The National Security Telecommunications and Information Systems Security Committee (NSTISSC) was established by President Bush under National Security Directive 42 (NSD 42) entitled, "National Policy for the Security of National Security Telecommunications and Information Systems," dated July 5, 1990. It reaffirmed the Secretary of Defense as the Executive Agent and the Director, National Security Agency as the National Manager for National Security Telecommunications and Information Systems Security. In addition, the Directive establishes the NSTISSI.
The NSTISSC provided a forum for the discussion of policy issues, sets national policy, and promulgates direction, operational procedures, and guidance for the security of national security systems through the NSTISSC Issuance System. National security systems contain classified information or:
- a. involves intelligence activities;
- b. involves cryptographic activities related to national security;
- c. involves command and control of military forces;
- d. involves equipment that is an integral part of a weapon or weapons system(s); or
- e. is critical to the direct fulfillment of military or intelligence missions (not including routine administrative and business applications).
- NSTISSC, Policy 200 on Controlled Access Protection (July 15, 1987).
- NSTISSC, Policy 300 on Control of Compromising Emanations (Nov. 29, 1993).
- NSTISSC, Directive 500 on Telecommunications and Automated Information Systems Security (TAISS) Education, Training, and Awareness (Feb. 25, 1993).
- NSTISSC, Directive 600 on Communications Security (COMSEC) Monitoring (Apr. 10, 1990).
- NSTISSC, Directive 1000 on National Information Assurance Certification and Accreditation Process (NIACAP) (Apr. 2000).
- NSTISSI 4005, Safeguarding COMSEC Facilities and Material (Aug. 1997).
- NSTISSI 4009, National Information Systems Security Glossary (Sept. 2000).
- The National Security Telecommunications and Information Systems Security Committee (NSTISSC) (Mar. 29, 2006) (full-text).