The purposes of this document are to:
- Establish the information security requirements for NASA relative to the policy set forth in NASA Policy Directive (NPD) 2810.1, "NASA Information Security Program." The procedural requirements, herein prescribe roles, responsibilities, and conditions that directly or indirectly promote information security throughout the life cycle of all NASA information and information systems.
- Identify information security policies, procedures, and practices which are appropriate to NASA's mission, and are consistent with applicable federal laws, executive orders, directives, policies, and regulations.
- Serve as a reference to the NASA community regarding specific information security roles and responsibilities, and provide resources where more detailed information may be found.