Banner - CIO/HPCC IT Security Office
Search CIO Sites

NOAA CIO Homepage
Home - IT Security Office

 

Graphic Divider for IT Security Office Section
Bullet NOAA IT Security Conference 2004
Bullet Mission Statement
Bullet Staff
Bullet IT Security Officers
Graphic Divider for IT Security Program Section
Bullet Policies, Regulations & Laws
Bullet Action Items & Due Dates
Bullet IT Security Committee
Bullet Antivirus Software
Bullet Personal Firewall Software
Graphic Divider for Computer Incident Response Team Section
Bullet N-CIRT
Bullet Watches and Warnings
Bullet Form 47-43
Bullet Warning Banners 
Bullet Web Resources
Bullet N-CIRT TechNotes
Graphic Divider for Training, Education and Awareness Section
Bullet Visible Statement Screensaver Software
Image Denoting External Link 2004 IT Security Awareness Course
Image Denoting External Link SANS On-line Training Courses, Certification and Conferences
Bullet Unix Effective Security Measures Course
Bullet Frontline Bulletins
Bullet Other TEA
   

 


IT Security Mission Statement


IT Security Program Mission: The National Oceanic and Atmospheric Administration (NOAA) has established and implemented an Information Technology (IT) Security Program which provides reasonable and acceptable assurance that IT systems are performing as specified; that information is provided adequate protection; that data and software integrity is maintained; and, that unplanned disruptions of processing will not seriously impact mission accomplishment.

The NOAA IT Security Program implements policies, standards, and procedures which are consistent with government-wide laws and regulations, to assure an adequate level of protection for IT systems whether maintained in-house or commercially. The "Computer Security Act of 1987," Public Law 100-235 and Office of Management and Budget (OMB) Circular A-130 require all federal agencies to plan for the security of all IT systems throughout their life cycle. OMB Circular A-130 also establishes a minimum set of controls to be included in Federal IT security programs. The circular directs agencies to assure:

  • That IT systems operate effectively and accurately;
  • That there are appropriate technical, personnel, administrative, physical, environmental, and telecommunications safeguards in IT systems;
  • That the continuity of the operations of IT systems that support critical agency functions is preserved.

The Government Information Security Reform Act (GISRA), Title X, subtitle G, of P.L. 106-398, addresses the program management and evaluation aspects of IT security.

NOAA IT Security Program policies represent management's commitment to assuring confidentiality, integrity, availability and control of NOAA's IT resources.

NOAA established a formal incident response capability named the NOAA Computer Incident Response Team (N-CIRT) in 1999. The N-CIRT operational duties include incident response, sharing of common vulnerabilities to the NOAA community, training on proper configurations for security, etc. The N-CIRT coordinates incident responses and is responsible for acting as a source of expertise and information regarding vulnerabilities and responses as pertains to the NOAA environment.


Publication of the IT Security Office, Office of the CIO/HPCC, National Oceanic & Atmospheric Administration (NOAA), U.S. Department of Commerce

Privacy Statement | Disclaimer | Contact Info | N-CIRT PGP Public Key

Last Update: May 24, 2004 2:37 PM