Term:Information System Security Engineering

From FISMApedia
Jump to: navigation, search

DoDD 8581.01

Information System Security Engineering (ISSE) - A sub-discipline under system engineering that considers the value of the information and information assets, threats to and vulnerabilities of those assets, and the affordability of IA solutions. ISSE considers all aspects of IA products, services, measures, and techniques needed to protect ISs and networks using a comprehensive, defense-in-depth approach that integrates the capabilities of personnel, operations, and technology to achieve an appropriate level of protection. E2.1.23.

DoDI 8500.02

Information System Security Engineering (ISSE) - An engineering process that captures and refines information protection requirements and ensures their integration into IT acquisition processes through purposeful security design or configuration. E2.1.34.

DoDI 8510.01

Information System Security Engineering - See Reference (d). E2.41.

NIST SP 800-37r1 Draft

Information System Security Engineering - Process that captures and refines information security requirements and ensures their integration into information technology component products and information systems through purposeful security design or configuration.

Retrieved from "http://fismapedia.org/index.php?title=Term:Information_System_Security_Engineering&oldid=39703"