Security Assessment and Authorization Policies and Procedures
Security Assessment and Authorization Policy for 18F
The 18F Program Office develops, documents, and disseminates to all 18F staff. The 18F Security Assessnet and authorization policy which addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance and procedures to facilitate the implementation of the security assessment and authroization policy and associated security assessnet controls. The 18F security assessnet and authorization policy is listed within its private Github repository that is accessible to all 18F staff.
The 18F Program Office will review and update the current 18F Security Assessment policy at least every 3 years and any documented assessment procedures at least annually.