CHARTER AMENDMENT

Approved For Release 2P65/12/14: CIA-RDP87-0081 00100020006-6 REG L 9: ~.v~ 4- J L .n a V C~l,vr::'i L'5 1 2-9 TO: Computer Security Scbco:,? ttee Members FROM: Subcc m jttee Chairman, Computer Security SUBJECT: Charter Amendment. 1. I propose that we add to the Charter (DCID 1/11, Attachment 2) the responsibility of providing Computer Security in the Teleco:nmuni.cations field. 2. I propose. to change the first paragraph of the Charter to read as follows: "Review, formulate and recommend to the Director of Central Intelligence policies, standards and procedures to protect intelligence data stored, processed, or communicated by computer." 3. I ask-you to express your views on this matter at the 24.January 1979 meeting. I also request you coordinate this proposed Charter Amendment within your agency and provide to me a written agency position no later than 22 February 1979. Incl: a/s Approved For Release 2005/12/14: CIA-RDP87-00812R000100020006-6  Approved For Release 2005/12/14: CIA- 7-0 R 06-6 FILE COh117 0 DCID ilia. I/II A, ttacmeat DIRECTOR OF CENTRAL INTELLIGENCE DIRECTIVE NO. 1/11 (Attachment 2) COMMUTER SECURITY The Security Committee with respect to computer security shall: 1. Review; formulate and recommend to the Director of Central Intelligence policies, standards any procedures to protect intelligence data stored or processed by computer. 2. Advise and assist the Director of Central Intelligence, Intelligence Community organizations; DCI committees and other intelligence users with respect to all computer security ksues; and to resolve conflicts that may arise in connection therewith 3. Formulate and recommend to the Director of Central Intelligence resource programming objectives for Intelligence Community organizations in the field of computer semirity in consideration of current and foreseen vulnerabilities and threats and with regard for the effective and efficient use of resources; to foster and to monitor an aggressive program of computer security -research and development in rha Intelligence Community in order to avoid unwarranted duplication. and to assure the pursuit of an effective effort at resolving technical problems associated with the protection of computer operations. 4. Coordinate all aspects of Intelligence Community efforts in defense against hostile penetration of Community computer systems and as feasible to support other governmental efforts aimed at improving computer security technology; to foster a coordinated program of Intelligence Community computer security training and indoctrination. 5. Facilitate within the Intelligence Community the exchange of information relating to computer security threats, vulnerabilities and countermeasures by provi~ine a focal point for: a The evaluation of foreign intentions and capabilities to exploit Community computer operations; ' b. Central notification of hostile exploitation attempts; c. The preparation of damage assessments of incidents of foreign exploitation of intelligence computer operations; and d. The development of 'policy recommendations to the Director of Central Intelligence on the release of computer security ir.for:nalion to foreign governments and international organizations. 6. Review, formulate and recommend minimum cornp::ter security standards. procedures and criteria as guidance for system design, evaluation and ccrtificurion of acceptable levels of security for computer systems. Approved For Release 2005/12/14: CIA-RDP87-00812R000100020006-6  STAT Approved For Release 2005/12/14: CIA-RDP87-00812R000100020006-6 Approved For Release 2005/12/14: CIA-RDP87-00812R000100020006-6