Security Guideline for the Electricity Sector:
Information Protection (Update for 30-Day CIPC Comment Period)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
Preamble:
40
41
2. Classification
Levels of document security
42
43
3. Labeling
Requirements for labeling documents
44
4. Handling
It is in the public interest for NERC to develop guidelines that are
useful for improving the reliability of the bulk electric system.
Guidelines provide suggested guidance on a particular topic for use by
bulk electric system entities according to each entity’s facts and
circumstances and not to provide binding norms, establish mandatory
reliability standards, or be used to monitor or enforce compliance.
Introduction:
This Guideline addresses potential risks that can apply to some Electricity Sector
Organizations and provides practices that can help mitigate the risks. Each
organization decides the risk it can accept and the practices it deems appropriate
to manage its risk.
This Guideline provides a suggested framework for protecting information related
to sensitive company information that may include business information,
personnel information, and information in support of NERC Standards.
Scope of Application:
This Guideline applies to all essential infrastructure owners and operators, and in
particular, to personnel responsible for making information available to others
within or outside their company or agency.
Essential infrastructure owners and operators should implement an information
protection program to protect essential infrastructure information and to control
access to this information. This Guideline provides a suggested framework for
such a program.
Guideline Details:
An entity implementing an Information Protection Program (IP Program) should
define an Information Management Lifecycle to identify, protect and control
information subject to the IP Program. The IP Program should address all
aspects of information handling from creation through use, storage and
destruction of the information.
Information Management Lifecycle Overview:
1. Identification
Method of identifying documents subject to this Guideline
45
How documents are handled when in use
46
47
5. Access Control
Method of requesting and granting access to restricted documents
48
49
6. Logging Activity
Logging access, updates, etc. to a document
50
51
7. Storage
How documents of different security levels are required to be stored
52
53
8. Transmittal
How documents are sent to either internal or external destinations
54
55
9. Destruction
Methods of destroying and recording destruction of documents
56
57
10. Inventory
Tracking sensitive documents
58
59
11. Lost or Compromised Documents
Responding to lost, stolen or otherwise compromised documents
60
61
Appendix A. Document Management System
Using an electronic storage system to manage documents
62
63
64
Appendix B. Monitoring and Assessing the Information Protection Program
Evaluating the effectiveness of the IP Program process; correcting
deficiencies
65
66
67
Appendix C. Encryption
What types of encryption should be used; how encryption should be
implemented
68
69
Appendix D. Protected Critical Infrastructure Information (PCII)
Designation of information released to government agencies as PCII
70
Appendix E. Examples of Information to be Protected
71
72
Appendix F. Definitions
Definitions of terms used in this document
73
74
75
76
77
78
79
80
81
82
83
84
Appendix G. References
References to more information about topics in this document
1. Identification
Information to be protected should be identified as early in the information
creation process as possible. Information subject to this Guideline can be in
hardcopy or electronic form. Examples of information addressed by this
Guideline are listed in Appendix E. The IP Program should include a provision for
capturing and identifying information as the information is created. The IP
Program identification section should also include provision for examining and
identifying information that exists at the time the IP Program becomes effective.
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
The IP Program identification section should contain specific categories of
information to be protected. These categories should include, but may not be
limited to, operational procedures, critical asset lists, network topology or similar
diagrams, floor plans and equipment layouts of essential facilities, disaster
recovery plans, incident response plans, and security configuration information.
Information to be protected should be assigned an Information Protection Owner
(IP Owner). The IP Owner will be responsible for classification and access
control of the information.
Information identified by this section of the IP Program should be subject to the
remaining provisions of the IP Program, such as inventory, classification, etc.
2. Classification
Information should be classified according to a defined scheme. The typical
classification system consists of two or more levels, with each level requiring
different methods of handling, storage, etc. An entity may use the following
example classification system as a starting point in developing its own system:
Classification Level
Public
Proprietary
Sensitive
Confidential
Description
Information which may be safely released to the
general public. This level may also include information
required to be disclosed to the public such as financial
