Office of Mission Support Policies: Security & Privacy

Procedures

• Information Security – Access Control Procedures
• Information Security – Awareness and Training Procedures
• Information Security – Audit and Accountability Procedures
• Information Security – Assessment, Authorization and Monitoring (CA) Procedure
• Information Security – Configuration Management (CM) Procedure
• Information Security – Contingency Planning (CP) Procedure
• Information Security – Identification and Authentication (IA) Procedure
• Information Security – Incident Response (IR) Procedures
• Information Security – Maintenance (MA) Procedure
• Information Security – Media Protection (MP) Procedure
• Information Security – Physical and Environmental Protection (PE) Procedure
• Information Security – Planning (PL) Procedure
• Information Security – Personnel Security (PS) Procedure
• Information Security – Risk Assessment (RA) Procedure
• Information Security – System and Services Acquisition (SA) Procedure
• Information Security – System and Communications Protection (SC) Procedure
• Information Security – System and Information Integrity (SI) Procedure
• Information Security – Roles and Responsibilities Procedures
• Spillage of Classified Information onto Unclassified Systems Procedure
• Information Security – Privacy Procedures
• Information Security – Program Management (PM) Procedure
• Information Security - Data Loss Prevention Procedure
• Information Security – Supply Chain Risk Management (SR) Procedure
• Information Security – Detecting Counterfeit Information and Communications Technology Products Procedure

Standards

• Information Security – EPA National Rules of Behavior

Guidance

• Information Security – Guidance for Manually Completing the Information Security Awareness Training

Procedures

• Responding to Personally Identifiable Information (PII) Breach Procedure
• Systems of Records Notices (SORN) Privacy Act Procedure
• Procedures for Preparing Privacy Act Statements
• Personally Identifiable Information (PII) Incident Handling & Response Procedure
• Conducting Privacy On-Site Reviews Procedure
• Processing Privacy Act Requests Procedure
• Computer Matching Agreement Procedure
• Protecting Sensitive Personally Identifiable Information (SPII)

Procedures

• International Travel Procedures for Mobile Devices
  • Mobile Computing Management Procedure

Procedures

• Controlled Unclassified Information (CUI) Procedure