NSDD 145 National Policy on Telecommunications and Automated Information Systems Security

Extracted text

OCR Page 1 of 12
INCLASSIFIED shall be protected in proportion to the threat of exploitation and the associated potential damage to the national security. C. The government shall encourage, advise, and, where appropriate, assist the private sector to: identify systems which handle sensitive non-government information, the loss of which could adversely affect the national security; determine the threat to, and vulnerability of, these systems; and formulate strategies and measures for providing protection in proportion to the threat of exploitation and the associated potential damage. Information and advice from the perspective of the private sector will be sought with respect to implementation of this policy. In cases where implementation in of security measures to non-governmental systems would be the national security interest, the private sector shall be encouraged, advised, and, where appropriate, assisted in under- taking the application of such measures. d. Efforts and programs begun under PD-24 which support these policies shall be continued. (U) level steering group; an interagency group at the operating 3. Implementation. This Directive establishes a senior level; an executive agent and a national manager to implement these objectives and policies. (U) 4. Systems Security Steering Group. a. A Systems Security Steering Group consisting of the Secretary of State, the Secretary of the Treasury, the Secretary of Defense, the Attorney General, the Director of the Office of Management and Budget, the Director of Central National Security Affairs is established. The Steering Group Intelligence, and chaired by the Assistant to the President for shall: (1) Oversee this Directive and ensure its Agent and through him to the National Manager with respect to implementation. It shall provide guidance to the Executive the activities undertaken to implement this Directive. (2) Monitor the activities of the operating level National Telecommunications and Information Systems accordance with the objectives and policies contained in this Security Committee and provide guidance for its activities in Directive. (3) Review and evaluate the security status of those telecommunications and automated information systems that handle classified or sensitive government or government-derived information with respect to established objectives and priorities, and report findings and recommendations through the National Security Council to the President. "INCLASSIFIED