FR Doc 05-1912


[Federal Register: February 2, 2005 (Volume 70, Number 21)]
[Notices]               
[Page 5420]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr02fe05-33]                         


[[Page 5420]]

-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

Office of the Secretary

 
General Solicitation of Comments From the General Public on 
Review of the National Information Assurance Partnership (NIAP)

AGENCY: Office of the Secretary, DOD, National Cyber Security Division, 
DHS.

ACTION: Notice for general solicitation of comments.

-----------------------------------------------------------------------

SUMMARY: The National Strategy to Secure Cyberspace, issued by the 
Office of the President in February of 2003 required the Federal 
Government to conduct a comprehensive review of the National 
Information Assurance Partnership (NIAP) to determine the extent to 
which it is adequately addressing the continuing problem of security 
flaws in commercial software products. The Department of Defense (DoD) 
and the Department of Homeland Security (DHS) were tasked with 
conducting the review on behalf of the Federal government. In an effort 
to ensure a comprehensive review of the subject, DoD and DHS seek 
public comment on the issues that should be considered before 
completing this review.

DATES: Comments must be received on or before March 4, 2005.

ADDRESSES: Submit comments electronically to DOD/DHS at 
NIAPReview@ida.org. Send written comments to: The Institute for Defense 

Analyses, 4850 Mark Center Drive, Alexandria, VA 22311, Attention: NIAP 
Review.

FOR FURTHER INFORMATION CONTACT: Dr. Greg Larsen, Institute for Defense 
Analyses, (703) 845-6661, e-mail: glarsen@ida.org.

SUPPLEMENTARY INFORMATION: During this review, DoD and DHS considered 
the results of current policy and practices, the general efficacy and 
adequacy of current capabilities, and the expectations of stakeholders. 
In addition, the scope of the review was extended beyond NIAP security 
testing, evaluation and assessment of information technology (IT) 
products to include the policy support infrastructure and integration 
into system development acquisition processes.
    NIAP is a U.S. Government initiative originated to meet the 
security testing needs of both IT consumers and producers. NIAP is 
collaboration between the National Institute of Standards and 
Technology (NIST) and the National Security Agency (NSA) in fulfilling 
their respective responsibilities under Pub. L. 100-235 (Computer 
Security Act of 1987). To obtain more information on NIAP please go to: 
http://niap.nist.gov/.

    To obtain a copy of The National Strategy to Secure Cyberspace 
please go to:  http://www.dhs.gov/interweb/assetlibrary/National_Cyberspace_Strategy
,pdf.


    January 28, 2005.
Jeannette Owings-Ballard,
OSD Federal Register Liaison Officer, Department of Defense
[FR Doc. 05-1912 Filed 2-1-05; 8:45 am]

BILLING CODE 5001-06-M