The NSA’s Systems Security Engineering Office provides Information Systems Security Engineering (ISSE) for a significant number of U.S. system development efforts. In performing this mission a large amount of system-level Information Assurance (IA) guidance is developed by the NSA specifically for those system developments. The NSA’s Systems Security Engineering Office recognizes that many system developers face the same or similar IA challenges and need appropriate IA guidance. To meet this need the NSA’s Systems Security Engineering Office is developing and publishing generalized IA guidance. This effort takes advantage of existing NSA expertise and enables it to be applied to many system development efforts. Although beneficial, the generalized IA guidance provided is not a substitute for a sound ISSE activity that should be an integral part of all system development efforts.
You can access any of the IA guidance documents by clicking on the document’s title. You can also access an executive summary, via the executive summary link, that may aid you in determining whether the guidance will be useful to you.
Title | File Size | Updated |
---|---|---|
SSE-100-1, National Security Agency Information Assurance Guidance for Systems Based on a Security Real-Time Operating System* (click here for executive summary) | 2,287KB | 14 Dec 05 |
Guidance for Addressing Malicious Code Risk* | 296KB | 10 Sep 07 |