An Analysis of Department of Defense Instruction 8500.2 'Information Assurance (IA) Implementation.' Metadata

Metadata describes a digital item, providing (if known) such information as creator, publisher, contents, size, relationship to other resources, and more. Metadata may also contain "preservation" components that help us to maintain the integrity of digital files over time.

Title

  • Main Title An Analysis of Department of Defense Instruction 8500.2 'Information Assurance (IA) Implementation.'

Creator

  • Author: Campbell, Philip LaRoche
    Creator Type: Personal

Contributor

  • Sponsor: United States. Department of Energy.
    Contributor Type: Organization

Publisher

  • Name: Sandia National Laboratories
    Place of Publication: United States

Date

  • Creation: 2012-01-01

Language

  • English

Description

  • Content Description: The Department of Defense (DoD) provides its standard for information assurance in its Instruction 8500.2, dated February 6, 2003. This Instruction lists 157 'IA Controls' for nine 'baseline IA levels.' Aside from distinguishing IA Controls that call for elevated levels of 'robustness' and grouping the IA Controls into eight 'subject areas' 8500.2 does not examine the nature of this set of controls, determining, for example, which controls do not vary in robustness, how this set of controls compares with other such sets, or even which controls are required for all nine baseline IA levels. This report analyzes (1) the IA Controls, (2) the subject areas, and (3) the Baseline IA levels. For example, this report notes that there are only 109 core IA Controls (which this report refers to as 'ICGs'), that 43 of these core IA Controls apply without variation to all nine baseline IA levels and that an additional 31 apply with variations. This report maps the IA Controls of 8500.2 to the controls in NIST 800-53 and ITGI's CoBIT. The result of this analysis and mapping, as shown in this report, serves as a companion to 8500.2. (An electronic spreadsheet accompanies this report.)
  • Physical Description: 136 p.

Subject

  • Keyword: Implementation
  • Keyword: Information Systems
  • Keyword: Information
  • Keyword: Us Dod
  • STI Subject Categories: 99 General And Miscellaneous//Mathematics, Computing, And Information Science

Collection

  • Name: Office of Scientific & Technical Information Technical Reports
    Code: OSTI

Institution

  • Name: UNT Libraries Government Documents Department
    Code: UNTGD

Resource Type

  • Report

Format

  • Text

Identifier

  • Report No.: SAND2012-0110
  • Grant Number: AC04-94AL85000
  • DOI: 10.2172/1034875
  • Office of Scientific & Technical Information Report Number: 1034875
  • Archival Resource Key: ark:/67531/metadc829265