Information System Security: Army Web Site Administration, Policies, and Practices
INSPECTOR GENERAL DEPT OF DEFENSE ARLINGTON VA
Pagination or Media Count:
This report is the second in a series that addresses DoD Internet administration, policies, and practices. The first report addressed the Web site administration, policies, and practices of the Air Force, A subsequent report will cover Web site administration within the DoD. The Naval Audit Service issued a separate audit report on Web site administration within the Navy and the Marine Corps. The DoD Web site Administration Policy and Procedures, the Policy November 25, 1998, and updated April 26, 2001, describes procedures for establishing, operating, and maintaining DoD unclassified Web sites. The Policy requires heads of DoD Components to establish a process to identify appropriate information for posting to Web sites and to review all information placed on publicly accessible Web sites for security levels of sensitivity before the information is released. The Policy requires Components to establish procedures for management oversight and review of Web sites and to provide necessary resources to support Web site operations. The Policy also requires an annual security assessment of Web sites.
- Information Science