Q), health and safety (HS), environmental management (E), energy efficiency (E2), and other risk components (+) that include comprehensive biosecurity and biosafety. By focusing on the deployment of R/O-based thinking (ROBT) at strategic and operational levels, we show vulnerability reduction in CMS QHSE3+ by managing energy, efficiency, and sustainability.
    [Show full text]
  • Guideline for Applying Functional Safety to Autonomous Systems in Mining
    20200709_Guideline_for_Applying_Functional_Safety_to_Autonomous_Systems- GMG-AM-FS-v01-r01 GUIDELINE FOR APPLYING FUNCTIONAL SAFETY TO AUTONOMOUS SYSTEMS IN MINING SUBMITTED BY Functional Safety for Autonomous Equipment Sub-committee VERSION DATE 09 Jul 2020 APPROVED BY Autonomous Mining Working Group 31 Jul 2020 and GMG Executive Council 12 Aug 2020 PUBLISHED 18 Aug 2020 DATE DOCUMENT TO BE REVIEWED 18 Aug 2022 PREPARED BY THE FUNCTIONAL SAFETY FOR AUTONOMOUS EQUIPMENT SUB-COMMITTEE OF THE AUTONOMOUS MINING WORKING GROUP Global Mining Guidelines Group (GMG) ii | GUIDELINE FOR APPLYING FUNCTIONAL SAFETY TO AUTONOMOUS SYSTEMS IN MINING DISCLAIMER Although the Global Mining Guidelines Group (GMG) believes that the information on https://gmggroup.org, which includes guidelines, is reliable, GMG and the organizations involved in the preparation of the guidelines do not guarantee that it is accu- rate or complete. While the guidelines are developed by participants across the mining industry, they do not necessarily rep- resent the views of all of the participating organizations. This information does not replace or alter requirements of any national, state, or local governmental statutes, laws, regulations, ordinances, or other requirements. Your use of GMG guide- lines is entirely voluntary. CREDITS Organizations Involved in the Preparation of these Guidelines ABB, Abbott Risk Consulting, Agnico Eagle, Airobiotics, Alex Atkins & Associates, Ambuja Cements, AMOG Consulting, Antofa- gasta Minerals, Australian Droid + Robot, Autonomous Solutions,
    [Show full text]
  • IAEA Nuclear Energy Series Technical Challenges In
    IAEA Nuclear Energy Series No. NP-T-1.13 Basic Technical Challenges Principles in the Application and Licensing of Digital Objectives Instrumentation and Control Systems in Guides Nuclear Power Plants Technical Reports INTERNATIONAL ATOMIC ENERGY AGENCY VIENNA ISBN 978–92–0–102915–7 ISSN 1995–7807 @ 15-37681_PUB1695_cover.indd 1,3 2015-11-17 09:15:48 IAEA NUCLEAR ENERGY SERIES PUBLICATIONS STRUCTURE OF THE IAEA NUCLEAR ENERGY SERIES Under the terms of Articles III.A and VIII.C of its Statute, the IAEA is authorized to foster the exchange of scientific and technical information on the peaceful uses of atomic energy. The publications in the IAEA Nuclear Energy Series provide information in the areas of nuclear power, nuclear fuel cycle, radioactive waste management and decommissioning, and on general issues that are relevant to all of the above mentioned areas. The structure of the IAEA Nuclear Energy Series comprises three levels: 1 — Basic Principles and Objectives; 2 — Guides; and 3 — Technical Reports. The Nuclear Energy Basic Principles publication describes the rationale and vision for the peaceful uses of nuclear energy. Nuclear Energy Series Objectives publications explain the expectations to be met in various areas at different stages of implementation. Nuclear Energy Series Guides provide high level guidance on how to achieve the objectives related to the various topics and areas involving the peaceful uses of nuclear energy. Nuclear Energy Series Technical Reports provide additional, more detailed information on activities related to the various areas dealt with in the IAEA Nuclear Energy Series. The IAEA Nuclear Energy Series publications are coded as follows: NG — general; NP — nuclear power; NF — nuclear fuel; NW — radioactive waste management and decommissioning.
    [Show full text]
  • Guide for Security-Focused Configuration Management of Information Systems
    NIST Special Publication 800-128 Guide for Security-Focused Configuration Management of Information Systems Arnold Johnson Kelley Dempsey Ron Ross Sarbari Gupta Dennis Bailey This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-128 I N F O R M A T I O N S E C U R I T Y NIST Special Publication 800-128 Guide for Security-Focused Configuration Management of Information Systems Arnold Johnson Kelley Dempsey Ron Ross Computer Security Division Information Technology Laboratory Sarbari Gupta Dennis Bailey Electrosoft Services, Inc. Reston, VA This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-128 August 2011 INCLUDES UPDATES AS OF 10-10-2019; SEE PAGE IV U.S. Department of Commerce Wilbur L. Ross, Jr., Secretary National Institute of Standards and Technology Walter Copan, NIST Director and Under Secretary of Commerce for Standards and Technology Authority This publication has been developed by NIST to further its statutory responsibilities under the Federal Information Security Modernization Act of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority.
    [Show full text]