NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage
Search CSRC:


CIO Pilot Best Security Practices (BSPs)

The Chief Information Officer Council (CIO), Security Practices Subcommittee initiated the development of a mechanism to provide an easily accesible and useful source of iinformation to Federal employees on effective tools and practices. A successful pilot was undertaken through the efforts of this Subcommittee. As a result, 20 BSPs were submitted and can be found below in their original submission format.

Title Organization Date
USAID Modem Scan Process USAID 01/23/01
USAID Security Plan USAID 01/23/01
Configuration of Technical Safeguards at USAID USAID 01/23/01
How To Secure a Domain Name Server (DNS) GSA 05/11/01
How to Accredit Information Systems for Operation DOD/NSWC 05/11/01
Incident Handling at BMDO DOD/BMDO 05/22/00
How to Deploy Firewalls Carnegie Mellon University 02/16/00
VA Limited Personal VA 10/03/00
OPM's Personal Use Policy OPM 12/04/00
Integrating Security into Systems Development Life SSA 12/20/00
C&A of Core Financial System USAID 02/05/01
Developing an Agency Incident Response Process SSA 02/20/01
Certification and Accreditation - the DLA Approach DOD/DLA 03/12/01
Remove all Data From Workstations & Servers USAID 04/25/01
NIH Disk Sanitization Procedures NIH 06/01/01
USAID Mission Site Vulnerability Assesment USAID 06/13/01
Securing POP Mail on Windows Clients NASA 06/13/01

Back to Top

DISA Security Technology Implementation Guides (STIGs)

Direct access to Defense Information Systems Agency (DISA) Security Technology Implementation Guides (STIGs) and Checklists are available on the DISA home page:

On the DISA web page, you may sign up for the "STIG-News Mailing List:" to be notified when the latest STIGs are available.

Back to Top

FASP Points of Contact

All Practices, Checklists, and Implementation Guides are collected, maintained, and disseminated by the Computer Security Division, National Institute of Standards and Technology. Any of the people listed below will welcome your questions and provide an appropriate response.

Kevin Stine
Computer Security Division
National Institute of Standards and Technology
100 Bureau Drive, MS 8930
Gaithersburg, MD 20899-0001
301-975-4483 [voice]
301-975-4007 [fax]