SD 205.1, Baseline Cybersecurity Program
This supplemental directive (SD) establishes an integrated, organization-wide Risk Management Approach (RMA) for the National Nuclear Security Administration (NNSA) to improve and maintain an agile Cybersecurity Program (CSP) in order to protect organizational operations and assets in a manner consistent with associated risks. This SD supplements the requirements of Department of Energy (DOE) Order 205.1B, Department of Energy Cyber Security Program. The SD also prescribes a CSP that employs a Risk Management Framework (RMF) that is: (a.) Based on the principles, responsibilities, processes, and oversight requirements in SD 226.1B, NNSA Site Governance; and (b.) Consistent with and incorporates National Institute of Standards and Technology (NIST), Committee on National Security Systems (CNSS), and DOE requirements and guidelines.
sd_205.1_cybersecurity.pdf -- PDF Document, 555 KB
Cancels NAP 14.1D, NNSA Baseline Cybersecurity Program, dated 12-18-12; NAP 14.3B, Transmission of Restricted Data over Secret Internet Protocol Router Network (SIPRNet), dated 5-02-08; and Chapter VII, Incident Management of NAP 14.1C, NNSA Baseline Cybersecurity Program
ID: | SD 205.1 |
Type: | Supplemental Directive (SD) |
SLM Office: | Office of Information Management |
OPI: | Office of Information Management & the Chief Information Officer |
Status: | Current |
Issue Date: | Jul 07, 2017 |
Last Update: | Jul 07, 2017 |
CRD: | Yes |
DNFSB: | No |
CTA: | No |
Misc. Comments: |