FEA Security and Privacy Profile, Version 2.0

Keyword
区分
プロファイル(Profile)
発行日付
2006/06/01
発行者
CIO Council
原資料
PDF リンク切れ
複写資料
Security_and_Privacy_Profile_v2.pdf
参考資料
PDF

概要

The Federal Chief Information Officers Council published initial versions of the Federal Enterprise Architecture Security and Privacy Profile (FEA SPP) in July 2004 and July 2005. The current version of the methodology (Version 2.0) was modified based on validation exercises and an assessment of related documents. Validation testing was conducted at two Federal agencies1 to verify the methodology’s utility. Validation consisted of abbreviated applications of the FEA SPP methodology. An assessment of relatively new standards and documents such as Federal Information Processing Standards Publication (FIPS PUB) 199, Standards for Security Categorization of Federal Information and Information Systems; FIPS PUB 200, Minimum Security Requirements for Federal Information and Information Systems; and Data Reference Model (DRM) Version 2.0 have added to the utility of this document. FEA SPP Version 2.0 supersedes previous FEA SPP releases.

The FEA SPP is voluntary guidance applicable to any Federal government agency; it does not supersede or modify any law, regulation, or executive branch policy. Rather than providing a comprehensive discussion of requirements, the FEA SPP provides best practices and recommendations to promote the successful incorporation of security and privacy into an organization’s enterprise architecture and to ensure appropriate consideration of security and privacy requirements in agencies’ strategic planning and investment decision processes.

(Document History)