results. Note that classifying information as “Public” is
not necessarily an authorization to release said
information. Examples may include outage statistics
and estimated restoration times.
Information which may be obtained by any employee
but should not be released to the public. Examples
may include organization charts, telephone lists or
budget information.
Information which may contribute to understanding or
identifying an essential system. Information at this
level does not contain enough detail to be able to
compromise assets, but may contribute to an
attacker’s knowledge of the essential system.
Examples may include operational procedures, lists of
assets, network diagrams, floor plans, equipment
layouts and disaster recovery plans.
Information which significantly enhances the
probability of a successful compromise of an essential
system. Examples may include incident response
plans, security configurations, password lists and
results of physical or cyber vulnerability assessments.
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
Further sections of this Guideline will refer to these example classification levels.
An entity implementing an IP Program should map these example levels to its
own classification scheme.
3. Labeling
Labels should be used as appropriate to indicate the Classification Level of
protected information. Labels may be considered as external, such as a
“Confidential” sticker placed on a backup tape, or internal, such as the
Classification Level of a report being included in the report header. The IP
Program should state clearly when labeling is required and the type of label
required.
If possible, information should be internally labeled with its classification level.
Most documents and reports should be capable of being internally labeled.
Information stored on live computer systems such as servers, desktop
workstations and laptops need not carry an external label. Removable media
such as CD, DVD and magnetic tape should carry an external label.
The following table gives suggested labeling at different classification levels:
Classification Level
Public
Proprietary
Sensitive
Confidential
Suggested Label Requirements
No label required. Note that many entities have a
screening or authorization process for public release of
information.
No label required. A label may be required if this
information is released to a third party under nondisclosure agreement.
Documents or reports should be required to carry the
word “Sensitive” in a defined place, usually the center
of the document footer. Procedures should be in place
to ensure reports generated from Sensitive databases
or logs carry the “Sensitive” designation in the header
or footer of each page. Interactive screens may be
required to show the “Sensitive” designation if the data
comes from a Sensitive database.
Documents or reports should be required to carry the
word “Confidential” in a defined place such as a
watermark. If a watermark is not feasible, the label
should appear in the document header or document
footer. Procedures should be in place to ensure
reports generated from Confidential databases or logs
carry the “Confidential” designation in the header or
footer of each page. Interactive screens may be
required to show the “Confidential” designation if the
data comes from a Confidential database.
129
130
131
132
133
134
135
4. Handling
Information handling requirements specify precautions to take while using
protected information. The intent of the handling requirements is to prevent
disclosure of the protected information during its normal use.
Classification Level
Public
Proprietary
Sensitive
Confidential
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
Suggested Handling Requirements
None
If the information is used in a facility that is open to
public access, precautions similar to those at the
“Sensitive” level should be used. Otherwise, none.
Hardcopy should not be posted or left unattended in a
non-restricted area such as a conference room.
Computers in a non-restricted area with access to
Sensitive information should be locked or otherwise
secured when not attended by an authorized
individual.
Hardcopy should not be posted or left unattended.
Computers capable of displaying Confidential
information should not have screens visible from nonsecured areas. For example, some control rooms have
viewing windows behind the operator positions. If
screens are visible from these windows, protected
information may be inadvertently compromised.
Printers and copiers should be physically monitored
while producing Confidential hardcopies.
5. Access Control
The IP Program should contain provisions for control of access to protected
information. The components of an access control system may include:
 Identification of the person responsible for controlling access to the
information (IP Owner). The IP Owner may have one or more designated
alternates assigned.
 The IP Owners should be identified on a list of information owners
maintained for the responsible entity. The list should contain, at minimum,
the IP Owner’s name, title, and business phone. Each entry in the
Information Inventory (see Inventory) should be associated with an IP
Owner on this list. The list of IP Owners may be part of the Information
Inventory.
 The list of IP Owners should be reviewed and approved at least annually.
Record of the annual review and approval should be kept.
153
154
155
156
157
158
159


