Office of the Manager, National Communications System (OMNCS), Public Switched Network Security Assessment Guidelines (Sept. 2000) (full-text).
This guide offers guidelines and methodologies for conducting a security assessment for service providers. The purpose is to provide a common framework to enable better identification of security risks by new and existing carriers, and to evaluate and address those risks in an efficient and effective way. The guide focuses on security issues specific to the PSN. General computer and data network security issues are included only when they are relevant to PSN security, since other guides address those areas.
This guide describes a risk assessment procedure to identify high-value, high-risk components of a service provider's network and information assets. The risk assessment is designed to form the basis of a review of the service provider's overall security stature. Following the description of the risk assessment methodology are a series of descriptions of important security aspects of various components of the provider's network and operations.
These include descriptions of security policy, physical security, network element and operations security, network access security, security training and awareness programs, and intrusion response procedures.