Medical and Public Health Law Site
DoD Directives

TITLE:  DoD Instruction 5215.2, "Computer Security Technical Vulnerability Reporting Program (CSTVRP)", 09/02/1986

SUMMARY: This Instruction:

1. Establishes a computer Security Technical Vulnerability Reporting Program (CSTVRP) under the direction of the National Security Agency, National Information Security Assessment Center (NISAC), National Security Decision Directive (NSDD) 145, "National Policy on Telecommunications and Automated Information Systems Security," September 17, 1984.

2. Establishes procedures for reporting all demonstrable and repeatable technical vulnerabilities of Automated Information Systems (AIS).

3. provides for the collection, consolidation, analysis, reporting or notification of generic technical vulnerabilities and corrective measures in support of the DoD Computer Security requirements in DoD Directive 5200.28, December 18, 1972.

4. Establishes methodologies for dissemination of vulnerability information.

FILES: Select a Format

SGML (32 KB)  pdf (57 KB)  ASCII (20 KB)