CNSS

Index of National Security Systems Issuances Dated 1 October 2012; includes a complete listing of all current CNSS issuances and historical record of all cancelled or superseded issuances

Policies

CNSSP-1 National Policy for Safeguarding and Control of Communications Security Material - dated September 2004; Supersedes NCSC-1, dated 16 January 1981 CNSSP-3 National Policy for Granting Access to U.S. Classified Cryptographic Information - dated October 2007 NCSC-5 National Policy on Use of Cryptomaterial by Activities Operating in High Risk Environments - dated 6 January 1981 NSTISSP-11 Fact Sheet for the National Information Assurance Acquisition Policy - dated July 2003 CNSSP-12 National Information Assurance Policy for Space Systems Used to Support National Security Missions - dated 20 March 2007; Supersedes NSTISSP-12, dated January 2001 CNSSP-14 National Policy Governing the Release of Information Assurance (IA) Products and Services to Authorized U.S. Persons or Activities that are Not a Part of the Federal Government - dated November 2002 CNSSP-17 Policy on Wireless Communications: Protecting National Security Information - dated May 2010 CNSSP-18 National Policy on Classified Information Spillage - dated June 2006 CNSSP-19 National Policy Governing the Use of High Assurance Internet Protocol Encryptor ( HAIPE ) Products - dated February 2007 CNSSP-21 National Information Assurance Policy on Enterprise Architectures for National Security Systems - dated March 2007 CNSSP-22 Information Assurance Risk Management Policy for National Security Systems - dated January 2012 CNSSP-24 Policy on Assured Information Sharing (AIS) for National Security Systems (NSS) - dated May 2010 CNSSP-25 National Policy For Public Key Infrastructure in National Security Systems - dated March 2009 CNSSP-26 National Policy on Reducing the Risk of Removable Media - dated November 2010 NSTISSP-101 National Policy on Securing Voice Communications - dated 14 September 1999 NSTISSP-200 National Policy on Controlled Access Protection - dated 15 July 1987

Directives

CNSSD-500 Information Assurance (IA) Education, Training, and Awareness - dated August 2006; Supersedes NSTISSD-500, dated 25 February 1993 NSTISSD-501 National Training Program for Information Systems Security (INFOSEC) Professionals - dated 16 November 1992 CNSSD-502 National Directive On Security of National Security Systems - dated 16 December 2004; Supersedes NSTISSD-502, dated 5 February 1993 CNSSD-900 Governing Procedures of the Committee on National Security Systems ( CNSS ), dated 16 December 2004; Supersedes NSTISSD-502, dated April 2000 CNSSD-901 National Security Telecommunications and Information Systems Security ( CNSS ) Issuance System, dated 16 December 2004; Supersedes NSTISSD-502, dated April 2000

Instructions

CNSSI-1001 National Instruction On Classified Information Spillage, dated February 2008 CNSSI-1300 National Instruction On Public Key Infrastructure X.509 Certificate Policy, Under CNSS Policy No. 25, dated June 2011 CNSSI-1253 Security Categorization and Control Selection for National Security Systems, dated March 2012 CNSSI-1253a Security Overlays Template, dated March 2012 NSTISSI-3028 Operational Security Doctrine for the FORTEZZA User PCMCIA Card, dated December 2001 CNSSI-4007 Communications Security (COMSEC) Utility Program, dated November 2007 CNSSI-4008 Program for the Management and Use of National Reserve Information Assurance Security Equipment, dated March 2007 CNSSI-4009 National Information Assurance Glossary, dated May 2003; revised April 2010 NSTISSI-4011 National Training Standard for Information Systems Security (INFOSEC) Professionals, dated 20 June 1994 CNSSI-4012 National Information Assurance Training Standard for Senior Systems Managers, dated June 2004; Supersedes NSTISSI No. 4012, dated August 1997 CNSSI-4013 National Information Assurance Training Standard For System Administrators (SA), dated March 2004 CNSSI-4014 Information Assurance Training Standard for Information Systems Security Officers, dated April 2004; Supersedes NSTISSI No. 4014, dated August 1997 NSTISSI-4015 National Training Standard for Systems Certifiers, dated December 2000 CNSSI-4016 National Information Assurance Training Standard For Risk Analysts, dated November 2005 CNSSI-4031 Cryptographic High Value Products (CHVP), dated February 2012 CNSSI-5000 Guidelines for Voice Over Internet Protocol (VoIP) Computer Telephony, dated April 2007; Supersedes TSG Standard 2b, dated April 2006 CNSSI-5001 Type-Acceptance Program for Voice Over Internet Protocol (VoIP) Telephones, dated December 2007 CNSSI-5002 National Information Assurance (IA) Instruction for Computerized Telephone Systems, dated February 2012 CNSSI-5006 National Instruction for Approved Telephone Equipment, dated September 2011; Supersedes TSG Standard 6, dated June 2006 NACSI-6002 National COMSEC Instruction, dated 14 June 1984 NSTISSI-7003 Protective Distribution Systems (PDS), dated 13 December 1996

Advisory Memoranda

TSG Standards

TSG Information Series

Computerized Telephone Systems (CTSs): A Review of CTS Deficiencies, Threats and Risks Dated December 1994 Executive Overview Dated January 1996 Central Office (CO) Interfaces Dated November 1997 Everything You Always Wanted to Know About Telephone Security (but were afraid to ask) Dated December 1998

CNSS Report

CNSS Report: Progress Against 2008 Priorities Committee on National Security Systems (CNSS) Report: Progress Against 2008 Priorities, dtd April 2009

CNSS Report: An Agenda for Safeguarding National Security Systems 2007/2008 Committee on National Security Systems (CNSS) Report: An Agenda for Safeguarding National Security Systems, dated Mar 2008

Other

CNSS-002-11 Vendors Equipment Approval Memo CNSS 01-11 2010, dated January 2011 CNSS-009-10 Vendors Equipment Approval Memo CNSS 06 through 08, dated March 2010 CNSS-094-09 Vendors Equipment Approval Memo CNSS 01 through 05, dated November 2009 CNSS-048-07 National Information Assurance (IA) Approach to Incident Management, dated May 2007 CNSS-079-07 Frequently Asked Questions (FAQ) on Incidents and Spills, dated August 2007

This index provides a full listing ofissuances, as issued by the Committee on National Security Systems (), as well as a document listing all current, cancelled, and superseded issuances in the Index of National Security Systems, found below. To obtain an issuance not offered below, refer to our Contact List for more information.