Access privileges for each document in the Information Inventory should
be reviewed and approved at least annually. Record of the annual review
and approval should be kept.
The IP Program should specify a provision for revoking access when such
access is no longer required. Revocation should not be delayed until the
annual review.
Classification Level
Public
Proprietary
Sensitive
Confidential
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
Suggested Access Control Restrictions
Read-only; write permissions should be granted onty
to those authorized to modify the information.
Access restricted to employees only. Access to
contractors and third parties permitted under NonDisclosure Agreement (NDA).
Employees, contractors with NDA and third parties
with NDA may be granted access. Access may be
granted to groups of Sensitive documents or to all
Sensitive documents.
Access should be restricted to personnel with a need
to know only. Contractors or third parties with need for
Confidential documents should be granted access only
after legal review of the NDA to ensure the NDA is
sufficient for this level of access. Access should be
granted only to individual documents for a defined time
period. When the time period expires the access
privilege should be reviewed and renewed only if still
needed.
6. Logging Activity
An IP Program should have a provision for logging activity associated with
protected information. Logs may be electronic or hardcopy, depending on the
needs of the information being protected. Logs may contain the following
information:
 Identification of the information affected
 Type of activity
 Date and time of activity
 Individual performing the activity
 Individual approving the activity
The following types of activity are candidates for logging:
 Information creation
 Access to information
 Information modification
 Duplication of information
 Transmittal of information to third parties
179
180
181


