Contact SiteMap

Home > Library > Information Technology Security Training Requirements

Federal agencies and organizations cannot protect the integrity, confidentiality, and availability of information in today’s highly networked systems environment without ensuring that each person involved understands their roles and responsibilities and is adequately trained to perform them. The human factor is so critical to success that the Computer Security Act of 1987 (Public Law [P.L.] 100-235) required that, “Each agency shall provide for the mandatory periodic training in computer security awareness and accepted computer practices of all employees who are involved with the management, use, or operation of each Federal computer system within or under the supervision of that agency.”

This framework includes the IT security training requirements appropriate for today’s distributed computing environment and provides flexibility for extension to accommodate future technologies and the related risk management decisions.

800-16_Information_technology_security_training_requirements.pdf

1. An Introduction to Computer Security: The NIST Handbook
2. Information Security Guide For Government Executives
3. Information Security Handbook: A Guide for Managers
4. Risk Management Guide for Information Technology Systems
5. Minimum Security Requirements for Federal Information and Information Systems
6. Generally Accepted Principles and Practices for Securing Information Technology Systems
7. Guide for Developing Security Plans for Federal Information Systems
8. Recommended Security Controls for Federal Information Systems
9. Standards for Security Categorization of Federal Information and Information Systems
10. Building an Information Technology Security Awareness and Training Program
11. Information Technology Security Training Requirements
12. Contingency Planning Guide for Information Technology Systems
13. Computer Security Incident Handling Guide
14. Creating a Patch and Vulnerability Management Program
15. Guideline for The Analysis Local Area Network Security
16. Guideline on Network Security Testing
17. Guidelines on Firewalls and Firewall Policy
18. Guidelines on Electronic Mail Security
19. Guidelines for Media Sanitization