Clinger–Cohen Act of 1996 (Public Law 104-208, which amended Public Law 104-106, the Information Technology Management Reform Act of 1996), 1996.
Committee on National Security Systems (CNSS) Instruction No. 1253, Version 1, Security Categorization and Control Selection for National Security Systems, October 2009.
Computer Security Act of 1987 (Public Law 100-235), January 1988.
Department of Defense Instruction 5200.40, Department of Defense Information Technology Security Certification and Accreditation Process (DITSCAP), December 1997.
Department of Defense Instruction 8510.01, Department of Defense (DoD) Certification and Accreditation (C&A) Process (DIACAP), November 2007.
Director of Central Intelligence Directive ...