Change of classification level
Destruction of information
Classification Level
Public
Proprietary
Sensitive
Confidential
182
183
184
185
186
187
188
189
190
191
None
Release to third party under NDA; change of
classification level
Creation, modification and destruction; release to third
party under NDA; change of classification level
Creation, modification, duplication, access and
destruction; release to third party under NDA; change
of classification level
7. Storage
The method used for storage of protected information should be specified in the
IP Program. The methods used will vary based on the form of the information
(hardcopy, electronic) and the classification level of the information. Where an
electronic storage medium is at risk of physical loss (such as a laptop computer
or portable storage device), the information should be stored in encrypted format
regardless of the sensitivity of the information.
Classification Level
Public
Proprietary
Sensitive
Confidential
192
193
194
Suggested Activity Logging
8. Transmittal
Suggested Storage Methods
No restrictions
No restrictions when stored within a facility controlled
by the Responsible Entity; when outside such facility,
hardcopy information should be stored in a locked
container, electronic information should be protected
by password or other access restriction
Hardcopy information should be kept in a locked
storage location such as a cabinet or file drawer;
electronic information should be protected by
restricting access privileges to those with need to
access
Hardcopy information should be kept in a secure
cabinet or file with controlled access to key or
combination; electronic information should be
encrypted and protected by restricting access
privileges and encryption key to those with need to
access. Encryption keys should be unique for each
document.
195
196
197
198
The IP Program should provide acceptable methods of transferring protected
information between authorized individuals. These methods will depend on the
classification level of the information.
Classification Level
Public
Proprietary
Sensitive
Confidential
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
Suggested Transmission Methods
Any
Any non-public communications or transmission
medium such as cell phone, US Mail, interoffice mail in
a reusable envelope or Internet email.
Any non-public communications or transmission
medium with some precaution against unauthorized
eavesdropping or document access. Examples
include: wired telephone service; interoffice mail in a
sealed envelope; US Mail or other common carrier in a
tightly sealed and completely opaque envelope;
internal (non-internet) email system; internet email
encrypted with a password sent under separate cover
A secure transmittal system with confirmation of
document integrity and delivery. Examples include:
bonded courier; internet email encrypted with a
password sent through a different medium; and
encrypted CD or DVD sent through common carrier
with a password sent through a different carrier
9. Destruction
Providing for secure destruction of protected information is crucial to any IP
Program. One of the most popular techniques for information gathering is
“dumpster diving” to find sensitive materials that have not been disposed of
properly. Paper documents should be destroyed with a cross-cut shredder or
burned. Information on computer storage media should be destroyed. NIST
SP800-88 “Guidelines for Media Sanitization” describes the following methods.
 Clear: Overwriting the media with random data.
 Purge: Degaussing the media with a strong magnetic field.
 Destroy: Methods include Disintegration, Pulverization, Melting,
Incineration and Shredding so that particle size does not exceed five
millimeters on any side.
10. Inventory
An IP Program should specify an inventory system to be used to track protected
information. This inventory system should be useful in answering questions such
as:
 What information exists at a Sensitive or Confidential level?
 Who has custody of information at a Confidential level?
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
While an inventory may be implemented as part of a Document Management
System (see Appendix A), it may also be a stand-alone system. Information kept
by an inventory system may include:
 Identification, such as a number or name, of each document or type of
information
 Date of creation of the information
 Location of the information
 Classification level of the information
 List of individuals with authorized access to the information
 List of individuals responsible for granting access to the information
 Retention period for the information
 Date of destruction of the information
 Date and circumstances of possible compromise of the information
12. Lost or Compromised Information
The IP Program should contain provisions for information that is missing or that is
known to be compromised. Such loss can occur in many ways, such as
inadvertent release to public information channels, loss of a laptop computer or
portable storage media, or improper destruction of media. An organization may
wish to consider information known by an employee who is terminated for cause
to be compromised. Alternatively, if an organization has an employment
agreement regarding confidentiality that survives the termination of an employee,
the organization may take that into consideration when determining if information
known by a former employee is compromised.
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
Appendix A. Document Management System
Use of a Document Management System can greatly ease the overhead involved
in information protection. Such systems are available commercially or can be
homegrown. Some functions that these systems can perform are:
 Secure electronic storage of information
 Access control
 Logging of creation, modification, removal or access
 Version control (assignment of version numbering)
 Version history (retention of previous versions of documents)
 Organization of information (such as by standard requiring the documents)
 Collaboration (central repository for teams working on a document)
 Approval workflow (electronically approving documents)
 Scheduled review (for documents that need periodic review and approval)
 Enforce retention policy
 Assist in monitoring and assessing the IP Program
If a Document Management System is implemented, the IP Program should
contain provisions and instructions for its use and administration.
Appendix B. Assessing the Information Protection Program
The IP Program should contain a provision for regularly assessing the IP
Program. Topics for consideration during an assessment include:
 Scope: Does the IP Program protect the information it is intended to
protect? Is there information that should be protected that is not covered
by the IP Program? Is too much information being protected? Are
employees being hindered in their jobs by information that is protected to
little advantage?
 Roles: Are the roles defined by the IP Program correctly assigned? Are
the people in those roles aware of their responsibilities within the IP
Program?
 Information Lifecycle: Is the Information Lifecycle defined by the IP
Program being observed? Is information being identified, classified,
labeled, handled, stored, transmitted and destroyed correctly?
 Access Control: Are the privileges granted to each individual appropriate
to the individual’s job requirements? Are those responsible for approving
access to information still the proper parties?
 Inventory: Is the inventory being kept up to date? Are changes in
information ownership reflected promptly in the inventory?
 Document Management System: Is the Document management System
being used and maintained correctly?
 Lost or Compromised Documents: Are lost or otherwise compromised
documents handled correctly?
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338

