Text version of Figure 2: IT Security Program -- Process of Continual Evaluation and Improvement
GISRA
Systems Security Program Plan, FY 2001
IT Security Architecture, July 2001
Security Infrastructure Working Group
Configuration and Change Management:
-- Baselines
-- IT CCB
-- Centralized Administration (SMS)
flows to
Certification and Accreditation:
-- NIACAP
-- SSPP
-- OpenNet Plus CAP
-- C&A Document
flows to
Penetration Testing and Site Surveys:
-- Automated Tools
-- Firewalls
flows to Remediation of Vulnerabilities
flows back to Configuration and Change Management.
[end]
