Educause Security Discussion mailing list archives
Update on NASA IT Security Requirements
From: Rodney Petersen <rpetersen () EDUCAUSE EDU>
Date: Sat, 25 Jan 2003 16:10:02 -0500
I have recently received some inquiries regarding NASA IT Security Requirements that have been discussed in a number of venues. Below is an update. The NASA requirements currently apply to "contracts" not "grants". Below are two references with more information about the requirements for the IT security clause in NASA contracts: 02-04 Procurement Information Circular (February 19, 2002) SECURITY REQUIREMENTS FOR UNCLASSIFIED INFORMATION TECHNOLOGY (IT) RESOURCES http://www.hq.nasa.gov/office/procurement/regs/pic02-04.html IT Security Clause Implementation: List of Feed Back Items, FAQ, and Additional Guidance http://ec.msfc.nasa.gov/hq/library/IT_Security_FAQ.html However, note that the FAQ states that "guidance will be forthcoming that will require some IT Security to apply to Grants . . . and Cooperative Agreements." On December 19, 2002, NASA included the requirement in "Cooperative Agreements with Commercial Firms" - see http://ec.msfc.nasa.gov/hq/grantd.html#1274937 I had also heard before the holidays that NASA indicated it would be extending the IT security requirements to "grants" and "cooperative agreements" with higher education, hospitals, and other non-profit organizations. I am trying to run down a reference or more information. Please let me know if you have any further questions. Rodney Petersen Security Task Force Coordinator ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- Update on NASA IT Security Requirements Rodney Petersen (Jan 25)