Classification of Documents: Are documents still in their correct
classification level?
Results of the assessment should be documented and remediation of any
deficiencies promptly addressed.
Appendix C. Encryption
The purpose of encrypting data is to protect data contents from discovery. There
are two different types of encryption algorithms: symmetric and asymmetric.
Symmetric algorithms are faster to encrypt and decrypt, but key management
can be a challenge. Asymmetric algorithms use two different keys (one for
encryption, one for decryption), which makes key management easier. The
downside being that a management infrastructure needs to be in place. Also, due
to the larger key strengths with asymmetric algorithms, encryption/decryption
operations are slower.
In addition to protecting the data, a good encryption program should also include
a file integrity check. This is generally accomplished with file hashing. Hashing
creates a hex signature of document or file. If the file gets changed, the hash
signature would need to be changed, or else a mismatch will occur. It is highly
recommended to create hash signatures for all encrypted files and storing that
information in a protected manner. Hash updates on confidential data should
have a procedure that requires authorization to complete.
In order to securely transfer and/or store sensitive data, it should be encrypted
with the strongest cipher that a company can support. Any encryption keys used
in encryption/decryption should be classified under the IP program as
"Confidential" data and stored and managed in a secure manner.
Recommendations for an encryption strategy are as follows:

Decide the type of encryption:
o Asymmetric: different keys for encryption and decryption.
 Pros:
 Key management is less of a challenge
 Considered to be more secure than symmetric
encryption because of ability to restrict access to
decryption key
 Cons:
 Requires a public key infrastructure (for public and
private key pair management)
 Slower to encrypt/decrypt
 Initially deploying keys can be a challenge.
o Symmetric: one key to be used for encryption and decryption
 Pros:
 Infrastructure is easier to set up.
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375




Faster encryption/decryption.
Key set up and management is much easier
Key distribution is much easier, though caution must
be taken to secure the key during distribution.
Cons:
 Key control is more challenging.
 Considered less secure, because of key control
challenges (even though algorithms are practically
unbreakable).

Decide the key strength:
o The larger the bit count, the stronger the algorithm.
o The larger the bit count, the longer it takes for encrypt/decrypt.
o Find the right balance between security and performance.
o It is recommended not to use anything less than 128 bits
(symmetric) or 1028 bits (asymmetric) regardless of the data being
encrypted.
o Each organization should clearly specify a minimum acceptable
cipher strength for its own use, as well as a recommended cipher
strength.

Choose an algorithm:
o AES (Advanced Encryption Algorithm) is current government (and
NIST) standard.
 It is a symmetric algorithm with key strengths of 128, 192
and 256 bit.
 The algorithm is (for all practical senses) unbreakable with
modern technology.
o If asymmetric encryption is desired, the most common algorithms
are DSS and RSA
 RSA has a key strength between 1024 and 2048 bits.
 DSS has key strengths between 512 and 1024 bits.

Choose a hashing algorithm:
o In light of research done over the last five years, it is not
recommended to use MD5 or SHA1 for any sensitive data
o It is recommended to use SAH256 or 512.
376
377
378
379
380
381
382
383
384
Appendix D. Protected Critical Infrastructure Information (PCII)
The Protected Critical Infrastructure Information (PCII) Program was established and is
operated by the Department of Homeland Security (DHS). Its goal is to facilitate greater
sharing of critical infrastructure information between the owners and operators of the
critical infrastructures and government entities with infrastructure protection
responsibilities. The overall goal is reducing the nation’s vulnerability to terrorism. PCII
can be used by Federal, State, and Local government entities for the following purposes:
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417



Analyze and secure critical infrastructure and protected systems,
Identify vulnerabilities and develop risk assessments, and
Enhance recovery preparedness measures.
The PCII Program, created a framework which enables members of the private sector to
voluntarily submit confidential information regarding the nation’s critical infrastructure to
the Department of Homeland Security (DHS) with the assurance that the information will
be protected from public disclosure. If the information submitted satisfies the
requirements of the Critical Infrastructure Information Act of 2002, it is protected from:



The Freedom of Information Act (FOIA),
State and local disclosure laws, and
Use in civil litigation.
Information related to the security of critical infrastructure or protected systems, including
documents, records or other information concerning threats, vulnerabilities and
operational experience may be submitted for PCII protection. Qualifying information
must be:



Voluntarily submitted,
Not customarily available in the public domain, and
Not submitted in lieu of compliance with any regulatory requirement.
All PCII recipients share responsibility for ensuring that PCII is properly safeguarded in
accordance with the Critical Infrastructure Information Act of 2002. Penalties for
improper disclosure are fines, imprisonment of not more than one year, or both, and
removal from office or employment.
This program applies to all critical infrastructure not only bulk electric system assets.
Appendix E. Examples of Information to be Protected
Type of Information
Locations & Functions:
Essential assets: function
and physical
location
Examples







Control centers and backup control centers.
Transmission substations supporting the reliable
operation of the Bulk Electric System.
Generation resources supporting the reliable
operation of the Bulk Electric System.
Systems and facilities essential to system
restoration.
Systems and facilities essential to automatic load
shedding.
Special protection systems supporting the reliable
operation of the Bulk Electric System.
Other facilities deemed essential by the
application of the responsible entities’ risk based
Network topology maps


assessment methodology.
Details of essential computer systems (e.g.
operational systems such as EMS, SCADA,
digital control systems, their names and
function, CAD/CAM facilities, network
configuration and firewall policies)
Ties between control areas, congestion points
GIS data of transmission networks and facilities,
etc.
Hierarchical production or process control maps,
charts or diagrams
Diagrams of Electronic Security Perimeters
Bridge and over-surface assets





