(1) Committee for National Security Systems (CNSS) Instruction 4009, National Information Assurance Glossary, May 2003.
(2) [[E-Government Act of 2002 (Public Law 107-347), December 2002.
(3) Federal Information Processing Standards Publication 199, Standards for Security Categorization of Federal Information and Information Systems, February 2004.
(4) Federal Information Security Management Act of 2002 (Public Law 107-347, Title III), December 2002.
(5) Information Technology Management Reform Act of 1996 (Public Law 104-106), August 1996.
(6) National Institute of Standards and Technology Special Publication 800-18, Revision 1, Guide for Developing Security Plans for Federal Information Systems, February 2006.
(7) National Institute of Standards and Technology Special Publication 800-53, Recommended Security Controls for Federal Information Systems, February 2005.
(8) National Institute of Standards and Technology Special Publication 800-60, Guide for Mapping Types of Information and Information Systems to Security Categories, June 2004.
(9) Office of Management and Budget, Circular A-130, Transmittal Memorandum #4, Management of Federal Information Resources, Appendix III, Security of Federal Automated Information Resources, November 2000.