This is a potential security issue, you are being redirected to https://csrc.nist.gov
The high-level policy for the security services that are to be supported by a computer for protecting its applications, stored data, and communications, and the rules to be followed in verifying user identities and authorizing their requests before they are granted.
NIST SP 800-152 under Computer Security Policy
documentation of computer security decisions
NIST SP 800-12 [Superseded]