SCADA-controlled assets
Remotely controlled assets
Fuel, industrial chemicals or waste storage
Emergency coordination centers
Emergency meeting points and stations



Exposed/unprotected
assets
Unmanned assets
Hazardous materials
Contingency facilities
418
Type of Information
Assessments:
Vulnerability or risk
assessments
Examples
Hypothetical impact
assessments


Drills and exercises









Facility limitations
Location/function-specific
ranked data


Security assessments
Risk based methodology used to identify
essential assets.
Hypothetical environmental impact assessments
Information that describes areas likely to be
affected by a failure (e.g. Downstream impact of
dam breach)
Detailed exercise scope and objectives
Operating procedures
Findings and lessons-learned
Backup control center testing procedures
Storm or other high-risk limits
Grid constraints and congestion points
Natural hazard high-risk facilities
Single contingency risks
Quantitative comparisons of assets
419
Type of Information
Operations:
Real time operations data
Examples

Real time MW and flows at critical grid locations
or transfer points
Physical and cyber
security plans
Heightened risk operating
procedures
Emergency response and
business continuity plans














Hourly forebay water elevations
Reports and logs related to cyber assets
Facility and information technology security
capabilities and procedures
Essential production processes
Contingency protection measures
Special protection schemes and their operation
Emergency control actions, procedures and
status when responding to events
Details of response to NERC Alert Levels
Emergency response procedures (e.g. steps to
be taken at a specific facility)
Facility evacuation criteria
Power system restoration plans
Contingency procedures
Minutes of meetings regarding emergency
planning processes and strategies
Post-incident audits or reviews and specific
action plans
Systems used to track changes to software or
hardware systems
Systems used to manage work essential assets
or associated cyber systems
Change Tracking and
Work Management
Systems

Type of Information
Interdependencies:
Personnel information
Examples
Energy and water
sources
Communications assets
and procedures


420
Transportation methods
Key suppliers or
customers










Essential operations or emergency personnel
names, addresses, telephone numbers, contact
information, etc.
Regular or backup energy and water sources
Essential communications processes and
facilities
Key communications contacts and protocols
Key transportation routes for essential services or
personnel
Supply lines to essential facilities (military
installations, hospitals, government facilities, etc.)
Key business process partners
Customer supply points
Number of retail customers served by a specific
facility or portion of the infrastructure
Emergency and backup services
Information that could be used to identify
customers and their critical infrastructure
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
Appendix F. Definitions (incomplete)
Attacker - A person or process that intentionally attempts to violate a system or
systems with the intent to bypass the security of the system and/or relevant data.
Computer System - A complete, working computer. The computer system
includes not only the computer, but also any software and peripheral devices that
are necessary to make the computer function. Every computer system, for
example, requires an operating system.
Essential Infrastructure - Systems and assets, whether physical or virtual, so
vital to the United States that the incapacity or destruction of such systems and
assets would have a debilitating impact on security, national economic security,
national public health or safety, or any combination of these matters.
Essential Infrastructure Information - Information not customarily in the public
domain and related to the security of essential infrastructure or protected
systems.
Facility - Something (as a hospital) that is built, installed, or established to serve
a particular purpose.
Information - The attribute inherent in and communicated by one of two or more
alternative sequences or arrangements of something (as nucleotides in DNA or
binary digits in a computer program) that produce specific effects.
Appendix G. Related Documents, References and Links
DHS Protected Critical Infrastructure Information (PCII) Program
http://www.dhs.gov/xinfoshare/programs/editorial_0404.shtm
PCII Program Fact Sheet
http://www.asisonline.org/newsroom/pcii.pdf
Critical Infrastructure Information Act of 2002
http://www.dhs.gov/xlibrary/assets/CII_Act.pdf
NIST SP800-88
http://csrc.nist.gov/publications/PubsSPs.html
466
467Revision History:
468
Date
Version
Number
8/25/2008
0.5
469
Reason/Comments
Internal draft