SSDOO Undergoes ITS Compliance Review

Volume 13, Number 3, September 1997
By Richard Chu

Every three years all data processing installation (dpi) sites at each NASA Field Center are due for an Information Technology Security (ITS) Compliance Review to determine the level of compliance with the center's ITS minimum protective baseline requirements. The review process involves interviews of key ITS personnel; a walk-through of work areas; examination of security, risk management, and contingency plans; and observations of facility operating procedures.

The GSFC Security Office (GSO) held an ITS Compliance Review for the Space Science Data Operations Office (SSDOO)/NSSDC computer facilities on July 16, 1997. The compliance was evaluated pertaining to management oversight of the risk management process, contingency planning, system and network administration, incident reporting and response, and ITS awareness training. The review consisted of 27 ITS requirements, not too exhaustive, but representing a survey to identify trends in overall compliance with Federal and Agency ITS Program Guidelines.

The result of the review is that the SSDOO is in full compliance with the minimum federal and agency requirements for each of the 27 ITS requirements in the GSO's executive summary report. The GSO identified no required actions and has adopted SSDOO's ITS Rules of Behavior as a sample for the center.

Return to NSSDC News Table of Contents


Miranda Beall, beall@nssdca.gsfc.nasa.gov, (301) 286-0162
Hughes STX, Code 633, NASA Goddard Space Flight Center
Greenbelt, MD 20771, U.S.A.

Erin D. Gardner, gardner@nssdca.gsfc.nasa.gov, (301) 286-0163
Hughes STX, Code 633, NASA Goddard Space Flight Center
Greenbelt, MD 20771, U.S.A.



NASA home page GSFC home page GSFC organizational page

Author:Miranda Beall
Curators: Erin Gardner and Miranda Beall
Responsible Official: Dr. Joseph H. King, Code 633
Last Revised: 22 OCT 1997 [EDG]