1. LawStack
  2. Title 32 - National Defense
  3. Subtitle B - OTHER REGULATIONS RELATING TO NATIONAL DEFENSE
  4. Chapter XX - INFORMATION SECURITY OVERSIGHT OFFICE, NATIONAL ARCHIVES AND RECORDS ADMINISTRATION
  5. Part 2004 - NATIONAL INDUSTRIAL SECURITY PROGRAM (NISP)
  6. Subpart A - Implementation and Oversight
  7. 32 CFR § 2004.11
32 CFR § 2004.11
CSA and agency implementing regulations, internal rules, or guidelines
July 1, 2020
CFR

(a) Each CSA implements NISP practices in part through policies and guidelines that are consistent with this regulation, so that agencies for which it serves as the CSA are aware of appropriate security standards, engage in consistent practices with entities, and so that practices effectively protect classified information those entities receive (including foreign government information that the U.S. Government must protect in the interest of national security).

(b) Each CSA must also routinely review and update its NISP policies and guidelines and promptly issue revisions when needed (including when a change in national policy necessitates a change in agency NISP policies and guidelines).

(c) Non-CSA agencies may choose to augment CSA NISP policies or guidelines as long as the agency policies or guidelines are consistent with the CSA's policies or guidelines and this regulation.

Previous
§ 2004.10 Responsibilities of the Director, Information Security Oversight Office (ISOO)
Next
§ 2004.12 ISOO review of agency NISP implementation

Tried the LawStack mobile app?

Join thousands and try LawStack mobile for FREE today.

  • Carry the law offline, wherever you go.
  • Download CFR, USC, rules, and state law to your mobile device.

Designed and built by Tekk Innovations LLC, the makers of the LawStack iPhone app or Android app.

© 2020 Tekk Innovations LLC